What’s Open Banking?
Consumer Data Right in Australia
Consumer Data Right (CDR) is legislation passed by the Australian government to give you more control over your data, allowing you to access and share your data with accredited third parties to access better deals on products and services.
The first phase of CDR is Open Banking, allowing the sharing of financial data via secure and automated data technologies with Accredited Data Recipients.
Accredited Data Recipients, or service providers, can use your data to offer you new and innovative products and services, or speed up processes such as loan applications.
Data sharing can be a one-off exercise with your data shared once with a service provider (completing a loan application for example), or ongoing for a period specified at consent but no more than 1 year (say for a budgeting App).
View current CDR providers here.
Product Reference Data
In addition to allowing you to access and share your data, BankVic also publishes Product Reference Data, which is information about the products we supply, including terms and conditions and key features.
This product information below can be accessed by anyone via Application Programming Interfaces (APIs) although they do require specialist developer tools to access them. The endpoints for these are:
- https://ib.bankvic.com.au/openbanking/cds-au/v1/banking/products- provides a list of current BankVic products
- https://ib.bankvic.com.au/openbanking/cds-au/v1/banking/products/{productid}– provides detailed information for specific BankVic products (add each product ID as required)
More information on the structure of these API requests and responses, can be found at Consumer Data Standards Australia.
Benefits to members
With Open Banking, you will have:
- Greater visibility of and control over your banking data
- Greater ease of comparison, and access to new products and services
- The ability to access products and services quickly and easily through automated website
Find out more
You can find out more at:
Sharing your data
Member eligibility
All our members are eligible to take part in Open Banking as long as they are over 18 years of age, have Internet Banking access and a mobile phone number on record. It is entirely your choice if you wish to use Open Banking and it is you who provides the authorisation to have your data shared with service providers.
Data we can share, with your authorisation
The Australian Competition and Consumer Commission (ACCC) has specified the following CDR data be available to share with accredited service providers. BankVic can share the following data clusters with a service provider once you provide consent and authorisation:
- Name and contact details
- Transaction details
- Account balance
- Direct debits and scheduled payments
- Saved payees
- Product information
Product eligibility
The following BankVic products support sharing through the CDR. Data related to products not included in the list below are not available to be shared with service providers.
- Everyday transaction accounts
- Savings accounts
- Term deposits
- Cheque accounts
- Personal credit or charge card accounts
- Business credit or charge card accounts
- Residential home loans
- Investment property loans
- Mortgage offset accounts
- Personal loans
- Overdrafts
- Lines of credits
- Pensioner deeming accounts
- Trust accounts
How-to: Individual accounts
- You consent to share
Open Banking first requires you provide consent to share your CDR data. You need to visit the Open Banking consent portal of the service provider you wish to share your data with and provide consent for them to request to share your data.
- You authorise BankVic to share
Once you consent for your data to be shared, the service provider will redirect you to BankVic to choose what to share and authorise the sharing. BankVic must obtain your authorisation before sharing your data with a service provider, we do this by providing you with a one-time password via SMS to authenticate your authorisation prior to data sharing.
- The service provider requests your data
The service provider requests the data you have consented to share from BankVic. BankVic verifies that your consent is still valid and shares only the data you have authorised us to share.
- You control your sharing
You can manage your data consents 24/7 within Internet Banking - go to Accounts and Data Sharing to revoke sharing or change which accounts you are sharing with a service provider. You can also revoke any data sharing by contacting our Call Centre on 13 63 73.
How to: Joint accounts
Yes, eligible joint accounts with two or more account holders can share data. Only one of the account holders needs to provide consent to the sharing, but all will be notified of the sharing arrangement. At any time, any account holder can revoke consent to share the joint account’s data, through BankVic’s app or Internet Banking service.
Security & privacy
What is an Accredited Data Recipient?
An Accredited Data Recipient (ADR), or service provider, has been through a rigorous accreditation process managed by the ACCC to allow them to receive consumer data, so they can provide a product or service to consumers.
Once BankVic shares your data with a service provider, your data is no longer managed by us, so you should review the CDR Policy and Privacy Policy of the service provider who will have access to your data.
Am I automatically opted-in to Open Banking?
No, it is your choice to use Open Banking. This means you choose whether you share your data or not. You will need to agree to share your data when asked by a service provider and authorise BankVic to share your data with the service provider before your data is shared.
How do I stop sharing data?
There are two options to stop sharing your data.
You can view and revoke the consents you’ve given to BankVic for data sharing online through Internet Banking or by calling us. Alternatively, you can stop sharing data by revoking your consent in the service providers consent dashboard.
There are no penalties for withdrawal of consent.
How to delete or de-identify shared data?
Members are responsible for providing the service provider with a consent period, which is how long the accredited service provider can use member data. Once this consent period has expired, the service provider will de-identify your data or delete your data based on your preference expressed during the consent process.
Terms and conditions
Important things you should know
Information on this page is general in nature and does not take into account your personal circumstances. You should consider whether it is appropriate for you before acquiring the product or service.
Fees and charges may apply. Interest rates are variable and subject to change. Information on our terms & conditions, interest rates and fees & charges are available on request.
We recommend that you read the following documents: