Activities of Ondřej KOVAŘÍK related to 2023/0205(COD)
Shadow reports (1)
REPORT on the proposal for a regulation of the European Parliament and of the Council on a framework for Financial Data Access and amending Regulations (EU) No 1093/2010, (EU) No 1094/2010, (EU) No 1095/2010 and (EU) 2022/2554
Amendments (35)
Amendment 156 #
Proposal for a regulation
Recital 1
Recital 1
(1) A responsible data economy, which is driven by the generation and use of data, is an integral part of the Union internal market that can bring benefits to both Union citizens and the economy. Digital technologies relying on data are increasingly driving change in financial markets by innovating, producing new business models, products and ways for firms to engage with customers.
Amendment 160 #
Proposal for a regulation
Recital 4 a (new)
Recital 4 a (new)
(4 a) It should be noted that the costs of implementation of provisions to enable Open Banking through PSD II were high for the sector, particularly smaller actors. While the Directive has allowed the development of new and innovative offerings to customers, a cost-benefit analysis is essential to ensure that the expansion of Open Banking to Open Finance is not prohibitive to firms, particularly smaller firms.
Amendment 162 #
Proposal for a regulation
Recital 5
Recital 5
(5) Ensuring customer control and trust is imperative to build a well-functioning and effective data sharing framework in the financial sector. Ensuring effective customers’ control over data sharing contributes to innovation as well as customer confidence and trust in data sharing. As a result, effective control may helps overcome customer reluctance to share their data. Under the current Union framework, the data portability right of a data subject in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council9 is limited to personal data and can be relied upon only where it is technically feasible to port the data. Customer data and technical interfaces in the financial sector beyond payment accounts are not standardised, rendering data sharing more costly for businesses. Further, the financial institutions are only legally obliged to make the payment data of their customers available. _________________ 9 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).
Amendment 166 #
Proposal for a regulation
Recital 8
Recital 8
(8) A dedicated and harmonised framework for access to financial data is therefore necessarydesireable at Union level to respond to the needs of the digital economy and to remove barriers to a well- functioning internal market for data. Specific rules are required to address these barriers to promote better access to customer data and hence make it possible for consumers and firms to realise the gains stemming from better financial products and services. Data-driven finance wcould facilitate industry transition from the traditional supply of standardised products to tailored solutions that are better suited to the customers’ specific needs, including improved customer facing interfaces that enhance competition, improve user experience and ensure financial services that are focused on the customer as the end user.
Amendment 174 #
Proposal for a regulation
Recital 10
Recital 10
(10) The sharing of the customer data in the scope of this Regulation should be based on the permission of the customer. The legal obligation on data holders to share customer data should be triggered once the customer has requested their data to be shared with a data user. This request can be submitted by a data user acting on behalf of the customer where permission has explicitly been granted. Where the processing of personal data is involved, a data user should have a valid lawful basis for processing under Regulation (EU) 2016/679. The customers data can be processed for the agreed purposes in the context of the service provided. The processing of personal data must respect the principles of personal data protection, including lawfulness, fairness and transparency, purpose limitation and data minimisation. A customer has the right to withdraw the permission given to a data user at any time. When data processing is necessary for the performance of a contract, a customer should be able to withdraw permissions according to the contractual obligations to which the data subject is party. When personal data processing is based on consent, a data subject has the right to withdraw his or her consent at any time, as provided for in Regulation (EU) 2016/679.
Amendment 182 #
Proposal for a regulation
Recital 13
Recital 13
(13) The customer data included in the scope of this Regulation should include sustainability-related information, where applicable, that should enable customers to more easily access financial services that are aligned with their sustainability preferences and sustainable finance needs, in line with the Commission’s strategy for financing the transition to a sustainable economy12 . Access to data relating to sustainability which may be contained in balance or transaction details related to a mortgage, credit, loan and savings account, as well as access to customer data relating to sustainability held by investment firms, can contribute to facilitating access to data needed to access sustainable finance or make investments into the green transition. Moreover, customer data in the scope of this Regulation should include data which forms part of a creditworthiness assessment related to firms, including small and medium sized enterprises, and which can provide greater insight into the sustainability objectives of small firms. The inclusion of data used for the creditworthiness assessment related to firms should improve access to financing and streamline the application for loans. Such data should be limited to data on firms and should not infringe intellectual property rights. _________________ 12 Communication From the Commission to the European Parliament, the Council, the European Economic And Social Committee and the Committee of the Regions, Strategy for Financing the Transition to a Sustainable Economy, COM/2021/390 final
Amendment 195 #
Proposal for a regulation
Recital 22
Recital 22
(22) The permission dashboard should display the permissions given by a customer, including when personal data are shared based on consent or are necessary for the performance of a contract. The permission dashboard should warn a customer in a standard way of the risk of possible contractual consequences of the withdrawal of a permission, but the customer should remain responsible for managing such risk. The permission dashboard should be used to manage existing permissions. Data holders should inform data users in real-due time of any withdrawal of a permission. The permission dashboard should include a record of permissions that have been withdrawn or have expired for a period of up to two years to allow the customer to keep track of their permissions in an informed and impartial manner. Data users should inform data holders in real-time of new and re-established permissions granted by customers, including the duration of validity of the permission and a short summary of the purpose of the permission. The information provided on the permission dashboard is without prejudice to the information requirements under Regulation (EU) 2016/679.
