Updated @November 9, 2023
These guidelines provide examples for how to implement the authorisation flow in relation to joint accounts.
On this page
Overview
According to rule 1.7, a joint account is a joint account with a data holder for which there are 2 or more joint account holders, each of which is an individual who:
(i) so far as the data holder is aware, is acting in their own capacity and not on behalf of another person; and
(ii) is eligible in relation to the data holder; but does not include a partnership account with a data holder.
Division 4.2A sets out the three disclosure options (pre-approval option, co-approval option and non-disclosure option), with the default option being the pre-approval option.
The guidelines in this section provide examples of how to implement requirements for the authorisation flow for disclosing data from joint accounts.
For further guidance, see ACCC's Revised joint account implementation guidance.
Wireframes and guidelines
Default example (pre-approval option)
The following wireframes show a basic example of the authorisation flow where account holder A (AH-A) authorises to share data from a joint account with pre-approval disclosure option. Variations can be found in the below sections.
Note: Other requirements related to authorisation apply to this flow. Check the latest CDR Rules, CX Standards and Guidelines on authorisation for guidance.
Authorisation flow for vulnerable requesters
The following wireframes show an example of the authorisation flow where rule 4A.15 is leveraged to allow account holder A (AH-A), a vulnerable requester, to share their joint account data as if it were an individual account.
The standards and guidelines outlined below represent one possibility for supporting vulnerable consumers. This may apply, for example, where the Data Holder recognises that notifying the other joint account holder(s) of joint account sharing may put a vulnerable requester at risk.
This approach may not be appropriate for other scenarios concerning vulnerability. Data Holders should assess the appropriateness of this optional implementation pattern based on their existing protocols for dealing with vulnerability.
Authorisation flow with co-approval joint accounts
The following wireframes show an example where account holder A (AH-A) authorises to share data from a joint account with co-approval disclosure option, requiring account holder B (AH-B) to respond to this request before data from the joint account can be accessed.
Download open source asset
Open sources design assets are created in Figma for the purposes of assisting implementation. This Figma file contains annotated wireframes and working prototypes for Authorisation to disclose joint account data, including:
- Default flow
- Authorisation flow for vulnerable requester
- Authorisation flow with co-approval joint accounts
Item | File | Date released | Version introduced |
---|---|---|---|
March 17, 2022 | 1.16.0 |
For past versions, refer to Change log.
References
These CX Guidelines were informed by consultations and research conducted in 2019 to 2021, including the following:
- Consultations
- ACCC 2020, Draft v2 Rules consultation (see concept 7.1 Joint accounts)
- Treasury 2021, Draft v3 Rules consultation
- DSB 2021, Noting Paper 157 - CX Standards Arising from v2 Rules
- DSB 2021, Noting Paper 207 - Draft v3 Rules Analysis | Anticipated Data Standards
- DSB 2021, Decision Proposal 162 - CX Standards | Joint Accounts (see concept Authorisation flow)
- DSB 2021, CX Workshop: Joint Accounts
- DSB 2021, Design Paper 176: an ‘opt-out’ data sharing model for joint accounts in the banking and energy sectors
- CX research
- GippsTech 2019, Phase 2, Stream 1 report
- DSB 2020, Phase 3, Round 1 and 2 report
- DSB 2020, Phase 3, Round 3 report
- DSB 2020, Phase 3, Round 6 report
- Other
- Nielsen Norman Group 2019, 10 Usability Heuristics for User Interface Design (Visibility of system status)
- CPRC 2020, Joint accounts & the Consumer Data Right
- ACCC 2021, CDR Support Portal: Revised joint account implementation guidance
Quick links to CX Guidelines:
→ cx@consumerdatastandards.gov.au → cx.cds.gov.au | cds.gov.au