New Battle Pits Crypto Against Banks in Battle for Customer Data. But Can Everyone Win?

Anybody who ever signed for their first credit card in college knows the type of stranglehold that banks place on your personal data. So much so, it feels like it might be easier to move houses than banks.

In an effort to make this transition easier, last year the Consumer Financial Protection Bureau (CFPB) created a rule that would require banks to send customer data to any other company, for free. However, the banks pushed back and under the Trump administration they originally got an ally in the CFPB who planned to vacate the rule entirely.

This created a firestorm in the industry, and while the original rule is not coming back, an expedited process to create a new one is about to commence. But despite the strong feelings involved in this fight, I was wondering what common ground existed that could create a happy ending for all.

It turns out that there is more than I thought.

Today’s newsletter is brought to you by Mantle

Mantle is building the Blockchain for Banking — where TradFi meets Web3. Explore real-world financial tools, powered fully on-chain.

New Battle Pits Crypto Against Banks in Battle for Customer Data. But Can Everyone Win?

Banks now want to charge fees for crypto exchanges and fintechs to access user data. Here’s how this fight might get resolved.

For as big as crypto has grown, especially under the Trump administration, it still has a major Achilles heel — its reliance on the very banks that it is trying to disrupt to let customers move funds onto exchanges.

And now, as the crypto industry has grown to be a $4 trillion industry, this marriage of inconvenience is reaching a breaking point. Buttressed by a gutted Consumer Financial Protection Bureau (CFPB) embracing the ideals of small government, the banks fought a rule from the CFPB presented last October that would force them to share customer data with fintech companies, including crypto firms, entirely for free.  

In the words of crypto billionaire Tyler Winklevoss, JPMorgan wanted to charge fees for access to this data that would “bankrupt fintechs that help you link your bank accounts to crypto companies like @Gemini, @coinbase, and @krakenfx so you can easily fund your account w/ fiat to buy bitcoin and crypto.” Arjun Sethi, co-CEO of crypto exchange Kraken, also said on X, “This is not a one time policy update. It is a structural shift that tells us something fundamental about where the legacy system is headed.”

Until recently, it appeared that JPMorgan CEO Jamie Dimon and his brethren would get their way, as the CFPB agreed to vacate the rule in question in May. In a court motion the CFPB said, “After reviewing the Rule and considering the issues that this case presents, Bureau leadership has determined that the Rule is unlawful and should be set aside.”

But, in a stunning reversal the administration backtracked on July 29th, when it said in another court filing that “In light of recent events in the marketplace, the Bureau has now decided to initiate a new rulemaking to reconsider the Rule with a view to substantially revising it and providing a robust justification.”

A new and expedited rulemaking process is about to commence that will seek to answer key questions such as who actually owns user data, the banks or customers, and reset the strained relationship between banks and crypto firms on stable terms. How might it get resolved?

The Legacy of Dodd-Frank

Today’s battle originates in the aftermath of the Great Financial Crisis of 2007-2008. As part of the cleanup, President Barack Obama signed the Dodd-Frank Wall Street Reform and Consumer Protection Act into law in 2010. 

This massive piece of legislation contained Section 1033, which said, “Covered persons (such as banks and financial service providers) must make available to consumers, upon request, information in the control or possession of the covered person concerning the consumer's financial products or services.”

But these 33 words left a lot open to interpretation, so, like many other regulators, the CFPB went to work on transforming the provision into formal guidance that entities could follow. 

This guidance was formally codified in the CFPB’s Rulemaking on Personal Financial Data Rights (Section 1033 of the CFPA) on Oct. 22, 2024, which “Requires banks, credit unions, and other financial service providers to make consumers’ data available upon request to consumers and authorized third parties in a secure and reliable manner; defines obligations for third parties accessing consumers’ data, including important privacy protections; and promotes fair, open, and inclusive industry standards.” 

But most importantly for the banks in opposition, page 7 of the rule “prohibits fees or charges related to consumer and third party data access.” This aspect in particular is what the banks oppose. A chief lobbying group for the banks, the Bank Policy Institute, highlighted in a legal brief on July 29, 2025, that there is nothing in Section 1033 of Dodd-Frank that requires banks to provide data access for free. “If you're going to have major FinTech companies paying bank systems billions of times per month, there are costs associated with that on the bank side. There should be a cost associated on the FinTech side to help cover those requests,” said one bank lobbyist, who requested anonymity, in an interview with Unchained. 

Fintechs, both crypto and traditional firms alike, disagree, fearing that if banks are able to charge fees, it could lead to anti-competitive behavior from the banks instead of providing neutral data access in the spirit of the law. “Our concern also is that without this rule in place, we would begin to see some anti-competitive behavior in the marketplace,” said Miranda Margowsky, head of communications at the lobbying group Financial Technology Association. “Perhaps [in the form of] throttling of data access, slowing down disconnection from apps.”

