Reviewed by Tisa Stone

Tisa Stone, Senior Content Writer at eCheckplan, has been crafting content in the payment processing industry for over seven years. With a background in fintech, payments, and merchant services, Tisa specializes in breaking down complex business payment topics into clear, actionable insights for business owners. In addition to writing educational articles, she contributes to content strategy and SEO planning for eCheckplan’s blog and resource hub.

Full Bio > Follow Follow

Learn about our Financial Review Board.

image

The Role of Open Banking in Payment Innovation

American businesses have been paying card interchange fees for decades. American consumers have been locked into their banks—not because they chose to stay, but because moving was genuinely difficult. American fintechs have been building products on top of login credentials and screen-scraped data because there was no better way to access the financial information they needed.

Open banking is in the process of changing all three of those realities. Slowly, unevenly, and with a regulatory saga that reads like a D.C. political thriller, but changing them nonetheless.

The U.S. open banking story is at a genuinely pivotal moment. The largest banks have just crossed the first formal compliance threshold tied to the CFPB’s Personal Financial Data Rights rule. The rule itself is simultaneously in effect, being litigated, and being rewritten. Market players — Mastercard, Visa, JPMorgan, Walmart, Plaid, and a long list of fintechs — are moving forward with real deployments regardless of what Washington ultimately decides.

This is the moment when American business owners, payment professionals, and financial decision-makers need to get clear on what open banking actually means, where the U.S. stands right now, and why sitting on the sidelines is becoming a costly position.

Table of Contents: —

The American Way: How the U.S. Built Open Banking Without a Mandate

Here’s something that often gets lost when people compare the U.S. to Europe or the U.K. on open banking: the United States has been doing open banking for years; it just didn’t have a formal regulatory framework behind it.

As J.P. Morgan’s Payments Unbound noted in their analysis of global open banking, “The U.S. actually has the best open finance market in the world.” That’s a bold statement, but it reflects something real. A vibrant ecosystem evolved organically in America through market competition; data aggregators like MX Technologies and Finicity built the connective tissue between bank accounts and third-party apps without waiting for government permission. Millions of Americans were already using open banking practices in their financial lives before Section 1033 was ever finalized.

That market-led foundation is actually a competitive advantage. Where prescriptive regulatory frameworks in Europe sometimes created compliance-heavy systems that delivered less than promised, the U.S. built real adoption through demand. The challenge, of course, is that market-led data sharing created its own problems: inconsistent security standards, heavy reliance on screen scraping, and no clear framework for who bears liability when something goes wrong.

That’s what the regulatory push is trying to fix. And that’s where things get complicated.

Section 1033: The Rule That’s Rewriting the Rules — While Being Rewritten

The CFPB’s Personal Financial Data Rights rule, finalized under Section 1033 of the Dodd-Frank Act in October 2024, is the federal government’s most serious attempt to formalize open banking in the United States. At its core, the rule requires covered financial institutions—banks, credit card issuers, and digital wallet providers—to give consumers and the third parties consumers authorize access to their own financial data. Transaction history, payment initiation information, fee schedules, and account terms. And it requires that access be provided at no charge.

The first compliance deadline for the nation’s largest financial institutions arrived in 2026. What also arrived, simultaneously, was a federal injunction delaying those deadlines, an ongoing lawsuit brought by the Bank Policy Institute and Kentucky banking groups, a CFPB leadership change that first moved to vacate the rule and then reversed course to revise it through an “accelerated rulemaking,” and an intervention by the Financial Technology Association to defend the rule in court.

In other words, the rule is being implemented, litigated, stayed, and rewritten all at the same time.

The CFPB, through its Advanced Notice of Proposed Rulemaking in August 2025, opened four specific questions for public comment: who can serve as an authorized representative of a consumer, whether banks can charge fees for providing data access (the original rule banned fees entirely), what data security requirements should apply to third parties, and how consumer privacy should be protected.

As Chris Miller, senior director at Cornerstone Advisors, told American Banker, regulatory volatility “could definitely slow adoption, especially for smaller players that can’t afford compliance missteps.” But Miller added, “The underlying demand for open banking and embedded payments isn’t going away—consumers and businesses both expect smoother, more integrated financial experiences.”

That assessment captures the U.S. situation precisely. The regulatory path is uncertain. The market direction is not.

What U.S. Financial Institutions Are Actually Doing Right Now

The American Banker’s 2026 State of Open Finance Adoption survey — one of the most authoritative reads on where U.S. institutions stand — found that most banks and credit unions are currently in the assessment and planning phases of open banking adoption, not yet in full execution. Regional banks are the most aggressive movers, with a strong majority identifying open finance as a high or critical business priority. Executive leadership across institutions is broadly supportive of pursuing open finance initiatives.

What’s slowing some institutions isn’t skepticism about the direction — it’s the combination of regulatory uncertainty and the genuine challenge of third-party risk management. When you open up data-sharing channels, you’re responsible for how third parties handle that data. Until the revised CFPB rule clarifies liability and security requirements, some institutions are understandably cautious about how far to extend their programs.

But waiting for perfect regulatory clarity has its own cost. Citizens Bank in Rhode Island, for example, officially launched its Open Banking API project, allowing customers to link their accounts with third parties through a secure channel — and then expanded the functionality to let customers update saved payment information across billers, subscriptions, online retailers, and payroll companies. That’s a real product, live for real customers, and it was built without waiting for Washington to finish its rulemaking.

The pattern is consistent: institutions willing to move are finding ways to build within existing market frameworks, rather than waiting for the regulatory framework to catch up.

Pay by Bank: The U.S. Use Case With the Strongest Near-Term Business Case

If you’re a U.S. merchant or payments professional trying to figure out where open banking matters most to your business right now, pay by bank is the answer.

Pay by bank is exactly what it sounds like: a payment method that lets consumers pay directly from their bank account, without a credit card or debit card sitting in the middle. The consumer authenticates with their bank, authorizes the payment, and the funds move account-to-account. No card network. No interchange fee on the merchant side.

According to Mastercard’s published open banking analysis, A2A payments—the category that pay by bank belongs to—are already the second-most preferred payment method for bill payment in the United States. That’s not a projection. That’s the current consumer preference in the existing market before pay by bank has been broadly launched or marketed.

For American merchants, the cost case is direct. Payment acceptance costs are frequently one of the top operating expenses for businesses — right alongside payroll. As BNY noted in their open banking analysis, credit card interchange fees represent a significant and recurring overhead that merchants have largely accepted as unavoidable. Pay by bank changes that math in high-volume, recurring-payment contexts: utilities, insurance, subscriptions, rent, B2B invoicing.

Walmart has been among the most visible American retailers to deploy pay by bank, integrating it with both FedNow and The Clearing House’s RTP network. That real-world deployment — at Walmart’s scale — is the single clearest market signal that pay by bank in the U.S. has moved from concept to commercial reality.

FedNow: The Infrastructure That Makes Open Banking Payments Fast Enough to Matter

Here’s an important distinction that sometimes gets blurred in open banking coverage: data sharing and payment rails are two different things. Open banking handles the data layer — the consumer-permissioned sharing of account information. Payment rails handle the actual movement of money.

For open banking-enabled payments to be genuinely compelling, money needs to move fast. A pay-by-bank transaction that takes two business days to settle is only marginally better than a traditional ACH transfer. It’s a real-time settlement that changes the value proposition entirely.

FedNow — the Federal Reserve’s instant payment service — is the American infrastructure answer to that need. As of late 2025, more than 1,500 U.S. financial institutions had joined the FedNow service, and the Federal Reserve has been clear that broad adoption across an industry with more than 9,000 institutions is a long-term build. The trajectory, however, is consistent. PYMNTS research found that the majority of U.S. institutions now enabling instant payments are operating on both FedNow and The Clearing House’s RTP network simultaneously—a multi-rail approach that gives businesses broader reach and redundancy.

The Federal Reserve has also noted that fraud concerns about newer payment rails are frequently overstated. As they reported directly, paper checks—still used by 91% of American businesses, according to the 2025 Association for Financial Professionals Payments Fraud Survey—remain the payment method most affected by fraud, while FedNow has seen very little evidence of fraud to date.

For U.S. businesses evaluating instant payment adoption: the rails are being built, participation is growing, and the fraud-risk argument against modern rails is, according to the Federal Reserve’s own data, backward.

Beyond Payments: What Open Banking Enables in American Lending

Pay by bank gets most of the press, but open banking’s potential in American credit markets is just as significant.

Traditional credit underwriting in the United States relies heavily on FICO scores—a model built on payment history, debt levels, and credit age. That model systematically disadvantages Americans with thin credit files: recent immigrants, young adults just entering the credit market, and people who’ve rebuilt their finances after a setback. Their actual financial behavior — steady income, consistent bill payment, solid cash flow management — doesn’t show up adequately in a credit score derived from limited or older data.

Open banking changes the underlying data available to lenders. With consumer permission, lenders can access real-time, granular transaction data from a borrower’s bank account and assess actual cash flow and repayment capacity directly, rather than inferring it from a credit report that may be months or years out of date.

This shift benefits lenders — better data means more accurate risk assessment — and it benefits the significant portion of American borrowers who are creditworthy but underrepresented in traditional scoring models.

The Data Security Question Every American Business Should Be Asking

Open banking skeptics — particularly the banking industry’s trade associations — have raised legitimate security concerns that deserve a direct response rather than a dismissal.

Mastercard’s open banking research puts the global cost of cybercrime at $12 trillion in 2025 and found that the overwhelming majority of consumers they surveyed said keeping their financial data secure was important to them. When financial data flows across more endpoints—APIs, aggregators, third-party apps — there are more potential points of failure. That’s a real risk, not a talking point.

The Bank Policy Institute’s argument against the original Section 1033 rule centered on the absence of adequate third-party oversight: the rule, in their view, required banks to share sensitive consumer data without sufficient accountability for how that data was handled downstream. Whether or not one agrees with that characterization of the rule, the underlying concern about third-party data security is worth taking seriously.

The solution that is emerging in the U.S. market — and that the revised CFPB rulemaking is expected to address — is a clearer liability framework. What Visa did with its A2A launch in the U.K. is instructive: it established a formal consumer protection framework for pay-by-bank transactions that gives users the same dispute rights they have with card payments. J.P. Morgan’s analysis of open banking made this point directly, noting that the card networks established a clear liability framework decades ago, and that framework is what built consumer confidence in card payments. Open banking needs the same thing.

American businesses building on open banking APIs should be asking their aggregator and data provider partners specific questions: What security standards govern your data handling? What happens to consumer data if our agreement ends? How quickly can you detect and respond to unauthorized data access? These are not hypothetical concerns. They are the questions that will shape what the revised CFPB rule ultimately requires.

The Bigger Picture: Open Banking as a Foundation for Open Finance

It’s worth stepping back to note where all of this is heading—because pay by bank and cash-flow lending are not the endpoint. They’re the opening chapter.

Mastercard’s published strategy describes their open banking investments explicitly as a stepping stone toward open finance—a broader model where consumer-permissioned data sharing extends beyond bank accounts to include payroll data, investment accounts, insurance, and mortgage information. The Congressional Research Service confirmed in its Section 1033 analysis that the CFPB intends to develop additional rules covering more products and use cases beyond the current rule’s scope.

American Banker’s 2026 research found that maintaining a competitive edge is one of the primary drivers pushing U.S. financial institutions toward open finance adoption. That framing is accurate. In a market where nonbank entities are steadily taking market share from traditional institutions, open finance capabilities — the ability to deliver personalized financial services based on a comprehensive view of a consumer’s financial life — are becoming a differentiation tool as much as a compliance obligation.

The direction of travel, as BNY put it in their analysis published earlier this year, is clear: “Propelled by customer demand and compelling use cases, open banking is on the rise in the U.S., where it is meeting growing expectations for intuitive, secure, and immediate digital services.”

The regulatory framework is still being written. But the market has already placed its bet.

What U.S. Businesses Should Be Doing Nowadays

The companies that will benefit most from open banking aren’t the ones waiting to see how Section 1033‘s rewrite resolves. They’re the ones building now — within existing market frameworks and bilateral agreements — so they’re ready when the rules stabilize.

If you process payments at volume, evaluate whether pay-by-bank options from providers connected to FedNow and RTP create a compelling cost case for your transaction mix. The math is strongest in recurring, high-volume payment contexts.

If you underwrite credit or loans, start building open banking connectivity into your workflow. Experian and FICO are already moving the scoring infrastructure in this direction. Lenders not incorporating cash flow data into underwriting decisions are working with less complete information than their competitors.

If your business relies on a third-party financial data aggregator — which includes any product that connects to users’ bank accounts — track the CFPB’s revised rulemaking closely. The outcome will determine what data you can access, at what cost, and under what security obligations.

And if you’re building payment infrastructure from the ground up, architect multiple rails from day one. The U.S. payment landscape is multi-rail by nature—ACH, RTP, eChecks, FedNow, and card networks—and open banking operates as a data layer on top of all of them. Systems designed with that in mind will be far more adaptable as the ecosystem continues to evolve.

Frequently Asked Questions About Open Banking

What is open banking, and how does it work in the U.S.?

Open banking allows American consumers to share their financial data — account balances, transaction history, payment credentials — with authorized third-party apps and services through secure APIs. In the U.S., the legal framework is anchored in Section 1033 of the Dodd-Frank Act, though the market was already practicing open banking informally through data aggregators before any formal rule was finalized.

Where does the CFPB’s Section 1033 rule stand in May 2026?

The rule was finalized in October 2024; faced immediate legal challenges from banking trade groups; had its compliance deadlines delayed by a federal court injunction; and is currently being substantially revised through a new CFPB rulemaking process. The first compliance deadline for the nation’s largest financial institutions arrived in 2026, but with the rule stayed, the specific obligations remain in flux. The Financial Technology Association is intervening in court to preserve the rule’s core data-access provisions.

What is pay by bank, and why does it matter for American merchants?

Pay by bank lets American consumers make purchases directly from their bank accounts, bypassing card networks and the interchange fees that merchants pay on every card transaction. For high-volume merchants in utilities, insurance, subscriptions, and B2B billing, pay by bank can represent a significant reduction in payment acceptance costs.

How does open banking help American borrowers with limited credit history?

Open banking enables lenders to access real-time transaction data — with the consumer’s permission — to assess cash flow and repayment capacity directly, rather than relying solely on a FICO score. Experian’s Credit + Cashflow model and FICO’s updated UltraFICO score are live examples of American credit infrastructure incorporating open banking data into lending decisions. This benefits borrowers who have solid financial habits but thin traditional credit files.

Is open banking safe for American consumers?

Open banking APIs are structurally more secure than screen scraping — the older method where consumers shared their actual bank login credentials with third-party apps. APIs provide permissioned data access without exposing credentials. That said, the security of any specific service depends on the standards the third-party provider follows. American consumers should check what data access they’re granting, confirm they can revoke that access at any time, and review how each app handles data retention.

How is FedNow connected to open banking?

FedNow is the Federal Reserve’s instant payment rail — the infrastructure that moves money between bank accounts in real time. Open banking provides the data layer: the consumer-permissioned account information that enables payment initiation and verification. Together, they make instant, low-cost, direct account-to-account payments practical for American businesses and consumers. More than 1,500 U.S. financial institutions participate in FedNow as of late 2025.

What are Mastercard and Visa doing in open banking?

Both card networks have made major open banking investments, recognizing that A2A payments represent a structural shift they need to be part of rather than fighting against. Mastercard acquired Finicity—a leading U.S. open banking data aggregator—and is partnering with JPMorgan Chase and Worldpay to scale A2A payments in the American market. Visa acquired Tink, a leading European open banking platform, and launched Visa A2A in the U.K. with consumer protection standards equivalent to card payment dispute rights—groundwork widely understood as setting the stage for U.S. deployment.

Should American small businesses care about open banking right now?

Yes — particularly in two areas. Pay by bank is a direct cost-reduction opportunity for businesses that process recurring or high-volume payments and currently absorb significant card interchange fees. And cash flow-based lending, powered by open banking data, is expanding access to credit for small businesses that have struggled to qualify for traditional loans based solely on credit scores. Mastercard’s published strategy explicitly identifies small business financial services as one of its four primary open banking use cases.

Sources: J.P. Morgan Payments Unbound, American Banker / PaymentsSource, Congressional Research Service (Congress.gov), Consumer Financial Protection Bureau, Mastercard Open Banking Insights, BNY Open Banking Analysis, Federal Reserve Financial Services, PYMNTS Intelligence, Cornerstone Advisors.

author avatar
Tisa Stone Senior Content Writer at eCheckPlan
Tisa Stone is a Senior Content Writer at eCheckplan, specializing in payment processing, fintech, and merchant services.
See Full Bio

Comments are closed.

Say goodbye to high fees

Switch To eCheckplan For Simple
Secure Processing. 🚀

Start Now!

Payments made easy, the way they should be.

Instant analysis & Smart insights

Ask AI for a Smart Summary of eCheckPlan!

claude ChatGPT grok Grok claude Claude perplexity Perplexity google search Google Search