The FIDA Discussion: Opportunity or Setback for the Future of European Finance?
Recently, there has been an uproar in the financial world surrounding the Financial Data Access (FIDA) regulation – an initiative that was supposed to shape the future of the European financial landscape in a sustainable way. As the CEO of a company operating at the intersection of traditional finance and digital innovation, I would like to share my perspective on the recent developments.

The FIDA Rollercoaster
The past weeks have been like a real rollercoaster ride: First, news circulated that the EU Commission intended to completely withdraw the FIDA regulation, then rumors followed about a possible 180-degree turn. Currently, however, everything indicates that the project will continue for the time being. FIDA was still listed as a "pending proposal" in the Commission's 2025 work paper published on February 12, 2025. A development that I fundamentally welcome.
The original idea behind FIDA is clear and forward-looking: The PSD2 reform (open banking for payment accounts) is to be extended to all financial services. This would mean that third-party providers could access not only account data, but also customer data from investment products, portfolios, and loans. Of course, always with the customer's consent. Unlike PSD2, financial institutions such as banks should be allowed to charge for providing this data, which I consider a sensible approach.
Between Lobbyism and Legitimate Concerns
Criticism of FIDA came primarily from the insurance industry and partly from the banking sector. This reaction is understandable, as any opening of data silos means change and potential new competitors. Especially for insurance companies, FIDA would be a paradigm shift, as they have not yet been confronted with "open finance" requirements.
However, the original FIDA proposal did have weaknesses that would have led to unnecessary bureaucracy and burdens for companies. According to many stakeholders, the complexity and implementation costs were disproportionate to the perceived benefits for customers.
The Danger of a Missed Opportunity
A complete withdrawal of FIDA – or even just a years-long delay – would be a significant setback for the digital transformation of European finance. As a company that develops digital interfaces for asset managers, we experience the challenges of the status quo daily: Without uniform standards, we have to build separate interfaces for each individual bank. An enormous effort that slows down innovation and scaling.
Today's asset landscape is fragmented. Customers maintain multiple banking relationships, their assets are distributed across various custodians, and specialized service providers offer different services. Without standardized data access, it becomes increasingly difficult to provide customers with a holistic overview of their financial situation and to offer tailored solutions based on that.
Lessons learned from PSD2
The implementation of PSD2 has shown that well-intentioned regulation can miss its mark through over-regulation. A concrete example from our practice: The need for two-factor authentication for transaction data older than three months poses an unnecessary hurdle for users. Such details may seem small but have massive impacts on usability and thus on the success of the entire initiative.
The better approach would be for the EU to define clear goals: such as reducing fraud cases to a certain percentage. It should then leave it to companies to decide how to achieve these goals. This approach would promote innovation instead of stifling it with rigid requirements.
International Competition Is Not Waiting
While Europe debates, other regions are acting. We are in a global competition for the best financial solutions, and every delay costs us ground. Especially for European FinTechs, the lack of standardized data access becomes a growth inhibitor. Missing standards lead to complex and costly individual developments that can stifle innovative business models in their infancy.
The Future of Wealth Management Needs Open Finance
In a time when we can unlock completely new possibilities for wealth management through artificial intelligence and machine learning, access to comprehensive data is the key to success. A data-driven wealth management, as we strive for at wealthAPI, enables:
- Individual investment strategies, precisely tailored to each customer's goals and risk tolerance
- Automation of routine tasks, allowing advisors to focus on value-added activities
- Transparent decision-making, where customers have insight into their investments at all times
- Scalability, to ensure high quality standards even with increasing customer numbers
All these benefits can only be fully realized if we have simple, standardized access to all relevant financial data. Exactly what FIDA was supposed to enable.
The Way Forward
The current situation also offers an opportunity: We can learn from the discussions and criticisms and develop an improved FIDA proposal that takes into account the legitimate concerns without losing sight of the fundamental goal.
As an entrepreneur, I am ready to actively participate in shaping such an optimized proposal. We need a framework that promotes innovation while ensuring the protection of customer data and avoiding unnecessary bureaucracy.
