Cordray: Consumers Free to Authorize Third-Party Access to Data

Bank customers ought to be free to authorize third parties to access their bank account information without limit, Consumer Financial Protection Bureau Director Richard Cordray said today at a fintech conference in Las Vegas. The remarks came in the context of concerns by some financial institutions that third-party apps that store consumers’ bank login credentials could pose unnecessary risk of intrusions should the third party fail to safeguard the data.

“We recognize that such access can raise various issues, but we are gravely concerned by reports that some financial institutions are looking for ways to limit, or even shut off, access to financial data rather than exploring ways to make sure that such access, once granted, is safe and secure,” Cordray said. “We believe consumers should be able to access this information and give their permission for third-party companies to access this information as well.” Cordray said he believed the Dodd-Frank Act’s text backs up his position and that he “look[s]forward to productive engagement with all stakeholders on this topic.”

The CFPB also released its first report on its “Project Catalyst” effort to facilitate “consumer-friendly innovation” through trial disclosure waivers, no-action letters and other methods. The report outlined several areas of consumer finance in which companies have approached the bureau in some way. He added that the products seen through Project Catalyst “depend on consumers permitting companies to access their financial data from financial providers,” explaining Cordray’s focus on the topic in his speech.