Welcome to the Consumer Data Right Support Portal

Check out our guides, browse through our FAQs, and post your own questions for Support.

New to the Consumer Data Right? Learn more

Business Service Providers

Follow
Avatar
Jarryd Judd
  • Edited

Business Service Providers

Business service providers offer business consulting and legal services. This list includes contributions from verified service providers. 

NOTE: Please read and understand the disclaimer, submission policy and conflicts of interest listed here

Name: AssuranceLab

Service Type:

  • CDR Assurance reports (ASAE 3150, SOC 1/2)
  • Readiness Assessments (free)
  • Information Security Practice Guides (free)
  • SOC 1
  • SOC 2
  • ISO 27001
  • HIPAA
  • GDPR
  • Independent IT Audits
  • All-you-can-eat Cyber Assurance

URL: https://www.assurancelab.com.au/

URL (CDR): https://www.assurancelab.com.au/cdr-assurance

Description:

AssuranceLab is the leading provider of SOC 2 reports in Australia and New Zealand. We operate as a team inside our accountancy firm partners. This enables us to provide a modern approach to cybersecurity assurance, backed by reputable brands and economies of scale in the supporting processes. Our clients only deal with AssuranceLab's team - valuing our agile and collaborative services, free readiness software, comprehensive practice guides and support, and market-leading expertise in cloud services and cybersecurity.

Date added: 29th of March 2021

Date updated: 29th of March 2021

 

Name: Basiq

Service Type:

  • Financial data aggregation
  • Data enrichment
  • CDR-compliant consent management
  • Data collection

URL: basiq.io

Description:

Founded in 2016, Basiq is an open banking platform that helps people make smart financial decisions. Backed by NAB Ventures, Salesforce Ventures and Westpac Reinventure we lead innovation in powering the future of financial services with access to secure and automated financial data

Date added: 14th January 2021

Date updated: 14th January 2021

Name: Frollo

Service Type:

  • Frollo helps businesses collect and use Open Banking data to deliver better customer outcomes:

    • CDR Gateway: The market leading platform to manage consent and collect CDR data, with plug & play access to Open Banking powered solutions for PFM and lending
    • Money Management platform: A full suite of financial wellbeing and money management features, accessible via branded white label app, SDK or API integration
    • Financial Passport: Use Open Banking data to create a comprehensive financial profile and streamline credit decisions
    • Categorisation as a Service: Turn raw transaction data from any source into insights, using AI powered categorisation and merchant enrichment
    • PRD Portal: A simple and future proof way for Data Holders to publish compliant Product Reference Data APIs
    • Data Holder testing: Testing data holder solutions to ensure quality and compliance

URL: https://frollo.com.au

Description:

Frollo is a purpose driven fintech, using Open Banking data and AI to help businesses deliver better customer outcomes. From helping them reduce their debt, increase their savings or just get a better deal on their finances.

We were Australia’s first fintech Accredited Data Recipient and the first to go live with Open Banking in July 2020. Since then, our Open Banking platform has made over 25 Million API calls, which equates to over 90% of all Data Recipient activity in Australia.

Frollo clients include ANZ, P&N Bank, BOQ, AFG, Volt Bank and Canstar.

Date added: 21st February 2022

Date updated: 21st February 2022

 

Name: MinterEllison

Service Type: We assist our clients with their open banking journey, advising them on their obligations under the CDR regime as both data holders and accredited data recipients while ensuring they market ready to take advantage of the opportunities presented by Open Banking.  We have found that compliance with the CDR regime is far from a quick fix. Instead it requires entities to effectively establish a new banking ecosystem to specifically meet the high standards demanded by CDR (and in a very short timeframe).

Working with our clients we have developed our MinterEllison Open Banking / CDR Toolkit to be implemented into our client's existing CDR ecosystem, as either a data holder and/or an accredited data recipient (ADR) of CDR data. Our MinterEllison Open Banking / CDR Toolkit includes the following tools:

  1. Compliance matrices (a consolidated and grouped plain-English register of all CDR obligations);

  2. Compliance checklists (to track and manage compliance with CDR);

  3. CDR Policy (including advice re Privacy Policy);

  4. CDR / Open Banking introductory seminars / CLEs;

  5. Accreditation workshops;

  6. CDR Use Cases workshops;

  7.  Ad-hoc through our on-demand Open Banking Advice library.

URL: https://www.minterellison.com/

Description:

MinterEllison is one of Asia Pacific's leading full-service law firms. Established in Sydney in 1827, today the firm operates in Australia, Hong Kong, mainland China, Mongolia, New Zealand and the United Kingdom through a network of integrated offices and associated offices.  The firm's Technology and Data lawyers are recognised in independent legal directories including Chambers & Partners, Legal500, and Best LawyersIn April 2020, MinterEllison was named Law Firm of the Year for IT Law (Australia) by Best Lawyers, as voted by our peers. 

