Open Banking Faces Challenges as Banks Urge Delay in New Data Rules

CFPB

Open banking, as it emerges more fully in the United States, promises to bring personalized services and products to customers, expanding financial access.

Data underpins the joint efforts of traditional financial institutions (FIs) and third parties to bring those innovations to the mass market.

But as recent communications from banks to the Consumer Financial Protection Bureau (CFPB) show, amid new rules governing the ways consumer-level data is collected and used, the complexities of those relationships require wholesale reconfigurations of everything, from technology to workflows.

Because of those complexities, the stakeholders want more time to get ready, per a letter from banking trade groups to the CFPB this week.

As PYMNTS detailed here, the CFPB’s rule would “implement section 1033 of the Consumer Financial Protection Act of 2010 (CFPA). The proposed rule would require depository and non-depository entities to make available to consumers and authorized third parties certain data relating to consumers’ transactions and accounts; establish obligations for third parties accessing a consumer’s data, including important privacy protections for that data; provide basic standards for data access.”

The goal is to foster data consistency, and to standardize the ways in which data and data access are shared. Generally, the FIs, as the data providers, must make consumer level personal financial data available, at no charge to consumers, and securely, to other enterprises across digital channels.

But in the letter, the American Bankers Association, Bank Policy Institute, The Clearing House and the Consumer Bankers Association state that “as the associations and their members have continued to review and analyze the proposal to plan and prepare for implementation, it has become even more clear than we had previously articulated in our comment letters that, once a final rule is issued, banks likely will have to make complex and time-intensive changes to their systems and processes to implement, and create associated controls to ensure ongoing compliance with, the requirements of a final rule.”

Numerous Tasks

Among the numerous tasks that would need done, banks would have to update public-facing websites to meet the final rule’s public disclosure requirements, as well as ensure data is provided in a (currently unknown) standardized format and “enable support for required data elements not currently shared (such as, for example, bill payment data, certain terms and conditions)…[and] upgrade underlying technology infrastructure to meet API performance standards.”

Third-party oversight would also have to be fine-tuned, as banks would have to “adapt” current data access agreements and third-party oversight processes.

As PYMNTS Intelligence found in February, among the use cases fostered by open banking are account-to-account transfers and pay-by-bank services.

Elsewhere, PYMNTS research in “The FinTech-Bank Relationship Shifts Toward Collaboration” showed that 65% of banks and credit unions have entered into at least one FinTech partnership in the past three years, with 76% of banks viewing FinTech partnerships as necessary to meeting customer expectations.

It’s been a busy month for pushback on the CFPB. As reported here, buy now pay later firms have asked the CFPB for five more months to comply with new regulations that classify the companies as credit card providers.