Technology RegTech

Banks Brace for Era of Consumer Data Sharing

News October 22, 2024 at 02:21 PM
Share & Print

What You Need To Know

  • The CFPB says bank clients will be able to demand, download and transfer their highly-coveted data to other financial firms for free.
  • The final rule should cover checking and prepaid accounts, credit cards and digital wallets, but not mortgages, student loans or car loans.
  • Many firms have already signed data-sharing deals rather than have consumers share user names and passwords with third parties.
Data entry on a spreadsheet

U.S. banks will now have to give customers access to their financial data after the top consumer watchdog finalized a long-awaited rule aimed at fueling more competition for financial products and services.

Under the Consumer Financial Protection Bureau's open banking measure, consumers will be able to demand, download and transfer their highly-coveted data to another lender or financial services provider for free.

The rule is aimed at making it easier for consumers to shop around for better rates and switch providers, which in turn will help lower the price of loans and improve services by boosting competition, CFPB Director Rohit Chopra said in a statement Tuesday.

"Too many Americans are stuck in financial products with lousy rates and service," Chopra said. "Today's action will give people more power to get better rates and service on bank accounts, credit cards, and more."

Even if consumers don't take any action, they could still benefit as lenders pro-actively offer them better service or rates to prevent consumers from jumping ship, Chopra said in a separate interview with Bloomberg News.

The rule could also urge lenders to consider different, newly accessible data in consumer loan applications, he added.

The measure effectively breaks banks' hold on crucial data from savings patterns and checking account data to rent payment history — a set up where some firms made switching harder to help boost profits, according to Chopra.

The effort stems from the financial crisis, when Congress enacted the Dodd-Frank Act with section 1033 giving consumers rights to access their financial data. An initial proposal was made public last year.

Banks and credit unions with more than $850 million in assets must comply with the rule. The largest institutions have until April 2026 to adhere while smaller institutions have until April 2030.

Non-depository firms of any size also have to comply, according to the CFPB.

Fintech Benefits

Fintechs like PayPal Holdings Inc.'s Venmo and Betterment LLC are poised to benefit from a more connected ecosystem of consumer financial data.

Consumer advocates and the fintech lobby have long called for regulators to make it easier for people to fire a financial services provider that does not satisfactorily meet their credit needs — whether on the basis of discrimination, some other unfair, deceptive, abusive act or practice or simply poor service, as a way to bolster competition.

Plaid, which connects consumers' bank accounts to fintech apps and services, said the rule puts consumers in the driver's seat.

"This rule will ensure more people have secure, reliable access to their financial information and accelerate innovations that benefit consumers," Plaid's global head of policy John Pitts said in a statement.

Wall Street industry groups, however, have argued that the CFPB rule could expose them to liability if a third-party is compromised, among other concerns.

The rule requires that banks set up and maintain interfaces which allow third parties, when granted permission by consumers, access to their data. A spokeswoman for the biggest US bank JPMorgan Chase & Co. called the measure "anything but" safe.

"This isn't open banking – it's open season for more fraud and scams," Trish Wexler, the JPMorgan spokeswoman, said in an emailed statement. "By mandating banks must hand over sensitive customer account data to any third party that got someone to click 'I accept' on their app, this rule handcuffs banks' ability to demand high security standards from third parties."

Privacy Concerns

Chopra said the rule institutes strong privacy safeguards. Any company authorized by a consumer to access their data can only use that data to provide products or services the consumer asked for, he said during a speech at a conference on Tuesday.

"It's pretty simple," Chopra said. "A company that ingests consumer's data can use the data to provide the product or service the consumer asked for, but not for unrelated purposes the consumer doesn't want."

The final regulation would cover checking and prepaid accounts, credit cards and digital wallets, but not mortgages, student loans or auto loans. Chopra said he's considering a number of other use cases, including how to reduce costs and complexity when it comes to originating mortgages.

Many firms — banks and fintechs alike — have already signed data-sharing deals to end the less-secure option of "screen scraping," whereby consumers share their user names and passwords with third parties.

This rule also strengthens protections by accelerating a shift away from that practice — which risks inaccurate data sharing and the spread of login credentials, according to Chopra.

An additional benefit could be to small business owners or freelance workers, who can use their existing data as verification to access financial products or capital, Chopra said in the interview.

"The nature of the way this could work may not be apparent to consumers, but may just provide that boost that I think on the margins will help a lot of people," he said.

(Credit: Shutterstock)

Copyright 2024 Bloomberg. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Client Outreach

Related Stories

These Two Tech Tools Wowed Judges, Advisors at XYPN Live Consumer Groups Balk at E-Delivery Bill BofA Says Regulators May Take Action Over Money Laundering, Zelle Independent Advisor Alliance to Provide Wealth.com's Estate Planning Tool Social Security Fixes Glitch That Shuttered Offices, Phone Service Data Firm Faces a Dozen Suits Over Social Security Number Leak

Resource Center

Can Systematic Risk Be Reduced? link

Guide

Can Systematic Risk Be Reduced?

The Business Model Playbook: Mastering Technology for Firm Success link

Playbook

The Business Model Playbook: Mastering Technology for Firm Success

Harnessing AI to Power Advisor-Client Relationships link

White Paper

Harnessing AI to Power Advisor-Client Relationships