North America News

by rebecca rebecca No Comments

FDATA North America Submits Comments on Canadian Competition Act Review

March 28, 2023, Washington, DC – FDATA North America today submitted a letter in response to the Canadian government’s review of the Competition Act. As a trade association representing dozens of some of the most innovative financial technology companies working alongside Canadian consumers and small- and medium-sized enterprises, we support the development of a more competitive marketplace in which consumers and SMEs may choose the provider, tool or service that best fits their unique need. We also used this review submission as another opportunity to urge the Government of Canada to make concrete progress on the development of its open banking regime, particularly since the deadline set forth in the 2021 Advisory Committee Report on Open Banking has now passed.

The letter stressed the important need to update and right-size the Competition Act to reflect today’s current business environment to maintain competition in the market for data-driven financial services, noting that these updates must address situations where certain market participants either individually or collectively override a decision by a consumer or SME to direct a potential competitor to electronically access their financial information. Our letter particularly described how restrictions on customer-directed data sharing that directly inhibit competition must be scrutinized under well-established competition laws as the Department of Finance works to implement an open banking regime for Canada, any stressed that any new legislation or regulations regarding competition in the financial services marketplace should be aligned with the Department’s work on this file.

The letter also identified several provisions of the Competition Act that apply to financial institutions could be more actively used to prevent financial institutions from blocking consumer-permissioned data access to third party financial providers of their choosing, and shared details on how the United Kingdom and Australia developed their open banking regimes to maximize competition and consumer benefit.

by rebecca rebecca No Comments

FDATA North America Responds to Canadian Draft RPAA Regulations

March 27, 2023, Washington, DC – FDATA North America today submitted its response to draft regulations from the Bank of Canada and Department of Finance that would implement the Retail Payment Activities Act (RPAA). The letter noted that adoption of these proposed regulations would see as many as 2,500 payment service providers (“PSPs”) overseen under a strong regulatory framework and would, once finalized and implemented, meaningfully advance the modernization of Canada’s financial services marketplace. It also respectfully suggested that the implementation of these regulations should facilitate an expedited inclusion into the scope of Canada’s open banking framework of payment use cases.

The letter strongly supports the objectives of the draft regulations and the underlying Act, but noted the absence of the critical component of end-user education. FDATA therefore suggested that the Bank of Canada and/or the Department of Finance develop an end user education plan to be deployed in concert with the implementation of the draft regulations, and that government work with market stakeholders, including PSPs, in an effort to provide consumers and SMEs with consistent information about the benefits and protections afforded to them under the draft regulations.

FDATA also expressed appreciation for inclusion of a clear timeline within which applications submitted by PSPs would be required to be reviewed by the Bank of Canada and the Department Finance. Since many FDATA members have experienced regulatory delays in application processing in other jurisdictions’ payment modernization and/or open banking frameworks, FDATA welcomes the certainty provided by the regulatory-imposed timelines for consideration of a PSP’s application.

by rebecca rebecca No Comments

FDATA North America Releases Data Privacy Principles

March 6, 2023, Washington, DC – FDATA North America and its 30+ member companies today released a set of principles to govern the usage, disclosures, liability, oversight, and technology involved in open finance ecosystems. Upon release of these new principles, FDATA North America Executive Director Steve Boms said:

“As policymakers in both Canada and the United States contemplate open finance and federal data privacy frameworks, FDATA North America’s members are pleased to have collaborated on a set of privacy principles that we hope will inform their work. Today’s release is a detailed and comprehensive set of principles which we intend to serve as critical guideposts for legislators and regulators in the U.S. and Canada as they undertake the important work of creating modernized, customer-centric financial services regulatory environments.” 

The first section of this document includes definitions of data types, and requirements for minimization, secondary usage, and silent parties. The second section covers consumers disclosures, what elements they should include, their length, and options for consumer revocation. The third section discusses assessments of data breach liability, notification requirements, and consumer redress. The fourth section covers regulatory oversight, and suggests which regulators in the U.S. and Canada should be granted supervisory authority over data privacy to ensure that consumers, data providers, and third-parties are protected and acting responsibly. The final section covers the technology involved in user authentication and authorization, and how they can be changed and revoked by consumers.

