In our letter to the European Data Protection Supervisor on his opinion on the European Commission’s proposed Directive on consumer credits, we note that it is not possible to predict today what data categories could be used tomorrow to improve consumers’ access to affordable credit and make lending more responsible. We highlight that the European Data Strategy and the Common European Data Spaces have the potential to increase the supply of data that promotes responsible lending. As the credit and data markets are innovating quickly, making predictions is difficult. Limiting ex ante the types of data that can be used for creditworthiness assessments is, therefore, problematic. The EBA guidelines on loan origination and monitoring, which refer to what categories of data may be used in creditworthiness as way of example – and the corresponding enforcement of that guidance by supervisory authorities – are sufficient.

We also note that Credit Reference Agencies (CRAs) have pioneered the development and operationalisation of credit databases and credit scoring models and their underlying techniques for decades. In doing so, they have introduced and implemented robust governance arrangements, which they have honed over many years, based on their market experience; they are also in full compliance with all existing applicable regulations, not the least GDPR and its associated supervisory apparatus. Echoing the European Commission’s evaluation of the Mortgage Credit Directive, currently there does not appear to be the need to extend this supervision.