Share with your friends

Are you ready for Open Banking?

Are you ready for Open Banking?

With little more than six months until Open Banking is introduced in Australia, financial institutions need to prepare for new compliance, technology and operational processes, but also for new opportunities to emerge from the new data economy.

Ian Pollari

National Sector Leader, Banking and Global Co-leader, KPMG Fintech practice

KPMG Australia


Also on

Man doing online banking on his phone

Open Banking is the latest policy and technology innovation at the forefront of the evolution of the financial services industry, designed to put customers in control of their data. Through the use of Application Program Interfaces (APIs), banks and financial institutions will be provisioning open access to customer banking data, and facilitating the use of ‘open source’ innovation and product development to create more personalised experiences and new, customer-focused services.

In May 2018 the Australian Government proceeded to implement Open Banking following recommendations from an independent Australian Open Banking Review by law firm King & Wood Mallesons. For Australian banks this means returning ownership of data to their customers, starting with data from debit and credit card deposit and transaction accounts, then eventually encompassing all banking products. The Government’s goal is to boost innovation through fairer and more personalised banking services, allow customer to compare and seek ‘better deals’ and ultimately, to stimulate greater competition in the banking industry.

Part of a global shift

The Australian Open Banking movement has been influenced by global shifts in banking legislation, particularly the European Union’s adoption of the revised Payment Services Directive (PSD2), General Data Protection Regulation (GDPR) and the UK’s Open Banking regime. PSD2 legislates a push to drive innovation, product development and integration in the payments market by leveraging online and mobile payment data in an Open Banking world. The UK Competition Market Authority (CMA) issued a mandate requiring the nine largest UK banks to allow licensed start-ups/developers direct access to their data (through Open APIs) with the intent to increase competition in financial services and to provide better outcomes for consumers and small businesses. 

Notwithstanding the move to Open Banking has been influenced by overseas experiences and models, Australia is also exploring some differences, with the Consumer Data Right (CDR) meaning Open Banking will extend to other sectors, the concept of reciprocity of data flows between data holders and recipients (i.e. two-way), as well as being ‘read-only’ (information exchange) from day one.

With the Open Banking Regime to be deployed in Australia in July 2019, banks and fintechs will be looking to gain the upper hand in a new banking landscape. Similarly retailers, start-ups, technology players and others will be investigating how they can gain access and benefit from the valuable customer data the banks preside over today.

Building the frameworks

Since accepting the recommendations of the Open Banking Review in May 2018, a collaborative network of Australian statutory and regulatory representative groups have taken action to build the transformation framework for enabling Open Banking. The ACCC, the RBA, ASIC, and APRA share responsibility to support the reforms required to deliver Open Banking and as such, are under pressure to deliver the required clarity for industry participants to be ready for July 2019.

One critical legislative artefact which will ultimately govern Open Banking is the CDR (as mentioned earlier). The CDR is Australian legislation which gives customers a right to control and direct the personal information that they already share with their bank, and allow access to third party service providers and others they trust. This gives customers freedom of choice and convenience in managing their financial services, confidence in the use of their data, and allows customers to independently assess and determine the value of their data. Implementation of Open Banking in Australia will be phased to incrementally introduce the effects of CDR into the industry and to customers, starting with the major banks on 1 July 2019.

How can Australian banks prepare?

The disruptive implications of the Australian Open Banking regime creates both significant opportunities and challenges for both existing and emerging players:

  • Market efficiency and integration – Organisations need to consider the impacts of an increasingly efficient market, particularly the rapid speed-to-market of new financial products and services, and unpredicted customer adoption of innovative and seamless banking products through third parties.
  • Consumer protection – Companies are realising the value of the data they hold and investing heavily in safely leveraging its value to drive innovative customer solutions, build loyalty, enhance operations, etc. However, doing this without causing adverse effects on privacy will require implementation of adequate systems and processes to keep customers in charge of how, when, where and with whom their data is shared with as per the CDR.
  • Competition and choice – With financial institutions understanding that the key driver for Open Banking is the increased competitive pressures between banks, the race to be ahead of the pack has now become a critical consideration for all market players.
  • Data security – The open access and use of banking data includes sensitive customer and associated information created as part of banking records. This information is highly confidential and requires organisations to place emphasis and priority on ensuring that sensitive information is kept in safe hands and held to the most rigorous data security standards.
  • Digital identity – Open Banking relies heavily on an integrated digital identity at its foundation. Consolidation of the holistic online profile for a person, organisation or electronic device will enable a secure and seamless authentication experience, and be a competitive lever between banks and other financial service providers.
  • Access management – Banks will need the capability to securely and confidentially link a customer to their data. This will require a framework governing access (and revocation) rights, usage limitations and security. Much like using a social media account to login to a banking account, customers require either a standardised or customisable set of access management protocols defined for the sharing and use of data with third party service providers.

In summary

Australian financial institutions will need to be flexible in their approach to adapting to the Australian Open Banking regime due to the uncertainty in how the regulatory, competitive and security standards will develop. There is no doubt that a lot of activity will need to be undertaken by the majors to prepare for and be ready for next year. However, given the intent to broaden the regime to other sectors, this does present new opportunities for banks that see Open Banking as more than a compliance requirement.

© 2020 KPMG, an Australian partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. All rights reserved. Liability limited by a scheme approved under Professional Standards Legislation.

KPMG International Cooperative (“KPMG International”) is a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm.

Connect with us


Want to do business with KPMG?


loading image Request for proposal