A high-level summary of these principles is available here. The full set of these principles is available here and can be shared with attribution.

by rebecca rebecca No Comments

FDATA North America Submits Comment Letter in Response to CFPB Section 1033 SBREFA Outline of Proposals for Consideration

FDATA North America Submits Comment Letter in Response to CFPB Section 1033 SBREFA Outline of Proposals for Consideration

Contact: Justin Santopietro; [email protected]

January 25, 2023, Washington, DC – The Financial Data and Technology Association (FDATA) of North America submitted a comment letter to the Consumer Financial Protection Bureau (CFPB) in response to its Outline of Proposals for Consideration for the Small Business Regulatory Enforcement Fairness Act (SBREFA) implementing Section 1033 of the Dodd-Frank Act. Upon filing the comment letter, Executive Director Steve Boms said:

As an organization representing more than 30 financial technology and data aggregation companies, FDATA North America has long advocated for the CFPB to issue a rule implementing Section 1033 of the Dodd-Frank Act using the best information available from the broadest number of market stakeholders possible. We commend the CFPB for outlining a strong series of proposals that, when implemented, will create a more competitive, more accessible, and more inclusive financial services marketplace. As it prepares to issue a proposed rule implementing Section 1033, we encourage the CFPB to broaden the scope of covered accounts and covered recipients under the rule to maximize its impact, among other important improvements we suggest the Bureau to consider. We look forward to continuing our positive engagement with the CFPB as this rulemaking process continues.”

While FDATA’s comment letter expressed support for all the proposals in the SBREFA outline, it also urged the CFPB to expand the scope of this rulemaking by:

  • Covering a broader swath of both covered parties, including small businesses and investors, and account types, including providers of government benefit accounts used to distribute needs-based benefits programs, utility, nonfinancial, and payroll accounts, and accounts held by financial institutions not covered by Regulation E or Regulation Z;
  • Guarding against potential commercial incentives by data providers to restrict data access for particular use cases by ensuring that customer authorization may not be overridden except in very limited circumstances;
  • Requiring as many financial institutions as practicable to build and implement credential-less data access methods, while allowing sufficient time for smaller financial institutions to do so;
  • Permitting credential-based or PII and account number-enabled data access to persist as fallback options in instances in which data is not accessible through other means;
  • Clearly distinguishing between customer data and de-identified data with regard to secondary use cases;
  • Calibrating the timeline for implementation for credential-less data access based on financial institution size, and
  • Establishing a new regime for direct CFPB supervision of data aggregation platforms.

Over the past several years, FDATA has repeatedly urged the CFPB to advance a Section 1033 rulemaking, including in its response to the CFPB’s October 2020 Section 1033 Advanced Notice of Proposed Rulemaking (ANPR) and last years’ CFPB Request for Information (RFI) on so-called “Junk Fees.” FDATA North America has also advocated for a Section 1033 rulemaking through comment letters to other federal agencies, including its response to the Office of the Comptroller of the Currency’s, Federal Deposit Insurance Corporation’s and Federal Reserve’s Proposed Interagency Guidance on Third-Party Risk Management, and to the National Institute of Standards and Technology in response to its draft report on Cybersecurity Considerations for Open banking Technology and Emerging Standards.

by rebecca rebecca No Comments

FDATA North America Applauds CFPB’s Release of Small Business Panel Proposals for Section 1033 Rulemaking

October 27, 2022 Washington, DC- Following today’s Consumer Financial Protection Bureau publication of proposals for the upcoming Small Business Regulatory Enforcement Fairness Act (SBREFA) panel for the Dodd-Frank Section 1033 rulemaking, FDATA North America Executive Director Steve Boms released the following statement:

