Financial Information Service Providers (FISPs). What is their role in FIDA?

The Financial Data Access framework (FIDA) aims to enhance consumer protection by implementing specific rules on who is eligible to access customers’ data. Introducing the authorized Financial Information Service Providers (FISPs) is a key component of FIDA that helps to ensure that non financial institutions can also be considered trusted and secure information providers; thus they are eligible to access and process customer data governed by FIDA. 

The Commission’s proposal recognizes that FIDA’s potential positive impact on EU citizens would be limited if only financial institutions were able to access customer data on behalf of citizens, therefore they have opened up a new category of companies who can access customer data under FIDA only if they meet strict criteria and thus gaining a seal of approval. Therefore the proposal allows a data user to access customer data - under a financial data scheme - only after obtaining prior authorisation from a competent authority - either as a financial institution or as a FISP: 

• The FISPs will gain authorization by competent authorities of the Member States where their main establishment is located;
• These competent authorities will be empowered with essential supervisory powers to effectively monitor the FISPs;
• FIDA outlines particular criteria that the competent authorities must consider in authorizing a FISP;
• The authorized FISPs will be included in an electronic central register developed by the European Banking Authority (EBA);
• FISPs that do not have an establishment in the Union but require access to financial data in the Union shall designate a legal representative in one of the Member States from where the FISP intends to access financial data.

But what exactly are FISPs and what is their role within FIDA?

According to the definition given by the proposed FIDA Regulation, a FISP is: “a data user that is authorized under Article 14 to access the customer data listed in Article 2(1) for the provision of financial information services”.

Why do we need clearer provisions?

Establishing and organizing the operation of FISPs is crucial to making the FIDA Regulation work because an authorized entity plays a pivotal role in safeguarding the customer data, thus actively contributing to the overarching goal of enhancing consumer protection. Even though we agree with the Commission’s approach on FISPs, more clarity is needed. Currently, there is potential for confusion regarding the role of the FISPs within FIDA and their cooperation with other FIDA players. In particular, we call on the Commission to:

• Clarify the definition of a financial service, which a FISP can perform. This should include both:
• • Non consumer-facing technical services provided by third parties, like those who are facilitating data access and re-use for data users who don’t want to / or are otherwise unable to invest in building those capabilities themselves. Similar to the role of Third party providers in PSD2. 
  • Consumer facing financial services, like those providing personal finance management apps or financial advice directly to end consumers. 
• Clarify the role of FISPs within Financial Data Sharing Schemes and Permission Dashboards. For example, are FISPs that act in a more technical services role also able to join schemes and facilitate Permission dashboard development?
• Clarify the definition of FISPs, data users, and financial services to prevent any confusion regarding who ultimately has the right to access customer data and what is the exact role of each of the participants under the FIDA framework.

In conclusion, the establishment and regulation of FISPs  within the FIDA framework are crucial for ensuring the secure and responsible management of customer data in the financial sector. FISPs play a pivotal role in contributing to consumer protection by adhering to specific criteria outlined in the framework. Addressing the aforementioned aspects, in a way that the involvement and contribution of FISPs within any procedure established by the FIDA framework is clear, can contribute to a more transparent, accountable, and secure financial ecosystem, aligning with the overarching goals of FIDA.