banking and finance tech SMBtech

Ensuring compliance as Consumer Data Right regulations toughen

July marked two years since the launch of the Consumer Data Right scheme (CDR) which mandated the sharing of data generated by businesses. The CDR gives consumers the power to share data between service providers to help them identify the products and services most suited to their needs. When applied to the banking sector, the scheme is known as Open Banking or more broadly as Open Finance as we move towards opening up the CDR to non-bank lenders.

While progress has certainly been made across the finance industry with banks big and small meeting obligations, the CDR landscape continues to evolve as the competition regulator (ACCC) works closely with industry experts to review and revise regulations to ensure the ongoing efficacy of the scheme.

So, what do these changes mean for CDR participants within the banking sector? With further regulatory action expected and crackdowns for non-compliance impacting even the most reputable brands, the worst thing CDR participants can do is be complacent. Even those who have successfully met existing obligations to this date need to stay up-to-date with the latest developments and regularly review their CDR solutions to ensure compliance now and into the future.

Here are some recommendations to help financial organisations plan around expected changes as regulators hint at tougher enforcement action.

Prioritise interest rate accuracy

In the most recent CDR consultation, the ACCC flagged plans to prioritise data quality standards by enforcing new obligations within the framework. The focus comes on the back of issues surrounding recent interest rate fluctuations causing the sharing of incorrect data or missing data.

In the current economic climate, further changes to interest rates be it spikes or rises are a likelihood rather than a possibility, so it’s important banks participating in the consumer data scheme have solutions in place to ensure any change does not compromise the accuracy and quality of data.

For example, the issue of inaccurate interest rates can be resolved with product data management tools designed specifically to centralise interest rates management and fix issues in product reference data. With solutions in place to ensure interest rates are up to date, companies gain the peace of mind that the data they share is reliable and primed to meet data quality regulations as it becomes increasingly a focus by the ACCC.

Keep data migration top of mind when considering new solutions or partners

As industry leaders navigate the evolving CDR landscape while simultaneously innovating to achieve the full benefits of the scheme, getting into the habit of regularly reviewing solutions is highly encouraged. In being proactive, financial institutions can recognise any gaps and get ahead of any issues related to compliance or even outdated systems. The ability to identify shortcomings will enable teams to find solutions to innovate and take advantage of new CDR capabilities.

Often, this process will require data migration which can be a daunting step. It’s unclear if data holders who erase existing consumer consents in the process of migrating to a replacement system will face penalties from the regulator. However, it is possible to migrate data to new systems without disrupting continuity of service or breaching obligations.

For banks who are already a way down the road when it comes to their CDR journey, the migration conversation can be trickier, particularly if your incumbent vendor makes it very difficult. The key for future designated industries, like non-bank lenders, is to bring up the subject of migration early in the conversation with your CDR vendor. Choosing the right CDR vendor with plans in place to support the success of CDR and future innovation is critical. The right solution for an organisation today might not be the best solution in two years time for example. By thinking about data migration early in the process, organisations can innovate with the peace of mind that data migration can happen seamlessly if and when it’s needed.

For banks approaching the process of CDR infrastructure migration now, there are two ways this can happen. First is a “lift and shift” approach which entails the migration of consent metadata and data recipient registrations into the formats of the new system. Second is a concurrent transition which facilitates the gradual transition that fulfills existing arrangements before applying new arrangements in the new system.

Don’t let your vendor tell you that migration isn’t possible. The good news is that there are solutions that can maintain compliance and improve your CDR capabilities.

The road to CDR compliance is by no means a simple one, but by engaging the right vendors and adopting a forward-thinking approach when choosing fit-for-purpose solutions, banks will benefit in the long-run and be well positioned to adapt to any further regulatory change.

Mark Perry is Chief Growth Officer, Biza.io.

Leave a Reply