Open banking took more than a decade. But it’s drawing close.
Good day, and welcome to Protocol Fintech. This Monday: open banking, Mastercard’s crypto partnership, and defining “buy now, pay later.”
Opening up banking
It’s been 12 years since Congress passed the Dodd-Frank Act, the largest Wall Street reform in American history. The effects of the bill have been far-reaching, but one key part, Section 1033, has been on hold all this time.
Now, finally, an end appears to be in sight. The Consumer Financial Protection Bureau, the agency tasked with rule-making under Section 1033, has signaled that the issue will go before its small business review panel before the end of the year.
The provision was meant to provide marching orders to banks and fintech firms looking to share data and grow their businesses by providing new digital services to customers, like budgeting software and online bill pay. Most importantly, it mandates that data should also be made available to the consumer.
The CFPB’s press office did not respond to the direct question of why rule-making has taken over a decade. But the bureau’s director, Rohit Chopra, was appointed last year and has suggested open banking is an issue he’s eager to tackle.
Most experts agree that the best way to securely transmit that data is through the use of open, direct APIs. According to hosts and two attendees, Chopra clarified at the Fintech Policy Forum last month that impending rules would place guardrails on what APIs should and should not do, rather than forcing the implementation of a single standard.
An industry group called the Financial Data Exchange, or FDX, has been a key player in generating surprising cohesion between fintechs, banks, and consumer groups. Though FDX doesn’t advocate for specific policy proposals, its approximately 230-organization membership has settled on a single open API standard it thinks should adequately address any regulatory or industry concerns.
Banks’ argument, historically, has been that data sharing should be minimized in order to ensure financial and data privacy. Fintechs, meanwhile, feel that customers should be able to share as much of their own data as they would like so they can use fintech products and services — positions that, for the most part, have remained the same ever since.
But FDX has found compromises. The threat of screen scraping has forced banks to come around to the idea of using open APIs, while impending regulation has forced fintechs to come to the table too. FDX’s organizing structure, which allows companies big and small only one vote on major proposals, also helps generate consensus
“Once you start getting everyone together, you realize there’s a lot of commonality,” Don Cardinal, FDX’s managing director, told Protocol.
There still remain a few unanswered debates in open banking, however, that the CFPB will need to settle. FDX’s standard suggests interoperable data formats that should be used, but does not force any firm to comply, for example. The diversity of the financial system in America also allows for many niche perspectives that may be yet unaccounted for — namely small regional banks and credit unions. But Cardinal said his sources on Capitol Hill tell him that draft rule-making can be expected six months after panel review, and rules 90 days after that, putting the end of what would be a 12-year wait for rules governing the field of open banking sometime near August 2023.
Protocol link: https://www.protocol.com/newsletters/protocol-fintech/open-banking-section-1033-cfpb