“FDATA applauds the CFPB for this timely release of its SBREFA outline. This outline marks the first concrete step towards the implementation of an open finance system in the United States and affirms that consumers should have complete control over their financial data. If implemented, the framework envisioned within the outline will strongly align with the goals that FDATA North America has long supported: a national, technology-neutral financial data portability standard that will allow consumers to select in a more competitive ecosystem from the financial services providers that can best improve their financial wellbeing. We applaud the CFPB staff and Director Chopra for their diligent work and look forward to working with the CFPB to promote an expansive, customer-centric proposed rule to implement Section 1033 of the Dodd-Frank Act.”

by rebecca rebecca No Comments

FDATA North America Highlights Importance of API Standards and Monitoring

September 29, 2022, Washington, DC -As both Canada and the United States continue to move towards open banking via APIs, it is essential that minimum API standards be set to ensure that consumers and SMEs have uninterrupted access to their financial data.

To this end, FDATA has developed four principles that will be critical to the design of a well-implemented API environment in North America. These principles cover data scope, reliability standards, fallback options, and the necessity of establishing a neutral monitoring agency. These principles can be found here, and below:

  • Any non-proprietary data available to an end user through a data provider’s online customer portal or paper statement must also be required to be made available in any API a data provider implements in an open banking environment. At present, data providers unilaterally determine which data elements their customers can and cannot share with third parties. In a true open banking environment, the customer – not their financial services provider – is empowered to make this decision. Within the PSD2 framework in Europe, this has led to services being withdrawn as API functionality did not keep pace with pre-existing technologies.
  • Any APIs built by data providers to facilitate data sharing in an open banking environment must, at a minimum, be as reliable as that data provider’s customer-facing online portal. Regulatory agencies in both Canada and the United States have understandably set prescriptive requirements regarding the uptime of online customer-facing portals at financial institutions to ensure that consumers and SMEs have continual access to their data. This same standard must apply in any open banking environment.
  • To the extent data requested by a customer is not available through an API connection, a fallback option must be permitted to be used to access the requested data. The legal customer data right upon which an open banking environment is built cannot be ignored if a data element requested by a customer is not available through a data provider’s API or if that API is down or unresponsive. Screen scraping must be maintained as a fallback option that may be used to access any data not included in or available from a data provider’s API.
  • A neutral entity must be responsible for regularly monitoring the robustness, reliability, and usability of data providers’ APIs in an open banking environment. A neutral entity should be tasked with the responsibility for regularly measuring and reporting, among other metrics: the uptime of all open banking providers’ APIs; whether all of the data available to the end user on the data provider’s online customer portal and/or paper statement is available through the API; the responsiveness of the API; whether the API is constructed in such a manner that it introduces unnecessary friction in the customer’s data connectivity journey. These measurements should be the basis upon which a fallback option is permitted. Ideally, these metrics would be made publicly available to facilitate the ability of end users to identify the effectiveness of their financial provider’s data sharing capabilities. Such an entity should come from outside of the sector itself in order to not be perceived as having their own fiduciary interest in the metrics delivered.

Issues related to API robustness, reliability, and user experience have stunted the growth of open banking use cases in multiple markets across the globe that have moved more quickly than North America toward implementing legally binding customer financial data rights. It has been evident from experiences in Europe, the United Kingdom and Australia that well-defined standards without equally well-defined systems to measure them in a way that all parties can agree to leads to increased friction and a technical overhead placed on the regulator which they may not be well-positioned to adjudicate. Ensuring at the outset minimum API requirements for any open banking data providers, as well as a neutral monitoring entity to measure the quality and reliability of those APIs, will prevent Canada and the United States from experiencing similar issues as we begin our own North American open banking journey.


 

by rebecca rebecca No Comments

FDATA North America Submits Comments to Canada’s Standing Committee on Finance Pre-2023 Budget Consultations

September 26, 2022, Washington, DC – Today, the Financial Data and Technology Association (FDATA) of North America submitted comments to Canada’s Standing Committee on Finance (FINA) as part of its pre-budget consultations in advance of the 2023 budget.

