Earlier this month, President Biden signed a sweeping executive order aimed at creating more competition in the US economy. Much of the focus since has been on pieces of the order that aim to reduce the consolidated power of tech giants like Google or Facebook. But one section buried deep in the order could dilute the power of Americaās largest banks, who together hold near-monopolies on most Americansā money.
And the major American banks, to say the least, are not pleased.
The orderāwhich Biden signed to much fanfare in a White House ceremonyāencourages the Consumer Financial Protection Bureau (CFPB), the Wall Street watchdog created after the 2008 financial crisis, to issue rules that will make it easier for people to transfer their personal financial data between institutions. Practically, that would mean pieces of a personās digital financial lifeāincluding transaction history, automatic bill pay setups, direct deposits, and moreācould be moved with a few clicks to companies other than big banks, such as community banks, credit unions, or “fintech” apps that allow customers to perform banking functions from their phones or computers.
That might not sound like a big deal. Or it may sound like itās already happening, as many consumers invest their money with robo-advisers like Betterment or link their financial accounts to budget trackers like Mint. But it’s a move that big banks have long seen as something of an existential threat. Their fear is that if customers can easily move their money and information between institutions, then fintech companies taking an innovative approach to banking and consumer finance will siphon off customers, shrinking the market share and political standing of major banks. In January, Jamie Dimon, the CEO of JPMorgan Chase, summed up the banking sectorās fears of fintech: āAbsolutely, we should be scared shitless.ā
The regulation Biden is encouraging builds on an obscure piece of the Dodd-Frank act, the sweeping set of financial reforms enacted in 2010 to safeguard against another Wall Streetāinduced financial collapse. Section 1033 of the act created a right for consumers to access their financial data and move it around, and left it to the CFPB to create formal rules to enforce that right for customers. But in the decade-plus since Dodd-Frankās passage, the CFPB has never issued those rulesāinstead publishing principles around data-sharing in 2017 that are not binding on banks, or anyone else.
Since the CFPB is an independent agency, the White House can’t require it to pass formal rules. But Biden’s explicit request in this month’s executive order is seen as a strong signal of the direction the administration will take on financial regulationāespecially given that Biden has the power to nominate (or fire) the CFPB’s director.
Even without formal rules, the broad data-access rights outlined in Section 1033 have helped usher in a boom in fintech companiesāpayment platforms, robo-advisers, and other financial apps that arenāt official banks but offer services that enable customers to spend, track, or invest their money. Many consumer advocates see fintech as a potential boon for more inclusive finance. (The New York Fed found that at the height of the pandemic, a quarter of Black-owned businesses turned to fintech lenders to secure Paycheck Protection Act loans after Black business owners encountered a well-documented host of obstacles while trying to access the relief funds through traditional banks.) This potential is not without its risks: Fintechs are less regulated than traditional banks, and the digital movement of money and sensitive financial data poses legitimate cybersecurity concerns. But consumer groups have argued that this is further proof of the need for strong rules that democratize data access while also addressing security concerns.
In the days following the 2020 presidential election, the CFPB published a notice to announce that it was considering issuing official rules under Section 1033. Consumer advocates voiced enthusiastic support for the regulation, submitting a lengthy comment letter in February outlining ways for the agency to craft rules that would give consumers more choices in their financial lives. A carefully constructed rule, they argued, would upend the Big Three credit bureaus by ushering in alternative ways of assessing creditworthiness, and it would pave the way for apps that help customers budget and pay bills more easily, or that allow them to avoid the sorts of feesālike overdraft chargesāthat traditional banks profit from. Such fees and other practices that hurt consumers persist in banking, they said, primarily because the current regulatory landscape makes it tough for customers to switch to other financial institutions.
