A more deliberate effort to maintain good data quality in the Consumer Data Right (CDR) scheme must be taken to increase participation and present a viable alternative to screen scraping.
The finding is contained in the Statutory Review of the CDR report, which found the framework has been “broadly effective” on the whole since its introduction and is “sufficiently flexible to accommodate further changes”.
The report, released last week, said “data quality has limited the wider adoption of the CDR”, as expressed in several submissions to the review, and that addressing this “as a priority” could lead to the development of new products.
Digital Service Providers Australia and New Zealand, for instance, said in their submission that the CDR system is being held back by poor data quality, with some businesses reverting to screen scraping.
Another common sentiment expressed during the consultation process was that a focus on rolling out the CDR to new sectors may be to the detriment of maintaining good data quality standards.
Data quality is referred to in the context of CDR privacy safeguard 11, which requires data holders and accredited data recipients to “ensure that the CDR data is, having regard to the purpose for which it is held, accurate, up to date and complete”.
This hopes to “increase participant confidence in the CDR, leading to the development of new CDR products that benefit consumers and decrease reliance on risky practices like screen scraping”, according to the report.
“Data quality must improve for the CDR to realise its potential and provide a viable alternative to less secure practices such as screen scraping,” the report said.
“Participants, regulators and policy makers each have a role to play. In order to incentivise participation in CDR, Government should chart a clear path away from less secure practices and clearly signal that the CDR is the Australian data sharing system for accredited sectors.
The report also argued that the pace of the CDR rollout into new sectors has “not allowed enough time for the system to mature and capitalise on the lessons learnt”.
“Focusing on improving CDR functionality and data quality within already designated sectors should be prioritised, balanced with overall forward momentum into new sectors over time,” the report said.
While the report notes that the system “cannot move at the pace of the slowest participant”, neither can it “continue at a pace participants struggle to maintain”.
“To become truly economy-wide, the CDR should always look to the horizon for the next opportunity and be ready to move with consideration of the overall ecosystem and greater digital economy, allowing for expansion to new sectors or datasets with new rule changes made only as required.”
The review accepted submissions between March 16 and May 20, and also involved individual engagements with 44 representatives across “industry, consumer and privacy advocates, banks, fintechs, subject-area experts, government agencies and regulators and other interested parties”.
In one of the 46 submissions received, Comparison website Finder said that “it is clear from various stakeholder workshops that many banks are failing to meet the standards on data quality and it is often left to the data recipients to identify and flag these issues”.
The report acknowledges a “perception amongst [accredited data recipients] that there is limited follow-up enforcement action from the ACCC” but highlights that the regulator has taken “a facilitative approach to resolving data quality issues to date”.
It also highlights that “a regulatory agency cannot reveal publicly who they are investigating and intending to take enforcement action against, leading to some confusion around when action is being undertaken”.
The Financial Data and Technology Association (FDATA) submission notes that “persistent concerns shared by the market over data quality appear to be largely unanswered”.
“FDATA members regularly share concerns around poor quality data, delays in data being received (in some cases up to 24 hours by major ADIs), missing fields, erroneous data fields, garbled and inconsistent data, with the current challenges, including GitHub and the ACCC compliance and enforcement teams,” the submission reads.
Similarly, American software company Yodlee noted in their submission that accounting software provider Xero continues to directly pay for data because the “CDR does not meet their needs”.
In another suggestion, that echoes the Inquiry into the Future Directions for the Consumer Data Right, the statutory review also suggests that measuring the prevalence of screen scraping. This could facilitate CDR adoption by informing amendments that meet the needs of companies that continue to prefer screen scraping.
However, the report also recommends banning screen scraping in the “near future” in sectors “where the CDR is a viable alternative”. The details and timeline of such a ban should be clearly outlined to “provide certainty and adequate time for businesses to transition, along with stronger incentives to invest in moving to the CDR”, the report reads.
Do you know more? Contact James Riley via Email.