Australia has hit the next milestone in its implementation of open banking with new Consumer Data Right (CDR) legislation coming into effect extending the number of banks now expected to share basic consumer data.
The milestone comes exactly one year after open banking became a reality in Australia when the country’s CDR legislation went live on 1 July 2020, with the four major banks – Commonwealth Bank, ANZ, NAB and Westpac – mandated to share access to consumer data for a range of personal accounts with the customer’s permission.
The aim of open banking is to boost competition by enabling third parties such as fintech companies to develop new apps and services.
Since 1 July this year, non-major authorised deposit-taking institutions (ADIs) are required to join the big four banks as ‘data holders’. Under the CDR system, consumers consent to a transfer of their data from a data holder to an accredited ‘data recipient’. An accredited data recipient has been approved by the Australian Competition and Consumer Commission (ACCC) to receive consumer data to provide a product or service.
Currently, the Australian government’s CDR registry lists 16 data holders and 13 data recipients, with most of the latter considered fintechs. Although the ‘big four’ have millions of customers, the impact of non-major ADIs becoming data holders is not to be underestimated: there are more than 100 non-major ADIs in Australia encompassing smaller banks, credit unions and mutuals.
CDR amendments for consultation
The Department of the Treasury also released draft amendments to the CDR rules for consultation on 1 July. These propose reducing cost barriers to participation in open banking with the introduction of a new ‘sponsored accreditation model’. This could see fintechs using accredited data holders’ infrastructure or providing services on their behalf, dramatically increasing the number of companies involved in the scheme.
The amendments are also aimed at enabling more Australians to leverage their data in common banking scenarios, such as data sharing from joint accounts, sharing data with trusted professional advisers (including accountants and tax agents), and allowing consumers to disclose limited data insights for specific purposes, such as to verify their account balance.
According to a press release from the Office of the Minister for Superannuation, Financial Services and the Digital Economy, the amendments will expand the ways in which service providers will be able to use the CDR to offer benefits to consumers. Interested parties can submit responses up until 30 July.
The country’s open banking implementation timeline stretches to February 2022. Currently, ‘phase 1’ consumer data, such as savings, debit or credit card accounts, must be shared by non-major ADIs from 1 July. From 1 November, they will have to start sharing ‘phase 2’ data, which includes residential home loans, investment property loans and personal loans. Finally, ‘phase 3’ data comes into play in February next year. This includes investment loans, asset finance and retirement savings accounts. The big banks have been sharing consumer data for phases 1, 2 and 3 since February 2020.
Data quality issues and exemptions
Australia’s open banking era began after a six-month postponement for further testing amid security and privacy concerns. But the current CDR rollout has come with a new share of problems: according to minutes from a meeting of key stakeholders in April, regulators have investigated data quality issues reported to them by interested parties.
‘While there appears to be a generally high level of compliance across [data holders], [the ACCC] have identified a number of potential data quality and availability issues and they have written to each of the banks affected by that apparent discrepancy to ask for more information,’ the minutes of the Data Standards Advisory Committee meeting read.
The ACCC stated that in March it had sent a letter to a number of data holders requesting responses to their findings and that they were reviewing those responses as they came in, expecting compliance to increase as a result of the review.
Another issue seems to revolve around the large number of financial institutions seeking exemptions from the ACCC pushing out its entry to the scheme until July 2022 or later. Payments provider Cuscal Limited became the most recent institution to be granted an exemption on 1 July, deferring the commencement dates of its phase 1 and phase 2 consumer data sharing obligations and its direct-to-consumer obligations until 1 February 2022. The ACCC has currently granted 44 exemptions and many of them are still in force.
FURTHER READING
Global Government Fintech’s dedicated open banking / open finance section
‘Open banking “set to become globally ubiquitous”: report’ – our news story (21 June 2021) on a report, ‘Open Banking Readiness Index: The Future of Open Banking in Europe’ that described open banking as ‘fast becoming a worldwide phenomenon’
‘Australian central bank explores wholesale digital currency’ – our news story (4 November 2020) on the Reserve Bank of Australia issuing an update on its research into a potential central bank digital currency
‘Australia reviews payments regulation as pandemic accelerates digital adoption’ – our news story (28 October 2020) on Australia’s government launching a review of payments regulation to ensure it remains ‘fit for purpose’ as the popularity of digital payments surged during the Covid-19 pandemic
‘Open banking gets off to slow start in Australia’ – our news story (9 July 2020) on open banking becoming a reality in Australia after the country’s CDR legislation went live
