We have heard that banks, credit unions and others that house this information have operational concerns about when and how they are supposed to share the information with third-party providers. Does the sharing of financial records impose burdens on staff time or other resources? Are there legitimate concerns that the number and frequency of these requests could overwhelm the servers at financial institutions?
This line of inquiry by the CFPB comes amid many bankers’ concern about a commonly used process called “screen scraping” in which consumers provide their online banking credentials to a third-party app or tool – which can introduce significant fraud, security and compliance risks.
Cordray acknowledged these concerns. He said:
Financial institutions that share information likewise should be confident that they will not be exposed to unauthorized or fraudulent transactions resulting from efforts made to access customer information. It would be problematic for everyone involved if granting access to third parties were to compromise consumer privacy or put consumers’ funds and account relationships at risk.
Testifying during the field hearing, ABA VP Rob Morgan emphasized that banks are actively developing ways to facilitate safe and secure data access. Morgan said:
Let me be clear, banks fully support and are working to ensure that their customers have the ability to safely share and control their data. This is not as easy as flipping a switch, as some have suggested. There is a lot of coordination that needs to go on between our nation’s 6,000 banks, their technology providers, data aggregators and their customers.In order to promote innovative approaches, he recommended that the bureau avoid new regulations.
We believe we must get to a place where consumers are able to access and share their financial records with trusted third parties, without undue restrictions. We are confident that financial institutions and other companies can develop technological solutions to maintain and transfer these records safely and securely.
Read Cordray’s speech.