CFPB Rewrites Open Banking Rule as Banks Feud with Fintechs Over Your Data

A rule that dictates how your personal data is handled and passed between financial institutions is being rewritten.

The Consumer Financial Protection Bureau officially asked for feedback on the so-called “open banking” rule last week. Legacy financial institutions and new upstarts have staked out very different positions, and it’s worth paying attention: One side argues your data security is at risk, the other says you’re being ripped off.

To Fee or Not to Fee, That is the Question

The origin of the “open banking” rule goes back to the 2010 Dodd-Frank Act, which introduced sweeping financial reforms after the Great Recession. The law says financial institutions must provide consumers with their data upon request, and the “open banking” rule sought to clarify the details, notably by permitting consumers to request their data be shared with authorized third parties. It was issued in October 2024 but isn’t scheduled to take effect until June 2026.

The idea was to allow consumers greater financial flexibility: By sharing data with third parties, they could find better rates and services, compare products and obtain credit on better terms. Fintechs and the crypto sector hailed the rule as a breakthrough for potentially opening up more competition to traditional banks and credit unions. The banking industry saw things differently:

• While the rule contained strict guidelines for third parties wanting to access the data, the banking industry called for it to be scrapped, while the Bank Policy Institute, an industry trade group, sued to block it. Industry advocates argued it was an overreach of the CFPB’s legal powers, that banks would potentially be forced to pass on data to risky third parties more vulnerable to breaches, and that the industry should be compensated for providing access to customer data (JP Morgan advised fintechs they would have to pay up last month).
• The fintech and crypto sectors have argued that fees are anticompetitive and erode consumers’ freedom to use their financial technologies of choice, with apps like Coinbase, Venmo and Robinhood at risk of being hit with costs for accessing customers’ bank accounts with their consent. Earlier this month, over 80 fintech CEOs signed a joint letter to President Donald Trump objecting to “exorbitant new ‘account access’ fees” and arguing banks were “advancing a dangerous legal interpretation that a consumer’s right to their account information does not include the freedom to share access to a trusted application acting on their behalf.”

Rip It Up and Start Again: That this is still being debated is something of a miracle. The Trump administration initially sided with the banking industry and suggested it would withdraw the rule. But the president has also billed himself as friendly to the fintech and crypto sectors, which he courted during the campaign. That’s why the CFPB’s 180 left observers wondering if the decision to write a new rule was a sign of the sectors’ influence with the White House. Only time will tell, and for the next two months, you can tell the regulator what you think.