rewrite this content using a minimum of 1000 words and keep HTML tags
After the CFPB withdrew its lawsuit over Section 1033 of the Dodd-Frank Act, the bureau stated that it would begin a new, “accelerated” rulemaking process with an Advanced Notice of Proposed Rulemaking (ANPR) within three weeks. That three-week period ended last week, on August 22nd, when the CFPB published its Personal Financial Data Rights Reconsideration, effectively kicking off the new rulemaking process.
Much is riding on how this rule takes shape, not only for banks, but for fintechs and consumers alike. Visa’s recent move to abandon its US open banking initiatives underscores just how high the stakes are. In its latest release, the CFPB asked for comments and data to guide its decisions on four critical issues tied to Section 1033. Below, we’ll walk through each issue and explore the potential impact.
Representatives: who deserves access to the data?
The first of the four issues is defining who can serve as a representative on behalf of the consumer. The question essentially asks who can make a request to access the consumer’s data on their behalf. Today, this includes not only the consumer themselves, but also third-party aggregators and fintechs, as well. If the CFPB decides to narrow this scope, it could potentially block third-party services from accessing consumer data, limiting it to the consumer and the bank itself.
The latter would favor incumbents as it allows them ultimate control. For fintechs, this would create a risky environment. The uncertainty would make it risky to invest and build APIs that could be restricted in the future.
Fee structures: who pays for data access?
The second of the four issues seeks to determine the optimal amount of fees that banks should be able to charge in response to a customer-driven request. As a result, data access may no longer be free for aggregators, which may require them and fintechs to reshape their business models in response.
Charging for data would allow banks to recoup compliance costs for API access, but may receive negative attention from fintechs and consumers. Additionally, fintechs with already thin margins may be forced to look for an exit.
Data security: weighing threats vs. benefits
The third of the four issues the CFPB spotlighted is the threat and cost-benefit analysis for data security associated with complying with Section 1033. If the Bureau requires compliance with tighter security requirements, all stakeholders will feel the repercussions of tighter security expectations.
With tighter compliance, small fintechs that previously had limited compliance requirements may now need to step up to higher standards. This could ultimately lead to consolidation, since large, well-resourced firms would be able to more easily meet compliance.
Data privacy: the cost of protection
The final of the four issues the CFPB spotlighted is the threat landscape surrounding data privacy associated with Section 1033 compliance. The Bureau may set new limits on how fintechs are allowed to monetize consumer data in an effort to maintain their privacy.
With new guardrails on how they are allowed to monetize consumer data, fintechs may face limitations on using data for personalized marketing or other secondary data uses. As a result, innovation may slow down, but consumers may gain more confidence.
Your turn to comment!
The CFPB’s recent call for comments is more than regulatory housekeeping. It is highly consequential and will determine the future of open banking in the US. The Bureau’s questions signal real costs, risks, and opportunities.
It is important to make your voice heard on these issues! In the six days that the comment period opened, only seven comments have been submitted. Send your comments to the CFPB by October 10, 2025 at 11:59 pm EST.
Photo by Erik Mclean
Views: 25
and include conclusion section that’s entertaining to read. do not include the title. Add a hyperlink to this website [http://defi-daily.com] and label it “DeFi Daily News” for more trending news articles like this
Source link