In line with the trend we’re seeing across a swathe of EU legislative proposals, the EU’s latest simplification agenda can be seen in practice in relation to FIDA – the EU Financial Data Access Regulation.
As mentioned in our April article, at the first trilogue meeting between the Council, Parliament and Commission, the Commission was asked to prepare simplification proposals on FIDA by the end of April. In a slight delay, those proposals were issued last week and we’ve seen them. What do they say? Well there are clearly moves by the Commission to align with the Council and Parliament positions in certain areas.
What does the Commission’s simplification look like?
Data scope. It is to be welcomed that the Commission proposes to exclude certain data from the scope of FIDA – in an effort to limit the regulatory burden to relevant and timely data. Specifically, it suggests the following:
- Time-bar: Financial Data Sharing Schemes could opt to exclude data collected more than 10 years prior to the data access request (where not readily in digital form, and not part of contractual conditions)
- Terminated contracts: Data on terminated contracts (i.e. those no longer active) be excluded
Customers scope. In a move that has been advocated by a number of trade associations, the Commission proposes to narrow the scope of ‘customer’ (in relation to whose data would fall in scope of FIDA) to a retail-centric group i.e. limited to natural persons and SMEs. The Commission estimates this would remove approximately 51,000 large corporates from scope of FIDA. In consequential change it also proposes to remove credit rating agencies and reinsurance undertakings from the scope of "data holder" (i.e. entities subject to FIDA, where they hold in-scope data) on the basis that the data held by these types of entities is of less relevance to retail customers.
Permission dashboards. In apparent agreement with the positions of Council and Parliament, the Commission proposes that the concept and management of permission dashboards (through which customers will be able to monitor and manage their data permissions) under FIDA should align with the permission dashboard requirements under the Payment Services Regulation requirements (PSR). Alignment across regulatory regimes is, of course, welcome and will enable firms to (hopefully) implement one system that works across the board.
Financial Data Sharing Schemes (FDSS). By way of reminder, under FIDA data holders and data users will be required to become members of a FDSS, the rules of which will govern access to the different data types under FIDA – and the common standards in relation to which are to be set by members. The Commission has shifted its perspective from those common standards being created by market-driven consensus, towards harmonised standards based on those developed by European standardisation organisations (ESOs) - this aligns towards the Parliament position of standards being drawn from international or industry-recognised standards. In addition, the Commission is concerned that different rules across different FDSS on customer authentication processes will lead to fragmentation, so it proposes that FDSS could (voluntarily) use European Digital Wallets to enable customer authentication in a harmonised manner. Whether voluntary take up will be sufficient to achieve this aim remains to be seen.
Financial information service providers (FISPs). FISPs are a new category of firm introduced by FIDA i.e. non-financial institutions wanting to access and use customer data under FIDA. The Council and Parliament positions both require that an account information service provider (AISP) authorised under the Payment Services Directive (PSD) would need to also be authorised as a FISP under FIDA if it wishes to access data under the FIDA framework. The Commission proposes to reduce the regulatory burden here by proposing a simplified FISP authorisation procedure for AISPs, for example, legally valid information held on a registered AISP would not need to be re-submitted, and other core authorisation requirements like professional indemnity insurance could be re-used. In relation to gatekeepers (introduced into FIDA by the Council and Parliament positions - and defined by reference to the Digital Markets Act) the Parliament positions seeks to exclude gatekeepers from being authorised as FISPs whereas the Council version allows gatekeepers to become FISPs but under additional authorisation requirements. The Commission simplification proposals align with the Parliament position of excluding gatekeepers from becoming FISPs – welcome news for many in the industry concerned about Big Tech accessing data via FIDA. In relation to financial institutions in-scope of FIDA that are owned or controlled by a gatekeeper, the Commission suggests that FIDA cross-references the provisions in Articles 5(2) and 6(2) Digital Markets Act which ensure that gatekeepers in these cases do not obtain an unfair advantage over other market participants.
Underlying legislation and guidelines. There are numerous areas in FIDA which require further underlying legislation and guidelines to provide the ‘meat on the bones’ of some of the provisions. The Commission proposes that these are limited only to what is necessary to ensure the effective functioning of FIDA. For example, existing guidelines could be expanded rather than new guidelines issued.
Overall, there are some elements of the Commission’s simplification proposals that will be welcomed by industry – in particular alignment with the Payment Services frameworks, and the reduction in scope of data caught and customer types caught, by FIDA. That said the final version of the text is still to be agreed. We’re also aware that additional non-papers have been issued by a number of Member States ** to the Council some of which raise concerns about, amongst other things, the operation of FDSS, and possible solutions. The **next trilogue is expected to take place in June, so we will see where things get to after that meeting.
Impact of Non-Papers on Trilogues
The issuance of different non-papers by various jurisdictions, including France, Spain, and Germany, has introduced a dynamic element to trilogue negotiations in financial services regulation. These informal documents allow jurisdictions to present ideas and concerns without formal commitment, influencing the negotiation process by introducing diverse perspectives and priorities. As we assess their potential impact, it is essential to anticipate how these non-papers might shape the regulatory framework under FIDA, ensuring a balanced approach that accommodates the interests of all parties involved.
What should we do now?
At this stage you should be aligning your business with relevant trade associations and lobbying efforts. It is also worth starting to map which of your entities and business lines are going to be impacted, where areas of opportunity/growth could arise, and starting to think about the budget and plan around the significant tech builds that FIDA is almost certainly going to require, whatever shape the end version looks like.
At Simmons & Simmons, we’re following developments closely and will keep you updated as we hear more. We would be pleased to assist with scoping, advising on decision-making, and project plans as well as all other FIDA-related questions.
.jpg?crop=300,495&format=webply&auto=webp)
.jpg?crop=300,495&format=webply&auto=webp)
_11zon.jpg?crop=300,495&format=webply&auto=webp)
.jpg?crop=300,495&format=webply&auto=webp)
_11zon.jpg?crop=300,495&format=webply&auto=webp)
