1033 compliance is a complex issue that demands a multifaceted solution.

Olivia Fahey: Welcome everyone and thank you for joining us today. My name is Olivia Fahey, and I'm the product marketing lead here at Akoya. I'll be hosting the session this afternoon. 

This is the third webinar in our series we've been hosting over the past couple of months with our partners at Capgemini. 

This series is designed to help financial institutions of all sizes meet open banking regulatory requirements. We've teamed up with the experts at Capgemini to really go beyond a lot of the surface level discussions and equip banks and credit unions of all sizes with both education and the resources that they need to make informed decisions and implement compliance both quickly and effectively. 

The conversation today will focus on the overall complexity of achieving compliance and the various functions across the organization needed to meet that compliance both now and in the future.  

We'll talk about the processes required to be put in place to manage countless third parties seeking covered data access. And we'll also talk about the policies and procedures required for a financial institution to both stay in compliance and meet compliance as regulations evolve. 

So, before I introduce our two speakers, just a couple few logistical items. We have 45 min today, and we're saving about 10 to 15 minutes at the end for questions. 

So, without further ado, let me introduce the first of our two speakers. Today, we are here with Jeroen Holscher from Capgemini. 

Jeroen is an expert in transformation programs in the cards and payments domain. He's been with Capgemini for 24 years and helps clients improve their payment products and their underlying technology. 

Throughout his 24 years at Capgemini, Jeroen specialized in payment strategy, sourcing decisions, and back-office transformations for PSD2 and market overviews. Twenty-four years, wow that's impressive! Thanks, Jeroen for being here with us today. 

Jeroen Holscher: Thank you. 

Olivia Fahey: And next, I want to welcome Courtney Robinson, Head of Policy and Communications here at Akoya. Courtney came to Akoya from Block, where she served as the Head of Regulatory Affairs. Throughout her career, she has worked to coordinate policy, outreach to the Consumer Financial Protection Bureau, the Federal Trade Commission, and relevant committees on Capitol Hill. 

She also serves on several advisory boards, including the District of Columbia Department of Insurance Securities and Banking, Federal Reserve Bank of Atlanta, and the Association for Enterprise Opportunity. Courtney, I don't know how you even have time to be here, but we are incredibly happy to have you as well. 

Courtney Robinson: Thank you, Olivia. 

Olivia Fahey: So, before we dig into the conversation today, we have one quick poll. If you know our webinars, you know we love to run a poll here before we jump in. 

We want to understand where you are in the spectrum of build, partner, outsource, or just not sure yet, as it pertains to meeting your 1033 compliance requirements. 

So, we'll give you a few seconds to fill that in. And we will just bring some of this information into the conversation today to help it pertain a little bit more specifically to you all.  

Okay, so we have a little less than half who are not sure yet. As you know, dates were pushed out with the first tranche needing to be compliant in April of 2026. Some have already made the decision to move forward with building their own solution. 

And then there's a mix of about 40% that are looking to partner outsource. So, cross all dimensions there, and we'll keep that in mind. I don't know if Courtney, Jeroen, you have any kind of initial thoughts on how things shook out here. Was it what you were expecting? 

Jeroen Holscher: This is what I expected for the regulation, sort of a mixed bag. And I would say the session is timely, because there's still a lot of people that are not sure yet. So hopefully, they get some direction here. 

Olivia Fahey: That's exactly what we're shooting for. Okay, so let's dive right in. Jeroen, let's start with you. As we've talked about in the past couple of sessions with our Capgemini experts, you are all very experienced in helping financial institutions across the globe implement open banking solutions. 

Can you highlight some of the key similarities and touch on some of the key differences between the final regulation here in the U.S. and that of other geographies. And then, more importantly, can you highlight why satisfying compliance requirements elsewhere doesn’t mean that you satisfied requirements in the United States. 

Jeroen Holscher: Of course. First, there are many similarities between the regulations if you look at the core capabilities needed. 

So, what we see across the globe is not going to be that different for us. There is a need for an API gateway. There is a need for proper contract management and security. There is a need to integrate with the back office to expose and use data. 

