Open banking allows you to securely share selected banking information, such as account balances or transaction history, with trusted financial services.
With your permission, your bank can send this information directly to the service, streamlining the cumbersome admin process often involved, and making it easier to access more personalised financial tools and insights.
Because the information comes directly from your bank, it can be shared quickly and securely without needing to download statements or manually upload documents.
You might encounter open banking when you:
In many cases, you won’t realise open banking is being used until you reach a step where you’re asked to securely connect your bank account.
At that point, open banking is simply the technology used to safely transfer the information needed to provide the service you’re signing up to use.
Behind the scenes, open banking uses secure digital connections called Application Programming Interfaces (APIs) to transfer information directly from your bank to the service provider.
Open banking began rolling out in Australia in 2019 as part of a broader system called the Consumer Data Right (CDR).
For many years, banks and large institutions held detailed customer information, but consumers had few simple ways to access or reuse it. The CDR was introduced to give people greater control over the data businesses hold about them and use it to their benefit.
Currently, CDR is active in banking (open banking) and energy, with plans to expand into other areas such as non-bank lending, telecommunications, and superannuation.
Australia is one of the few countries building a whole-of-economy data-sharing framework, meaning that over time people will be able to use their data across multiple industries — not just banking.
Adoption of open banking is steadily increasing as more services begin using the technology. According to the FinTech Australia’s Australian Open Banking Ecosystem Map and Report, more than 530,000 Australians were actively using CDR products and services in the second half of 2024 (a 135% increase compared to the previous six months).
Open banking isn’t an informal data-sharing arrangement. It operates under clear rules designed to prioritise and protect your privacy and security.
In Australia, the CDR is regulation-led, meaning it operates under strict rules set out in Australian law and enforced by the Australian Government. Organisations that fail to follow these rules face enforcement action, and significant penalties.
Several government bodies help design, oversee, and run the system:
Many financial services need access to financial information to work properly.
For example, a budgeting app may need to understand your spending, a lender may need to verify your income, or a tax tool may need transaction data to prepare your records.
This isn’t new. Financial information has always been required for many services.
In the past, providing this information often meant downloading bank statements, collecting documents, or manually entering details into online forms. For example, you may have previously:
These are all forms of data sharing. They allow services to access the information needed to provide a product or complete a process.
However, traditional methods can be slow and sometimes less secure. Documents often need to be downloaded, uploaded or emailed before they can be reviewed, and information may need to be manually checked or entered into systems.
Open banking provides a simpler alternative. Instead of sending documents yourself, your bank can securely share approved financial information directly with the service.
With open banking, your bank securely transfers the approved information directly to the accredited provider.
Because the data comes straight from your bank, it’s typically more accurate and secure than older methods like emailing documents or uploading statements.
Importantly, you remain in control of the process. You can see exactly what data is being shared, who it’s being shared with, and how long access will last. You can also stop sharing your data at any time.
Open banking can make many financial tasks easier.
For consumers, this can mean:
Open banking is already being used in many everyday financial services, from budgeting tools to loan applications and investing platforms.
Below are some examples of how it’s being used today.
Open banking is already supporting a wide range of financial tools and services. Here are some common ways people in Australia are using it today.
Take a look at: Lending · Personal finance management · Wealth and investing · Accounting and tax
When you apply for a loan, lenders need to understand your financial position. Traditionally, this meant collecting bank statements and other documents and sending them manually.
With open banking, lenders and mortgage brokers can ask if you'd like to securely share your financial data directly from your bank instead.
If you agree, your bank can share information such as account balances, transaction history, income and spending patterns directly with the lender. Because the data comes directly from the bank, it is verified and provided in a consistent digital format.
This allows lenders to quickly build a clear picture of your finances without relying on manually uploaded documents.
Mortgage brokers were among the earliest adopters of open banking in Australia, using it to streamline loan applications and financial assessments. In many cases, once consent is provided, the required data can be shared with a broker in around seven minutes.
While it's most commonly used for home loan applications, open banking can also support personal loans and some business lending by helping lenders understand income, spending patterns and overall financial position.
Budgeting and money-management apps can securely connect to your bank accounts using open banking.
With your permission, these apps can receive information such as account balances, transactions and income directly from your bank. This allows them to automatically bring together accounts from different banks into one place.
Once connected, the app can analyse your transaction data and automatically categorise spending, for example groceries, bills, subscriptions or travel. Many tools then provide dashboards showing spending trends, savings progress and overall financial health.
Some platforms also use this information to power digital financial advice tools, helping identify opportunities such as reducing unnecessary spending, paying down debt faster or saving more effectively.
Because the data is updated directly from your bank, the insights provided by these tools can reflect your actual financial behaviour, rather than estimates or manually entered information.
