The CFPB Paves the Way for Open Banking

The Consumer Financial Protection Bureau took a key step toward enabling open banking in the U.S. by outlining guidelines for a standard-setting body. Open banking requires customers to share their bank and credit card account data with third-party financial technology companies, such as application programming interfaces. Defining and protecting consumers’ data rights is a critical part of the process. “Open banking, which will expose third parties and non-banks to financial data at insured banks, is a natural area for the CFPB to choose to cover,” said Brian Riley, Co-Head of Payments at Javelin Strategy & Research. “Open banking is moving quickly across the world, and many regulations are not in place to ensure non-banks have the same rigors as banks. To protect all parties, the CFPB should be considered a welcomed ally in this area as the U.S. moves into open banking.” But there is still a long way to go. Open banking has been in the works since 2010, when Congress passed a Personal Financial Data Rights law. In October 2023, the CFPB said it would propose a rule to implement those rights. The rule finalized this week set forth the qualifications to become a recognized industry standard-setting body that would assess consumer privacy rights.

Neutral Parties Sought

The agency has said it plans to rely on industry and consumer advocates to set the technical standards for open banking in the U.S. “The CFPB will not recognize any standard-setting organization that is rigged in favor of any set of industry players,” the agency’s stated. “The process must be open to all interested parties, including public interest groups, app developers and a broad range of financial firms with a stake in open banking.” Mastercard is one of the key players positioning itself in this space. Its collaboration with Worldpay allows consumers to facilitate direct bill payments from their bank accounts and authorize the sharing of their data without it being stored.

Avenues for Growth

An analysis of payments in North America from McKinsey estimates that account-to-account transfers, a key element of open banking, could handle about $200 billion in consumer-to-business transactions by 2026, with potentially much more in other types of payments. But consumers won’t want to participate if their data is being exposed. “As an industry, we need to solve for some of these legal initial implications and assuage any concerns from a legal and ethical standpoint,” Amit Shastri, Senior Director of Product Management at Worldpay from FIS, told PaymentsJournal earlier this year. Shastri expects one of the next steps to involve action that facilitates collaboration between APIs, with common standards adopted for the interfaces. Additionally, the ISO 20022 messaging standard to improve insights through data and conversion rates will help as well.