A government-led senate inquiry has called for a new body to assume responsibility for the consumer data right and, in the future, all national data policy functions.
The finding is contained in the financial technology and regulatory technology committee’s interim report, released late on Wednesday, after hearings were extended in response to COVID-19.
After hearing that “oversight of the CDR is unnecessarily fragmented”, the report [pdf] recommended consolidating regulatory arrangements under a new national body.
The Australian Competition and Consumer Commission is currently the CDR’s lead regulator, and works with the Office of the Australian Information Commissioner on privacy matters.
The single, standalone body would initially consolidate the regulatory responsibilities in relation to the CDR, though this could extend to “other functions relating to data policy” at a later point.
“More broadly, the committee heard that great benefits could be achieved by consolidating national data policy under a single agency,” the report states.
“The committee agrees that it is time for a clear, effective and accountable regulatory structure for all aspects of data management and privacy in the digital economy.”
Announcing the release on the report, Liberal senator and committee chair Andrew Bragg said the “CDR is too important to be managed by a wing in the ACCC”.
Despite agreeing with most of the report’s recommendations, Labor senators disputed this, suggesting the ACCC remain at the helm due to “immediate concerns” related to open banking.
The report also recommends the scope of the CDR expand to “include other financial services, starting with the superannuation sector and then including sectors such as general insurance”.
It similarly calls for the “rules for intermediary and third-party access to CDR banking data” to be finalised by late 2020, with intermediaries allowed to enter “as soon as possible thereafter”.
“The committee heard significant concerns that the current, single accreditation level of 'unrestricted data recipient' is not a viable proposition for many fintechs due to the costs and rigour associated with becoming accredited at this level,” the report states.
“As such, an appropriate accreditation regime for third parties and intermediaries will be critical if open banking is to achieve its intended purpose of increasing competition and providing greater choice for consumers.”
Digital identity for a post-COVID world
Elsewhere in the report, the committee recommended that the Digital Transformation Agency “accelerate” its federated digital identity ecosystem, particularly in light of the pandemic.
But despite receiving funding to do just that last year, progress with the ecosystem, namely the myGovID digital identity credential, has stalled in recent months.
The DTA pushed back the credential's much-anticipated rollout on the myGov online services portal after a pilot highlighted problems with the integration. No new integration date has been set.
myGovID has now been live seven months, though it can only be used to access a limited number of services. It had previously spent nine months in public beta and eight months in private beta.
The committee said “continuing and accelerating this program of work is of great importance as Australia emerges from the COVID-19 crisis”.
“These reforms will deliver significant time and cost savings to individuals and businesses, as well as creating opportunities for innovative fintechs and others working in the digital identity space,” the report states.
It has also urged the government to bring forward “legislative work being developed by DTA … as quickly as possible”.
Screen scraping to stay … for now
On the vexed issue of digital data capture or ‘screen scraping’, the committee said the controversial practice could continue, despite calls from banking giants to ban it altogether.
“In the committee's view, it is pertinent that [the] Australian Securities and Investment Commission has found no evidence of consumer harm as a result of these practices,” the report states.
“It is also clear that it will take some time for the open banking regime to provide a level of data quality and ubiquity that is currently available using digital data capture services.
“As such, the committee considers that an outright ban on screen scraping is not prudent at the present time, and that in many cases these practices are enabling companies to innovate and provide competition in the financial services sector.
“This situation should continue to be monitored, however, as open banking is rolled out.”
Other recommendations contained in the report include:
- Amending the Corporations Act 2001 to allow companies to hold meetings virtually, communicate electronically by default and witness documents online
- Creating an advisory council to advise on AgTech policy
- Continue work to implement ePrescriptions “as quickly as possible”
- Release Treasury’s report on initial coin offerings when it is complete