Plaid, Royal Bank of Canada reach data sharing agreement

Royal Bank of Canada and the data aggregator Plaid announced an access agreement Tuesday regarding how the two handle the financial data of RBC customers who connect their bank account with thousands of applications such as personal finance apps.

The agreement means Plaid will replace its practice of screen scraping RBC data — an approach that has gotten the fintech into legal trouble — with an application programming interface (API) connection to the bank. With customers’ permission, RBC will now grant Plaid digital tokens the fintech can use to access the bank’s machine-readable data portal.

The switch will not significantly change the user experience of RBC customers who use Plaid, but it will grant users better privacy controls and information security. The two parties will implement the agreement over the coming months, and once the shift is complete, Plaid will no longer save customers’ passwords.

More broadly, the agreement by Canada’s largest bank by net revenue and capitalization could become a model for competitors, according to Ginger Baker, head of financial access at Plaid.

The agreement could also influence Canada’s ongoing efforts to grant citizens greater ownership of their banking data. The Canadian government has said open banking would “increase consumer choice and improve financial outcomes for Canadians” by allowing them to, among other possibilities, sync their financial data across applications securely via APIs.

Some countries have rules that call for secure data sharing, including the United Kingdom, which established its open banking rule in 2018. Much of Europe also has them.

With Canada’s largest bank now supporting API-based data access for Plaid, the country’s data sharing environment could start to look more like that of the U.S. According to John Pitts, Plaid’s global head of policy, more than half of the fintech’s U.S. traffic today happens via APIs rather than screen scraping.

U.S. regulators have been considering open banking rules for years. The Consumer Financial Protection Bureau made an advance notice of proposed rulemaking in November 2020 concerning standards around consumer-authorized access to financial data. The bureau said in May this process “will give consumers access to their own data.”

In a July 2021 executive order, President Biden encouraged the director of the CFPB to revisit the rulemaking efforts, saying it would allow consumers to “more easily switch financial institutions and use new, innovative financial products.” In September, the Congressional Research Office reported that such a rule “could facilitate competition and innovation in consumer financial services.”

Observers do not expect the CFPB to finalize a rule until 2023. In the meantime, Mike Holly, executive director of deposits and retail payments product management for USAA, encourages banks that have not already embraced open banking to do so.

“Build your road map now, because what you'll probably find is that, if you're not already behind, if you wait for the regulatory environment to catch up to you, you're going to be waiting and waiting,” Holly said. “Just keep moving.”