WSO2 Open Banking—Gearing Up for Consumer Data Standards in Australia

Open banking came into the limelight in Australia following the Consumer Data Right (CDR) in late-2017. Initially, the right was rooted in a review presented by the Australian treasury on open banking named “Review into Open Banking in Australia”. Under the CDR’s umbrella, in the banking domain, the first standards to benefit are the Consumer Data Standards (CDS)—to be followed by other sectors such as energy. With the Consumer Data Right legislation in August 2019, the Australian banking industry is all set to get onboard with the Consumer Data Standards. 

By February 2020, the big four banks in Australia will securely expose CDS APIs, while all other banks will need to do the same a year later. The CDR phasing table, provided by ACCC, provides a detailed schedule of product types and relevant dates for data sharing via APIs. 

The Impact on the Banking Industry

The CDR aims to increase financial literacy and give customers more choices regarding their data. The CDR gives back control, allowing data to be shared with accredited third parties to help consumers make better decisions. It also provides adequate resources to compare banking products.

With the CDS, which is modeled after the CDR, accredited third-party financial institutes are able to harness consumers’ banking data and banking product information with consumer consent. This is achieved through common secured interfaces such as APIs.

Understanding The Consumer Data Standards

The standards outline implementing the right and the ecosystem that surrounds it. The standard comprises API’s and financial identity to ensure that APIs are accessed with consumer consent by accredited parties. The main actors in the standards are: 

• A Data Holder — An organization that the CDR is applied upon and will securely expose information.
• A Data Recipient — An accredited party that will be able to request CDR data from data holders with consumer consent, thus building new user experiences and services.
• A CDR Consumer — The end consumer who benefits from the CDR. Consumers are able to request data from data holders directly and through data recipients.

The first version of the CDS was released in September 2019, and the latest version of it is v1.1.0. It includes a set of principles that cover topics such as security, customer experience, developer experience, and adopting open standards (for more information, click this link). Thus, technology service providers for open banking need to ensure that the solution adheres to the above principles.

How WSO2 Open Banking Enables Compliance

WSO2 Open Banking is a purpose-built solution that enables banks to achieve full compliance around open banking. And, this Christmas, we are excited to announce, AU CDS v1.0 compliance! 

The solution now supports basic compliance requirements of AU CDS, including accounts APIs support, DCR support, and security requirements set from OpenID Financial Grade API (FAPI) specification. Additional requirements, such as analytics and cache management, will be released soon. To find more detailed information on how WSO2 Open Banking helps achieve compliance with AU CDS v1.0, refer to this post.

When choosing a technology platform for open banking, the following factors should be considered to ensure full compliance and the ability to adapt to changing regulatory and business requirements. 

• Total Compliance

Banks should opt for a technology platform that can cater to all open banking requirements, such as open APIs, API security, consumer security, data recipient onboarding and management, analytics, and integration points with core banking systems. Choosing a technology that caters to a limited subset of the above features will result in multiple expensive evaluations and costly integrations between multiple platforms.

WSO2 Open Banking supports all open banking regulatory requirements through a componentized architecture, so that banks can both invest in components that are required for compliance, but also reuse existing technology for those features that can be achieved through existing technology. 

• Vast experience in Open Banking 

While the concept of Open Banking has been around for many years, its formalization happened through the European Open Banking regulation: PSD2. While the Australian CDR takes its own flavour of implementing Open Banking, we must not ignore the large number of similarities between the two regulations. It is wise to choose a technology vendor with prior experience in open banking implementations. 

WSO2 Open Banking has been extensively used by European Banks to achieve PSD2 compliance. Therefore, both the solution and the team of experts who work on open banking projects are armed with the learnings from their PSD2 journey; this can benefit any bank that has taken on an open banking implementation. WSO2 Open Banking is one of the few solutions to have the OpenID FAPI certification; this is a stamp of recognition of its compliance to industry standards and best practices.

The solution has been extended for further digital transformation beyond compliance requirements. We believe that this should be the strategy for all progressive banks that ultimately want to achieve digitalization beyond regulatory compliance.

• Support & Maintenance

As with any open banking regulation, the CDR is more a compliance journey rather than a one-time task. The CDS will continue to evolve and banks will need to onboard each revision and upgrade to the regulatory standards as they have to apply these to their banking use cases. Therefore, banks should choose a solution that evolves with the standards and be assured that the compliance burden is handled by experts who are constantly watching the regulatory evolutions and working to ensure that banks are always in line with compliance requirements. 

WSO2 Open Banking offers peace of mind to CIOs and technology teams by continuously keeping the technology updated with evolving regulatory specifications. The solution roadmap offers continuous alignment to the AU CDS updates and helps banks with required updates to the deployed solution on a timely basis. This also ensures required data migrations and a dedicated support channel for queries specific to the bank’s open banking deployment.

To know more on how WSO2 Open Banking caters regulatory compliance in Australia with CDR compliance, please visit our official web page.