What the EU is doing and why
EU is bringing the wider financial sector to the digital age. It proposes a new framework for secure and open access to customer data across a wider range of financial services. This framework places consumers’ interests, competition, security and trust at their centre.
New providers enabled by digital technologies have entered the payment services market, in particular providing ‘open banking’ services. Broader ‘open finance’ solutions in areas beyond payments have also been developing, albeit at a slower pace in absence of clear rules of the game. Notably, such solutions are not always efficient and secure insofar as they involve data users accessing data through interfaces that data holders have put in place for their customers, resembling the way ‘open banking’ services were delivered prior to the revised Payment Services Directive.
In response to these market developments, the proposed framework seeks to ensure the EU’s financial sector is fit for purpose and adaptive to the digital transformation, and the risks and opportunities it presents – in particular for consumers.
The framework builds on the already existing ‘open banking’ access to customer data held by account-servicing payment service providers and takes a customer-centric approach. It aims to ensure that all consumers and firms have effective control tools over their financial data. It provides additional tools to ensure personal data protection in line with the General Data Protection Regulation (GDPR) and applying the general principles of business-to-business data sharing in line with the data act proposal.
The framework would establish clear rights and obligations to manage customer data sharing in the financial sector beyond payment accounts, including:
- possibility but no obligation for customers to share their data with data users
- obligation for customer data holders to make these data available to data users
- full control by customers over who accesses their data and for what purpose
- standardisation of customer data and the required technical interfaces
As a part of the package proposed in June 2023, the first set of measures include amendments to modernise the payment services regime (PSD2), and to establish a Payment Services Regulation (PSR). These amendments will ensure consumers can continue to make electronic payments and transactions in a safe and secure manner, both nationally or cross-border, in euro and non-euro. While protecting their rights, they aim to provide greater choice of payment service providers on the market.
A second set of measures is embodied in a legislative proposal for a framework for financial data access. This framework will establish clear rights and obligations to manage customer data sharing in the financial sector beyond payment accounts. In practice, this will lead to more innovative financial products and services for users and will stimulate competition in the financial sector.
Policy making timeline
- 28 June 2023Legislative proposal - Framework for financial data access
- 24 October 2022Report - Open finance
- 13 September 2022State of the Union - Data access in financial services
- 10 May 2022Consultation - Payments services and open finance
The Commission launched 2 consultations
- a public consultation on the review of the revised Payment Services Directive (PSD2) and on open finance
End date: 2 August 2022
- a targeted consultation on open finance framework and data sharing in the financial sector
End date: 5 July 2022
- a public consultation on the review of the revised Payment Services Directive (PSD2) and on open finance
- 25 November 2021Communication - Capital markets union
Adoption of a Communication on capital markets union (CMU) that confirmed the Commission’s ambition to accelerate its work on open finance and announced the establishment of the Expert Group on the European Financial Data Space to provide input on a first set of use cases related to open finance.