The Delayed FinTech Revolution

Uploaded on 2016-04-25 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Technology has transformed how we work, communicate and travel. In contrast, modern digital technology has not yet transformed financial services. Open data is the key to change in this sector of the economy.

The time has come for the financial services industry to join the open data revolution. Open data means interoperability of digital information to increase its usability and accessibility. The Obama administration has done much to make open data a cornerstone of its digital government strategy.

 When open data is brought to the private sector, moreover, one of the benefits will be information portability for consumers. “Informational portability” means that consumers will be able to share and use their personal data in different individual services and products.

Consumers and businesses have, of course, long shared their key financial information with trusted third parties, such as accountants, lawyers and financial advisors. Today, advances in technology have made it easier for customers of banks and insurance companies, among other financial institutions, to share their information with others. Rather than storing key documents in shoe boxes and file folders, consumers and small businesses can pass along digital online and mobile banking credentials.

The promise of fintech is to bring consumer finance into the 21st Century. Fintech companies have already created products that enable consumers to budget, pay their bills, limit spending and identify fraudulent transactions on credit and debit card statements. These enterprises also offer sophisticated tools for facilitating individual investment, financial planning and portfolio management.

This happy story of progress, however, is far from complete because of concerns around privacy and security, and the intermittent choke-points on data sharing. Financial institutions, such as banks and insurance companies, warn against the risks that would follow from allowing their customers to authorize access by third parties to their digital account information.

The time has come for the financial services industry to join the open data revolution.

Financial entities have also periodically taken steps to prevent their users from delegating such access to third parties. These steps are based on understandable concerns about privacy and security.

In the Dodd-Frank Act, Congress took a major step toward ensuring open data. In its Section 1033, this law authorizes the Consumer Financial Protection Bureau (CFPB) to make rules requiring financial institutions to give consumers information upon request about their use of financial products and services.

Congress also authorized the CFPB to develop standardized formats for information. In light of the current absence of cross-industry cooperation, the CFPB should act to enable consumers to get the digital financial services they desire and deserve.

Three policy principles for CFPB rulemaking stand out.

First, the law should enable mechanisms that safeguard and promote consumer consent. Consumers should be in charge of the conditions under which third parties can access their financial information, be provided with clear information about the terms under which such functionality is permitted and be able to turn access on or off.

Second, the concerns regarding privacy and security have merit and banks deserve praise for their concern about them. At the same time, these issues are eminently solvable. Encryption enables firms to share information without making it visible to third parties. Identity management tools allow firms to build systems that provide access to some but not all information, much in the way that a valet key to a car allows someone to drive it but not open the glove box.

The first move should be to seek broad industry agreement on best practices in these areas. Only if there is gridlock regarding self-regulation, the CFPB should develop regulations to establish strong privacy and security requirements.

Finally, the CFPB should act to protect consumers from liability from data sharing, so long as they behave with reasonable care. This model already exists for electronic fund transfers due to measures such as the Federal Reserve’s Regulation E and Regulation Z. These regulations limit a consumer’s liability for unauthorized electronic transactions when using credit cards and debit cards. Similar regulations are needed in the fintech context to clarify questions regarding a consumer’s liability for harms following from delegated account access.

The digital revolution will come to financial services only if consumers are guaranteed consistent, secure and up-to-date access to their financial information. The time has come for the US government to take the first steps to guarantee financial data mobility.

TechCrunch: http://tcrn.ch/1SQ3AER

« Cyber Insurer Offers Some Ransomware Insights
Cyber Threat Intelligence: Sharing Is Caring »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DMH Stallard

DMH Stallard

DMH Stallard is a mid-market law firm. Areas of expertise include cyber security and cyber crime.

Government Communications Headquarters (GCHQ) - UK

Government Communications Headquarters (GCHQ) - UK

GCHQ defends Government systems from cyber threat, provide support to the Armed Forces and strive to keep the public safe, in real life and online.

National Authority Against Electronic Attacks (NAAEA) - Greece

National Authority Against Electronic Attacks (NAAEA) - Greece

The National Authority Against Electronic Attacks (NAAEA) is the national computer emergency response team of Greece.

AppViewX

AppViewX

AppViewX is a global leader in the management, automation and orchestration of network services in data centers.

SCADASUDO

SCADASUDO

SCADASUDO is a cyber solution architecture and design office, established by leading experts in the field of OT (Industrial control) and IT (information Technology).

OmniCyber Security

OmniCyber Security

Omni is a cyber security firm specialising in Penetration Testing, Managed Security and Compliance.

BlockAPT

BlockAPT

BlockAPT, empowering you with an advanced, intelligent cyber defence platform. We protect our customers digital assets by unifying operational technologies against advanced persistent threats.

Testhouse Ltd

Testhouse Ltd

Testhouse is a thought leader in the Quality Assurance, software testing and DevOps space. Founded in the year 2000 in London, UK, with a mission to contribute towards a world of high-quality software

Bittnet Training

Bittnet Training

Bittnet Training is the leader in the IT Training market in Romania. We develop the IT skills of IT professionals as well as those who wish to start a career in IT.

DartPoints

DartPoints

DartPoints helps bridge the digital divide by delivering cloud, colocation, managed services + edge infrastructure.

Nuance Communications

Nuance Communications

From revolutionizing the doctor-patient relationship to reinventing the way brands connect with their customers, Nuance technology helps organizations push the boundaries of what’s possible.

Sentryc

Sentryc

Sentryc provides automated monitoring of brands on online marketplaces and social media making online brand protection processes faster, more clearly structured and more efficient.

Glasstrail

Glasstrail

Glasstrail are single-minded about helping organisations gather intelligence and manage vulnerabilities in their attack surface before adversaries exploit them.

Cybercentry

Cybercentry

Cybercentry is a specialist information security, data protection and cyber security consultancy.

MiDO Technologies

MiDO Technologies

MiDO Technologies has a mission to change the narrative around digital enabling tools on the continent of Africa and prepare African youth.

Applaudo

Applaudo

Applaudo specializes in helping the world’s most admired brands optimize their IT solutions, reduce delivery costs, and accelerate their digital transformation.