Skip to content

Credit Union SA is currently a Data Holder. Our members, or Data Owners, may consent to share their Credit Union SA data with an authorised organisation, referred to as a Data Recipient. A Data Recipient can request our members to consent to sharing their data for a range of purposes, such as a product application, or for use within an app.

Information that may be shared with consent can include:

Personal identifiers

  • Full name
  • Address details
  • Contact details 

Account details

  • Account number
  • Account types
  • Balance 

Transaction details

  • Where consent has been granted, full transaction details for the past 6 years

Product specific data

  • Your product characteristics
  • Product type
  • Product name
  • Fees, charges and interest rates
  • Features and benefits
  • Terms and conditions
  • Member eligibility requirements

Duration of Data that can be shared

When consent to share data is provided to a Data Recipient, the duration that the data will be available is also set. Data can be shared with the Data Recipient for either: 

Up to 365 days

Once only

  • Accessed for one purpose only
  • Available for 24 hours

Custom duration

  • Set number of days

Initiate Data Sharing 

Before we, as a Data Holder, make data available to a Data Recipient, the Data Owner (you) must authorise for us to share your data. This process is initiated through the Data Recipient’s own channel, such as website or app.

During this process you will confirm the consent period, find out what happens when you withdraw consent and select data to be shared.

If you need assistance with this process, please contact the Data Recipient.

Once completed, you will be directed to our Authentication to share date webpage to begin the Authorisation Process, outlined below.


Authentication Process 

Before we, as a Data Holder, make your data available to a Data Recipient, the Data Owner (you) must complete a process to authorise the consent through our Open Banking portal.

The Authentication process consists of the following steps:

1. Enter your Member Number and select Next.

2. A One Time Password (OTP) will be sent.

  • The OTP will be notified in one of the following ways: 
    • Via your registered email address
    • via a push notification to your registered device
    • generated by you via Internet Banking.
  • How you receive your OTP will be determined by your Internet Banking or Mobile Banking App settings. Learn how to change your settings.
  • Only one OTP will be generated per request.
  • If you do not have access to your specified email address, or device, you can log into Internet Banking to view your OTP. The code generated in Internet Banking will be the same code.

3. Enter your OTP to move to finalise the authentication and move through the consent phase.

  • Your code will only be valid for 10 minutes.
  • Only one OTP can be generated at one time.
  • If you need your code resent to you, or your code expires, please click ‘Resend one time password’
    • New codes will also only be valid for 10 minutes.

How to view your One Time Password (OTP)

OTP to your email address

When you request an OTP, your nominated email will be displayed at the OTP entry screen – hashed out for your security.

OTP to your device

If you have Push Notifications setup on your registered device, you will receive a pop-up notification with your password. 

OTP to Internet Banking

If you do not have a registered email address or Push Notifications setup, you will need to generate an OTP using Internet Banking. 

When you log into Internet Banking, select Security then OTP. You will be presented with either the Secure SMS window or VIP Security Code validation page. The page you see will depend on which Two-Factor Authentication (2FA) mode you have enabled on your account. 

Members must go through the 2FA process in Internet Banking to access the Generate Password page. Once authenticated, click the Generate code button to view the OTP.


Approve sharing request 

The Approve Sharing Request screen will display to you the following details: 

  • How long the data will be available to the Data Recipient.
  • The start date for the data being shared.
  • Instructions for reviewing and stopping the request once this has been approved.

If you don’t wish to proceed with the information which is presented on this screen, please click Deny Request to cancel the request moving forward.

You will also be able to access our CDR Policy prior to approving your sharing request.

Consumer Data Right (CDR) Policy

Data to be shared

The next screen will display a summary of the data you are consenting to share. This will include:

Name, occupation, and contact details

  • Name
  • Occupation
  • Phone
  • Email
  • Residential Address
  • Mailing Address.

Account balance details

  • Name of account, type of account, account number, account balance, interest rates, fees, discounts, account terms, and account mail address.

Transaction details

  • Incoming and outgoing transactions, amounts, dates, description of transactions.

You have the opportunity to stop the process at this point by selecting Deny Request.

If you agree to continue please select Consent.

Select accounts to share

On the next screen, a list of your eligible accounts will be presented for selection.

Please note, we are not required to share consumer data:

  • where the account was closed no more than 24 months before that time – transaction data in relation to a transaction that occurred more than 12 months before the account was closed;
  • where the account was closed more than 24 months before that time:
    • account data that relates to the account; and
    • transaction data that relates to any transaction on the account:
    • product specific data in relation to a product relating to any such account.
  • when not mandated by the ACCC. Products and types of data to be shared will be progressively rolled out. Refer to the Open Banking timeline.

Select the accounts which you wish to share with the Data Recipient or click Select All accounts to share the entire list. Once all required accounts are selected, click confirm to finalise the sharing request.

When you don’t select any accounts, you will be authorising for us to share your personal data only. 

Clicking Confirm completes the consent process, making your data available to the Data Recipient for the length of time you specified.


View requests to share data in Internet Banking 

You can view the requests you have consented to in Internet Banking. Under the Security menu select Sharing. In order to access the Sharing page, you will need to be registered for Secure SMS. 

