The step-by-step process
- Applicant applies for an account to access Consumer Data Right Participant Portal
In this step, an account is created for the applicant’s organisation, which will need to verify their identity. This must done by an office holder of the organisation.
- Applicant receives activation code
The ACCC sends an activation code to the applicant.
- Applicant logs in and applies
The primary business contact logs into the portal and starts an application.
- Non-ADI applicants must complete the standard application form.
- Authorised deposit-taking institutions (ADIs) can complete a streamlined application form.
- Applications can be saved and continued later.
- Applicant submits application
After an application is submitted it can be viewed but not changed. The applicant can, however, ask for changes or submit additional information.
- ACCC checks application is complete
If an application is incomplete, it will be returned.
- ACCC makes decision
The ACCC may accredit the applicant, accredit the applicant with conditions or refuse to accredit the applicant.
- Applicant receives outcome
The ACCC informs the applicant of the outcome.
- Applicant must pass onboarding requirements
Accredited data recipients need to pass Consumer Data Right Register onboarding requirements, including a level of conformance testing, before they can be added to the Consumer Data Right Register. Accreditation then takes effect. When accreditation is granted, applicants receive an accreditation number.
To become accredited, applicants must demonstrate that they:
- are a fit and proper person/organisation to manage Consumer Data Right data
- have taken steps to adequately protect data from misuse, interference, loss, unauthorised access, modification or disclosure
- have internal dispute resolution processes meeting the requirements of the Consumer Data Right Rules (for banking, this means their processes must comply with provisions of the Australian Securities and Investments Commission’s Regulatory Guide 165 Licensing: Internal and external dispute resolution)
- belong to a relevant external dispute resolution scheme
- have adequate insurance to compensate Consumer Data Right consumers for any loss that might occur from a breach of the accredited data recipient’s obligations
- have an Australian address for service.
In banking, applicants who are ADIs (and are not a restricted ADI under the Australian Prudential Regulation Authority’s framework) meet the criteria for streamlined accreditation.
Sample application forms
Applications for accreditation must be made through the online application form in the Consumer Data Right Participant Portal. However, to prepare you can download a sample application form with all the questions from the online form. The streamlined version of the form is available only for applicants who are ADIs.
- Consumer Data Right Accreditation: Sample Application (Full)
- Consumer Data Right Accreditation: Sample Application (Streamlined banking sector)
For more information, see the Consumer Data Right Accreditation Guidelines.
Also see Consumer Data Right Supplementary Accreditation Guidelines – Insurance and Supplementary Accreditation Guidelines – Information Security, and Accreditation Control Guidance, which should be read together with the Consumer Data Right Accreditation Guidelines.
You may also like to look at the Consumer Data Right Participant Portal User Guide.