Regulation and security – sounds dry at first? Not with us! Because behind the latest regulations and security standards there is a lot of movement, innovation and sometimes even a little excitement. In this issue, we focus on two topics that are currently the subject of much discussion: Firstly, we look at FiDA, the new set of rules that could radically change the financial world. Secondly, we examine Strong Customer Authentication (SCA) – why it is much more than just another check in the login process and how it turns trust into a competitive advantage.
FiDA: Open finance without bureaucratic blues
FiDA sounds like the name of a new fintech start-up, but it is actually an EU regulation that aims to tidy up Europe’s financial data. Instead of just practising ‘open banking’, FiDA opens the door to true open finance – from accounts and loans to insurance and securities.
The current status of the EU Financial Data Access (FiDA) Regulation is that trilogue negotiations (between the Council, Parliament and Commission) are ongoing – originally with the aim of finalising the regulation by the end of 2025, although the exact details, deadlines and final text are still open. Nevertheless, despite initial discussions about a withdrawal, the process is continuing and the regulation, once enacted, will have a major impact on the financial and insurance industries.
What this is all about, which data categories are affected and why the whole thing is much more exciting than it sounds at first glance can be found in the detailed FiDA Infos – perfect for anyone who wants to not only tick off regulation, but understand it (and maybe even like it a little).
SCA: Two factors that make fraudsters cry
Digitalisation has made payments child’s play – unfortunately also for cyber fraudsters. The EU countered this in 2018 with PSD2 and introduced Strong Customer Authentication (SCA): two independent factors (knowledge such as a PIN, possession such as a smartphone, inherence such as a fingerprint) must match for every online transaction in order to effectively prevent misuse.
SCA has actually massively reduced fraud rates for card payments – SCA transactions are significantly more secure than those without – and gives users more confidence while banks remain compliant. Since PSD2, SCA has reduced card payment fraud by up to 85% in some markets – fraudsters are crying, users are celebrating.
How exactly does the combination of factors work, what exceptions are there, and why is SCA more than just ‘another password’?
From clay tablets to real-time transfers: secure payments through the ages
The reliable and traceable processing of payments has always been a key prerequisite for functioning trade. As old as the exchange of goods itself, the art of securing monetary transactions has undergone many changes throughout history. Let’s take a brief journey through time!
- Ancient civilisations: Payments were secured by receipts, promissory notes and temple institutions. Putting things in writing created trust and reduced disputes.
- Greece and Rome: Bankers kept money safe, managed accounts and enabled cashless transfers. This minimised cash transport and counterfeit money risks even back then.
- Middle Ages: Bills of exchange enabled secure long-distance payments without cash. Trade guilds and city laws regulated their use and ensured their binding nature.
- Early modern period: Banks professionalised payment transactions; bills of exchange, cheques and double-entry bookkeeping increased security and traceability. More uniform currencies reduced further risks.
- 19th–20th centuries: Modern banks, telegraphic and electronic transfers, and credit cards made transactions faster and more secure. Central banks stabilised currencies.
- Digital modern era: Encryption, strong authentication, real-time transfers and global networks such as SWIFT secure today’s payments. Digital wallets and blockchain are expanding the possibilities.
FiDA – Where we stand today
In 2025, the topic of FiDA was the subject of intense debate and dramatic changes in direction. Changing political positions, new draft legislation and heated public discussions repeatedly unsettled companies and citizens alike. The question of how financial data may be made accessible and used in the future remained and remains the focus of attention – and caused confusion, pressure to meet expectations and widespread uncertainty. A snapshot:
- Negotiations: The trilogue negotiations are in full swing. The original goal was to reach an agreement by the end of 2025.
- Timetable: Adoption was scheduled for the end of 2025, but did not take place. The possible entry into force and the start of application are still expected in 2027 at the earliest.
- Uncertainty: The exact wording, scope and implementation deadlines have not yet been finalised, which makes planning difficult for institutions.
- Industry focus: FiDA will reshape data exchange across the entire financial industry, including banks, payment service providers, insurance companies and pension funds.
- Strategic importance: Despite delays, FiDA remains an important issue that motivates financial institutions to make strategic preparations and take advantage of open finance opportunities.
And here are a few fun facts about FiDA
- In internal EU meetings, FiDA was allegedly repeatedly misspelled as ‘FIDA’, “Fida” or ‘FidA’. In short, the regulation had a minor identity crisis right from the start.
- At tech conferences, FiDA has already been presented as ‘the big sister of PSD2’. Whether PSD2 sees it the same way is unclear.
- Some experts affectionately refer to FiDA as ‘the data vacuum cleaner with a TÜV sticker’.
