Data Standards Advisory Committee, Meeting Minutes
Date: Wednesday 8 April 2020
Location: Held remotely via WebEx
Time: 14:00 to 16:00
Meeting: Committee Meeting No: 20
- Andrew Stevens, DSB Chair
- Kate Crous, CBA
- Emma Gray, ANZ
- Mark Perry, Ping Identity
- Ross Sharrott, MoneyTree
- Lauren Solomon, CPRC
- Stuart Stoyan, MoneyPlace
- Jamie Twiss, Westpac
- Mal Webster, Endeavour Bank
- Andy White, AusPayNet
- Barry Thomas, Data61
- James Bligh, Data61
- Rob Hanson, Data61
- Jarryd Judd, Data61
- Terri McLachlan, Data61
- Michael Palmyre, Data61
- Mark Staples, Data61
- Mark Verstege, Data61
- Bruce Cooper, ACCC
- Paul Franklin, ACCC
- Ying Chin, OAIC
- Daniel McAuliffe, Treasury
- Lisa Schutz, Verifier
- Erin Turner, Choice
- Patrick Wright, NAB
The Chair of the Data Standards Body (DSB) opened the meeting and thanked all committee members and observers for attending meeting no 20.
The Chair wanted to acknowledge the COVID-19 situation that everybody is currently dealing with both personally and corporately and the magnitude of the challenges ahead.
The Chair noted that the DSB are now operating 100% virtually and there has been no reduction in work rate or productivity. It was noted we are working very effectively across energy and banking and we're maintaining the current rate and pace in everything we're doing.
The Chair noted that the CX Working Group has completed two rounds of consumer research, produced a CX Report and continued to consult on the standards and guidelines.
The Technical Working Group closed the first consultation in the electricity sector, completed the second Maintenance Iteration and completed the v1.3.0 content for the standards.
The Chair noted that the DSB has also held a meeting to discuss how the CDR should approach identity, a short summary of which has been provided to the committee. There will also be a summary report developed.
The Chair noted that Michael Murphy from APRA has been nominated to replace Matt Clifford as an Observer on the committee. Michael is the Senior Manager in the Data Analytics & Insights Branch in the Cross-Industry Insights and Data Division. He was an apology for today’s meeting.
The Chair introduced Jarryd Judd, the new Engagement & Support Manager who joined the team in March. Jarryd’s last role was as Service Product Manager at NAB where he led the platform and its team in customer-focused product development. The Chair welcomed Jarryd and is delighted to have him on board.
Jarryd Judd noted that he is currently getting up to speed and meeting everyone. At NAB, he was working on the technical side of customer focused platforms, including open banking. He has now jumped across the fence to join the DSB team and to help steer this initiative from the Data61 side.
The Chair noted that Lisa Schutz (Verifier), Erin Turner (Choice) and Patrick Wright (NAB) are apologies for the meeting.
The Chair thanked the Committee Members for their comments and feedback on the Minutes from the 11 March 2020 Advisory Committee meeting. The Minutes were taken as read and formally accepted.
The Chair noted that the Action Items were either completed or would be covered off in scheduled discussions.
One observer noted in regards to the Action Item on negative interest rates and whether they are supported by this regime, the Reserve Bank has recently issued minutes from a monetary policy meeting where they said that they have no appetite for negative interest rates.
Working Group Update
A summary of progress since the last committee meeting on the Working Groups was provided in the Committee Papers and was taken as read.
A further update was provided on the Technical Working Group by Mark Verstege as follows:
The DSB noted that the second Maintenance Iteration closed on 3 April 2020 and the scope for that Maintenance Iteration was circulated to the Advisory Committee and approval from the Chair was received on 6 April 2020. It was noted that guidance has been provided to the community via GitHub.
The DSB noted that in summary there were thirteen change requests that were considered in this iteration, seven were adopted, five resulted in no change and one was carried over at the request of the bank (that posted the change request) to Maintenance Iteration # 3. The changes of the iteration are still pending, as they’re waiting on the current consent decision proposal that is due to close consultation this week. It was noted that the Working Group will review the feedback next week along with the Maintenance Iteration and change request which form the scope of version 1.3.0 from a technical perspective. It was noted that there are also some CX changes.
The DSB noted that as far as future dated obligations go, they are looking at concurrent consent currently set to November, however they’re mindful that ACCC will be providing some guidance with respect to the compliance dates due to COVID-19.
The DSB noted that last week they received an urgent change request on behalf of one of the major banks around client authentication between data recipients and data holders. The request was to change the standards based on the bank’s understanding and interpretation of the underlying OAuth standards. It was noted however, that based on community feedback in consultation, there was broad consensus that no change to the standard was required. The bank who raised the change request seem to be comfortable at the moment and have retracted the request. The DSB understands that they are still having some issues around how they going to handle this so they have intentionally kept that change request open as part of the Maintenance Iteration # 3 consultation.
The DSB noted that Maintenance Iteration # 3 commenced on Monday 6 April 2020 with the first Backlog Review priority session held on Thursday 9 April 2020. The purpose of that call was to discuss the outstanding change requests submitted by the community and define the high-level scope for this iteration. It was noted that the iteration is an eight-week cycle with the first two weeks being for backlog grooming and discussion of scope with the community.
A further update was provided on the UX work stream by Michael Palmyre as follows:
The DSB noted that as stated in the papers, they have completed two rounds of consumer research on key Phase 3 issues and also just finished a third round which focused on joint accounts and flows to gain some insights on that front.
