Latest developments on the Consumer Data Right

2 minute read  04.10.2019 Anthony Borgese, Alex Horder, Max Vos

With the Treasury Laws Amendment (Consumer Data Right) Act 2019 (Cth) receiving Royal Assent, the ACCC has released a lock-down version of the proposed Consumer Data Right Rules for the banking sector, as well as a 'phasing summary table', which outlines key dates for the adoption of Rules across all sectors.

Key takeouts

  • Following consultation with key stakeholders, the ACCC has released a lock-down version of the CDR that will apply to the implementation of the Consumer Data Right (CDR) in the banking sector.
  • The ACCC has released the phasing summary table which outlines the proposed start date for each of the data sharing obligations.
  • The ACCC is inviting expressions of interest from parties interested in becoming Accredited Data Recipients and has already selected a number of entities to participate in CDR testing to ensure the end-to-end integrity of the CDR ecosystem.

The Australian Competition and Consumer Commission (ACCC) has released a lock-down version of the proposed Consumer Data Rights Rules (Rules). The proposed framework for the CDR regime in the banking sector includes ways in which the data may be requested and transferred, and follows consultation by the ACCC on the draft CDR Rules released in March this year (read our May update Consumer Data Right – ACCC releases a consultation draft of CDR Rules).

The ACCC has also released its phasing summary table which outlines the key dates and deadlines for the implementation of the CDR. The table identifies the 'Big Four' banks as 'first cabs off the rank' and the testbed for the Rules from early 2020. The ACCC has stated that it expects the Big Four, as 'Data Holders', to prioritise deposit and transaction account data along with credit card data. These initial data sets will be subject to the CDR, on and from February 2020, with other accounts and types of data to follow. 

Specifically, 'Big Four' Data Holders must be able to share data:

  • from accounts held in the name of an individual CDR consumer, and open accounts, by 1 February 2020;
  • from personal loans and other accounts by 1 July 2020. Other ADIs are also required to implement the CDR framework by this date; an
  • on business finance and other personal and business accounts by 1 February 2021. By this date, voluntarily participating ADIs, accredited ADIs and non-ADIs must also be able to share this data.

The Rules also provide for the process under which an entity can become an Accredited Data Recipient (ADR), an organisation to which a consumer's data may be transferred, from a Data Holder, following a consumer's request.  To receive unrestricted accreditation, an applicant must satisfy the Australian Information Commissioner that, if accredited, it will be able to comply with the Rules.

The ACCC has also announced the entities that have been selected to participate in CDR testing, in anticipation of the February 2020 commencement date. These entities will assist the ACCC in ensuring the end-to-end integrity of the CDR ecosystem.

If you are interested in becoming an ADR, you would like to participate in the testing of the CDR, or you would like any assistance in understanding how the CDR framework affects your organisation, please contact us.

Contact

Tags

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJiY2Q0ZjlkYi0yN2IyLTRlMDItODYxNS00Mjg1YTUwZWY5MjYiLCJyb2xlIjoiQXBpVXNlciIsIm5iZiI6MTczNDA4MjY0NywiZXhwIjoxNzM0MDgzODQ3LCJpYXQiOjE3MzQwODI2NDcsImlzcyI6Imh0dHBzOi8vd3d3Lm1pbnRlcmVsbGlzb24uY29tL2FydGljbGVzL2xhdGVzdC1kZXZlbG9wbWVudHMtb24tdGhlLWNvbnN1bWVyLWRhdGEtcmlnaHQiLCJhdWQiOiJodHRwczovL3d3dy5taW50ZXJlbGxpc29uLmNvbS9hcnRpY2xlcy9sYXRlc3QtZGV2ZWxvcG1lbnRzLW9uLXRoZS1jb25zdW1lci1kYXRhLXJpZ2h0In0.08BGHrnzOwERULseq_giwesUzubRKr88sle2Ln9DZoI
https://www.minterellison.com/articles/latest-developments-on-the-consumer-data-right