Skip to content

CFPB Approves FDX Application With Conditions to Foster Transparency and Open Banking

January 21, 2025

The Consumer Financial Protection Bureau (CFPB) has approved the Financial Data Exchange’s (FDX) application to serve as a standard-setting body under the final rule for Personal Financial Data Rights, (“open banking”) pursuant to Section 1033 of the Dodd-Frank Act. This approval comes with several conditions designed to ensure transparency, fairness, and accessibility in the rapidly evolving landscape of financial data sharing.

What is standard setting?

Standard-setting involves the development of common technical specifications and guidelines to ensure interoperability, security, and efficiency within an industry. In the context of open banking, organizations like the FDX play a pivotal role by creating and maintaining standards that facilitate secure and user-permissioned financial data sharing among various stakeholders, including banks, fintech companies, and consumers. These standards are developed through a consensus-driven process that emphasizes openness, balanced decision-making, due process, and transparency, aligning with attributes outlined by regulatory bodies such as the CFPB.

FDX Conditional Approval

The CFPB’s approval order lays out three key requirements:

  1. Ban on “Pay-to-Play” and Conflicts of Interest
    • FDX must uphold impartiality by prohibiting sponsorships or financial incentives that could give certain players undue advantages. This ensures that open banking standards are developed without bias and with the goal of fostering a level playing field.
  2. Mandatory Reporting on Market Adoption
    • To promote accountability, FDX is required to report market adoption metrics for its standards to the CFPB. The organization must also provide a public resource where companies can disclose their adherence to these standards, enhancing transparency for consumers, regulators, and market participants.
  3. Public Availability of Standards
    • FDX must ensure that all consensus standards are accessible to the public, regardless of membership status. This includes making information about the standards development process openly available, subject to reasonable safeguards.

FDX’s approval marks a significant milestone for open banking in the U.S., aligning with similar efforts already underway in Europe under the European Union’s revised Payment Services Directive. By adopting standardized, API-driven data-sharing protocols, the CFPB claims that open banking enables consumers to seamlessly and securely share financial data, simplifying tasks like applying for loans or switching banks. However, whether open banking achieves this objective has been subject to intense scrutiny by opponents of the rule.

FDX, a nonprofit supported by a coalition of banks, fintech firms, and consumer advocacy groups, aims to finalize its open banking standards in the coming months.

Open Banking and Regional Adoption

As the CFPB’s open banking rule under Section 1033 of the Dodd-Frank Act gains traction, financial institutions are proactively advancing their data-sharing capabilities. Many are partnering with leading providers of data integration solutions to integrate API-driven open banking technology into their core systems. This move underscores the dual objectives of enhancing data security and improving consumer experiences.

Anticipated Challenges and Future Outlook

While open banking attempts to spark innovation and personalization in financial services, it also introduces challenges. Banks must implement robust controls to ensure data recipients are legitimate and protect consumers from potential fraud increasing risks to the bank and consumers. Consumer mistrust and fear remain significant barriers to widespread adoption.

Despite these hurdles, consumer demand for seamless financial data-sharing will likely accelerate open banking’s adoption. For many large and small banks, the expansion of a consumer’s ability to access their date represents an opportunity to strengthen customer relationships and develop new, value-added services.

Clark Hill’s Financial Services Regulatory & Compliance group helps clients navigate changes to an evolving regulatory environment by providing guidance and factional compliance services in order to meet their needs. Our exceptional team of lawyers and government and regulatory advisors has extensive experience and knowledge of the laws and regulations governing financial products and services. We can assist clients in developing and implementing compliance programs. For more information, please contact Joann Needleman, jneedleman@clarkhill.com.

This publication is intended for general informational purposes only and does not constitute legal advice or a solicitation to provide legal services. The information in this publication is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. Readers should not act upon this information without seeking professional legal counsel. The views and opinions expressed herein represent those of the individual author only and are not necessarily the views of Clark Hill PLC. Although we attempt to ensure that postings on our website are complete, accurate, and up to date, we assume no responsibility for their completeness, accuracy, or timeliness.

Related Practice Areas

Subscribe For The Latest

Subscribe

Related

Event

Webinar: Stay Ahead in Privacy and Data Breach Litigation

Join us for an essential update on the dynamic landscape of privacy and data breach litigation. This session will explore the latest trends and emerging challenges, including developments in Pixel litigation, BIPA, GIPA, CIPA, VPPA, standing issues, and critical defense strategies. We’ll analyze recent cases, pivotal rulings, and newly filed lawsuits while providing strategic guidance for litigation and settlement. Gain actionable insights to help you confidently navigate this complex and evolving legal environment confidently.

Don’t miss this opportunity to stay informed and prepared in the evolving field of privacy and data breach litigation.

Explore more
Event

Webinar- Digital Operational Resilience Act (DORA): A Cross-Border Discussion on Incident Response

Join us for an in-depth discussion on how the Digital Operational Resilience Act (DORA), effective January 17, 2025, will transform digital and operational resilience requirements in the financial sector. This session will focus on the specific obligations related to incident response and explore the adjustments businesses should make to their existing programs to achieve compliance.

Explore more
Event

Webinar: AI Year in Review: From State AI Laws and Automated Decision-Making Regulations to the Rise of AI Liability

2024 has been a pivotal year for artificial intelligence, marked by the passage of state AI legislation, the introduction of privacy regulations targeting automated decision-making and profiling, and an uptick in lawsuits challenging businesses’ use of AI tools. This webinar will provide a comprehensive review of the evolving AI landscape, summarizing key enacted laws, exploring emerging legal challenges, and offering actionable strategies for businesses deploying AI technologies.

Explore more

The Clark Hill approach is equally pragmatic and growth-minded, which is why we understand our clients’ toughest business challenges. Our multidisciplinary, global team of advisors focuses on smart legal solutions, delivered simply.

© 2025 Clark Hill PLC.