JPMorgan’s Quiet Checkmate on Fintech Data

Power rarely announces itself. It slips in quietly, rewrites the rules, and sends you a fresh bill.

That's what JPMorgan Chase did in its long clash with fintech firms over access to customer data. CNBC reports that the bank has now struck deals that ensure it gets paid by the fintechs and data aggregators handling almost all third-party data requests tied to Chase accounts.

For years, the story went the other way. Plaid, MX, and other aggregators plugged into bank systems, often by sharing credentials and using screen scraping, to pull transaction data that powered apps like Robinhood, budgeting tools, and loan underwriters. Consumers thought they were 'connecting my bank' to an app. In practice, a middleman hit the bank's servers for free, sometimes thousands of times per user, and built a business on top of those unpriced API calls.

That free ride is over. JPMorgan's move may look tactical, but at a deeper level it's a rethink of who actually controls the rails.

Let's start with what's changed. It's not that consumers' willingness to share data has shifted; that remains stable. The change is threefold: better plumbing, clearer risk math, and a different regulatory horizon.

Better plumbing arrived when large banks, JPMorgan among them, started pouring money into API infrastructure and backing networks like Akoya, which are designed as secure, permissioned data utilities rather than scraping workarounds. If you run a clean, high performing API with standardized schemas, stop treating those calls as a nuisance and start seeing them as a product.

Once you start treating data access as a product, the risk math shifts. Every access to a core banking system carries real operating and security costs. In the old framework those costs were effectively subsidized by the bank and spread across its customers, while the upside went to the fintechs. Now JPMorgan can argue that security, uptime, liability, and regulatory reporting sit on its balance sheet. If you want data that’s industrial grade, you should expect industrial-grade fees.

Layer in the regulatory backdrop. The Consumer Financial Protection Bureau is edging toward open banking rules designed to give consumers portable access to their financial data. Banks saw this coming. If open banking becomes formal policy, incumbents would rather enter that world with signed contracts in hand, establishing the norm that data access is not free.

So who moved first? On the board, JPMorgan nudged its rooks forward, while the fintechs realized they’d been playing with pawns.

JPMorgan ended up making three significant moves.

First, they moved away from credential sharing and screen scraping by third parties toward tokenized API access. That approach is safer and cleaner, but it also gives the bank a single valve to control volume and terms.

Secondly, they leaned on their scale. As the largest bank in the United States by assets, a sizable share of an aggregator's traffic hits JPMorgan's systems. That’s real leverage. If JPMorgan says the terms are changing, Plaid and its peers can’t realistically threaten to walk away from Chase data without undermining the value they offer to downstream apps.

Third, they used time as a weapon. The bank could tolerate years of negotiation, rate limiting, and quiet technical friction that made scraping less appealing. Venture-backed fintechs don’t have that luxury; their burn rate runs on months, not years. So eventually you either sign the deal or lose access to a large chunk of your customers’ accounts.

So they signed, after all. Fintechs will now pay tiered fees for volume or usage through JPMorgan's channels. CNBC calls it a win for the bank; more importantly, it marks a sharper move, a reset of who owns the economics of data plumbing.

The ripple effects start showing up once you follow where the money ends up downstream.

Big, well-funded fintechs will grumble at first and then adapt. They’ve got the scale to spread these costs across millions of users, tweak pricing, trim a few features, and call it a security upgrade. The real pressure lands on the smaller players, the scrappy apps that used to live on cheap data access and clever UX.

If your budgeting app relied on data calls that were free or nearly free, a new per-call or per-user fee from a bank the size of JPMorgan would upend the math. You’d either raise prices, push more aggressive monetization (ads, cross-sells, paid tiers), or exit the market. None of those options feels clean.

Over time, the herd thins. We see fewer independent apps and more consolidation around a handful of large platforms that can negotiate better terms with banks and aggregators. Consumers notice that in everyday choices—a subtle narrowing of options rather than a dramatic shift. Instead of a wild garden of niche fintech tools, you end up with a menu of big-brand super apps and whatever features those platforms decide to push to the top.

