Digitalisation is a major driver for innovation and will inevitably accelerate in the future. It is important that banks are able to innovate and compete on equal footing with each other and also with other non-bank players.
With respect to open banking, we recommend EU authorities to allow its development in Europe through coordinated market-led initiatives and not by regulation. Open banking should be based on API technology and on mutual benefits/reciprocity for all the parties involved in the ecosystem. In the specific area of payments, the appropriate first step should be to work on a payment data sharing model on a contractual and economically sustainable basis that does not go beyond what it is legally required by PSD2 and/or GDPR.
The current asymmetries in data access should be solved in a market-driven harmonised European framework. A multi-sectorial approach would be needed in order to fulfil consumer expectations, ensuring a level playing field for all players, mutual benefits and the highest standards of consumer protection. Significant investments were required that were not offset by a clear business case. As these infrastructures are now further maturing, ESBG believes that it is time to monetise them to develop services that go beyond PSD2. A flourishing datadriven market – be it in payments, broader financial services or between different industries – should be based on principles of mutual benefits and potential monetisation of services and infrastructure by all market participants as well as reciprocity.
As for the potential development of ‘open finance’ extending beyond payment accounts, and the development of a European data economy, financial services should not be considered in isolation, and data sharing should not be limited to financial services. The current asymmetries in data access should be solved in a harmonised European framework. A multi-sectorial approach would be needed in order to fulfil consumer expectations, ensuring a level playing field for all players, mutual benefits and the highest standards of consumer protection.
Identified Concerns
Banks have developed APIs that comply with PSD2 requirements. However, ESBG believes that unlike the situation in the US, PSD2 is not adapted to develop and strengthen open banking. On the one hand, PSD2 being a Directive has entailed fragmentation among member states. On the other hand, a flourishing datadriven market should be based on principles of reciprocity, mutual benefits and potential monetisation of services and infrastructure by all market participants.
The fact that PSD2 requires banks to grant third parties access to customer payment account data without being compensated for that does not outweigh the ensuing investments that banks need to make. A different approach than PSD2 should be taken, such as the one in the US, where industry standardisation and bilateral agreements are working as a catalyst for development on commercial terms.
Moreover, from a data privacy perspective, global BigTech companies’ existing data superiority combined with access to payments data is extremely concerning as it could lead to unintended negative outcomes for EU citizens. BigTech companies, indeed, are mostly un-regulated. Furthermore, the EBA determined that up to 53% of the FinTech sector financial services are not yet regulated (see EBA Discussion Paper on FinTech – 2017). This can ultimately become a risk not only from an economic, political, operational and privacy perspective but also from a consumer perspective.
The threat of undesired dependency increases when considering both growing global BigTech and many smaller unregulated entities’ interest in payments. There are reasons why this industry is regulated in the first place. Dependency on such actors for basic EU internal market functions underpinning the economy – starting from payments but likely expanding to consumer finance, mortgages and other financial services – may harm the European economy. ESBG believes EU regulators should follow the principle ‘same risks, same rules’. It is therefore important to find a balance between consumer protection and the EU’s competition potential.
Why Policymakers Should Act
Beyond PSD2 and on the road towards open banking and a data-sharing economy, there is need for a fairer foundation to be put be in place. An access scheme that clearly spells out rights and obligations, based on mutual benefits, can provide the necessary building block safeguarding the interests for all involved. For these developments to take place, the guiding principles should be the following:
- Support the development of common API-standards, so that consumers can benefit from the safe availability of data. APIs should be the bespoke and preferred means of access to third-party data due to security, scalability and interoperability reasons;
- Ensure a level playing field by following the principle ‘same risks, same rules’;
- Put consumers at the centre of the market by ensuring they have a clear understanding of the risks and establish robust consumer protection measures;
- Ensure the safe and ethical collection and processing of data on commercial terms.
Background
With the opening up of payment accounts data and infrastructure, PSD2 has paved the way for a new banking era. This, however, is only the first step towards the wider development of data sharing, both in the area of payments and financial services, and the broader economy. PSD2 only opened up payment accounts; there is no such a thing as open banking for the time being. As a consequence, banks have developed APIs that comply with PSD2 requirements. There is still a lot of fine-tuning to be made, such as supervisory convergence and the alignment with other pieces of legislation, such as the GDPR, which we believe to be sufficient for the sharing of data.
related
May 17, 2022
Data Act – An open data economy should be multilateral and cross-sectoral
ESBG's response to the European Commission consultation on the proposed Data Act calls for a horizontal regulatory approach to establish a consistent and harmonised rules for all sectors. ESBG is the…
April 28, 2022
ESBG response to ESMA’s consultation on guidelines of MiFID II suitability requirements
ESBG's response to the European Securities and Market Authority (ESMA) consultation on some MiFID II sustainability aspects. European banks calls for clear procedures and to avoid unnecessary…
April 4, 2022
Developing a proportionate, fair and efficient IRRBB framework in the EU
On 4 April 2022, ESBG responded to the EBA consultation specifying technical aspects of the revised framework capturing interest rate risks for banking book (IRRBB) positions.
March 7, 2022
European Commission review of the Mortgage Credit Directive
SBG sent its response to the European Commission questionnaire on what to include in the upcoming Review of the Mortgage Credit Directive (MCD).
March 4, 2022
Customer protection
The ESBG, together with eight other associations has written to the European Data Protection Board, the European Commission and the European Banking Authority about the EDPB Guidelines 06/2020 on the…
March 3, 2022
Strengthening the quality of corporate reporting and its enforcement in the EU
The consultation aims to evaluate the impact of the EU framework on the three pillars of high quality and reliable corporate reporting: corporate governance, statutory audit and supervision. This…
February 25, 2022
European Commission Banking Package proposal
ESBG responded to the European Commission “have your say" consultation on the Banking Package proposal.
February 24, 2022
Considerations on the BCBS principles for the management & supervision of climate-related financial risks
Considerations on the BCBS principles for the management & supervision of climate-related financial risks
February 24, 2022
Considerations on the BCBS principles for the management & supervision of climate-related financial risks
Considerations on the BCBS principles for the management & supervision of climate-related financial risks
February 16, 2022
Clear and fair rules for the use of machine learning in Internal Rating Based models
The European Savings and Retail Banking Group welcomes the initiative of the European Banking Authority to discuss the implications of the use of machine learning in the internal rating based models…