Consumer data right (CDR)

Project overview


On 26 November 2017, the Australian Government announced the introduction of a consumer data right (CDR) in Australia. The CDR will give consumers greater access to and control over their data. It will improve consumers’ ability to compare and switch between products and services, and will encourage competition between service providers, leading not only to better prices for customers but also more innovative products and services.

The Government determined that the CDR will first apply to the banking sector, followed by the energy sector. The telecommunications sector is currently proposed to follow.

The introduction of CDR in the banking sector will provide consumers with access to, and the ability to safely transfer, their banking data to trusted parties.

The CDR will be introduced into the banking sector in phases. Consumer data relating to credit and debit cards, deposit accounts and transaction accounts will be made available from 1 July 2020. Consumer data relating to mortgage and personal loan data will be able to be shared after 1 November 2020. The current implementation timetable for Consumer Data Right in banking is available at: Commencement of CDR Rules.

As the lead CDR regulator, the ACCC has been given a number of new roles including:

  • making the CDR Rules
  • accrediting potential data recipients
  • establishing and maintaining a Register of Accredited Persons
  • monitoring compliance and taking enforcement action where necessary
  • recommending future sectors to which the CDR should apply
  • communicating with and educating consumers and other stakeholders about their rights and obligations under the CDR.

The ACCC will work with the Office of the Australian Information Commissioner (OAIC) and the Data Standards Body (DSB) in the development and implementation of the CDR.

The DSB are responsible for the creation of the technical standards for the sharing of consumer data. The current version of the standards is available at: Consumer Data Standards.

The OAIC are the primary complaints handler under the CDR scheme. The OAIC will have a range of investigative and enforcement powers to handle privacy complaints and carry out other regulatory activities with respect to privacy. The OAIC have released a draft version of the Privacy Safeguard Guidelines.

The ACCC, OAIC and DSB have and will continue to consult extensively with industry, consumer and privacy groups, and government bodies as the CDR rolls out.


Stages Date

Subscribe to updates

Sign up to the ACCC’s consumer data right newsletter to receive updates on our consumer data right work for open banking and energy.


More information

For a full list of media releases, speeches and newsletters about the consumer data right, see:
Latest communications