I expect three things from the EU Commission:
- Determination: A clear commitment to the basic idea of open finance.
- Pragmatism: The willingness to learn from the mistakes of PSD2 and avoid superfluous regulation.
- Speed: An ambitious timetable to avoid falling behind other regions.
The democratization of wealth management, i.e., high-quality financial advice for everyone and not just for the wealthy, will only succeed with an open data landscape. FIDA could create the decisive framework for this.
A Future-Oriented Outlook on Europe's Financial Landscape
The current discussion about FIDA is more than just a technical regulatory debate. It is about the fundamental question of how we position European finance for the digital future. A complete departure from the open finance principles would be a serious strategic mistake.
As a technology provider at the intersection of traditional wealth management and digital innovation, we see daily the potential that lies in an intelligent linking of financial data. Realizing this potential – for the benefit of consumers and to strengthen the European financial center – should be our common goal.
The future of wealth management will be hybrid: the perfect balance between human expertise and technological innovation. To make this vision a reality, we need a smart, balanced regulatory framework for access to financial data. Nothing less, but also nothing more.
wealthAPI Company Values: The Foundation for Success and Culture
In today's dynamic business world, company values are more than just buzzwords on a website. They are the heart of an organization, shaping its culture, guiding decisions, and paving the way to success. Clear and authentic values create a common ground, foster employee engagement, and strengthen relationships with customers and partners.
To create a strong and genuine company culture, we focused on developing authentic values that reflect how we truly operate at wealthAPI. These values are designed to be clear, actionable, and resonate with our team. During a collaborative workshop in summer 2024, our team collectively shaped the following "company values." We regularly engage in feedback sessions to ensure these values remain relevant and are consistently applied in our daily work, fostering a culture of continuous improvement and alignment.
wealthAPI's Values: A Compass for Innovation and Success
At wealthAPI, company values are not just a guideline but a living expression of the corporate culture. They reflect the passion, innovation, and commitment that drives the team.
1. Drive Innovation
"We embrace constant change and adopt new technologies - such as AI - but with us in the driver seat. We
constantly seek for new ways to get things done and are prepared to leave our comfort zone."
This value underscores wealthAPI's commitment to innovation. We are dedicated to pioneering new approaches and continuously developing to stay at the cutting edge of technological advancement."
2. Empower our customers
"We put our customers first. Our business relations are governed by mutual respect and fairness. Whatever we do, we think B2B2C to make our customers successful. Their growth is our growth."
This value highlights wealthAPI's dedication to collaborative success. We believe in fostering long-term partnerships that drive shared growth.
3. Communicate efficiently
"We communicate openly and do not hesitate to ask questions or give feedback. We show transparency on all levels including business development and KPIs. Written documentation is the preferred way."
Efficient communication is essential for any successful company. wealthAPI values open and transparent communication to avoid misunderstandings and promote collaboration.
4. Own your sh*t
"When we own a product or process we think it through and fit it into the bigger picture. Each of us is asked to take ownership on our own initiative. We act responsible and make it our problem."
This value emphasizes the importance of accountability and proactive engagement. We empower all employees to take ownership of their responsibilities and actively drive wealthAPI's success.
5. Focus on the right things
"We balance excellence and speed, using the right methods. We adjust our quality standards to meet the specific needs of our customers."
This value highlights wealthAPI's commitment to strategic focus and efficient execution. We prioritize key objectives to achieve excellence in quality while maintaining a rapid pace of delivery.
6. Enjoy the ride:
"We want to create meaning and impact with our actions. So: Have fun. Be yourself. Respect and help each other."
This value underscores the positive and supportive work environment at wealthAPI. The company values a pleasant working environment where employees feel comfortable and can develop.
A Strong Foundation for the Future
wealthAPI's company values are more than just words. They are a compass that guides the company into the future. They reflect the passion, innovation, and commitment of the team. These values foster a positive corporate culture, strengthen relationships with customers and partners, and form the foundation for sustainable success.
