The Trump Administration Should Harness the Power of Fintech. Here’s How.

Steve Boms is the Founder and President of Allon Advocacy, LLC, a financial technology consulting firm, and the Executive Director of the Financial Data and Technology Association of North America, a trade association representing more than three dozen financial technology companies.

With President Donald Trump’s inauguration to a second term in the White House this month, many industries and pundits anticipate a decidedly deregulatory bent to federal policy over the next four years. To be sure, the president-elect has criticized any number of rulemakings and executive actions during the Biden administration, and pledged on the campaign trail to “dismantle federal bureaucracy,” and “slash excessive regulations.”^[1] While many in the financial sector are no doubt eager to see rollbacks to any number of agency rules, from Biden-era ESG disclosure requirements for publicly-traded companies to more stringent bank liquidity ratio proposals, business favors certainty, and a wholesale deconstruction of the financial regulatory apparatus won’t make America great again. 

America’s regulatory framework in financial services is a complex, oftentimes ambiguous, patchwork of law, rules, interpretations, and guidance formulated over decades with its roots in the aftermath of the Great Depression. In recent years, as technology has driven innovation across every corner of the financial services industry, the country’s financial regulatory environment – cobbled together in a piecemeal fashion over almost 100 years – has become so rickety that it must be updated. But that same rickety structure means it will require serious care and thoughtfulness to meaningfully improve, rather than collapse like a Jenga tower. This reality isn’t a cause to tear the whole thing down and build anew. Instead, the next iteration of financial regulators should use a chisel rather than a jackhammer to make America’s financial regulatory apparatus fit for purpose for the 21^st century and more embracive of innovation and technology. 

Fortunately, the incoming administration won’t be starting from scratch. In 2018, the first Trump administration’s Department of Treasury released a report outlining proposals to create economic opportunities in a financial system that harnesses the power of fintech.^[2] Some of these proposals have advanced, either partially or in whole, in the intervening six-and-a-half years, while others haven’t. To modernize the financial regulatory ecosystem, and to unleash the incredible power that technology has to meaningfully improve consumer and small business financial outcomes, the Trump-era regulatory agencies should pick up and run this existing playbook:

Promulgating a Consistent, Clear Bank-Fintech Third-Party Risk Management Framework

The prudential regulators’ third-party risk management guidance, which dictates the conditions under which a financial institution and a fintech may partner with one another – or even simply when and how a consumer may share the balance or transaction data held in their bank account with a fintech of their choosing – has always been something of a bureaucratic magic mirror. Ambiguous and deliberately left open to interpretation by each individual financial institution (and its examiner), a bank may see in it what it chooses to see. Whether it be for deposit-taking, data sharing, lending, payment facilitation, or any number of bank-fintech arrangements, the agencies’ TPRM guidance dictates the regulators’ expectations of the bank, which the bank then passes on to the fintech. While intended to limit potential risks to federally insured institutions who partner with nonbanks, the latest TPRM guidance published last June is so vague, and provides so many obstacles for banks partnering with fintechs to comply, that former FDIC Chair Jelena McWilliams bluntly concluded, “I don’t think the current set of regulators really want banking-as-a-service and third-party partnerships to blossom.”^[3] That’s a serious problem, and fixing it should be a priority for the next class of regulators. 

The FDIC, OCC, and Federal Reserve must course-correct. Bank-fintech partnerships have spurred innumerable consumer and small business benefits over the last decade and beyond. If you’ve sent or received a peer-to-peer payment, paid your utility bill or a merchant by bank, used a personal financial management tool, utilized an accounting, tax preparation, or automated savings tool, or taken advantage of any number of technology-powered financial applications that have become commonplace in recent years, you have benefitted from a bank-fintech arrangement. Unfortunately, the current prudential regulatory approach to these relationships can best be described as “death by a thousand cuts.” In addition to the June guidance referenced earlier, the agencies have also recently published a request for information to scope additional risks posed by such arrangements, even while the FDIC has proposed two additional, separate rules that have the potential to materially limit the proliferation of innovative financial applications.^[4]

The prudential agencies’ TPRM guidance even nonsensically applies when no actual partnership exists between a fintech and a bank. The CFPB recently finalized a rulemaking under Section 1033 of the Dodd-Frank Act. The core of that rule is the notion that a consumer has the legal right to direct their financial institution to share elements of their financial data – say their current account balance or last six months of transactions – with a fintech in exchange for a product, service, or tool that relies on access to that data to function. The CFPB’s rule requires that a bank comply with its customer’s data access request so long as the fintech meets certain data security, disclosure, and privacy requirements. But even though no arrangement, contractual or otherwise, may exist between the bank and the fintech, the agencies’ TPRM guidance still looms large, allowing the financial institution to potentially override both the CFPB rule and its customer’s direction to share their data. 

