8 June 2021
The ABA strongly supports the objectives of the AML/CTF regime. It also strongly supports that the obligations be simplified, streamlined and clarified, and the regulatory burden reduced where possible.
While we are supportive of these amendments overall, the ABA seeks clarification on aspects of the draft Rules and Guidance.
Incorporating responses to Data Standards Body consultation: Decision Proposals 182.
CDR Information Security Recommendations
Ensuring that the appropriate technical standards for information security are put in place to enable the CDR is vital. These technical standards need to accommodate both an extension in scope for open banking, as well as setting the template for expansion of the CDR to other sectors of the economy.
This paper makes the following recommendations:
1. Adopt FAPI 2.0 for future best practice
2. Ensure and Preserve Interoperability
The proposed solution put forward in DP-183 refers to a principle of ‘Purpose-based consent’. Purpose Based Consents are a way to encode all of the required dimensions and granularity for a specific use case. Unfortunately, this specificity leads to a consequent loss in flexibility. DP-183 highlights read-only use cases which are not currently covered; however, the same principles and requirements are even stronger to enable read-write access.