Privacy & Data Protection

Personal financial information is invaluable and the financial industry is committed to ensuring the safety of the clients we serve at every turn.

A federal privacy and data breach standard is necessary to best protect the personal financial data of all Americans.

SIFMA members are subject to many federal and state privacy frameworks intended to protect non-public personal financial information. These laws and regulations strictly govern the use, sharing, and security of client information, as well as data breach procedures. This web of privacy and data protection laws and regulations should be enhancing customer protection, but often, they can often cause customer confusion and inconsistent treatment of customers based on where they live and what entity held their information.

State and federal laws and regulations may conflict and cause financial institutions to comply with those conflicting regimes, further adding to the confusion and inefficiency. Adopting a federal preemptive standard for privacy and data breach would greatly improve customer protection by minimizing confusion and inequality.

Personal data aggregation applications may present additional risks and challenges for clients.

Clients have the ability to aggregate personal financial information on third-party platforms to assess their financial position. This data aggregation creates valuable opportunities for clients but also has the potential to put their data at risk if it is misused, mishandled or misappropriated.

Technology is playing an ever important role in how and where we serve clients by facilitating new opportunities for engagement and personal financial data management– something they want, and something we are in the best position to provide. The pace of innovation and change is incredible and brings the greatest access to information we’ve ever seen. As well, investors love transparency and access, which coupled with price and value, are the future of this industry.

As we continue to grow the digital economy, personal data is the most important currency there is, and as an industry, we have a responsibility and obligation to protect it. Together, we can propose and build consensus for incorporating investor data protection into developing industry protocols and technology for data aggregation.

SIFMA is coordinating a broad-based industry effort to protect a customer’s financial information, with a focus on investors’ right to securely access their own data. We have created a set of industry-wide Principles, focusing on access; security and responsibility; transparency and permission; and scope of access and use, for protecting, sharing and aggregating customer financial information. SIFMA has also introduced consumer resources for our members to help consumers better protect their data and discuss this important issue with their clients.

Securing financial data sharing in a connected world

SIFMA is a founding member and serves on the Board of the Financial Data Exchange (FDX), a subsidiary of FS-ISAC tasked with developing technical solutions for secure data aggregation.

FDX was established so that consumers and businesses could have easier and more secure access to their financial data. Through FDX’s Durable Data API (DDA) and technical frameworks, FDX is unifying the leading financial institutions and others in FinTech around a common API technology standard that would allow for more secure information sharing.

Join FDX today- tiered membership opportunities are available to any interested parties within the financial data ecosystem. FDX exists as an independent subsidiary under the umbrella of FS-ISAC, whose mission is to ensure resilience and continuity of the global financial services infrastructure.

Important external resources

All Submissions Content

Back to Privacy & Data Protection