President-elect Trump’s nominees to lead the prudential regulatory agencies have the opportunity to meaningfully improve this landscape and to provide significantly more clarity for thousands of banks and fintechs as well as the millions of Americans who rely on fintech applications to power their finances. Clear, unambiguous TPRM guidance that is consistently applied, and that excludes data being accessed under the terms set forth by the CFPB’s open banking from its purview, would substantially unlock innovation in the financial sector. 

Building on the Consumer Financial Protection Bureau’s “Open Banking” Rule

The CFPB, a political lightning rod since its inception, has seen consistent bipartisan support for its recently-finalized open banking rule implementing Section 1033 of the Dodd-Frank Act. The decision to formally begin the rulemaking process was made by former Director Kathy Kraninger during President Trump’s first presidency. While finalized under current CFPB Director Rohit Chopra, the first steps toward the rulemaking were taken in 2016 by former CFPB Director Richard Cordray, who was appointed by former President Barack Obama. And the final rule published in October, informed by years of public comment and consultation with industry, was heralded by lawmakers on both sides of the aisle, including House Financial Services Committee Chairman Patrick McHenry (R-N.C.).^[5] To facilitate a more competitive and innovative financial sector, policymakers should contemplate Director Chopra’s final Section 1033 rule as the beginning, not the end, of open banking regulation. 

The Bureau’s just-finalized rule formalizes a legal electronic consumer data access right to Regulation E asset accounts, Regulation Z credit card accounts, and digital wallets. Despite calls from across a broad spectrum of stakeholders, from members of Congress to consumer advocates, financial institutions to fintech firms, the CFPB opted not to include public benefits data, payroll data, or the data held in a litany of other types of financial accounts under its open banking rule. This limited scope of the agency’s rule was a mistake, and one that the next leadership of the CFPB should correct. 

But, to radically drive forward innovation in the financial sector, the next leaders of the financial regulatory agencies shouldn’t stop there. Remember that 2018 Trump-era Treasury report? It not only called on the CFPB to finalize a Section 1033 rulemaking, but also recommended “that regulators such as the SEC, Financial Industry Regulatory Authority, Department of Labor, and state insurance regulators recognize the benefits of consumer access to financial account and transaction data in electronic form and consider what measures, if any, may be needed to facilitate such access for entities under their jurisdiction.”^[6] Consistent with that call to action, President-elect Trump’s nominees to lead the financial regulatory agencies should consider promulgating their own versions of open banking regulations that align with the framework recently established by the CFPB. After all, the average consumer doesn’t open up their phone to try to use a fintech tool only to consider whether the underlying account they're trying to connect is regulated by the CFPB, a prudential regulator, the SEC, or some other federal or state agency. They just want to have access to their data.

In 2024, the idea that a consumer has a legal right to access and share electronic access to the transaction data held in their checking account but not their EBT or brokerage account is asinine. From a macroeconomic perspective, the competition spurred by broad open finance frameworks in multiple other jurisdictions across the globe should be a wakeup call to U.S. regulators, who should heed the recommendation of the first Trump administration’s Treasury Department and get to work implementing a true open finance regime that bestows legal financial data access rights to consumers across the full range of accounts they rely on to manage their everyday lives. 

Right-Sizing Regulatory Oversight For Smaller Entities

The most scorned phrase in Washington, D.C. is “compliance burden.” Policymakers, both at the regulatory agencies and in elected office, have grown to associate these two words with industry bellyaching; an all-encompassing, non-specific argument from the business community raised in response to the latest proposal to regulate some aspect of their operations. But consider that fintechs often are competing directly with some of the largest, most heavily-resourced companies in the world, typically with thousands, tens of thousands, or even hundreds of thousands of fewer employees and significantly less funding. While the fintech community writ large has been vocal over the years in asking for clearer federal regulatory oversight across a number of fronts – in payments, in data access and usage – the objective reality is that smaller companies simply cannot bear the same supervisory and investigatory burdens as large financial institutions. 

