A group of fintech and security compliance companies, including Plaid, MX and Flinks, are setting up a framework designed to strengthen how they protect consumer financial information.
Data aggregators such as Plaid, Flinks and MX have long faced pushback from banks over customer data security.
The Open Finance Data Security Standard (OFDSS) aims to address this by setting out a host of requirements that address security risks commonly encountered by emerging fintechs that handle this financial information.
Plaid acknowledges that existing data security standards were not designed specifically for modern, cloud-native delivery models or the resource constraints of early stage companies.
OFDSS has 63 individual security requirements across 12 control domains that address common data security risks encountered by early-stage digital finance companies. Feedback is being sought ahead of plans to start implementing the standard in the second half of 2022.
Security compliance companies Drata, Laika, Secureframe and Vanta are onboard with the framework and will help firms looking to meet the requirements.
Shano Fonseka, head, risk, Plaid, says: "The industry is rallying around OFDSS because it will help raise the bar for data security in the fintech ecosystem at a time when the pace of innovation is accelerating.
"It provides a strong framework that helps fintechs improve security while enabling innovation, gives banks a level of confidence about the companies connecting to their APIs, and, most importantly, helps protect consumers."