Plaid is almost 10 years old and I think there are probably several verbatim comments on HN since the introduction of Plaid. Unfortunately I don't think we will ever see a such a law; the landscape has changed from 10 years ago and:
1. Plaid has been pretty much been blessed by the largest player in the space (the , now blocked, acquisition from Visa).
2. The banks are glad to outsource development of banking apis to one single customer. Even CapitalOne who seemed horrified at the integration built an Oauth endpoint.
3. The queue of banking regulations is a mile long and is deeply politically controversial among those who vote.
4. Our geriatrics in congress will never see this as an
important issue.
Oh, yes, I would absolutely never use Plaid, or any service that requires it in the meantime.
But, there are many services that should exist, that could be safely used, if such an API mandate existed.
I actually think it’s a matter of time. Eventually the current state of affairs will lead to a crisis. Someone operating like Plaid (a centralized nexus of banking passwords) will be breached, funds will be drained, and banks will shrug.
At that point, the API law becomes much more likely. Banking regulations have a way of moving very slowly until a crisis erupts.
Another path is, once most of the bigger banks develop their own APIs, they will probably push for the regulation as a path to making it harder for smaller banks to compete.
1. Plaid has been pretty much been blessed by the largest player in the space (the , now blocked, acquisition from Visa).
2. The banks are glad to outsource development of banking apis to one single customer. Even CapitalOne who seemed horrified at the integration built an Oauth endpoint.
3. The queue of banking regulations is a mile long and is deeply politically controversial among those who vote.
4. Our geriatrics in congress will never see this as an important issue.
It's just easier to not use Plaid.