An open banking regime for Australia: July fintech update

Share on twitter
Share on linkedin
Share on facebook


On July 20, the Government announced that an independent review has been set up to consider the best process for implementing an open banking data regime in Australia. Open banking requires banks to share product and customer data with customers and, with their consent, third parties.


By Dr. Drew Donnelly, Compliance Quarter

An open banking regulatory regime is a key part of the Government’s financial technology (fintech) commitments, and something that we have written about before. So far, the Government has established a review panel and released a terms of reference.

An issues paper for public comment will be released in due course, but in the meantime, it would be useful to think about the key areas signposted in the terms of reference, in light of the Productivity Commission’s Inquiry Report, Data Availability and Use.

The terms of reference set out four areas for examination by the review panel. We consider each in turn.

(1) Scope of the banking data sets to be shared, who shall do the sharing and who will receive them

Under this banner, the panel will need to consider how much of the great wealth of data held by banks should be shared.

For example, currently under the National Consumer Credit Code an individual struggling to meet repayment obligations can apply for a hardship variation to the loan and a credit provider is prohibited from disclosing such an application. The review panel will need to consider the costs and benefits of a law change to include this type of data in a standard data set.

(2) Existing and potential data transfer mechanisms

The review panel will need to consider how a financial data set should be transferred. One way of doing so, is setting up an ‘Application Programming Interface’ (API). An API This is a standardised set of methods or instructions for creating software that would use and transfer the financial data. An API might be voluntary or it might be Government-mandated. The Productivity Commission report listed some useful software or applications that could be created using an API, including programmes that would allow comparison of different financial products, and ones that would automatically transfer bank transactions to a business’s accounting records (p550).

(3) Key risks including customer usability, trust and privacy and security safeguards.

This will include the need for the review panel will need to consider how the open banking regime would interact with the privacy law framework in Australia. For example, the Australian Privacy Principles provide that personal information cannot be used or disclosed for a purpose other than what it was collected for, unless a specified exclusion applies.

Open banking data sets will either need to be shared in accordance with general privacy and data laws, or those laws would need amending.

(4) Costs of implementation, including the costs that may be imposed on industry

There would be costs to introducing an open-banking regime. For example, if a compulsory API is introduced it will require building a technical infrastructure and ongoing compliance costs (see Productivity Commission report, p571). The review panel will need to consider whether industry charges should be introduced or whether that may end up a disincentive for use.

For further background see the Productivity Commission report and our prior articles related to it here and here.

More to explorer

Autumn leaves falling with copy space on black background

Avoiding Compliance Atrophy: The Critical Role of Assurance Reviews for Growing Energy Retailers

As energy retailers expand their customer base and operations, ensuring ongoing compliance with regulatory obligations can become increasingly challenging. A key risk is “compliance atrophy” – where initially compliant documents, processes and systems slowly deteriorate and waste away over time if not regularly monitored and reviewed. What is compliance atrophy? Compliance atrophy is typically a result of documents, processes and systems being ‘updated’ or ‘reworded’ to reflect changes in focus for the business and input from other stakeholders including marketing

person holding debit card

AER payment difficulty framework review

The Australian Energy Regulator (AER) is conducting a review of the consumer protections available under the National Energy Customer Framework (NECF) for those experiencing payment difficulties. On 14 May 2024, the AER released an issues paper for consultation. The review is driven by the commitment in Action 8 of the ‘Towards Energy Equity’ strategy in which the AER committed to considering whether improvements could be made to the NECF to ensure that consumers experiencing payment difficulties are identified early, engaged

Technicians installing photovoltaic solar panels on roof of house.

Compliance Quarter’s Submission to the AER’s Review of the Compliance Procedures and Guidelines

On 11 April 2024, Compliance Quarter put forward its submission on proposed changes to the AER Compliance Procedures and Guidelines. The AER is reviewing its Compliance procedures and guidelines, which set out the manner and form in which energy businesses in jurisdictions that have adopted the National Energy Retail Law must submit compliance information and data to the AER. We argue that there should be consideration of measures to incentivise early reporting of potential breaches. These may, for example, take the

Leave a Reply

Your email address will not be published. Required fields are marked *