The Consumer Financial Protection Bureau (CFPB) has proposed new rules that aim to boost Open Banking (Open Finance) in the United States, according to a statement by the agency.
Open Banking is a concept where financial data and access to this data is easily shareable and transferable by consumers. The key is control and how that data is used. Open Banking can be utilized to make changing banks easier or opening a new account instantaneous. Today, financial services firms leverage user data broadly, but the process is opaque beyond periodic statements sent to consumers that are supposed to explain privacy and use but fail in their goal.
The CFPB’s proposed Personal Financial Data Rights rule seeks to “jumpstart competition by forbidding financial institutions from hoarding a person’s data and by requiring companies to share data at the person’s direction with other companies offering better products.”
The CFPB states that currently, people’s access to their financial data is inconsistent from one financial institution to another, and the lack of “norms” is hindering development.
The CFPBs proposed Personal Financial Data Rights rule claims that it would ensure the following:
- Get their data free of junk fees: Banks and other providers subject to the rule would have to make personal financial data available, at no charge to consumers or their agents, through dedicated digital interfaces that are safe, secure, and reliable.
- Have a legal right to share their data: People would have a legal right to grant third parties access to information associated with their credit card, checking, prepaid, and digital wallet accounts. This type of data can help firms provide a wide range of products and services, including cash flow-based underwriting that stands to improve pricing and access across credit markets. When these firms offer a desired product or service, people would be able to switch providers more easily. They would also be able to more conveniently manage accounts from multiple providers.
- Can walk away from bad service: Not only would the proposed rule increase competitive forces among financial institutions, it would also enable people to walk away from bad services and products. People can become trapped by providers that hold their data, but this proposal would allow them to more easily shift their data to a competitor offering better or lower-priced products and services.
Additionally, the CFPB says the proposal will provide:
- Robust protections to prevent unchecked surveillance and misuse of data: Companies that people authorize to access data on their behalf would have to agree to certain important conditions. Third parties could not collect, use, or retain data to advance their own commercial interests through actions like targeted or behavioral advertising. Instead, third parties would be obligated to limit themselves to what is reasonably necessary to provide the individual’s requested product.
- Meaningful consumer control: The proposal would also give people the right to revoke access to their data. When a person revokes access, the proposal would require that data access end immediately, and deletion would be the default practice. Access can be maintained for no more than one year, absent the individual consumer’s reauthorization.
- A move away from risky data collection practices: Many companies currently access consumer data through screen scraping, which often requires people to share their usernames and passwords with third parties. This proposal seeks to move the market away from these risky data collection practices.
- Fair industry standard-setting: Instead of providing detailed technical standards, the rule contains several requirements to ensure industry standards are fair, open, and inclusive. The CFPB intends to assess future standards developed by the private sector under the terms described in the rule.
Under the proposal, the requirements would be implemented in phases, with larger providers being subject to them much sooner than smaller ones. In addition, the many
Lewis Turek, VP and General Manager, North America at GoCardless shared the following statement on the CFPB proosal:
“The US is a hot-bed of open banking innovation and customer demand is rocketing: over 65m consumer accounts are now using a common, free API standard to securely connect to innovative fintech services. GoCardless applauds the CFPB for proposing a Personal Financial Data Rights rule that will help ensure the open banking sector continues to grow sustainably and with customers’ interests at its heart.”