Calls to change 90-day open banking consent rule
Open banking stakeholders have called for changes to the rule that requires consumers to reaffirm their consent every 90 days to share their data.
Emma Steeley, chief executive of Equifax’s AccountScore, said customers can revoke their consent at any point but are asked every 90 days if they want to simply withdraw it or reaffirm their consent through a long process of going through the consent screen, logging into their online banking and then coming back.
As part of a consultation on payment services and electronic money earlier this year, the Financial Conduct Authority (FCA) proposed creating a new strong customer authentication exemption so that customers do not need to reauthenticate every 90 days when accessing account information through an account information service provider.
“We fed into the consultation, and we expect the FCA maybe in January to come back for further thought in and around that,” said Steeley.
Read more: Open banking data shows use of the technology is on the rise
“I don’t think it’s unreasonable to ask consumers ‘are you happy to continue to share your data’ but going through the entire journey every single time is not necessarily best for the consumer depending upon what their situation is.
“I think certainly if you look in the debt management and insolvency space where you may be in some of those plans for five to seven years, re-authenticating every 90 days and having to go through the whole journey again causes fatigue and isn’t necessarily helpful.”
Daniel Rajkumar, managing director of Rebuildingsociety, a P2P business lending platform that uses open banking, said that the 90-day consent rule is a “pain”.
“The 90-day consent is a pain, and many don’t like it, people should be able to set the timeframe themselves,” he told Peer2Peer Finance News this summer.
“I hope the restriction will be lifted; a lot have been asking for it.”
Read more: Funding Circle launches embedded finance solution