ING is preparing to swap out its consumer data right (CDR) system, which relates to how bank customers can choose to share their data with third party providers.

FinTech Australia and the local office of global outfit FDATA say this could put ING in breach of the CDR rules. In a joint statement, the organisations say that the migration, set to occur on 8 February, will invalidate all existing data sharing arrangements.

According to the statement: "This will mean:

• Every single consent that is currently active with ING will need to be redone.
• Thousands of consumers will be impacted.
• Accredited Data Recipients will bear the cost of reintegration and any damage to their business."

In addition, the statement claims that not all third parties, or accredited providers (ADR), were notified of the move, leaving them scrambling to update their platforms.

Says the statement: "This action disrupts the lives of many Australian consumers who are using the CDR to improve the way they manage their finances and it cannot become a precedent.

"At the core of the matter is that this behaviour may be in breach of the CDR rules and obligations that Data Holder’s like ING have. Specifically the rules that relate to the conditions under which authorisations and consents can be revoked. This is detrimental to consumers who will have to go through the consent process again, which is not a very good experience at all."

FDATA ANZ and FinTech Australia are calling on the Australian Competition and Consumer Commission (ACCC) to take "immediate action" that is "proportionate to the seriousness of the breach and the level of harm, detriment or potential harm this can cause to consumers and trust and confidence in the CDR regime".