ACCC & DSB | CDR Implementation Call Agenda & Meeting Notes | 29th of June 2023
When: Weekly every Thursday at 3pm-4:30pm AEST
Location: Microsoft Teams
Meeting Details: Join on your computer, mobile app or room device Click here to join the meeting
Meeting ID: 446 019 435 001
Passcode: BU6uFg
Download Teams | Join on the web
Join with a video conferencing device
[email protected]
Video Conference ID: 133 133 341 4
Alternate VTC instructions
Or call in (audio only)
+61 2 9161 1229,,715805177# Australia, Sydney
Phone Conference ID: 715 805 177#
Find a local number | Reset PIN
Learn More | Meeting options
- Introductions
- Updates
- CDR Stream updates
- Presentation
- Q&A
- Any other business
- 5 min will be allowed for participants to join the call.
We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.
We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.
The Consumer Data Right Implementation Calls are recorded for note taking purposes. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material shall be provided without the participant's consent. Participants may [email protected] should they have any further questions or wish to have any material redacted from the record.
By participating in the Consumer Data Right Implementation Call you agree to the Community Guidelines. These guidelines intend to provide a safe and constructive space for members to discuss implementation topics with other participants and members of the ACCC and Data Standards Body.
| Type | Topic | Update |
|---|---|---|
| Standards | Version 1.24.0 published 7th of May 2023 | Version 1.24.0 Change Log |
| Standards | Version 1.25.0 | Due out in the next two weeks. |
| Maintenance | Iteration 15 concluded on 14th of June 2023 | See the agenda |
| Maintenance | Iteration 16 to commence on the 12th of July 2023 | Invitations have been sent out |
| TSY Newsletter | To subscribe to TSY Newsletter | Link here |
| DSB Newsletter | To subscribe to DSB Newsletter | Link here |
| TSY Newsletter | 27th of June2023 | View in browser here |
| DSB Newsletter | 23rd of June 2023 | View in browser here |
| Consultation | Decision Proposal 229 - CDR Participant Representation | Placeholder: no close date Link to consultation |
| Consultation | Noting Paper 276 - Proposed v5 Rules & Standards Impacts | No Close Date Link to consultation |
| Consultation | Noting Paper 279 - Accessibility Improvement Plan | No Close Date Link to consultation |
| Consultation | Noting Paper 280: The CX of Authentication Uplift | No Close Date Link to consultation |
| Consultation | Decision Proposal 303 - Maintenance Iteration 15 | Link to consultation |
| Consultation | Decision Proposal 306 - Updates to Banking Product and Account Detail | Feedback closes: 28th of July 2023 Link to consultation |
| Consultation | Noting Paper 307 - LCCD Consultation Approach | No Close Date Link to consultation Video |
| Consultation | Noting Paper 308 - Categories of Standards | No Close Date Link to consultation |
| Video | Consumer Data Standards Guide Trailer | Link to video |
| Decision Made | Decision Proposal 288 Non-Functional Requirements Revision has had the decision made by the Data Standards Chair | Link to the Decision Changes will be incorporated into v1.25.0 |
| Obligation Date: Authorisation Code Flow (ACF) |
10th of July 2023 FAPI 1.0 adoption is introduced across four phases. Phase 4: Retire Hybrid Flow: Data Holders MAY retire Hybrid Flow |
We are actively encouraging ADRs to test their solution for ACF during the transition window and update their client registration to only use ACF before the July 10th obligation date that permits holders to retire Hybrid Flow. The transition window provides a safer path for ADRs to update their client software in a rolling fashion across all data holders whilst ensuring they have a fall-back mechanism if any given data holder has not correctly implemented ACF. The ACCC is reaching out to participants to gather information regarding the transition from Hybrid to ACF Authorization flow. If any data recipients have feedback they wish to provide regarding their overall experience of ACF, please get in contact with the ACCC at [email protected]. We also encourage recipients to continue raising individual issues with the relevant data holders for resolution. |
Provides a weekly update on the activities of each of the CDR streams and their stream of work
| Organisation | Stream | Member |
|---|---|---|
| ACCC | CTS & Register | Eva |
| ACCC | Regulatory Guidance | Victoria |
| DSB | Consumer Experience | Amy |
| DSB | Technical Standards - Energy | Hemang |
| DSB | Technical Standards - Information Security & Banking | Mark |
| DSB | Technical Standards - Maintenance Iteration 15 | Brian |
None planned for this week.
Questions will be received by the community via Microsoft Teams chat before the questions are opened to the floor. Participants can submit questions outside of the CDR Implementation Call to the CDR Support Portal.
