Overview

• The CFPB asked a federal judge in Kentucky to vacate its Section 1033 rule after concluding the mandate exceeded its legal authority.
• Banking groups sued on grounds that the rule lacked proper cost–benefit analysis and threatened consumer privacy and market competition.
• Banks are advancing open banking projects using the Financial Data Exchange API standard to meet rising consumer demand for seamless data portability.
• Institutions are bolstering security with token-based APIs, rigorous third-party access monitoring and stronger authentication protocols.
• Liability for open banking breaches remains unsettled as existing EFTA and TILA protections apply and lawmakers weigh clearer allocation frameworks.