(10 months ago)
General CommitteesA lot of interesting points have been made, and I will address those made by the hon. Member for Hampstead and Kilburn, who raised the broader policy agenda around open banking. In response to her question about whether I will take a holistic view, the answer is yes. It is important to see all of these things in one picture, and I am doing a lot of work with the industry on that.
However, it is important to see that there are fundamental differences between the goals of open banking and pension dashboards—and this also addresses some of the points made by the hon. Member for Glenrothes. Open banking seeks to enable data sharing and increased competition and innovation in the banking market, whereas pension dashboards will help increase consumer awareness and understanding of their pensions. Therefore, in terms of what the purpose of those services are, we are talking about a difference between producers and consumers. One of the key differences is that it would be very unusual for somebody not to know the provider of their bank account, whereas we know that people have lost track of their pensions—often because they have so many different pots.
On the hon. Lady’s question about whether pension dashboards will use the Government’s One Login service, the short answer is that I do not know, but I am happy to write to her on that. I confess that I will have to check that myself, and I thank her for that question. On the hon. Lady’s question about timing, this SI is the beginning of the process whereby, as soon as possible, we will make sure that the architecture is developed safely.
That takes me on to not just the hon. Lady’s point, but also the point made by hon. Member for Glenrothes about minimising the risk of people losing their data. It is important for the Committee to know that no data is stored on pension dashboards. As a result, it is not possible to mass-harvest individuals’ data via dashboards technology. As for the Money and Pensions Service, security standards are designed to ensure that the ecosystem interface of qualifying pension dashboards meet the appropriate level—
I appreciate the Minister’s reassurances, but he will be aware that it was not possible for anybody at Fujitsu to mess about with the information held on Horizon until somebody discovered that it was possible. Without going into too much detail, at what level of expertise and at what level of independence from the whole project are the assurances of IT security being tested?
The hon. Gentleman asks at what level. In terms of the Money and Pensions Service, it is the National Cyber Security Centre that is advising specifically on these. I am happy to talk to him about it in future weeks and months, but that is the level of seriousness with which we take this issue.
When it comes to other private sector providers, as we talked about at the beginning of the debate, the FCA will determine at which point they are able to connect to the technical architecture. There are various dependencies, including the time required for them to familiarise themselves with the rules, when the architecture is ready and various other things, but the FCA will determine that. Why? I go back to the whole purpose of this statutory instrument: the FCA will make sure that this is a regulated activity to address the concerns of the Committee and others, because it is very important, as we all agree.
The SI introduces an important addition to the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 to ensure that pension dashboard operators are appropriately regulated and that consumers are protected. I am glad that there appears to be broad support from the Committee for the aims of the order. I thank Committee members for this debate, which I hope they have found informative, and I hope that they will join me in supporting this secondary legislation.
Question put and agreed to.