We express our heartfelt appreciation to all wealthAPI team members for their daily commitment to these values, which significantly contributes to our company's success!
DORA: Setting a New Standard for Cybersecurity in Finance
The EU has implemented a vast array of regulations designed to oversee the financial sector. This is essential for maintaining a stable and secure financial market, protecting consumers, and fostering fair competition.
Now, DORA, the Digital Operational Resilience Act, is being introduced. This regulation focuses on strengthening the cybersecurity and digital resilience of the financial sector. Its aim is to better equip EU financial institutions to withstand cyberattacks and digital risks, thereby ensuring the stability of the financial system.
As of January 17, 2025, DORA will be applicable to all financial institutions, including banks, savings banks, insurance companies, asset managers, and financial service providers. This broad scope encompasses entities such as factoring or leasing companies, and even account information service providers like wealthAPI.
Cyberattacks in the financial sector: A growing threat
The interest of cybercriminals in financial institutions is unsurprising, given that these companies deal with two highly valuable assets: money and sensitive data. With the financial sector being highly digitized, it presents an attractive target for cyberattacks. 2023 The number of cyberattacks targeting banks is on the rise. In 2023, BaFin received 235 reports from banks about severe IT issues, including cyberattacks. Although the 2024 data is not yet final, it's expected to show an increase. This trend is mirrored globally, with JP Morgan reporting a staggering 45 billion suspicious cyber events per day in spring 2024.
hrough DORA, the EU seeks to enhance cybersecurity and digital resilience in the financial sector. By mandating stricter digital safeguards for financial institutions, the EU aims to mitigate risks such as data breaches, ransomware attacks, and operational disruptions. The protection of sensitive customer information, including account and payment details, is a paramount concern.
The overarching goal of these stringent requirements is to safeguard the stability of the financial system. Cyberattacks on individual financial institutions can have systemic implications, affecting the broader financial market. A case in point is the November 2023 cyberattack on the US subsidiary of the Industrial and Commercial Bank of China, which temporarily disrupted US Treasury bond trading and necessitated manual clearing.
Cyberattacks pose a dual threat: they can disrupt critical systems and erode public trust. It is clear that without robust security measures to protect financial data, consumers will be hesitant to embrace digital banking services. The traditional savings account under the mattress could once again become the preferred method of saving.
DORA: Laying the Groundwork for a Secure Digital Financial Future
While DORA presents challenges for financial institutions, it ultimately enhances their digital resilience, offering long-term advantages. But what does this regulation entail? What specific actions are required of financial service providers? The mandates can be categorized into several key areas:
- Comprehensive ICT Risk Management
Financial institutions are required to conduct a thorough inventory of all their IT systems, processes, and data, identifying and assessing potential risks. This involves evaluating the likelihood of vulnerabilities being exploited and the potential consequences of such incidents. To mitigate these risks, financial institutions must implement specific measures, such as enhanced technical security controls and employee training. - Enhancing Digital Resilience
Financial institutions need to be able to maintain critical business functions during and after disruptions. Detailed contingency plans must be developed and regularly tested to ensure a swift and effective response to incidents. These regular stress tests are designed to evaluate the resilience of IT systems against a variety of threats. - Transparent incident reporting
DORA mandates that financial institutions report specific IT incidents to the supervisory authority, BaFin. These incidents can range from cyberattacks to critical system failures. Furthermore, incidents must be classified based on their severity and potential consequences. - Enhancing Third-Party Relationships
Financial institutions need to strengthen their relationships with external service providers by ensuring that these providers adhere to stringent security standards. Contracts with third parties must clearly outline cybersecurity requirements and establish protocols for incident response.
Implementing DORA necessitates a holistic approach to the IT environment, requiring close collaboration across all relevant departments. While DORA imposes stringent requirements on financial institutions, these measures ultimately contribute to enhanced security.
