Purpose built for complete regulatory compliance in Australia

The Consumer Data Right (CDR) of Australia

As Australia progresses on its journey towards open banking, banks are broadening their vision for technology. The CDR provides banks with the potential to anticipate and react to customer needs quicker than before, and technology is critical to make this happen.

Customer Success Story

How WSO2 Enabled Open Banking at Société Générale International Retail Banking Services

Explore how Société Générale and WSO2's strategic partnership for open banking was able to overcome the difficulties that incumbent banks face when adapting quickly to market changes.


Helping Australian Banks Comply Through a Single Technology Platform

WSO2 Open Banking is a purpose-built solution that provides all technology requirements for achieving complete open banking compliance using a single technology platform.

Secure APIs

  • API management security with OAuth 2.0 and mutual SSL or certificate validation
  • API publishing and governance
  • API throttling and rate limiting
  • API version management

Third Party Data Recipient Onboarding

  • Automatic and manual workflows
  • Ability to handle requests based on accreditation level and approval processes

Developer Portals Providing Access to Sandbox Environments

  • API Sandboxes that mimic production API portals
  • Easily promote third parties from sandbox to production based on ready-ness
  • Notify third parties of upcoming API versions

Strong Customer Authentication and Exemptions

  • SMS/Email OTP, FIDO, DUO, MePIN and Biometric
  • Support with dynamic linking and OIDC hybrid flow support
  • Adaptive authentication to exempt authentication based on behavioural aspects

Consent Management

  • Capabilities to store validate and revoke consent
  • Ability to provide granular consents based on account type, access type, time period
  • Managing data holder consents as well as data receiver consents

Anomaly Detection, Regulatory Reporting & Insights

  • API usage analytics including real time detection of anomalous activity for regulatory reporting purposes
  • API monitoring and monetization capabilities through dashboards
  • Business insights based on API usage metrics

Integration to Core Banking Systems

  • An integration layer that supports multiple protocols (REST, SOAP, WebSocket) and message formats (JSON, XML)

Why choose WSO2 Open Banking?

We'll help you comply with the regulation's Open API and security requirements

We are part of the Data Standards technical working group and follow the regulation closely. We will ensure that the open banking solution is updated as and when the specification and security updates are released. This frees your team’s time to focus on more pressing tasks.

Our technology model and team, work well with yours

We provide both cost-based and deployment-based engagement models catering to banks of any size. We also provide training programs that get your teams up-and-running with our technology in record time.

We assist in communicating the benefits of open banking to your customers

Our work with European banks revealed some key concerns consumers had with open banking. We’ll use these as examples to address perceptions for Australian banking customers. The earlier you educate your customers, the more trust you build in them.

Use us to prepare for digital banking initiatives in Australia

As open banking takes off, your customers will demand more services and products that make their lives easier. Your IT infrastructure needs to scale to meet these new demands. Our platform and domain expertise make us the ideal technology partner to help you become a market leader in digital banking.

Complying with Open Banking in Australia

Open Banking in Australia happens under a phased implementation. The first deadline, July 1, 2019 requires the Big 4 Banks of Australia to provide read access to customers data on credit and debit card, deposit, and transaction accounts. The rest of the banks need to open up the same data by July 1, 2020.

Once the Big 4 comply in June 2019, the rest of the banks have the luxury of following their strategies and implementation techniques to comply. But, to ensure that compliance happens smoothly on or before the deadline, preparation should start now. Here’s what you need to do.

Build your Open APIs in adherence to the phased implementation of Open Banking Australia

As mandated by CSIRO’s Data61, the Open APIs in your infrastructure should adhere to the Open Banking Australia API specification. The team building this infrastructure needs to closely follow the work of regulatory bodies. This includes the Australian Competition and Consumer Commission (ACCC), the Office of the Australian Information Commissioner (OAIC) and Data 61, so that the relevant standards, privacy policies, and timelines are adhered to and updated when necessary.

With the scope of data access increasing to mortgage data and other product data in 2020, the technology infrastructure you deploy now, needs to adhere to current and evolving regulatory requirements.

Ensure foolproof security across the Open API ecosystem

Banking consumers in Australia have stated their concerns about data privacy in open banking. While they are willing to let third parties access their data to create better services, consent will only be provided if the appropriate privacy and security measures are in place.

OAIC is tasked with setting the security and privacy standards for open banking in Australia. To ensure that the open banking journey of customers, data holders, and data recipients happen securely, without hindrance to user experience, several security layers need to be considered. This includes security at an API level and at a consent level. Banks should also implement fraud detection mechanisms to investigate and react to potential data misuse.

Build a model of customer trust in Australian banking

Open Banking in Australia was created to give consumers the power to control their own data. As holders of this data, every bank has a responsibility to ensure data protection when the data is shared across various data holders and recipients. A key aspect of building trust is through transparency. A few things you can do include

  • Informing customers about incremental changes you make towards becoming compliant
  • Creating communication channels to help customers understand what is being done with their data
  • Notifying them about how their data is being protected

Give your Third Party Data Recipients the attention they deserve

Consumers will soon look forward to the enhanced service offerings created by open banking, including consolidated financial portfolio management across all banks that third parties offer them. This is why enabling third parties to promote your financial products and services via their applications is key to surviving and thriving within this new world.

The better your developer portal, the more third parties you attract. And the more you attract, the broader the portfolio of products and services available to your customers.

Technology as a driver of agility for open banking and beyond

Many banks in Australia struggle with legacy systems. Amidst regulatory pressure and the need to stay competitive, banks need to build agile technology platforms that can be used for current and evolving requirements. Customer demand for digitally driven services will continue to rise and banks need to adapt their technology infrastructures to cater to this demand.

We would love to help in your compliance journey.

  • Get a Free Evaluation Setup
  • Yes, I would like to receive emails from WSO2 to stay up to date on new releases and updates.