Mitigating the Risks of Open Banking

Part 2

Navy Federal Credit Union (NFCU) recently faced a lawsuit centered on using artificial intelligence (AI) in its customer service operations. The lawsuit highlighted several critical issues, including data privacy, algorithmic bias, and transparency. This incident underscores the broader risks associated with adopting advanced technologies, such as AI, within the framework of open banking.

Key Issues Highlighted by the Lawsuit

  1. Data Privacy and Security: The lawsuit highlighted concerns about how AI systems collect, store, and use member data. Maintaining robust data privacy and security protocols is paramount in Open Banking, where member data is shared across multiple platforms and third-party providers. Open Banking secures and protects member data through a robust combination of regulatory compliance, advanced technological measures, strict protocols, and continuous monitoring. By adhering to these practices, Open Banking ensures that member data is secure and that customers have control and transparency over how their data is used and shared. As an added safeguard, the member authorization requirement in Open Banking is fundamental to data security. It empowers members with control over their financial data, ensures transparency in data usage, enforces robust security protocols, reduces the risk of fraud, and ensures compliance with legal standards.
  2. Algorithmic Bias: The AI system used by NFCU was accused of making biased decisions that adversely affected certain groups of members. These biases create the most significant reputational and legal risks if they become inadvertently applied in the loan approval processes. Open Banking, which relies heavily on data-driven decisions, can inadvertently perpetuate or exacerbate such biases if not adequately managed. Protections against algorithmic bias in Open Banking are critical to ensuring that the benefits of Open Banking are realized equitably across all demographics. By adhering to regulatory guidelines, promoting data transparency and explainability, implementing fair data practices, conducting regular audits, embracing ethical AI principles, empowering users, and fostering industry collaboration, credit unions can mitigate algorithmic bias risks and enhance their services’ fairness and inclusivity.
  3. Transparency and Consent: The NYFCU lawsuit highlighted the importance of transparency in how AI systems operate and make decisions. In Open Banking, members must be fully informed about how organizations will use their data and give explicit consent to that data usage. Lack of transparency can lead to mistrust and legal challenges. Open Banking provides robust mechanisms to ensure transparency and consent when using member data. Open Banking empowers members to manage their financial data securely and confidently through clear communication, explicit consent mechanisms, continuous access and control, data minimization, regulatory compliance, and adherence to ethical standards. These measures enhance trust in the credit union and promote a more open, competitive, and member-centric banking environment.
  4. Regulatory Compliance: As AI and Open Banking technologies evolve, so do the regulatory landscapes. The NFCU lawsuit underscored the need for financial institutions to stay ahead of regulatory requirements and ensure compliance to avoid legal repercussions. Open Banking is designed with regulatory compliance as a core component, providing the credit union and third-party providers adhere to legal and regulatory standards. Open Banking helps ensure regulatory compliance by incorporating data protection regulations, adhering to financial directives like PSD2, utilizing standardized APIs, maintaining transparency and accountability, protecting members, implementing robust security measures, continuously monitoring regulatory changes, and collaborating with regulatory bodies. These comprehensive measures ensure that Open Banking systems are secure, transparent, and compliant with legal and regulatory standards.

Part 3 of this series will address the vital need for a strong Data Governance Discipline before using AI or machine learning algorithms and entering an Open Banking environment.


Rich Jones is the Founder/Principal of Leading2Leadership LLC. Before starting his strategic planning agency, he spent over 20 years in leadership roles in the financial services sector. Before becoming an executive in the financial services sector, Rich was an entrepreneur, building and selling two businesses and working for early-stage start-up companies in executive roles in marketing, business development, and seeking investment partners. With more than three decades of experience, he brings innovative thought to companies and executives. Rich published “Leading2Leadership, a Situational Primer to Leadership Excellence.” The book is available on and was designed to be used as a book study for leadership development programs; it breaks leadership skills into manageable situations for discussion and reflection. Rich works with credit unions, CUSOs, and vendors, designing digital, data, culture, marketing, and branding transformation strategies. In 2014, Chosen as a Credit Union Rock Star by CU Magazine, and in 2018, Rich received the Lifetime Achievement Award from CUNA Marketing and Business Development Council. A Marine and graduate of Colorado State University, Jones shares his expertise at

Leave a Comment