Resources to help you navigate the changing regulatory landscape


CFPB’s Open Banking Proposal is Problematic for Credit Unions

The California and Nevada Credit Union Leagues have submitted a comment letter to the Consumer Financial Protection Bureau (CFPB) on proposed rulemaking regarding personal financial data rights (open banking) — a rule that would be problematic for credit unions. The Leagues are encouraging the CFPB to delay and allow the opportunity for a more collaborative engagement with a broader range of stakeholders.

In October 2023, the CFPB proposed a rule to implement personal financial data rights under section 1033 of the Consumer Financial Protection Act of 2010 (CFPA). The proposal would require depository and non-depository entities to make available to consumers and authorized third parties certain data relating to consumers’ transactions and accounts; establish obligations for third parties accessing a consumer’s data, including important privacy protections for that data; provide basic standards for data access; and promote fair, open, and inclusive industry standards.

In its comment letter, Leagues President and CEO Diana Dykstra states that credit unions — as longstanding advocates for consumer financial protection and wellbeing — play a crucial role in collecting and managing the personal information of their member-owner consumers in order to tailor products and services to most effectively meet their financial needs.

“We support a consumer’s right to securely access and share their financial data in a transparent manner that affords them control,” Dykstra stated. “And while we support the proposal’s intent and the overall goals embodied in section 1033, we would like to express concerns regarding various aspects of the proposed rule.”

Specifically, the Leagues’ concerns revolve around:

  • The potential impact on the ability of credit unions, particularly smaller-sized credit unions, to successfully compete in the financial services marketplace.
  • Privacy and data security.
  • The exclusion of data providers being overly restrictive.
  • The prohibition of fees and the associated costs for compliance.
  • Implementation deadlines.
  • The absence of a clear assignment of liability among market participants.

The Leagues comment letter offers general comments (the credit union difference) and addresses specific comments pertaining to the proposed rule, excluded data providers, prohibition of fees, compliance dates, and liability for misuse or fraud.

While the Leagues support the CFPB’s stated desire to allow consumers the ability to have access to and control their own data, concerns about the practicality and implementation of the CFPB’s proposed rule of this magnitude are significant and require further examination and analysis before implementation. The Leagues are concerned that the overwhelming cost and implementation challenges will make it difficult, if not impossible, for many credit unions to effectively compete in the current financial services marketplace, potentially diverting resources and attention away from their primary mission — meeting the financial needs of their members.

“A more viable solution that is affordable to all data providers, including mission-focused credit unions, is essential,” Dykstra concluded. “This solution should not only align with the spirit of section 1033, but also promote an environment where all participants in the financial services market can thrive.”

Access the ‘Compliance Hotline’
Your League-member benefits include the Compliance Hotline — providing exclusive access to dedicated compliance experts:

Using the above phone number and email address, you can gain access to a knowledgeable team that’s ready to address all your credit union’s compliance inquiries — promptly and efficiently. With the Compliance Hotline, you can proactively respond to impromptu questions and issues by getting clarity and insight on technical topics that normally slow you down. We want to help you unlock the full potential of your League membership by leveraging the resources and support you need to navigate the complex world of compliance effortlessly. We’re ALWAYS just a phone call or email away!

Additionally, other League-member compliance resources include:

  • ViClarity
  • CU PolicyPro
  • ComplySight
  • InfoSight
  • CU Store
  • Record Retention Guide
  • GRC Technology Solutions

For more information, email Lisa Quaranta.

Powered by ViClarity, a California and Nevada Credit Union Leagues company.

Become an Industry Supporter

Get membership information

Please contact me about compliance

Contact me about Credit Union Solutions

Education & Professional Development