This could have the tangible effect of choking off crypto exchanges from dollar deposits sent by their customers from banks. Virtually every major exchange works with data aggregators such as Plaid or MX to facilitate these transfers. If they become too expensive, the exchanges could decide to limit which banks to accept deposits from, customers could see delays in having their deposits sent to exchanges, or they could pass on higher fees to deposit fiat into crypto exchanges to those customers.

Shifting Tides

The industry is already starting to see the impact of a world without such a rule in place. On July 30, JPMorgan announced a multilevel partnership with the crypto exchange Coinbase that will facilitate direct bank-exchange connections via application programming interfaces (API). “Through JPMorgan’s secure API, Chase customers will be able to seamlessly link their bank accounts to Coinbase wallets,” said the announcement.

The announcement did not mention whether data would be shared with Coinbase for free, and neither entity responded to a request for comment on the partnership. But if the country's largest bank and crypto exchange can arrange a bilateral deal, it is sure to raise fears of potentially anticompetitive behavior.

In fact, Coinbase seemed very aware of the awkward optics in light of the debate, with its Chief Operating Officer Emilie Choi posting on X that this deal does not mean that the exchange is not supporting the industry’s fight for open data. In the crosshairs specifically are data aggregating firms like Plaid, which sit in the middle of the banks and exchanges to help customers link bank accounts to crypto platforms. “Excited to provide more options for our customers to access crypto in partnership with @chase! We're adding more options for consumers, not replacing [sic]. Our primary partner continues to be @Plaid whose efforts on open banking we deeply support.” 

Another wild card is the fact that the banks and the crypto industry are at odds over another issue grinding its way through the Trump administration: Operation Chokepoint 2.0, the industry’s contention that banks discriminated against the industry at the behest of banking regulators. According to a leaked memo Tuesday reported by the Wall Street Journal, the White House wants the banks investigated for alleged discrimination against crypto and conservative-leaning businesses. 

Although the CPFB rule change will likely be wrapped long before the debanking investigation, the debanking cause is personal for President Trump. “The banks discriminated against me very badly,” he said in an interview with CNBC on Tuesday morning. Could that sway his administration further against the banks when it comes to the data fee issue? 

What Comes Next

One expert believes that a substantive rulemaking process will have to start with the administration moving off of its position that any open banking rule is illegal, meaning that no version of the recent bill would be acceptable. “The position that they [the administration] took in court previously was that the CFPB did not have the authority to require banks or other holders of data to share that data with third parties who were authorized by the consumer to receive the data. If they adhere to that legal position, it's not clear what this new rule making amounts to,” said David Silberman, a former associate director at the agency. “They would have to reconsider their legal position regarding the scope of the CFPB’s authority. And the motion doesn't make clear whether that's what they're planning to do.”

But, if or when that occurs, both sides already agree on multiple ways data can be shared. Silberman articulated some of these in saying that the rule “needs to clearly define what data must be made available, to whom such data needs to be made available, and procedures to determine authorized parties and how often the data will be available.” 

These can be tricky issues since financial entities such as Venmo or Plaid need to ping bank APIs for many reasons other than direct customer requests to perform tasks such as anti-fraud monitoring. Banks frequently claim that fintechs abuse these data and initiate data requests that do not come from customers, though these companies push back. “It's not like there's some invisible boogeyman that is moving through the internet hoarding data to sell in midtown for a dime bag,” said a representative of one prominent data aggregator.

Liability adjudication is another key issue. “When something goes wrong, one of the things that the [original] rule did very poorly was indicate who should be responsible,” said the banking lobbyist. “In a lot of cases, banks were left on the hook when a FinTech had a data breach, which to us was entirely unacceptable.”

But the bigger debate will still come down to fees. Multiple sources on both sides of the debate admit that supporting these APIs does cost the banks, even though it is difficult to pin down an exact number. Silberman suggested that a point of compromise could be a type of nominal one-time fee to cover connection and maintenance costs. “There's clearly some cost [for the banks]. I don't know that it's an enormous cost. Reasonable people can disagree as to whether a cost recovery fee should be permissible,” said Silberman. 

A former executive at Plaid agreed. “You could say that for every new customer or app, there's some kind of integration or one-time infrastructure fee to pay for the additional capacity. But this is economies of scale, and API calls are not that expensive. If it's the bank's existing data sets, it feels a little crazy to be charging for API calls in my mind.” 

Even some fintechs are sensitive to the idea of paying some fees to compensate banks as a way to bury the hatchet. “There could be a world in which the fees make sense, you know what I mean? Then the bank's feeling like they're [not] losing out on this new normal of how people want to manage their money,” said a representative from one aggregator. “The reality is if there's an outcome to this that the banks view as baseline negative, then they're always going to be thinking about ways that they can circumvent the rule or get rid of it. And it just creates a lot of thrash in the industry.”

The White House and CFPB did not respond to requests for comment on the rulemaking process.

Related content: 

• Trump’s Latest Initiative to Undo Operation Choke Point 2.0 Is on Hold

• Major Bank Regulator Removes Key Rationale for Blacklisting Crypto Industry

• Trump Says He Is Ending Operation Choke Point 2.0