The war of words over the role of big banks in the forthcoming open banking regime has gone into overdrive with the Commonwealth Bank of Australia issuing a fiery rebuttal to claims by fintech Raiz that its new buy-now pay-later play Klarna can leapfrog strict regulatory conditions.
In sharp and direct rebuke against a key agitator in the local fintech scene, the CBA has directly accused Raiz of making a series of incorrect claims over how Klarna will operate in Australia, including the accusation Klarna will be able to use CBA as an umbrella from separate regulation.
Raiz has claimed that “Klarna has a significant competitive advantage … due to their relationship with CBA. Klarna will not have to get CBA customer consent to use CBA data and also will become automatically accredited under the CDR.”
Australia’s biggest bank is calling BS on that claim which was made in the form of a letter from Raiz to the Select Committee on Financial Technology and Regulatory Technology after the launch of Klarna and X15 Ventures.
“Raiz has claimed that Authorise Deposit-taking Institutions (ADIs) do not require accreditation to participate in the CDR. This is incorrect. Commonwealth Bank must follow the CDR’s streamlined accreditation process to allow consumers to transfer banking data to Commonwealth Bank,” the CBA said in a new submission to the Select Committee on Financial Technology and Regulatory Technology.
“Government determined that a streamlined process of accreditation was appropriate for ADIs. There are extensive regulatory instruments that mandate obligations on those entities for managing information security, such as APRA’s Prudential Standard CPS 234 on Information Security.”
Raiz and the CBA are well established interlocutors, with Raiz leading the charge for screen scraping to be legitimised despite consumer advocates calling for it to be banned.
CBA routinely automatically warns customers it detects using Raiz’s screen scraping access that the service is putting their account security and potentially fraud indemnity at risk.
CBA says the practice of screen scraping, which usually involves handing over account access derails to a third party, puts years of education to not share security credentials at risk.
Raiz counters that the security alerts CBA’s customers see are essentially bullying and anti-competitive conduct.
However Raiz’s latest letter to the fintech inquiry has clearly stuck a nerve with the CBA’s leadership, with the bank issuing a blow-by-blow takedown of Raiz’s allegations.
“Raiz has asserted that Klarna, with which the Commonwealth Bank has entered into partnership, will become automatically accredited under the CDR. This is incorrect,” he CBA roared.
“Should Klarna wish to access data available under the CDR, it will also need to gain accreditation. This process will not be automatic, nor does the association of Klarna with CBA have any relevance to it. If Klarna becomes accredited, it will be subject to the same CDR privacy safeguards as other participants.”
Notwithstanding that the CBA has a 50 percent stake in the local Klarna venture and a 5.5 percent stake in the Scandi mothership, the venture does operate as a separate entity.
However CBA reckons that even its wholly-owned entities, namely X15 will also cop full CDR accreditation.
“Raiz has suggested that ventures that are part of CBA’s recently announced venture builder x15 will be automatically accredited under the CDR. This is also incorrect. If any of those ventures seeks access to data under the CDR they will also need to seek accreditation,” CBA said.
Who said banking was boring.