The Consumer Financial Protection Bureau’s new rule under Section 1033 of the Dodd-Frank Act is here. And, the clock is now ticking. Now is the time for data providers to get ahead of compliance requirements and gain a competitive advantage ahead of compliance timelines.
We’re here to help.
For more than a decade, MX has been a leader in open finance and consumer-permissioned data sharing. Our Data Access solution combines an API platform that meets FDX standards with built-in analytics that can help you meet your 1033 compliance obligations and provide you with actionable intelligence at the same time.
This guide gives you a simple view of key requirements for data providers, along with details on how Data Access can help you meet your 1033 compliance obligations and beyond.
What entities are considered a data provider under the final rule?
A data provider has obligations if it controls or possesses covered data concerning a covered consumer financial product or service that the consumer obtained from the data provider. This includes financial institutions as defined in Regulation E, card issues as defined in Regulation Z, and any other person that controls or possesses information concerning a covered product or service that the consumer obtained from that person. These requirements do not apply to data providers that hold total assets equal to or less than $850 million.
What are the key requirements for data providers and how can MX help meet these requirements?
*Note: The final 1033 rulemaking places the responsibility for managing consumer consent on third parties that request data on behalf of consumers. While data providers are not obligated to manage consumer consent or to provide consent revocation tools, data providers can choose to confirm consent and provide revocation tools, consistent with current industry best practices.