Amendment 205 #
Proposal for a regulation
Recital 26 b (new)
Recital 26 b (new)
(26 b) In the setting up of financial data access schemes, all parties to the schemes should be involved. Competent authorities on both the European and national level should also be available for consultation by those setting up the schemes, and be ready to offer advice on best practice and examples of other schemes set up during the period running up to the application of this regulation.
Amendment 206 #
Proposal for a regulation
Recital 27
Recital 27
Amendment 231 #
Proposal for a regulation
Article 2 – paragraph 1 – point a
Article 2 – paragraph 1 – point a
(a) mortgage credit agreements, loancredit agreements and accounts, except payment accounts as defined in the Payment Services Directive (EU) 2015/2366, including data on balance, conditions and transactions;
Amendment 240 #
Proposal for a regulation
Article 2 – paragraph 1 – point c
Article 2 – paragraph 1 – point c
(c) pension rights in occupational pension schemes, in accordance with Directive 2009/138/EC and Directive (EU) 2016/2341 of the European Parliament and of the Council33 ; with the exception of data related to sickness and health cover of a member or beneficiary; _________________ 33 Directive (EU) 2016/2341 of the European Parliament and of the Council of 14 December 2016 on the activities and supervision of institutions for occupational retirement provision (IORPs) (recast) (OJ L 354, 23.12.2016, p. 37).
Amendment 255 #
Proposal for a regulation
Article 2 – paragraph 1 – point f
Article 2 – paragraph 1 – point f
(f) data which forms part of a creditworthiness assessment of a firm which is collected as part of a loancredit agreement application process or a request for a credit rating.
Amendment 258 #
Proposal for a regulation
Article 2 – paragraph 2 – point b
Article 2 – paragraph 2 – point b
(b) payment institutions, including account information service providers and payment institutions exempted pursuant to Directive (EU) 2015/2366;
Amendment 260 #
Proposal for a regulation
Article 2 – paragraph 2 – point c
Article 2 – paragraph 2 – point c
(c) electronic money institutions, including electronic money institutions exempted pursuant to Directive 2009/110/EC of the European Parliament and of the Council35 ; _________________ 35 Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7).;
Amendment 277 #
Proposal for a regulation
Article 2 – paragraph 3 a (new)
Article 2 – paragraph 3 a (new)
3 a. This regulation shall not apply to SMEs, but there shall be an option for SMEs to opt-in to the provisions of the regulation;
Amendment 294 #
Proposal for a regulation
Article 3 – paragraph 1 – point 1
Article 3 – paragraph 1 – point 1
(1) ‘consumer’ means a natural person who is acting for purposes other than his or her trade, business or profession, or a current ‘member’ or ‘beneficiary’ of the institution for occupational retirement provisions (IORP), as defined in Article 6 of the IORP II Directive’;
Amendment 309 #
Proposal for a regulation
Article 3 – paragraph 1 – point 3
Article 3 – paragraph 1 – point 3
(3) ‘customer data’ means personal and non-personal data that is collected, stored and otherwise processed by a financial institution as part of their normal course of business with customers which are available to the customer, and covers both data provided by a customer and data generated as a result of customer interaction with the financial institution;
Amendment 311 #
Proposal for a regulation
Article 3 – paragraph 1 – point 4 a (new)
Article 3 – paragraph 1 – point 4 a (new)
(4 a) ‘credit agreement’ means credit agreement as defined in Article 3 point (4) of Directive 2021/2167;
Amendment 320 #
Proposal for a regulation
Article 3 – paragraph 1 – point 6 a (new)
Article 3 – paragraph 1 – point 6 a (new)
(6 a) ‘financial information service’ means an online service of collecting or consolidating customer and storing data held by one or several data holders;
Amendment 332 #
Proposal for a regulation
Article 3 – paragraph 1 – point 9
Article 3 – paragraph 1 – point 9
(9) ‘investment account’ means any register managed by an investment firm, credit institution or an insurance broker about the current holdings in financial instruments or insurance-based investment products of their client, including past transactions and other data points relating to lifecycle events of that instrument;
Amendment 334 #
Proposal for a regulation
Article 3 – paragraph 1 – point 19
Article 3 – paragraph 1 – point 19
Amendment 341 #
Proposal for a regulation
Article 3 – paragraph 1 – point 29 a (new)
Article 3 – paragraph 1 – point 29 a (new)
(29 a) 'Small and Medium sized Enterprises' or SMEs, means an SME as defined in point (13) of Article 4(1) of Directive 2014/65/EU;
Amendment 346 #
Proposal for a regulation
Article 4 – paragraph 1
Article 4 – paragraph 1
The data holder shall, upon request from a customer submitted by electronic means, make the data listed in Article 2(1) available to the customer without undue delay, free of charge, continuously and in real-due time.
