CFPB Finalizes New Rule Expanding Consumer Financial Data Privacy Rights – NMP Skip to main content

CFPB Finalizes New Rule Expanding Consumer Financial Data Privacy Rights

Oct 22, 2024
CFPB Logo
Associate Editor

Financial institutions must deliver a consumer's financial data to another provider for free, upon the consumer's request

The Consumer Financial Protection Bureau (CFPB) finalized a rule today that's expected to expand consumers rights, privacy, and security over their personal financial data. The rule requires financial institutions, credit card issuers, and other providers to unlock an individual’s personal financial data and transfer it to another provider at the consumer’s request for free. 

The personal financial data that consumers will be able to access, or authorize a third party to access, is transaction information, account balance information, information needed to initiate payments, upcoming bill information, and basic account verification information. Financial providers must make this information available without charging fees. 

Financial firms will be required to comply based on their size; the largest institutions will have to comply by April 1, 2026, while the smallest covered institutions will have until April 1, 2030. Certain small banks and credit unions are not subject to this rule, the press release stated.

The CFPB believes this rule allows consumers to more easily switch to providers with superior rates and services. By strengthening competition and consumer choice, the rule should help lower prices on loans and improve customer service across payments, credit, and banking markets.

“Too many Americans are stuck in financial products with lousy rates and service,” said CFPB Director Rohit Chopra. “Today’s action will give people more power to get better rates and service on bank accounts, credit cards, and more.”

The CFPB has been waiting to activate Section 1033 of the Consumer Financial Protection Act, since it was enacted by Congress in 2010. More rules are expected to follow, addressing more products, services, and use cases. Overall, the rules are intended to boost competition by giving people more freedom to switch banks or providers and shop around for the best deal.

Banning The Old Bait-N-Switch

Typically, third parties can only collect, use, or retain data to deliver the product the consumer requested. However, they cannot “secretly collect, use, or retain consumers’ data for their own unrelated business reasons,” the CFPB release stated. “The rule does not prohibit any particular uses of data, but it requires that all use be driven by what is necessary to deliver the product sought by the consumer.”

For example, if a financial institution were to use the consumer data as a lead generator to offer the consumer a mortgage, which is not the product they are looking for, that would be deemed a bait and switch tactic. 

Deletion Rights

The final rule also creates revocation and deletion rights. If a person revokes access, the rule requires that data access end immediately, and deletion would be the default practice. Access can be maintained for no more than one year, absent express reauthorization. “To prevent ‘dark patterns’ from emerging, the process to revoke access must be simple and straightforward,” the release went on to say. 
 

About the author
Associate Editor
Katie Jensen is a mortgage news reporter at NMP.
Published
Oct 22, 2024
VantageScore Says 4.0 Model Could Unlock $1 Trillion In Mortgage Originations

New study says VantageScore 4.0 scores five million more creditworthy borrowers than FICO Score 10T, expanding lending opportunities as the industry prepares for the GSE credit score transition

MISMO Updates Mortgage Insurance Standards To Support FICO 10T, VantageScore 4.0

New implementation guide standardizes mortgage insurance data exchange, helping lenders, insurers and technology providers prepare systems for newer credit scoring models

Congress Weighs New Roadmap To End Fannie, Freddie Conservatorship

Rep. Scott Fitzgerald's three-bill housing package would establish a statutory framework for releasing the GSEs while expanding construction lending and easing some TRID compliance requirements

CHLA Backs Bank Capital Proposal, Questions Impact On Mortgage Lending

Trade group supports lower mortgage risk weights but says broader market forces — not capital rules — drove banks' retreat from the market

Senate Passes 21st Century ROAD To Housing Act In 85-5 Vote

Sweeping housing package heads back to House after Senate clears final version with broad bipartisan support

MISMO Updates Business Glossary To Support AI, eMortgages

New definitions covering eHELOCs, remote online notarization, valuation modernization, and compliance initiatives aim to improve consistency