Between trilogue, non-paper and rumours of withdrawal: what will happen to FiDA in 2025?

In June 2023, the EU Commission presented its draft ‘Framework for Financial Data Access’ (FiDA), which is set to revolutionise data exchange in the financial sector across Europe. Until now, open banking has been largely limited to payment information. FiDA extends this principle to insurance, investment products, loans and occupational pensions. In future, customers will be able to decide for themselves whether to share their data with third-party providers. If they give their consent, banks, insurers and other data holders will have to make the information available via standardised interfaces.

The draft law defines the rights and obligations of all parties involved, while expressly excluding particularly sensitive health data. Overall, FiDA promises greater transparency and competition because service providers will be able to link financial information more comprehensively and develop better offers without restricting consumers' control over their data. After the draft was published, a long journey through the EU institutions began: consultations, statements and countless expert discussions were held to clarify how the far-reaching concept could be translated into law. However, what initially looked like an orderly legislative process soon turned into a political thriller.

The thriller surrounding FiDA

Both the Council of the EU and the European Parliament had adopted their negotiating positions at the end of 2024. Originally, the so-called trilogue negotiations, i.e. the decisive round of negotiations between the Commission, the Council and the Parliament, were to begin in early 2025. The surprise was therefore all the greater when FiDA suddenly appeared on the list of items to be scrapped in a leaked draft of the EU Commission's work programme.

This step is normally reserved for projects that have been blocked for a long time. According to media reports referring to a statement by the Commission, FiDA is said to be ‘too costly and complex’ and will therefore be withdrawn within six months. Only a few days later, there was a U-turn. On 11 February 2025, the Commission presented its final work programme, in which FiDA is listed as an ongoing legislative project.

The ‘non-paper’ of May 2025

In the midst of the tug-of-war over a possible withdrawal, the EU Commission presented an informal ‘non-paper’ in May 2025 in which FiDA was significantly streamlined. The Commission wanted to accommodate the wishes of the Member States and the financial sector.

• Target group: The focus is on private customers and small and medium-sized enterprises. Companies with an annual turnover of more than €50 million are excluded from the scope. In this case, the effort for data holders would be disproportionately high because the products are too individual to be easily standardised.
• Scope of data: Only transaction data from the past ten years and information from current contracts will be affected. Older documents or terminated business relationships will not be included.
• Authentication: The future EU Wallet (European Digital Identity Wallet) is to serve as the standard for customer authentication. Once introduced at the end of 2026, it will standardise user identification.
• Standardisation: The Commission is pushing for EU-wide data formats that are set by European standardisation organisations. At the same time, Financial Data Sharing Schemes (FDSS), interfaces, and questions about liability and compensation are being worked out to help move market-based solutions forward.

These changes would limit data sharing, cut costs, and keep FiDA in line with the General Data Protection Regulation.

What is being negotiated in the trilogue procedure

With the key points of the non-paper as a new basis for negotiation, the FiDA entered the next stage in early summer 2025. In the trilogue talks, the Commission, Council and Parliament are now wrangling over deadlines, obligations and exemptions. While the Commission is arguing for a transition period of 18 months from entry into force, the Parliament and Council are discussing a phased timetable of two to four years, depending on the data category. Germany and France favour 24 to 30 months, while FinTechs are pushing for a maximum of two years. There is also disagreement about the exclusion of sensitive health and creditworthiness data, a licensing requirement for account information service providers (AISPs) and strict supervision of digital companies such as Apple and Meta, which act as gatekeepers. How these issues will ultimately be resolved remains open. The only thing that is clear is that the trilogue will amend the proposed legislation once again.

Interim conclusion and outlook

FiDA aims to open up the financial data world in Europe. In future, customers will be able to use their information anywhere to compare insurance, loans or pension plans more easily and take advantage of new services. However, without consumer trust and convincing incentives for data holders, FiDA will remain pure theory.

However, the draft is much more than just another piece of regulation; it has the potential to drive innovation. This puts insurers in particular under pressure. They will have to revise their data strategies, digitise their processes throughout and make their advice noticeably more personalised.

It remains to be seen whether the Commission, Council and Parliament will be able to reach a workable compromise in the coming months. Nevertheless, many observers expect the negotiations to be concluded by the end of this year. Not least because Denmark will hold the Council Presidency from July 2025 and is considered a driver of digital finance issues. It is worthwhile for the industry to follow the debate closely and prepare for several scenarios. The opening of financial data is a done deal, but the conditions for its implementation are still unclear.

Further information on FiDA & Open Insurance

Open Insurance is set to drive a new era of insurance through the EU's FIDA framework: greater transparency, data control and innovation. Find out how standardised interfaces, API-based data usage and uniform GDPR-compliant frameworks benefit insurers and customers alike – and how you can strategically prepare for these developments today.

Learn more