Skip to Content
Login
Close

Quick Links

Tag: Consumer Data Right

New CDR Reforms Set to Boost Australia’s Digital Economy

Posted on by Pradeep Wickramanayaka
new-cdr-reforms-set-to-boost-australias-digital-economy

In a recent speech by Assistant Treasurer Stephen Jones at a CEDA (Committee for Economic Development of Australia) conference, significant changes were announced that aim to reshape Australia’s digital economy, focusing on the Consumer data right (CDR), privacy, and cybersecurity. The speech highlighted both the benefits and challenges brought by the digitisation of the economy, emphasising the need for stronger protections and more effective use of consumer data.

A focus on Privacy and Data protection

The speech underscored the importance of data in the digital economy, recognising the growing concerns among Australians about privacy due to rising incidents of cybercrime and data breaches. To address these concerns, the government is reviewing the Privacy Act to ensure it is fit for the digital age. This review will impose higher standards on businesses to protect customer data.

View the speech by Assistant Treasurer Stephen Jones.

CDR compliance costs report

Heidi Richards’ CDR compliance costs review report, released by Assistant Treasurer Stephen Jones, found that the costs of the Consumer Data Right (CDR) have far exceeded original estimates, with large banks facing significant burdens due to complex technical requirements. The report raises concerns about the rapid changes to CDR rules, low customer usage, and the lack of innovation, partly due to restrictions on using CDR data. Businesses haven’t been incentivised to use CDR data, which has hindered broader adoption and innovation. The report calls for clearer strategic planning and prioritisation of future changes.

View the CDR compliance cost review paper

Reimagining the CDR

The speech acknowledged that the current implementation of the CDR has been flawed, with high regulatory burdens, low uptake, and limited innovation. To address these issues, the government is launching a reset of the CDR, focusing on several key areas that include:

  1. Streamlining consent processes: The government will simplify how consumers give consent to use their data, allowing for multiple consents in a single action, making it easier and more user-friendly.
  2. Improving business access: The government will mandate that data holders, such as banks, provide a straightforward process for businesses to access their own data. This will help businesses, especially small ones, to benefit from the CDR.
  3. Consumption of CDR data: New rules now allow accredited deposit-taking institutions (ADIs) who are data holders to hold consumer data under the Consumer Data Right (CDR) when a consumer applies for or acquires a product. ADIs must notify consumers that their data will be held and inform them of relevant privacy safeguards. This could help accelerate the use of CDR data by banks who are data holders. 
  4. Reforming Standards and Costs: The government will introduce a more structured approach to making standards changes. This includes limiting changes to a few scheduled releases per year, ensuring longer lead times, and considering the cost and regulatory impacts on participants.
  5. Focusing the scope of CDR: To reduce unnecessary costs, the government is examining the possibility of narrowing the scope of data included in the CDR, removing products unlikely to be used.
  6. Prioritising high-value use cases: The reset will prioritise consumer finance, energy switching, and accounting services for small businesses, where the potential benefits to consumers are highest.
  7. Sector expansion: It was confirmed that Data holders would be extended to non-bank lenders to be operational by mid 2026.

View the Consumer Data Right Rules: consent and operational enhancement amendments consultation

Strengthening Cybersecurity and Digital identity

The speech also highlighted the ongoing efforts to strengthen cybersecurity through the National Cyber Security Strategy and modernise the payments system. The government is committed to ensuring that digital identity systems, which simplify and secure the verification process, will reduce the amount of data businesses and governments need to hold, further protecting consumers. There was also a commitment to align CDR development with Digital ID, Payment system reform and Privacy act reform.

View the 2023-2030 Australian Cyber Security Strategy

Moving away from unsafe practices

A significant announcement was the government’s stance on screen scraping, a practice where businesses ask consumers to share their bank passwords. The government is considering a full ban on screen scraping, emphasising that it is fundamentally unsafe and that the CDR should become the system of choice for data sharing. With a commitment to phase out screen scraping, the next 12 months will see Treasury develop a full transition plan.

View the report by Basiq comparing the performance of Open Banking and Web Scraping: “An inside look at Open Banking performance and adoption in Australia

Action Initiation bill passes

Since launch, the Consumer Data Right (CDR) has been “read-only,” allowing data recipients to access and use the data for purposes like lending assessments, budgeting tools, and product comparisons. However, the introduction of the new action initiation power will add a “write” capability, enabling recipients to not only view the data but also perform actions on behalf of customers, such as making a payment, switching providers and updating personal details using the CDR framework.

Amends the Competition and Consumer Act 2010 to establish action initiation reforms, enabling consumer data right (CDR) consumers to direct accredited persons to instruct on actions on their behalf, such as making a payment, opening and closing an account, switching providers and updating personal details, using the CDR framework.

On the same day as Assistant Treasurer Stephen Jones announced the CDR reforms, the Senate passed the CDR action initiation bill. While this is exciting news, the government will still need to consult with industry stakeholders to determine its application, and detailed rules will need to be established.

View the Treasury Laws Amendment (Consumer Data Right) Bill 2022

Conclusion

The speech marked a pivotal moment in the government’s approach to the digital economy, with a clear commitment to improving the CDR, enhancing privacy protections, and fostering innovation. The reset of the CDR aims to reduce costs, encourage adoption, and ensure that consumers truly benefit from the data they generate. By focusing on these areas, the government hopes to build a digital economy that is both safe and innovative, where consumers can trust that their data is protected.

Important Information: This article has been prepared by Basiq Pty Ltd (ABN 95 616 592 011) (Company), and was originally published on 20 August 2024 on www.basiq.io. Information is current as at the publication date, and the Company has no obligation to update or correct this article. The information contained in this article is of a general nature and is not intended to address the objectives or needs of any particular individual entity, and should not be regarded in any manner as advice. To the extent permitted by law, the Company and its related bodies corporate will not be liable for any errors, omissions, defects or misrepresentations in the information in this article or for any loss or damage suffered by persons who use or rely on such information (including for reasons of negligence, negligent misstatement or otherwise. © 2024 Basiq Pty Ltd

1.3 Million Connections by December: Insider Data Reveals Open Banking Success

Posted on by Rafael Damalio
1-3-million-connections-by-december-insider-data-reveals-open-banking-success

Basiq, a leading data aggregator, has released a new report, Changing Perspectives: An inside look at Open Banking performance and adoption in Australia, detailing critical findings on the performance and growth of Open Banking in Australia. 

To date, Basiq has enabled over 900,000 Open Banking connections between consumers and businesses to help with tasks such as budgeting, investing, tax reconciliation and loan applications. It’s expected that by December 2024, the number of Open Banking Connections will hit 1.3 million.

The report analyses connection data from the Basiq platform including volume, success rates and ongoing performance, benchmarking it against the performance of web scraping. Web scraping, also known as Digital Data Capture (DDC) or screen scraping, is the widely used alternative and predecessor to Open Banking.

Analysis of the data has revealed three key findings:

Finding 1: Open Banking growth is booming

The popularity of Open Banking is steadily increasing, challenging the perception of slow growth and minimal uptake. Between October 2022 and March 2024, Open Banking experienced a 30 per cent compounded growth rate on the Basiq platform, with connections rising from 10,400 to 777,000. In the last 12 months, almost 50 per cent of all new connections on the Basiq platform were made via Open Banking.

Finding 2: Open Banking leads to more customers

Contrary to the belief that Open Banking results in high consumer drop-off, Basiq has found its success rate is almost double that of web scraping, with 80 per cent chance of success compared to 42 per cent. Financial institutions implementing more robust anti-scraping measures and heightened business and consumer concerns regarding data security are impacting connection success rates.

Finding 3: Open Banking is superior for ongoing connections

Only 0.17 per cent of Open Banking connections face disruption after six months, compared to 15 per cent for web scraping, making Open Banking 88 times more reliable for businesses requiring ongoing connections, such as budgeting or investment apps.

“We wanted to release our findings publicly to challenge the existing negative Open Banking narrative and provide a more optimistic perspective backed by data,” said Damir.  

“While Open Banking is far from perfect, the highly critical views circulating do not reflect the reality we see,” Damir continued. “Our platform data and customer feedback tell a very different story – one of growth and success.”

“Acknowledging that connection performance is only one factor impacting Open Banking’s growth, we intend to dive into other key topics, including data quality, in future reports,” closed Damir.

Important Information: This article has been prepared by Basiq Pty Ltd (ABN 95 616 592 011) (Company), and was originally published on 4 July 2024 on www.basiq.io. Information is current as at the publication date, and the Company has no obligation to update or correct this article. The information contained in this article is of a general nature and is not intended to address the objectives or needs of any particular individual entity, and should not be regarded in any manner as advice. To the extent permitted by law, the Company and its related bodies corporate will not be liable for any errors, omissions, defects or misrepresentations in the information in this article or for any loss or damage suffered by persons who use or rely on such information (including for reasons of negligence, negligent misstatement or otherwise. © 2024 Basiq Pty Ltd

Business Consumer Disclosure Consent via Basiq’s Consent UI

Posted on by Rafael Damalio
business-consumer-disclosure-consent

The Consumer Data Right (CDR) in Australia has recently undergone significant updates, especially with the introduction of Business Consumer Disclosure Consent. This new form of consent broadens the horizon for business consumers, allowing them to share their CDR data with a wider array of service providers, beyond the traditional “Trusted Adviser” list. This list initially included professionals such as accountants and lawyers but now extends to include service providers like bookkeepers, finance brokers, insurance brokers, and business coaches.

If you want to know more about the changes read CDR is expanding to include non-bank lenders.

Getting straight to the point, the new CDR updates include:

  • Introduction of Business Consumer Disclosure Consent: Expands data sharing options for business consumers, facilitating sharing with a broader range of third party service providers.
  • Greater Flexibility with CDR Data: The V5 Rules update permits data sharing with software applications used for financial administration, offering substantial benefits for service providers and small businesses.
  • Encouraging Open Banking Adoption: Tailored for “business consumers,” this update opens up new opportunities for sharing financial data, crucial for accessing various funding options.

So what are the benefits for service providers?

  • Expanding Data Sharing Capabilities with less legal requirements: Service providers are able to access valuable CDR data and use it based on their existing business agreements without being bound by CDR rules.
  • Streamlining Financial Operations: With access to a broader range of applications for financial administration, businesses can streamline operations such as payroll, invoicing, and more.
  • Facilitating Access to Funding: The ability to share bank statements with finance brokers more efficiently opens up a plethora of funding options for businesses.

The recent updates to the CDR, present a new opportunity for businesses to engage in data sharing. Basiq’s consent UI has been enhanced to accommodate these changes, ensuring that businesses can leverage our platform to share financial data with a broader array of service providers. This enhancement is integrated into our existing consent UI, ensuring that the user experience remains consistent and intuitive.

So let’s take a closer look
The service provider Piper is wanting to collect business account details from a customer so they can offer a better service for their customer. They have integrated with Basiq to use their consent UI solution to allow their business customers to securely connect and share their bank account details in order to speed up this process and reduce manual processing. 

  1. The customer is met with a pre-consent screen within the piper application.
  2. When they agree to continue they are taken to Basiq’s consent UI flow to facilitate the secure access to account details through a relevant financial institution.
  3. The user is presented with details on; who has requested them to share the data (piper) and who is securely collecting it on Piper’s behalf (the ADR – Basiq), what details are being collected, for what purpose and for how long this consent will be valid for.

The Basiq consent UI simplifies the complex and verbose consent flow established by the ACCC and DSB CX (Customer Experience) guidelines. Our focus has always been to strike the perfect balance between compliance with the Consumer Data Right (CDR) regulations and offering an intuitive, user-friendly experience that maximises conversion rates. It aims to:

  • Reduce Drop-offs: By simplifying the consent flow, we aim to decrease the likelihood of users abandoning the process.
  • Increase Transparency: Users are well-informed about the specifics of the data sharing agreement, fostering trust and confidence in the process.
  • Maximise Engagement: A streamlined and user-friendly consent process encourages higher engagement rates, benefiting all parties involved.

The updates to Australia’s Consumer Data Right (CDR), featuring Business Consumer Disclosure Consent, significantly broaden the scope for financial data sharing, enhancing operational efficiency and financial management for businesses. The integration of these updates into the Basiq consent UI simplifies the data consent process, ensuring compliance while optimising user engagement. It enables service providers to offer more tailored solutions, streamlining operations and reinforcing trust in data sharing. 

As open banking evolves, Basiq continues to innovate, empowering clients and their customers to maximise the value of their financial data.

Resources
Have a read of our developer documentation to understand how you can get started with BCDC.

Important Information: This article has been prepared by Basiq Pty Ltd (ABN 95 616 592 011) (Company), and was originally published on 12 April 2024 on www.basiq.io. Information is current as at the publication date, and the Company has no obligation to update or correct this article. The information contained in this article is of a general nature and is not intended to address the objectives or needs of any particular individual entity, and should not be regarded in any manner as advice. To the extent permitted by law, the Company and its related bodies corporate will not be liable for any errors, omissions, defects or misrepresentations in the information in this article or for any loss or damage suffered by persons who use or rely on such information (including for reasons of negligence, negligent misstatement or otherwise. © 2024 Basiq Pty Ltd

CDR is Expanding to Include Non-bank Lenders. What Does it All Mean?

Posted on by Rafael Damalio
cdr-is-expanding-to-include-non-bank-lenders-what-does-it-all-mean

This year, Australia’s Consumer Data Right (CDR) is expanding to include the non-bank lending sector. Specific Non-bank Lenders will be designated as ‘Data Holders’ within the CDR framework, requiring them to implement systems to facilitate consumers in being able to transfer their data to accredited third parties.    

This builds upon the designations in the Banking and Energy sectors, where Data Holders are already operational, allowing consumers to effectively transfer their data. 

November 2024 marks the first milestone for Non-bank Lenders. So what do Non-Bank Lenders need to be aware of? 

Quick recap

The Consumer Data Right (CDR) is an economy wide designed to empower consumers with greater control over their data. It facilitates the secure sharing of data, currently housed in various organisations, with third parties in taking up new services. Banking was the first implementation of the CDR, commonly known as Open Banking, allowing consumers to consent to sharing their banking data with accredited third parties. For more detailed information on Open Banking, refer to Basiq’s definitive guide.

Following Banking, the Energy sector adopted the CDR and soon, Non-bank Lenders will join this initiative. Presently there are over 90 Banks and Energy providers acting as data holders. To see the complete list

Which Non-Bank Lenders must serve as Data Holders?

Treasury has delineated two categories of providers:

Initial provider: A non-bank lender that on the commencement date has over $10 billion in loans/leases and has averaged over $10 billion for the preceding 11 months.

Large provider: A non-bank lender that on the commencement date has over $500 million but less than $10 billion in loans/leases, averaged over $500 million for the preceding 11 months, has more than 500 customers.

What types of Non-Bank Lenders does it apply to?

Some examples of organisations it applies to include:

  • Mortgage lenders
  • Consumer finance companies
  • Buy Now Pay Later (BNPL) providers
  • Leasing and hire purchase providers
  • Marketplace lenders
  • Payday lender
  • Peer-to-peer lenders
  • Salary advance providers

What are Data Holders required to do?

Data Holders must be authorised by the ACCC, fulfilling specific criteria for data security, privacy, and technical capabilities. The implementation of robust security measures, such as encryption and access controls is required to safeguard data. Privacy compliance is crucial, ensuring data use aligns with relevant privacy laws.

Data Holders are obligated to adopt technical standards to facilitate seamless data sharing across  entities within the CDR ecosystem. This involves establishing a consent management framework to obtain and manage consent from consumers. 

Furthermore, ongoing regulatory oversight requires Data Holders to submit regular compliance reports to the ACCC and promptly address any inquiries and issues that may arise.

What are the key dates?

What is a complex request?
A “complex request” under the draft rules is a consumer data request that:

  • Is made on behalf of a secondary user of the consumer
  • Relates to a joint account or a partnership account
  • Is made on behalf of a non-individual CDR consumer whose authorisations are handled by a nominated representative

I’ll be required to be a Data Holder, what should I do?

While providing access to consumer and product data via APIs seem straightforward, the process of becoming a Data Holder is a complex undertaking. Beyond initial requirements, there are continuous obligations related to regulatory changes, maintenance and reporting. Based on feedback from existing Data Holders in the banking sector, it’s prudent to consider engaging a Partner with the requisite  expertise, experience and knowledge.  

Given the urgency and complex requirements, Non-bank Lenders falling under the scope of becoming a Data Holder should take proactive steps in initiating their CDR implementation projects. Here are our recommended actions. 

Step 1: Requirements and Timing
Familiarise yourself with what’s required and “go-live” deadlines

Step 2: Engage a Partner
Work with a Partner that can help you navigate the complex build and maintenance requirements

Step 3: API development
Start building the internal API layer to surface Users, Accounts, Transactions – needs to be done regardless of whether you engage a Partner or not. 

Important Information: This article has been prepared by Basiq Pty Ltd (ABN 95 616 592 011) (Company), and was originally published on 23 October 2023 on www.basiq.io. Information is current as at the publication date, and the Company has no obligation to update or correct this article. The information contained in this article is of a general nature and is not intended to address the objectives or needs of any particular individual entity, and should not be regarded in any manner as advice. To the extent permitted by law, the Company and its related bodies corporate will not be liable for any errors, omissions, defects or misrepresentations in the information in this article or for any loss or damage suffered by persons who use or rely on such information (including for reasons of negligence, negligent misstatement or otherwise. © 2023 Basiq Pty Ltd

Write access and the future of third party payment initiation

Posted on by Rafael Damalio

Basiq and Ernst and Young Australia have teamed up to write a comprehensive white paper looking at the future of Write Access in Australia.

It compares and contrasts two implementations of Write Access for third party payment initiation, proving that the Consumer Data Right is a world leading piece of legislation, drawing upon lessons from the UK and EU.

What are some of the key takeaways from the White Paper?

  • Payment initiation – The most common form of payment initiation is direct debit but this doesn’t leverage data to ensure payment success. Two new approaches have emerged to solve for this with the NPP & CDR Action Initiation.
  • Evolution of Open Banking – Open Banking enables consumers to freely share their consented financial data with trusted third parties. The CDR is currently predicated on ‘read access’ only.
  • Benefits of smart payments – The use of data in executing payments eliminates many issues currently faced with direct debits. These include the elimination of dishonour fees, avoiding failed payments and reducing the incidence of fraud.

Important Information: This web copy and white paper has been prepared by Basiq Pty Ltd (ABN 95 616 592 011) (Company), and was originally published on 14 December 2023 on www.basiq.io. Information is current as at the publication date, and the Company has no obligation to update or correct this web copy or white paper. The information contained in this web copy and white paper is of a general nature and is not intended to address the objectives or needs of any particular individual entity, and should not be regarded in any manner as advice. To the extent permitted by law, the Company and its related bodies corporate will not be liable for any errors, omissions, defects or misrepresentations in the information in this web copy and white paper or for any loss or damage suffered by persons who use or rely on such information (including for reasons of negligence, negligent misstatement or otherwise. © 2024 Basiq Pty Ltd.

Four new use cases for Open Banking’s future

Posted on by Rafael Damalio

The Australian Consumer Data Right (CDR) is designed as an exceptionally forward-thinking policy. However we are only scraping the surface of its potential.

This white paper takes a forward looking view at the Open Banking regime’s future, cemented in four novel use cases.

What are some of the key takeaways from the White Paper?

  1. Novel use cases – New use cases will emerge at the intersection of insights and action. These include Rules and event-based payment initiation, Dynamic credit risk decisioning and Autonomous personal finance.
  2. Towards Open Banking – Historically, consumers have only had the ability to interact with their data via technology known as ‘screen scraping’ but the roll out of Open Banking has accelerated.
  3. What the future holds – Open Banking will be bedded down over the next five years. As the CDR moves into other sector such as energy and telco, innovation will accelerate at an economy wide level.

Important Information: This web copy and white paper has been prepared by Basiq Pty Ltd (ABN 95 616 592 011) (Company), and was originally published on 12 December 2023 on www.basiq.io. Information is current as at the publication date, and the Company has no obligation to update or correct this web copy or white paper. The information contained in this web copy and white paper is of a general nature and is not intended to address the objectives or needs of any particular individual entity, and should not be regarded in any manner as advice. To the extent permitted by law, the Company and its related bodies corporate will not be liable for any errors, omissions, defects or misrepresentations in the information in this web copy and white paper or for any loss or damage suffered by persons who use or rely on such information (including for reasons of negligence, negligent misstatement or otherwise. © 2024 Basiq Pty Ltd.

A practical guide to transitioning to Open Banking

Posted on by Rafael Damalio

As more financial institutions share data via Open Banking, there are specific requirements when it comes to both access and usage. Ensure you’re prepared for the transition by considering the key areas including your UX, Accreditation and Security.

Your handy guide + checklist and prepare for your transition to receiving Open Banking data

Accreditation

In order to use Open Banking under the Consumer Data Right, organisations must choose a pathway for participation in the CDR from a range of models. Which model is best for your organisation?

User Experience

Customer consent underpins the CDR, so the communication of consent along the customer journey is critical. Also what is the actual experience like when it transitions from your app to the banks’ app to sign in?

Security

The CDR sets out specific requirements on the level of security you need in order to be able to use Open Banking data. What documentation do you have and what controls are in place?

Important Information: This web copy and white paper has been prepared by Basiq Pty Ltd (ABN 95 616 592 011) (Company), and was originally published on 12 December 2023 on www.basiq.io. Information is current as at the publication date, and the Company has no obligation to update or correct this web copy or white paper. The information contained in this web copy and white paper is of a general nature and is not intended to address the objectives or needs of any particular individual entity, and should not be regarded in any manner as advice. To the extent permitted by law, the Company and its related bodies corporate will not be liable for any errors, omissions, defects or misrepresentations in the information in this web copy and white paper or for any loss or damage suffered by persons who use or rely on such information (including for reasons of negligence, negligent misstatement or otherwise. © 2024 Basiq Pty Ltd.

CDR, AI & Identity: My thoughts on an insightful two days Intersekt23

Posted on by Rafael Damalio
intersekt23-my-thoughts-on-an-insightful-two-days

Well, a whirlwind few days in Melbourne for Intersekt23. This year I thought I’d put some of my thoughts down on paper to share. Tried to keep it short but there was so much content ?

Scraping v CDR

The CDR sparked significant discussions over the course of two days. There was no mistaking the significance when I saw The Hon. Stephen Jones take the stage – it was evident he was about to announce something. True enough, the unveiling of a discussion paper advocating for the banning of screen scraping lived up to the anticipation. Given his previous discussions on the matter, the release was not unexpected, making it only a question of timing.

This indicates promising progress ahead. The Government views the CDR as a tool with the potential to significantly decrease scams and financial crimes, which currently costs the Australian economy nearly $3 billion a year. His words were very clear… “Screen scraping runs counter to the goals of CDR.” While complexities will arise for organisations currently using scraping, embracing the CDR is the optimal path for consumers seeking a secure and trustworthy method to share their data.

However, expediting adoption entails more than just prohibiting scraping. Given its nature as a “consumer” data right, it’s logical to assume we should have a means to measure the number of consumers who are actively sharing their data via the CDR.  Presently, our metrics encompass data holders and their up time, but the absence of information regarding the volume of consumers engaging with the CDR is perplexing. As Peter Drucker says, “if you can’t measure it, you can’t manage it,” so what gives? 

Then there are the challenges organisations encounter trying to get accredited, whether they’re going through direct channels or via access models. On one hand, there’s an understanding of the necessity to safeguard consumers, but on the flip side, certain requirements placed on organisations such as “adequate” insurance requirements can often lead to them being excluded from the CDR ecosystem. Finding the right balance is crucial to ensure the ecosystem’s growth and, ultimately, to increase the number of consumers who feel comfortable sharing their data.

“We need more CDR use cases!” Really? 

A prevalent theme I heard across numerous sessions, emphasised the need for “more use cases” beyond just Lending, Personal Financial Management (PFMs), and Product comparison. ? Perhaps this sentiment arises from a lack of awareness, but upon closer examination of organisations already using CDR Open Banking, you come to realise that we in fact have a number of use cases!

  • Climate change: calculate carbon emissions from bank transactions – Greener
  • Wealth management: investment and financial advisory services – Bell Potter Securities
  • Micro Investing: calculate round ups on everyday transactions to invest – Blossom App
  • Tax: Property investment tax tools – TaxTank
  • Property management: tools for property managers – PropertyMe
  • Collections: create payment plans to optimise repayments – Panthera Finance
  • Charity: round ups on everyday transactions to make a donation – PokitPal
  • Recycling: account verification to deposit funds – TOMRA
  • Accounting: software for accountants to manage their client’s books – Olivs

Beyond that, the use of CDR data for Lending can be extended beyond the credit application process. This includes using the CDR to understand a customer’s financial position to provide more contextually relevant products, and monitoring for changes in financial position that could indicate financial hardship. 

And as Jake Osborne from Lendela said in his “Fireside Chat: CDR and Life Events,” … “while we often think about building new products, CDR can also be used for improving processes.”

Many of the organisations currently using Open Banking do so via the CDR representative model through intermediaries who are Accredited Data Recipients. If you’re looking for use cases, have a look at who these organisations are.

Scott Farrell from King & Wood Mallesons in his talk on Fintech Next: People, Value, Trust” elaborated on what he saw as the “why” of CDR. He broke it down into 4 main constructs that included Competition, Innovation, Financial Inclusion and Consumer Protection. In my mind this was a simple and clear way to articulate it. He continued by emphasising that “information” and “money” should be considered the same thing. I guess the saying “time is money” can also be extend to “information is money”. So being able to control your own information and knowing who and how it’s being used should be important to all consumers. Just look at all the social media platforms we use like Facebook, Instagram, and Twitter (errr “X”) – do we know how our data is being used? And how much money is being made off our information?

As you delve deeper, the significance of consent in relation to information becomes increasingly apparent. This point was highlighted during the panel discussion on “The Convergence of Data, Identity, and Payments,” featuring Damir Ćuća (Basiq), Nathan Churchward (Cuscal), Clare Rhodes (Identitii) & Josh Read (IDVerse).

The three fundamental components – Data, Identity and Payments – are integral to any financial services application we engage with. But these are often looked at in silos which is even more pronounced given there are 3 separate regulations/industry initiatives impacting these areas – CDR for Data, NPP for Payments, and TDIF for Identity. Consumer consent serves as a key foundation. Establishing consent as the interconnected layer that links these three areas holds utmost importance.

But what does it mean for the consumer? Different consent processes for different processes in the same app? That’s not an interconnected experience. For example when PayTo proliferates, there will be consumer friction. What’s the experience on an app when (1) I need to verify myself (one consent), (2) I want to share my data via CDR (second consent) and then (3) I want to set up a payment with PayTo (third consent)? Let’s think about the consumer in all of this. Can I just give you consent once?

If as Scott Farrell said, information is money, give me a good digital experience when it comes to managing my information! And when Scott was asked what he would do if he could wave a magic wand on the CDR and do whatever he wanted, his answer was … “Weave digital Identity into the CDR and Payments. That’s the missing pillar.” And we come full circle. Data, Payments and Identity.  

Right product, right channel, right time

As a marketing practitioner the concept of a consumer getting the right product, through the right channel and at the right time is the holy grail. I talk about this often in my teaching at Sydney University and I’ve often referred to it as the “golden triangle”. Get it right and you’ve hit the mark. Easier said than done. You could have the best product, but if it’s not available in the right channel and at the right time, it’s meaningless. 

The session from Visa’s Matthew Wood on Emerging Payment Trends in Asia Pacific” highlighted how the lines of finance are blurring. Product alone is no longer enough, it’s about distribution. Embedding finance in customer journeys is critical for success. When it comes to e-commerce, social media has played a big role in driving take up – think influencers, think embedded stores within social media platforms. The next phase? “Commerce will have its ChatGPT moment”! 

The panel on How Open Data is Shaping the Future of Personal Finance” talked about a similar theme with respect to context. Jason Leong (PocketSmith), Simone Jemmett (Experian), Dan Jovevski (WeMoney) & Adam Gulden (Moneythor) talked about the importance of contextual relevance when it comes to personal finance. If you’re going to make a decision about your personal finances, it has to be contextually relevant – right time, right place, right moment. That’s the “value exchange”. If you get this right it will lead to better engagement and uptake. That to me is the “golden triangle”.

A few other things I found interesting

AI & Data Hacks
AI. Still mind boggling what is possible. In the session on Data Hacks to Banking Collapses: What Have We Learnt in the Last 12 Months,” Alisdair Faulkner from Darwinium said that “any digital signal a human creates can be accessed and replicated by AI. Voice. Keystrokes. Visual. This is scary!? Dan Draper from CipherStash ended the panel with “Shit happens. Don’t think it won’t happen to you?” 

Ethics
Judo Bank’s Joseph Healy in the session on Ethics in Fintech” talked about the need to be a values driven organisation. Numerous fintechs set out their their journey with a purpose and set of values in mind, but as they grow, the challenge becomes hiring the right people and consistently viewing decisions through the lens of these values. This becomes even more critical when business choices could potentially impact those very values. From my perspective having the right leaders who share the same values play a critical role in maintaining accountability and staying steadfast amidst external influences.

DIY or Partner?
In the session with James Read from Send Payments on How can Fintechs unlock success? Innovate of Integrate” he talked about the challenge of whether you should build or partner? This can be tied what your exit strategy is. If you’re aiming for a trade sale then maybe innovating and owning your own stack is more important. But if you’re aiming for an IPO then maybe partnering and acquiring customers rapidly is the focus. In that same session Imelda Newton from Tic:Toc looked at it from a different lens. You also have to consider internal development teams wanting to build things themselves but P&L owners wanting to derisk delivery and potentially wanting to involve 3rd parties to some degree. Getting that balance right can be challenging.

Digital Identity
Lastly, a notable facet of digital identity that caught my attention was the discussion panel titled “Digital Identity: Defining Excellence and the Path Forward.” During this panel, Jason-Urranndulla Davis from Hold Access delved into scenarios where individuals face a significant challenge due to a “lack of identity” resulting from insufficient documentation. This particularly impacts First Nations people and those with limited documentation, posing substantial barriers to accessing essential services. Thus, the question arises: How can we ensure that promoting inclusivity remains a central focus when implementing any changes to the 100-point identity verification system which is currently outdated and not fit for purpose?

The After party

And #Intersekt23 wouldn’t be complete without Basiq’s After Party. Thanks to everyone who attended. It’s always great to have the opportunity to bring people together. Here’s the photo gallery from the night.

And a final word to Rehan Mark D’Almeida and the team at FinTech Australia. Another great job to you and team!

Authored by: Victor Leung, Chief Marketing Officer Basiq

Important Information: This article has been prepared by Basiq Pty Ltd (ABN 95 616 592 011) (Company), and was originally published on 23 October 2023 on www.basiq.io. Information is current as at the publication date, and the Company has no obligation to update or correct this article. The information contained in this article is of a general nature and is not intended to address the objectives or needs of any particular individual entity, and should not be regarded in any manner as advice. To the extent permitted by law, the Company and its related bodies corporate will not be liable for any errors, omissions, defects or misrepresentations in the information in this article or for any loss or damage suffered by persons who use or rely on such information (including for reasons of negligence, negligent misstatement or otherwise. © 2023 Basiq Pty Ltd

Super Funds to charities: PokitPal is using CDR & round-ups to empower users

Posted on by Rafael Damalio
from-super-funds-to-charities-pokitpals-new-round-up-solution-empowers-users-with-open-banking

With rising inflation and the growing cost of living, more and more Aussies are finding themselves in debt. In fact, Australians have one of the highest percentages of net household debt, with the average household debt increasing by 7.3% from 2021 to 2022.  

But Pokitpal is on a mission to change this narrative. Having originally launched a B2C round-up product to help Aussies save money and pay down debts, PokitPal  has evolved into a B2B white-labelled solution helping organisations build and launch their own cashback and round-up platforms. 

Earlier this year, Sipora was acquired by Pokitpal, allowing the team to expand their impact and help organisations  from charities to superannuation funds and even investing platforms tap into the full potential of round-ups.  

We sat down with Sipora’s co-founder, now Head of Partnerships at PokitPal, Samuel Torpey to learn more about the story behind the platform, their recent acquisition by Pokitpal and how Open Banking is supporting this team on their journey. 

What is Sipora? 

Sipora is Australia’s leading round-up platform, on a mission to help organisations and their customers find new, innovative ways to harness the power of round-ups. 

You’ve probably heard of round-ups in the context of investing, with apps helping customers to round up their everyday purchases and invest the rest. But the Sipora team knew round-ups could be used for a wide range of uses, including saving and paying down debts. 

As Samuel shares, “We came across a study that explains that customers are four times more likely to save $5 per day versus $150 per month… because a small amount seems easier to reach and more palatable. So we built our entire platform around that idea.”

PokitPal and Sipora: The perfect pairing

Samuel always knew that Sipora’s round-up product was better suited to a larger ecosystem of products, rather than a standalone app.

Earlier in 2023, PokitPal (a cashback shopping platform with over 1,500 retail partners all over Australia and New Zealand) acquired Sipora. 

PokitPal was already servicing customers like Virgin Money, Raiz and Beem It with their white-labelled cashback and rewards product, while Sipora was also servicing organisations with their white-label round-up product. It was clear the pair would ultimately be a better fit working together under one name. 

“The two products really complement each other well. We found that rather than working side by side, working under the PokitPal banner would probably be better suited for us both in the long run,” explains Samuel. 

How PokitPal is helping charities harness the power of round-ups   

The pandemic caused major disruptions to a range of industries, including charities and not-for-profits. Event-based donations, in particular, took a major hit and forced charities to get creative with their fundraising efforts. 

Interestingly, people’s willingness to donate didn’t change during the pandemic. Instead, they needed new ways to give back to the causes and organisations they cared about. Luckily, PokitPal’s round-up product was the perfect solution.

Samuel explains, “We were able to work with a number of charities to launch their own round-up product themselves. It allows people to round-up their everyday purchase to the nearest $1, $2 or $5 and donate that to the charity.”

Individuals have total control over how much they donate through the use of spend control, while charities reap the benefits of a white-labelled solution that could be up and running in weeks – not months. 

How Open Banking via Basiq fits into the equation

A big challenge for PokitPal was gaining access and connecting to their customer’s accounts. Previously, they were reliant on individuals entering their banking details which proved a major point of friction in the onboarding journey. 

Many users didn’t have their banking details on hand when signing up, causing them to drop off right at the point of conversion. 

But with Open Banking, powered by Basiq and Sipora’s Representative status, PokitPal streamlined and fast-tracked this process.  As Samuel reveals, “I believe that Basiq is the leader in this space in Australia and New Zealand, especially when it comes to Open Banking.” 

“We’ve already seen an 80% reduction in the time it takes a user to connect their account, just from changing providers to Basiq and using its Open Banking connectors. This is crucial for us when it comes to customer satisfaction and retention,”

“Transistioning has opened up a large cohort of new customers banking with institutions that only allow connectors via Open Banking – like Up Bank that is servicing hundreds of thousands of young Australians that fit within our target demographic,” explains Samuel.

Security is also a big focus for Samuel and his team. Choosing an Open Banking provider that is heavily invested in building and maintaining a secure platform (like Basiq) gave him and his customers valuable peace of mind. 

What’s next for PokitPal? 

Samuel explains the major focus for Pokitpal is connecting with as many organisations as possible that want to deliver cashback rewards and round-up products to their customers. Their immediate focus is to expand their white-labeled partners across both Australia and New Zealand.  

As Samuel says, “We’re looking for new partners, people that have scoped out trying to build a cashback or round-up product and how can we help them. And we’re really excited to be able to go out and share the news of the acquisition and really focus on delivering more products to a larger number of organisations.”

Important Information: This article has been prepared by Basiq Pty Ltd (ABN 95 616 592 011) (Company), and was originally published on 24 August 2023 on www.basiq.io. Information is current as at the publication date, and the Company has no obligation to update or correct this article. The information contained in this article is of a general nature and is not intended to address the objectives or needs of any particular individual entity, and should not be regarded in any manner as advice. To the extent permitted by law, the Company and its related bodies corporate will not be liable for any errors, omissions, defects or misrepresentations in the information in this article or for any loss or damage suffered by persons who use or rely on such information (including for reasons of negligence, negligent misstatement or otherwise. © 2023 Basiq Pty Ltd

Consumer Data Right FAQ: Is it safe to share data via Open Banking?

Posted on by Rafael Damalio
how-safe-is-open-banking

Sharing of banking data has been a service provided in Australia in an unregulated capacity for many years. Open Banking has formalised this capability via the Consumer Data Right (CDR) that is mandated and regulated by the Australian Government.

Let’s touch on some factors that contribute to the safety and security of CDR Open Banking for consumers. 

Consumers have full control over their banking data

Consumers must provide explicit consent before their data is shared with third-party providers. They have the ability to choose what data is shared, for what purpose and for how long. They can also revoke consent at any time, giving them greater control over their information.

Strong authentication that does not include password sharing

Open Banking requires strong customer authentication to prevent unauthorised access. Unlike screen scraping it doesn’t involve customers sharing their online banking password, and instead uses some form of Multi Factor Authentication such as a mobile SMS or in app verification code.

Sharing data via secure banking APIs 

Open Banking relies on secure Application Programming Interfaces (APIs) for data sharing between Data Holders (such as banks) and Data Recipients (such as third party apps). These APIs follow strict security specifications such as Financial-grade API (FAPI) and standards such as OAuth 2.0 and OpenID Connect to ensure data is transmitted securely. 

Consumers are protected by strict privacy regulations

Open Banking operates under strict privacy regulations, including the Privacy Act 1988 and the Australian Privacy Principles. Data Holders and Data Recipients are required to handle consumer data responsibly, ensuring its confidentiality, integrity, and protection. They must have robust data protection measures in place to safeguard against breaches or unauthorised use.

Compliance is regulated by the ACCC

Open Banking in Australia is regulated by the Australian Competition and Consumer Commission (ACCC) and Office of the Australian Information Commissioner (OAIC). These regulatory bodies ensure that Data Holders and Data Recipients adhere to security standards and compliance requirements. Ongoing monitoring and auditing help identify any vulnerabilities or risks and ensure the safety of consumer data.

Ongoing Government commitment to security 

Finally, the government is maintaining it’s investment in a safer digital future, this year’s Federal Budget included a further investment in the Consumer Data Right of $88.8 million over two years, with a focus on several areas including:

  • cyber security improvements across all CDR agencies to reflect the evolving data landscape. This includes constant assessment and updates to the security standards adopted.
  • expanding awareness of the CDR brand as a trusted, safer data-sharing model that allows consumers to easily identify CDR-enabled providers, products and services. Consumers will become more security aware when sharing their data and will be choosing CDR data share options over less secure alternatives.

Important Information: This article has been prepared by Basiq Pty Ltd (ABN 95 616 592 011) (Company), and was originally published on 24 August 2023 on www.basiq.io. Information is current as at the publication date, and the Company has no obligation to update or correct this article. The information contained in this article is of a general nature and is not intended to address the objectives or needs of any particular individual entity, and should not be regarded in any manner as advice. To the extent permitted by law, the Company and its related bodies corporate will not be liable for any errors, omissions, defects or misrepresentations in the information in this article or for any loss or damage suffered by persons who use or rely on such information (including for reasons of negligence, negligent misstatement or otherwise. © 2023 Basiq Pty Ltd