Amendment 414 #
Proposal for a regulation
Article 8 – paragraph 1
Article 8 – paragraph 1
1. A data holder shall provide the customer with a permission dashboard that is permanently available to the customer to monitor and manage the permissions a customer has provided to data users.
Amendment 446 #
Proposal for a regulation
Article 9 – paragraph 1
Article 9 – paragraph 1
1. Within 1836 months from the entry into force of this Regulation, data holders and data users shall become members of a financial data sharing scheme governing access to the customer data in compliance with Article 10.
Amendment 451 #
Proposal for a regulation
Article 9 – paragraph 1 a (new)
Article 9 – paragraph 1 a (new)
1 a. The financial data sharing scheme referred to in paragraph 1 shall be developed by market participants within the specified time-frame. In cases where such a scheme is not developed in accordance with this Regulation in this timeframe, those entities involved in the setting up of the schemes shall work with the relevant competent authorities on national and European level to develop the scheme, considering experiences across the market and always bearing in mind the concept of standardisation of schemes
Amendment 473 #
Proposal for a regulation
Article 10 – paragraph 1 – subparagraph 1 – point h – introductory part
Article 10 – paragraph 1 – subparagraph 1 – point h – introductory part
(h) a financial data sharing scheme shall establish, a model to determine the maximum compensation that a data holder is entitled to charge for making data available through an appropriate technical interface for data sharing with data users in line with the common standards developed under point (g) and taking into account market-led initiatives for other compensation schemes. The model shall be based on the following principles:
Amendment 502 #
Proposal for a regulation
Article 11
Article 11
Amendment 515 #
Proposal for a regulation
Article 12 – paragraph 2 – subparagraph 1 – point b
Article 12 – paragraph 2 – subparagraph 1 – point b
(b) a business plan including. where applicable, a forecast budget calculation for the first 3 financial years which demonstrates that the applicant is able to employ the appropriate and proportionate systems, resources and procedures to operate soundly;
Amendment 518 #
Proposal for a regulation
Article 12 – paragraph 3 – subparagraph 1 – introductory part
Article 12 – paragraph 3 – subparagraph 1 – introductory part
Financial information service providers shall hold a professional indemnity insurance or other comparable guarantee, covering the territories in which they access data, or some other comparable guarantee, and shall ensure the following:
Amendment 560 #
Proposal for a regulation
Article 27 a (new)
Article 27 a (new)
Article 27a Competent Authorities Role in the Setting up of Financial Data Sharing Schemes Competent authorities may be consulted on market-driven initiatives as regards the setting up of Financial Data Sharing Schemes as provided in Article 9. In such a consultative role they may share non- sensitive data in order to assist in setting up such schemes, with the aim of promoting standardisation, customer friendly interfaces, and sharing best practices.
Amendment 561 #
Proposal for a regulation
Article 30 – paragraph 2
Article 30 – paragraph 2
Amendment 562 #
Proposal for a regulation
Article 30 – paragraph 3
Article 30 – paragraph 3
Amendment 565 #
Proposal for a regulation
Article 30 – paragraph 6
Article 30 – paragraph 6
Amendment 583 #
Proposal for a regulation
Article 36 – paragraph 2
Article 36 – paragraph 2
It shall apply from [OP please insert the date = 242 months after the date of entry into force of this Regulation]. However, Articles 9 to 13 shall apply from [OP please insert the date = 1836 months after the date of entry into force of this Regulation].