Banking Industry Wants More Time for CFPB Open Banking Rules

The banking sector needs more time to adapt to new regulations regarding consumer financial data.

The open banking regulation in question is Consumer Financial Protection Bureau (CFPB) “Proposed Required Financial Personal Information Rights Regulations” to implement Section 1033 of the Consumer Financial Services Protection Act, adopted in 2010.

CFPB Director Rohit Chopra said the proposed rules would “give consumers the ability to walk away from bad service and select financial institutions that offer the best products and prices.”

However, it will take time to implement the rule, industry groups said in a statement. letter was sent to the CFPB late Tuesday evening (July 16).

These groups – Banking Policy Institute, American Bankers Association, Association of Consumer Bankers AND Clearing House Association – argue that first-tier banks required to comply with the rules should be given at least two years to comply.

That would give them enough time, the letter said, to put new systems and processes in place and to gain recognition as a standards-setting organization by the CFPB.

“Banks have spent years developing systems to securely share data with 50 million customers, and modernizing those systems to comply with the new rule will take time,” the groups said.

“In the interest of protecting customer data and avoiding disruption, it is better to do it right than fast. Banks are committed to serving their customers and complying with the law, and we encourage the CFPB to recognize the complexity of the new requirements and establish pragmatic timelines that will allow for smooth implementation without disrupting access to consumer data.”

The challenges banks face include updating their public websites to meet public disclosure requirements, as well as generating and publishing performance metrics consistent with the CFPB’s new Open Banking definitions, the letter said.

Banks will also need to enable required data elements that are not currently shared, such as bill payment data and certain terms and conditions.

“At a high level 1033 — beyond data sharing for consumers and third parties — includes a mandate to standardize the formatting of that data,” PYMNTS recently wrote.

And in an interview here in May: Kim Funarivice president of regulatory compliance at i2c, told PYMNTS in May that the rule was a step toward “empowering consumers” in the U.S.

“All companies will be using the same formats and the same security rules,” Funari said. “This really levels the playing field for financial institutions and the industry as a whole.”