While PSD2 (Payment Service Directive) opened up payment account data and laid the foundation for the development of open banking, FiDA extends the same principle to the entire financial sector. The goal is to truly transfer control of data to the customer and enable the secure movement of financial data from one operator to another with the customer's permission.
In practice, FiDA covers credit data, investment data, insurance and pension products from a data perspective and is based on consent. If a customer requests the sharing of their data, the financial institution has no discretion not to disclose the information. Data sharing therefore becomes mandatory when consent has been properly given.
FiDA acts as a special regulation for the financial sector in relation to the Data Act and complements it with sector-specific obligations. Its implementation is closely linked to two other key EU regulations:
Without DORA-level operational reliability, opening data according to FiDA is not possible in practice. DORA regulation therefore forms the technical and administrative basis for the Open Finance model.
The practical implementation of FiDA is based on standardized and interoperable interfaces. With DORA, technical implementation is at the core of FiDA regulation. Organizations must ensure that their systems enable timely, qualitatively consistent and secure data sharing.
The most important process is becoming consent management. The permission given by the customer must be:
In practice, this requires the real-time ability to manage consents, verify their validity, and document processing transparently. Consent lifecycle management could be envisioned as a core technical and legal process in the context of FiDA.
FiDA emphasizes clarity of roles:
In addition, data protection and cybersecurity cut across the entire process formed by the roles.
FiDA is expected to officially enter into force in 2020. End of 2026 or beginning of 2027. The obligations will come into force in stages, with full application estimated to extend until 2030. Although there is a transition period, architectural changes, data quality development and consent management building require preparation well in advance.
For companies, FiDA is both a regulatory obligation and a strategic opportunity. Technologically, it requires building modern, scalable consent management solutions, a high level of data security and operational reliability, and updating IT architecture to meet the requirements of open financial data. Data quality management will become a key competitive factor, as the information shared must be structurally consistent and reliable.
The change also extends to the customer experience. The customer must be able to see which actors they have given consent to, for what purpose and for how long. In addition, withdrawing consent must be simple. In this context, transparency builds trust, and trust is the basis for the functioning of the Open Finance model.
When data moves freely from one operator to another with the customer's permission, the conditions are created for completely new service packages and partnership models. For example:
Competition is no longer based solely on managing your own data. The key is to combine information from different sources and deliver timely and relevant value to the customer. This means that pricing models may also change as value-added services are built on data analysis and aggregation.
Financial institutions need to assess their position in the new Open Finance ecosystem. It is possible to focus on meeting the minimum requirements and implement only the mandatory interfaces and consent management, but alternatively, the company can also take an active role as a FiDA user and use the data that opens up to build new services, platforms and partnerships.
FiDA is a significant structural change, where data management is transferred to the customer. Competitive advantage comes from the ability to combine reliable data management and high operational resilience with innovative service development.
