OpenAI gave ChatGPT Pro subscribers the ability to connect bank accounts, investment portfolios, and credit cards directly to the chatbot on May 15, 2026 — two days after a federal class action was filed in California accusing the company of secretly routing ChatGPT users' private conversation data to Google and Meta without their consent. The juxtaposition is stark: the company's most intimate data integration went live while it was already defending its handling of the data it holds from 200 million monthly users. ChatGPT carries no fiduciary duty — no legal obligation to act in a user's best interest — unlike every licensed financial advisor a user could otherwise consult.
The class action, filed May 13 in the Southern District of California by plaintiff Amargo Couture on behalf of all U.S. ChatGPT users, alleges that OpenAI embedded Meta's Facebook Pixel and Google Analytics tracking code inside the ChatGPT website, causing users' query topics, account identifiers, and email addresses to be silently transmitted to Meta and Google. The suit — Couture v. OpenAI Global, LLC, Case No. 3:26-cv-03000-H-GC — claims those disclosures violated the federal Electronic Communications Privacy Act and California's Invasion of Privacy Act. A separate, earlier complaint filed May 6 in the Northern District of California makes nearly identical allegations. OpenAI did not respond publicly to either suit before this article went to publication.
What the Bank-Account Feature Does — and What It Does Not Do
The new personal finance experience, available in preview on web and iOS for Pro subscribers paying $200 a month, connects user accounts through Plaid, the financial data infrastructure already used by Venmo, Robinhood, and more than 12,000 financial institutions including JPMorgan Chase, Fidelity, Charles Schwab, and American Express. Once connected, ChatGPT generates a live dashboard of spending patterns, subscription activity, upcoming payments, and investment performance, and answers open-ended questions tied to users' actual account data: "Help me build a plan to buy a house in the next five years" now draws on real income signals and debt levels rather than generic advice.
OpenAI has specified what the system cannot do: it reads balances, transactions, investments, and liabilities through Plaid but cannot see full account numbers, initiate transactions, move money, or change account settings. Users can disconnect accounts from the Settings menu at any time. Once disconnected, synced data is removed from OpenAI's systems within 30 days, though past conversations referencing that data are not automatically wiped — users must delete individual chats separately. An opt-in setting labeled "Improve the model for everyone" allows financial conversations to feed back into ChatGPT's training data; users who have already disabled model training in their account settings retain that preference here as well.
The feature runs on GPT-5.5, OpenAI's latest reasoning model. OpenAI worked with more than 50 finance professionals to develop a benchmark for personal finance question quality, on which GPT-5.5 Thinking scored 79 out of 100 and GPT-5.5 Pro scored 82.5. OpenAI acquired the team behind personal finance startup Hiro in April 2026 — backed by Ribbit Capital, General Catalyst, and Restive Ventures — and says the team's expertise shaped the launch.
A Compromised Account Now Yields Your Complete Financial Life
The core security concern is aggregation. Ridhi Shetty, senior policy counsel at the Center for Democracy and Technology's Privacy & Data Project, said that even without access to full account numbers or transaction capability, the financial data collected "can reveal deeply personal details about a person's life, habits, vulnerabilities, and relationships." Shetty also noted that OpenAI's launch announcement makes no commitment on whether aggregated financial data could eventually support advertising or commercial targeting — a silence she characterized as conspicuous given the platform's obvious incentive to monetize.
Diana Kelley, chief information security officer at Noma Security, named the account-takeover risk directly: "View-only does not mean low-risk: if someone takes over your ChatGPT account, they may get a consolidated picture of your balances, spending, investments, debts, goals and financial history." Ram Varadarajan, CEO of cyber deception firm Acalvio, reinforced the point, describing the centralization of financial data inside a single platform as creating "a high-value target for account takeover attacks" because a single successful breach maps a user's net worth, spending behavior, and financial vulnerabilities in one place.
Kelley offered a practical security checklist for anyone considering connecting accounts: enable multi-factor authentication, log out of unused sessions, audit memory settings, disable model training for sensitive conversations, and delete both chats and stored financial memories when they are no longer needed.
No Fiduciary Duty, No Regulatory Floor
The feature arrives without the legal protections that govern every licensed financial advisor practicing in the United States. A registered investment advisor owes clients a fiduciary duty — a legal obligation to act in the client's best interest, enforced by the Securities and Exchange Commission and state regulators. ChatGPT carries no equivalent obligation. OpenAI's own announcement includes a disclaimer that the tool "is not a replacement for professional financial advice," a caveat that sits alongside a product experience deliberately designed to look and feel like professional financial advice.
Shetty questioned the reliability of guidance from "a tool that doesn't abide by the obligations that professional financial advisors have to protect clients' privacy and act in their best interests." The Consumer Financial Protection Bureau has authority under the Dodd-Frank Act to supervise nonbank financial service providers that pose risks to consumers, but no enforcement action targeting the ChatGPT finance feature has been announced. The Federal Trade Commission opened a broader investigation into OpenAI's data practices in 2023 and has not publicly closed it.
Dylan Lerner, a senior analyst at Javelin Strategy, framed the product's competitive logic in less alarming terms, describing the Plaid partnership as a rational step given that large language models "need authenticated data sources to effectively address finances." He noted that the friction of users having to manually feed financial details into a chatbot "has largely disappeared." Lerner did observe, however, that ChatGPT is now positioned to "provide personalized financial advice and own critical 'share of mind,' potentially reducing banks to underlying financial infrastructure" — an outcome that could alter how millions of Americans relate to their own financial institutions.
What Plaid Brings — and What It Cannot Guarantee
Plaid, the infrastructure layer connecting users' accounts, uses encrypted application programming interfaces and does not store banking credentials directly. A Plaid spokesperson told American Banker that the company's OpenAI integration works the same as all other Plaid connections and that data is "only securely shared for specific, approved purposes and only ever with consumers' consent." Plaid already underpins tens of millions of consumer financial connections across thousands of third-party applications, meaning its existing attack surface expands with each new platform that adopts it.
Perplexity expanded its own Plaid-connected personal finance product on May 14 — the day before OpenAI's launch — in what amounts to a parallel race among AI companies to own the consumer finance vertical. OpenAI also plans to add Intuit integration, which would extend ChatGPT's financial reach to cover the tax implications of stock sales and credit card approval odds, moving the product closer to a full financial services platform.
Who Should Connect and Who Should Wait
Pro subscribers are the only users currently affected; ChatGPT's ad-supported tiers — Free and Go — do not have access to the finance feature at launch. OpenAI has said it plans to expand to Plus subscribers and eventually to all users after gathering feedback from the Pro preview. If and when the feature reaches lower-priced tiers that carry advertising, the combination of behavioral financial data and targeted ads inside a single product will face substantially more regulatory and privacy scrutiny.
Anyone connecting accounts should take the following steps before doing so: disable the "Improve the model for everyone" training toggle in account settings, enable multi-factor authentication, and use the temporary chats mode for any sensitive financial inquiry they do not want stored. Users who change their minds can disconnect accounts from Settings and should also manually delete any conversations that referenced their financial data, since those are not automatically removed even after account disconnection.
OpenAI did not respond to questions about whether it plans to require mandatory multi-factor authentication for accounts with linked financial data, or whether it will introduce additional protections before the feature expands to lower-cost subscription tiers.
ⓒ 2026 TECHTIMES.com All rights reserved. Do not reproduce without permission.