Data sharing status:

Active

  • Data sharing is currently active with the Data Recipient. 

Withdrawn

  • Data sharing has been withdrawn, by the Data Owner or the Data Holder.

Expired

  • The duration of data sharing with the Data Recipient has expired.

Once-off

  • Data is only available to the Data Recipient for 24 hours. 

Click on the status to view further details.

Stop sharing data 

You can stop sharing your data at any time. To stop sharing data, log into your Internet Banking and select Sharing. The Sharing page displays all consented sharing requests along their status.

Select the status of the data which you wish to stop sharing. On the details page, click Stop sharing. Once selected, the data will no longer be available to the Data Recipient and the status will change to Withdrawn.

Alternately, you can call us on (08) 8202 7777 to withdraw from data sharing.

Open Banking FAQs

  • What is Open Banking?

    Open Banking, also known as Consumer Data Right (CDR) is an opt-in service which gives you greater access and control over your data.

    The current stage of Open Banking allows you to authorise your credit union or bank to share your data with other accredited organisations, making it easier to compare and switch products and services or access new and improved services.

    Learn more about Open Banking, and how it will benefit you here.

  • Is Open Banking secure and safe to use?

    Yes. Open Banking is a government initiative and only accredited organisations can take part. Financial institutions and other companies that participate in Open Banking will need to adhere to strict security standards when accessing and storing your data and will be subject to the Privacy Act. And accredited organisations will only be able to access data at your request.

    Open Banking is also regulated by the Australian Competition and Consumer Commission (ACCC), the Office of the Australian Information Commissioner (OAIC), the Treasury and the Data Standards Body (DSB).

  • Will I incur a fee by using Open Banking?

    Under the CDR legislation, we will not charge you to share your data with an accredited third party, and we won’t charge accredited third parties to access your data either.

  • What are the key dates for Open Banking?

    July 2019  

    The major banks began sharing product reference data during July 2019.

    July 2020

    From 1 July 2020, when requested by a customer, major banks are required to share data to accredited Data Recipients. This includes customer data, account data, transaction data and product specific data.

    October 2020

    From 1 October 2020, non-major banks, building societies and credit unions, including Credit Union SA, are required to share product reference data using a Product Application Programming Interface (API). APIs are a software intermediary that allows two applications to talk to each other. 

    Our Product API covers Home LoansCar LoansPersonal LoansTransaction AccountsSavings AccountsTerm Deposits, Overdraft Accounts, Debit Cards and Credit Cards we provide to our members. Information available through the API includes product features, constraints, eligibility, rates, fees and discounts and links to our Terms and conditions.

    July 2021 

    From July 2021, you will be able to authorise us to share your banking data with accredited organisations from within Internet Banking. This may include your account information and/or transaction history. You will control what is shared, and your data will be used only for the purpose you authorise.

    Initially, you will only be able to share data for certain products – over time, more of your data will be available to share as we expand this list.

    Products currently included:

    • Saving Accounts
    • Transaction Accounts
    • Term Deposits
    • Credit Cards
    • Home Loan Offset Accounts.

    November 2021 

    From November 2021, you will be able to authorise us to share your banking data with accredited organisations, for the above accounts including: 

    • Two years of closed account transaction history.
  • Do I need to do anything for Open Banking?

    Open Banking is an opt-in service, which means you choose whether to use it or not. 

    If you choose for us to share your data with another organisation using Open Banking, you will need to have Internet Banking access. If you don’t have Internet Banking, we can help – simply call us on (08) 8202 7777.

  • Where can I go for more information on Open Banking?

    Visit the CDR website for lots of great information and videos or check out our Open Banking page or detailed instructions.

  • When will Credit Union SA be able to get my data from other banks or credit unions?

    At this stage, we can’t receive Open Banking data from other financial institutions. However, you can still easily switch to us or take out our banking products. Call us on (08) 8202 7777 to discuss how we can help you get the best out of your banking.

  • I don't want to give my details to the government. Will the government have access to my data if I use Open Banking?

    No. The Consumer Data Right is regulated by the Australian Competition and Consumer Commission (ACCC), the Treasury, the Office of the Australian Information Commissioner (OAIC) and the Data Standards Body (DSB). They oversee the participants in the ecosystem but do not collect your data. This is only shared between the Data Holder and the Data Recipient.

  • Why would I use Open Banking?

    Open Banking aims to give you greater visibility and control over your banking data, greater ease of comparison between products and services in terms of both price and quality, and the ability to switch between providers more quickly and easily – all without pesky paperwork.

  • How is my data shared?

    The technology behind the data transfer process uses something called application programming interfaces (APIs). This means when data is transferred to an accredited organisation it’s all done electronically and automatically. The format and process for sharing Consumer Data Right (CDR) data has been set up by the Data Standards Body (DSB).

  • Does everyone need to share their data?

    No - the decision to share data is yours. 

    From 1 July 2021, you’ll be able to choose to share your data with other accredited organisations. For example, if you’re taking out a product or service with another bank or credit union you can request for us to share your data with them if they’re an accredited data recipient. 

