ACCC & DSB | CDR Implementation Call Agenda & Meeting Notes | 23rd of March 2023
When: Weekly every Thursday at 3pm-4:30pm AEDT
Location: Microsoft Teams
Meeting Details: Join on your computer, mobile app or room device Click here to join the meeting
Meeting ID: 446 019 435 001
Passcode: BU6uFg
Download Teams | Join on the web
Join with a video conferencing device
teams@vc.treasury.gov.au
Video Conference ID: 133 133 341 4
Alternate VTC instructions
Or call in (audio only)
+61 2 9161 1229,,715805177# Australia, Sydney
Phone Conference ID: 715 805 177#
Find a local number | Reset PIN
Learn More | Meeting options
- Introductions
- Actions
- CDR Stream updates
- Presentation
- Q&A
- Any other business
- 5 min will be allowed for participants to join the call.
We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.
We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.
The Consumer Data Right Implementation Calls are recorded for note taking purposes. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material shall be provided without the participant's consent. Participants may contact@consumerdatastandards.gov.au should they have any further questions or wish to have any material redacted from the record.
By participating in the Consumer Data Right Implementation Call you agree to the Community Guidelines. These guidelines intend to provide a safe and constructive space for members to discuss implementation topics with other participants and members of the ACCC and Data Standards Body.
| Type | Topic | Update |
|---|---|---|
| Standards | Version 1.22.1 published 22nd of March 2023 | Version 1.22.1 Change Log |
| Maintenance | Iteration 14 Working Group agenda for 22nd of March 2023 published |
Check out the agenda here |
| Maintenance | Iteration Candidates are in consultation | Check out the Project Board See "Iteration Candidates" column for the list |
| TSY Newsletter | To subscribe to TSY Newsletter | Link here |
| DSB Newsletter | To subscribe to DSB Newsletter | Link here |
| TSY Newsletter | 21st of March 2023 | View in browser here |
| DSB Newsletter | 17th of March 2023 | View in browser here |
| Consultation | Decision Proposal 229 - CDR Participant Representation | Placeholder: no close date Link to consultation |
| Consultation | Decision Proposal 267- CX Standards Telco Data Language |
Feedback extended with an end date to be determined pending the making of the telco rules. Link to consultation |
| Consultation | Decision Proposal 275 - Holistic Feedback on Telco Standards | No Close Date Link to consultation |
| Consultation | Noting Paper 276 - Proposed v5 Rules & Standards Impacts | No Close Date Link to consultation |
| Consultation | Noting Paper 279 - Accessibility Improvement Plan | No Close Date Link to consultation |
| Consultation | Decision Proposal 288 - Non-Functional Requirements Revision |
Feedback 31st of March 2023 Link to consultation |
| Consultation | Noting Paper 292 - Approach to developing Data Standards for the Non-Bank Lending Sector |
Feedback 24th of March 2023 Link to consultation |
| Consultation | Noting Paper 280: The CX of Authentication Uplift | UPDATE: See NP296 for continuation of consultation |
| Consultation | Noting Paper 296 - Offline Customer Authentication |
Feedback 17th of April 2023 Link to consultation |
Provides a weekly update on the activities of each of the CDR streams and their stream of work
| Organisation | Stream | Member |
|---|---|---|
| ACCC | CDR Register | Eva |
| ACCC | CTS | Andrea |
| DSB | CX Standards | Michael |
| DSB | Technical Standards - Banking & Infosec | Mark |
| DSB | Technical Standards - Energy | Hemang |
| DSB | Technical Standards - Telco | Brian |
| DSB | Technical Standards - Register | James |
| DSB | Engineering | Sumaya |
None this week.
Questions will be received by the community via Microsoft Teams chat before the questions are opened to the floor. Participants can submit questions outside of the CDR Implementation Call to the CDR Support Portal.
In regards to topics for questions, we ask the participants on the call to consider the Community Guidelines when posing questions to the subject matter experts.
| Ticket # | Question | Answer |
|---|---|---|
| 1896 | In the implementation call today there was discussion about whether payees provided should be those relating to the nominated rep or to the organisation they are acting for. I made the observation that we (Bendigo) do not have organisational eBanking accounts so there are no organisational payees. Further we would only ever have personal customer information provided and nothing prevents a customer from including both personally owned and organisationally owned accounts in the same consent. Stuart Low indicated that the rules demand that the consent flow, in our circumstances, introduces a profile selection, and that the resulting consent must contain only personal or organisational accounts. Is there any rule or rules that indicate this or any other documentation that addresses this? | The CX Standards, under 'Consent, Authenticate, and Authorise', provides: Authorisation: Account selection Data holders MUST allow the consumer to select which of their accounts to share data from if the data request includes account-specific data and if there are multiple accounts available. The Data holder MAY omit this step if none of the data being requested is specific to an account (e.g. Saved Payees). Data holders MAY add a 'profile selection' step or equivalent prior to the account selection step if a single identifier provides access to different customer accounts. For example, one customer ID may give access to business customer and individual customer accounts. In addition, CDR Rule 4.24 requires that when asking a CDR consumer to authorise the disclosure of CDR data or to amend a current authorisation, the data holder must not add any requirements to the authorisation process beyond those specified in the data standards and these rules. Having regard to rule 4.24, the 'profile selection' step should only be considered if it is an existing customer experience, and should be as minimal as possible to avoid introducing unwarranted friction for the CDR consumer. |
| 1898 | Some ADRs are sending same interaction id for Get Transaction API for more than 1 request. This results in duplicate interaction ids in our DH solution and results in average response calculation in get metrics resulting in incorrect, negative or large positive values when the volume of such requests is high. Our understanding is ideally every request should have unique interaction id to distinguish that request form other requests to same endpoint. Could you confirm our understanding? | An ADR may appear to be repeating a request with the same x-fapi-interaction-id if they are re-sending the same request, perhaps because they did not receive a complete response back, for example. In any case, it is up to the ADR to determine what to send as the x-fapi-interaction-id value for any particular request and the data holder should play-back that value or generate a new one, if one was not received. The general guidance would be that there is an expectation for the x-fapi-interaction-id to be unique for each request, for the benefit of both sides. The x-fapi-interaction-id should not be a factor in Get Metrics calculations. Get Metrics invocations should be based on all invocations received, and not aggregated by x-fapi-interaction-id. |
View a number of informative and useful links in the Consumer Data Standards Guide on Information Links.
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
 |
 |
 |