JPMorgan Chase has secured deals ensuring it will get paid by the fintech firms responsible for nearly all the data requests made by third-party apps connected to customer bank accounts, CNBC has learned.

The bank has signed updated contracts with fintech middlemen that make up more than 95% of the data pulls on its systems, including Plaid, Yodlee, Morningstar and Akoya, according to JPMorgan spokesman Drew Pusateri.

“We’ve come to agreements that will make the open banking ecosystem safer and more sustainable and allow customers to continue reliably and securely accessing their favorite financial products,” Pusateri said in a statement. “The free market worked.”

The milestone is the latest twist in a long-running dispute between traditional banks and the fintech industry over access to customer accounts. For years, middlemen like Plaid paid nothing to tap bank systems when a customer wanted to use a fintech app like Robinhood to draw funds or check balances.

That dynamic appeared to be enshrined in law in late 2024 when the Biden-era Consumer Financial Protection Bureau finalized what is known as the “open-banking rule” requiring banks to share customer data with other financial firms at no cost.

But banks sued to prevent the CFPB rule from taking hold and seemed to gain the upper hand in May after the Trump administration asked a federal court to vacate the rule.

Soon after, JPMorgan — the largest U.S. bank by assets, deposits and branches — reportedly told the middlemen that it would start charging what amounts to hundreds of millions of dollars for access to its customer data.

In response, fintech, crypto and venture capital executives argued that the bank was engaging in “anti-competitive, rent-seeking behavior” that would hurt innovation and consumers’ ability to use popular apps.

After weeks of negotiations between JPMorgan and the middlemen, the bank agreed to lower pricing than it originally proposed, while the fintech middlemen won concessions regarding the servicing of data requests, according to people with knowledge of the talks.

Fintech firms preferred the certainty of locking in data-sharing rates because it is unclear whether the current CFPB, which is in the process of revising the open-banking rule, will favor banks or fintechs, according to a venture capital investor who asked for anonymity to discuss his portfolio companies.

The bank and the fintech firms declined to disclose details about their contracts, including how much the middlemen agreed to pay and how long the deals were in force.

“JPMorgan tends to be a trendsetter. They’re sort of the leader of the pack, so it’s fair to expect that the rest of the major banks will follow,” said Brian Shearer, director of competition and regulatory policy at the Vanderbilt Policy Accelerator.

Shearer, who worked at the CFPB under former director Rohit Chopra, said he was worried that the development would create a barrier of entry to nascent startups and ultimately result in higher costs for consumers.

Proponents of the 2024 CFPB rule said it gave consumers control over their financial data and encouraged competition and innovation. Banks including JPMorgan said it exposed them to fraud and unfairly saddled them with the rising costs of maintaining systems increasingly tapped by the middlemen and their clients.  

When Plaid’s deal with JPMorgan was announced in September, the companies issued a dual press release emphasizing the continuity it provided for customers.

But the industry group that Plaid is a part of has harshly criticized the development, signaling that while JPMorgan has won a decisive battle, the ongoing skirmish may yet play out in courts and in the public.

“Introducing prohibitive tolls is anti-competitive, anti-innovation, and flies in the face of the plain reading of the law,” said Penny Lee, CEO of the Financial Technology Association, told CNBC in response to the JPMorgan milestone.

“These agreements are not the free market at work, but rather big banks using their market position to capitalize on regulatory uncertainty,” Lee said. “We urge the Trump Administration to uphold the law by maintaining the existing prohibition on data access fees.”

Govini has fired Eric Gillespie from its board of directors after the founder was charged with attempting to solicit sexual contact with a minor online.

“The actions of one depraved individual should not in any way diminish the hard work of the broader team and their commitment to the security of the United States of America,” the defense software startup said in a release late Wednesday.

The company said the 57-year-old had no access to classified information since stepping down as CEO nearly ten years ago.

On Monday, the Pennsylvania Attorney General’s Office charged Gillespie with four felonies, including multiple counts of unlawful contact with a preteen.

A judge denied bail for Gillespie, who lived in Pittsburgh, citing flight risk and public safety concerns.

At the time, the Pentagon officials told CNBC that they were investigating the arrest and possible security risks.

Last month, the Arlington, Virginia-based startup surpassed $100 million in annual recurring revenue and announced a $150 million growth investment from Bain Capital.

Govini has a more than $900-million contract with the U.S. government and deals with the Department of War.

Gillespie, who is viewed as an expert in government transparency, was named to the Freedom of Information Act Advisory Committee during the Obama administration in 2014.

He previously worked as an executive at business intelligence platform Onvia.

He is a graduate of Miami University and Harvard Business School.