US Open Banking given boost as CFPB proposes data rights rule

The Consumer Financial Protection Bureau (CFPB) has proposed the Personal Financial Data Rights rule, giving US consumers “the power to walk away from bad service”, and clamping down on “risky data collection practices”, such as screen scraping.

The rule is the first proposal to implement Section 1033 of the Consumer Financial Protection Act, according to the CFPB, in a statement released on 19 October.

Under the proposed Data Rights rule, individuals in the US would be able to share data about their use of checking and prepaid accounts, credit cards, and digital wallets, and to access competing products and services, without their data being collected, used, or retained to “serve commercial interests over their own”.

The CFPB stated that, rather than providing detailed technical standards, the rule contains several requirements to ensure industry standards are “fair, open, and inclusive”.

“With the right consumer protections in place, a shift toward open and decentralized banking can supercharge competition, improve financial products and services, and discourage junk fees,” said CFPB director Rohit Chopra.

“Today, we are proposing a rule to give consumers the power to walk away from bad service and choose the financial institutions that offer the best products and prices.”

Banks and other providers subject to the rule would have to make personal financial data available, at no charge to consumers or their agents, through dedicated digital interfaces that are safe, secure, and reliable, which the CFPB said will ensure consumers get their data “free of junk fees”.

By giving American consumers the legal right to share their data, the rule enables them to switch providers more easily and be better able to manage accounts from multiple providers.

To prevent unchecked surveillance and misuse of people’s data, the proposed rule provides protections to ensure that third parties could not collect, use, or retain data “to advance their own commercial interests through actions like targeted or behavioral advertising”.

The CFPB confirmed that under the proposal, the requirements of the new rule would be implemented in phases, with larger providers being subject to them “much sooner” than smaller providers.

Credit unions and community banks without a digital interface will be exempt from the rule.

Industry welcomes ‘milestone achievement’ and ‘broad scope’

Eyal Sivan, VP, Open Banking and Smart Data at Raidiam, wrote on LinkedIn: “As with previous Open Banking announcements from the CFPB, the tone taken is quite striking.

Raidiam’s Eyal Sivan

“It emphasizes enabling competition, strong consumer protection, the need for choice, and the importance of setting open industry standards.”

He added that the proposed new rule has a “broad scope”.

“Taking into account that it’s a data rights ruling (as opposed to a banking API and/or payments ruling) also bodes well for painting with a broad brush. Language like ‘banks and other providers’ certainly leaves the door open to go after other hoarders of data beyond financial institutions.”

Tom Burton, director of external affairs and public policy at GoCardless, called the announcement “another milestone achievement for Open Banking”.

“Whilst Open Banking has been around in the US for many years and we’ve already seen consumer demand rocketing, with over 65 million consumer accounts now using a common, free API standard to securely connect to innovative fintech services, this announcement pushes the agenda forward,” he added.

“Putting Open Banking on a regulatory footing will boost consumer confidence and trust, and ultimately accelerate adoption.”