European Supervisory Authorities Issue Final Report on Financial Institutions' Use of Big Data

The Joint Committee of the European Supervisory Authorities has published a final report on the use of Big Data by financial institutions. The Final Report has been prepared following feedback to a discussion paper published in December 2016 by the Joint Committee’s sub-Committee on Consumer Protection and Financial Innovation. “Big Data” is the term used to refer to situations where high volumes of different types of data, produced with high velocity from a wide variety of data sets and sources, is processed (often in real time) by IT tools, such as powerful processors, software and algorithms. Big Data tools have been in use for several years in some sectors, but less so in others. Nevertheless most respondents to the ESAs’ discussion paper agreed that Big Data may have an impact on almost all financial institutions and on their products and services. The use of Big Data techniques can help financial institutions to improve their understanding of customers’ preferences and their interactions with customers and clients. This can enable them to tailor products to their target markets and support effective product governance. However, the use of Big Data also entails risk, for example that the data collected is inaccurate (with the result that predictions based on it are flawed), that increased use could bring greater cyber risks and that a lack of transparency in institutions’ use of Big Data may make it difficult for consumers to be able to understand or control the use of their personal data.

The ESAs (that is, the European Securities and Markets Authority, the European Banking Authority and the European Insurance and Occupational Pensions Authority) consider that legislative intervention regarding financial institutions’ use of Big Data is not needed at this point, given that existing sectoral and data protection legislation already provides a framework to mitigate the risks from Big Data. The ESAs also note that the existing framework is (or will be) strengthened further by recent and forthcoming legislation, namely the Insurance Distribution Directive, the revised Markets in Financial Instruments legislation, the revised Payment Services Directive and, in the area of data protection, the General Data Protection Regulation.

The ESAs propose to monitor, on an ongoing basis, the use of Big Data in the financial sector, including engaging with data protection authorities, to assess whether the current framework adequately addresses the identified risks. The ESAs also invite financial institutions to develop best practices on the use of Big Data that will ensure Big Data strategies are fully aligned with the interests of customers and that customers are treated in a fair, transparent and non-discriminatory way. The Final Report sets out an indicative list of arrangements and behaviors that financial institutions should consider when developing good practices. These relate to consumer protection, disclosures on the use of Big Data and robust processes and algorithms.

View the Final Report.

View the December 2016 Discussion Paper and Responses.