/regulation & compliance

News and resources on regulation, compliance, legal and governance issues for banks and fintechs.
FinTech Australia says ING systems upgrade may breach open banking rules

FinTech Australia says ING systems upgrade may breach open banking rules

Fintech Australia and the Financial Data and Technology Association (FDATA) are calling on Australia's competition watchdog to intervene in ING Bank's planned upgrade to an Open Banking-related system.

ING is preparing to swap out its consumer data right (CDR) system, which relates to how bank customers can choose to share their data with third party providers.

FinTech Australia and the local office of global outfit FDATA say this could put ING in breach of the CDR rules. In a joint statement, the organisations say that the migration, set to occur on 8 February, will invalidate all existing data sharing arrangements.

According to the statement: "This will mean:

  • Every single consent that is currently active with ING will need to be redone.
  • Thousands of consumers will be impacted.
  • Accredited Data Recipients will bear the cost of reintegration and any damage to their business."

In addition, the statement claims that not all third parties, or accredited providers (ADR), were notified of the move, leaving them scrambling to update their platforms.

Says the statement: "This action disrupts the lives of many Australian consumers who are using the CDR to improve the way they manage their finances and it cannot become a precedent.

"At the core of the matter is that this behaviour may be in breach of the CDR rules and obligations that Data Holder’s like ING have. Specifically the rules that relate to the conditions under which authorisations and consents can be revoked. This is detrimental to consumers who will have to go through the consent process again, which is not a very good experience at all."

FDATA ANZ and FinTech Australia are calling on the Australian Competition and Consumer Commission (ACCC) to take "immediate action" that is "proportionate to the seriousness of the breach and the level of harm, detriment or potential harm this can cause to consumers and trust and confidence in the CDR regime".

Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 08 February, 2023, 14:01Be the first to give this comment the thumbs up 0 likes

This is insane!

Is there a precedent of any other bank upgrading its internal system integral to Open Banking workflow without seeking consents again? 

On a side note, every time my bank upgrades the version of its ATM switch software - which is once in 6 months or so - I lose my "Favorite Transation", which, IMO, is one of the most innovative features I'd seen in retail banking when it was launched 10+ years ago.