Consumer Data Right (CDR) Who are the Intermediaries, Why are they needed and What services do they provide?
CDR is live and scoring runs for more than 90 days now. ACCC has amended the CDR Rules to permit accredited intermediaries to collect data on behalf of third party data recipients, with consumer consent.
The goal of this article is to introduce the readers to this new role of “Intermediary” that is emerging in the CDR ecosystem and how they interact with the other key players in the ecosystem — Accredited Data Recipients (ADRs) and Data Holders.
CDR Regime (Before the introduction of Intermediaries)
The Data holders expose APIs (Banking, common, and admin APIs) along with InfoSec endpoints which are consumed directly by the ADRs (and ACCC)
Is there a problem here?
Are we trying to invent a problem to introduce Intermediaries?
Isn’t this a typical pattern that one would find in a modern API economy — API provider and API Consumers talking directly to each other?
The technical implementation of the APIs is not a trivial task. The initial as well as operating (policies and processes) costs are significant which sets the bar high for aspiring ADRs.
CDR Regime (After the introduction of Intermediaries)
In this model, an ADR enters into a combined accredited person (CAP) arrangement with an accredited intermediary. The accredited intermediary collects data from the data holders and then passes them onto the ADR.
This model lowers the entry bar for ADRs (thereby fostering competition) by allowing them to focus on their core services and offerings. The challenge of working and keeping pace with technical Consumer Data Standards (CDS) specifications is delegated/outsourced to the accredited Intermediaries.
Who can be an Intermediary?
Any organization can play the role of intermediary. Intermediaries (just like ADRs) are subject to a rigorous accreditation process. Intermediaries will be highly skilled organizations that understand the CDR rules and specifications well. They are tech-savvy and are well equipped to build and operate at scale.
Who are the natural candidate(s) for this Intermediary role?
Players such as Basiq, Ping Identity, WSO2, Yolt Technology Services (to name a few) are natural candidates to play this role. These are players who have implemented CDR (and other Open Banking implementations across the globe) with solid technical know-how of implementing complex API based solutions. Existing (and future) “unrestricted ADRs” such as Frollo are also good and clear candidates for this intermediary role.
The CDR rules announcement which is effective 2nd October supports only the collection of data. The world of intermediaries just starts with the collection of data. The intermediaries can play a much broader role and provide varying capabilities.
Forrester has identified a few functional segments that Intermediaries can perform in this ecosystem:
(a) Data aggregators
(b) Consumer Personal Financial Management(PFM) Platform
(c) Consumer and Third-party services
(d) Payment Platforms
(e) Full Spectrum Platforms
Refer to Forrester’s Landscape overview of Open Banking intermediaries for details on the capabilities offered by each of these segments.
We have just scratched the surface of Intermediaries. In countries such as the UK and Japan, intermediaries are playing a pivotal role in the Open Banking ecosystem. We will have to wait and see how the players evolve in this space here in Australia and the range of benefits that are enjoyed by the CDR ecosystem players through their introduction.