A group of fintechs and security compliance companies, including Plaid, MX and Flinks, have set up a framework to address security risks and strengthen how they protect consumer data.
The Open Finance Data Security Standard (OFDSS) aims to address concerns around data security by setting out a host of requirements that focus on security risks commonly encountered by emerging fintechs that handle this financial information.
OFDSS has 63 individual security requirements across 12 control domains that address common data security risks encountered by early-stage digital finance companies.
The requirements come with implementation guides and high-level audit steps for ensuring compliance. Feedback is being sought ahead of plans to start implementing the standard in the second half of next year.
OFDSS supporters include fintechs Flinks, MX, Plaid and Truework and security compliance companies Drata, Laika, Secureframe and Vanta.
“The industry is rallying around OFDSS because it will help raise the bar for data security in the fintech ecosystem at a time when the pace of innovation is accelerating,” the OFDSS Committee said.
“It provides a strong framework that helps fintechs improve security while enabling innovation, gives banks a level of confidence about the companies connecting to their APIs, and, most importantly, helps protect consumers.”
“Our growth-stage fintech customers have been asking for a more clear-cut and targeted industry frameworok for years,” said Shrav Mehta, founder and chief executive of Secureframe.
“OFDSS focuses less on many traditional secondary compliance requirements and more on what matters most for our customers- data security.
“Working with Plaid on creating OFDSS and aligning our automation capabilities with this framework creates seemingly effortless, but strong compliance outcomes for our happy Secureframe customers.”