RealClearMarkets
By: Charles Sauer

The 2010 Dodd-Frank financial “reform” bill may be tied with Obamacare as the most destructive piece of legislation passed between 2009-2011, when Democrats controlled the White House and both chambers of Congress. The legislation codified the “too big to fail” doctrine and imposed costly regulations on the financial sector. These regulations hit small banks the hardest, causing many of them to merge with big banks and thus increasing concentration in the banking industry. If that weren’t bad enough, Dodd-Frank also created a new federal regulatory agency: the Consumer Financial Protection Bureau (CFPB).

The CFPB’s mission is to “promote fairness and transparency for mortgages, credit cards, and other consumer financial products and services.” The CFPB is funded by the Federal Reserve, so it does not have to go through the congressional appropriations process. This funding mechanism was created to insulate the CFPB from being accountable to Congress. One of the regulations the CFPB is charged with enforcing is Section 1033 of the Dodd-Frank Act. Section 1033 directs “covered persons”—defined as “any entity offering consumer products or services, including banks, credit unions, and financial products or services”—to ensure that consumers have access to “information regarding transactions, accounts, and related data available to the consumer upon request.” Section 1033 also labels as covered persons financial technology companies, also known as fintechs, such as Visa, PayPal and Block (owner of Cash App).

However, under President Biden, the CFPB drafted a rule enforcing Section 1033 that forced private financial institutions to turn over their customers’ data to private companies including fintechs and data aggregators (companies that collect data from multiple sources and aggregate them into an ordered and accessible format). The rule also required “covered persons” to provide this data to these businesses free of charge. Of course, the covered persons will find a way to make their customers pay for this subsidy to fintechs, data aggregators, and other businesses. Even worse, the rule allows fintechs and others to obtain consumer data without adopting adequate safeguards to protect against data breaches—making these consumers vulnerable to data theft, identity theft, and fraud.