With respect to your question on insurance, the insurance business regulations continue to apply. They provide that a bank shall not provide directly or indirectly an insurance company, agent, or broker with any information respecting a customer of a bank in Canada.
These restrictions would apply to investments or partnerships a bank may undertake with third parties such as fintechs. The indirect provision will continue to apply.
With respect to the question on PIPEDA, the existing framework respecting the transfer, sharing, collection, or dissemination of client information would always be subject to consent, subject to the existing privacy frameworks.