Please click the link below to read FDATA’s response to HMT’s consultation on the implementation of PSD2.
FDATA submission to HMT – Implementation of the revised EU Payment Services Directive II
FDATA responds to EBA consultation
The Financial Data and Technology Association has responded to the European Banking Authority’s consultation on authorisation and registration under PSD2.
The responses (submitted online) are:
Q1: Do you consider the objectives of the Guidelines as identified by the EBA to be plausible and complete? If not, please provide your reasoning.
FDATA considers the objectives to be plausible and almost complete. Our key concern, though, is to ensure that smaller applicants providing narrower services are not subject to the same requirements as large multi-state applicants with broad services. An adjustable, tiered system would be preferable to facilitate this.
—-
Q2: Do you agree with the options the EBA has chosen regarding the identification of payment services by the applicant; the way information is to be submitted to the competent authority; the four-part structure of the Guidelines, and the inclusion of authorisation for electronic money institutions? If not, please provide your reasoning.
FDATA has no objections to these chosen options. However, we would ask you to clarify the process for an applicant with multiple lines of business.
—-
Q3: Do you consider it helpful how the EBA has incorporated proportionality measures in the Guidelines in line with PSD2? If not, please explain your reasoning and propose alternative approaches.
FDATA does consider this helpful and has no specific objection. In general terms, however, we would ask the EBA to constantly assess whether barriers to entry are too high and may stifle innovation. Would the EBA consider an exemption for some applicants under defined conditions?
—-
Q4: Do you agree with the Guidelines on information required from applicants for the authorisation as payment institutions for the provision of services 1-8 of Annex I of PSD2, as set out in chapter 4.1? If not, please provide your reasoning.
Please treat this answer as a catch-all for questions 4, 5 and 6.
Again, FDATA’s key concern here is the potential stifling of innovation which would result from barriers to entry for early-stage applicants. In this respect, the requirements around business plans, marketing and forecasting seem overly onerous.
Secondly, some of the information required appears too granular and technical in nature and lacks focus on the more important issue of the quality of an applicant’s information security management system.
Furthermore, for applicants with dynamic, cloud-based systems, some of the information requested is likely to change on a regular basis. We would ask the EBA to clarify whether notification of every change would be required.
In all these cases, it is possible to be more selective in the information required and still ensure that the approval process ensures only well-qualified applicants.
Finally, we would ask the EBA to clarify why ISO27001 has not been recommended as a standard to apply, having been mentioned in the Regulatory Technical Standards and recommended by the UK’s Open Banking Standard. Adoption of this would reduce the workload on competent authorities.
—-
Q5: Do you agree with the Guidelines on information required from applicants for registration for the provision of only service 8 of Annex I PSD2 (account information services), as set out in chapter 4.2? If not, please provide your reasoning.
See answer 4.
—-
Q6: Do you agree with the Guidelines on information requirements for applicants for authorisation as electronic money institutions, as set out in chapter 4.3? If not, please provide your reasoning.
See answer 4.
—-
Q7: Do you consider the Guidelines regarding the assessment of completeness of the application, as set out in chapter 4.4 to be helpful? If not, please provide your reasoning.
FDATA would recommend an addition. We would ask the EBA to explicitly state how long an incomplete application can wait before it is invalidated, after which a new application will be required.
FDATA responds to CMA order on open banking
The Financial Data and Technology Association (FDATA) has responded to the CMA’s draft order following its publication of the retail banking investigation, which led to the creation of the Implementation Entity.
Commenting on the submission, which can be read here, FDATA’s Executive Director Andy Maciver said:
“FDATA’s interpretation of the purpose of this order is that it should reflect the letter and spirit of the CMA’s final Retail Banking Investigation report. In that sense, we are broadly satisfied that this Order achieves its purpose.
“However, in our response we have taken the opportunity to make a series of general points which we believe are critical to the successful delivery of ‘open banking’, surrounding three areas: the ‘live market’ for fintech, the market for cyber-insurance and the need for a public awareness programme.”