In 2017 we expanded our market-leading legal technology practice with the acquisition of ITNewcom, a top-tier technology consultancy.  With about 200 partners and 700 legal staff worldwide, we understand the challenges faced by businesses operating in a globalised marketplace and offer clients services that are multi-disciplinary and industry facing.  MinterEllison's large and diverse client base includes blue-chip public and private companies, leading multinationals, global financial institutions, government and state-owned entities.

Date added: 9th of February 2021

Date updated: 9th of February 2021

 

 

Name: Quill Peak Consulting

Service Type:

  • planning for compliance as a Data Holder
  • planning for and becoming an Accredited Data Recipient
  • developing work programmes for compliance
  • advising on CDR related policy development
  • advising on product proposition development
  • advising on competitive defence strategies

URL: https://quillpeak.com.au/

Description:

Quill Peak Consulting is a boutique consulting firm specialising in Open Banking and the Consumer Data Right. Quill Peak was created to address the growing need for advisory assistance in the implementation of the Consumer Data Right, initially in banking, but also soon in the Energy and Telecommunications industries.

Date added: 4th January 2021

Date updated: 4th January 2021

Name: RSM Australia

Service Type:

  • Access to our free CDR Information Security Accreditation Toolkit with examples from successful accreditations
  • ADR application advisory support based on seeing what has been accepted and not accepted by the ACCC
  • CDR Security by Design & Gap Assessment, to ensure the scope of the CDR data environment boundary is correct and you understand the information security requirements
  • CDR Pre-audit/Readiness Assessment to determine whether you are ready for accreditation
  • Independent reasonable assurance audit report (ASAE 3150 or SOC 2) for the unrestricted ADR application
  • Assurance to a sponsor or principal that an affiliate or representative agent complies with the CDR information security requirements
  • CREST accredited Penetration Testing as per CDR Schedule 2 Part 2 - Vulnerability Management (optional)
  • CDR Control Assessment Program or ISO 27001 Lead Auditor internal audit (where we are not the independent assurance provider)
  • Assessment of use case and the boundaries of the CDR data environment, including data architecture, data flows and outsourced service providers

URL: https://www.rsm.global/australia/insights/technology-and-risks/consumer-data-right-cdr-information-security-accreditation

Description:

RSM Australia is a leading provider of audit, tax, and consulting services for entrepreneurial growth-focused organisations, with over 1,200 staff delivering highly personalised services out of 30 offices throughout Australia.

RSM Australia provides Consumer Data Right (CDR) information security accreditation assurance and advisory services. We are the most experienced CDR auditor having provided CDR assurance reports for over 50% of the FinTech unrestricted ADRs, including Frollo, Intuit Inc. and Intuit Australia, Adatree, Finder, Basiq, TrueLayer, Zepto (formerly Split Payments). We are also working with a broad range of potential ADR applicants, including intermediaries, insurance platforms, investment platforms, comparison platforms, brokerage platforms, non-bank lenders, regtech and personal finance management apps.

RSM in Australia is CREST accredited for penetration testing and our Cyber Security and Privacy Risk team assists organisations in evaluating control requirements against various frameworks and publications, including ISO27001, National Institute of Standards and Technology (NIST), PCI DSS, Center for Internet Security (CIS), Cloud Security Alliance (CSA), and the Australian Government Information Security Manual, Strategies to Mitigate Cyber Security Incidents and Essential Eight.

Date added: 23rd December 2020

Date updated: 28th of October 2021

 

Testing, Development Support and Deployment Tools | Identity, Access and Consent Management Providers | Technical Service Providers | Business Service Providers 

Didn't find what you were looking for?

New post

Comments

0 comments

Post is closed for comments.