Open Banking
Easily and securely share your banking information with organisations that you trust.
What is Open Banking?
Open Banking gives you, as an Asgard customer, the ability to share your banking data with other parties you trust, including other banks, online
What is the Consumer Data Right?
The Consumer Data Right is a law which provides eligible individuals or organisations with the right to request access to generic data relating to banking products and services that we offer (product reference data), as well as share data about eligible products and services that relate to you as an individual or organisation (consumer data).
The Consumer Data Right puts control of your data in your hands. In relation to the banking sector, the Consumer Data Right is referred to as "Open Banking".
What's New for Open Banking?
On 1 November, Asgard commenced data sharing for non-individual (Organisation) customers. Organisation customers will be able to nominate one or more individuals to data share on behalf of the Organisation. Asgard Organisation customers will need to complete the Open Banking Data Sharing Authority form to provide the nomination before a nominated representative can grant, amend and manage data sharing consents on behalf of the Organisation. Organisation customers can remove data sharing authority at any time by completing the Open Banking Data Sharing Authority form. For more information on data sharing, see How do I share my in-scope Asgard data for Open Banking?
Consumer data sharing for Open Banking has been live for Asgard from 1 February 2022, with cash management accounts available for data sharing.
Frequently Asked Questions
When did Open Banking launch?
On 1 October 2020 Asgard commenced data sharing for product reference data via our public Open Banking Product API, in line with the Government’s phased implementation of the Open Banking regulations. Product reference data can be used by third parties to make comparisons of products and prices across the market.
On 1 February 2022 Asgard commenced consumer data sharing, allowing eligible customers to share their data for in-scope products with ADRs.
Why is Open Banking good for customers?
One of the purposes of Open Banking is to increase competition across financial services and potentially allow customers to negotiate better deals and save money. Open Banking means that you will be able to share your data with Accredited Data Recipients (ADRs). This will give you access to products and services offered by ADRs that may suit your needs.
How do I share my in-scope Asgard data for Open Banking?
The Asgard products which are in-scope for data sharing are issued by St. George, which is part of the Westpac Group. Asgard customers can share their in-scope data through St. George internet banking. Customers who are already registered to bank online via St.George internet banking can share their data with Accredited Data Recipients (ADRs). Customers who are not registered for St.George internet banking must register on St.George internet banking before they can start sharing their data with ADRs.
Why does an Asgard customer need to register with St.George internet banking to share their data?
St. George is the product issuer of Asgard Open Banking eligible products. Access to Open Banking for St. George issued products is provided through St.George internet banking.
Is Open Banking secure?
Asgard is committed to ensuring that your data is safe including via Open Banking. Customers who want to use Open Banking will need to be registered for St.George Internet Banking . See “Why does an Asgard customer need to register with St. George internet banking to share their data” above, for more information.
Accredited Data Recipients (ADRs) who are providing products or services under Open Banking must comply with privacy and security requirements and be accredited by the Australian Competition and Consumer Commission (ACCC).
Can I opt out of Open Banking?
It is entirely your choice if you wish to use Open Banking. Open Banking requires you to be registered for St.George Internet Banking to authorise data sharing with an ADR. You will use your Customer Access Number (CAN) and a One Time Password, through Secure Code, to authorise any sharing of information. If you change your mind you can revoke your authorisation to share data with ADRs at any time using your data sharing dashboard accessed through your Internet Banking.
For organisation customers, Open Banking requires you to nominate one or more Nominated Representatives (Individuals) who will act on your organisation’s behalf to share data with an ADR. They will use their own CAN and a One Time Password, through Secure Code, to authorise any sharing of information.
Why would I ask for my data to be shared?
You may ask us to share your Asgard consumer data, or other consumer data you have given us permission to collect, in order to get a banking product or service from another organisation, such as another bank.
For example, if you apply for a loan with another bank and they request to see data on your Asgard cash management account as part of their assessment, you can give us permission to share your Asgard consumer data relating to that cash management account with them if they are accredited to receive data by the ACCC.
How do I grant consent for Asgard to share my data?
To start the consent process, you will need to visit the Open Banking consent portal of the Accredited Data Recipient (ADR) you wish us to share your data with. This ADR may be another bank or fintech. Once you have granted your consent to the ADR to collect data on your behalf through their consent portal, you will be connected to St.George internet banking, where we will ask you to authorise us to share your data with the ADR.
For organisation customers, your Nominated Representative(s) will need to visit the Open Banking consent portal of the ADR you wish us to share your data with (see “What’s New for Open Banking” above for more information about data sharing authorities and Nominated Representatives). An organisation must have at least one active Nominated Representative before we can share data with an ADR.
Your Nominated Representative(s) can only share data from the Organisation’s solely-owned accounts.
Will my consumer data only be shared with my consent?
Under the Consumer Data Right, we will only share your Asgard consumer data with another organisation if you give us permission to do so.
You can use your data sharing dashboard in internet banking to track all the permissions you have given to us to share your data. We will always notify you via the data sharing dashboard as soon as practicable after sharing your data.
Can I cancel my consent?
You may withdraw your permission for us to share your consumer data on any account at any time by using your data sharing dashboard through internet banking.
Once your permission for us to share your data has been withdrawn, we will no longer share your data and will provide you with a notice of this as soon as practicable.
For organisation customers, Nominated Representatives may withdraw permission for us to share your consumer data on any account at any time by using the data sharing dashboard through St.George Internet Banking.
Can I view or manage my consent?
