DocumentVersionDate releasedChange log
Consumer Experience Standards1.
Consumer Experience Guidelines1.
Consumer Experience Standards1.
Consumer Experience Guidelines1.
Consumer Experience Guidelines0.9.517.07.2019

The Data Standards Body (DSB) recognises that consumer adoption is critical to success for the CDR regime. This is particularly true in the early stages of implementation when consumers will not be familiar with the mechanisms and protocols required to engage with CDR participants and consent to share their CDR data.

To facilitate CDR adoption the DSB has developed Consumer Experience (CX) Guidelines and identified a number of key elements to be aligned to across the regime.

CDR Rules (8.11) also require data standards to be made for:

  • obtaining authorisations and consents, and withdrawal of authorisations and consents;
  • the collection and use of CDR data, including requirements to be met by CDR participants in relation to seeking consent from CDR consumers;
  • authentication of CDR consumers
  • the types of CDR data and descriptions of those types to be used by CDR participants in making and responding to requests

As stated in the CDR Rules Explanatory Statement, ‘at a minimum, accredited persons will be guided by the language and processes of guidelines produced by the DSB.’ The CX Workstream emphasises that aligning to the non-mandatory items in the CX Guidelines will help achieve consistency, familiarity and, in turn, facilitate consumer trust and adoption.

The CX Guidelines avoid being prescriptive to balance ecosystem consistency with the potential to innovate. The complete list of binding Consumer Experience Standards outlined in this section were created to balance these objectives.

CX standards will be binding data standards for the purposes of s56FA and in accordance with the Consumer Data Right rules made by the ACCC. The making and commencement of the data standards and the CDR rules is subject to the Consumer Data Right legislation.

4 thoughts on “Consumer Experience: Standards and Guidelines

  1. David Pickering Reply

    Was hoping to find some UX wireframes that help explain the consumer CDR registration process. Are there any wireframes published anywhere, as I can’t seem to find them…

    From reading the specs (, it says that a consumer should be asked to enter a “user identifier that can uniquely identify the customer”. However, there’s really not much clarity around how OTPs are sent, then entered by the consumer… After entering the User Identifier, should the UI make a call to a back-end service to retrieve the SMS and/or Email (likely need to only show last 3 characters to prevent phishing attacks) for that customer id (from the Digital Banking app), then allow the customer to choose how they want the OTP sent (SMS, Email, Push)? I’m assuming this is how it should work, but can you confirm if this flow has been thought out and whether this guidance will be provided in an upcoming version of these standards?

  2. Mathew Lyons Reply

    Hi there,

    Does the CDR / Open Banking framework make it possible for 3rd party apps to transfer money between the customer’s accounts and/or BPAYments or payments to others? If so when? And where can I find more information?



    • Consumer Data Standards Australia Post authorReply

      Hi Mathew,

      The CDR currently permits read access only, and as such does not provide for payment initiation.

      The Open Banking Review only relates to access to data (read access), though raises the option of an extension of the right in the future.

      See [] for more details on the potential for write access, including a suggestion that ‘Open Banking should be formally evaluated 12 months after the Commencement Date’ and that post-implementation considerations should include ‘the potential for future write access’. The current go-live date for CDR in the financial sector is mid-2020.


      CX Workstream

Leave a Reply

Your email address will not be published. Required fields are marked *