Consumers using online account aggregation services will not have recourse to regulatory protection should their data be misused, the UK's Financial Services Authority has warned.
The watchdog's views on account aggregation services- which enable consumers to access multiple account details over a single Web page - were laid out yesterday in a speech by Philip Thorpe, FSA managing director.
The key message for consumers is that the FSA will have no powers to regulate the provision of account aggregation, he warned. "This activity will fall outside the jurisdiction of the FSA and, as a result, we cannot guarantee you the protection of the regulatory system if something should go wrong. While we can see the attraction in using the services of an aggregator, it is important that you weigh up the risks involved too."
Online account aggregation has proved popular in the United States. A number of UK institutions are understood to be developing similar services - including Egg, Barclays and BT.
The FSA stipulates that banks wishing to provide aggregation services should undertake regular checks of legal, security and systems and controls issues. "The are certain minimum standards to which the FSA expects regulated firms to adhere to in all their business activities," says the FSA in a statement. "They should not, for example, base a business model on any activity which they have been advised is a breach of the criminal law, regardless of the likelihood of prosecution."
Consumer too face risks, says the FSA, particularly if they disclose security information such as passwords or PIN numbers to an aggregator. Consumers may wish to consider issues of privacy, security and fraud before passing on sensitive personal data to a third party.