Frequently Asked Questions
Wych is the most flexible, reliable and cost-effective way to connect people with their financial data. We've collected the answers to common queries below.
Contact us if you need more info
In Australia, only providers accredited by the Australian Competition and Consumer Commission (ACCC) can offer services using the Consumer Data Right.
The ACCC accreditation process is rigorous, and requires providers to demonstrate they meet a number of obligations, including insurance, information security, technical and operational capabilities.
Wych's ACCC CDR conformance testing was completed early in March 2022 with full activation by the end of March.
Accredited data recipients are the ‘receivers’ in the Consumer Data Right system and receive a consumer’s data after the consumer has given consent. The providers can then use it, although only for the purpose the consumer has requested – for example, to request switching from one bank to another.
To receive data a provider needs to apply to become an accredited data recipient under Consumer Data Right and pass a whole lot of tests relating to technical capability, insurance, privacy and security and dispute resolution. They must also demonstrate they can comply with strict requirements to receive data.
The amount of open consumer data will grow over time, as more and more providers become accredited across banking, finance and other industries like energy, telecommunications and more.
API refers to a set of application programming interfaces (APIs) which in Open Banking allow authorised third-party service providers to access and use financial data held by banks and other financial institutions.
These APIs enable secure communication between different software applications so they can share data and provide customers with more personalised and innovative financial services.
Some examples of services that can be built using open banking APIs include budgeting and financial management tools, payment initiation services, and loan and mortgage applications. Open banking APIs can also be used to enable customers to securely share their financial data with third-party providers, such as personal finance apps or accounting software.
Consent is the principle where a customer gives express permission for the collection, use and disclosure of their data. In many regions it's a requirement to request consent before interacting with a customer’s data. Without express consent, you should not able to collect, use, or disclose customer data. When a customer consents they are agreeing to a specific usecase, think of this as the "terms" of the consent.
This information needs to be shared with the customer when requesting their data:
Who is requesting access
What they are requesting access to
Why they are requesting access
How long is the access required for
How the data will be handled
How they can revoke consent
Australia’s Consumer Data Right (CDR) gives consumers more control over their own data, enabling them to share it with accredited third parties so they can access better deals on everyday products and services.
The Consumer Data Right is an opt-in service, giving consumers the choice about whether to share their data, with full visibility of who it’s being shared with and the purpose for sharing it.
The CDR can make it easier to:
compare products and services
access better value and improved services
assist financial and cashflow management.
Information is transferred using secure automated data technology called APIs (application programming interfaces — are a software intermediary allowing two applications to talk to each other securely).
Wych is an accredited CDR data recipient. We provide and maintain integrations with over 100 data holders so our customers can focus on using the data and delivering better offers to customers.
Data holders are the ‘givers’ in the Australian Consumer Data Right system. They hold the consumer data – for example, a bank or mortgage lender.
Registered data holders are required to share a consumer’s data when the consumer directs them to, and only for the period of time allowed, which can be a single use or for a set period of time up to a maximum of one year, after which the consumer must provide consent again. they are required to provide a consent management system enabling a consumer manage their consent and privacy, including the right to be forgotten.
Wych can help providers in Australia do the heavy lifting on achieving and maintaining compliance as a data holder. Connect to the Australian CDR ecosystem using our white label Data Holder Service and significantly reduce operational costs. We provide consent management, a full suite of APIs, identity and access management.