In regards to topics for questions, we ask the participants on the call to consider the Community Guidelines when posing questions to the subject matter experts.
| Ticket # | Question | Answer |
|---|---|---|
| 2017 | I'd like to confirm for retailers going live with Mass Market customers Nov 23 what is the obligation based on the below to support secondary users e.g. 18 months post accreditation? From site: https://www.cdr.gov.au/sites/default/files/2022-12/Secondary-users-in-the-energy-sector-fact-sheet-published-20-December-2022.pdf 1.4 Table 1 Obligation dates in relation to secondary users in the energy sector Data holder2 Commencement date Initial retailers 15 May 2023 Larger retailers 1 May 2024 Small retailers that become accredited 15 May 2024 (if accredited before or on 15 Nov 2022) or 18 months after the day it becomes accredited Small retailers that wish to participate voluntarily Date of its choosing but no earlier than 15 May 2023 |
As you have correctly identified, small retailers that become accredited after 15 November 2022 are required to support secondary users from 18 months after they day they become accredited. However, larger retailers are required to support secondary users from 1 May 2024. Schedule 4 of the CDR Rules, under clause 8.3, defines a larger retailer as (a) a retailer that had 10,000 or more small customers on the amendment day, and (b) a retailer that had 10,000 or more small customers at all times during a financial year that begins on or after the amendment day (on and from the day 12 months after the end of that financial year). |
| 1998 | For Get Metrics specifically currentMonth figures for availability, I believe ACCC calls this endpoint at 5am AEST. Are DH expected to provide real-time data at the point of call ? For our organisation, we will finalise the currentMonth figures for 1/5/23 at midnight of 2/5/23 as it need to include the whole day's data. This means when ACCC calls for the currentMonth figures on 1/5/23 at 5am, the data they will get will be for 30/4/23. |
The Consumer Data Right Register Portal polls Data Holders GET Metrics Endpoints at 5AM AEST on a Daily basis. Refer to this Zendesk Article. The ACCC understands metrics data may be distributed between different systems in a Data Holder’s implementation and that collection and consolidation may be a batch process. The ACCC also understands this type of process makes it difficult to guarantee the data collected represents the latest and most up to date without detailed coordination of collection. Therefore, it is deemed acceptable for the data presented to be up to 24 hours old. As mentioned in section “How often will the ACCC be collecting this data?” of this Zendesk Article, any gaps in the data over the previous 7 days can be corrected as each daily call collects one week of data. The ACCC accepts that gaps may occur by exception and will investigate gaps which appear to be systemic. |
| 1994 | For mortgage broker use case - seeking to understand if a consumer could provide concurrent consents at the information gathering stage (early) in the broker process: Consent 1 TA Disclosure Consent for ADR to disclose consumer's data to Trusted Adviser to fast track certain aspects of information gathering process Consent 2 AP Disclosure Consent for ADR to also disclose consumer's data to the ADR that the mortgage broker ultimately submits the consumer's home loan application to (ie the lender) Whilst CDR Rule 1.10A(2)(e) appears to facilitate disclosure of CDR data from ADR to another, the proposition of providing a concurrent AP Disclosure Consent in the above use case appears to fall foul of CDR Rule 4.11(1)(ba), which states: "in the case of a disclosure consent―allow the CDR consumer to select the person to whom the CDR data may be disclosed" In the above use case, it is important to understand that the mortgage broker will not have selected / recommended a product as yet and therefore, the consumer will not be able to identify the receiving ADR (ie lender) to which the AP Disclosure Consent relates (their data is to be disclosed to). Also mindful that the practical implementation of this could be problematic because appears the ADR would not be able to fulfil the AP Disclosure Consent until such time as the consumer has provided the details of the ADR to whom their data is to be disclosed by amending the consent in the ADR's consumer dashboard. |
As you have noted, Rule 4.11(1)(ba) provides that when an accredited person asks a CDR consumer to give a disclosure consent, they must allow the CDR consumer to select the person to whom the CDR data will be disclosed. Rule 7.10 also requires that when a CDR participant makes a disclosure of CDR data, they must provide the CDR consumer on whose behalf the disclosure was made with a written notice through the consumer dashboard that identifies the accredited person to whom the CDR data was disclosed. In the scenario you describe, this indicates that after the ADR discloses CDR data to the trusted adviser under a TA disclosure consent (i.e. to allow the mortgage broker TA to analyse what lending options may best suit the consumer), the ADR would need to seek a separate AP disclosure consent from the consumer for the ADR to be able to share their CDR data with the appropriate ADR lender, once that lender has been recommended (and that recommendation agreed to by the consumer). We hope this information assists you. Please note that the ACCC cannot provide specific compliance advice and it is the responsibility of CDR participants to determine how they will comply with the CDR Rules. |
View a number of informative and useful links in the Consumer Data Standards Guide on Information Links.
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
 |
 |
 |