The convergence of technology and financial services has sparked innovation in the global banking system. In Australia, this financial revolution that will connect consumers, banks and third-party applications will demand traditional banks to rethink their traditional transaction model
During the Federal budget in 2017-2018, the treasurer announced that open banking would be introduced in Australia's banking system. As part of open banking, a new bill "Consumer Data Right" (CDR) was recommended to enable consumers to access information held by banks in a safe and convenient way.
While the treasury is responsible for overseeing the development of CDR legislation, The Australian Competition and Consumer Commission (ACCC) that is the lead regulator for designing the rules supporting the CDR legislation and The Office of the Australian Information Commissioner (OAIC) that advises the Treasury and ACCC on privacy safeguards, will consequently handle customer complaints related to the regime. Data 61, being the data arm of The Commonwealth Scientific and Industrial Research Organization (CSIRO) is the interim body responsible for developing the technical standards related to APIs, information security and customer UX.
Once CDR is passed it will enable consumers to gain more control over their information leading to convenience, enable secure access to consumer data by trusted and accredited agencies and is expected to enable more choice and competition in the Australian market eventually promoting public interest.
While the government has introduced the CDR bill to parliament, weeks after the launch of the open banking pilot launch, through our quick guide, we aim to address the most commonly asked questions about Australia open banking and what it means for banks and other financial institutions, FinTechs.
In this post we cover the most frequently asked questions for Open Banking in Australia:
CDR lays the ground rules for open banking and once enforced, will give consumers a right to direct the data acquired about themselves, by business, for acquiring a product (name, contact details, eligibility to acquire etc.) and data related to use of the acquired product (transaction data, account balances etc.) to be shared with accredited third parties they trust (consent based) and ultimately be benefitted from customized products and services.
In the banking sector, open banking is synonymous with CDR. It is the first sector to which the general right will apply. With data emerging as new money other sectors like telco and energy in Australian economy will also implement CDR to unleash better customer experience across industry sectors thereby fostering economic growth and create new high value jobs.
The roadmap to CDR implementation will continue in a phase-wise approach with product data for credit & debit cards, deposit & transaction accounts being already made available to public since 1 July 2019 by initial data holders and consequent sharing of customers CDR data by initial data holders (Big four) followed by reciprocal data holders (Tier 2 banks and other accredited third parties) and finally by subsequent data holders (foreign bank branches) as per the schedule stipulated in the actual CDR framework. More info here.
The treasurer has designated banking industry as first subject for CDR rules and the rules framework applicable to enforce open banking scheme is termed as "Designated instrument". Following data are subject under open banking:
Customer Data- Data about the customer provided in connection with acquiring a product
Product Use Data- Data about the use of the product by the customer
Product Data- Data about the product per se
Accreditation is the procedure to be followed to get enlisted as a data recipient (consumer of CDR data post consent) in the open banking regime. As part of accreditation procedure, prospective data recipients must provide a description of their planned services for consumers using CDR data as an accredited data recipient.
Apart from drafting guidelines for secured implementation of open banking, the ACCC will also credit entities to be qualified for receiving CDR data from consumers. ACCC will manage an online register of accredited data recipients and data holders
Note: Formal dates announced by ACCC to begin engaging interested parties for accreditation is 1 July 2019
While CDR enables development of better products and services, it throws many challenges to the banks like:
The Open Banking in the UK follows the PSD2 and CMA9 regulations while open banking in Australia is part of the Consumer Data Right.
In Australia, open banking is regulated by the Australian Competition and Consumer Commission (ACCC), Office of the Australian Information Commissioner (OAIC), Australian Securities and Investments Commission (ASIC), Australian Prudential Regulation Authority (APRA) and Reserve Bank of Australia (RBA) and other sector-focused regulators.
In the UK, the open banking framework is regulated by CMA with standards set by the UK Open Banking Implementation Entity (OBIE) and regulated by European Union's PSD2. In PSD2, National Competent Authorities (NCAs) regulate and control the banks in national markets to ensure PSD2 compliance.
Australian open banking standards diverge in many places when compared to UK, as Australia is implementing a banking standard within a broader consumer data regime which is intended to operate across sectors. However, the program in Australia has adopted globally used information security protocols and following the UK on information security adopting Oauth 2.0 and OpenID connect. In terms of API endpoints there are 60% commonalities per the draft standards v 0.8.4 published earlier in GitHub
A credit bureau is a body that collates and distributes CCR data from credit providers about a borrower's financial record. Credit providers such as banks, building societies, utility companies and telecommunications carriers, collect the information about individuals banking activities in relation to consumer credit and send it to the central databases managed by credit reporting bodies (CRBs). This information builds the credit report that are generated through credit reporting agencies operating in Australia. A borrower can seek a free copy of the report from the agencies to know the scores.
Lenders can also access the reports and scores for prior assessment of the borrower's banking behavior before offering a credit card or a loan.
In an open banking regime, a CCR creates a transparent banking process with reduced information disparities between lenders and borrowers. It helps lenders to take more firm lending decisions based on credit scores by approved bureaus.
Debit card accounts
Personal basic accounts
GST and tax accounts
Cash management accounts
Farm management accounts
Pensioner deeming accounts
Lines of credit
Credit and charge cards
Asset finance and leases
Mortgage offset accounts
Retirement savings accounts
Foreign currency accounts
With open banking mandate of data sharing, cybersecurity and data privacy would be key areas of concern for banks. To help banks adhere to Australian regulations and improve security of data sharing, Australia has introduced the Notifiable Data Breaches (NDB) scheme.
Agencies and organizations regulated under the Australian Privacy Act 1988 (Privacy Act) are required to notify affected individuals and the Office of the Australian Information Commissioner (OAIC) when a data breach is likely to result in serious harm to individuals whose personal information is involved in the breach.This legislation helps to make all agencies and organizations involved in handling personal data more accountable and results in more secured and effective data security.
The open banking regulations differ in each country and organizations needs to consider diverse macro and micro economic factors as per geographies to develop successful financial business models. Open banking is more than a compliance and to capitalize on open banking, banks and financial institutions need to refurbish their digital engine and revamp their business plan to unlock new growth opportunities.
Download our white paper, Open Banking: The New Customer Frontierto learn more about how Open Banking will revolutionize the banking and financial services industry.
We also examine what banks and other financial services companies can do to meet the initial challenge of transformation and then to go beyond that first step by developing new business models that will anticipate changing consumer demands and build the winning companies of tomorrow.
Download our new white paper, Open Banking Beyond Compliance to learn about why monetizing Open Banking APIs is vital for long-term success.
In this white paper, Virtusa surveys the current Open Banking landscape and puts forward recommendations for effective API monetization, including API pricing models, risk and quality control mechanisms, potential new business models, and strategies for open banking. Download here
Subscribe to keep up-to-date with recent industry developments including industry insights and innovative solution capabilities
Learn how Microsoft Customer Engagement Facilities are helping enterprises reach their cloud transformation goals.