FinXTech Intel 2023 report final 2 - Flipbook - Page 21
JPMorgan Chase & Co. is one bank that has spent almost half a decade working to better
control consumer-directed third-party access to its accounts — efforts that smaller banks may
be just now considering or adopting. The bank told The Financial Brand in 2020 that it had
reached agreements with aggregators that addressed 95% of traffic that came into its site, and
imposed insurance and indemnification requirements on them.
These third-party agreements included:
•
Secure access to Chase records using tokenized APIs instead of consumer account credentials.
•
Informing and giving customers control of what data the third party can access via dashboard in their online accounts.
•
Assigning responsibility to aggregators for the risks they introduce.
In 2021, the bank joined the Akoya Data Access Network. Fintechs, data aggregators and other
data recipients now request API-based access to Chase customer data through Akoya, according to a press release.
It’s also not always clear how data aggregators use the customer information they collect or
have access to, and what rights and protections consumers receive once their data moves across
the supervisory perimeter into nonbank spaces.
Nonetheless, demand for consumer data remains high and could grow: Consumer data has
powered artificial intelligence and machine learning innovations at fintechs, the Treasury wrote.
Nonbank firms are “playing key roles in the burgeoning consumer data ecosystem with interest
both in accessing and generating consumer data. This poses new data privacy and security risks,”
it added.
Ultimately, these fintech partnerships are growing the consumer data ecosystem. Bankers must be
aware of how they will participate in this generation and use while keeping customer information
secure.
Kiah Lau Haslett is managing editor of Bank Director.
FINDING FINTECHS: HOW DO YOU DECIDE? | 19