BaFin - Navigation & Service

Go to:

Symbolfoto © WrightStudio/stock.adobe.com

Topic Fintechs Open banking and open finance

Content

Open banking generally refers to personal and product data-sharing across companies with the customer’s consent.

Open banking

In most cases, open banking specifically refers to payment initiation and account information services, which are subject to the authorisation/registration rules that were incorporated into the German Payment Services Supervision Act (Zahlungsdiensteaufsichtsgesetz – ZAG) as a result of the European Second Payment Services Directive (PSD2).

To put it briefly, open banking services enable third parties to access payment data and initiate payment orders at account servicing institutions via technical interfaces, on the condition that this has been requested by the customer. The main objective of opening payments to third parties was to facilitate and regulate innovations for both markets and customers. Key information on payment services can be found under ”Payment services and PSD 2” on the BaFin website. You can also find further details on the activities requiring authorisation under the ZAG in BaFin’s Guidance Notice on the Payment Services Supervision Act (only available in German).

Open finance

Open finance goes a step further than open banking and refers to third-party access to financial data outside the area of payments. Examples include securities account data or insurance data. Depending on the rules to be set out in an open finance legal framework, third parties will have access to data via technical interfaces, provided that the customer agrees to this.

There is currently no legal framework for open finance that is similar to the framework that was established under the Second Payment Services Directive (PSD 2; see details above on open banking for more information). However, the European Commission is seeking to establish an open finance legal framework in the European Union by 2024.

As open finance is still a relatively new topic of discussion and many questions remain unanswered – compared to open banking – this article takes a closer look at open finance and explains what it involves exactly.

The European Commission’s work in the area of open finance

With open finance, the European Commission is seeking to allow for data-based innovation and more competition in the financial sector in order to pave the way towards data-driven finance. Open finance is a key component in the EU’s strategy for data and the creation of a common European financial data space. This sectoral financial data space is aimed at supporting the integration of the European capital market, steering investments towards sustainable activities and enabling innovation and efficiency gains for consumers, companies and authorities. According to the Commission, open finance is one of the key elements to achieve this goal in the European financial market.

In its Digital Finance Strategy dated September 2020, the European Commission announced its plans to establish an open finance framework in the European Union by 2024. According to the Commission, this will be coordinated with the review of the Payment Services Directive and related legislative acts on data and digital services.

The European Commission had originally planned to present a legislative proposal for open finance by mid-2022. However, in the summer of 2022, the Commission carried out a consultation of which the results are being incorporated into additional work to be carried out for the presentation of this legislative proposal. This has now been announced for Q2 2023.

The discussions on open finance are therefore still at an early stage, and there are many unresolved issues surrounding the legal framework. These will need to be clarified as work progresses. An article on open finance has been published in BaFinJournal to help achieve this.

Risks and opportunities associated with open finance

Given the opportunities associated with open finance, the European Commission is planning to introduce open finance in the European Union. Some of these opportunities include a rise in innovation, more competition and thus new and/or improved products that are better tailored to the specific needs of customers. In addition, open finance could improve customer access to financial products. Open finance could also result in lower costs for the financial industry, which would then lead to lower costs for customers.

However, there are risks alongside these opportunities. These include security risks, such as IT risks and fraud risks. Moreover, there are concentration risks resulting from new or an increase in market concentration among data-driven providers. There are also reputational risks for companies providing data. Open finance could pose potential risks for consumers, too, e.g. if customers are denied access to financial products if they do not want to or cannot give consent for their data to be accessed by third parties.

The aim of the open finance legal framework is to make the best possible use of the aforementioned opportunities and to mitigate these risks to a large extent.

Examples of open finance

The following examples are listed below to provide a better understanding of open finance and related services – which would be made possible by granting third parties access to the financial data of supervised entities with the customer’s consent. The services are based on access to customer data via technical interfaces, similar to open banking under the Second Payment Services Directive.

In the banking sector, comprehensive multi-functional banking, where deposits and loans from different banks can be viewed alongside payments in a single app, could serve as one example. In the insurance sector, a pensions dashboard offering an overview of existing pension products would be conceivable.

Although one example relates to the banking sector and the other relates to the insurance industry, this does not mean that it would not be possible for insurance contracts to be accessed in a multifunctional banking app or for securities account data to be accessed in a pensions dashboard.

Further details on a specific example can be found in the following BaFinJournal article (until now only available in German) on open finance.

Frequently asked questions

What is a payment initiation service?

Under section 1 (33) of the German Payment Services Supervision Act (Zahlungsdiensteaufsichtsgesetz – ZAG), a payment initiation service is a service in which a payment order is initiated on the instructions of the payment service user with respect to a payment account held at another payment service provider. For example, payment initiation services enable service providers in this area to give beneficiaries the assurance that a payment has been initiated so that they can make goods or services available promptly.

What is an account information service?

Under section 1 (34) of the ZAG, an account information service is an online service that provides consolidated information on one or more payment accounts – within the meaning of section 1 (17) of the ZAG – held by the payment service user with one or more payment service providers. As a result, the payment service user receives in real time a consolidated overview of their financial situation at a given time.

Authorisation

In accordance with section 10 (1) sentence 1 of the ZAG, authorisation from BaFin is required in order to provide payment initiation services. Those who intend to provide account information services exclusively must fulfil the registration requirements under section 34 (1) sentence 1 of the ZAG. Such an authorisation/registration under the ZAG can be granted/approved by BaFin only if the applicable requirements under the ZAG and the ZAG Reports Regulation (ZAG-Anzeigenverordnung – ZAGAnzV) are met. In the authorisation procedures under the European Second Payment Services Directive (PSD2), BaFin also applies the EBA’s Guidelines on authorisation and registration under PSD2 (EBA/GL/2017/09).

In contrast to other “conventional” payment services, a feature of payment initiation services and account information services is that the service provider does not at any stage of the payment chain enter into possession of client funds. Special rules therefore apply to these payment services, e.g. in relation to the documents and proof that must be submitted in the authorisation/registration procedure. For instance, companies that provide payment initiation services or account information services must, in accordance with section 16/section 36 of the ZAG, take out and maintain professional indemnity insurance or an equivalent guarantee during the period in which the authorisation/registration is valid.

BaFin offers a wide range of information on its website about payment services and the authorisation and supervision of these services under “Payment services and PSD2“. Moreover, BaFin has published some frequently requested information, which can be accessed here directly, too. BaFin’s contact form can also be used if you have any further questions. In addition, the Deutsche Bundesbank has provided information on its website about PSD2 and related payment services, as payment and e-money institutions are subject to the Bundesbank’s ongoing supervision, in addition to being supervised by BaFin.

Additional information

More on this topic

Did you find this article helpful?

We appreciate your feedback

Your feedback helps us to continuously improve the website and to keep it up to date. If you have any questions and would like us to contact you, please use our contact form. Please send any disclosures about actual or suspected violations of supervisory provisions to our contact point for whistleblowers.

We appreciate your feedback

* Mandatory field