Out-Law / Your Daily Need-To-Know

New fintech trade body to develop code of practice to ensure data security

Out-Law News | 16 Dec 2014 | 3:16 pm | 1 min. read

A new trade body for financial technology companies intends to develop a new industry code of practice that can ensure "complete data security" when consumers access their financial data via aggregator services.

The Financial Data and Technology Association (FDATA), which launched on Tuesday, said it wants to help consumers "make better decisions and take control of their finances". Money Dashboard, Moneyhub, QuickBooks, Runpath Digital, Safety Net Credit and Yodlee are the first six members of the FDATA.

"We have very simple twin aims: to bring the benefits of financial technology to the UK consumer, and to put in place a strict code of industry practice to ensure complete data security," director of the FDATA, Andy Maciver, said. "Our industry must be underpinned by a reputation for data security, so we have as much incentive as the banks and financial institutions to put a bullet-proof system in place."

The FDATA said it wants to involve the UK government, regulators and banks in formulating the new industry code "so that its members can, in effect, become a ‘white list’ of companies to whom banks can release data with full confidence"

Banking expert Tony Anderson of Pinsent Masons, the law firm behind Out-Law.com, said: "Whilst this can be seen as a positive initiative in informing and educating financial services customers, it will also be dependent on how any proposed codes of conduct are framed and what sort of ‘teeth’ they have to enforce their terms."

Maciver said the FDATA wants to work "as partners" with EU law makers, government policy makers, the banking industry and regulators. The Association's launch comes at a time when new payment services laws are being worked on by MEPs and ministers from across the EU.

Under current proposals, account information service (AIS) providers, like the FDATA members, would be subject to some rules contained in an updated EU Payment Services Directive (PSD2). Those rules would, among other things, require AIS providers to implement two-factor customer authorisations for accessing accounts and making transactions.

The launch of the FDATA also comes just days after the UK government outlined plans to require banks to use standardised application programming interfaces (APIs) to make it easier for customers to move their bank data to rival services.

A report published alongside those plans highlighted the appetite for bank data among "alternative lenders, accounting software platforms, comparison and advisory services, payment services" and other operators in the market, and the report authors, the Open Data Institute and consultancy group Fingleton Associates, said the use of standardised APIs by banks could both improve competition in the industry and help banks become more of a "platform" for other services.

Maciver said: "Our members’ apps and services make it easier for consumers to make better financial decisions. It is now imperative that consumers be allowed to access their information in the way they choose. This revolution has been waiting too long."