Identity management company ForgeRock today announced the launch of its Open Banking Accelerators, tools for financial institutions to manage the APIs used in Australia’s new data portability scheme.
ForgeRock says its Accelerators address some of the strict rules of open banking, which began this year as the first test of Australia’s new Consumer Data Right and mandate banks share make consumer data shareable in a machine readable way.
The Accelerators include registers for accredited data recipients, consent management, an authorisation service and a tool for managing copies of the registry. They are aimed at banks and financial institutions outside Australia’s Big Four, which may not have the resources to build them on their own.
The new products were built in partnership with Middleware New Zealand, a consulting firm which helped design the API standards for New Zealand’s own Open Banking system.
ForgeRock claims Accelerators can help financial institutions build and test CDR solutions in a low-cost way, saving as much as 66 per cent on the costs associated with mandatory compliance.
“Given the complexity of CDR standards, and with deadlines for compliance quickly approaching, it’s imperative that financial service providers have solutions in place quickly so they can build new services and revenue streams,” said James Ross, regional vice president, ForgeRock ANZ.
“Available now as a full-featured, production-grade solution, ForgeRock’s Open Banking Accelerators allow organisations to skip the hassle of a testing sandbox, enabling financial service providers to realise huge time and cost savings on development and implementation.”
ForgeRock says its Open Banking Accelerators address four primary needs of financial service providers:
- Give providers a plug-and-play endpoint where accredited data recipients can dynamically register themselves.
- Create a centralised consent engine enabling accredited data recipients to request access to customer data.
- Provide a MetaDirectory Cache Data Model and Sync Engine to create and maintain the required copy of the Registry.
- Provide a fine-grained authorisation service ensuring accredited data recipients can only access data the customer has specifically consented to.