Three Ways CDR Will Alter the Australian Open Banking Landscape


CDR is here! But don’t panic if your bank isn’t quite there yet. We can help with our new ForgeRock CDR Open Banking Accelerators.

Well, it’s finally here. The Australian government’s Consumer Data Right (CDR) regulation is taking effect – in phases – starting with bank loans and personal information for the Big Four banks. The rest of the industry will follow suit in 2021.

Understandably, the rollout of yet another new regulation tends to be met with a bit of resistance. But CDR has some significant upsides for banks that fully embrace the open standards requirement that come with it. It’s been argued that the open standards can lead to a new wave of greater innovation and consumer services. Here are three ways banks can benefit from CDR:. 

#1. CDR can pave the way to greater uniformity of security and boost consumer confidence. Third-party global banking integrations have been quite loose with regard to security in the past. Lacking application programming interface (API) openness, some developers have resorted to insecure “screen scraping” techniques that left consumer data vulnerable. CDR requires openness, mandating industry-standard, security-conscious protocols that will increase consumer confidence in the way their data is handled. 

#2. CDR can lead to better customer and user experiences (CX/UX). Everything today is digital and online. Even processes previously handled exclusively face to face – like new customer onboarding and enrollment – can now be done remotely, without ever having to set foot in a branch office. Since many customers have an online-only relationship, the digital experience must be optimized. This means speed and security need to be core components of the offering, ensuring that there are no data loss or sync issues between your bank and a third-party provider. Secure uniformity and openness of APIs can help support this.

#3. CDR can help monetize data for new consumer services. A core focus of CDR is putting consumers in charge of their data. But this doesn’t eliminate opportunities for new service offerings and partnerships between banks and third-party API developers or other financial services organizations. When done properly, opening up your APIs – and by extension, customer data –  can lead to new revenue opportunities.

But before any of this can happen, you need to become compliant with CDR. Maybe you’re already there, but is the job really done? Was it a struggle to become compliant because of the legacy IT systems you have in place? Will that solution scale to your current needs, as well as the evolving and changing CDR standard?

No matter where you are in the compliance journey, ForgeRock has solutions – called “Accelerators” – that can help. Let’s take a more detailed dive into some of the specifics so you can see for yourself. 

ForgeRock recently released CDR Open Banking Accelerators to help drastically speed up compliance with the Australian Government's CDR mandate. These accelerators make it easier for you to comply with CDR mandates by providing a fully compliant container-based reference implementation, along with comprehensive documentation. 

Our accelerators are designed to minimize integration efforts, by deploying into your production environment rapidly and in an automated way. Identity architects, DevOps, developers, and project managers report that our accelerators have saved them up to two thirds of their total implementation time and cost. CDR Open Banking Accelerators can help you achieve a rapid ROI and improve the customer experience at the same time. 

ForgeRock CDR Open Banking Accelerators also ensure that the APIs used by financial providers prioritize customer authorization when sharing data with other requested providers. We designed the tools to adhere to CDR guidelines outlined by the Australian government.

ForgeRock can help you overcome compliance hurdles. Here’s how the CDR Open Banking Accelerators addresses four primary use cases within the Open Banking framework:

  • Gives Data Holders a plug-and-play, CDR-compliant endpoint, where Accredited Data Recipients can dynamically register themselves.
  • Provides Data Holders with a compliant, centralized consent engine enabling Accredited Data Recipients to request access to customer data.
  • Provides Data Holders with a MetaDirectory Cache Data Model and Sync Engine to create and maintain the required copy of the Registry. Provides Data Holders with a fine-grained authorization service based on customer consent. This Core Banking API enables you, as an accredited Data Recipient, to access data the customer consents to.

You can decide to simply comply with the CDR regulation, or you can use it as a springboard to compete in the new Open API economy. ForgeRock firmly believes that, in the near future, the quality of CDR implementations and broader API offerings will be a determining factor for customers choosing new services. As Data Recipients begin to offer innovative services using banking APIs, customers will start to expect to make use of these third-party services. Plus, non-mandatory APIs help progressive organizations like yours capitalize on the Open Banking revolution, so it’s a real opportunity to grow and evolve your business. 

We’re grateful to our trusted partner Middleware NZ, whose knowledge of the Australian banking market and technical acumen helped make the CDR Open Banking Accelerators a reality.

With a modern identity and access management (IAM) platform, you can transform your customers’ user experience. They’ll be able to control who can access their data and what can be done with it. And by empowering your customers, you’ll open up new and exciting innovation opportunities for your organization. 

 It’s easy to get started. Click here, and download the ForgeRock CDR Accelerators. If you need help, don’t hesitate to reach out to us.