Investment and savings apps can also connect to your bank accounts using open banking.
With your permission, these apps receive information such as transactions, balances and income, helping them understand your financial habits and goals.
Some platforms use this data to automatically invest small amounts of money, for example by rounding up everyday purchases and investing the spare change. Others allow users to set up recurring investments or savings transfers based on their spending and income patterns.
Open banking can also allow investment platforms to display a more complete picture of your finances, including bank accounts, debts and existing investments.
This broader view allows tools to provide personalised insights about saving, investing and long-term wealth building. Some digital wealth platforms and robo-advisers also use this data to tailor investment suggestions based on real income, spending patterns and financial goals.
Similar connections are also used by some superannuation tools, which allow users to make small additional contributions, for example by investing spare change from purchases into their super balance.
Accounting and tax tools can securely connect to your bank accounts using open banking.
With your permission, these platforms receive transaction data, balances and income information directly from your bank. This creates live bank feeds, meaning your financial data updates automatically rather than relying on manual uploads or spreadsheets.
Transactions can then be automatically categorised, for example work expenses, bills or investment income. Some tools also allow you to store receipts, invoices and documents alongside your transactions, helping keep financial records organised in one place.
This information can be used to generate tax summaries, track deductions and prepare information needed for tax returns. It can also be shared with accountants or tax advisers, allowing them to access up-to-date financial data when preparing returns or providing advice.
Open banking might sound technical, but from a consumer perspective, the process is actually quite straightforward. Let's take a closer look at how it works, who is involved, and what happens when you choose to share your data.
The service provider asks you to share your data so it can provide its features, such as tracking spending or viewing account balances.
You select your bank, review what data will be shared and how it will be used, and give your consent.
You verify your identity with your bank, select the accounts to share, confirm the details, and your data is securely transferred.
There are three main parties involved when open banking data is shared:
To understand what this looks like in practice, let’s walk through a common example: connecting your bank accounts to a personal finance management (PFM) app.
The process typically follows these steps:
Some of these steps happen inside the service you’re using, while others happen within your bank’s secure environment. This allows your bank to verify your identity and confirm the request before any data is shared.
Let’s look at each step in more detail.
After signing up for the PFM app, you’ll be prompted to connect your bank accounts. This allows the app to access financial information needed to provide its features, such as:
At this stage, the service is simply asking for permission to request your data.
Next, you’ll be asked to choose the bank or financial institution you want to connect. If you have accounts with multiple banks, you can repeat the process for each one.
For example, you might select:
The service will then know which bank to request your data from.
Before any data is shared, the service provider must clearly explain what they are requesting. This typically includes:
You will be asked to review and approve these details before the process continues.
Importantly, open banking providers must make it clear:
Once you approve the request, you’ll be redirected to your bank’s secure login or authentication process.
This step allows the bank to confirm that you are the person authorising the data sharing.
Verification methods vary between banks but may include:
You may notice the process moves between the service you’re using and your bank’s platform. This is intentional.
The service requests access to your data, but your bank must verify your identity and confirm the request before sharing anything.
This extra step ensures the bank confirms the transfer directly with you.
Inside your bank’s platform, you’ll be able to choose which accounts you want to share.
For example:
You remain in control of which accounts are included in the data sharing.
Before anything is transferred, your bank will show a summary confirming:
You’ll be asked to confirm these details before the data is released.
Once you confirm, your bank securely sends the approved data to the service provider. The PFM app can now use that information to provide its features, such as displaying your balances, analysing spending, and helping you manage your finances.
You remain in control and can stop sharing your data at any time. Permissions typically last up to 12 months, after which they must be renewed.
Sharing financial data is a big decision and it’s normal to have questions.
Below you’ll find answers to common questions that will help you understand how open banking works, what it means for you, and how you stay in control every step of the way.
Yes, open banking is a safe way to share your financial data because it operates within a regulated system and uses secure technology to transfer information.
In Australia it operates under the Consumer Data Right (CDR), a legal framework backed by Australian legislation and regulated by government agencies.
Under these rules: * Only accredited providers can receive your data * You must actively give consent before anything is shared * You’re shown exactly what data will be shared, why, and for how long * You can stop sharing your data at any time * Providers must meet strict privacy and security standards
It’s also safer because of how the data is shared.
Open banking uses secure digital connections (called Application Programming Interfaces, or APIs) that allow your bank to send only the specific information you approve directly to the accredited provider.
You’re redirected to your bank’s secure environment to authorise the transfer, meaning you never share your banking password with the app or service itself. This reduces risks associated with older methods like emailing documents or sharing login details.
There are a few clear signs that a service is using open banking under the Consumer Data Right.
Here are some key indicators to look out for:
Importantly, you should never be asked to give your online banking password directly to the app or service.
