Go-To Guide:

  • Consumer Financial Protection Bureau (CFPB) Director Rohit Chopra delivered a keynote address at the Financial Data Exchange Global Summit and reiterated that the CFPB plans to finalize its proposed Personal Financial Data Rights Rule this fall.
  • In addition to finalizing the proposed rule, Director Chopra stated that the CFPB is actively laying the groundwork for recognizing standard-setting organizations and, before finalizing the proposed rule this fall, intends to codify the attributes that standard-setting organizations must demonstrate to be recognized under the proposed rule.

On March 13, at the Financial Data Exchange Global Summit, CFPB Director Rohit Chopra delivered a keynote address that focused on “the role of standard setters and standard-setting” as the CFPB pushes towards finalizing is its proposed Personal Financial Data Rights Rule (see October 2023 GT Alert). The proposed rule and discussion on standard-setting are all part of the CFPB’s goal to move the United States away from what Chopra described as the current “clunky system” to “open banking” where consumers are more seamlessly able to switch financial products and providers by having greater control over their data.

In his keynote, Chopra noted the importance of standard-setting in ensuring that an industry is open and interoperable and said that the CFPB is thinking through how best to set relevant industry standards in connection with the proposed rule that an organization must meet to be recognized by the CFPB, particularly data standards and sharing protocols. Chopra also warned of the dangers that “exist when more powerful players weaponize industry standards,” and noted that “[w]e have to be vigilant that standard-setting does not skew to benefit dominant firms and their prevailing market power.”

Notably, Director Chopra emphasized in his remarks that the CFPB is considering multiple attributes for standard-setting organizations seeking to be recognized by the CFPB and urged “all interested standard setters in this space to look hard at their practices and procedures to ensure your organization is not simply a puppet for a powerful player.”

Takeaways

As the CFPB prepares to finalize its proposed Personal Financial Data Rights Rule, Director Chopra’s remarks make clear that the CFPB continues to see increased competition in the consumer financial services industry as a key step in bettering the market for consumers, and codifying the attributes that an organization must meet to be recognized by the CFPB is another step toward this goal.

But like the proposed rule, these codified attributes would also create a new and potentially burdensome regulatory regime. Looking ahead, covered financial services providers and prospective standard-setting organizations should closely examine the proposed rule ahead of it being finalized this fall, consider whether it would create business opportunities or risks, and consider whether current technology and operations-directed investments would facilitate compliance with the proposed rule.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Timothy A. Butler Timothy A. Butler

Tim Butler helps companies thrive by developing tailored strategies to address their regulatory compliance challenges and vigorously defending them in government enforcement actions and bet-the-company lawsuits.

A former prosecuting attorney for the Federal Trade Commission (FTC) and former senior official in the Georgia

Tim Butler helps companies thrive by developing tailored strategies to address their regulatory compliance challenges and vigorously defending them in government enforcement actions and bet-the-company lawsuits.

A former prosecuting attorney for the Federal Trade Commission (FTC) and former senior official in the Georgia Attorney General’s Office, Tim has led the defense of dozens of government investigations and enforcement actions brought by the FTC, the Consumer Financial Protection Bureau (CFPB), and the various state attorneys general. Tim also regularly defends clients in bet-the-company lawsuits, including complex business disputes and consumer class actions alleging privacy, false advertising, and unfair or deceptive business practice claims.

Tim is an experienced guide for companies struggling with regulatory complexity. He offers clear advice that helps his clients meet the demands of the ever-growing set of laws and regulations governing data privacy and cybersecurity, advertising and marketing practices, and consumer financial products and services. Clients rely on Tim’s business-minded and practical strategies to address their most difficult regulatory compliance challenges.

A graduate of the University of Chicago and Stanford Law School, Tim is a prolific author and regularly speaks to industry and trade groups about the evolving privacy landscape, about cutting-edge issues affecting payments and fintech companies, and about developments at the FTC, the CFPB, and within the state attorneys general community.

Photo of Matthew White Matthew White

Matt White guides clients through regulatory compliance challenges and represents clients in regulatory and civil investigations and litigation.

Matt has counseled fintech and payment companies on regulatory compliance matters, including those involving the Electronic Fund Transfer Act, the Fair Credit Reporting Act, the…

Matt White guides clients through regulatory compliance challenges and represents clients in regulatory and civil investigations and litigation.

Matt has counseled fintech and payment companies on regulatory compliance matters, including those involving the Electronic Fund Transfer Act, the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, the Truth in Lending Act, and their respective implementing regulations (Regulations E, V, P, and Z). Adept with the Consumer Financial Protection Bureau’s (CFPB) Prepaid Rule, Matt has provided guidance regarding prepaid cards and related compliance.

Matt has also aided clients in developing regulatory compliant products and functionalities, including an earned wage access program, reimbursement prepaid card programs, new merchant cash advance products, and tokenized payment capabilities. In connection with products on which Matt advises, he has also negotiated high-stakes technology sales agreements involving complex regulatory issues, including compliance with data privacy laws, financial regulations, and card network rules.

Beyond helping clients strategize for regulatory complexity, Matt also helps clients navigate government investigations and enforcement actions brought by the Federal Trade Commission (FTC), CFPB, and state attorneys general.

Photo of Tessa Cierny Tessa Cierny

Tessa Cierny advises companies on financial technology and data privacy issues. She has experience counseling companies on state and federal regulatory compliance, including existing and emerging privacy laws, such as the E.U.’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act

Tessa Cierny advises companies on financial technology and data privacy issues. She has experience counseling companies on state and federal regulatory compliance, including existing and emerging privacy laws, such as the E.U.’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as well as financial and banking regulations, such as the CFPB’s Section 1071 Small Business Lending Rule (Regulation B). In addition, she assists clients in defending business disputes and data breach litigation.

Prior to joining Greenberg Traurig, she served as global records manager for WestRock, where she developed and implemented email and data retention policies for global data privacy regulation compliance. In this role, she also advised on data privacy concerns related to data retention, data loss prevention, and data governance.