Skip to content
DWT logo
People Services Insights
About Offices Careers
Search
People
Services
Insights
About
Offices
Careers
Search

Open Banking Developments

On October 22, 2024, the CFPB issued its final "open banking" rule implementing Section 1033 of the Dodd-Frank Act mandating that "covered persons" provide consumers access to their financial data (the "Final Rule "). The Final Rule defines data providers to include bank and non-bank institutions that offer consumer checking or savings accounts or issue consumer credit cards. As expected, the Final Rule largely codifies language in the proposal issued in 2023 and sets the disclosure, technical, and other standards and requirements intended to help consumers and their authorized service providers (including data aggregators) efficiently access their financial data. The Final Rule also includes the certification requirements for standard-setting requirements bodies effective July 11, 2024. Some differences from the proposal to the Final Rule address some of the over 11,000 comments that were submitted, most notably extending the compliance dates in a phased approach starting April 1, 2026, and ending in 2030.

A number of legal and operational questions remain, however, including how participants should reconcile the open banking rules with existing legal and operational requirements under the Fair Credit Reporting Act (FCRA), GLBA, and state privacy rules, data security regulations, business continuity considerations, and others (as further discussed in our First Impressions on CFPB's Proposed Open Banking Rule advisory). In fact, the same day it was issued, the Bank Policy Institute and the Kentucky Bankers Association filed a lawsuit in the U.S. District Court for the District of Kentucky alleging that the CFPB overstepped its authority.

Our Services

Regardless of how the lawsuit proceeds, the era of open banking and finance is here. Data providers, data aggregators, and fintech data users will need to adapt to this upcoming regulatory regime. Since the days when screen scraping was the only method to transfer this data, we have assisted clients on a variety of open banking matters, including:

  • Advising data providers (banks) and data recipients on regulatory obligations in providing or gaining access to financial data via 1033-compliant interfaces, including helping these data providers and data recipients assess their existing data sharing agreements for compliance with the CFPB's open banking rules.
  • Negotiating data sharing agreements between financial institutions and data aggregators/authorized third parties.
  • Counseling open banking participants on how open banking implicates their status under adjacent laws, such as the FCRA (e.g., as consumer reporting agencies or furnishers), the GLBA, and state privacy laws.
  • Advising banks, in their role as data providers, on the applicability of third-party risk management requirements under federal banking third-party risk management guidance and ongoing safety and soundness requirements.
  • Assisting authorized third parties with consumer authorization, reauthorization, retention, and other open banking obligations.

Insights

bank columns Link to /blogs/financial-services-law-advisor/2024/11/litigating-financial-regulation-under-trump
11.19.24
Insights
New Administration Outlook: Litigation Battles Over Financial Regulations Are Poised To Shift Read More Link to /blogs/financial-services-law-advisor/2024/11/litigating-financial-regulation-under-trump
bank Link to /blogs/financial-services-law-advisor/2023/10/cfpb-consumer-data-access-third-parties-fintechs
10.25.23
Insights
Privacy and Data Security
First Impressions on CFPB's Proposed Open Banking Rule: Considerations for Key Stakeholders Read More Link to /blogs/financial-services-law-advisor/2023/10/cfpb-consumer-data-access-third-parties-fintechs
gavel on book Link to /blogs/financial-services-law-advisor/2023/09/us-fintech-laws-and-regulations-2023
09.15.23
Insights
Regulatory and Compliance
U.S. Fintech Laws and Regulations 2023 Read More Link to /blogs/financial-services-law-advisor/2023/09/us-fintech-laws-and-regulations-2023
Zeroes and ones in cascading lines Link to /blogs/financial-services-law-advisor/2019/12/open-banking-api-liability
12.18.19
Insights
Regulatory and Compliance
Open Banking, APIs, and Liability Issues Read More Link to /blogs/financial-services-law-advisor/2019/12/open-banking-api-liability

We frequently represent financial institutions in all aspects of their open banking relationships, including:

  • Interpreting and applying regulations and regulatory guidance, structuring and negotiating contracts and data-sharing terms,
  • Assessing risk,
  • Tracking and evaluating relevant litigation and settlements,
  • Structuring and drafting customer disclosures and consents, and
  • Launching products and functionality.

We are actively representing FIs and technology providers in connection with the establishment and structuring of data-sharing networks and hubs through which bank customer data is transferred to multiple permissioned recipients. These are alternative, second-generation models for sharing customer data and are intended to enable the networks to be more flexible in addressing open-banking needs.

Our Team

Borgia, Michael
Michael T. Borgia
Partner
Washington, D.C.
202.973.4282
Engel, Jonathan B.
Jonathan B. Engel
Partner
Washington, D.C.
202.973.4219
Brian Hurh
Brian J. Hurh
Partner
Washington, D.C.
202.973.4279
Libin, Nancy
Nancy Libin
Partner
Co-chair, Technology, Communications, Privacy & Security Practice; Chair, Privacy & Security Practice
Washington, D.C.
202.973.4218
Mann, James
James H. Mann
Partner
New York Washington, D.C.
212.603.6482
202.973.4315
Rockney, Brant
Brant Rockney
Partner
Seattle
206.757.8276
Bill
William Schuerman
Partner
Vice chair, Attorney Evaluation Committee
Washington, D.C.
202.973.4230
Aulakh, Amit S.
Amit S. Aulakh
Counsel
New York
212.603.6472
Ariely, Assaf
Assaf Ariely
Associate
New York
212.603.6436

Contact Us

We're here to help. Email us with any questions or comments and we'll get you connected to the right person.
DWT logo
©1996-2025 Davis Wright Tremaine LLP. ALL RIGHTS RESERVED. Attorney Advertising. Not intended as legal advice. Prior results do not guarantee a similar outcome.
Media Kit Affiliations Legal notices
Privacy policy Employees DWT Collaborate EEO

SUBSCRIBE
©1996-2025 Davis Wright Tremaine LLP. ALL RIGHTS RESERVED. Attorney Advertising. Not intended as legal advice. Prior results do not guarantee a similar outcome.