'Open banking' rules will put your financial data back where it belongs
Well, at least eventually since some companies have until 2030 to comply
The US Consumer Financial Protection Bureau (CFPB) has finalized a rule that requires banks, credit card issuers, and most other financial firms to provide consumers with access to their personal financial data - and to help them transfer it, generally at no cost.
When the rule eventually takes effect – anywhere from 2026 to 2030 depending upon financial firm assets and revenue, with the largest institutions having the least time to comply – it aims to make financial services more competitive by allowing consumers to move to different vendors more easily.
Under this "open banking" rule, covered financial firms: "shall make available to a consumer, upon request, information in the control or possession of the covered person concerning the consumer financial product or service that the consumer obtained from such covered person, subject to certain exceptions."
This data has to be made available in an electronic form usable by consumers and authorized third parties.
The rule [PDF], scheduled to be published in the Federal Register, implements the "dormant legal authority" of Section 1033 of the Consumer Financial Protection Act of 2010 (CFPA). It was passed as part of the Dodd-Frank reform in response to the financial crisis of 2007-2008 and also led to the establishment of the CFPB as a watchdog agency in 2011.
"Too many Americans are stuck in financial products with lousy rates and service," said CFPB director Rohit Chopra in a statement. "Today's action will give people more power to get better rates and service on bank accounts, credit cards, and more."
- Lab-grown human brain cells drive virtual butterfly in simulation
- Gary Marcus proposes generative AI boycott to push for regulation, tame Silicon Valley
- AI's energy appetite has Taiwan reconsidering the nuclear option
- Major publishers sue Perplexity AI for scraping without paying
The rule also outlines required privacy protections for personal financial data, specifying that third parties can only use data for a requested product or service.
"They cannot secretly collect, use, or retain consumers’ data for their own unrelated business reasons – for example, by offering consumers a loan using consumer data that they also use for targeted advertising," the CFPB said.
The rule prohibits data providers from making consumer data available to third parties through screen scraping and it requires that businesses delete consumer data when a person revokes access.
Mike Litt, consumer campaign director for the US Public Interest Research Group, said in a statement, "The promise of open banking is one step closer to being realized. This rule gives consumers greater control over their own data. It will be easier for consumers who feel stuck with their bank to make a switch by allowing them to transfer transaction histories to new institutions.
"Enabling secure transfer or sharing of financial data will incentivize financial companies to compete for customers by providing better interest rates and customer service.
"Moreover, access to transaction histories could lead to more personalized offers that consumers might not have qualified for otherwise." ®