There is a need for reporting to the authorities and reporting about progress. And, of course, there is a need for a developer portal to be able to onboard third parties. So far, I would say, so good. You can leverage a lot. You can learn a lot. 

However, looking at the U.S. regulation itself, the API standards are specific to the U.S. So, you must take that into account. 

The second and biggest difference I see is in U.S. Open Banking is a market driven approach versus a regulatory driven approach. And that becomes most obvious if you look at third-party onboarding.

That due diligence and that qualification is completely pushed to the banks, where, in most other markets, it is regulatory driven. So, the regulator is also providing a competent authority to qualify third parties, which makes it a much bigger task in the U.S. related to 3rd parties compared to other markets. 

Lastly, based on what we've seen in other markets, the regulation is not static, so we will keep moving, changing and updating. So, April 26th is just the first deadline, but I can promise you every year, every other year, there will be the latest updates. So, and what we've seen across the globe, some of those regulations are converging, which is helpful to leverage, but other parts are diverging. So, in the end, if you want to create a U.S. Open Banking compliance solution, you need to look at it specifically. Yes, you can learn from other experiences. But I think in the end you will have an extremely specific solution for the U.S. 

Olivia Fahey: You're familiar with policy in the regulatory space. And this open banking regulation within the financial institution requires a wide group of internal teams to function and coordinate on an ongoing basis. So, can you just help us think through what are those major functions, and what are the roles and responsibilities? How can they work together to achieve continuous compliance within the financial institution? 

Courtney Robinson: Yes, of course. I think it's not often that you see a completely new regulation being imposed upon financial institutions in this way. Of course, the regulatory regime is always there. The oversight and updates and iterative things that Jerome referenced are always there, but really to have a completely new interpretation of a law that is now being built into regulation that must be implemented requires much more than trying to adapt to just a simple update. So, there's policy, there's compliance, there's legal, there's product engineering. All these teams must coordinate from the policy or government relations side, just the first look at what's needed, and like the basis and reasoning for the regulation. This Section1033 rule is meant to empower consumers and their choice and their ability to port their data while also having safety around that and knowing that their data is secure. So, knowing that that's the reason. And going to implement something like 1033. There's a compliance team making sure that compliance is there initially, but also ongoing, because and, as Jeroen said, there are requirements that you are able to continuously demonstrate that you were compliant with the 1033 regulation, and you have to be able to produce records that indicate such, and also that there is no sort of like undue potential blocking or not following the rule or following the spirit of the rule. Even the product and engineering teams have come in again coordinating on this and you’re now putting something new in front of your customers. 

How do you make that experience work for them like what is what they see? Look like? But what does the developer interface look like on the other side? How is that built? What does it look like? How do you tweak it and make it iterative? So that way you can continue to not only be compliant with any changes that might come up but also respond to how the regulation or like how you're working yourself, and whether you're meeting the specifications that are outlined in in the 1033 final rule. So, it's beyond just that coordination. It's setting up a project team, if that's how you work internally doing this work, coordinating across all these groups, even just do the first evaluation of how this is going to work and how you'll make it work. But again, because the final rule requires continuous compliance and the ability to keep records that prove compliance. And because regulations also evolve, you must be able to divert resources or at least keep resources and human capital focused on rule compliance and ensure everything continues as needed. So, I know it's a lot on its face. It just seems like, okay, let's just get this done and put it out there, but having the experience of seeing other regulations implemented the same way, like it, it takes time. 

Jeroen Holscher: Yes, and to build on what you said, Courtney, I also describe it as building a new channel for the bank. 

And that's not what you do often, and to Courtney's point, it is even a regulated channel. So, it comes with restrictions and deadlines and everything attached to it. But yes, if you look, what was the last time a new channel for banks with new facilities has been created is probably online access, right? It's like the Internet times of more than 20 years ago. And everybody went through those cycles in learning and understanding that there's a market segmentation. There are capabilities behind these. So, it is an interesting development and challenging path to get across, so never underestimate this one. 

