Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Consumer Protection Principles for Financial Data Sharing: Ensuring Consumer Interests, Exams of Financial Products and Services

Eastern New Mexico University (ENMU)Financial Products and Services

The Consumer Protection Principles released by the Bureau to safeguard consumer interests in the developing market for consumer-authorized financial data sharing and aggregation. The principles cover access, data scope and usability, control and informed consent, authorizing payments, security, access transparency, accuracy, ability to dispute and resolve unauthorized access, and efficient and effective accountability mechanisms.

Typology: Exams

2021/2022

Uploaded on 09/12/2022

parolie
parolie 🇺🇸

4.9

(15)

249 documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
1700 G Street, N.W ., Washington, DC 20552
October 18, 2017 Consumer Protection Principles:
Consumer-Authorized Financial Data Sharing and Aggregation
In the Dodd-Frank Act, Congress instructed the Bureau to implement and enforce consumer
financial law “for the purpose of ensuring that all consumers have access to markets for
consumer financial products and services and that markets for consumer financial products and
services are fair, transparent, and competitive.”1 Congress further instructed the Bureau to
exercise its authorities so that “markets for consumer financial products and services operate
transparently and efficiently to facilitate access and innovation.”2
For some time, a range of companiesmany of them “fintech” companies—have been accessing
consumer account data with consumers’ authorization and providing services to consumers using
data from the consumers’ various financial accounts. Such “data aggregation”-based services
include the provision of financial advice or financial management tools, the verification of
accounts and transactions, the facilitation of underwriting or fraud-screening, and a range of
other functions. This type of consumer-authorized data access and aggregation holds the promise
of improved and innovative consumer financial products and services, enhanced control for
consumers over their financial lives, and increased competition in the provision of financial
services to consumers.
There are many significant consumer protection challenges to be considered—particularly with
respect to data privacy and securityas these technologies and practices continue to develop. In
part through a November 2016 public Request for Information, the Bureau is aware that a range
of industry stakeholders are working, through a variety of individual arrangements as well as
broader industry initiatives, on agreements, systems, and standards for data access, aggregation,
use, redistribution, and disposal. The Bureau believes that consumer interests must be the priority
of all stakeholders as the aggregation services-related market develops. A common
understanding of consumer interests is essential so that effective consumer protections can be
integrated consistently into this market.
As a result, the Bureau today is releasing a set of Consumer Protection Principles intended to
reiterate the importance of consumer interests to all stakeholders in the developing market for
services based on the consumer-authorized use of financial data. The Principles express the
Bureau’s vision for realizing a robust, safe, and workable data aggregation market that gives
consumers protection, usefulness, and value.
1 12 U.S.C. 5511(a).
2 12 U.S.C. 5511(b)(5).
pf3
pf4
pf5

Partial preview of the text

Download Consumer Protection Principles for Financial Data Sharing: Ensuring Consumer Interests and more Exams Financial Products and Services in PDF only on Docsity!

1700 G Street, N.W., Washington, DC 20552

October 18, 2017 Consumer Protection Principles: Consumer-Authorized Financial Data Sharing and Aggregation

In the Dodd-Frank Act, Congress instructed the Bureau to implement and enforce consumer financial law “for the purpose of ensuring that all consumers have access to markets for consumer financial products and services and that markets for consumer financial products and services are fair, transparent, and competitive.”^1 Congress further instructed the Bureau to exercise its authorities so that “markets for consumer financial products and services operate transparently and efficiently to facilitate access and innovation.”^2

For some time, a range of companies—many of them “fintech” companies—have been accessing consumer account data with consumers’ authorization and providing services to consumers using data from the consumers’ various financial accounts. Such “data aggregation”-based services include the provision of financial advice or financial management tools, the verification of accounts and transactions, the facilitation of underwriting or fraud-screening, and a range of other functions. This type of consumer-authorized data access and aggregation holds the promise of improved and innovative consumer financial products and services, enhanced control for consumers over their financial lives, and increased competition in the provision of financial services to consumers.

