For years, the U.S. banking system has been anchored in legacy systems that are now beginning to show their age. Almost 60% of industry experts see these outdated infrastructures as big hurdles when it comes to sharing data and doing business efficiently. And the consumers? They feel it too, with limited choices in financial products and a tricky, protracted process just to switch bank accounts. As Plaid’s John Pitts cleverly notes, you’re more likely to “get divorced” than to switch banks.
But change is coming. In October 2023, the Consumer Financial Protection Bureau (CFPB) stepped in with a bold vision to give consumers control over their financial data, by introducing a move toward open banking through it’s Personal Financial Data Rights (PFDR) rule.
For fintechs, this signals a huge shift. Consumer data being able to flow more freely not only creates a wealth of opportunity to transform the banking experience—but it also raises new exposures that must be addressed.
Why the shift to open banking?
The traditional U.S. banking model has kept consumer financial data securely locked up, first on paper and now digitally. But with the PFDR rule on the horizon, all that could change. Soon, consumers could authorize third-party apps—like digital budgeting tools or investment platforms—to access their financial information, opening up new possibilities for how they manage their money. This could enable third parties to provide new services and initiate bank-to-bank payments on the behalf of users.
APIs, or application programming interfaces, will be the magic making it happen. APIs enable secure data connections between third-party services and banks, helping to create a more open and decentralized banking structure. Not only can this increase transparency for customers, but it also lowers costs, leads to better products and supercharges competition.
The impact? If the U.S. rollout follows the same trajectory as the UK and EU’s Payment Services Directive 2 (PSD2) in 2018, we’re likely looking at a boom in fintech startups eager to innovate, offering smarter, more affordable services that change the way people think about banking. With more competition, we’ll likely see more banking products that are transparent, convenient and built with consumers in mind.
How the PFDR rule could impact fintechs
- High expectations for cyber security, with the rule requiring all regulated parties to adopt robust risk management practices. These will safeguard against potential data breaches and ransomware attacks, especially as data sharing increases.
- Heightened exposures to risks such as mis-selling, poor advice and technological failures, as new financial products are delivered through innovative distribution models. This will put a premium on strong contractual agreements between traditional banks and FinTech startups, with provisions for any breach of terms.
- A surge in investment interest, drawing in venture capital and putting pressure on fintechs to meet high shareholder expectations.
- Growth in digital payment volumes and transactions, driven by a rise in APIs. This will open up more avenues for fraud, with both companies and consumers facing increased exposure to social engineering and funds theft.
- Opportunities and regulatory exposures, brought about by new technology, products and distribution. To navigate this evolving landscape, fintechs need to keep pace with new compliance requirements. So while the opportunities for innovation and growth are vast, they come hand-in-hand with a greater need for proactive risk and regulatory oversight.
Open banking: helping clients to stay ahead
If the CFPB’s proposed ruling goes into effect, it could unlock major opportunities for a diverse range of companies to enter the open banking landscape, be they innovative start-ups to established financial giants. At CFC we’ve supported businesses under the PSD2 Open Banking Regulation in the UK and Europe since 2020, leaving us well placed with the expertise and tailored insurance solutions to back businesses operating under the new US standards.
With the CFPB advancing quickly on these changes, we’ll be keeping a close watch on developments to ensure that our broker partners are fully informed and equipped to manage any emerging risks for their fintech clients.
Speak to the team on open banking risks for your clients. Get in touch here.
