Male Engineer discussing with colleague while coding over computer at office

Why FiDA will unleash change across European financial services

The European Union’s Financial Data Access (FiDA) framework is expected to come into effect by 2027 and would have a profound impact.

In brief
  • FiDA would require financial institutions to share customer data, subject to their consent, creating strategic and operational challenges for business models.
  • Companies adopting a compliance-only approach risk losing customers, while even a defensive positioning is likely to require innovation.
  • Many companies have not yet fully grasped the implications for their strategies and operations, or the potential to offer tailored services, and should act now.

Proposed regulation that would substantially impact Europe’s financial services sector took another step forward recently, when the European Parliament’s Committee on Economic and Monetary Affairs voted to adopt a proposal for a framework for access to financial data (FiDA).

This would require banks and other financial institutions to share customers’ financial data, subject to their consent, and so transform the competitive landscape.

It has been characterized as taking the concept of open banking and broadening it to open finance by including areas such as investment and insurance. However, given the limited application of open banking so far, this arguably understates FiDA’s likely impacts, which would occur at both corporate and retail levels.

Far-reaching implications

Access to customers’ financial data in real time, as proposed, would have far-reaching implications – for how companies market and offer goods and services in financial services and beyond, and for how customers choose what to buy. 

Some potential consequences of the proposed framework have been clearly recognized. A particular focus has been the possibility of big tech companies entering the European financial services market in a far more wide-ranging way. The proposed rules that the committee voted for specifically aim to limit this by excluding the large digital platform companies designated as gatekeepers under the Digital Markets Act from becoming financial information service providers.

However, the precise outcome in this respect is uncertain. Challenges to the proposals are likely, and either way the rules might evolve over time. For example, other platform businesses that collect large amounts of customer data, in addition to the current gatekeepers, might also come to be excluded from providing financial data.

In any case, other major implications of the proposed framework have garnered far less attention than they should have. For example, data sharing is likely to change how customers view and arrange their finances, facilitating a more transparent and holistic view across savings and investments, pensions and other areas such as insurance. It could also radically expand and accelerate the role of embedded finance, with companies able to offer products such as tailored credit or insurance within customer journeys, to give another example.

We found that a surprising number of financial services executives do not seem fully aware of the changes coming, their implications, nor the need to address these at strategic and operational levels in a holistic way.

It is possible that perspectives on FiDA and its impacts have been obscured by the way it sits alongside other proposed regulatory changes happening in parallel: the third Payment Services Directive (PSD3), the Payment Services Regulation (PSR) and the digital euro. Yet while all of these proposed regulations will bring great changes, we believe FiDA will be the most impactful, and potentially most costly, by far. 

How EY can Help

  • Payment services

    Our payments professionals can help your business enhance innovation, drive growth and improve performance. Find out more.

    Read more

A timeline creating a need for speed


We currently expect FiDA to become fully effective by early or mid 2027. While this might appear to provide a substantial period for preparation, our experience of working with financial institutions facing regulatory changes suggests it is anything but – given FiDA’s scope and likely impact. Furthermore, adapting to FiDA will have significant costs that need to be considered. Given many financial services companies do their budgeting in late summer or early autumn, and that costs for adapting to the new rules for individual companies could easily run into tens of millions of euros, there is a clear need to start planning now.


Choosing a level of strategic ambition

When our teams initially started looking at potential approaches to FiDA in mid-2023, we identified three broad approaches:

  1. Compliance only, meaning a company does the minimum required to meet the rules;

  2. Defensive, meaning the company not just meets the rules but takes steps to enhance its offering with a view to maintaining market share;

  3. Aggressive, meaning the company uses the changes to try to win new customers.
     

However, having studied the regulation and its implications, and spoken with numerous industry executives, our thinking has evolved. We now believe that a compliance-only approach can pose real risks in terms of customer loss, and even a defensive approach will probably require a more ambitious strategy to maintain market positioning. In particular, just meeting rapidly changing customer expectations will require proactive effort and innovation. Meanwhile, we expect a significant number of companies, from established players to new entrants, to aggressively capitalize on the huge opportunities presented by data-sharing. This will likely lead to new business models and services designed to nourish and benefit from the emerging data-sharing ecosystem.


Acting now to prepare 

Whichever level of ambition a company ultimately chooses, there are several key steps that management should take. First, they need to start setting out their strategic vision and define their key ambitions. This may prove more challenging than it sounds given the vast number of financial-data use cases, the ways in which customers may behave, and how competitors including new entrants may respond.

Second, they should consider their company’s particular situation and business models. For example, a diversified financial services company will need to ensure that business units such as banking and investment management coordinate their actions. One way to achieve this is to use an impact assessment that not only identifies issues but, by being conducted at a firm-wide level, also helps ensure a joined-up approach and avoid siloed thinking.

Furthermore, management teams will need to allocate investment effectively, focusing on the opportunities that promise the best returns. This requires an understanding of potential target operating models and investment requirements, as well as existing IT and infrastructure.

Together these steps can form the basis for an initial implementation roadmap, with clear planning and corresponding cost estimates. This provides a necessary foundation for the pathway to execution: technical planning, understanding the data access schemes that will enable and govern data sharing, prototyping and the full range of development needed to implement the chosen strategy. How well companies conduct these steps is likely to play large role in the success, or otherwise, of their approach to FiDA, and to the opportunities and threats it will bring.

Summary

Given the transformation in financial services that FiDA will bring, it is vital that companies begin taking action. Focusing only on compliance could pose significant risks for most companies, and even a defensive approach to retain market share will almost certainly require considerable investment, change and innovation. Companies thus need to think carefully and holistically about the challenges and opportunities ahead.

Payments and open finance in the EU

The landscape of payments and open finance in the EU is evolving – learn how it’s transforming financial services and driving innovation.

Learn more

Related articles

How European banks compare on readiness for EU payments regulations 

Facing EU financial regulation changes for PSR, PSD3 and FIDA, banks must enhance data sharing, compliance, and adopt faster payment methods. Learn more.

Susan Barton + 1

How banks can prepare for the digital euro using four hypotheses

Explore how banks can prepare for the digital euro with strategic insights and key steps for successful integration by 2028. Gain a competitive advantage.

Susan Barton + 2

How PSD3 and PSR will shape trends in EU financial services

Explore impacts of the PSD3 and PSR on EU financial services on compliance and opportunities.

Clément Robert + 1

    EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.