The Australian Consumer Data right is an opt-in service which gives Australian consumers the ability to choose which financial services providers have access to their data, what data is shared & for how long it can be used by a specific organization.
When did the CDR come into effect?
The consumer data right legislation was first passed on November 26th 2017. Australia was one of the first countries in the world to regulate access to consumer’s personal information. The CDR officially went live in the banking sector on July 1st 2020 – with plans to be fully rolled out across all banking institutions by Februrary 1st, 2022
The law was created with a one specific goal in mind: to give Australian consumers more control over their private data.
What can Australians expect from the CDR legislation?
Under CDR legislation, consumers have full autonomy over what information they want to share with banks and financial services providers.
In the instance that a consumer choose not to consent their personal information will be encrypted and blocked from access by any third party. This can also be changed at will i.e. if a consumer moves from one bank to another, they can choose to revoke all data permissions that their previous provider had.
Consumers are also able to view a list of all organizations that have attempted or had requested consumer data in the past 12 months and they can object to any of those requests.
How does the CDR work?
The CDR laws requires applicants to undergo a rigorous application process which ensures that their technical infrastructure, internal policies and customer communications standards meet OAIC and ACCC guidelines.
Once approved – a new or existing consumer of a financial product can elect to opt-in to share their data with a financial provider, designated gateway or accredited data recipient. Following this, consent is captured & identity is validated electronically. Finally, a consumer can elect what data they share & for how long it will remain accessible before this information is encrypted and sent securely using API protocols
What is the relationship between the CDR & open banking?
Although the CDR is a relatively new digital standard – it has quickly been adopted by the banking industry to overhaul the way in which consumers can apply for new products & switch between service providers.
This open banking framework can be utilized by consumers to get better insight on their banking activities across all major banks they use & very soon will extend to non-major banks & financial services providers. Pundits also argue that by giving consumers the power to monitor their own banking activity, it may increase financial literacy & boost the opportunity for consumer rights advocates and groups to educate people about their data rights.
On the other hand – a tremendous opportunity exists for merchants to take advantage of the open banking system to increase the speed & accuracy of assessing customer risk, reduce fraud & to provide more competitive pricing due to the transparency of information