Plaid's John Pitts On How Agentic AI Helps Unlock Consumer Data From Legacy Gatekeepers

A growing number of enterprises are restricting API access to consumers' own data, citing cost, security, or other strategic concerns. In banking, this trend has drawn scrutiny under the Consumer Financial Protection Bureau's (CFPB) Rule 1033 which addresses how major banks limit API access for consumers who want to use third-party applications to access their own data. Two high-profile tech cases of this trend are Salesforce's Slack limiting its API and the Cloudflare and Perplexity scraping dispute, which highlight the growing tension between control and innovation proliferating across industries.

The problem is consumers don't care about the underlying infrastructure. Consumers just want better experiences, like faster payments. The path to that improved experience is predicated on who controls the underlying data. In banking, with the influx of potentially threatening applications like Zelle, Chime, and other more consumer-facing banks, the major banks are those gatekeepers, and they are leaning on obfuscating the technical limitations of APIs as a means of restricting access.

We spoke with John Pitts, the Head of Industry Relations and Digital Trust at Plaid, to set the stage. Having previously served as Deputy Assistant Director at the Consumer Financial Protection Bureau (CFPB), Pitts has a unique perspective forged on both sides of the regulatory and innovation divide. To grasp the current conflict, you have to understand the historical mindset of the incumbent banks. For decades, they never saw consumer data as a valuable asset to be leveraged for innovation; they saw it as a toxic liability to be contained.

• The Radioactive Waste Mentality: "Financial data is essentially radioactive waste that we have to store. It's not a valuable thing. It's actually a risky thing because we can't do anything with it... our biggest concern is that it would somehow get out. You don't want the leakage of that waste."

This perspective and posturing meant that innovation had to come from the outside. An early example of this started with companies like Intuit pre-populating tax information—simple automations that made life easier for the user. As FinTech use cases expanded into areas like lending, peer-to-peer payments, and earned wage access, banks grew concerned. Fintechs like Chime, which now has more accounts than any other bank in the United States, emerged as direct competitors. Pitts positioned the bank's perspective bluntly, "Why would they build infrastructure to help competitors grow?" The new complaint is that these APIs are suddenly getting too expensive to maintain, but Pitts argued that while banks may be attempting to fortify their walls, AI was about to render those walls obsolete.

• The Checkmate Argument: "You can't change demand. If you try to choke off demand at the API, it is very likely that the extremely low cost of extractors is going to mean that companies just shift to AI-coded extractors. It probably won't be a couple of regulated data aggregators managing it. It will be thousands and thousands of companies hitting your web portal in a way that is very difficult to manage and creates its own substantial cost and risks."