Olivia Fahey: Now, Courtney, I heard you say, you know you can set up a project team, but it's like that project team is going to be on this project long term. So, this is an ongoing effort, it's not one and done project. And to Jerome's point, it may require setting up an entirely new channel. So Jeroen, with this being an ongoing effort, banks can expect countless third parties knocking on their door to gain access to the covered data under 1033. Banks in turn, to work with this will have to have some pretty rigorous programs in place to vet, on board, and maintain agreements with all these third parties, every single one, and that is also a very ongoing, rigorous effort. So, throughout your work, globally. And in this space, what are some of the more successful ways that you've seen this done and is there anything you'd caution against? 

Jeroen Holscher: Yes, sure. So, the third-party topic is quite interesting in the U.S. because it is quite different than what we see in our other markets like I shared before. But let me walk you through a few of those domain dimensions. If you look at the operating model In Europe, in the U.K., in Australia, because it's regulatory driven, there is a competent authority that is qualifying and doing the due diligence of all third parties. 

Those 3rd parties get validated, they get a certificate, and that is then valid for everybody to use in the Open Banking area with all the banks in that jurisdiction. 

So, the operating model in the U.S. is different because there's no central competent authority that is qualifying and doing the due diligence that is pushed to all the banks. 

So if I then take the bank angle, this means basically for the bank, an additional overhead because it is a compliance function that you have to create and maintain in terms of qualifying those third parties and certifying them and giving them a technical certificate to connect with the bank later on. 

If I look at the third parties themselves, it will be hard because they must be certified by every bank. Right now. There is no central entity who says, okay, you can be a 3rd party in the U.S. and get a certificate for the entire market that is not there yet, so that becomes quite challenging for a 3rd party, if they want to have coverage around the entire U.S. and all the banks. It's, I think, almost impossible to be honest. 

The fourth is there will be a definition of what does good look like in that due diligence, if everybody's doing it on their own, which is right now, the case that can be also quite different. So, what one bank will say, okay, I'm fine with it. Another will have a slight on it, etc. 

So only if you have passed through all of that, and you're still there, and you still want to connect as a third party. Then you go to the bank, I would say, developer portal and get through the process described, and even that will be different and will be not standardized, which is in essence fine, you can differentiate there. You can be smarter and more automated. But yes, that's the last step. So for me, if I look at what does good look like and what's what is definitely next step to take is, you have to come together in some way in us to streamline this and to make this operational viable both for the banks and the 3rd parties, and make it scalable, because if I look at it right now, just in isolation, pushing this problem or this statement both to the 3rd parties and the banks to solve. 

It will be way, too complex and not scalable. 

Jeroen Holscher: So, I think collaboration is needed here, and that that would be my call for the market. There is still some time to go, but it must be collaborated on in a smarter way, solved that not everybody is trying to solve this problem. Because what I've seen around the globe this can be overly complex and time consuming also in testing those 3rd parties. So, you better have the basics in order and standardized and smarter than what it is today. 

Olivia Fahey: Yes, thanks, John. Last question here for you, Courtney. Before we continue into the next kind of segment is. I think most people are familiar now, I don't know if everyone's read all 500 pages, but the final rule introduces a plethora of policies and procedures that a financial institution must put in place and maintain to keep up with compliance standards. So, can you help us understand, just at an elevated level, what some of those policies and procedures are, and what sort of effort is required to keep up with that? 

Courtney Robinson: Yeah, I mean, right? Again, this is for the benefit of the consumer. This rule was created and promulgated with the idea that the consumer should be first. So, a lot of these things that you're going to see that our requirements are also, they are managed services based. They are focused on being able to communicate with the consumer and the consumer being able to reach you and then making sure that the regulator can check that you, as an institution, are actually doing that. So, the final rule requires that the customer has access to data. But if they don't want a third party or another institution to have access to that data anymore. They must at once be able to revoke that permission. Data providers must keep records showing what they've done in response to 3rd party requests for consumer information and access, and that must be kept. That information must be kept for years. 

You must keep that data right but not use it for any purpose that's not reasonably necessary or in line with what the consumer asked the data to be shared for the information that you're sharing or the way that it is put out. You must build this according to tech specs where data format is easily readable and standardized. 

You must come up with internal policies and procedures around how and when? You deny 3rd party access to data. Because, again, this is these goes back to safety and security. If there's an issue where a third party is believed to not be working with these standards or possibly compromising the data that is being shared. You can deny. But that denial must be reasonably necessary, and you must explain why? And again, the CFPB was very thorough, and they also want to make sure that there is no evasion. So, data providers and folks covered under this rule cannot take any action to intentionally evade the requirements of the rule. And so, that all goes back to the data, retention, and requirements in that final rule. And then there's also a need to continue on an ongoing basis, I would say, keep up with what industry is doing and engage in not just keeping up with the regulator, but the overall space. Again, there are all these things in the regulation. But you know I can say from the point of view as someone who does policy and who has been on the other side of these things before. You must keep track of things like updates to the regulations and bulletins the Consumer Financial Protection Bureau might put out. The evolution of any sort of related regulations like the 1033 doesn't just stand on its own. It cross-references other existing regulations, like the Graham-Leach Bliley Act, rules with the FTC and other things financial institutions must be compliant with. So, you must keep your eye on all of these things, all these moving parts, while also being able to prove that you are doing those things so. And again, as Jerome was talking about. Look, it's been an exceptionally long time since we've seen something like this come up new that requires compliance, I would say. 

Courtney Robinson: The last thing I can even think of would be another Dodd-Frank regulation around small business data reporting for financial institutions. And again, and for those of you who might be watching, it's Section 1071, and you might have to be compliant with that as well. 

And I will say just the amount of time, even the years, that it takes internally for an organization to get these things right, and then also follow the evolution of how the Bureau wants this information reported how they can then go in and investigate your organization at any time. If you're under their supervision to make sure you're compliant, it's a very, it's a lift, it's a lift, and it's not that it can't be done. It's just that you must be prepared and know that these resources will always have to be there, and you will have to continue to engage with the Bureau and the regulations. 

Jeroen Holscher: Yes. And listening to you, Courtney, it's it is something you must manage proactively. You can't just sit back. It is a function. So, it's not something. It's a one off and regulation taking the books. And, moreover, it's a specialty. Because if you I mean just speaking also before this webinar. With Courtney it goes, layers deeper, deeper, and deeper, and it's cross referencing. So, it's really a specialty. So, it's not easy. 

Olivia Fahey: Yes, okay, let's move into then the kind of what we want to deliver today and talk about which is how a Coia can help with. With all of this, with 1033 compliance. So, over the past 3 months or so throughout these webinars, we've sort of focused on different angles, both the technical, the operational, the policy, etc. And the complexity that comes with standing all of this up, making this all available to consumers and then keeping it keeping it aligned with regulatory requirements as they evolve. 

So, Courtney will talk a little bit about how the solution here not only delivers those technical assets like the exposing of Apis, the developer interface, but also provides the managed services like managing the 3rd party relationships. Security and risk reviews, helping to maintain policies and procedures, and doing all of this as things evolve, keeping an eye on that as open banking experts to really deliver a full-service solution. So, I'll hand it over to Courtney to dig a little bit more into that and how it touches on all these components. 

We have been talking in a way that sounds very doom and gloomy, and it's scary. But don't do not fear, because there are solutions like Akoya, that we have a full service. 1033, compliance solution that can be modified to best meet the needs of your institution. Like the poll that was taken at the top of this webinar. Look, it's hard to do it all, but you can. Also, you can break it up. You can. You can try to build in-house while also farming out other components of it, no matter what is best for your institution. Akoya is here with a fully compliant solution. So that developer Portal, like Olivia, was saying, with access to APIs, keeping that documentation that is required by the regulation. All those things can be white labeled for your financial institutions, that ongoing monitoring of standards, we discussed external standard setting bodies. There are going to be changes to the way that this regulation works, and what must be compliant. 