āThe control that financial institutions have over account data, and the difficulty of moving it elsewhere, inhibits competition and locks consumers into accounts with which they are unhappy,ā wrote a group of six consumer advocacy organizations in February. āThe Section 1033 rule should facilitate mechanisms to enable consumers to access their data to enable comparison shopping and switching providers.ā
Comparison shopping and switching providers are precisely what banks donāt want.
āCompetition issues are about market power and political power at all times,ā says Graham Steele, a former top aide to Senate Banking Committee chair Sherrod Brown (D-Ohio) and Bidenās nominee for assistant treasury secretary for financial institutions. āAnd banksā political power comes both from the amount of wealth that a bank controls, but also how many people it employs and how many customers it has. So [Section 1033] is a way of making banks smaller, from both a political perspective as well as a market perspective.ā
Banks have long resisted the sort of democratized data access that Section 1033 encourages. Since 2015, several large banks have at times cut off access to data aggregators that serve as middlemen between banks and fintech apps. In a 2016 letter to shareholders, Dimon railed against fintech apps and data aggregators, accusing them of taking too much customer data and continuing to access it for years after customers have stopped using their services. (The New York Times noted that this assertion is inaccurate.)
So itās no surprise that ever since the CFPBās November announcement, banks have again pushed back against the rule. Theyāve done this in part through something called the Clearing Houseāa conglomerate thatās part banking association and part payment company, and which counts the biggest American banks among its owners, including JPMorgan Chase, Bank of America, and Citigroup.
In a lengthy letter to the CFPB in February, the Clearing House made a number of arguments aimed at muddying up the CFPBās rulemakingāor discouraging it altogether. It warned the CFPB that crafting the rules would be ātime-consumingā and would require a āsubstantial commitmentā of bureau resources. It argued that some consumer financial data should be considered outside the scope of Section 1033, and it asked the CFPB to give the holders of that dataāmajor banksāthe right to impose extra requirements on access to the data by customers. It also claimed that the rule would lead to such rapid industry change that the CFPB would not be able to keep up, creating an innovation bottleneck where companies would be forced to await decisions from the CFPB before they could move forward. For these reasons and more, the letter advised the CFPB that developing more nonbinding guidanceāinstead of formal rulesāwould be āpreferable.ā
In arguing against Section 1033, banksāincluding PNC Bank, Wells Fargo, and the Bank Policy Institute, a group that lobbies on behalf of major banksāhave played up the security risks of data sharing. Their concern is that Silicon Valley startups trying to disrupt finance wonāt treat sensitive consumer data with as many safeguards as those provided by banks. In its letter to the CFPB, the Clearing House argued that to offset security risks, banks should receive the same rights as consumers in determining which third-party providers or apps are trustworthy enough to get consumer dataāa move that, in practice, would likely make it much more difficult for third-party providers to receive consumer data, gumming up the anti-competitive aims of Section 1033.
Financial data sharing does have real cybersecurity concerns, says Steele, but consumer advocacy groups argue that carefully written CFPB rules could be designed to mitigate these security risks. Softening the rule over these potential security risks primarily serves banksā financial incentives to hoard data. āTheyāre self-interested in making that argument because it’s largely coming from a place of keeping the consumers in their bank rather than losing them to an upstart company,ā Steele says.
āWhile financial institutions have legitimate security concerns about how their customersā data is accessed, they should not block access to that data for the purpose of stifling competition,ā noted the National Consumer Law Center last year.
Final say over the 1033 rule will likely fall to Rohit Chopra, Biden’s nominee to lead the CFPB and a current commissioner at the Federal Trade Commission, which oversees antitrust issues. Chopra has yet to be confirmed by the Senate to lead the consumer watchdog, and he hasn’t made his views on Section 1033 explicit. But he’s made clear in past interviews and during his March confirmation hearings that he supports regulations that encourage the creation of new businesses that will serve consumers’ financial needs.
āI donāt want to see a banking system or financial services system where new market entrants cannot get in, cannot compete and win the day,ā he said in March. āDominant players should not be able to squelch out competition.”
This post has been updated.