FIDA Financial Data Schemes: How to get it right.
On 28 June 2023 the European Commission published its proposal on Financial Data Access (FIDA). The objective is to chart a course towards empowering both consumers and the industry. Meaning; consumers having better control of their financial data as well as to benefit from products and services that are tailored to their individual needs. The financial industry will be able to provide elevated digital experiences in conjunction with more tailored products and services. FIDA is a true win-win experience for everyone. In this blogpost we will explore the concept of Financial Data Schemes.
Financial Data Sharing Schemes essentially refer to the coalition of data holders/users that need to determine how financial data sharing should work between themselves, for a specific scope of data/accounts. While FIDA lays the foundation for financial data sharing within the articles on Scope and Definitions, FIDA does not provide many of the details related to how this should actually be done in practice; leaving many of those decisions up to the schemes and their participants (data holders and users).
As deployers of practical use cases, we know that data sharing is difficult. Period. It requires that different parties agree on common standards, formats, protocols, among many other things. This can be even more difficult when large financial institutions (i.e. data holders) are required to get together and decide how things should be done; each institution is powerful and set in their ways. This is a big ask for FIDA to place on data holders, and for this to be successful several things should be added to schemes: strong and independent governance, a fair balance of power between all members, clear procedures and defined processes, and strong deadlines; all determined by the central body asking for data sharing to occur. Without this added structure, it may be difficult for data holders to know where to begin.
How can schemes work in practice?
We advocate for a more practical approach that can be taken at first, which will make this transformation a much simpler one for all parties involved. Before we dive into that approach, it is worth exploring who needs to put in the effort when it comes to data sharing. First let's establish that the majority of complexity within data sharing typically has to do with setting common data standards for data holders to agree to and abide by. Two approaches can be taken to solve this:
What is our recommendation?
Given the complexity and scope of the datasets covered in the scope of FIDA, our recommendation is that approach 2 should be taken to ensure that there isn't a 5+ year standardization exercise carried out by data holders in a FIDA scheme. Taking the second approach will yield many benefits and solve a lot of challenges introduced from those affected by FIDA:
- Dramatically lower investment needed by data holders: the majority of the data they are being asked to make available is already on their customer facing interfaces, available to customers in real time.
- Significantly quicker time to implementation and value for EU citizens : no draw out negotiation process to standardize data. Market forces quickly identify use cases to that drive value and develop standards
- Investments by data holders will be on prioritized use cases : letting market forces decide what data should be standardized first
- Data minimization principles will be followed : data users will only put the effort in standardizing data points they need, for a concrete use case
- Complexities in datasets are only addressed when a use case requires it; many use cases don't require the use of complex corners within a dataset, so it makes sense to only tackle those challenges when the need is very clear
- FISPs will being delivering the same data to many users, ultimately making the data standardization process inexpensive when scale is reached
Who should charge for data sharing?
Incentivization is a key topic to make data sharing work. First and foremost, the core incentive should be to empower EU citizens to make more financially literate decisions through the use of open data. As FIDA states in Article 4, this should be free for consumers. Secondly, cost/fees should be proportional to the workload put in by the party. In our proposed approach, data holders are now carrying out minimal effort to comply with FIDA; they are required to make data available, much of which is already available in real time on a User Interface (e.g. MyPages, customer App, etc) via a Web API. The majority of the effort will be on data users or on FISPs (third party providers) to standardize all of the data in different formats from the data holders. FISPs can charge their customers, data users, a free market based fee for these services. This approach lets market forces hone in on the optimal rate for providing these services.
Are long term data holder driven schemes possible in the future?
Short answer: Absolutely. At Insurely, we see a future where data holders form schemes, probably for specific use cases, which results in the data holders providing high quality APIs in a common data format. These will most likely occur for the most popular use cases, and in situations where there is a clear incentive to do so. For example, if data holders are also primary data users for a certain use case, then they could drive market costs down significantly by making a scheme API available with standardized data. Then the data standardization costs/efforts would not be needed by the data users, as the data they will get will already be standardized. This is a much more realistic grounds for data holders to stand on and decide how much a service should cost; versus just guessing - as would be seen in scenario 1.
What changes should be made to make this approach work?
Some changes should be made to FIDA in order to make such an approach work. Here is a non exhaustive list of clarifications that should be created:
- What authentication approaches should be used - e.g. eIDAS certifications as seen with PSD2’s Strong Customer Authentication
- How long should authentication last for?
- How should consent look?
- How should permissions dashboards look?
Overall, we are very excited about the future within the financial services industry. We envision a future with financially empowered and literate EU citizens, of all backgrounds, who have leading digital services made available to them through the use of their own data. We know there is a lot of work to be done to get to that point, but getting FIDA schemes right will be a major accelerator in making this happen within the next few years, instead of the next 10 years.