Are your doors open for Open Banking?

Print Friendly, PDF & Email

By Chris Dirckze, Special Counsel

The dawn of the Consumer Data Right (CDR) regime is upon us. With Open Banking championing the launch of this new framework, the time is now for businesses in the financial services industry to familiarise themselves with the significant requirements and opportunities provided by CDR. We urge all financial services organisations (FSOs) to take advantage of the opportunities that CDR/Open Banking presents.

What is the Consumer Data Right (CDR)?

The CDR is a general right for consumers to control their data, allowing them to access data about them held by businesses and safely share their data with trusted recipients of their choice, entirely free of charge. The CDR is currently being implemented in the banking industry (as Open Banking) (at first only to the Big 4 banks), and will eventually be rolled out across much of financial services, retail energy, and the telecommunication sectors. All customers, whether individuals or small, medium or large businesses are entitled to exercise this right.

What is Open Banking?

The Open Banking regulatory framework is found in the Competition and Consumer (Consumer Data Right) Rules 2020 (Cth); Treasury Laws Amendment (Consumer Data Right) Act 2019 (Cth); and the Consumer Data Standards.

All Australian Authorised Deposit-taking Institutions (ADIs) must comply with Open Banking, including credit unions and building societies, although it starts with the Big 4 and is likely to extend to most FSOs over time. Anyone can apply for accreditation to receive CDR/Open Banking data (not just FSOs). The key piece surrounding CDR is customer consent. Data recipients (who must be registered) may only use data transferred to them in accordance with the customer’s explicit and informed consent and must return the favour – those receiving customer information must also respond to requests by customers to share customer information with other accredited entities.

The data that must be shared upon receiving a customer’s CDR request is information about that customer’s:

  • product data (being banking products) ;
  • consumer data (being customer data); and
  • transaction data (being the use of banking products).

CDR data is to be shared using Application Programming Interfaces (APIs), consistent with the approach in the United Kingdom, Hong Kong, Singapore, and New Zealand. The technological standards for APIs are set by the Data Standards Body and the cost of constructing and maintaining the APIs is the responsibility of all ADIs.

The Open Banking Timeline

Open Banking officially started on 1 July 2019, with the four major banks (ANZ, Westpac, Commonwealth Bank and NAB) sharing product reference data on a voluntary basis. All consumer data relating to credit and debit cards, deposit accounts and transaction accounts must be made available from 1 July 2020, and consumer data regarding mortgage and personal loan data must be shared from 1 November 2020.

The proposed phasing timetable released by the ACCC can be found here.

What are the likely effects of Open Banking?

This seismic shift in banking introduces a number of risks and opportunities for ADIs and non-ADIs alike. Whilst the regime involves some initial costly implementation due to the API requirements, banks in particular can take this opportunity to invest in conducting regular health checks on and/or upgrading their legacy systems. Further, all involved in the Open Banking regime will be able to adopt an API strategy, which offers a more fluid framework that allows for faster and more innovative transformations. It is also likely that we will see more Banking-as-a-Service offerings, with banks finding the right match to meet their customers’ needs, even if it involves a competitor’s solution.[1]

Australia is not the only country pushing the Open Banking agenda forward. More and more countries all over the world are enacting legislative changes to regulate the data economy. In light of these changes within Australia and internationally, it is essential for financial services businesses to consider their competitive advantage and utilise Open Banking to provide value to their customers. Now is the time to seize the day and take advantage of the significant opportunities presented by Open Banking and the CDR.

As experts in the CDR, Open Banking, privacy and financial services, Mills Oakley is fully equipped to assist you in preparing for the CDR/Open Banking regime. Let us help you understand and embrace the opportunities of CDR/Open Banking.

Please contact Chris Dirckze ([email protected]) for further information.

[1] Open banking can be a competitive advantage: Here’s how by Adrian Melillo at

For further information, please do not hesitate to contact us.

Warning: Undefined variable $postsToDisplay in /home/millsoakleycom/public_html/wp-content/themes/millsoakley/single.php on line 327

Get the latest news insights and articles straight to your inbox, simply enter your details.




    *Required Fields

    Digital Law

    Submission to the Reserve Bank of Australia Review of Retail Payments Regulation – the Bank should commence eAUD trials as soon as possible