Consumer Data Right intermediaries will now be able to collect consumer data on behalf of accredited third party data recipients, with consumer consent, following rule changes by the regulator today.
The changes, which come into effect October 2nd, should make it easier for fintechs to access the data by removing some of the requirements to own the IT infrastructure used in data processing.
The Australian Competition and Consumer Commission today announced it has amended Consumer Data Right rules to allow accredited businesses to ask other accredited businesses to obtain consumer data on their behalf.
The changes are intended to facilitate greater participation in the Consumer Data Right, which began this year with open banking but has had limited uptake.
In practice, the rule changes mean businesses will be able to use outsourced IT infrastructure and software of an intermediary to connect to data holders’ APIs, rather than have to build their own, provided all parties are accredited.
“This is the first in a series of measures to reduce the time and cost to enter and operate in the Consumer Data Right ecosystem,” ACCC Commissioner Sarah Court said.
“The rule changes also make it easier for businesses who currently rely on outsourced services to join the Consumer Data Right, and reflect our ongoing goal of facilitating a wide range of business arrangements within the Consumer Data Right.”
Following years of consultation and testing, Australia’s Consumer Data Right began in July with the requirement that major Australian banks share product data in a machine readable way. Australian neobank 86 400 used the data to build a real time savings rate comparison tool.
The scheme will expand considerably in the coming months when banks are forced to share actual consumer data in the same way, if the consumer requests it.
But the rigorous accreditation process meant few fintechs have gained clearance in the opening months with some reporting the regulator’s process to be too onerous for smaller players.
Today the ACCC said the rule changes would not compromise security or privacy safeguards.
“All businesses being accredited by the ACCC go through a rigorous process to ensure they meet appropriate security requirements,” the ACCC’s Court said today. “These amendments do not change those rigorous controls.”