Akoya has the capability to do that, and make sure that that compliance is continuous, and that we update our standards as those standards evolve, or if they change so that your institution can remain compliant, and we can fully manage that risk that goes into dealing with 3rd parties. I know Jerome touched on that earlier. That is an excessively big part of this, and I and I don't want that to go overlooked. As he said, there is. There is a lot of responsibility that is put on the institutions that are furnishing this data on behalf of the customer, to also keep that information safe and make sure that the 3rd parties that are taking possession of that information are not compromising the customer. So, Akoya can do that risk review, making sure the 3rd-party data recipients get this information. Oh, thank you are meeting high security standards, and that framework is tailored to each institution itself. So again, like more information here on this screen we follow policies and procedures for making the data available. We can have that set up again if there are any outside requests from the Consumer Financial Protection Bureau to prove or show that you are compliant or responding to third parties in a proper way or keeping consumer data safe. 

Courtney Robinson: We can use third-party support and data access agreements. Akoya has been in this game for a while. This is what we are here for. We are trusted by several institutions and some of the largest institutions that must comply with this regulation, and that is for a reason. That is because we can provide these things to ensure you are compliant with 1033, and it's not even the compliance part alone. But I think just being able to have the security and knowledge that that you are managing these processes in a way that also helps with your overall compliance at your institution, and just generally making things easier, just, and not under necessarily the threat of not being in compliance, but instead, having your services operate in the best way possible. Akoya can deliver that, so I'm happy to work here and say that with a smile and be excited that we do all of this and do it very well. 

Olivia Fahey: Your smile is making me smile. Courtney, thank you. And I do encourage, like we have a few more slides here. But before we get into the Q&A. Please feel free. Anyone to put your questions in the chat, so that in the Q&A section so that we can have them when the time comes to go there. 

But before we do that, I just want to encourage people to think back on the poll when we 1st started. I think it was about 30. 35% of people were still not sure where their financial institution was going to go on this path. Where they were thinking about partnering or outsourcing, or maybe already building. But we put together these two tools: A readiness assessment and a cost calculator by having countless conversations with financial institutions of all sizes. 

And within five minutes, it's a comprehensive assessment, but you can get through it quickly. You can kind of gauge where you're at, where your financial institution is at on the readiness scale from low to high, and then you can even go even further to really understand exactly what it would cost on an initial basis and an ongoing basis to run this compliance 1033 compliance program at your institution. So, they're all real time you can dig into them there. You can scan the QR code and then get the results scanned. An email to yourself. Use them to build a business case, use them to help understand where you're at and have conversations at the financial institution to keep things moving forward. 

So, with that, I think we have about 14 min here to jump into the Q&A. So let me go and open this up. I think a few people have already put some questions in. Thank you and keep them coming. If you have more, we'll always answer them afterwards if we can't get to them. The first question here, Jeroen, is for you. In Europe and in the U.K., a key driver for Open Banking was the ability for a third party to initiate a payment on behalf of the consumer. This isn't something that's in scope in the U.S. How do you see this playing out and do you think that this is going to be an ongoing issue for the U.S.? Why do you think it isn't a part of the 1033 regulation already? 

Jeroen Holscher: I think it is. What I see in markets right around the globe is that the combination of open banking, open finance and instant payments in the end is solving this problem in all the other regions as well. It all started with data sharing. There has been in part of payment initiation as part of those regulations as well. But the take up was 1st on the on the on the account information right on the on the data, sharing not so much on the payments initiation. 

Very recently, in the last two or three years, we see that changing. First, in markets that are developing and bypassing card infrastructure through account-to-account open banking, instant payments, solutions. But now, as well in the more mature markets. So, if you look at Uk, for example, where the tax authority allows now to pay the tax to pay your taxes through open banking account to account with instant payments. You now see the volumes of payment initiation, bypassing the volumes of account information. 

And so will the route, I think, for us will be. There's no part of the regulation. I'm sure it will come later, especially with the uptake of instant payments. These needs will come, and it requires standardization again, how you exchange payments through this new channel, and make it work. 

