Written by Scott Farrell - Senior Partner at King & Wood Mallesons, Co-chair of the Australian Government's FinTech Advisory Group and Leader of the Australian Government’s review into Open Banking
The law to establish the Consumer Data Right (CDR) has been passed by the Australian Parliament. The way is now clear for Open Banking to start in Australia, as the first implementation of the CDR. After so much work has gone into the development of CDR and Open Banking, Australian customers will soon have the right to ask for their data to be shared with others they choose to trust.
Customer control, choice, convenience and confidence
In Australia, the Consumer Data Right is a general right created for consumers to control their data, including who can have it and who can use it. It is to form a single customer-driven data sharing framework across the Australian economy. Banking is the first sector and its implementation is called Open Banking. After banking, more sectors of the economy (including energy and telecommunications sectors) will follow. Background on the Consumer Data Right is summarised in our recent Alert and some international context is summarised in this Alert. The Consumer Data Right, and its implementation in Open Banking, follows the recommendations of the Australian Government’s Open Banking Review, which emphasised customer control, choice, convenience and confidence.
Open Banking is the first phase
Key features of the Open Banking system are summarised in the ten points in the following diagram.
The data which customers can request be shared includes product data, transaction data and customer data relating to a range of bank accounts including credit cards and mortgages. All Australian Authorised Deposit-taking Institutions (ADIs) must comply with Open Banking, including banks, credit unions and building societies. Other entities can also participate, for example by seeking accreditation to receive Open Banking information through the system. Entities accredited to receive Open Banking data must also respond to customers’ requests to share Open Banking data.
The data standards provide for the Open Banking data to be shared using Application Programming Interfaces (APIs). This provides a mechanism for customers to authenticate themselves to a data holder and authorise the sharing of that data by that data holder with the nominated accredited recipient.
The clock is now running
The current timing for the commencement of Open Banking in Australia to different types of ADIs and different types of banking products is set out in the following diagram. The four largest Australian Banks are required to start before the other ADIs. However, other ADIs may choose to participate before they are required to.
There are still a few steps to be competed. The ministerial designation of banking as the first sector of the CDR needs to be finalised and issued, rules need to be finalised by the Australian Competition and Consumer Commission and the data standards completed by the Data Standards Body. Also, a period of testing needs to be completed by the initial data holders and accredited entities. However, the passing of the legislation will allow this remaining work to now be completed.
Beyond open banking
Open Banking is only the beginning of the Australian Consumer Data Right. Consultation has already commenced on its application to the energy sector and telecommunications is to follow. The Australian Government has stated that other sectors are to be added after those, across the Australian economy. Together, the sectors are to form a single customer-centric data-sharing framework. For businesses in Australia, this is
more than a question of compliance. It is an opportunity which should drive competitiveness and innovation within, and between, businesses and sectors. For many Australian businesses it offers the framework to change their relationships with their customers and participate in Australia's emerging data economy.