The Delayed FinTech Revolution

Technology has transformed how we work, communicate and travel. In contrast, modern digital technology has not yet transformed financial services. Open data is the key to change in this sector of the economy.

The time has come for the financial services industry to join the open data revolution. Open data means interoperability of digital information to increase its usability and accessibility. The Obama administration has done much to make open data a cornerstone of its digital government strategy.

 When open data is brought to the private sector, moreover, one of the benefits will be information portability for consumers. “Informational portability” means that consumers will be able to share and use their personal data in different individual services and products.

Consumers and businesses have, of course, long shared their key financial information with trusted third parties, such as accountants, lawyers and financial advisors. Today, advances in technology have made it easier for customers of banks and insurance companies, among other financial institutions, to share their information with others. Rather than storing key documents in shoe boxes and file folders, consumers and small businesses can pass along digital online and mobile banking credentials.

The promise of fintech is to bring consumer finance into the 21st Century. Fintech companies have already created products that enable consumers to budget, pay their bills, limit spending and identify fraudulent transactions on credit and debit card statements. These enterprises also offer sophisticated tools for facilitating individual investment, financial planning and portfolio management.

This happy story of progress, however, is far from complete because of concerns around privacy and security, and the intermittent choke-points on data sharing. Financial institutions, such as banks and insurance companies, warn against the risks that would follow from allowing their customers to authorize access by third parties to their digital account information.

The time has come for the financial services industry to join the open data revolution.

Financial entities have also periodically taken steps to prevent their users from delegating such access to third parties. These steps are based on understandable concerns about privacy and security.

In the Dodd-Frank Act, Congress took a major step toward ensuring open data. In its Section 1033, this law authorizes the Consumer Financial Protection Bureau (CFPB) to make rules requiring financial institutions to give consumers information upon request about their use of financial products and services.

Congress also authorized the CFPB to develop standardized formats for information. In light of the current absence of cross-industry cooperation, the CFPB should act to enable consumers to get the digital financial services they desire and deserve.

Three policy principles for CFPB rulemaking stand out.

First, the law should enable mechanisms that safeguard and promote consumer consent. Consumers should be in charge of the conditions under which third parties can access their financial information, be provided with clear information about the terms under which such functionality is permitted and be able to turn access on or off.

Second, the concerns regarding privacy and security have merit and banks deserve praise for their concern about them. At the same time, these issues are eminently solvable. Encryption enables firms to share information without making it visible to third parties. Identity management tools allow firms to build systems that provide access to some but not all information, much in the way that a valet key to a car allows someone to drive it but not open the glove box.

The first move should be to seek broad industry agreement on best practices in these areas. Only if there is gridlock regarding self-regulation, the CFPB should develop regulations to establish strong privacy and security requirements.

Finally, the CFPB should act to protect consumers from liability from data sharing, so long as they behave with reasonable care. This model already exists for electronic fund transfers due to measures such as the Federal Reserve’s Regulation E and Regulation Z. These regulations limit a consumer’s liability for unauthorized electronic transactions when using credit cards and debit cards. Similar regulations are needed in the fintech context to clarify questions regarding a consumer’s liability for harms following from delegated account access.

The digital revolution will come to financial services only if consumers are guaranteed consistent, secure and up-to-date access to their financial information. The time has come for the US government to take the first steps to guarantee financial data mobility.

TechCrunch: http://tcrn.ch/1SQ3AER

« Cyber Insurer Offers Some Ransomware Insights
Cyber Threat Intelligence: Sharing Is Caring »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Dark Reading

Dark Reading

Dark Reading is the most trusted online community for security professionals.

WatchGuard

WatchGuard

WatchGuard is a leader in network security, secure Wi-Fi, and network intelligence products and services for SMBs and Enterprises worldwide.

AON

AON

Aon is a leading global provider of risk management (including cyber), insurance and reinsurance brokerage, human resources solutions and outsourcing services.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

Joe Security

Joe Security

Joe Security specializes in the development of automated malware analysis systems for malware detection and forensics.

D-Fence

D-Fence

D-Fence high availability security service protects corporate email communication, the company and it's employee's against cyber threats.

Magal Security Systems (Magal S3)

Magal Security Systems (Magal S3)

Magal Security Systems is a leading international provider of integrated solutions and products for physical and cyber security, safety and site management.

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC) is a government body providing support for ICT related activities including formulating national ICT strategy and policy.

ITRenew

ITRenew

ITRenew is a leading global IT lifecycle management solutions company, specializing in onsite data center decommissioning and data erasure services.

IP Twins

IP Twins

IP Twins offer a wide range of services related to domain names and online brand protection.

Security Management Partners (SMP)

Security Management Partners (SMP)

Security Management Partners (SMP) is a trusted partner to financial services, healthcare and businesses that need to manage their information, securely.

Hudson Cybertec

Hudson Cybertec

Hudson Cybertec are an internationally recognized Subject Matter Expert for cyber security in the Industrial Automation & Control Systems (IACS) domain.

DH2i Company

DH2i Company

DH2i is a leading provider of multi-platform Software Defined Perimeter and Smart Availability software enabling customers to create an entire IT infrastructure that is always-secure and always-on.

Catalogic Software

Catalogic Software

Catalogic helps clients backup, recover, manage, and protect their data across their enterprise and cloud environments with Smart Data Protection solutions.

CaseMatrix

CaseMatrix

Discover a new era of legal intelligence with CaseMatrix. We identify potential class action cases arising from cyber incidents and data breaches.

Iolo

Iolo

Iolo develops patented technology and award-winning software that repairs, optimizes, and protects computers, to maximize system speed and performance while keeping them safe.