Olivia Fahey: Thanks, Jeroen. Courtney, this is for you because you talked about the various functions needed to take part in fulfilling 1033 requirements. That's a lot of stakeholders to coordinate for a successful program. Which function should be taking the lead? And where should executive sponsorship come from? 

I think that's a remarkably interesting question. I think it is contingent upon the size of the institution. But I would say, a function within, within legal in coordination with product depending on how your organization is structured would be the best way to approach it. I mean, you must look and see what processes you already have, what's in place and what you need to do and build, and that is that is best evaluated, I would say, between those two functions. But again, this being with representatives from all those parts of the organization that we discussed like engineering, product, legal, policy, just go through the readiness assessment see what needs be done. 

Courtney Robinson: It's a beast, but that would be my recommendation. I know there's a bit of bias, too, because I'm a lawyer, to say, start with legal, because you can't go wrong there. Right? 

Olivia Fahey: Jeroen, do you have any kind of inclination from your past experiences, and anything different than that anyone that you believe should take the lead, or where the executive sponsorship should come from? 

Jeroen Holscher: I think in the end it is working together, potential representations of 3rd parties. If they are organized, the banks are. Akoya, like a central entity, can play a role here to help sort out some of these policies create a practitioner view on it, because that will be needed. You will run into issues going into the implementation and the details which you want to solve together. You want to align with industry of other practitioners facing the same and finding common ground. And that's back also to the question of the payments. One. Yes, it will come right that the payments Api will come. The same is for all the things which are here for 1033. What I said about third parties being authorized right in the end. You want to. I see one of the questions is popping in here in in, I would say, can one? I would say, if one party is authorized with what with one bank can it become automatically available for the other? I mean, not yet. But I think that is a practitioner view which you want to get into to make that scalable and operational viable solution in you. 

Olivia Fahey: Yes. I was going to ask you that one. And then, I know you had already touched on it, so you brought it back in. Thank you. 

Let me see, there are quite a few here. But let me let me ask this one, and I think both of you could likely answer this, but one of the Section 1033 rule requirements is for banks to share customer financial information with third parties, such as fintech companies and data aggregators. Since banks have limited control over how third parties use and protect this data, won't it leave customers vulnerable to data breaches and fraud? 

Courtney Robinson: I think you know that that question. I think it gets to the heart of one of the bigger issues that has been discussed, like when people are evaluating the rule or going through it. I mean, that is, it's a valid question. And the way that it's presented. Thank you to the person who asked that question. I agree you don't know how third parties might do that data, or if they are adhering to standards that are as high as you would have at your financial institution. That's proffering that information. But again, that's why it is important to work with an institution like Akoya. If you are partnering on your 1033 compliance to make sure that you are setting standards or working by them that are not only high enough to make sure that the customer information is protected, but that in the event that there is a third party request that comes in, and they do not, that institution themselves do not seem to adhere to, or do not meet the evaluation or standards that you have set up in concert with the Akoya, to make sure that that data is safe. Then you can deny that access. And then, on top of that, retai n the reasoning for the denial, and uphold those lofty standards of consumer safety. I mean, again, we are living in an era where not a week goes by. It seems like there's not something going on with the data breach where customer information is not exposed. This is a very, this is a very valid concern, and it's the one time, I think in the unfortunate event that information is compromised that consumers really understand how important this part of everything that happens behind the scenes is so. 

 I agree. Yes, there, there is a vulnerability there, but that is why it is so important to make sure that you have set up the standards and procedures or are working with an institution like Akoya that can help vet those standards to make sure that that information is safe. 

Jeroen Holscher: Yes, so in the end, it will be part of the due diligence, right? One of the questions you will have to ask is what is that third party doing with that data? How can they protect it in the end? And remember, most open banking today is coming from the practice, screen scraping, which is even worse. So, I think it's a step in the right direction. It's already going to be better than what it is now. There must be some stringent way of assessing those third parties, so they are applying to the game rules, and you can be sure that whatever you share, there's no data breech. 

