The CFPB’s open banking rule—finalized in October 2024 under Section 1033 of the Dodd-Frank Act—seeks to give consumers more control over their financial data. The rule mandates that banks and financial institutions must provide consumers with the ability to access and securely share their financial information with third-party fintech apps and platforms. It’s a move designed to promote competition, transparency, and innovation in the financial services sector—much like open banking regulations in the U.K. and EU.

However, this rule hasn’t gone unchallenged. A coalition of banking groups, including the Bank Policy Institute and the Kentucky Bankers Association, has filed a lawsuit against the CFPB, arguing that the rule overreaches the agency’s authority and could introduce serious security vulnerabilities. Ironically, in a surprising twist, the CFPB itself recently filed a motion suggesting the rule should be struck down—prompting concern and confusion within the fintech industry.

In response, the FTA filed a motion to intervene in the case, which was granted by the court. The association argued that invalidating the rule would be a significant setback for consumer rights and fintech innovation. According to the FTA, open banking enables consumers to take full ownership of their financial lives—empowering them to switch banks, access better services, and utilize tools like budgeting apps, payment platforms, and digital wallets more effectively.

The open banking rule has long been a top priority for fintech firms, many of which rely on consumer-permissioned data to provide their services. Companies like Plaid have built entire infrastructures on secure data access protocols, allowing users to link their bank accounts to dozens of financial apps seamlessly. By standardizing and securing that access, the CFPB’s rule is seen as a way to strengthen—not weaken—consumer protection.