Your financial data belongs to you, not your bank

Today, we filed an official comment letter with the Consumer Financial Protection Bureau (CFPB) in defense of the American consumer’s right to access and control their own financial data. You can read the full text of our filing here.

Every time you interact with the financial system you create electronic financial data. This happens when you deposit your paycheck, take out a loan, or swipe your card to buy a cup of coffee. Your electronic financial data paints a detailed picture of your financial life: from your job, to your savings, to the way you spend your money. It’s some of your most personal information, and, even though this information is often held by your bank, it belongs to you.

That means you should have the right to access your own financial information upon request. It also means you should have the ability to share this information with whomever you choose, and revoke that access whenever you’d like. Only you should decide when, where, and how your financial data is used. And when you’ve made a decision, your wishes should be honored.

Electronic financial data enables consumers and small businesses to use thousands of financial products and tools that can improve their financial lives — from P2P payment apps and budgeting tools to tax preparation software and investment advice. Through Petal, consumers with limited credit histories can share their electronic financial data to demonstrate their creditworthiness. Increasingly, having the ability to access and share your financial data is a necessity in managing your finances. And thanks to data aggregation companies like Plaid, the technical infrastructure now exists for consumers to share and revoke access to their data safely, seamlessly, and in real-time with a wide variety of financial services.

Congress predicted this when it passed the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank”) in 2010. Section 1033 of Dodd-Frank requires that banks make available to their customers, upon request, the data concerning “the consumer financial product or service that the consumer obtained from [the bank]…in an electronic format usable by consumers.”

Yet despite this now decade-old law, and the growing need for consumers to reliably access their financial data, today more than 40% of attempts by consumers to access and share their financial data via data aggregators fail. When this happens, consumers are often unable to use the financial product or tool they’ve chosen; when this happens at Petal, consumers are blocked from using their own financial records to help them qualify for credit.

This high failure rate is not caused by technological limitations. It results from financial institutions choosing not to make data available to their customers, despite their customers’ clear and explicit requests. This is bad for innovation and bad for competition. Most importantly, it’s bad for consumers.

That’s why, today, we’re calling on the CFPB to exercise the rulemaking authority granted to it under Dodd-Frank to guarantee consumers a broad legal right to access and share their own financial data, including through the modern technical infrastructure offered by companies like Plaid. We believe the CFPB should affirm and enforce this legal right, and protect consumers as they exercise it: with clear disclosures, consumer revocation rights, safeguards against data breaches, and an affirmative obligation on the part of banks and other data holders to honor consumers’ requests for their own data.

It’s time that the U.S. establish, once and for all, that consumers are the owners of their own financial data.