By enhancing their resilience as mandated by DORA, financial institutions become better prepared to mitigate the impact of disruptions and cyberattacks. This reduces the risk of data breaches, safeguarding sensitive customer information. Consequently, customers and business partners have greater confidence in these institutions. Successful implementation of DORA can significantly enhance an institution's reputation and competitive advantage.
Specific Measures for DORA Implementation
Although DORA does not dictate specific technical solutions, it establishes clear cybersecurity requirements. These requirements can be met through various concrete measures tailored to each financial institution's unique circumstances. For example:
- Data Encryption: All sensitive data, both at rest and in transit, must be encrypted to prevent unauthorized access.
- End-to-End Encryption: To protect highly sensitive data, such as online banking transactions, end-to-end encryption is essential.
- Role-Based Access Control (RBAC): Each employee should only have access to the information and systems necessary to perform their job duties.
- Multi-Factor-Authentification (MFA): To enhance security, access to critical systems should be protected by MFA, requiring additional verification beyond passwords.
- Real-Time Monitoring: IDPS systems should continuously monitor the network for suspicious activity and be able to detect and block attacks in real time.
- Unauthorized Access Protection: Firewalls should be used to filter network traffic and block unauthorized connections.
- Regular Updates: Software and systems must be kept up-to-date to address known vulnerabilities.
- Employee Awareness: A comprehensive employee training program is essential to foster a security-conscious culture and minimize the risk of human error.
Challenges in Implementation
The list demonstrates that the challenges of implementing DORA are significant. The EU adopted the regulation in December 2022 and published it in the Official Journal of the European Union on January 16, 2023. Financial service providers were thus given 24 months to implement the requirements.
Time that was needed. Adapting IT infrastructure and training employees is complex and costly. In the worst case, business processes had to be fundamentally revised. Close cooperation between different departments is essential to meet the new requirements.
Large institutions such as banks or insurance companies can address this problem with a lot of expertise and money. Smaller companies may find it more difficult to implement the new requirements due to limited resources and know-how. The higher costs can lead to competitive disadvantages and make it difficult to retain customers. There is a risk that smaller players on the market will be disadvantaged or even disappear altogether.
It is particularly critical for companies that are less digitally affine. DORA will put them to a severe test. Analog processes must be converted and adapted. Digital companies like wealthAPI can, on the other hand, view the regulation calmly. Although I cannot speak for others, our IT infrastructure is fundamentally geared towards security. We have been meeting the requirements stipulated by DORA for a long time. (Read more about our Security Requirements .)
Impact on Consumers: More Security, but Also Higher Costs?
DORA doesn't only have consequences for financial service providers. Users will also notice effects in the short or long term.
It's clear that increased security allows customers to conduct their financial transactions with greater confidence. Sensitive customer data such as account information, payment data, and personal data is better protected. This reduces the risk of identity theft and fraud. A stable financial system also protects consumers' savings and minimizes the risk of losses in financial crises or cyberattacks. This security ensures that consumers can better plan their financial future. In the long term, customers benefit from innovative products and services enabled by DORA. These could include, for example, improved mobile banking apps or personalized financing offers.
However, the higher security requirements could indirectly lead to higher fees or restricted services. To ensure security, certain services could be restricted or made more difficult. This could include, for example, international transfers or certain payment methods. Less profitable products or services could even be discontinued if they do not meet the new security requirements.
DORA – A Milestone, But…
DORA is a significant step forward in enhancing cybersecurity within the financial sector. However, the fight against cybercriminals is a constant race against time. While DORA establishes new standards, cyber attackers are also continuously evolving their tactics.
The success of DORA ultimately depends on how consistently financial institutions implement the new requirements and adapt to the ever-changing threat landscape. In addition to technical measures, the human factor is also crucial. Phishing attacks and social engineering specifically exploit human curiosity and carelessness. Only through a combination of robust IT systems and trained personnel can financial institutions effectively protect themselves against cyberattacks. Continuous employee training and a strong security culture are essential.
