Sharing Financial Data

   read

At its most basic, financial data aggregation puts information about your financial holdings under one roof. Your "dashboard," sometimes called a personal financial management hub or portal, can display your investments, savings, insurance policies and credit balances.

In addition to a snapshot of your overall finances, depending on the provider, your service may also include services such as financial and tax planning, budgeting, and the ability to track home value and mortgage information. More robust services may include portfolio analysis, advice (for instance, recommending an asset allocation model), credit monitoring, bill paying and more. There may be costs associated with some services.

You can aggregate information through a non-financial organization or you can add information from outside financial accounts to an existing financial provider, such as a brokerage firm, advisory firm or bank.

Before You Share


These tips can help you protect yourself if you decide to share your financial information with a data aggregator or service providers who use data aggregators:

  1. Weigh the benefits of aggregation against the risks of sharing your security credentials. Be particularly diligent when you authorize a third party to facilitate payments on your behalf. Check to assure payments go to the right place
  2. Read the terms and conditions of any user agreement or contract you sign. Know what rights you are granting with respect to accessing your financial accounts and using your data. For instance, how often are your accounts scraped and what data is collected
  3. Verify that the aggregator will access only the information it needs to provide the desired service to you. Also be aware that there may be charges for certain transactions and services you elect to use
  4. Understand the aggregator's privacy and data security measures. A good place to begin is by reading the aggregator's terms of use, privacy and security information. Here are some things to look for
    1. Does (or may) the aggregator share your security credentials and data with, or provide access to your accounts to, another data aggregator or service provider? Does the aggregator sell your data to a third-party entity? If so, are you comfortable with that?
    2. Does the aggregator use encryption when retrieving your data? How long is the data retained? What is the process of purging or disposing the data once you terminate your contract?
    3. What happens if there is a data breach or any unauthorized access to your account? Is there a process in place to notify consumers and financial institutions should a breach occur?
    4. What type of liability, if any, does the aggregator bear in the event of a consumer loss due to a data breach or unauthorized access? Does the aggregator have the financial capacity or insurance coverage to compensate consumers for loss? Is there a dispute mechanism in place to resolve any issues related to data breaches or unauthorized access?
  5. How accurate are the scraping algorithms used to collect data from your financial accounts? To find out, you can ask whether the aggregator conducts periodic checks to ensure that it is collecting data and using it accurately to provide the required service. You should also check the data yourself against your primary source accounts.
  6. Check with financial data providers to find out what, if any, data is delivered to aggregators through an Application Programming Interface (API), which is generally considered a safer alternative than scraping.
  7. Do your own online research and due diligence. Look up any reviews, complaints or lawsuits against the data aggregator or the third-party service provider you are contemplating using.
  8. Finally, make sure you cancel your account and terminate the access and rights you have granted to the aggregator once you discontinue using the service. Failing to do so may expose your financial information to ongoing security risks. Understand and follow the steps that need to be taken to stop the ability of the aggregator to access your account. This may involve more than just deleting the software application from your computer or mobile device.