The DSB noted that they have also been working through a few issues raised in the guidelines and standards which will provide more clarity and address some minor defects and points for the next release.
The DSB noted that they have published their CX Report which covers the first two rounds of Phase 3 consumer research which focused on energy, joint accounts, and the right to delete, and contain findings on trustworthiness, propensity to share, and comprehension when it comes to CDR data sharing experiences.
The DSB noted that they have published two consultation papers, one on “Joint Accounts” and one on “CDR Logo use” and the window for feedback closes for both on 9th April 2020. It was noted that they would ideally like feedback to include time estimates for successful implementation of the options in the papers along with any other options raised for consideration.
Daniel McAuliffe from Treasury provided an update as follows:
Treasury noted that at the moment, a lot of their work has been around looking at the timetable and in particular how it is going to be affected by COVID-19. Treasury and the ACCC have consulted with a number of banks and FinTechs including people who are involved in the initial launch and also some involved in the later stages. It was noted that it has become clear that there has been some impact on the implementation timetable and that the 1 July 2020 date for systems going into production with unrestricted customer access may have become more challenging.
The Treasury noted that with the ACCC they have put together a proposal to the Government on some proposed changes to the timetable. They are hoping to get a decision from Government quite quickly but things are pretty busy at the moment.
Treasury noted that it is clear that as a consequence of any changes to the timetable, the awareness campaign which was scheduled to be launched in August may have to be pushed back.
Treasury noted that the Future Directions for the Consumer Data Right Inquiry by Scott Farrell has also been impacted by COVID-19 and in particular, a lot of the people in the industry in payments who they want to hear from in terms of payment initiation and the write access elements of the inquiry have not had the capacity to devote an appropriate level of time to submit a submission. It was noted that they will also be making an announcement shortly regarding a potential delay for dates for submissions on the paper that has gone out and changes to the overall timetable of the inquiry and the target date for reporting to Government.
Treasury noted that they are in the process of drafting the Designation Instrument (DI) for the Energy Sector which has also been delayed because of drafting resources having to go to COVID-19 related legislation. It was noted that the drafting is now occurring and they hope to get that in the next couple of weeks. They are aiming to consult on the draft DI and make a DI before the 30 June 2020.
Treasury noted there is an independent Privacy Impact Statement (PIA) that is currently being conducted by KPMG and they should be going out to stakeholders seeking views in the next week or so. The PIA is a supplementary PIA and it will not revisit issues that have already been looked at in the previous PIA it will be looking at the ‘delta’.
The Chair noted that on energy, the DSB have completed the first consultation in the Energy Sector where they received good feedback and are due to hold a data related workshop virtually in late April.
Paul Franklin & Bruce Cooper from ACCC provided an update as follows:
The ACCC noted that following consultation with the banks and data recipients, they have put a proposal to the Treasurer outlining a proposed adjustment to the implementation timeframe. The key message is there is a strong desire to press ahead with implementation, but there is a recognition that there are impacts from COVID-19. The ACCC proposal is not to immediately change the rules but rather to consider granting specific exemptions. If required, the ACCC indicated they could adjust the rules at a later date to reflect the reality of the waivers.
ACCC noted that for Product Reference Data (PRD) the obligation to share Phase 1 products for minor banks and Phase 3 products for major banks commences on 1st July 2020. It was noted as soon as they have any guidance back from the Treasurer they will provide more details about any changes and announce them publicly.
ACCC noted that industry testing is proceeding albeit at a slower rate, but they are very keen to ensure that it continues in the near term so any issues or defects in the register that need to be fixed before they go live (as planned in May), can be found and fixed as soon as possible.
ACCC noted in relation to the implementation of the register and accreditation platform, user acceptance testing is proceeding and the production environment has been implemented. The accreditation platform, subject to user acceptance testing, is more or less ready to go but they haven’t yet made a decision about when the fire wall will be opened to allow access by new data recipients to enter the CDR ecosystem quickly, once the initial participants had demonstrated the system was secure and robust - soon after the end of the planned managed rollout period.
ACCC noted that Daniel Ramos has joined ACCC as the new General Manager for Operational Delivery which includes responsibility of all technology platforms that support the CDR within ACCC.
One member asked ACCC when they should expect data intermediary rules guidance or has this been delayed. ACCC noted that they expect new Rules would take effect in the second half of the year and advised that it would be necessary to consult on the privacy implications of proposed amendments.
ACCC noted that they are very conscious of the cost implications of any potential delays and in the consultations with data recipient participants there were some who were on track and others who were not. Whilst all the major banks had very similar impacts relating from COVID-19 there was a much more mixed story in relation to FinTechs, some quite welcomed the opportunity for a delay and others argued to retain the July start date. They noted that there is no proposal to offer any compensation, but they are very conscious of wanting to reduce the cost impact to data recipients as much as they reasonably can.
ACCC noted that the they would advise industry regarding any updates to the implementation schedule as soon as possible.
One member noted that the term for this Advisory Committee is due to expire on 30 June 2020 and whether the Chair will be continuing the membership. The Chair noted that he will review and provide an update at the next meeting.
The Chair advised that the next meeting will be held remotely on Wednesday 27 May 2020 from 2pm to 4pm.
Closing and Next Steps
The Chair thanked the Committee Members and Observers for attending the meeting and for being fulsome in asking questions and probing the issues. The Treasury, ACCC, OAIC & DSB really appreciate the contributions that everyone is making to making this regime a reality.
Meeting closed at 2:40