You’ve probably relied on third-party financial software and mobile apps to make more sense of your banking and investment transactions.
You do this because the financial statements you typically receive from your financial institutions may be insufficient, and lack detail or insights into your buying and investing behaviors.
These third-party apps and software, known as “aggregators,” can sync with your banking and investment account data, then track and analyze your spending and saving habits to present opportunities where you can do better.
But more recently, large banks and financial institutions have begun blocking third-party aggregators from syncing with their customers’ financial data, against their customers’ wishes to do so. While data security has been cited as the main reason for the block, as was the case when J.P. Morgan Chase & Co. restricted its customer data, the real reason may be the bank’s attempt to edge out the increasing competition presented by these aggregation services.
Now, regulators are speaking out against this practice. The Consumer Financial Protection Bureau (CFPB), one of the United States’ leading federal consumer finance regulators, recently issued a warning to banks that consumers should be able to decide for themselves what to do with their own financial data.
Richard Cordray, director of the CFPB, was quoted in the Wall Street Journal, saying, “Let me state the matter as clearly as I can here: We believe consumers should be able to access this information and give their permission for third-party companies to access this information as well.”
We support the statement made by the CFPB, and we believe that only you should have the final say in how your banking data is accessed and used.
Regular Bank Statements Are Such a Drag
Aggregators exist in the form of software, apps, and websites to transform your financial data into more digestible advice, charts, and information.
Once you sync your financial data with aggregation companies, they aim to help you make more sense of your purchasing and investing behaviors over time.
Popular aggregators, such as Mint.com, sync with your credit card and checking account transactions, so that you can see which expenses to curtail. Such companies rely on syncing with bank data as a large part of their business models.
Betterment is also an example of an aggregator: On top of providing personalized, low-cost investment advice, the service allows you to sync of all of your outside accounts so that you can see your total wealth in one place, at no additional cost. You can also see which outside accounts are charging you high investment management fees, and where you’re holding onto too much cash instead of letting it work for you (a concept known as “cash drag”).
Because aggregators are unaffiliated with the financial institutions themselves, many of them provide a valuable service by calling out areas where customers can improve in their spending and investing behaviors across accounts.
In addition, aggregators can help customers save money by suggesting competitive alternatives or products from within their platforms.
This is especially true if they offer their aggregation tools for free, which are funded in large part by advertising revenues. (Betterment does not allow outside advertisers onto its platform.)
As a result, banks and larger financial institutions are increasingly seeing aggregators, who’ve put the data to innovative use, as threats to their businesses and deposits under management.
Their answer? Block third-party aggregators from accessing customer data.
In fact, banks have cited data security as the primary reason for doing so. But it’s likely a result of banks moving to edge out competitive offers and services, and pushing out the aggregators.
Banks Busted in and Said, “What’s That Noise?”
According to a Wall Street Journal report, tensions mounted for several days in October 2015 when J.P. Morgan Chase & Co. and Wells Fargo & Co. restricted Mint.com from accessing customer bank account information.
By doing so, the banks upset customers who had already agreed to share their information with such third-party applications.
The banks claimed that this type of data exchange posed a security threat to their customers and online banking platforms. In a May 2016 letter to shareholders, J.P. Morgan Chase & Co. CEO Jamie Dimon emphatically outlined the risks of data sharing, and that limits must be imposed.
However, his concerns were largely passé, considering all the advancements in financial data security over the past two decades. Banks say they have a right to slow or block access to third parties because of the risks posed by potential hacks from any of the connected platforms.
However, thus far, “The aggregators have never had a breach that we know of,” said Ron Lieber in a New York Times report.
“A breach would have to occur as a result of an aggregator’s error. It would also have to be apparent that it was the aggregator’s error, even though fault is often difficult to discern. The bank would have to risk bad press and lawsuits by refusing to reimburse the account holder. And the aggregator and the app that used it would also have to turn the customer away, even though the breach was their fault. A judge might get involved, too. The odds of all of this coming to pass are close to zero,” according to Lieber.
While security is certainly a concern (J.P. Morgan Chase & Co. suffered an embarrassing breach in 2014 when 76 million accounts were compromised), banks may instead be fearmongering with security to justify blocking aggregators from analyzing customer data and offering competitive product offers.
“Now that the newest technologies can even dictate the outflow of money, banks are growing concerned about smaller competitors taking funds away,” said Lieber.
Understandably, banks don’t want to be held liable for customer information breached on a third-party platform. And as consumers, we do compromise our security any time we share our login passwords or allow third parties to access our data. But ultimately, banks don’t want to risk losing their own customers to third-party aggregators’ competitive product and service offers, and are citing data security as the reason for blocking access.
At Betterment, we strive to exceed the safest standards for protecting your account and financial data. From the multiple physical data centers where our servers are hosted, to the safeguards we have put in place to protect our customers, our services have been designed to improve upon traditional security.
For more information on our security practices and ways to protect your account, you can visit our page on security procedures.
You Gotta Fight for Your Right…to Your Data
When third-party financial aggregators use your data to recommend a higher-yielding checking account or a credit card with better perks (and from another financial institution), that infringes on your bank’s business.
Your data is lucrative to both the banks and third parties. Banks want to track their own customers’ behaviors, while aggregators rely on that data to operate their own businesses.
At risk of losing business and having a desire to maintain control of their data, banks may block aggregators from accessing their customer information less for customer security, and more for their own business security.
As a consumer who understands the risks of data sharing with third-party aggregators, you should have ultimate control over the flow of your financial information. We’re proud to support the CFPB’s belief, expressed by Cordray, that only you should determine who has access to your data. And we’re excited that we’re both working to bring transparency and trust to the financial services industry.
More from Betterment: