Fintech 2025

USA Law and Practice Contributed by: Margo H. K. Tank, Michael Fluhr, Deborah Meshulam, Kristin Boggiano, David Stier, Liz S. M. Caires, Adam Dubin, Emily Honsa Hicks, Meghan Carey, Kathleen Birrane and Eric Hall, DLA Piper LLP

11. Open Banking 11.1 Regulation of Open Banking

10.12Non-Fungible Tokens (NFTs) Treasury

NFTs (in particular collectibles) have not, per se, been widely treated as cryptocurrency. NFT trading platforms have operated without money transmitter licences and with less scrutiny from financial regulators compared to cryptocurrency exchanges. In contrast, it is well accepted that at least centralised NFT trading platforms must comply with sanctions rules. Treasury released in 2024 a risk assessment of NFTs finding the risk of money laundering or ter - rorist financing low, but acknowledging that: • existing AML regulations may not adequately capture all types of NFT and NFT platform activity; • NFT platforms may have BSA and AML obligations, depending on the nature of the underlying activity and whether the NFTs are considered currency or a currency substitute; • all NFT platforms conducting transactions involving US persons are required to comply with sanctions regulations. SEC The SEC has brought enforcement actions alleging that certain NFT collectibles consti - tuted securities. In 2024, the SEC commenced an enforcement action against OpenSea for the unregistered sale of securities, which was dropped in 2025. It remains unclear how much the SEC will continue these efforts or how the courts would respond if challenged. Separately, buyers of NFTs have brought private civil actions asserting claims under federal secu - rities laws.

Open banking allows third-party developers to access financial data in traditional banking sys - tems through APIs mandating standardised data formats and secure communication protocols. The APIs facilitate the secure exchange of finan - cial information between banks and authorised fintechs – effectively decentralising financial ser - vices. In late 2024, CFPB finalised its “Personal Finan- cial Data Rights” rule, also known as the “Open Banking” rule, to curtail screen scraping. The rule enables consumers to access and share their personal financial data with third-party providers securely and without charge. The rule will require covered entities – eg, financial institu - tions, credit card issuers, and digital wallet pro - viders – to provide consumers and authorised third parties with access to specified consumer financial data upon request. It also establishes privacy and security protections, limiting third parties’ use of the data they receive to the pur - poses expressly authorised by the consumer. Compliance with the rule is required by 1 April 2026 for the largest institutions, with later com - pliance dates for smaller institutions. 11.2 Concerns Raised by Open Banking As part of permitting access to the accounts and data of banking customers, financial institutions, fintechs, and third-party data aggregation plat - forms providing open banking services enter into contracts to address the risks and responsibili - ties associated with data security and privacy. Covered issues include: • technical processes and requirements to access accounts, data and services;

983 CHAMBERS.COM

Powered by