WASHINGTON—In response to the CFPB's advance notice of proposed rulemaking on section 1033 of the Dodd-Frank Act, NAFCU s urging the Bureau to "avoid implementing section 1033 in a way that impairs a credit union's ability to protect its members' data from the risk of theft or abuse."
Section 1033 provides for consumer rights to access financial records. The ANPR was issued in October 2020.
In a comment letter, Andrew Morris, NAFCU's senior counsel for research and policy, said that "the Bureau must ensure that access to consumer financial records is predicated upon a fair distribution of costs, data security and data privacy responsibilities that does not overburden credit unions who already face competitive pressure and reduced bargaining power when interacting with larger technology companies."
NAFCU has previously recommended that the CFPB explore questions around permissioned data access by focusing on the security of consumers' information and should not create new data-collection burdens and costs for credit unions.