On 8 June 2026, the Financial Data and Technology Association (FDATA) submitted a formal proposal to Canada's Department of Finance and the Bank of Canada recommending the creation of a Sponsored Fintech Model under the Consumer-Driven Banking Act.
The proposal deserves attention - not just for what it proposes, but for what it reveals about the structural challenge at the heart of Canada's open banking build.
Canada's Consumer-Driven Banking Act creates an accreditation framework that every participating entity must comply with. That framework is designed to ensure the system is safe. But FDATA's proposal makes a case that the compliance burden of full accreditation, absent an alternative pathway, risks shutting out the very participants that the Consumer-Driven Banking Act was designed to empower.
Smaller fintechs and consumer-facing applications face a stark set of options: seek full accreditation at a cost disproportionate to their scale; operate outside the framework and risk breaching the law; or exit the Canadian market entirely. As FDATA’s Executive Director Steve Boms put it: none of those outcomes serve consumers or small businesses.
The proposed solution is a Sponsored Fintech Model - a tiered participation structure in which accredited aggregators or data intermediaries act as sponsors for smaller fintechs. The sponsor covers API infrastructure, consent management, and compliance oversight. The sponsored fintech remains subject to regulatory obligations including national security screening, data minimisation commitments, and independent audits, but accesses the framework through the sponsor's established infrastructure rather than building its own from scratch.
The model draws on established precedents: the UK's Financial Conduct Authority agent model, Australia's Consumer Data Right principal-intermediary framework, and the US broker-dealer sponsored access model.
FDATA's proposal is well-constructed and the problem it identifies is real. But it also, perhaps inadvertently, sharpens a question the proposal does not fully answer: what does it mean for an accredited aggregator to act as a responsible sponsor?
If a sponsoring aggregator takes on compliance responsibility for a smaller fintech, the quality of its own accreditation becomes load-bearing in a new way. It is no longer just evidence that the aggregator itself is safe to connect to consumer bank accounts. It becomes the foundation on which a chain of sponsored participants depends.
That changes what accreditation must look like. A one-time compliance check at onboarding is not sufficient for ongoing connections where the accredited sponsor is continuously vouching for the behaviour of entities underneath it. The sponsored fintech's risk profile - its team, its infrastructure, its data governance practices – often does not stay static after a consumer connects their account. It evolves. And the sponsor, and ultimately the bank holding the consumer relationship, carries exposure when it does.
This is why the Sponsored Fintech Model, if adopted, will require accreditation to be dynamic rather than static. Not a gate at the point of entry, but a continuous assessment of every entity in the chain - sponsor and sponsored - against a shared, independently evidenced risk standard.
That independence is key. Aggregators have long-running and understandable concerns that incumbent financial institutions may be tempted to employ their own risk management standards anticompetitively to shut aggregators and their customers out. At the same time, incumbent financial institutions themselves are concerned that aggregators may not rigorously vet all of their customers.
Open banking risk management has long been stuck in a stalemate on this issue, until now.
Invela published its Consumer-Driven Banking Risk Management white paper specifically because Canada's approach raises questions that the legislative framework alone does not resolve. Chief among them: who accredits the accreditors, and what happens when risk changes after the accreditation decision is made?
The FDATA proposal reinforces that framing. Accreditation is not a solved problem in Canadian open finance. It is a central question. And it requires more than a compliance checklist - it requires a framework that can assess risk at onboarding, monitor and score it continuously, and ensure that when something goes wrong, liability lands in the right place.
That is the infrastructure Invela is building: standardised accreditation, dynamic risk intelligence via the Invela Risk Indicator, and insurance-backed warranty - applied across the full network, including the sponsored participants and the aggregators that sponsor them.
FDATA is right that the Sponsored Fintech Model needs no new legislation. The Consumer-Driven Banking Act already gives the Governor in Council broad authority to make regulations respecting accreditation criteria, fees, liability, and classes of participating entities. The regulatory design choices being made now will determine whether the accreditation framework is a genuine trust layer or a compliance burden that concentrates participation among incumbents without producing the network-level accountability that open finance requires.
The Department of Finance and the Bank of Canada now have a formal proposal on the table. The industry has a window to shape what robust accreditation looks like in practice - not just who qualifies, but how trust is verified and maintained.
