Following this announcement, the rule is expected to lower prices on loans and provide individuals with the possibility to fire financial companies that provide bad service more easily. It will also require financial institutions, credit card issuers, and other financial providers to unlock an individual’s personal financial data, as well as transfer it to another provider at the client’s request for free.
In addition, clients will have the possibility to switch to providers with improved rates and solutions in an easier and more secure manner. By fuelling competition and customer choice, the rule will also lower prices on loans and optimise user services across payments, credit, and banking markets.
According to the official press release, the rule will ensure that clients will be able to access and share data associated with bank accounts, credit cards, mobile wallets, payment apps, as well as other financial products. The initiative aims to address market concentration that limits customer choice over financial services and solutions. At the same time, clients will have access to, or authorise a third party to access, data such as transaction information, account balance information, upcoming bill data, basic account verification information, as well as data required to initiate payments. In order for this process to take place, financial providers must make this information available without any charging fees.
The rule will also move the US closer to having a competitive, safe, and reliable Open Banking system. It also represents a part of the CFPB’s efforts to finally activate Section 1033 of the Consumer Financial Protection Act, a dormant legal authority enacted by Congress in 2010. It will also accelerate responsible Open Banking in the region of the US, as the CFPB will develop additional rules to address more products and use cases. People will have the possibility to access more freedom to switch banks or providers and shop around for the best deal, while the financial data insight rule will enable FIs to offer products that help them attract new customers.
The guideline also establishes strong privacy protections, requiring that personal financial data can only be leveraged for the purpose requested by the clients. It makes sure that third parties cannot use consumer data for other purposes that benefit the third party, but that users do not want. The final rule also creates revocation and deletion rights. When an individual revokes access, the rule requires that data access end immediately, and deletion would be the default practice. Access can also be manifested for no more than one year, absent express reauthorisation, while the process to revoke access must be simple and straightforward in order to prevent dark patterns from emerging.
Compliance with the rule will be implemented in phases, with larger providers subject to the role sooner than other smaller ones. At the same time, financial firms will be required to comply based on their size, with the largest institutions having to comply by the 1st of April 2026, while the smallest covered institutions will have until the 1st of April 2030. In addition, certain small banks and credit unions are not subject to this rule.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now