Your data sharing dashboard on internet banking will show you all your active consents and any previous consents that you have provided, which have expired or been revoked or cancelled.
For organisation customers, only Nominated Representatives have access to view any active and archived consents that have been provided. All Nominated Representatives will view the same dashboard and can revoke or cancel a consent regardless of which Nominated Representative granted or amended the consent.
How long does my consent remain active?
When creating your consent, you can select how long you would like it to stay active. A consent may be for a one time share or you may select a period of up to 12 months. The maximum time limit for consent to remain active is 12 months, before it will expire. If you would like to continue sharing data once it has expired, you will need to create a new consent.
You may choose to create more than one consent or different consents for different accounts, depending on the information you wish to share and the length of consent you would like to give.
Some Accredited Data Recipients (ADRs) may also allow you to amend an active consent on your data sharing accounts. By visiting the ADR’s app, you may have the option to extend a consent or change the accounts within the consent. This can only be activated through the ADR.
Can I share data from my joint accounts?
On 4 August 2022, Asgard commenced the implementation of data sharing for joint accounts held by individual customers.
Key changes:
- Asgard will enable all eligible joint accounts for data sharing, consistent with the Consumer Data Right rules and obligations.
- When a joint account is ‘enabled’ for data sharing, any account holder will be able to authorise consent to data sharing with an Accredited Data Recipient (ADR). When the joint account is ‘enabled’, any Open Banking data sharing authorisations created by one account holder are taken to have been pre-approved by all account holders. This means that any joint account holder can authorise Asgard to share data on the joint account with an ADR, without requiring further approval from any other joint account holder, when Asgard receives a valid data sharing request from an ADR in respect of that joint account. This is despite any existing banking authorities that apply to the joint account (e.g., 'more than one to sign', etc).
- Any joint account holder can at any time view the joint account's data sharing option or change it to disabled at any time through the online consent dashboard in which is accessed through St.George Internet Banking (see “Why does an Asgard customer need to register with St.George internet banking to share their data?” in the FAQ below for more information). Once the data sharing is set to disabled:
(a) data sharing will cease for the joint account with respect to any existing data sharing authorisations;
(b) no joint account holder will be able to share data from that account;
(c) any subsequent request made on the online consent dashboard in Internet Banking to enable data sharing on the joint account will need to be approved by all joint account holders within a specified period of time.
Joint account holders will always be notified whenever the data sharing status of the joint account changes.
How do I create and remove a Nominated Representative to share data for my Organisation?
Organisations must complete the form as required by Asgard to nominate or remove an Nominated Representative.
Each Nominated Representative must have their own individual credentials to access Internet Banking.
Can my Organisation have more than one Nominated Representative?
The organisation may nominate as many Nominated Representatives as they would like through the Nominated Representative form.
Note, each Nominated Representative must have individual access to St.George Internet Banking and will access the Consent Portal on behalf of the Organisation via their own credentials.
Why am I unable to add a Nominated Representative?
The Nominated Representative must meet eligibility criteria i.e. be 18 years, have internet banking access.
What can a Nominated Representative do?
Nominated Representatives will act on behalf of the Organisation, to grant, amend and manage authorisations to share data with an ADR. All nominated representatives will have the same view of the Organisation's dashboard and can manage authorisations even if they were not originally initiated by them.
What happens to existing data sharing consents if I remove a Nominated Representative’s authority to share data?
Asgard will continue to share data unless another Nominated Representative removes the authorisation or the consent expires. If all Nominated Representatives are removed, Asgard will stop sharing data with the ADR.
I’m a customer with another bank. How do I put a request in to have Asgard receive my available Open Banking data?
Westpac Group has been approved by the ACCC as an Accredited Data Recipient under the Consumer Data Right/ Open Banking. At this stage Asgard is not receiving Open Banking data from other banks. Ultimately Open Banking should result in customers getting better access to products that meet their needs. We are excited about the possibilities from Open Banking and over time we expect to allow customers to use Open Banking to more easily bring their banking data from other banks to Asgard. In the meantime, your Asgard consultant is able to discuss suitable products with you and assist with data required from other financial institutions to support your needs.
Is there a process a potential new customer could take to have their data brought over to Asgard?
As Asgard launches services that make use of Open Banking, we will provide information to help customers use these services including transferring their Open Banking data from other banks to Asgard. We will continue to update this internet page with updates as further data sharing services become available.
Consumer Data Right (CDR) Policy
Asgard is a member of the Westpac Group. The Westpac Group CDR Policy provides information about how Asgard manages data under the Consumer Data Right.
Consumer Data Right (CDR) Policy (PDF 1MB)
Self-reported implementation gaps we’re rectifying
To learn more about our implementation gaps, please see the table below:
Implementation Gap | Proposed Resolution Date | Current Status |
---|---|---|
1.Secondary User Indication Rules Westpac Banking Group received guidance from the ACCC in a letter dated 26 October on the interpretation of rules concerning an account owner’s ability to restrict authorised Secondary Users from further data sharing for specific accredited persons. Westpac Banking Group have delivered functionality that allows an account owner to stop continuing data sharing consents authorised by secondary users to ‘an accredited person’. This functionality is in place for all currently delivered scope. |
TBC | In Progress |
2.Westpac is not providing error messages/ redirects to Accredited Data Recipients in some circumstances where consumers do not complete the consent flow. | 30 November 2024 | In Progress |
To see the implementation gaps for Westpac Group, please check the ACCC CDR rectification schedule (under the section Major Data Holders, for Westpac).