Combining Open Finance and Data Protection for Low-Income Consumers
Open finance gives low-income consumers greater control of their personal information, helping make their data work for them, giving them access to more products at lower costs through multiple and easy-to-access channels, and allowing for remote consumer onboarding. Under open finance, with consent from the customer, banks and financial service providers (FSPs) would be required to share consumer data with other FSPs and/or third-party providers, such as fintechs. However, this unprecedented ability to move entire financial histories both empowers consumers and poses risks. For example, data users might pass on data to another party without consumers having much control over it or assurance that it will be used in their interest. Also, in the wrong hands, data could be used to commit fraud or cause other harm, undermining consumers’ trust in open finance and leading to low adoption. It is therefore important to create a legal framework that facilitates the sharing of customer data while also protecting it. This CGAP technical note highlights the basic data protection provisions that should be in place for an open finance regime, as well as how they can be addressed through law and regulation.