The AMF publishes its proposals for an open finance framework

What Changed

• The publication outlines AMF's proposals for an open finance framework, building on open banking (e.g., PSD2) to include investments, insurance, and asset management data. Key elements include:
• Mandatory API-based data sharing for account information and payment initiation, extended to non-banking products like securities and insurance.
• Enhanced customer consent and control mechanisms, with granular permissions, revocation rights, and strong authentication.
• Security and liability standards aligned with DORA (Digital Operational Resilience Act), including incident reporting and resilience testing.
• Governance structure with a centralized standards body, similar to open banking hubs in the UK or EU.
• Proportionality for smaller firms, but with supervisory convergence via ESMA for cross-border activities. These proposals emphasize innovation (e.g., AI and tokenization integration) while addressing risks like data breaches and fraud, as per AMF's 2

Suggested Considerations

• Review and respond to consultation: Submit feedback on proposals via AMF portal (https://www.amf-france.org/en/news-publications/news/amf-publishes-its-proposals-open-finance-framework) to influence final rules.
• Conduct gap analysis: Assess current APIs, data sharing capabilities, consent processes against proposed standards; integrate DORA compliance.
• Update policies: Revise customer onboarding, data protection (GDPR alignment), and TPP accreditation processes.
• Engage stakeholders: Participate in AMF's asset management tokenization consultation and AI use cases study for synergies.
• Test systems: Pilot secure APIs for investment/insurance data sharing; prepare for cybersecurity inspections.
• Train staff: On open finance obligations, focusing on senior managers' governance under AMF supervision.

Key Dates

Who is Affected