1. Overview
The ITAM application can display information about accounts you hold at banks and other financial institutions other than PayServices Bank, with your permission. This is sometimes called "account aggregation," "open banking," or "consumer-permissioned data access." This page explains how that capability works, the legal framework that governs it, and the responsibilities of PayServices Bank and of the institutions that hold those accounts.
2. How aggregation works
You may, in the ITAM application, link an account that you hold at another financial institution. To do so, you authenticate to the holding institution (for example, by signing in with your credentials or by approving a connection through the holding institution's mobile app), and you grant ITAM permission to retrieve specified information about that account — such as the balance, transaction history, account number, and account-holder details — for display in ITAM.
You may revoke that permission at any time, either in the ITAM application or by withdrawing access at the holding institution. Revocation takes effect promptly, although already-displayed information may remain in ITAM until you choose to remove it.
3. Legal basis
Account aggregation in ITAM operates under the following legal framework:
- Section 1033 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (12 U.S.C. § 5533) — the statutory provision establishing your right to access your own financial data. The CFPB's implementing rule (the "Personal Financial Data Rights Rule," 12 CFR Part 1033) was finalized in October 2024 and is currently subject to ongoing rulemaking and litigation; we operate in accordance with the underlying statutory right and with the rule as in effect from time to time;
- Federal Trade Commission Act § 5 and state unfair-and-deceptive-practices laws — governing how aggregated data may be displayed and used;
- Gramm-Leach-Bliley Act — governing how nonpublic personal information passing through PayServices Bank is treated;
- The terms and conditions of the holding institution — which govern your relationship with that institution and the terms on which it permits third-party access to your data;
- Common-law agency principles — under which we act as your agent in retrieving the data you have authorized.
4. You are the principal; ITAM is your agent
When the ITAM application retrieves and displays information about an account you hold at another institution, we act as your agent and on your behalf, exercising the right of access you have granted us. We are not the account-holding institution for that account, we are not a custodian of the funds in that account, and we are not a fiduciary or adviser to you with respect to that account.
5. The holding institution is the source of truth
The information we display about an account at another institution is retrieved from that institution's systems. We do not independently verify the accuracy of that information. The records of the holding institution are the authoritative source of truth for your balance, transaction history, and account status. If the information displayed in ITAM differs from information provided by the holding institution, the holding institution's records control.
Information may be delayed, incomplete, or unavailable for reasons including: network latency; outages at the holding institution or its data-access provider; revocation of access by the holding institution; expiration or revocation of your authorization; rate limits; the holding institution's data-format limitations; or events of force majeure. We will indicate in-app where information is potentially stale or unavailable.
6. Responsibility for displayed third-party account information
The responsibility for accounts at financial institutions other than PayServices Bank, and for the information disclosed about those accounts in the ITAM application and on the PayServices Network, lies with those other institutions — not with PayServices Bank. This means:
- The accuracy of the balance and transaction information is the responsibility of the holding institution;
- The terms governing your account — including fees, interest, deposit insurance, holds, limits, and dispute-resolution — are the terms of the holding institution;
- Errors, unauthorized transactions, fraud, and disputes affecting an account at another institution are governed by the holding institution's procedures and the federal and state laws that apply to that institution;
- The federal Regulation E error-resolution rights you have at the holding institution apply to that institution; PayServices Bank is not the institution that holds the account and cannot resolve those errors. We will, however, assist you in directing your inquiry or dispute to the appropriate party.
7. PayServices Bank's liability for displayed third-party data
PayServices Bank is not liable for losses arising from your reliance on information about a third-party account that is displayed in the ITAM application, except where the loss is caused by our gross negligence or willful misconduct in our handling of that information. Without limiting the foregoing, PayServices Bank is not liable for:
- Inaccuracy, staleness, incompleteness, or unavailability of data caused by the holding institution or its data-access provider;
- Errors in the data feed that are passed through to ITAM without our actual knowledge;
- Decisions you make based on aggregated data displayed in ITAM, including transaction decisions made on the assumption that the displayed balance is current;
- Termination or restriction of access by a holding institution;
- The terms, fees, errors, fraud, or other matters affecting an account at a holding institution — all of which are the responsibility of that holding institution;
- Force majeure, system unavailability, or other events outside our reasonable control.
This limitation is in addition to, and does not replace, the limitations of liability set out in the Terms of Service.
8. Security and privacy of aggregated data
We retrieve, transmit, and store aggregated data using industry-standard security measures, and we apply our Privacy Notice to that data on a pass-through basis — meaning that the data is treated with the same security and confidentiality standards as data originated by PayServices Bank. We use, where available, secure tokenized API connections established through the holding institution or its data-access provider; we do not retain your credentials at the holding institution.
If you revoke access at the holding institution, we will cease retrieving new data promptly upon notice. Already-retrieved data may remain in ITAM until you choose to remove it from your in-app history, and may be retained by us for the period required by law (for example, for AML recordkeeping).
9. Termination of aggregation services
You may revoke access at any time, either in the ITAM application or by withdrawing your authorization at the holding institution. Once access is revoked, the affected accounts will no longer display new information in ITAM.
The holding institution may, with or without notice and at its discretion, terminate or restrict our access to your data at that institution. If that occurs, we will indicate in-app that the affected accounts are no longer displaying current information, and you will need to re-authorize access (or contact the holding institution) for displaying to resume.
We may, in our discretion, terminate or restrict aggregation services to you, in whole or in part, if we determine that continued aggregation poses a security, fraud, regulatory, or operational risk that warrants such action.
10. Contact us
For questions about account aggregation in ITAM, or to report a problem with displayed third-party data:
PayServices Bank — Account Aggregation
950 W Bannock Street, Suite 1100
Boise, Idaho 83702-6140
United States
info@payservices.com
For disputes or errors affecting an account at another financial institution, please contact the institution that holds the account directly. We will assist you in identifying the correct contact on request.