Courtney Robinson: No right, Jerome, I forgot. I don't know how screen scraping fell out of my head. I guess I just blocked it. It's terrible. 

Jeroen Holscher: You're already on the you're already in the future. Right? So, you're. 

Courtney Robinson: Move to the future. We do not we. We do not want screen scraping. So again, at least, we are moving in the right direction with the regulation. But you must be able to show they've met those standards. 

Olivia Fahey: Yes, we, I feel like, all we talk about is screen scraping. Courtney, this question is for you. Can you expand on what Akoya can do to help with the ongoing management of third parties? How exactly do you plan to meet evolving obligations, whether they're technical requirements or regulatory changes, as things evolve? 

Courtney Robinson: And again, Akoya is very connected to the standard setting organizations that the CFPB is working with. Though the CFPB has not yet designated a standard setting organization. Externally, we do work with FCX and make sure that those elements for compliance are there. And we're part of that process. We are members, and we have influence there. And I would also say on top of that internally, I mean, this is what this is what Akoya was built for. Akoya exists because consumer safety and ability to work and evolve with standards is paramount. So, we internally make sure that we are following and reviewing any updates, we proactively communicate that information with our customers, and we work very closely with our customers or anybody who's working with us to make sure that that not only we are compliant, but you are aware of any evolving standards and can meet them. So, I think that the manages services part of the work that that we discussed, and that that high touch part like that's where our strengths come through and being able to stay updated with that continual evolving regulatory space that we know is going to be there. 

Olivia Fahey: This is what I've heard asked a couple of times, but I'd love to hear the answer. Section 1033 is supposed to level the playing field between large and small financial institutions. Yet these smaller institutions aren't required to comply for years like this goes up to 2030. Do you see smaller financial institutions beginning to move on the business opportunities of Section 1033 or are they waiting? 

Courtney Robinson: That for either one of us I have. And thoughts. I, I know, like, when it comes to any sort of compliance, issues with a financial institution like look things will be put off until they are absolutely 100% necessary, because it's just a matter of resourcing. And what people can do, however, smaller institutions, even ones that must comply later, or have been completely exempted, are still working too. To set up a compliance in this new era that we're going into, because it's not just a matter of being compliant for the sake of being or doing it for the sake of being compliant, but also being competitive like this is, this is a way to get information about your customers to do work in service of your customers. So, yes, it's further out, but it's still, at least from what I have seen talking to these institutions and working with them there, there's still a desire to plug into this so that they don't fall behind generally. Again, this is this is about modernization and consumer access, and that's universal, irrespective of the institution's size. 

Jeroen Holscher: Let me let me throw in a different angle, because I think the institutions that are regulated on this one. They will focus to Courtney's point on becoming compliant, so all the energy will be going into becoming compliant, so they will be on the water to come in one and a half years. 

Good news for the smaller financial institution. Don't have that. They don't have that burden yet. So, I would say, focus on the value you can get from it. 

Courtney Robinson: Right. 

Jeroen Holscher: Let the regulated one sort out all these complexities we discussed amongst others in this webinar. If you have sorted out how you can make the end the business out of it. Yes, then you notice the compliance part from the ones that have created it, and you can go to business at once. Maybe it's a bit opportunistic. Maybe it's a bit wishful thinking, but I, at least have seen large banks being sucked into the compliance completely, and then only after, when you have come through that hurdle, start thinking about how to make money out of it, just because it's sucking up all the all the oxygen out of the discussion. That is what potentially the smaller institutions can receive help from. 

Olivia Fahey: Thank you both. We're right on time. If anyone would like to learn more, please visit us at https://akoya.com/1033. From there you can request a 30-minute custom demo for your financial institution. You can access overview materials, and you can get back to that readiness assessment and cost calculator. We'd love to hear from you. So, check us out there. I'd like to thank Courtney and Jerome. Thank you so much for being here with us today, Jerome.  

So, thanks again for joining us, and we'll see you soon. 

Access your CFPB 1033 readiness assessment and cost calculator.

Learn more about Akoya’s 1033 Compliance Solution.