FDATA response to the CMA’s draft order
Please click the link below to see FDATA’s response to the draft order by the CMA on open banking.
FDATA responds to EBA insurance consultation
The Financial Data and Technology Association has submitted a response to the EBA consultation “Guidelines on the criteria on how to stipulate the minimum montary amount of the professional indemnity insurance under PSD2”.
There were seven questions, which can be seen below along with FDATA’s answers:
Question 1: Do you agree with the requirement that competent authorities require undertakings to review, and if necessary re-calculate, the minimum monetary amount of the PII or comparable guarantee, and that they do so at least on an annual basis, as proposed in Guideline 8?
FDATA agrees with the principle behind this proposal. It is good for all market participants that operators are adequately insured, and we support the concept of competent authorities being in control of that regime.
However we would stress the need to minimise the administrative burden on the operators, especially in the case of start-ups who have little resource for such tasks. If the administrative burden is significant it could be seen as a barrier to entry to the market.
Question 2: Do you agree with the formula to be used by competent authorities when calculating the minimum monetary amount of the PII or comparable guarantee as proposed in Guideline 3? Please explain your reasoning
We have applied the proposed formula to some theoretical companies of different sizes, and we believe that the financial outcome tends to be fair. However whilst the outcome seems reasonable, we have concerns that the formula itself is overly complicated.
We would therefore encourage more work to investigate whether the same equitable outcome could be achieved through a less complicated formula.
Question 3: Do you agree with the indicators under the risk profile criterion and how these should be calculated, as proposed in Guideline 5? Please explain your reasoning.
As we noted in answer to question two, we generally support the indicators and the result they produce. However we are concerned that some companies, start-ups in particular, will find the system onerous and complicated. The EBA needs to be satisfied that a similar outcome cannot be achieved through a less complicated formula.
Question 4: Do you agree how the indicators under the type of activity criterion should be calculated, as proposed in Guideline 6? Please explain your reasoning.
See answer to question 3.
Question 5: Do you agree how the indicators under the size of activity criterion should be calculated, as proposed in Guideline 7? ? Please explain your reasoning
See answer to question 3.
Question 6: Do you think the EBA should consider any other criteria and/or indicators to ensure that the minimum amount is adequate to cover the potential liabilities of PISPs/AISPs in accordance with the Directive? Please explain your reasoning.
We do not believe the EBA need consider any other criteria or indicators to set a minimum amount, however we would encourage the EBA to consider criteria which would enable the setting of a maximum amount of adequate cover.
Question 7: Do you have any other comments or suggestions that you think the EBA should consider in order to ensure that the minimum amount is adequate to cover the potential liabilities of PISPs/AISPs in accordance with the Directive? Please explain your reasoning.
We believe that it is important that the EBA consults with the insurance industry to ensure that the calculations correspond with the current insurance industry assessment of risk for AISPs and PISPs.
FDATA COMMENDS CMA FOR FURTHER PROGRESS TOWARDS OPEN BANKING
Fintech’s trade body welcomes end of redaction and committment to direct representation
The Financial Data and Technology Association (FDATA) has today welcomed the Competition and Markets Authority’s Final Report of its Retail Banking Market Investigation.
FDATA’s members provide innovative financial applications and services to empower customers to make better decisions and take fuller control of their financial lives across all their accounts, credit cards, loans and investments.
FDATA has been campaigning since the release of the CMA’s provisional remedies on a series of remaining concerns, as follows:
- low uptake of the API as a result of redaction and limited data scope
- an unambitious timescale
- a lack of commitment to the future role of screen-scraping
- a lack of clear post-launch governance
- representation of FDATA’s members on the Implementation Entity
FDATA’s key issues are addressed in section 13 of the report, which can be read here.
Commenting on the release of the Final Report, FDATA’s Executive Director Andy Maciver said:
“Between its provisional remedies and its final report, the CMA has done a great service to the UK’s banking consumers, and on behalf of third party providers in the fintech sector we welcome its work.