    Check out our ‘how to’ guide to learn more about Open Banking.

  • Who can share data?

    Anyone who is over 18 and has Internet Banking with Credit Union SA. Check out the key dates for Open Banking – as not all accounts or types of data will be available from 1 July 2021

  • Who can I share my Credit Union SA member data with?

    Visit the CDR website to see the full list of Accredited Data Recipients.

  • What Credit Union SA products are currently included in Open Banking – what data can I share?

    From 1 July 2021 you can request we share your Transaction, Savings, Term Deposit, Home Loan Offset account and Credit Card account information - for open accounts in a single name. More detailed data will be shared after 1 November 2021.

     Visit the CDR website for key dates.

How to use Open Banking FAQs

  • Do I need to have Internet Banking access to share my data with another organisation?

    Yes, if you would like us to share your data with another organisation using Open Banking, you will need to have Internet Banking access. If you don’t have Internet Banking, we can help - simply call us on (08) 8202 7777 and we'll get you setup.

  • When will Credit Union SA be able to get my data from other banks or credit unions?

    At this stage, we can’t receive Open Banking data from other financial institutions. However, you can still easily switch to us or take out our banking products. Call us on (08) 8202 7777 to discuss how we can help you get the best out of your banking.

  • How long will you share my data?

    You get to decide when you consent to an accredited third party collecting your data. It can be a one-off authorisation or could be ongoing for a maximum of 12 months. And you can withdraw an authorisation at any time in Internet Banking.

  • How do I share my data, and is this process authenticated?

    Check our How to use Open Banking page for detailed steps.

  • How do I consent to share my Credit Union SA member data with another organisation?

    You will need to initiate the data sharing request with the organisation you would like us to share your data with. Once you've done this, you'll be directed to Credit Union SA to authorise the request - and your data will be shared.

    Find out more about How to use Open Banking.

  • What is a Data Holder?

    A Data Holder is the accredited organisation holding your data. For example, we would be considered the ‘Data Holder’ if you bank with us, and request for us to send your data to another accredited organisation.

  • What is a Data Recipient?

    A Data Recipient is the accredited organisation receiving your data. For example, if you request for us to send your data to another accredited organisation, they would be considered the ‘Data Recipient’.

  • What is a One Time Password (OTP)?

    After you have entered your member number into our Open Banking authorisation screen we will send you an OTP by either e-mail or SMS. The OTP is only valid for 10 minutes.

    Should it expire before you have had the opportunity to authorise  the data sharing request, you can request another OTP from Internet Banking.

    Remember, no organisation including us will ever call you and ask for your Internet Banking password or OTP to authorise a data sharing request. Never share a Secure SMS code, password or OTP with another person.

  • How do I resend my One Time Password (OTP)?

    • Log into Internet Banking
    • Select Security > OTP
    • Factor 2 Authentication will be required for your security - select Request SMS Code
    • Enter the SMS Code then select Validate
    • Select Generate Code and the OTP will be displayed
    • Return to the Open Banking authentication page and input the OTP to continue. 

    Remember, no organisation including us will ever call you and ask for your Internet Banking password or OTP to authorise a data sharing request. Never share a Secure SMS code, password or OTP with another person.

  • Why am I not receiving a One Time Password (OTP)?

    There may be a few reasons why you’re not receiving an OTP, which could include:

    • You don't have active Internet Banking, Push Notifications or Internet Banking alerts activated.
    • We don't have your current mobile phone number or email address - you can check this from Internet Banking.
    • You entered the incorrect member number into our authentication to share page.
    • The consent process was not completed with the Data Recipient, and you were not directed to our authentication to share page. 

    Please call us on (08) 8202 7777, if you need help receiving an OTP.

    Remember, no organisation including us will ever call you and ask for your Internet Banking password or OTP to authorise a data sharing request. Never share a Secure SMS code, password or OTP with another person.

  • What if I input an incorrect One Time Password (OTP)?

    Retry your OTP, and if it doesn’t work, please call us on (08) 8202 7777 as you may need to initiate the consent process again with the Data Recipient.

    Remember, no organisation including us will ever call you and ask for your Internet Banking password or OTP to authorise a data sharing request. Never share a Secure SMS code, password or OTP with another person.

  • How can I view requests to share my data?

    It's easy. Log-in to your Internet Banking, select Security > Sharing and view all your data sharing authorisations and the data requests made on your behalf.

  • What does the status of my data sharing request mean?

    There are four authorisation statuses:

    • Active – current authorisation.
    • Withdrawn – authorisation was withdrawn preventing data sharing.
    • Once-off –authorisation to share data on one occasion.
    • Expired – authorisation period has expired.
  • How do I stop sharing my Credit Union SA member data?

    • Log into your Internet Banking and select Security > Sharing.
    • Click on the authorisation you would like to withdraw then scroll to the bottom of the page and select 'Stop sharing'.
    • You'll be asked if you're sure - then select ‘Stop sharing’ again.

    If you would like to start sharing your data again, you'll need initiate a new data sharing request with the Data Recipient.

  • Why has my sharing data request been denied or disabled?

    If your data sharing request has been denied or disabled, please call us for help on (08) 8202 7777.