Finance Watch supports the creation of Open Finance tools that help citizens manage their personal finances and access relevant information about different financial services. However, it emphasises that these tools should not be maintained by financial services providers, but by public authorities.
It also recommends that financial services providers or intermediaries should only have access to data provided by an Open Finance framework if the data is anonymised and aggregated in line with GDPR. In addition, financial services providers and intermediaries should be prohibited from any further processing of user data outside of clearly defined purposes that have a value to the user.
This consultation response includes suggestions for the European Data Protection Board (EDPB), who may wish to clarify how the principles of necessity, purpose limitation and data minimisation in its draft “Guidelines on Data Protection by Design and by Default” would apply to financial services in light of the introduction of Open Finance. It also calls for mandating the European Supervisory Authorities (ESAs) to provide standardised workflow templates for financial services providers to guide the scope and manner of personal data collection.
According to Finance Watch, an Open Finance framework must be accompanied by clear rules that spell out which specific data can be used for different use cases in the provision of various financial services. It should be accompanied by a mandatory requirement for the provision of basic services (akin to the basic bank account concept under the Payment Accounts Directive) to overcome any risks of financial exclusion.