Mike Hewitt chaired a roundtable at the UK's Smart Data Forum last week that ended with a provocation worth working through: we are still talking too much about data and not enough about systems.
He's right - and the implications run further than the energy sector he was addressing.
The lesson from open banking was never that APIs are valuable. The lesson was that trusted data sharing unlocks entirely new services, markets and consumer experiences. The API was the pipe. The trust infrastructure was what made the pipe safe to use.
Energy is now standing at the same moment. The standards largely exist. The data increasingly exists. The National Energy System Operator (NESO) has been appointed as Interim Data Sharing Infrastructure Coordinator - a meaningful step forward. The access question is being answered.
Which means the harder question has arrived: what happens once the data starts flowing?
Hewitt's framing of the consumer grid is precise. The traditional energy system was built around central generation and passive consumers. The emerging system is built around active ones - consumers with solar, batteries, electric vehicles, flexible demand. Consumers who generate, store, trade and optimise energy.
In a centralised system, the data chain is short. A utility knows its customers. Liability is reasonably contained.
In a consumer grid, the data chain is long, complex and horizontal. A consumer's energy data flows through flexibility aggregators, smart home platforms, EV charging networks, third-party optimisation services and financial products that price and trade against it in near real time. Each of those entities is a participant in the chain. Each carries risk. The consumer at the centre has no visibility into any of it.
This is the open finance problem, restated in energy terms.
In UK open banking, legal liability sits with the Account Information Service Provider (AISP) or Payment Initiation Service Provider (PISP) - the third party that accessed the data or initiated the payment. In principle, that is the right place for it to sit.
In practice, it does not work that way.
When something goes wrong, the bank - or the pension provider, or the insurer, or whoever held the original customer relationship - has to make them whole first. That is the entity the customer knows and trusts. That's where the complaint lands. That's who pays.
Then the recovery begins. The institution goes looking for which entity in the chain was actually responsible. And here is where the model breaks down.
If the liable party is a fintech or an aggregator, it may have a balance sheet that cannot absorb the exposure. The institution recovers nothing. If the liable party is a large platform or a major technology company, it has the legal resources to contest liability for years. The institution recovers nothing quickly. Either way, the institution that held the consumer relationship carries the cost - and the ecosystem carries the uncertainty of knowing that the system is resolving liability through litigation rather than design.
Energy smart data, scaled to a consumer grid, will inherit this problem. With one difference: the data being shared is not just financial transaction history. It is real-time information about when someone is home, what their routines are, what assets they hold. The consequences of misuse are significant.
Hewitt's sharpest observation is about what happened at the edges of the conversation. The discussion kept moving beyond energy. Finance. Property. Identity. Transport.
Each sector is solving similar problems - interoperability, consent, trust, verification, liability, consumer control - through isolated sector initiatives. Each with its own governance and its own liability model.
Hewitt asks whether the next phase of smart data is not more schemes, but a common trust layer. A trust architecture. A permission architecture. A verification architecture.
That is the infrastructure question Invela is built around. The answer is not a separate trust layer for every sector. It is infrastructure that independently verifies who is in the network, monitors risk in real time as data flows across sector boundaries, and - critically - pre-allocates liability before the incident defines it. So that when something goes wrong, the institution does not have to choose between absorbing the cost and spending years in court to recover it.
Hewitt closes with a frame that is right: smart data is infrastructure. Roads move people. Electricity networks move power. Smart data moves information.
Infrastructure requires accountability. Someone to verify who is operating on it. Someone to monitor the chain. Someone to ensure that when it fails, liability lands in the right place rather than disappearing into the gap between a thin balance sheet and a legal department that has more time than you do.
The technology is not the constraint. The constraint is governance. And governance without enforcement architecture is just aspiration.
Invela is the infrastructure layer that makes open finance trustworthy - accrediting who's in the network, monitoring risk in real time, and ensuring liability lands in the right place. Open finance, covered.