In its comments, FDATA North America called on the government to:

  • Include language in Budget 2023 asserting the importance of governance in an open banking framework, and that any open banking governance entity must be neutral, transparent, and nimble;
  • Allocate sufficient and sustained funding in Budget 2023 towards the implementation of an open banking framework and governance entity; and
  • Include language in Budget 2023 outlining its approach to Open Finance, the next logical step after Open Banking, and the framework needed to truly unlock market innovation and competition to benefit Canadian consumers and businesses. This includes an amendment to the Canadian Payments Act to grant federally regulated payment service providers access to Payment Canada’s forthcoming real-time retail payment system and make them eligible for membership in Payments Canada.

In the submission, FDATA NA also asserted that any open banking governance entity in Canada must be neutral (i.e. not controlled by any particular stakeholder(s) with commercial interests in the ecosystem), transparent (i.e. it invites and considers stakeholder input and subjects its decisions to an open, publicly visible process), and nimble (i.e. capable of making binding decisions relatively quickly and without undue bureaucracy), with all stakeholders in the open banking system agreeing to comply with the decisions and determinations made by the open banking governance entity as a condition of being active in the market.

A full copy of the submission is available below:

Image result for paperclip iconFDATA North America 2023 Pre-Budget Consultations


by rebecca rebecca No Comments

FDATA North America Responds to Banking Trade Associations’ Petition Urging CFPB Supervision of Data Recipients

Contact: Kerrie Rushton, (202) 365-6338, [email protected] 

August 2, 2022, Washington, DC -In response to the recent petition from several banking trade associations urging the Consumer Financial Protection Bureau to supervise both data aggregators and data recipients, FDATA is releasing the following statement:

“FDATA and its members have long advocated for the CFPB to supervise data aggregators as part of its 1033 rulemaking. The joint trades petition, however, calls for the Bureau to supervise aggregators and data recipients. This would require the Bureau to supervise thousands of additional entities — including scores of community banks and credit unions that are today acting as data recipients but are currently exempt from CFPB supervision.

FDATA continues to believe that the most appropriate path for the Bureau to oversee the consumer-permissioned data spec is to supervise aggregators and to promulgate third-party guidance laying out the CFPB’s expectations for the aggregators’ clients: the data recipients.”


by rebecca rebecca No Comments

FDATA North America Submits Comments to Canada’s OSFI on Draft Guideline B-10: Third Party Risk Management

Contact: Kerrie Rushton, (202) 365-6338, [email protected] 

June 29, 2022, Washington, DC -The Financial Data and Technology Association of North America today submitted comments in response to Canada’s Office of the Superintendent of Financial Institutions’ (OSFI) public consultation on Draft Guideline B-10: Third Party Risk Management.

The comment letter focused on the interplay between this draft consultation and the concurrent development of Canada’s open banking framework, particularly the importance of clearly distinguishing third-party providers from open banking providers that will be accredited under the new OB system. 

The letter also stressed that since it is OSFI’s mandate to keep FRFIs and, by extension, Canada’s financial system, safe, sound, and secure, it is critical to distinguish third-party providers who directly work with Federally Regulated Financial Institutions (FRFIs), from providers serving consumers whose only relationship with a FRFI is accessing data about that consumer to provide the customer with the benefit of their product or service. For example, an FRFI may have a relationship with the data aggregator who is performing the function of data portability on behalf of that customer, but it most likely does not have a relationship with that budgeting application, and therefore could not reasonably oversee or be responsible for its operations. 

The letter also expressed appreciation for OSFI’s clarification provided by a footnote at the end of the consultation, which recognizes that this draft guideline is not intended to impede the establishment of open banking, but stressed that this footnote alone does not satisfactorily address the need to ensure coordination of accreditation for open banking providers. We therefore suggested to OSFI that the most appropriate amendment to address this critically important issue would be to make unambiguously clear that accredited open banking providers under Canada’s open banking system are exempt from OSFI’s third-party risk management framework.

