Prudentiz is an organization of people, relations with businesses, regulators and policymakers and extensive information and work management tools. We are organized around common values of proficiency, efficiency, responsibility, transparency and commitment to provide unbeatable care in the areas of compliance and prudent management of our customers. Our aim is to equip the business of the customer with the most efficient regulatory and governance framework. We assist and advise our clients in large-scaled big data projects involving processing and use of consumer data in the financial industry.
All types of client-related information may be beneficial for the financial institution, bearing in mind that the social responsibility and the level of trust laid upon the financial institutions requires the use of advanced analytics in order to safeguard appropriate risk assessment, efficient fraud prevention and proper performance of statutory obligations in the field of AML/ATF.
Lately, financial institutions tend to use data collected on their own as well as data received from third parties, who provide professional services related to collection, processing and analysing of financial data for both financial institutions and their clients. Among those services providers, the key role of Third Party Providers (regulated in the PSD II) should be in particular emphasized. In this regard especially the use of account information services (AIS) has increased significantly since the PSD II legislative process and encompasses i.a. performing creditworthiness and insurance risk assessment, PFM (personal finance management) services and applying more accurate fraud prevention measures.

The scope of access to customers’ data depends on the character of a specific institution. Involving external sources in the process of acquiring data usually leads to the mitigating of risk and assures the legal accuracy thereof.
• Core business (provision of financial services)
• Maintenance of financial stability
• Fraud prevention
• Identification of increased insurance risk
• Creditworthiness assessment
• New products and tailored offers
• Anti-money laundering purposes
• Identity confirmation
During the next decade, the role of the use of consumer data by financial institutions will skyrocket and become a core element of their business. Third Party Providers will become native players in the financial market, creating their own competitive environment. Many financial institutions may combine a role of typical financial services provider and TPP (for instance as an aggregator of data from multiple payment accounts). TPPs will be able to build up the range of sources of data, which may cover for instance smart grids, online platforms maintained by the telecoms, e-commerce marketplaces, and social networking sites.
From the customers’ point of view, it is not only the main products offered which should be tailored to their needs, but also additional perks, such as cards or rebates. Clients may also count on new, structured products. Customers are looking forward to minimising the time and formalities needed to use financial services. With all the data already gathers, the procedure will be far shorter (e.g. credit decision issued within minutes).
One of the main barriers to be considered is a discrepancy between banking secrecy policies in particular Member States. The problem has been widely discussed in judicial practice of the ECJ (see cases: C 212/11 Jyske Bank, C-580/13 Coty Germany, C-522/14 Sparkasse Allgäu).

Another aspect of the problem are the discrepancies between the practice and approach of financial supervision and competition authorities in particular Member States, which generate a significant level of legal uncertainty for market participants. In some Member States regulators have practically prevented authorized institutions from integrating screen scraping technologies (such as the ones used by TPPs) into their market offering. In other countries, the presented policy is far less stringent, i.e. in Germany, where the Bundeskartellamt questioned the contractual provisions which prevented clients from the use of account information or payment initiation services in the Sofort case.

Clients’ behaviour and preferences may also be considered as a barrier. Payment data, as one of the most personal private information, is considered by the consumers as the one most worth protecting. Normally, clients do not want their banks to access personal details from their lives, as they are aware of the fact that this could change their position as a client for the future.
Consulting firm (legal and compliance)
Michal Mostowik