Consumer Bureau to Decide Who Owns Your Financial Data
Featured Story, The Latest News

Consumer Bureau to Decide Who Owns Your Financial Data

What Should Banks, Fintechs Be Allowed to Do With All that They Know About You?

Jillian S. Ambroz

A federal agency is gearing up to make wide-ranging policy changes on consumers’ access to their financial data.

The Consumer Financial Protection Bureau (CFPB) is looking to implement the area of the 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act pertaining to a consumer’s rights to his or her own financial data. It is detailed in section 1033.

The agency has been laying the groundwork on this move for years, from requesting information in 2016 from financial institutions to hosting a symposium earlier this year on the problems of screen scraping, a risky but common method of collecting consumer data.

Now the agency, which was established by the Dodd-Frank Act, is asking for comments on this critical and controversial topic ahead of the proposed rulemaking. Unlike other regulations that affect single industries, this could be all-encompassing because the consumer data rule touches almost every market the agency covers, according to the story in American Banker.

The Trump administration all but ‘systematically neutered’ the agency.

With the ruling, the agency seeks to clarify its compliance expectations and help establish market practices to ensure consumers have access to consumer financial data. The agency sees an opportunity here to help shape this evolving area of financial technology, or fintech, recognizing both the opportunities and the risks to consumers as more fintechs become enmeshed with their data and day-to-day lives.

Its goal is “to better effectuate consumer access to financial records,” as stated in the regulatory filing.

The agency, established after the economic crisis of 2008 to ensure consumers were never manipulated and scammed again for unscrupulous profit, went off the rails under Trump. The current administration all but “systematically neutered” the agency, according to an article by The Brookings Institution.

The agency went from collecting $12 billion in fines for consumer abuses under its first director Richard Cordray, to collecting less than the cost of a half-decent sandwich over the first six months of this year. That’s right, through the second quarter of 2020, the CFPB collected just $8 from two civil penalties.

ACTION BOX / What You Can Do About It

The CFPB is collecting comments until Feb. 4, 2021 on how to protect access to your financial data and how to limit risk of sharing this data with third-party financial companies. The agency is compiling information to implement consumer safeguards to section 1033.

Share your comments, including Docket No. CFPB-2020-0034 or RIN 3170-AA78, via:

The Federal eRulemaking Portal: https://beta.regulations.gov/. Follow the instructions for submitting comments.

Email: [email protected]. Include docket or RIN # (listed above).

Mail/Hand Delivery: Comment Intake – Section 1033 ANPR, Bureau of Consumer Financial Protection, 1700 G Street NW, Washington, D.C.  20552.

 

Faced with eroding consumer protection and the economically crippling coronavirus pandemic Americans need the CFPB to do its job and protect them. So the agency is looking to implement section 1033. With the changing administrations, it’s not a foregone conclusion what will happen.

The issue is who really owns the financial data – the financial institution itself or the consumer. It’s become quite convoluted with the growing ubiquity of fintech as third-party owners of this information. Nearly 100 million American consumers use at least one finance app that takes data from their bank accounts, according to American Banker.

Consumers increasingly are turning to fintech to manage finances, using companies like Mint.com and data aggregators like Yodlee. To use these services, consumers must turn over access to financial data via login credentials and security question answers to the fintech companies.

In turn, these companies act and access the financial accounts just like the consumers themselves. And as part of the process, they become owners of the financial data, too. One of the risks is that there usually is not a set window of ownership; these third parties can own that information until a consumer changes the password, essentially. While consumers who use these services agree to these terms, the financial institutions may not.

This proposed rulemaking coincides with the transition in government, which is important for a few reasons. The current head of the CFPB, Kathy Kraninger, is criticized widely. A recent Supreme Court ruling allows presidents to fire CFPB directors at will; directors of the agency are no longer independent and immune from politics. Second, a Biden administration almost certainly means more changes to the Dodd-Frank Act, assuming Biden will look to restore all of the law Trump gutted.

Trump took a hatchet to the financial law, “dismantling the core pillars of financial reform,” according to an article by The American Prospect. Ever on the side of corporations and big banks, Trump, for examples, rolled back consumer and investor protections, reduced regulation of systemically significant banks 8.16 and stopped enforcing laws against financial predators.

So, the various players will jockey over what kind of guardrails get put in place going forward over what is expected to be a long battle.

With Biden overseeing the fight, at least it’s not an automatic forfeit for consumers. And for the new president, it could be the stuff of legacies.

November 26, 2020