CFPB seeks to vacate ‘unlawful’ 1033 rule

The Consumer Financial Protection Bureau asked a federal court to vacate its 1033 rule on consumer data security and privacy, saying the rule is unlawful.

CFPB Filing: In a memorandum in Forcht Bank, NA v. CFPB, the agency said the October 2024 rule is unlawful under the Administrative Procedures Act because it exceeds the bureau’s statutory authority and is arbitrary and capricious. Therefore, the bureau said, the rulemaking should be set aside.

About the Rule: The CFPB’s rule implements Section 1033 of the Dodd-Frank Act, which requires covered financial institutions to make available to consumers certain data relating to consumers’ transactions and accounts upon request.

ICBA View: ICBA has long expressed concerns about the impact of the rule on consumer data security and privacy. While the rule included an ICBA-advocated provision exempting community banks under $850 million in assets from a provision requiring institutions to create and maintain a third-party developer interface, ICBA has repeatedly called on the CFPB to focus its implementation of Section 1033 on promoting data security at third-party entities.

Ongoing Advocacy: Addressing the 1033 rule is a key priority of ICBA’s “Repair, Reform, and Thrive” plan for the new Congress and Trump administration. ICBA’s Open Banking Guidebook details the rule as well as its advocacy efforts, including securing exemptions for community banks under $850 million in assets.

CFPB seeks to vacate ‘unlawful’ 1033 rule

NewsWatch Today Contacts

Independent Community Bankers of America

CFPB seeks to vacate ‘unlawful’ 1033 rule

NewsWatch Today Contacts

Related News

CFPB ends COVID mortgage protections

CFPB withdraws proposed rule on Regulation V

ICBA-advocated resolution scrapping CFPB overdraft rule signed into law

CFPB withdrawing more than a decade of guidance materials