You can check whether a business is authorised to receive data under open banking through the CDR Accredited Data Recipient Register.
This public register lists businesses that are fully accredited or authorised representatives of an accredited provider.
Only organisations listed in the register are allowed to receive data under the CDR. If a business isn’t listed, it does not have permission to access your banking data through open banking.
Many providers also explain their CDR accreditation and data-handling practices on their website or privacy pages.
Some financial services need access to your financial information so the product or service can work properly.
For example, lenders may need to verify your income and expenses during a loan application, while budgeting or tax tools may need transaction data to provide insights or prepare financial records.
These are situations where financial data has always been required. Traditionally you would provide it by uploading bank statements or manually entering details. Open banking simply changes how the information is shared.
Instead of sending documents, your bank can securely share the relevant data directly with the service you’re using (with your permission). This can make the process faster, simpler and more accurate.
Your data can only be used for the specific purpose you agreed to.
For example, it might be used to: * Assess a loan application * Verify income or financial information * Provide budgeting tools or spending insights
Under the Consumer Data Right, accredited providers: * Can only use your data for the purpose you consented to * Can’t use it for unrelated marketing,* Can’t sell your data * Can’t keep it longer than permitted * Must delete it when you withdraw consent (unless legally required to keep certain records)
Only the accredited business you choose to share your data with can access it.
Under CDR rules, businesses must be accredited or authorised by an accredited provider before they can receive your data.
Your bank will only share your data with the specific accredited provider you approve and only after you give consent.
No other organisation can access your data through open banking unless you’ve authorised it.
Your data is only shared for the period you agreed to in the consent process.
For individual consumers, consent to share data under CDR typically lasts for up to 12 months. After that, access must be renewed if you want the service to continue.
The exact timeframe depends on the service. For example: * A one-off service, such as a loan application, may only require short-term access * An ongoing service, such as a budgeting app, may request access for up to 12 months so it can continue providing insights
You can withdraw your consent at any time.
You can stop sharing your data at any time.
Under CDR rules, you can withdraw consent through the provider you shared your data with — usually through a dashboard or settings page.
Once consent is withdrawn: * The business must stop collecting your data * Your bank will stop sharing new data with them * The provider must delete your CDR data (unless legally required to retain certain records)
You can also view and manage your active data-sharing permissions through your bank.
Under the CDR, banks that hold certain types of consumer banking data are required to make that data available for sharing if you request it.
This means open banking is available with all major Australian banks and many smaller institutions, so most people can use it regardless of which bank they use.
Supported account types generally include common retail banking products such as: * Transaction accounts * Savings accounts * Credit cards * Home loans * Personal loans * Offset accounts
Joint accounts may also be supported, although additional privacy protections sometimes apply because more than one person owns the account.
If a bank staff member seems unsure about open banking, you can: * Ask to speak with their CDR or open banking support team * Check your bank’s website for their CDR/open banking help page * Confirm you’re asking about CDR data sharing
Banks that participate in open banking are required to support the system, although some frontline staff may not encounter it frequently.
If you’re unable to resolve the issue, you can: * Make a complaint through your bank’s internal complaints process * Escalate the complaint to the Australian Financial Complaints Authority (AFCA) * Report concerns about CDR compliance to the ACCC
Businesses using open banking must follow strict rules under the CDR.
These rules are set out in Australian law, including: * The Competition and Consumer Act 2010 (Cth) * The Consumer Data Right Rules 2020 * The CDR Privacy Safeguards, which operate alongside the Privacy Act 1988 (Cth)
Under these laws, providers must: * Be accredited (or authorised by an accredited provider) before receiving data * Only collect data with your consent * Clearly explain what data they’re collecting and why * Only use your data for the purpose you agreed to * Keep your data secure * Allow you to manage or withdraw consent at any time
The system is regulated by the ACCC (which oversees compliance and enforcement) and the OAIC (which oversees privacy protections).
If a provider fails to follow the CDR rules, regulators can investigate and take enforcement action.
The ACCC monitors compliance and can take action such as: * Court proceedings * Infringement notices * Enforceable undertakings * Significant financial penalties
The OAIC oversees privacy protections and can investigate complaints about how CDR data is handled.
Consumers also have the right to make a complaint to the provider first, and escalate the matter to regulators if it isn’t resolved.
Several organisations help design, regulate and oversee the system. The resources below explain how open banking works, what rights you have when sharing your data, and how your information is protected.
How open banking works in Australia and how the CDR gives people control over their financial data.
How your data is protected when you use open banking.
Only accredited businesses can receive consumer data through open banking. You can verify providers using the official CDR register.
We also provide a number of resources explaining how open banking works and how it helps people better understand and manage their finances.
