February 7, 2022, Washington, DC – Today, the Financial Data and Technology Association (FDATA) of North America submitted comments to the Office of the Superintendent of Financial Institutions (OSFI) as part of its public consultation on Draft Guidance B-13: Technology and Cyber Risk Management.
Throughout the response, FDATA North America discussed the interplay between B-13 and the development of open banking in Canada, particularly that the harmonization of efforts between the Department of Finance’s open banking work and OSFI’s approach to third-party cybersecurity risk will be essential. FDATA North America’s Executive Director Steve Boms noted that as OSFI develops its technology guidelines for third-party technology partners to banks, “we respectfully offer that significant consideration has already been undertaken on this issue by the Department of Finance, and stakeholders would benefit from some form of public documentation that clearly distinguishes OSFI’s authority and responsibilities with regards to third-party financial technology providers from those of the Department of Finance as it works to implement a Canadian open banking system.” Boms noted that publicly clarifying how these two projects will interact will provide clear direction to the marketplace about how third-party providers can continue to offer their valuable financial services and products in an innovative, competitive marketplace.
Additionally, FDATA North America touched on the importance of clarification from OSFI that providers with whom consumers engage directly, without any intervention from their federally regulated financial institution (FRFI), do not fall under the B-13 framework. Thus, the goal of the consultation should be to ensure that FRFIs third-party risk management requirements mirror their ability to oversee entities with whom they have direct relationships, and not to overburden FRFIs with system-wide oversight that instead “should fall to a collaborative regulatory effort including Finance Canada’s open banking accreditation regime.”
Boms concluded by noting that in order to facilitate enhanced market competition and customer choice, “it is imperative that OSFI with the Department of Finance to harmonize regulatory expectations of customer-selected financial providers as open banking takes hold in Canada.”
FDATA North America Submission to OSFI’s B-13 Consultation on Technology and Cyber Risk Management
ABOUT FDATA NORTH AMERICA
FDATA was heavily involved in the UK Open Banking Working Group in 2015. In 2016, the working group’s output was published by Her Majesty’s Treasury as the Open Banking Standard. FDATA North America was founded in early 2018. Its members collectively provide tens of millions of consumers in Canada, the United States, and Mexico with aggregation-based tools to better manage their finances.
Members include air (Alliance for Innovative Regulation), APImetrics, Basis Theory, Betterment, BillGo, Codat, Direct ID, Envestnet Yodlee, Equitable Bank, Experian, Finansystech, Fiserv, Flinks, Interac, Intuit, Inverite, Kabbage, Mogo, Morningstsar, M Science, MX, Petal, Plaid, Questrade, Rocket Mortgage, SaltEdge, Trustly, ValidiFI, Vaultree, VoPay, Wealthica, Xero, and others.