What Do We Do If The CFPB Is Gutted?

It’s been a whirlwind at the CFPB over the last three months, so you’re forgiven if you haven’t kept up with the developments. Here are the effective bullet points, to catch you up:

1. The Trump administration and Musk’s DOGE were given permission to make "reasonable" cuts at the CFPB.
2. The following day, as fast as possible, they announced they were laying off something like 90% of the CFPB’s workforce.
3. A judge froze the administration’s cuts, arguing that an 85% workforce reduction was probably not a reasonable cut - employees of the CFPB corroborating that the agency would be effectively unable to operate following the cut.
4. Today (April 29), that same judge will have a 2-day hearing to determine what cuts can actually be made to the CFPB.

With that back-and-forth ironed out, you’re caught up, if you weren’t before. The natural question that arises from these events is, will the CFPB still be effectively operating in a week’s time?

For a few years, everyone in the financial tech industry who we talk to has had at least one eye on CFPB 1033, which mandates that consumers be given more visibility and access to their personal financial data. For vendors like FinGoal, we’ve crafted our product offerings to comply with 1033. More broadly, organizations like FDX have spent years creating protocols for open banking to build and concretize an infrastructure that allows users broader access to their data.

A lot of us have thought about user data ethics in finance for a long time; but the announcement of CFPB 1033 was the lit fire that inspired a number of larger FIs to prioritize data access initiatives. So now, there’s some concern that a gutted CFPB will cause the FIs to lose steam and de-prioritize consumer data access since it may no longer be enforced.

First: Gutting the CFPB is a Bad Idea.

I won’t disguise that I, an engineer who has worked in financial tech for most of my career, believe that gutting the CFPB is a very bad idea. At best, it is another example of DOGE’s inability to distinguish real government work from waste; at worst, it is a calculated assassination designed to remove an oversight agency, to enable morally-unmotivated FIs to engage in dubious, but sometimes profitable, practices again. In general, the gutting seems to follow an established pattern. DOGE’s creed seems to be: Get rid of any business motivation other than profit, and hope everything irons out ok.

Someone should remind them why the CFPB was established.

Second: Data Accessibility for Consumers is a Really Good Idea

I don’t know where we lost the thread on this, but: A consumer’s data really ought to belong to the consumer, at the end of the day. Almost everyone in the financial tech space is making money off of borrowed data, as far as I see it. We use consumer data for marketing. We use it in aggregate to characterize consumer spending trends. Each and every one of us in fintech is keenly aware that consumer financial data is valuable—if it wasn’t, we probably wouldn’t have squirreled it away to begin with, right?

Right now, most consumer banking applications don’t offer a kickback to their users when that user’s data proves valuable - I don’t expect that most ever will, to be honest. But if we’re borrowing the data from our users, for free, with no intention to pay them back in full for the data’s value, we owe them, at the bare minimum, the ability to see what data we’ve collected.

For those of you as-yet unconvinced by this rosy dream of user independence, open data is good for the industry at large. Anyone who has worked extensively with financial data aggregation will tell you that it’s a mess. It’s a mess precisely because user data isn’t easily accessible. A number of FIs still require that a screen-scraper navigates to their digital banking website, logs in with stored credentials, and scrapes the transaction data out of the GUI. This process is inefficient, wasteful, costly, and insecure when compared to the same result garnered through a network of M2M calls between FI-hosted and FDX-standardized APIs.

CFPB 1033 wasn’t a mandate from the government that was going to cost the financial industry money; it was a mandate from the government that would save the financial industry money. As government mandates go, that one’s pretty supportable. Open banking means efficient, least-privilege, secure, cost-effective data sharing.

Keep the Course.

Maybe the CFPB is gone in two weeks, or gutted so extensively that it’s no longer effective. Maybe that means Open Banking will slow down in the coming years. But I hope it doesn’t. I hope that the financial industry has been sufficiently convinced that CFPB 1033 was a great idea for everyone, FIs and their consumers all.

So, on 1033, I urge everyone to hold the line, keep the course, and continue to consumer data more accessible. It is good for everyone.

To end on a broader note, however: Make no mistake, the hamstringing of the CFPB is designed to allow those institutions who would take advantage of no regulation to do so. If you’re an FI or a consumer reading this, my warning is the same: Keep a sharp eye out. No CFPB means that the predators will be out hunting again.

And if you’re reading this from inside the finance or financial tech industry, I emphasize my call for vigilance. In 2009, financial institutions taught the world that if they were unregulated, they would hurt people. Morally, ethically, everyone in the finance industry who doesn’t want to see 2009 recur has an obligation to keep a sharp eye out for FIs that are using the CFPB’s gutting to their advantage - especially if what they’re doing could hurt consumers.

If the government won’t regulate us, we’re going to have to regulate ourselves. Because that always works out well, right?

‍