Skip to main content

What is Australian Open Banking (CDR)?

Updated this week

Open Banking

In Australia, we use Basiq to securely connect to your bank via Open Banking.

Open Banking connections are regulated under the Consumer Data Right (CDR) framework. When you connect, you are sharing your banking data with our partner Basiq who are authorised by the Australian Competition and Consumer Commission (ACCC) as an Accredited Data Recipient (ADR).

By connecting, you consent to Basiq sharing your banking data with Wayflyer.

We securely process your banking data in line with our Privacy Notice.

Consumer Data Right (CDR)

The Consumer Data Right (CDR) regulates the collection and handling of CDR data in line with privacy safeguards and rules that:

  • Ensure users' data is managed securely.

  • Provide users with control over how their data is shared and used.

Accredited Data Recipients (ADRs)

An Accredited Data Recipient (ADR) is an organisation approved under the CDR framework to receive and manage consumer data securely. ADRs are required to adhere to strict privacy and security rules, ensuring that the consumer's data is used only with their consent. ADRs are expected to:

  • Transparently disclose how data is used.

  • Ensure secure storage and transfer of consumer data.

  • Implement privacy safeguards to protect user consent.

Data Usage

Wayflyer uses the banking data collected under the CDR framework to analyse your company’s suitability for financing.

We also use banking data for operational purposes including fraud prevention, anti-money laundering, and generating analytical insights.

For full details please refer to our Privacy Notice.

Consent Management

We need you to stay connected while you have outstanding funding from us.

If you have not taken funding, or once you’ve remitted all your funding, you can withdraw consent at any time by either of the following methods:

Once you withdraw consent we will no longer have access to any new data from your bank.

Data Retention

We delete your banking data collected under the CDR framework when it is no longer needed.

If you withdraw consent we will delete your banking data, except for data we have a requirement to retain for legal purposes. For example, if you have ever taken out funding with us we do need to retain certain data. Data retained for legal purposes will be deleted when it is no longer needed.

For full details please refer to our Privacy Notice.

Did this answer your question?