Not-So-Big and Big Credit Data between traditional consumer finance, FinTechs, and the Banking Union: Old and New Challenges in an Enduring EU Policy and Legal Conundrum

Abstract

This paper discusses the role and usage of traditional and non-traditional consumer data in the retail financial markets of the European Union in the context of the economic theories, policies, and law within which they work. Across Europe there is no common practice of using the credit data of consumers, which can be exploited for several purposes. Traditionally, they are used by the lending industry as a risk-management tool to underwrite borrowing decisions or price risks, but they can also be used as a practice of creditworthiness assessment. In some Member States, consumer data are part of a broader information centralisation system for the prudential supervision of banks and the financial system as a whole. Within this already complex picture, emerging technologies and the processing of new generations of personal data are starting to give way to new business models that can transform retail financial markets (Fintechs). Whatever the function the data perform, their source, type, breath, and depth differ greatly from country to country. Unlike for the harmonisation of EU rules on credit to consumers for the creation of the internal market, the underlying consumer data infrastructure remains fragmented at national level, failing to achieve univocal, common, or defined policy objectives under a harmonised legal framework. Likewise, the establishment of the Banking Union and the prudential supervision of the Euro-area demand standardisation and convergence of the data used to measure debt levels, arrears, and delinquencies. The many functions and different usages of credit data suggest that the policy goals to be achieved should inform the design and structure of the databases, as well as the role, legal, and institutional framework of the organisations managing the data system (the Data Brokers). This is also because fundamental rights and consumer protection concerns arise from the dissemination and sharing of traditional and non-traditional data, as well as from their expanding uses. This is an area of the EU internal market that demands the attention of the EU legislator without further delays.