By Richard Atkinson, GM Consumer Product, illion
The Australian Competition and Consumer Commission has published its third set of amendments of the Consumer Data Right (CDR) rules which are required to underpin Australia’s emerging open banking system.
The amendments follow the release of a Consultation Paper by the ACCC in October 2020, where feedback was requested on the following proposed Rules changes:
- Introduce new accreditation levels: creating new pathways for service providers to become accredited data recipients. Proposals for new levels (‘tiers’) of accreditation are intended to lower barriers to entry and reduce compliance costs for service providers that do not require unrestricted access to CDR data. They also recognise that supply chains for data services regularly involve multiple service providers, and that CDR participants can appropriately manage risk and liability through commercial arrangements.
- Provide greater choices for consumers about who they share their data with: permitting accredited data recipients to disclose CDR data with a consumer’s consent to third parties, including to their trusted professional advisors (such as accountants, tax agents and lawyers), and any third party on a limited ‘insights’ basis.
- Increase consumer benefit: allowing business and corporate consumers to access their CDR data, and adding flexibility and functionality to improve consumer experience in relation to the management of consumer consents to collect and use CDR data, joint bank accounts and accounts that have additional card holders.
The latest Rules amendments have addressed the Increase consumer benefit component, and illion is strongly supportive of these changes. illion is concerned, however, that the amendments do not address the Introduction of new accreditation levels or the Provision of greater choices for customers about who they share their data with.
illion has made several submissions to the ACCC’s CDR Rules drafting process, and has long advocated for a system that makes it easy for individuals to securely share their data while providing mechanisms for businesses to securely access CDR data, at the same time minimising barriers to entry.
We note that the latest amendments fail to meet the Government’s own recommendations for tiered access to data; Recommendation 4.8 in the Government Inquiry into the Future Directions for the Consumer Data Right.
The goal of the CDR is to give customers a right to direct that their data be shared with others they trust, so that they can benefit from its value. To achieve this outcome, the Rules framework must balance security and cost of accreditation against facilitated data sharing.
We are six months away from all ADIs having to expose transactional data to the CDR, however the current Rules still have a single model for accreditation of organisations to receive CDR data.
In illion’s experience, the current model imposes a significant cost on an organisation to achieve accreditation. There is a clear and present danger that the benefit of CDR will not be realised as the barrier to access the data (in the form of accreditation) is too high.
At this stage it is now not clear whether further amendments are planned to address these two critical areas. This is further complicated by responsibility for the drafting of future Rules amendments passing from the ACCC directly to the Treasury in February-21.
Where it all leads now is the big unknown. The ACCC has addressed the easy question, but what about the other, more difficult questions?
We know from the introduction of the UK’s open banking model that regulation was a big problem. The UK’s open banking system has been operational for two years now but the legislation and Rules haven’t provided a good foundation for it to be really successful.
Let’s make sure we learn from their issues and get it right in Australia – aligned to the original goals of the Consumer Data Right and the Future Direction that the Government has articulated.
To access our full summary of the latest amendments, click here.