What Is Plaid and Why Does It Matter?
Plaid is the invisible infrastructure behind most fintech apps. When you "link your bank account" to a budgeting app, investment platform, or payment service, you're almost certainly going through Plaid.
The company acts as a middleman between your bank and third-party apps. It connects to over 12,000 financial institutions and powers connections for apps like Venmo, YNAB, Monarch Money, Robinhood, and thousands more. As of 2026, Plaid connects to approximately one in three US bank accounts.
One in three US bank accounts is connected to an app through Plaid. That's over 100 million Americans whose financial data passes through this single company.
This concentration creates a massive risk. A single point of failure in data security or data practices affects the financial privacy of over 100 million people. And as we've seen, things have already gone wrong.
What Happened: The CFPB Action and Lawsuits
Plaid's data practices have drawn fire from multiple directions:
The Class-Action Lawsuit (2020-2022)
In 2020, a class-action lawsuit was filed alleging that Plaid:
- Collected more financial data than users authorized
- Used a login interface designed to look like users' banks ("Plaid Link"), which critics called misleading
- Retained transaction history data even after users disconnected apps
- Shared data with third parties beyond the scope of user consent
In 2022, Plaid settled the lawsuit for $58 million. The settlement required Plaid to delete certain data and improve its disclosure practices. Notably, settling is not an admission of wrongdoing, but $58 million is not the amount you pay when everything was fine.
CFPB Scrutiny
The Consumer Financial Protection Bureau (CFPB) has been increasingly focused on data aggregators like Plaid. In the wake of the lawsuit and growing public concern, the CFPB has proposed rules under Section 1033 of the Dodd-Frank Act that would regulate how companies like Plaid access and use consumer financial data.
Key points from CFPB scrutiny:
- Data aggregators should only collect data necessary for the stated purpose
- Consumers must have clear visibility into what data is collected
- Companies must provide easy data deletion mechanisms
- Screen-scraping of bank credentials should be phased out
Why this matters for you: If you've ever linked a bank account to any app, your data almost certainly flowed through Plaid. That data may have been collected more broadly than you realized and retained longer than you expected.
What Data Does Plaid Actually Collect?
When you connect your bank through Plaid, the company can access:
- Account information: Account numbers, routing numbers, balances, account types
- Transaction history: Up to 24 months of transactions including amounts, dates, merchant names, categories
- Identity data: Name, address, phone number, email associated with accounts
- Income data: Payroll information, employer details, income amounts
- Investment data: Holdings, balances, transactions for investment accounts
- Liability data: Loan balances, credit card balances, payment schedules
That's not just "can this app see my checking account balance." That's a comprehensive financial profile covering where you work, what you earn, where you shop, what you invest in, and how much debt you carry.
And here's the part that concerns privacy advocates: once your data passes through Plaid's servers, you're trusting Plaid's data practices, not just the app you intended to share with. The app might be trustworthy. But the intermediary has its own data policies, its own business interests, and its own security vulnerabilities.
Who Is Affected?
If you have ever used any of these services with bank linking, your data has likely passed through Plaid:
- Venmo, Cash App, PayPal
- YNAB, Monarch Money, Simplifi
- Robinhood, Coinbase, Wealthfront
- Chime, Dave, SoFi
- Hundreds of other fintech apps
You can check your Plaid connections at my.plaid.com, where you can see which apps have accessed your data and manage your connections.
How to Protect Yourself
Regardless of whether you consider Plaid's practices a breach, an overreach, or standard business, here are concrete steps to protect your financial data:
Step 1: Audit Your Connections
Visit my.plaid.com and review every app that has accessed your bank data. Disconnect any you no longer use. Delete data for apps you've stopped using.
Step 2: Revoke Unnecessary Access
Many people have bank connections to apps they haven't opened in months or years. Those connections may still be active and pulling data. Disconnect them.
Step 3: Switch to Apps That Don't Require Bank Linking
For expense tracking and budgeting, you don't need to share your bank data. Manual-entry apps like Pocket Clear provide the same budgeting insights without any bank access.
Step 4: Monitor Your Accounts
Regularly check your bank statements for unauthorized access or unfamiliar connections. Enable notifications for all account activity.
Step 5: Consider Privacy-First Alternatives
For every category of financial app, there are alternatives that don't require bank linking:
- Budgeting: Pocket Clear (no bank linking, on-device encryption)
- Payments: Cash or direct bank transfers
- Investing: Direct brokerage accounts without third-party aggregators
Budget Apps That Don't Use Plaid
If the Plaid situation has you reconsidering which apps get access to your finances, here are budget apps that operate without any bank-linking dependency:
| App | Uses Plaid? | Bank Linking? | Data Storage | Price |
|---|---|---|---|---|
| Pocket Clear | No | None | On-device (AES-256) | Free |
| Goodbudget | No | None | Cloud | Free/$80yr |
| Monefy | No | None | On-device | $2.49 |
| YNAB (manual mode) | Optional | Optional | Cloud | $99/yr |
Pocket Clear stands out because it combines no Plaid dependency, on-device AES-256 encryption, full offline mode, and a free price point. Your financial data never touches a third-party server unless you explicitly enable optional cloud sync. Learn more in our privacy-first expense tracking guide.
The Future of Financial Data Sharing
The financial data landscape is changing. The CFPB's proposed rules, consumer awareness, and competitive pressure are pushing toward better practices:
- Open Banking APIs: Banks are building direct APIs so apps don't need intermediaries like Plaid. This is already standard in the UK and EU.
- Consumer data rights: The CFPB's Section 1033 rules would give consumers more control over their financial data, including the right to revoke access.
- Privacy-first alternatives: Apps like Pocket Clear are proving that effective financial tools don't need bank access at all.
But these changes will take years to fully implement. In the meantime, the safest approach is simple: don't share what you don't need to share.
The Pocket Clear approach: We built Pocket Clear with a fundamental belief that a budget app should never need your bank credentials. Your expenses are entered manually, encrypted with AES-256 on your device, and never transmitted to any third party. Zero Plaid. Zero breach risk. Zero compromise.
Frequently Asked Questions
What Users Say About Pocket Clear
"Finally an expense tracker that doesn't need my bank login. Clean UI, works offline, and it's genuinely free."
"No nonsense app. Tap amount, pick category, done. Takes 5 seconds. Best budget app I've tried."
"Partner Mode is a game changer. We track shared expenses without sharing passwords or bank logins."
Try the #1 Free Private Budget App
Pocket Clear: No bank linking, no ads, no subscription. Start budgeting in 30 seconds.