Extension of the Consumer Data Right to non-bank lending
14 April 2022
Response to Treasury's consultation on the extension of the Consumer Data Right to non-bank lending. In this submission, the ABA responds to some issues raised in the discussion paper and provides comment based on the experience of banks in implementing the CDR.
Download PDFAustralia’s cyber security regulations and incentives
27 August 2021
The ABA sees an important role for government in coordinating messaging and cyber security uplift efforts across stakeholder groups and sectors, and setting clear expectations of what entities should do to protect themselves and their customers. The ABA acknowledges that there is a difficult but important balance to be struck between, on the one hand, economy wide, consistent cyber security regulatory requirements that improve the nation’s cyber risk position and, on the other hand, more specific or targeted measures which need to respond to specific risks and/or levels of risk. Further clarity will also be required for entities that may be indirectly subject to SOCI Act requirements, and for entities that may move in and out of the SOCI Act regime. The ABA seeks further information about the legal form that the governance standards would take and what legal standing (if any) the standards would have. The ABA asks for clarity on the interaction between the proposed standards and other regulatory regimes.
Download PDFABA InfoSec Standards – Position Paper
23 July 2021
Incorporating responses to Data Standards Body consultation: Decision Proposals 182. CDR Information Security Recommendations Ensuring that the appropriate technical standards for information security are put in place to enable the CDR is vital. These technical standards need to accommodate both an extension in scope for open banking, as well as setting the template for expansion of the CDR to other sectors of the economy. This paper makes the following recommendations: 1. Adopt FAPI 2.0 for future best practice 2. Ensure and Preserve Interoperability
Download PDFCDR Proposal for Purpose-based Consent
23 July 2021
The proposed solution put forward in DP-183 refers to a principle of ‘Purpose-based consent’. Purpose-Based Consents are a way to encode all of the required dimensions and granularity for a specific use case. Unfortunately, this specificity leads to a consequent loss in flexibility. DP-183 highlights read-only use cases which are not currently covered; however, the same principles and requirements are even stronger to enable read-write access.
Download PDFOpt-Out Joint Account Data Sharing Model
26 May 2021
Whilst the ABA supports the principle of a simple CDR, we question the ability to develop a ‘one-size-fits-all-sectors’ approach to joint accounts. The ABA supports retaining the current opt-in approach. The proposed opt-out approach is not supported on the basis that it undermines the foundational principle of the CDR, which is informed consent. We are of the view that it is not feasible to nominate an industry preferred option at this point.
Download PDFInquiry into mobile payment and digital wallet financial services
25 May 2021
While existing inquiries or reform initiatives touch on these policy issues, the issues are not confined to any single legislative framework or the responsibility of any single agency. They need a holistic assessment of potential policy solutions and their impact on consumers and the economy as a whole. A siloed approach may fail to consider the impact of specific recommendations or reforms on the Government’s policy to foster Australia’s digital economy and retain digital talent. As such, the ABA recommends robust coordination on policy and implementation that sees the oversight of mobile payment and digital wallet as a key plank of Australia’s digital economy.
Download PDFABA Commentary on Proposed Expansions to CDR Rules 2020
29 October 2020
The ABA does not support the proposed segmentation of banking data into high, medium, and low risk. The speed at which the Australian Competition and Consumer Commission (ACCC) intends to finalise the draft Rules is concerning, especially given risks which have been raised in the Privacy Impact Assessment (PIA). The ABA does not believe that it is possible for the ACCC to mitigate the risks raised in the PIA and concurrently resolve the questions and concerns raised in this submission by December 2020. The ABA is particularly concerned with negative impacts the speed of implementation will have on smaller banks. The ABA is also concerned that consumers may be overwhelmed with the level of complexity in the proposed Rules which may make them less likely to participate in the CDR. Trust in the security of the CDR is paramount to its success. The ABA urges the ACCC to reconsider the intention to finalise these rules by December 2020 and seeks a meeting with the ACCC to discuss the concerns raised in this submission
Download PDFTreasury Laws Amendment Bill 2020: CDR Consultation
19 October 2020
The ABA supports the Government’s intention to centralise design and rule making functions and encourages further centralisation of other critical functions of the CDR.
Download PDFInquiry into Future Directions for the Consumer Data Right
21 May 2020
The ABA supports the ongoing development and expansion of the Consumer Data Right (CDR). As the first sector to launch with Open Banking, the banking industry has contributed significantly to operationalising the CDR vision through expertise within the sector as well as providing the Open Banking systems through which the first consumer data will flow in the CDR.
Download PDFProposed timetable for participation of non-major ADIs in the CDR
3 March 2020
In discussions between the ACCC, ABA and non-major banks on 13 February 2020, the ABA and members unanimously expressed their concern for the 1 February 2021 launch for phase 1 products. Members reconfirmed the importance for maintaining a 12-month implementation timeline from the major banks’ launch date.
Download PDF