CFPB outlines customer data sharing principles

The Consumer Financial Protection Bureau has issued principles for protecting consumers when they authorize third party companies to access their financial data to provide certain financial products and services.

The Consumer Financial Protection Bureau has issued principles for protecting consumers when they authorize third party companies to access their financial data to provide certain financial products and services.

These principles are intended to help foster the development of innovative financial products and services, increase competition in financial markets, and empower consumers to take greater control of their financial lives. The principles reiterate the importance of protecting consumers to all stakeholders that provide, use, or aggregate consumer-authorized financial data.

The principles relate to data access, data scope and usability, control of the data and informed consent, payment authorizations, data security, transparency on data access rights, data accuracy, accountability for access and use, and disputes and resolutions for unauthorized access.

In developing the principles, the bureau said it sought to balance customer access to products with protections and data privacy and security. It also acknowledged efforts made by industry players to improve customer-authorized data access.

“Today, the Bureau released its consumer protection principles for the consumer-authorized data-sharing market,” said CFPB Director Richard Cordray. “These principles express our vision for realizing an innovative market that gives consumers protection and value.”

The bureau has been studying consumer-authorized data access and issued a Request for Information in 2016 to gather feedback from wide range of stakeholders. It received feedback from large and small banks and credit unions, their trade associations, aggregators, “fintech” firms, consumer advocates, and individual consumers.