Beyond the Checkbox: Can We Get Truly Meaningful Consent?

Desta is the bookkeeper of her local savings group in Ethiopia and a first-time smartphone user. Her group’s organizing NGO has asked her to start using a mobile app to record their financial transactions. The idea is that the group’s records can then be shared through the app with a local MFI to support future loan applications. With some help from her 10-year-old son, she learns how to provide consent in the app to share her group’s financial information with the MFI. 

Success! Or is it? Given that she needed assistance navigating the consent process and only has a few years of formal schooling, how confident can we be of her understanding of the consent she was providing? Did she really read and understand the written terms and conditions about what data was being shared and how it would be used? Does she know how to limit the sharing of personal information to protect the privacy of group members?

Ethical questions about consent

These are the thorny questions I confronted firsthand when I led the development of DreamSave at DreamStart Labs in 2023. 

On the one hand, a broad consensus exists that data-sharing can be a critical enabler of financial inclusion. By tapping into alternative data sources, from mobile money transactions to digitized informal savings records, financial institutions can reach people who have historically been excluded and underserved. In the case of DreamSave, sharing savings group member data with financial institutions helped women-led businesses to access finance. 

On the other hand, how ethical is consent from vulnerable, semi-literate populations when it is not clear how well they understand what they are agreeing to?  

Beyond the moment a user clicks “Agree”

These ethical concerns are even more pressing today. Financial institutions are increasingly moving away from bilateral data-sharing to open, reciprocal data exchanges under open finance (OF) regimes. In 2025, at least 54 jurisdictions confirmed either the implementation of a mandated OF regime or plans to do so. A third of these jurisdictions come from emerging African economies with varying levels of financial inclusion and literacy. 

For open finance regimes, particularly in the context of emerging economies, consent cannot simply be a checkbox; it’s the foundation for consumer empowerment and protection.  Done right, it gives people real control over how their data is used to support their financial goals. Under the EU General Data Protection Regulation, consent is the "free, informed, previous and unequivocal manifestation of will, made through electronic channels, by which a customer agrees to the sharing of data or services for specific purposes." For digital financial service providers operating within OF regimes, this means looking well beyond the moment a user clicks “Agree.”

Meaningful consent requires systems that allow consumers to 1) securely authenticate, 2) conveniently authorize, and 3) continuously manage who has access to their data and why.  In other words, consent must be treated as an ongoing process of engagement, not a one-off event. 

The risk of consent fatigue

Despite regulators’ best efforts to enforce this process, many consumers don't fully absorb digital financial terms and conditions. “Consent fatigue” is often the cause, arising when users are overloaded with information and the consumer experience (CX) becomes unpleasant. The risk of this cognitive overload is greatest among people who face language barriers, limited financial and digital access, and low financial literacy. 

The challenge for providers who serve these markets is to achieve the right balance between disclosure and a seamless CX, including just enough friction to prompt genuine understanding without overwhelming users. Striking this balance is not easy, and it can be very costly. It becomes even harder to achieve in mandated OF regimes when coordinating between various providers who all must integrate their different products and interfaces in a meaningful way. But Brazil’s initial open finance implementation in 2021 provides a cautionary tale: banks achieved only half the consent success rate of fintechs, underscoring what’s at stake when CX management and industry coordination are neglected. 

Consumer experience standards are crucial

To realize open finance’s potential while ensuring consumer protection for the most vulnerable, providers and regulators must develop clear and fit-for-purpose CX standards that align with the unique digital finance adoption barriers faced in emerging economies. Building on the precedents set by Australia and England, CX frameworks in Africa and elsewhere should embed seven core principles throughout a consumer's DFS journey – from the initial consent request to ongoing authorization and data management:

1. Control: Give consumers real ownership and options regarding their data, not just take-it-or-leave-it choices.
2. Security: Communicate about security clearly and reassuringly. Don’t use alarmist language that triggers anxiety instead of informed decision-making.
3. Speed: Keep customer journeys flexible enough to support different situations. Avoid unnecessary friction, but include sufficient pause points for comprehension.
4. Transparency: Disclose information progressively and in plain language, with the goal of informing customers without overwhelming them.
5. Trust: Design every touchpoint to foster trust, and back up that trust with clear safeguards and remedies when errors arise.
6. Accessibility and Inclusivity: Offer data management interfaces in local languages and accommodate varying digital devices, connection qualities and literacy levels. Use visual aids to overcome literacy gaps.
7. Simplicity: Make instructions clear and intuitive, minimizing clicks and navigation for users with limited digital experience.

Indicative Consumer Consent Journey Framework: 

Source: Adapted from Open Banking Limited (2019) and Data Standards Body (2020)

Fulfilling the promise of open finance for those who need it most

Open finance can be a powerful engine to expand financial inclusion in emerging economies, but only if consent is genuine and users gain real control to manage access to their data.  Regulators and providers have the opportunity to help make this a reality by designing and implementing CX standards based on the seven principles above. 

Going beyond the checkbox, meaningful consent mechanisms can turn data management into an intuitive tool for choice and control, instead of just a forced requirement. And most importantly, the promise of data-sharing can be fulfilled: an open finance ecosystem where people like Desta truly understand, manage and benefit from the purposeful sharing of their financial data.