The Consumer Data Right regime gives organisations the opportunity to become an accredited data recipient. The rewards are plentiful - but there's a lot to lose if you fall behind.

The Consumer Data Right (CDR) is a win-win situation for both the businesses and the consumers. It gives organisations the opportunity to become accredited data recipients giving them a unique chance to gain a competitive edge and providing Australian residents with better choice, access and control of their data. Initially, it is applied to the banking industry, with telecommunication and energy retailers following soon after.

Since its implementation in 2019, the CDR regime has begun its transformation and digitisation of the Australian economy. Data holders are required to transfer customer data if requested by the customers. In July 2021, the 'Consumer Data Right Strategic Assessment Consultation Paper' was released by the Treasury mentioning the expansion of CDR to a whole range of sectors covering almost the entire economy. This will be in action over time. Hence, the opportunity to become an Accredited Data Recipient (ADR) is now available to all sectors.

Cyber Security Service india illume consultancy bangalore cochin



The ability to easily share data paves the way for new products and services, making it easier for individuals and businesses to compare products, helping to switch providers for the better deals. This will encourage more competition in the market leading to lower prices. CDR gives more choice, control and convenience to the consumers. It's an opt-in service, meaning one can choose whether to use it or not. CDR requires the organisations open to sharing consumer's data to third parties must obtain user consent for data sharing and apply strong customer authentication for services. All CDR accredited providers must follow strict rules and regulations for data security.   


CDR regulation

The OAIC and Australian Competition and Consumer Commission (ACCC) jointly regulate CDR. OAIC enforces the privacy safeguards and privacy-related rules along with advising the minister and CDR agencies on the privacy implications of the CDR rules and data standards. whereas ACCC enforces the CDR rules and data standards and carries out strategic enforcement. The ACCC also accredits data recipients, manages suspensions and revocations of accreditation, and maintains a register of accredited persons.


Why CDR?

Efficient functions

Improved operational efficiency and safety

Business value

Increased trust from the clients and stakeholders

New Options

New business opportunities for the innovative organisations

Competitive edge

Gain and competitive advantage to early investors

Better understanding

Access to customer data will help in a better understanding of customers' needs

What Illume Offers
  • 1. Application programming interface (API) security with Financial grade API (FAPI) specifications
    2. Open standards-based support for the CDR specification (OAuth 2.0, OIDC, UMA)
    3. Privacy and consent features with a user-friendly dashboard
    4. Robust multi-factor authentication (MFA) options with Intelligent Authentication
    5. Data residency and data sovereignty
    6. Flexible consumption or deployment options for any environment

Book a free consultation call for your organization

Discover Our Latest Resources - Blog