Open Finance: Experimenting While Preserving Value Creation

What is Open Finance?

It involves enabling a client to share his financial data with a third party. The data may relate to savings accounts (balance, interest), loans (borrowed capital, interest rate), insurance contracts (premium, expected annuity), etc. 

An Open Finance service would, for example, be the aggregation of different savings accounts held in several institutions supplemented by various investment products.

Today, Open Finance is not subject to specific regulation, although regulations applicable to data sharing already exist: GDPR, Data Act, etc. The proposed FIDA regulation ("Financial Data Access") is part of the European Union's proactive data strategy, aiming to create harmonised data spaces by sector: Health, Energy, Industry, and... Finance.

Open Finance: Why and how?

If in many sectors, the use of data enhances the user experience (targeted medicine in healthcare / optimised routes in mobility / optimised consumption in energy, etc.), why not explore the possibilities in the financial sectors?

It is important to note that if payment service providers ("PSPs") are not covered by FIDA, it is because the exchange of payment data is already governed by the 2nd Payment Services Directive and will eventually be regulated by the Payment Services Regulation ("PSR"), currently under review by the Council¹.

The future of Open Finance will therefore be largely conditioned by the terms proposed by the FIDA designers as well as by the consideration (or not) of the requests for changes from financial players who will bear most of the investment costs. 

An additional difficulty is that neither regulators nor legislators have official data on Open Finance practices. The dialogue between Parliament, the Council, and the European Commission is crucial to achieving three main objectives:

1. Establishing Trust in Financial Data Sharing

Certain provisions of FIDA can only reach a consensus:

• Data sharing is conditioned by the client’s authorisation;
• These authorisations must be recorded in a dashboard.

Yet FIDA must be approached through a lens of digital and data regulation, because the overall effectiveness will give rise to trust.

Moreover, these regulations must speak the same language. Thus, when looking at the process for authorising access to data, it would be problematic if different terms were used between PSR and FIDA, and if the requirements regarding the definition of what the authorisation pertains to differ. For payments, the account information service is precisely defined, and the same should apply to the financial information service. Without consistency among the various digital regulations, there can be no trust.

2. Realistically Assessing Potential Use Cases

How can we estimate the market size? 

Are individuals and businesses willing to pay for a service that aggregates their various savings products? Their insurance products? Will they use this service regularly or occasionally? 

It should be kept in mind that this is inherently a supplementary service, whose value can only be a fraction of a primary service: loan, insurance, or savings product, etc. For businesses, depending on their providers, they can already directly retrieve data from their service providers in their IT systems, which significantly reduces the potential market size.

It would therefore be inconsistent to foresee similar provisions for individuals and businesses, as their operating modes and expectations call for differentiation. Societe Generale's experience with PSD2² indeed leads us to be particularly vigilant. Indeed, a study conducted in 2024 at the request of the ACPR³ on the adoption of Open Banking services by Societe Generale clients in the retail and corporate banking sectors shows that in the period of 2023:

• Less than 12% of our clients used an account information service provider (aggregator) at least once;
• Less than 3.5% used a payment initiation service provider, for a transaction volume representing less than 0.5% of the total. 

It should be noted that it is not the pricing of Open Banking services that can explain these figures since the PSD2 regulation mandated that these services be free of charge.

Moreover, investments were initially envisioned to be massive, encompassing all client segments - individuals, professionals, businesses - and all available payment data and services in online banking. The very concrete consequence is that the profitability of these investments will only be achieved in over 100 years.

Therefore, it seems reasonable to opt for a much more graduated approach, both in terms of data scope and clients. Indeed, regulation is inherently designed to last, while an innovation approach is characterised more by the famous adage "Try fast, fail/success fast" or, to quote Thomas Edison: "I have successfully made thousands of attempts that did not work". The manifest uncertainty surrounding potential use cases can only call for caution.

3. Ensuring the Sustainability of Business Models

The compensation model of FIDA marks an improvement over the provisions of PSD2 and PSR. However, the asymmetry persists between the level of compensation, which can be very low if client adoption is weak, and the investments required, which will be substantial from the outset.

Without a pragmatic approach, the risk of loss of competitiveness for financial service providers is high, as their investment budgets may be burdened by unproductive investments resulting from the construction of infrastructures that are largely underutilised or even unnecessary.

In conclusion

The digitalisation of the economy is progressing, balancing regulation and innovation: the European digital identity wallet, increased use of AI by businesses to gain productivity, initiatives tp combat digital fraud…

At the same time, the financial sector is aware of the need to work with contingency plans in case of unavailability of the digital ecosystem: cyber-attacks, blackouts, system interruptions, etc.

Let us allow companies in the financial sector to experiment freely and choose how they want to use their data to best serve their clients in their core expertise: granting loans, providing insurance and protection by pooling risks, and developing high-performing savings products… They have the most powerful engines at their disposal: client satisfaction, development of value-added services, and profitability.

Let us calibrate the effort to the level of uncertainty and better adjust our collective risk-taking!

¹The Council of the European Union, along with the European Commission and the European Parliament, is one of the three pillars of the European legislative process. It brings together the ministers of the member states by area of activity. Its rotating presidency is held by a member state for 6 months.

²The second European Payment Services Directive

³ACPR stands for "Autorité de Contrôle Prudentiel et Résolution. It is the French supervisory authority for banking and insurance. The ACPR is responsible for ensuring the stability and integrity of the financial system in France, overseeing the activities of banks and insurance companies.