We also urged OSFI to create a specific carveout from B-10 for all accredited open banking providers under Canada’s open banking framework as part of this consultation, and before the new open banking system is implemented. 

A copy of the letter is available here: FDATA NA Submission to OSFI on Draft Guidance B.10


ABOUT FDATA NORTH AMERICA
FDATA North America was founded in early 2018. Its members collectively provide tens of millions of consumers in Canada, the United States and Mexico with aggregation-based tools to better manage their finances.

Members include air (Alliance for Innovative Regulation), APImetrics, Basis Theory, Betterment, BillGO, Codat, Direct ID, Envestnet Yodlee, EQ Bank, Experian, finansystech, Fiserv, Flinks, Hank Payments, Interac, Intuit, Inverite, Kabbage, Mogo, Morningstsar, M Science, MX, Petal, Plaid, Questrade, RocketMortgage, SaltEdge, Trustly, ValidiFI, Vaultree, VoPay, Wealthica, Xero, and others.

by rebecca rebecca No Comments

FDATA North America Responds to CFPB Request for Information (RFI) on ‘Junk Fees’

Contact: Kerrie Rushton, (202) 365-6338, [email protected] 

April 8, 2022, Washington, DC – The Financial Data and Technology Association (FDATA) of North America submitted a comment letter today to the Consumer Financial Protection Bureau (CFPB) in response to its Request for Information (“RFI”) regarding fees assessed by financial services companies. FDATA used this opportunity to once again urge the CFPB to finalize a regulation under Section 1033 of the Dodd-Frank Act, an action which would create a long-overdue consumer data right in the United States. 

The letter states that FDATA believes the most practical remedy to reducing predatory fees in the financial ecosystem is to implement an open finance regime in the United States, stressing that “the center of such a framework must be an unambiguous and legally binding customer financial data right, which would ensure that consumers and small businesses could easily shop for financial services and products among scores of potential providers in an open, transparent marketplace.”

The lack of a customer financial data right in the United States reduces competition in data-driven financial services, artificially stifles consumer choice and creates an environment in which fees charged to end users may stay stagnant – or even increase – over time. To tackle these thorny challenges, FDATA North America once again encouraged the CFPB to utilize the authority vested in it under Section 1033 of the Dodd-Frank Act to promulgate, by rule, a customer financial data right that will “spur greater financial services innovation and competition, lower fees, and improve financial access and inclusion.” 

To further demonstrate how a consumer data right could help address the issues raised in the RFI, the letter makes note of CFPB Director Rohit Chopra’s remarks during a press call regarding overdraft fees in December of last year, where he astutely noted that “If America can shift to an open banking infrastructure, it will be harder for banks to trap customers into an account for the purpose of fee harvesting.” 

The letter also shared information on the successful implementation of open finance regimes in other countries which demonstrate the wide-ranging economic and consumer benefits that can be delivered by a final 1033 rule. A copy of the letter is here: FDATA CFPB Junk Fee RFI Letter April 2022


ABOUT FDATA NORTH AMERICA
FDATA was heavily involved in the UK Open Banking Working Group in 2015. In 2016, the working group’s output was published by Her Majesty’s Treasury as the Open Banking Standard. FDATA North America was founded in early 2018. Its members collectively provide tens of millions of consumers in Canada, the United States and Mexico with aggregation-based tools to better manage their finances.

Members include air (Alliance for Innovative Regulation), APImetrics, Basis Theory, Betterment, BillGO, Codat, Direct ID, Envestnet Yodlee, EQ Bank, Experian, finansystech, Fiserv, Flinks, Hank Payments, Interac, Intuit, Inverite, Kabbage, Mogo, Morningstsar, M Science, MX, Petal, Plaid, Questrade, RocketMortgage, SaltEdge, Trustly, ValidiFI, Vaultree, VoPay, Wealthica, Xero, and others.

Top