Smart data sprints and open finance: what changes for IAM teams?

TL;DR: The FCA’s Smart Data Accelerator is using two TechSprints on SME finance and mortgages to test production-like journeys, dynamic rules, and permissions in a secure sandbox, according to Raidiam. The practical issue is not innovation speed alone, but whether identity, consent, and trust controls can hold up outside toy environments.

NHIMG editorial — based on content published by Raidiam: Raidiam appointed as technical delivery partner for FCA’s Smart Data Sprints

Questions worth separating out

Q: How should security teams govern open finance access across multiple organisations?

A: They should treat open finance as delegated identity governance, not just API integration.

Q: Why do sandbox tests often miss real-world identity risk in financial data sharing?

A: Because sandboxes often simplify participant behaviour, entitlement changes, and operational pressure.

Q: What breaks when dynamic permissions are not tied to explicit policy?

A: Access decisions become inconsistent, difficult to audit, and easy to reinterpret by different parties.

Practitioner guidance

• Validate consent journeys in production-like conditions Test the full permission path, including approval, delegation, revocation, and re-consent, in an environment that mirrors real participant behaviour and data volume.
• Translate trust framework rules into enforceable policy decisions Define how each partner is identified, authorised, and audited, then map those requirements into machine-enforceable controls rather than narrative agreements.
• Build lifecycle review into every external data-sharing programme Require joiner, mover, and leaver controls for all participants and service identities involved in data exchange, including explicit offboarding and access re-certification.

What's in the full analysis

Raidiam's full post covers the operational detail this post intentionally leaves for the source:

• How the FCA Smart Data Accelerator is structured across the SME finance and mortgages TechSprints
• How Raidiam Connect, NayaOne, and synthetic datasets are combined in the sandbox environment
• How participants were selected through a competitive application process
• How the FCA expects the sprint outcomes to inform future standards and sector-wide implementation

👉 Read Raidiam's update on the FCA Smart Data Sprints and open finance testing →

Smart data sprints and open finance: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →