A new era in data accessibility has begun, triggered by the passing of the Consumer Data Right (CDR) Bill on 1 August this year. But what sparked the development of the CDR and how is the banking sector expected to manage this new commodity?
There is little doubt that corporate access to personal data has never been more controversial. Following scandals like the illicit harvesting of personal data by Facebook-Cambridge Analytica, consumers worldwide have begun to demand more control over their privacy and, consequently, their own data.
But well before the Cambridge Analytica scandal, governments were already taking steps to address data transfer and control. Why? Because data is an extremely valuable currency.
Data is the new oil
Data has been referred to as the “new oil”. In 2006, the world’s five largest listed companies were ExxonMobil, Citigroup, GE, Microsoft and BP. However, this has drastically changed, and we are now looking at companies such as Apple, Google, Microsoft, Amazon and Facebook making up the top companies in 2019.
If we consider both listed and unlisted companies, which sees some prominent Chinese companies feature, the shift from energy and financial companies to data-driven consumer services companies is similarly evident.
Fight for the right to data
Today, the top companies deal, manage and use our data, despite the various privacy policies and the ambiguous consents which are often provided in consideration for utilising a digital platform, resulting in users giving away their right to privacy. In many circumstances, our data is “theirs”.
But, around the world, consumers are winning the fight for the right to their data. Over 100 countries have implemented data protection laws and are beginning to confer rights of access, and sometimes “control”, to basic information about activities and transactions. Despite the fact that individuals rarely own their data, data protection laws are conferring significant rights on how that data is used or disclosed.
In Australia, control over data will be imposed by the Consumer Data Right (CDR).
The CDR and the banking sector
Over many years, Australia’s banking services sector has been collecting and using consumer data. However, the end consumer has had little access or control over this data. That is all about to change.
On 9 May 2018, the Commonwealth Government announced the introduction of a Consumer Data Right (CDR), which confers a right on consumers to access and to direct the transfer of their data held by businesses to accredited organisations.
On 1 August 2019, the law to establish the Consumer Data Right Bill passed both houses in Parliament. Firstly, the right will commence in the banking sector, through a new Open Banking model.
The CDR will allow institutions to share banking data with third parties referenced as Accredited Data Recipients.. The data in question here, is principally transaction data for various banking products and services, as well as information that has been gathered or derived from that initial data. The CDR and Open Banking model will present the banking sector with various opportunities to use the data to generate products and services better tailored to meet the needs of their consumers.
In other words, CDR extends much further than just the basic transaction data, making it a veritable flood of data, and an extremely valuable one at that.
A flood of information
In order to manage the flood, the banking sector will approach CDR slowly, like the gentle turning of a tap. This will allow the respective organisations to appropriately manage implementation, as well as ensuring that the process runs smoothly, benefitting consumers and institutions.
Implementation of the CDR and Open Banking has already commenced. Therefore, it is crucial for not just immediately affected institutions but also the wider financial services sector to monitor further developments. Here are some resources to bookmark for ongoing reference:
- Federal Treasury’s Consumer Data Rights page
- The ACCC’s Consumer data right project overview page
- Office of the Australian Information Commissioner – refer to the OAIC’s Consumer Data Right (CDR) exposure draft legislation — submission to The Treasury as a starting point.
We recommend that you also follow coverage of CDR in mainstream media and industry publications.
Tips to prepare for the Consumer Data Right
- Identify whether your organisation will be directly or indirectly affected by Open Banking and CDR
- Evaluate the extent to which your organisation and its customers will be impacted
- Consult relevant people within your organisation to establish whether some kind of project group needs to be set up to assess and implement any looming operational adjustments that may be required
- Consider what internal and customer communication and training your organisation might need to arrange
- Ensure any client-facing company representatives are well-informed and equipped to appropriately respond to customer enquiries about the implications of Open Banking
- At the very least, offer some internal communication about Open Banking to maintain financial literacy across your organisation
Find out more
- We offer an online course revealing what’s happening, who CDR immediately affects and when, and what opportunities and requirements CDR implementation presents for financial services institutions, ancillary service providers, and the Australian community at large.