Allowing third-party access to consumer financial data leads to concerns about liability and unauthorized access, CUNA told the Consumer Financial Protection Bureau (CFPB) Wednesday in response to a request for information. The bureau requested input on consumer access to financial records and account-related data in electronic form, in order to potentially help develop best practices and address potential harms.
According to CFPB, greater access to consumer data by data-aggregation companies benefits consumers because it allows companies to innovate as they develop tools and services for consumers, such as personal financial management tools, credit decisioning, bill payment and fraud protection.
CUNA agrees that some data-aggregation tools and services can be useful, but there are also serious risks.
“It appears the CFPB’s focus is more on the potential benefits than the (certain) risks,” CUNA’s letter reads. “We urge the CFPB to spend as much, if not more, time understanding the risks, particularly since many of the risks could directly harm consumers, such as privacy and security issues that could expose consumers to identity theft and fraud.”
Of particular concern to credit unions, CUNA notes, is the potential liability associated with unauthorized transactions or data breaches resulting from a third party’s use of a consumer’s financial data.
“While credit unions are subject to numerous requirements regarding the treatment and safeguarding of their members’ nonpublic financial information, many third-parties are not subject to similar requirements,” CUNA’s letter reads. “This is particularly of concern in light of the CFPB’s current focus on potentially expanding third-party access to consumers’ financial information.”
also concerned that CFPB may be pursuing a rulemaking that would directly require credit unions and other financial account providers to provide third parties with direct access to a consumer’s financial data.