There have been tensions between the financial industry and fintechs as they continue fighting over who has the right to access bank clients’ data, Bloomberg reports.
Some fintechs ask their users for their bank login and password to be able to access their data and provide services or use services of companies that gather data from banks, for instance, Plaid. Banks believe it can lead to privacy violations—not all companies are equally trustworthy.
Besides scammers, users' data might be in danger of improper storage, possible hacks, or it can be sold to third parties without prior consent. Although in case of a hack, fintechs would be found liable, banks do not believe startups have sufficient funds to cover the losses.
For that reason, banks are continually deciding to offer stricter regulations to fintechs—and threaten them with blacklisting if they don’t comply. Banks are resorting to using API to safeguard what kind of data startups can access and how often. Without access to users’ bank records, however, many fintechs simply won’t be able to provide their services.
According to Sima Gandhi, Plaid’s head of business development and strategy, “Giving consumers the ability to safely permission their data so they can use these services isn't just a nice to have, it's an imperative.”