data privacy
The CFPB has issued a notice of proposed rulemaking to implement Section 1033 of the Consumer Financial Protection Act, which addresses personal financial data rights. The filing outlined requirements for financial institutions and other covered entities to provide consumers with access to their financial data in a secure and standardized format.
According to the Bureau, the proposal is intended to promote competition and consumer access to financial records. The rule would apply to financial institutions, including credit unions, as well as nondepository covered persons that provide consumer financial products or services. By setting clear obligations for data providers, the Bureau seeks to reduce barriers for consumers who wish to share their information with third-party providers.
The filing explained that consumers would gain control over their personal financial data by ensuring access to records in a usable format. In turn, this is expected to foster greater innovation in financial services while maintaining safeguards for privacy and data security.
The CFPB emphasized that the rulemaking process will be guided by public input. The agency invited comments from financial institutions, consumer groups, technology providers, and other stakeholders on the scope and implementation of the proposed standards.
In a statement, Independent Community Bankers of America President/CEO Rebeca Romero Rainey said, “Ultimately, we encourage the CFPB to focus its new rulemaking on promoting data security at third-party entities. Nonbank fintechs that access customer information and store bank login credentials may not take the same care in protecting consumer privacy and data that community banks do.”
Rainey continued, “Enhancing data security and oversight at these third-party entities will help ensure community banks are not faced with the impossible task of vetting the security protocols of potentially thousands of fintech companies seeking to access their customers’ data.”
Of the proposed rulemaking, Steve Boms, executive director of the Financial Data and Technology trade association said, “We urge the Bureau to uphold its commitment to ensuring a competitive, innovative and consumer-centric financial ecosystem. Consumers deserve meaningful control over their financial data, and strong, clear rules are essential to foster innovation, expand financial access and enhance consumer choice."
Boms added, "We are gratified that the Bureau is no longer entertaining arguments from the banking industry that the statutory definition of ‘consumer’ can be ignored. At the same time, we are concerned that the Bureau may be considering delaying implementation deadlines without consulting small businesses, particularly startups and small retailers, on how such delays could negatively impact their operations. The SBREFA process exists for precisely this type of consultation, and we urge the Bureau not to short-circuit it in ways that save the largest banks money but impose new costs on small businesses. We look forward to responding to the ANPR’s questions and engaging with the Bureau to advance policies that empower consumers and support the growth of safe, modern financial services across the country.”
The notice underscored that this effort is part of the Bureau’s broader strategy to improve consumer rights in the digital financial marketplace, aligning with its mandate under the Dodd-Frank Act to ensure fairness, transparency and competition.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.