Why Enabling Secondary Use Cases for Consumer Benefit is Critical

Permissioned, Secure Data is Key to Innovation and Intelligence for Consumers and Businesses

Today's data-driven economy provides enormous value for consumers and the businesses that serve them. However, data rights and privacy laws around the world have done little to stem the data exhaust generated by business models that may not be in the best interest of consumers. In the U.S., the financial services industry faces the first real test of the data economy as the Consumer Financial Protection Bureau (CFPB) considers industry comments to finalize its rulemaking to implement Section 1033 of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (the Dodd-Frank Act). MX believes enabling secondary use cases in a way that balances consumer benefits with privacy and security is critical.

We agree with the Bureau on the importance of safeguarding how consumer data is collected, stored, and used by financial services providers and data intermediaries. We also support the idea that consumer financial data should only be used to ultimately benefit the consumer — and not used in ways that are purely value extraction or advantages to an organization to the detriment of the consumer. 

However, while there are instances where consumer financial data has been improperly used that should be restricted, there is also a rich history of existing use cases that provide significant consumer and economic benefits. This includes enabling consumers to create a 360-view of their finances and leverage personalized digital money management tools to better understand, track, and manage their finances — saving consumers time, empowering them to make better financial decisions, and, ultimately, improving their financial strength. For financial institutions, it also includes informing product enhancements, improving credit models, and providing important data to inform policy changes and decisions. 

Consumers have been sharing their data for these types of use cases for decades. Restricting these secondary use cases could inadvertently harm consumers, stifle innovation, and create a larger competitive gap between large institutions with access to broader sets of data and smaller institutions. 

It's impossible to provide valuable, personalized experiences that help improve people's financial outcomes without intelligent analytics and modeling of consumer-permissioned secondary data.

The proposed rule as it stands today would likely prevent authorized third parties from using data in a manner that would benefit the consumer and support increased competition and innovation in the consumer financial marketplace. For example, most financial service companies use de-identified data to test their products (e.g., underwriting models) or develop new products. Allowing de-identified data in this instance also aligns with how de-identified data is used in other industries, including HIPAA and FTC data privacy guidance.

We believe enabling the benefits of secondary use cases do not need to come at the expense of consumer privacy. 

MX supports the imposition of reasonable data use limitations on authorized third parties as a condition of obtaining data through a developer interface. For example, MX never sells consumer-permissioned data, and believes all authorized third parties should be required to abide by that limitation. Likewise, MX agrees that consumer-permissioned data should not be used in a manner that harms the privacy interests of the consumer. Finally, MX agrees that third parties’ use of consumer data must be disclosed to the consumer and consented to by the consumer.

The promulgation of this rule should augment and enhance the current benefits that consumers receive through data-driven technology today — and not reduce current access or scope. Complying with the new rule, while upholding existing functionality, will be critical to ensuring consistency — and reducing harm — for consumers.

Data is the fuel that drives value for people and the companies that serve them. If a consumer chooses to share their financial data in order to gain a better experience, we have a responsibility to use that data to drive the best results possible for them. 

This can mean everything from simply translating raw transaction data into clear information about their transactions to leveraging that data to recommend additional products and services to support their needs. In fact, our own consumer research has found that most U.S. consumers (54%) want financial providers to leverage the data they have about them to personalize their experience. And, 48% of respondents to this 1,000+ survey of U.S. adults say they would give their financial provider access to more of their data if they knew it would result in a better experience. 

Bringing Clarity through Data Enhancement

Data enhancement services, like those provided by MX, enable increased visibility, clarity, and transparency into a consumer's financial history. To illustrate, perhaps one of the most significant benefits to consumers that the proposed rule would facilitate is the use of consumer-permissioned data in lending decisions, such as a lenders’ ability to use rental receipts for thin file consumers in credit decisioning. Rental payments are typically reflected in a consumer’s deposit account transaction history but may not be visible to a third-party underwriter without data enhancement that clearly identifies those payments as payments of rent. The data enhancement is therefore critical to the lender’s underwriting decision and should therefore be considered “reasonably necessary” to the lender’s product or service.

In addition, our research has shown that nearly 1 in 4 consumers see transactions on their account that they don’t recognize at first glance at least sometimes or more frequently. This rises to nearly half for younger generations (43% for Gen Z). Indecipherable raw transaction data that comes across as a string of characters with no context can lead to frustration, confusion, and even false reports of fraud for consumers. Data enhancement services help bring clarity and deliver transaction data in simple, human-readable descriptions, making it easy for consumers to identify, organize, and act on financial data.

Finally, with the clarity and insights that data enhancement can deliver, we can also help combat the increasing amount of data exhaust for both organizations and consumers. While the trail of data exhaust that every transaction generates can contain valuable information, it requires cleansing, categorization, and context to ensure that the right data is surfaced to drive value for the consumer. 

Leveraging De-Identified Data for Consumer Benefit

The CFPB should permit the use of de-identified data by authorized third parties, subject to the continuing prohibition on selling such data and the obligation to maintain adequate data security. MX agrees with the SBREFA Panel's recommendation that the CFPB should consider options that would permit uses of data (including de-identified or anonymized data) for product maintenance or improvement, with appropriate consumer protections in place.

Permitting the use of de-identified data will benefit consumers by enabling third parties to provide them with increased insights about their spending at a category level, budget visualizations, cash flow projections, debt reduction strategies, investment return visualization, and spending plan recommendations.

The CFPB should also permit the use of de-identified data to generate infographics, market research, and marketing materials, as well as improve product development and enhancements and platform stability. For example, financial institutions use de-identified data to enable insights for consumers for such things as cash flow projections, financial wellness trend analysis, engagement campaigns, cross-sell opportunities, and segmentation analyses.

Broadening Access and Awareness of Financial Products and Services

While MX does not market or cross-sell products to consumers, third parties should be permitted to use authorized data to market other products to their own consumers. Likewise, data providers that identify beneficial products for their customers through a combination of their own data about the customer and data obtained from third parties (with the consumers’ permission) should be permitted to market products to their own customers based on a complete understanding of the customer’s financial well-being. 

Many consumers may benefit if authorized third parties, with an understanding of the consumer, are able to offer products or services that compete favorably with products or services the consumer currently uses, or to offer new products or services that will advance the consumer’s well-being. Concerns with unwanted cross-selling can be solved by ensuring authorized third parties provide an independent opt-out for such use.

Opt-In vs. Opt-Out Approach

We previously shared that there is significant market precedent showing an opt-out approach as sufficient for the majority of existing secondary use cases. And, there is also evidence that consumers will adapt to any opt-in regime to reduce friction (e.g., GDPR cookie compliance),

thereby defeating the purpose of informed consent. However, we noted that any opt-out functionality should be explicit and narrowly tailored to address specific concerns and subject to the overriding rule that data reasonably necessary for providing the product or service is always permissible to use.

CONCLUSION 

Data-driven insights enable not only consumers to thrive but also competition and innovation. With better insights and personalized recommendations, consumers can better understand and take control of their finances to reach their goals. And, actionable financial data intelligence for data providers and data recipients fuels access to better products and services across the financial industry, ongoing technology innovation, and more. 

However, in order to deliver on the insights that consumers want, expect, and need, financial services providers need to be able to leverage consumer-permissioned data for more than just providing transaction histories and account information. 

Restricting well-established and beneficial use cases like the ones we’ve outlined above will result in unintended consequences that are in direct conflict with the CFPB’s core objective to create an open banking framework where consumer rights, innovation, and a competitive marketplace are hand in hand.