The CFPB’s new rule under Section 1033 of the Dodd-Frank Act sets obligations for data providers controlling consumer financial data, excluding those with under $850 million in assets. Requirements include making covered data electronically available, offering a developer API for authorized third-party access, maintaining performance standards, providing API documentation, reporting denials, and publishing performance data. While consent management is optional, best practices encourage tools for consent capture, revocation, and renewal. MX supports compliance with FDX-standard APIs, analytics, consent dashboards, performance monitoring, and implementation guidance.

Join for free to read