A coalition of fintech and security compliance companies, including Plaid, MX, and Flinks, is establishing a framework to enhance the protection of consumer financial information.
Data aggregators like Plaid, Flinks, and MX have faced ongoing challenges related to customer data security in their interactions with banks. The Open Finance Data Security Standard (OFDSS) aims to tackle these issues by outlining a set of requirements that address the security risks commonly associated with emerging fintech companies that handle sensitive financial data.
Plaid has recognized that existing data security standards do not adequately accommodate modern, cloud-native delivery models or the resource constraints faced by early-stage companies. The OFDSS encompasses 63 specific security requirements spread across 12 control domains to manage typical data security risks encountered by nascent digital finance companies. Feedback is currently being solicited, with plans to begin implementing the standard in the latter half of 2022.
Security compliance firms Drata, Laika, Secureframe, and Vanta are collaborating on this framework to support companies aiming to meet its requirements.
Shano Fonseka, head of risk at Plaid, stated, “The industry is rallying around OFDSS because it will help raise the bar for data security in the fintech ecosystem at a time when the pace of innovation is accelerating. It provides a robust framework that assists fintechs in enhancing security while fostering innovation, instills confidence in banks regarding the firms connecting to their APIs, and most importantly, protects consumers.”