The Federal Financial Institutions Examinations Council, a regulatory supergroup comprised of the Federal Reserve, the FDIC, the OCC, the National Credit Union Administration, and the CFPB, has for decades exerted direct supervision of fintechs it has deemed to be large technology service providers to financial institutions. The CFPB itself has begun to supervise data aggregators and, over the last two months, has granted itself the authority to itself supervise an ever-larger segment of the fintech industry.^[7] And, as we’ve already covered, fintechs must be responsive to the agencies’ TPRM exams of their bank “partners.”

The relative time and resources required by smaller entities to comply with the agencies’ investigations and supervision is massive. To be clear, I have never met a fintech founder who didn’t believe it appropriate that the regulators exert appropriate oversight over their platform in the name of consumer protection or bank safety and soundness. But CFPB investigations and examinations can last for the better part of a year or even longer. The loose definition of what constitutes a third-party “partner” under the prudential agencies’ TPRM guidance may leave fintechs in a never-ending cycle of bank “partner” TPRM exams. While policymakers inside the Beltway have rightly talked up the importance of boosting competition in the financial services ecosystem, smaller entities are becoming increasingly hamstrung by regulatory investigations and examinations. They are, in essence, competing with one hand tied behind their back. 

Right-sizing regulatory oversight for the fintech market should be a priority for the next class of agency leads. The CFPB should develop processes and procedures that appropriately scope its investigations and exams based on the size, activity, and risk profile of the entity it is examining or investigating and put an end to boundless investigatory demands. The prudential regulators should coordinate amongst themselves when conducting bank TPRM examinations to assess whether a particular bank “partner” has already provided evidence of compliance as part of another TPRM exam. This approach to fintech supervision and investigation wouldn’t increase consumer protection or safety and soundness risk one iota and would meaningfully free up critical resources across scores of smaller entities in the financial sector.

But Wait, There’s More

There are myriad additional opportunities for the next class of financial regulators to spur innovation and unlock the full potential of fintech. Congress passed The JOBS Act in 2012, but fintechs still routinely face delays in registering their securities with the Securities and Exchange Commission. (The agency must find a way to become nimbler to fully realize congressional intent.) Companies are taking significantly longer to go public, and more than 75% of employee equity in private companies granted via compensation under the SEC’s Rule 701 goes completely unrealized.^[8] (The SEC should consider amendments to Rule 701 to address this glaring inequity.) A more competitive payments ecosystem could meaningfully lower costs for consumers and small businesses across the country. (The CFPB and prudential bank regulators should remove barriers that enable pay-by-bank and other lower-cost payment options.) 

But the application of the prudential regulators’ TPRM guidance affects nearly every fintech in market in the U.S. today in one form or another. Expanding the legal financial data access rights finalized recently by the CFPB to additional accounts would unlock innovation and competition across multiple subindustries of the financial sector. More appropriately scoping the tenor and breadth of agency exams and investigations for smaller entities would free up massive additional resources for fintechs to innovate and compete. Prioritization of these critical policy changes would make America’s financial sector more competitive again, empower millions of Americans, and usher in a new era of financial regulation.

The opinions shared in this article are the author’s own and do not reflect the views of any organization they are affiliated with.

^[1]  See President-elect Trump’s social media post announcing the Department of Government Efficiency. 

^[2] “A Financial System that Creates Economic Opportunities; Nonbank Financials, Fintech and Innovation.” U.S. Department of the Treasury. Published July 2018.

^[3] “Third-party guidance could have ‘chilling effect’ on BaaS, former FDIC chair warns.” 

^[4]  One would classify the majority of fintech-enabled deposits to financial institutions as “brokered” while another would apply recordkeeping requirements to FBO accounts, including, for some reason, non-transaction settlements accounts used by fintechs only to facilitate customer-directed payments after the end user has initiated a payment towards a debt or for a purchase. 

^[5]  “McHenry Statement of CFPB’s Final 1033 Rule.”

^[6]  “A Financial System that Creates Economic Opportunities; Nonbank Financials, Fintech and Innovation.” U.S. Department of the Treasury, page 32. Published July 2018.

^[7] The CFPB in September 2024 finalized a rule providing itself the authority to supervise international money transfer applications and in November 2024 finalized a rule providing itself the authority to supervise certain non-bank payment platforms. 

^[8] “Don’t overlook the risk that comes with your employee stock options.”

Open Banker curates and shares policy perspectives in the evolving landscape of financial services for free.

If an idea matters, you’ll find it here. If you find an idea here, it matters. 

Interested in contributing to Open Banker? Send us an email at [email protected].