Competition watchdog the ACCC has pushed out timelines for the implementation and launch of some aspects of the Consumer Data Right (CDR), known as open banking from February until July 1, 2020, as it continues to look at testing for data privacy and security.
Banking is the first sector to to address CDR, which gives consumers the right to access their data held by businesses, and request that data be transferred to third parties of their choice. The new rules will subsequently be introduced to the energy and telecommunications sectors.
The Australian Competition and Consumer Commission is driving the reform with the view that data portability increases competition, especially for more complex products and services, and has been working with the big 4 banks as well as nine other especially chosen fintech companies as part of initial testing of CDR capabilities.
In a statement released last Friday, the ACCC said it concluded that additional time was needed to better ensure necessary security and privacy protections operate effectively.
ACCC Commissioner Sarah Court said they wanted to be confident the CDR system was resilient, user friendly and properly tested.
“Robust privacy protection and information security are core features of the CDR and establishing appropriate regulatory settings and IT infrastructure cannot be rushed,” she said.
Some existing timelines remain in place with major banks expected to begin sharing PRD for credit and debit cards, deposit, transaction, mortgage and personal loan accounts from February 1 next year, with the same rules applying to the non-majors from July 1
But consumer access and the ability for consumers to direct the majors on sharing the data with accredited service providers will now shift to July 1 and November 1 for mortgage and personal loan data.
The ACCC said it will make the CDR Rules in January 2020 that reflect this adjustment to the timetable, and conduct further consultation regarding any consequential changes to other phases of the CDR.