There's another, subtler cost: innovation at the edges. Historically, fintech's quirkiest, most interesting features have come from small teams experimenting with new ways to visualize or act on transaction data. When data tolls are high and non-negotiable, those experiments become more expensive. That means fewer attempts and fewer chances to uncover useful new patterns in how people manage money.

Then there’s the pricing pass-through problem. Any dollar JPMorgan collects in data fees doesn’t come from nowhere; it lands somewhere on a fintech’s P&L. They’ll recoup it by raising subscription fees, widening spreads, or nudging users toward more profitable products.

Industry voices will frame this as paying for enhanced security and reliability, and there’s truth to that. The old model (bots logging in on behalf of users, scraping entire pages, and storing credentials in third‑party systems) was a security nightmare. Purpose-built APIs and tokenization offer a clearer path. Yet the marketing gloss hides an allocation question: who actually benefits from these improved controls, and who ends up paying for them.

JPMorgan benefits in two main ways. First, they reduce security and operational risk while turning data access into a revenue stream. They also regain strategic control over which use cases take off. If certain app categories are seen as competitors to the bank’s offerings, it becomes easy to slow-roll integrations, tweak pricing, or frame risks in a way that shapes the outcomes.

Regulators will have to decide whether this is fair cost recovery or quiet gatekeeping. The CFPB's open banking work is meant to enshrine a consumer's right to move their data. But moving data and doing it on fair, non-discriminatory terms aren't the same thing. If the market settles quickly around a handful of megabanks that charge tolls large fintechs can barely cover, open banking risks becoming a slogan rather than a lived reality.

There’s something odd about who ends up getting paid and for what. The raw transaction data belongs to the customer, the person whose spending it reflects, morally speaking even if the legal right is still catching up. The bank acts as the steward and processor of that data, not the protagonist. In the new deals, the customer’s data earns rent for the bank and creates costs for the apps the customer uses, while the customer rarely sees any direct share of that value.

If you're wondering what happens next, keep an eye on three pressure points.

First, keep an eye on the smaller regional banks. If JPMorgan can turn data access into a revenue product, others will copy the approach, but they won’t match JPM’s scale or the quality of its API. That creates a messy patchwork of fees and standards that aggregators have to navigate. Smaller fintechs bear the brunt of that complexity.

Second, keep an eye on the aggregators themselves. Plaid and MX will try to position themselves as neutral utilities that simplify things for developers. But their costs have already risen. They’ll pass those costs along, and in doing so they may begin to favor deeper ties with a smaller group of large institutions and big fintechs. That’s how gatekeeper layers harden.

Third, watch for new intermediaries marketed as consumer data wallets or personal data vaults. If enough people push back on banks charging rent for their data, entrepreneurs will try to build storage and permission systems that put users in control. The snag is that those systems still have to talk to the banks; that means paying the toll, too.

What looks like a mundane plumbing detail is actually a governance decision about who gets to tax the flow of financial information. JPMorgan moved early, pressed its advantage, and turned a cost center into a point of control.

As a consumer, you won't see the fight directly. You'll notice it in fewer quirky apps, more aggressive upsells inside the apps you already use, and in another box on the terms of service screen reminding you that to connect your accounts, someone somewhere has to pay the bank.

On the board, that move is securing the center. When you control it, the rest of the players have to react to you, shaping their plans around your tempo.

Sources include CNBC's November 14, 2025 coverage of JPMorgan Chase fintech fees, PYMNTS' reporting on data access fees in new agreements with fintechs, MarketScreener's recap of JPMorgan Chase's win in the data-fees battle, and Slashdot's summary of the same story.

Sources:

• https://www.cnbc.com/2025/11/14/jpmorgan-chase-fintech-fees.html
• https://www.pymnts.com/news/banking/2025/jpmorganchase-secures-fees-for-data-access-in-new-agreements-with-fintechs/
• https://www.marketscreener.com/news/jpmorgan-chase-wins-fight-with-fintech-firms-over-fees-to-access-customer-data-cnbc-ce7d5fd2dc89f120
• https://news.slashdot.org/story/25/11/14/2135239/jpmorgan-chase-wins-fight-with-fintech-firms-over-fees-to-access-customer-data