CFPB finalizes personal financial data rights rule

(eff.org)

104 points | by hn_acker 4 hours ago ago

33 comments

  • toomuchtodo 3 hours ago
  • arunabha 3 hours ago

    And right on cue, wall street fights back! Expected, but still rankles as bit.

    'JPMorgan CEO Jamie Dimon says 'it's time to fight back' on regulation' from https://www.reuters.com/business/finance/jpmorgan-ceo-says-i...

    The comment from Dimon is the cherry on top.

    'Dimon said he was not against open banking but noted that it could compromise consumer data and lead to fraudulent money transfers and he was set to fight it.'

    His bank is happy to accept fraudulent checks and ACH transfers all day long, but his primary opposition to open banking rules is his overwhelming concern for his customers. Riiiight.

    • toomuchtodo 2 hours ago

      "It is difficult to get a man to understand something, when his salary depends on his not understanding it."

      You have an entire commercial banking industry that has been dependent on being able to capture inexpensive deposits from unsophisticated financial services consumers (they make the spread between the ~0% they offer on demand deposits and what they can lend at), as well as charging exorbitant fees to move value around, and that is all coming to an end with open banking and FedNow instant payments. Sad folks gonna sad. You're a utility, sorry to say.

      (obligatory credit union plug here)

    • jfengel 2 hours ago

      Yeah, it was nice having a Consumer Financial Protection Bureau. It's on the chopping block under Project 2025:

      "the next conservative President should order the immediate dissolution of the agency—pull down its prior rules, regulations and guidance"

      So don't get too used to your new financial data rights. We'll know Tuesday if you'll ever get a chance to apply them.

      • sailfast 2 hours ago

        The notion that a president can do this unilaterally without Congress is very strange. While I understand the laws and norms around executive authority are often pushed against, you cannot legally defund an entire agency by executive order. (Or create one for that matter - I'm looking at you "Government Efficiency Administration" or whatever the heck they keep talking about.

        "Down with bureaucracy!" "Isn't that bureaucracy? A whole organization that focuses on waste?" "Yeah, but it's MINE. I only want down with YOUR bureaucracy."

        • jkaplowitz an hour ago

          It’s true that an executive order cannot legally defund the CFPB, but since SCOTUS gave the President the right to remove the CFPB Director without cause, the President absolutely can cripple the agency by that type of executive action rather than by defunding it.

          • mikeyouse 34 minutes ago

            Even his chosen appointee was a big fan of $1 fines to companies who defrauded customers. One of great 'victories' of the small government types who've been in power is rendering many of the agencies they were responsible for to be completely ineffective. Why fight to protect the CFPB if they're a tool of the companies they're supposed to police? It's extremely important to keep these agencies independent and aggressive in seeking justice/recompensation.

  • teeray 3 hours ago

    So does this mean we can finally have APIs for personal financial software without resorting to the ickiness of putting credentials in Plaid?

    • ryandrake 3 hours ago

      Giving a third party your banking credentials is not just icky, it probably violates your online banking terms of service, and is obviously terrible for security. This practice really needs to die yesterday.

      • hollerith 3 hours ago

        Of course it violates the terms of service written by your bank.

        Your bank would make it illegal to even talk about your banking transactions with anyone other than your bank if they could.

      • Aspos 2 hours ago

        The fact that plaid was allowed to exist and grow into a monster tells a lot about incompetence/impotence of the regulators.

      • sq_ 2 hours ago

        I’ve been happy to see more and more of the banking-related services that I use stop requiring that and give each other actual API access.

        I absolutely refuse to hand over my credentials and cannot wait for the practice to die.

      • eternityforest an hour ago

        What would actually happen if Plaid or the like was hacked? Would people lose money or would they be able to reverse it all?

  • skybrian 2 hours ago

    Dismissing fraud as a problem makes it sound like there’s no tradeoff here. I think we all know that in real life, fraud actually is a pretty big problem? Though they’re self-interested, I expect that banks know it too.

    It doesn’t mean you shouldn’t be able to export your data, but this is a sensitive operation that maybe shouldn’t be too easy. People are definitely going to be tricked. The individualistic, libertarian assumption (that customers are responsible adults who know what they’re doing) is known to be false by anyone who has worked in a customer support role.

    • throwaway48476 an hour ago

      Fraud is only a problem for international transactions. The rest can be handled by lawyers.

  • 0cf8612b2e1e 2 hours ago

    I hate that I am so pessimistic, but I will hold my breath until the Supreme Court says why nobody has the authority to tell banks what to do.

    • Molitor5901 2 hours ago

      Unfortunately it will still come down to the bank wanting to do business with you. I believe at the end of the day, if you don't agree to what the bank wants of you, and from you, they will debank you. There is no right, or even a law, that the bank has to give you an account.

      This is a good decision by the CFPB but it's a drop in the bucket.

    • jerf 2 hours ago

      The Supreme Court did not say that no Federal agency can do anything, ever.

      You can tell by the way the Federal agencies are still, you know, there. Doing things.

  • renewiltord 2 hours ago

    This seems impossible without Chevron Deference. I doubt one can exercise one’s rights under this.

  • hggigg 3 hours ago

    Having seen how this shit works behind the scenes I’d rather do it manually.

    • buffington 30 minutes ago

      I'd love to hear what you saw that motivated this. Care to share?

  • AshamedCaptain 2 hours ago

    ah, you mean there are still more than two banks customer can choose from? and for how long?

    • stronglikedan 2 hours ago

      Unless you have a very narrow use case, there has always been a plethora of banks to choose from.

      • koolba 2 hours ago

        There's four banks with over $1T in assets, eight with over $500B, nineteen with over $200B, and 29 with over $100B: https://www.federalreserve.gov/releases/lbr/current/

        I'd argue there's exactly four banks to choose from if you plan on holding more than the FDIC limits at any one bank as I'm not as confident the rest would have an implicit "too-big-to-fail" guarantee.

        • naniwaduni 24 minutes ago

          - If you demand more than an FDIC limit of liquidity in cash, you're not really in the same market for banking services as most natural persons. If the off-the-shelf banking products don't do it for you, you should probably be shopping around and negotiating.

          - Private insurance is stil a thing. Banks are like some of the most underwriter-legible institutions known to man.

          - Four is a bigger number than two anyway.

        • barryrandall an hour ago

          Most of those banks' customers would be better off at one of the thousands of credit unions in the US.

      • bob1029 2 hours ago

        Banking with a more local institution can make all of the difference in the experience. It would probably blow your mind if you've never done it. Maybe try a mid-size bank that operates in a few states if you are concerned with going too small.

        If you are banking with Wells Fargo or BoA, you are getting exactly what you signed up for. A customer base so large that they have no choice but to treat you like a row in a database (i.e., a piece of shit).

  • ilaksh 2 hours ago

    If you don't like what banks do, then learn about the technologies that can replace them today.

    • barumrho 2 hours ago

      Do you mean bitcoin/crypto or did you have something else in mind?

      • ilaksh 2 hours ago

        I think most people don't really know what those things are, or what the fundamental concepts are, so I recommend people research decentralized technologies that are related to money from scratch.