While at a first glance Consumer Data Right (CDR) might seem an intruder to the peace that Australia’s financial institutions have built for themselves, CDR is here to stay and bring benefits to all players involved, provided that we all make it work.
The Australian Competition and Consumer Commission (ACCC) defines CDR as a mechanism requiring Data Holders to allow third parties to securely access bank data, with the end customer’s consent. While it can be easy to tag it along with other Open Banking initiatives, the CDR has a much broader scope than PSD2 or Open Banking in the UK for so many reasons beyond the industries it will apply to (banking, energy, telecom, etc). It grants real power to the users, securely replacing pain points like filling out numerous forms, the complexity of bureaucracy, and the lack of transparency. All this makes banking something truly adjustable to numerous daily life events, in a useful and invisible manner.
Open banking starts from Data Holders truly opening access to Consumer Data and keeping the APIs’ availability stable all the way. So far, out of 97 authorised deposit-taking institutions (ADIs) mandated to be CDR compliant as Data Holders, over 60% appear live on the ACCC site. All of them share Public Product data and only half of them (30) share both Product and Consumer Data.
The ACCC offered detailed documentation on the CDR standard, but only 8 banks have a developer portal or offer some kind of information on their websites about their APIs, keeping open banking quite closed to any third party that would want to test the APIs without being an Accredited Data Recipient (ADR) yet. High costs to get accredited as an ADR and no means of testing are a challenge to enforcing competition, thus limiting the involvement to larger businesses only and cutting off medium and smaller ones from participating.
The deadline for Data Holders to open access to Consumer Data (accounts, transactions, balances) has passed, and their struggle to meet the requirements is visible: tardiness in accepting that CDR is here to stay and no proper planning for it, no clear commercial risks and opportunities for banks, significant additional expenses to bear, suppliers that don’t deliver just yet.
CDR is about opening access to Consumer Data, which is difficult to be perceived as something other than an extra expense by a bank. Accept that change is a part of business and that new opportunities will constantly appear. Having a working environment in place that can support new initiatives will be important. The experience of other markets shows that benefits are visible only when everyone is participating consciously, not just to tick a box.
By opening access to Product and Consumer Data, Data Holders can:
2 years of PSD2 later had more than 80% of the European banks affirming that the directive comes with more opportunities aboard than threats, the latter being seriously outweighed by the advantages that compliant banks are now benefiting from.
I’ll play the captain and say that the easy way is doing it the right way straight from the beginning: delegate. Since everybody has limited resources, focus on what brings value to your business and leave the CDR to a 3rd party provider. For the medium and small banks, that’s the only solution saving them additional expenses, providing the Open Banking expertise, innovative business model experience, and slacking them of the need for operational interaction with the ADRs.
Here are just some of the things any Data Holder should pay attention to when deploying the CDR APIs:
Request all the above elements from your vendor and in addition ask for support with the Conformance Tests, all kinds of audits. A good vendor will take care of everything for you, and will make the relationship with ADRs feel like a partnership more than a competition.
Salt Edge has launched its solution for Data Holders under CDR that will cover banking, energy, and all the sectors yet to come. More on the solution can be read here. Our experience in building Open Banking APIs for more than 100 institutions and consuming the ones of five thousand Open Banking APIs across the world validated our approach. Our solution promises 3 things that are important in Open Banking: cover all regulatory requirements, fast and secure deployment, and will actually work.