The EU is looking to take a leading role in the battle of Web 3.0 – making the internet smarter, more autonomous, and open with an ever broadening range of participants. For financial services, these developments mean that financial data may soon be shared more broadly across sectors, creating new opportunities for innovation but with the potential for new risks to emerge.
To deliver on their goal the EU is taking the first steps in developing frameworks for data sharing, which includes the upcoming Open Finance framework that is expected to be published by the European Commission within the next few months. An Open Finance framework would expand the sharing of financial services data, but its success will be contingent upon the effective implementation of a level playing field across sectors.
The benefits of data sharing
In our increasingly digital world, the interactions of data sets and the products built using newly available data will shape and define human interaction for the years to come. Hence, it is critical to build a leading EU “data economy” that is both sustainable and competitive. A data economy is an ecosystem in which data can be gathered, organised, and exchanged while delivering valuable information to the ecosystem’s participants.
Open Finance in the EU’s data economy will shake up the way banks share data with each other, and also with third-party providers, such as fintech companies. For financial services this could mean that access to new, broader data sets could improve the way banks operate, encourage innovation across sectors, and mitigate risks to corporate and retail customers. Certainly, enhancements in data sharing have a huge transformative potential, providing the tools and information needed to achieve common goals, such as contributing to better ESG data and ratings which would support the EU’s Green transition goals.
What are the risks?
Some of the risks arising from this innovation may be unintended. For instance, sharing data with participants in other sectors who may already have a dominant share of both individual and corporate data could lead to monopolies and the exploitation of data.
Concerns also exist about the oversight of data sharing and the regulatory requirements needed for the responsible use of large data sets. This is particularly pertinent where data is transferred from the financial services sector to other sectors – the financial services sector is subject to stringent regulation regarding how it collects, stores, analyses and shares data, whereas another sector may have less oversight resulting in data misuse, skewed analyses, and potential harm to markets and customers.
These are just two examples of the risks that may occur and why it is essential for data recipients to be responsible with the data entrusted to them. To overcome these risks responsibility should be evidenced with adherence to appropriate regulatory requirements and guidance. Given that data is the digital fingerprint of a company or individual, in the ever expanding digital world, compliance and consistency are key to maintaining trust.
Level playing field crucial to developing Open Finance
As a first step towards addressing these risks a ‘level playing field’ is needed with when data is shared across sectors. If participants in the data economy are conducting similar activities and offering similar products compared to regulated financial entities, then the same risks will still exist, making it imperative that these providers are subject to the same regulations.
Not only is a level playing field necessary to mitigate risks (such as those discussed above) and ensure that data is fit for purpose, but it also supports competition and prevents smaller market players from being at a disadvantage. The Bank for International Settlements (BIS) notes the growing risk of big techs’ dominance in their recent paper, stating that “If data collected from non-financial businesses (e.g. social media, search, online commerce etc) can be used for financial services provision, there is a risk that a few big techs would quickly come to dominate (some) markets.”
Duty of care must be consistent across sectors
There could also be unintended consequences if a ‘duty of care’ is not consistent across sectors. Each data recipient has a duty of care for the data set, which means they have the responsibility to conduct a robust assessment of any data used to ensure that it is of a high quality and fit for purpose. Quality control is important as it ensures data reliability, which means that data can be used consistently across multiple records, programmes, or platforms and allows for trust to be maintained within the ecosystem. Consistent oversight is key to ensure that these robust assessments are being carried out and to mitigate risks.
The EU has a significant opportunity to unlock the potential of a modern and globally leading data economy.
However, to enable this, it is vital to safeguard data from misuse and mitigate the risk of monopolies, while also encouraging responsible innovation. Regulators must be mindful of potential unintended consequences that could arise if a level playing field and the duty of care for data are not consistent across sectors.
It is crucial that both the EU and global regulators continue to work towards a balanced and future-proof data economy, where market participants from all sectors can share high quality data with consistent regulatory oversight.