Banks Urge CFPB to Set Appropriate Timeline for Complying with Consumer Financial Data Rule

Washington. D.C. - The Bank Policy Institute, American Bankers Association, Consumer Bankers Association and The Clearing House Association sent a letter late yesterday to the Consumer Financial Protection Bureau calling for the Bureau to set an appropriate timeline for complying with its forthcoming rule governing consumer financial data known as Section 1033. The letter recommends that the first tier of banks required to comply with the rule be given at least two years to comply with the new rule. This would allow enough time for banks to develop new systems and processes and for a standard-setting organization to be recognized by the CFPB.

"Banks spent years developing systems to enable safe data-sharing for 50 million customers and overhauling these systems to comply with this new rule will take time," the Associations stated upon filing the letter. "In the interest of protecting customer data and avoiding disruptions, it's better to get it done right than to get it done quickly. Banks are committed to serving their customers and complying with the law, and we encourage the CFPB to recognize the complexities of the new requirements and establish pragmatic timelines that allow for a smooth implementation without disrupting consumer data access."

The Associations pointed to significant operational hurdles in their letter, including:

1. Implementation Challenges: Banks will need to upgrade technologies, standardize data, develop operational policies and procedures, build new functionalities, work with third-party partners and refresh public-facing resources.
2. Coordination and Collaboration: Agreements with existing third parties will need to be reviewed and banks will need to coordinate with those entities to amend those agreements to meet the new obligations.
3. Standard-Setting Procedures: The CFPB just recently finalized a rule establishing the procedures for a standard-setting body to seek and obtain CFPB recognition, which will be a lengthy process. The process under which a standard-setting organization would develop consensus standards would take even more time.

The associations also recommend extending the compliance deadlines for subsequent groups of entities by 18 months, consistent with the CFPB's proposed phased approach to ensure all stakeholders have sufficient time to meet the new requirements.

To access a copy of the letter, please click here.

###

About Bank Policy Institute.

The Bank Policy Institute is a nonpartisan public policy, research and advocacy group that represents universal banks, regional banks and the major foreign banks doing business in the United States. The Institute produces academic research and analysis on regulatory and monetary policy topics, analyzes and comments on proposed regulations, and represents the financial services industry with respect to cybersecurity, fraud, and other information security issues.

Media Contacts

• Austin Anton, Bank Policy Institute, [email protected]
• Sarah Grano, American Bankers Association, [email protected]
• Billy Reilly, Consumer Bankers Association, [email protected]
• Greg MacSweeney, The Clearing House Association, [email protected]