skip to main content
Experience List
DWT
  • Email Page
  • Create PDF
  • Print Page

Aggregator Center of Excellence for Financial Institutions

Why Data Aggregators Matter Right Now
Consumers are demanding more, faster access to their financial data. Consumer financial data aggregators and FinTechs are meeting that demand by taking data from banks and financial institutions by any means necessary, even if doing so imposes undue technological challenges and compliance risks on the banks and financial institutions providing the data.

To mitigate the challenges and risks presented by data aggregators, financial institutions are increasingly partnering with consumer financial data aggregators to provide access to financial records across various platforms. Enhanced regulatory scrutiny of data aggregation activities has created a need for experienced legal counsel to navigate the complex regulatory and contractual issues presented by these arrangements.

Suite of Aggregator-Oriented Services
DWT’s Consumer Financial Services group has assembled a team of lawyers to provide a suite of services within an Aggregator Center of Excellence for Financial Institutions, including:

  • Contract drafting and negotiation
    • Bank-aggregator and bank-FinTech agreements for data sharing via API
      • Data capture and distribution processes & restrictions
      • Data usage and sharing restrictions
    • Bank-aggregator and bank-FinTech agreements for marketing, including:
      • Product aggregation and lead generation
      • Pre-approved offers involving bilateral data sharing, access to credit reports, and real-time underwriting/decisioning
  • Regulatory advice
    • Due diligence evaluations of aggregator and FinTech partners at onboarding, and as aggregator program innovations are developed, for compliance with applicable law:
      • User experience reviews for compliance with: prevailing UDAAP standards; FCRA and GLBA data sharing and use restrictions; advertising rules governing various banking products; and other applicable laws and regulations
      • Data security program assessments
      • Third-party oversight requirements and audit programs
    • Product aggregator advertising program management – structure development and continuous oversight

Know the Regulatory Issues Presented by Aggregators
Product and data aggregation issues include:

  • Privacy and data security: Management of risks based on FTC, CFPB, and other precedent
  • Service provider oversight: Obligations based on regulatory guidance from the OCC, FDIC, Federal Reserve, and CFPB
  • UDAAP: Mitigation of risk from UDAAPs conducted by aggregators when presenting bank information (e.g., errors from data latency, misrepresentations regarding product attributes, or representations regarding the suitability of a recommended product for a particular consumer), including technical advertising requirements for credit cards and mortgages
  • Credit report use & fair lending: Technical FCRA and ECOA obligations when credit report data is used to determine creditworthiness and provide pre-approved or pre-qualified offers
  • Disclosures: Consumer-facing disclosures (and choice) regarding banks’ sharing of information with aggregators, and aggregators’ information sharing and use practices, under GLBA, FTC guidance on lead generators, and UDAAP principles, along with contractual provisions requiring these disclosures
  • Liability for unauthorized transactions: Regulation E liability for transactions that result from an aggregator breach or other misconduct
  • Regulatory advocacy: Advocacy before U.S. federal & state regulators, particularly the CFPB, as examinations or investigations are conducted and regulatory intervention under Section 1033 of the Dodd-Frank Act is considered
Consumer Financial Data Aggregation & the Potential for Regulatory Intervention - Read the Article