Authorisation to disclose joint account data

These guidelines provide examples for how to implement the authorisation flow in relation to joint accounts.

‣

On this page

Overview

According to rule 1.7, a joint account is a joint account with a data holder for which there are 2 or more joint account holders, each of which is an individual who:

(i) so far as the data holder is aware, is acting in their own capacity and not on behalf of another person; and

(ii) is eligible in relation to the data holder; but does not include a partnership account with a data holder.

Division 4.2A sets out the three disclosure options (pre-approval option, co-approval option and non-disclosure option), with the default option being the pre-approval option.

The guidelines in this section provide examples of how to implement requirements for the authorisation flow for disclosing data from joint accounts.

For further guidance, see ACCC's Revised joint account implementation guidance.

Authorise is the third stage of The Consent Model.

Wireframes and guidelines

Note: The wireframes shown are examples of how to implement key rules, standards, and guidelines. Use the on-screen functions to adjust zoom level or expand the wireframes to be viewed at full screen.

Default example (pre-approval option)

The following wireframes show a basic example of the authorisation flow where account holder A (AH-A) authorises to share data from a joint account with pre-approval disclosure option. Variations can be found in the below sections.

Note: Other requirements related to authorisation apply to this flow. Check the latest CDR Rules, CX Standards and Guidelines on authorisation for guidance.

‣

See key requirements and guidelines

‣

See prototype

Authorisation flow for vulnerable requesters

The following wireframes show an example of the authorisation flow where rule 4A.15 is leveraged to allow account holder A (AH-A), a vulnerable requester, to share their joint account data as if it were an individual account.

The standards and guidelines outlined below represent one possibility for supporting vulnerable consumers. This may apply, for example, where the Data Holder recognises that notifying the other joint account holder(s) of joint account sharing may put a vulnerable requester at risk.

This approach may not be appropriate for other scenarios concerning vulnerability. Data Holders should assess the appropriateness of this optional implementation pattern based on their existing protocols for dealing with vulnerability.

‣

See wireframes, key requirements and guidelines

Authorisation flow with co-approval joint accounts

The following wireframes show an example where account holder A (AH-A) authorises to share data from a joint account with co-approval disclosure option, requiring account holder B (AH-B) to respond to this request before data from the joint account can be accessed.

‣

See wireframes, key requirements and guidelines

Download open source asset

Open sources design assets are created in Figma for the purposes of assisting implementation. This Figma file contains annotated wireframes and working prototypes for Authorisation to disclose joint account data, including:

Default example (pre-approval option)
Authorisation flow for vulnerable requester
Authorisation flow with co-approval joint accounts

Download design asset

Item	File	Date released	Version introduced
3AU2. Authorisation to disclose joint account data v1.16.0.2022.03.17	3AU2. Authorisation to disclose joint account data v1.16.0.2022.03.17.fig	March 17, 2022	1.16.0

For past versions, refer to Change log.

‣

About open source assets

About this page

References

The artefacts on this page were informed by the following sources.

Title	Author	Year	URL	Type
Draft v2 Rules consultation (see concept 7.1 Joint accounts)	ACCC	2020	accc.gov.au	Consultations
CX Workshop: Joint Accounts	DSB	2021	miro.com	Consultations
Noting Paper 157: CX Standards Arising from v2 Rules	DSB	2021	github.com	Consultations
Noting Paper 207: Draft v3 Rules Analysis \| Anticipated Data Standards	DSB	2021	github.com	Consultations
Draft v3 Rules consultation	Treasury	2021	treasury.gov.au	Consultations
Design Paper 176: an ‘opt-out’ data sharing model for joint accounts in the banking and energy sectors	DSB	2021	github.com	Consultations
Decision Proposal 162: CX Standards \| Joint Accounts (see concept Authorisation flow)	DSB	2021	github.com	Consultations
Phase 2, Stream 1 report	GippsTech	2019	consumerdatastandards.gov.au	Research
Phase 3, Round 1 and 2 report	DSB	2020	consumerdatastandards.gov.au	Research
Phase 3, Round 3 report	DSB	2020	consumerdatastandards.gov.au	Research
Phase 3, Round 6 report	DSB	2020	consumerdatastandards.gov.au	Research
Report 2: Joint Accounts and the Consumer Data Right	CPRC	2020	consumerdatastandards.gov.au	Research
CDR Support Portal: Revised joint account implementation guidance	ACCC	2021	cdr-support.zendesk.com	Guidance
10 Usability Heuristics for User Interface Design (Visibility of system status)	Nielsen Norman Group	1994	nngroup.com	Other

Last updated

This page was updated @November 9, 2023

Have your say

Community consultations and maintenance are part of our ongoing process. Here’s how you can get involved:

Request new Guidelines or changes to existing Guidelines through the Guidelines Consultation process
Request new Standards or changes to existing Standards through the Standards Maintenance process
Log a ticket for any questions about the rules, standards, or guidelines through the CDR Support Portal
Email your feedback to cx@consumerdatastandards.gov.au

Quick links to CX Guidelines:

Accessibility statement

→ cx@consumerdatastandards.gov.au → cx.cds.gov.au | cds.gov.au

The Consumer Data Standards Program is part of Treasury. Copyright © Commonwealth of Australia 2023. The information provided on this website is licensed for re-distribution and re-use in accordance with Creative Commons Attribution 4.0 International (CC-BY 4.0) Licence.