Artificial Intelligence (AI): The Future of a better Fintech world

Artificial Intelligence (AI) and Machine Learning (ML) are transforming the financial services industry
Artificial Intelligence (AI): When machines exhibit human-like intelligence
Machine Learning (ML): A subfield of artificial intelligence
Machine Learning, a subset of AI, concentrates on developing algorithms capable of learning from data without being explicitly programmed. The quality of the training data significantly impacts the model's performance.
This is how AI and ML are used in finance
wealthAPI: Empowering personalized finance with AI and ML
Data aggregation and processing: The backbone of wealth-AI
- Using current account data (PSD2), we've developed a , that offers our customers' users a clear picture of their spending habits.
- Custodial account data:Contains details on holdings such as stocks, mutual funds, and exchange-traded funds.
- Historical data: Allows for the evaluation of previous investment returns.
- Contractual data:Allows for the identification of recurring payments, premium adjustments, and contract term lengths.
- Simulated portfolios: Our partners' clients have the ability to test different investment strategies using simulated portfolios.
Training artificial intelligence models using anonymized dataset
Future vision: AI-powered performance analysis and wealth accumulation
- Analyzing individual portfolio performance: The AI will be able to analyze the performance of each individual client's portfolio, comparing it to similar portfolios (peer group), and identifying potential areas for improvement.
- Integrating real estate values: wealthAPI plans to include real estate values in its analysis to provide users with a comprehensive overview of their assets.
- AI-powered wealth-building plans: wealthAPI will provide partners' clients with AI-generated plans to help them achieve their financial goals.
wealthAPI travels with Senator Giffey to VivaTech in Paris
wealthAPI was part of a high-caliber delegation of 18 Berlin start-ups that presented their innovative business model to an international audience at Viva Technology in Paris.
presented their innovative business model to an international audience. As one of the few fintech companies at the trade fair, wealthAPI was able to present its pioneering solution for digital wealth management to a broad circle of potential investors and partners. Together with Berlin's Senator for Economic Affairs Franziska Giffey
wealthAPI took the opportunity to pitch at the stand of the Federal Republic of Germany and thus increase its visibility in the French market. The media interest was enormous and numerous discussions were held with international investors and financial service providers.
Participating in Viva Technology was an important step towards internationalization for wealthAPI. The contacts made and the positive feedback encourage the company in its strategy to develop the European market. In addition to Viva Technology, the company will also be attending the Websummit in Lisbon later this year with the same aim.
The trip was part of the internationalization project Berlin Goes International of the Berlin Partner for Business and Technology GmbH which is funded by the Berlin Senate Department for Economics, Energy and Public Enterprises.
Click here for the official press release from the Senate Administration (German only).
Financial education vs. financial advertising: Finfluencers targeted by German politics
"The German Green Party want to ban influencers from advertising financial products" – this headline in German newspaper Handelsblatt caused quite a stir last week. However, major German financial influencers make a valuable contribution to financial education and enjoy great popularity. They manage to present complex topics in an understandable and entertaining way, inspiring their followers to handle money responsibly.
However, the affiliate business, which many influencers use to monetize their platforms, is fraught with challenges. The legal framework is complex and constantly changing. Moreover, there is a risk that one's credibility could be damaged by exaggerated advertising claims.
For all influencers seeking a compliant and efficient way to monetize their reach more effectively, wealthAPI offers an attractive alternative. Our BaFin-compliant solution enables the transparent and customer-centric promotion of financial products. This allows influencers to focus entirely on their core competency: creating high-quality content.
The advantages of wealthAPI are clear:
- Security: All financial data of end customers is processed with the highest security standards.
- Transparency: Customers receive all the relevant information to make well-informed decisions themselves.
- Scalability: Influencers can better plan their revenues without annoying their community.
- Flexibility: The solution adapts to the individual needs of each influencer and, ultimately, the end customers.
With wealthAPI, influencers can not only make their revenues more predictable but also strengthen their credibility. After all, those who provide their followers with trustworthy financial tips build long-term relationships.