PSD2 and GDPR have driven the growth of open banking, but they may not be enough to fully support open finance, which refers to open access to all financial data. PSD2 applies only to payment accounts, while GDPR provides consumers with the right to data portability, but does not allow easy movement of data using TPPs via direct access. These regulations are a solid starting point, but need to evolve to ensure consumers, TPPs, and ASPSPs can make the most of open finance. Regulators will also need to establish clarity on protections, redresses, and liabilities that additional access will bring. The future of open finance requires further development to power a healthy financial life with various apps and services.