“We are particularly pleased that the CMA is requiring direct representation for providers such as our members on the Implementation Entity and its Steering Committee, and we look forward to discussing which shape that might take with the existing Steering Committee.
“We also commend the CMA for accepting the compelling case against redacted data, which would have rendered the API unuseable for third party providers.
“We remain concerned that the proposed timetable, which is now effectively aligned with PSD2, lacks ambition and risks losing the UK the competitive advantage in fintech which the sector has worked hard to create. And whilst we fully understand and respect the CMA’s logic for not widening the scope of data, we remain committed to making the case for extending the inclusions in the API well beyond current account data.
“Furthermore, we believe there is an urgent need to put in place enduring governance arrangements and we look forward to working with the IE to help put these structures in place as an immediate priority.
“However, we have always accepted that compromise is required in order to achieve the open banking environment which UK consumers demand, and in that spirit we welcome the CMA’s report and welcome the enthusiasm which the nine banks, along with Payments UK, have shown towards the implementation of the API.”
FDATA responds to CMA’s retail banking market investigation
The Financial Data and Technology Association (FDATA) has today responded to the CMA’s provisional decision on remedies, the penultimate stage of its retail banking market investigation.
FDATA’s full response can be read here.
Commenting, FDATA’s Executive Director Andy Maciver said:
“FDATA has given a broad and strong endorsement to the CMA for its provisional remedies. We particularly welcome the provisional decision to require our largest banks to make transaction data available through an API, and the decision to pull forward by one year the write-access timetable suggested in the Open Banking Standard.
“FDATA has campaigned on the basis of four remaining concerns during this first half of 2016; those of the timescale for implementation, the scope of data to be included in the API, the role of screen-scraping and the problem of redacting data.
“We consider the CMA’s report to be a big step in the right direction on these issues and we believe that the CMA is determined to reach a destination which meets consumer demand. This is most welcome.
“However we have made several recommendations in our response which we believe would further improve the outcome and meet the aims of the CMA in terms of market impact, and we look forward to working with the CMA and other stakeholders on these recommendations between now and August.”
ENDS
FDATA welcomes new open banking push
The Financial Data and Technology Association (FDATA) has welcomed the decision by the Open Data Institute (ODI) to convene a new group to continue the work of the 2015 Open Banking Working Group.
The new group, which includes FDATA, will meet on 14th April for its first discussion.
Commenting, FDATA’s Executive Director Andy Maciver said:
“A huge number of people worked hard to produce last year’s Open Banking Standard, which was a solid foundation to move forward with an open API in UK banking. However much work remains to be done, and we share the ODI’s wish to build on the momentum which has been created.
“We’re delighted to join the new group, and our members will participate actively during the process. We must ensure that we mainstream the use of APIs and other data aggregation methods as widely and as quickly as possible in order to give the UK global leadership status.
“We are on the cusp of a great step forward in the UK banking industry, and we will work with everyone with a stake in it to create an open standard which empowers customers to make better decisions and take control of their financial lives.”
The ODI’s announcement can be read here.
Agenda announced for API discussion
FDATA and techUK has announced the outline agenda for the discussion on APIs to be held in London on 23rd March. It is as follows:
Event Host: Keith Saxton, Chairman of techUK
Event Chair: Gavin Littlejohn, Chairman of FDATA
09.00 Registration and coffee
09.30 Opening remarks from Keith Saxton
09.45 Opening remarks from Gavin Littlejohn
10.00 Panel 1: APIs – Further and faster? (Panel chair: Dan Morgan, Innovate Finance)
10.45 Use case demonstrations – Round 1
11.20 Coffee
11.30 Panel 2: APIs – Open vs closed (Panel chair: John Midgley, Intuit)
12.15 Use case demonstrations – Round 2
12.50 Closing remarks from Chair
13.00 Lunch and networking
14.00 Close