There are many significant consumer protection challenges to be considered—particularly with respect to data privacy and security—as these technologies and practices continue to develop. In part through a November 2016 public Request for Information, the Bureau is aware that a range of industry stakeholders are working, through a variety of individual arrangements as well as broader industry initiatives, on agreements, systems, and standards for data access, aggregation, use, redistribution, and disposal. The Bureau believes that consumer interests must be the priority of all stakeholders as the aggregation services-related market develops. A common understanding of consumer interests is essential so that effective consumer protections can be integrated consistently into this market.

As a result, the Bureau today is releasing a set of Consumer Protection Principles intended to reiterate the importance of consumer interests to all stakeholders in the developing market for services based on the consumer-authorized use of financial data. The Principles express the Bureau’s vision for realizing a robust, safe, and workable data aggregation market that gives consumers protection, usefulness, and value.

(^1) 12 U.S.C. 5511(a). (^2) 12 U.S.C. 5511(b)(5).

The Bureau recognizes that many consumer protections apply to this market under existing

statutes and regulations. These Principles are not intended to alter, interpret, or otherwise provide

guidance on—although they may accord with—the scope of those existing protections. Thus, the

Principles do not themselves establish binding requirements or obligations relevant to the Bureau’s exercise of its rulemaking, supervisory, or enforcement authority. In addition, the

Principles are not intended as a statement of the Bureau’s future enforcement or supervisory

priorities.

The Bureau will continue to monitor closely developments in this market. The Bureau will also

continue to assess how the Principles set forth below may best be realized in the design and

delivery of consumer financial products and services. The Bureau stands ready to facilitate

constructive efforts or to take other appropriate action to protect consumers.

  1. Authorizing Payments Authorized data access, in and of itself, is not payment authorization. Product or service providers that access information and initiate payments obtain separate and distinct consumer authorizations for these separate activities. Providers that access information and initiate payments may reasonably require consumers to supply both forms of authorization to obtain services.

  2. Security Consumer data are accessed, stored, used, and distributed securely. Consumer data are maintained in a manner and in formats that deter and protect against security breaches and prevent harm to consumers. Access credentials are similarly secured. All parties that access, store, transmit, or dispose of data use strong protections and effective processes to mitigate the risks of, detect, promptly respond to, and resolve and remedy data breaches, transmission errors, unauthorized access, and fraud, and transmit data only to third parties that also have such protections and processes. Security practices adapt effectively to new threats.

  3. Access Transparency Consumers are informed of, or can readily ascertain, which third parties that they have authorized are accessing or using information regarding the consumers’ accounts or other consumer use of financial services. The identity and security of each such party, the data they access, their use of such data, and the frequency at which they access the data is reasonably ascertainable to the consumer throughout the period that the data are accessed, used, or stored.

  4. Accuracy Consumers can expect the data they access or authorize others to access or use to be accurate and current. Consumers have reasonable means to dispute and resolve data inaccuracies, regardless of how or where inaccuracies arise.

  5. Ability to Dispute and Resolve Unauthorized Access Consumers have reasonable and practical means to dispute and resolve instances of unauthorized access and data sharing, unauthorized payments conducted in connection with or as a result of either authorized or unauthorized data sharing access, and failures to comply with other obligations, including the terms of consumer authorizations. Consumers are not required to identify the party or parties who gained or enabled unauthorized access to receive appropriate remediation. Parties responsible for unauthorized access are held accountable for the consequences of such access.

  6. Efficient and Effective Accountability Mechanisms The goals and incentives of parties that grant access to, access, use, store, redistribute, and dispose of consumer data align to enable safe consumer access and deter misuse. Commercial participants are accountable for the risks, harms, and costs they introduce to consumers. Commercial participants are likewise incentivized and empowered effectively to prevent, detect, and resolve unauthorized access and data sharing, unauthorized payments conducted in connection with or as a result of either authorized or unauthorized

data sharing access, data inaccuracies, insecurity of data, and failures to comply with other obligations, including the terms of consumer authorizations.