Open Banking

One of the purposes of Open Banking is to increase competition across financial services and potentially allow customers to negotiate better deals and save money. Open Banking means that you will be able to share your data with Accredited Data Recipients (ADRs). This will give you access to products and services offered by ADRs that may suit your needs.

St.George is committed to ensuring that your data is safe including via Open Banking. Customers who want to use Open Banking will need to be registered for Internet Banking.

Accredited Data Recipients (ADRs) who are providing products or services under Open Banking must comply with privacy and security requirements and be accredited by the Australian Competition and Consumer Commission (ACCC).

It is entirely your choice if you wish to use Open Banking. Open Banking requires you to be registered for internet banking to authorise data sharing with an ADR. You will use your Customer Access Number (CAN) and a One Time Password, through Secure Code, to authorise any sharing of information. If you change your mind you can revoke your authorisation to share data with ADRs at any time using your data sharing dashboard accessed through your Internet Banking.

For organisation customers, Open Banking requires you to nominate one or more Nominated Representatives (Individuals) who will act on your organisation’s behalf to share data with an ADR. They will use their own CAN and a One Time Password, through Secure Code, to authorise any sharing of information.

You may ask us to share your St.George consumer data, or other consumer data you have given us permission to collect, in order to get a banking product or service from another organisation, such as another bank.

For example, if you apply for a loan with another bank and they request to see data on your St.George savings account as part of their assessment, you can give us permission to share your St.George consumer data relating to that savings account with them if they are accredited to receive data by the ACCC. 

To start the consent process, you will need to visit the Open Banking consent portal of the Accredited Data Recipient (ADR) you wish us to share your data with.  This ADR may be another bank or fintech. Once you have granted your consent to the ADR to collect data on your behalf through their consent portal, you will be connected to St.George, where we will ask you to authorise us to share your data with the ADR.

For organisation customers, your Nominated Representative(s) will need to visit the Open Banking consent portal of the ADR you wish us to share your data with (see “What’s New for Open Banking” above for more information about data sharing authorities and Nominated Representatives). An organisation must have at least one active Nominated Representative before we can share data with an ADR.

Your Nominated Representative(s) can only share data from the Organisation’s solely-owned accounts. 

Under the Consumer Data Right, we will only share your St.George consumer data with another organisation if you give us permission to do so.

You can use your data sharing dashboard in Internet Banking to track all the permissions you have given to us to share your data. We will always notify you via the data sharing dashboard as soon as practicable after sharing your data.

You may withdraw your permission for us to share your consumer data on any account at any time by using your data sharing dashboard through Internet Banking.

Once your permission for us to share your data has been withdrawn, we will no longer share your data and will provide you with a notice of this as soon as practicable.

For organisation customers, Nominated Representatives may withdraw permission for us to share your consumer data on any account at any time by using the data sharing dashboard through Internet Banking.

Your data sharing dashboard on Internet Banking will show you all your active consents and also any previous consents that you have provided, which have expired or been revoked or cancelled.

For organisation customers, only Nominated Representatives have access to view any active and archived consents that have been provided. All Nominated Representatives will view the same dashboard and can revoke or cancel a consent regardless of which Nominated Representative granted or amended the consent.

When creating your consent, you can select how long you would like it to stay active. A consent may be for a one time share or you may select a period of up to 12 months. The maximum time limit for consent to remain active is 12 months, before it will expire. If you would like to continue sharing data once it has expired, you will need to create a new consent.

You may choose to create more than one consent or different consents for different accounts, depending on the information you wish to share and the length of consent you would like to give. 

Some Accredited Data Recipients (ADRs) may also allow you to amend an active consent on your data sharing accounts. By visiting the ADR’s app, you may have the option to extend a consent or change the accounts within the consent. This can only be activated through the ADR.

Yes, on 4 August 2022, St.George commenced the implementation of joint account data sharing:

1. St.George will enable all eligible joint accounts for data sharing, consistent with the Consumer Data Right rules and obligations.
2. When a joint account is ‘enabled’ for data sharing, any account holder can to authorise consent to data sharing with an Accredited Data Recipient (ADR). When the joint account is ‘enabled’, any Open Banking data sharing authorisations created by one account holder are taken to have been pre-approved by all account holders. This means that any joint account holder can authorise St.George to share data on the joint account with an Accredited Data Recipient (ADR), without requiring further approval from any other joint account holder, when St.George receives a valid data sharing request from an ADR in respect of that joint account. This is despite any existing banking authorities that apply to the joint account (e.g., 'more than one to sign', etc).
3. Any joint account holder can at any time view the joint account's data sharing option or change it to disabled at any time through the online consent dashboard in Internet Banking. Once the data sharing is set to disabled:

(a)    data sharing will cease for the joint account with respect to any existing data sharing authorisations;

(b)   no joint account holder will be able to share data from that account;

(c)    any subsequent request made on the online consent dashboard in Internet Banking to enable data sharing on the joint account will need to be approved by all joint account holders within a specified period of time.

Joint account holders will always be notified whenever the data sharing status of the joint account changes.

Organisations must complete the form as required by St.George to nominate or remove an Nominated Representative.

Each Nominated Representative must have their own individual credentials to access Internet Banking.

The organisation may nominate as many Nominated Representatives as they would like through the Nominated Representative form.

Note, each Nominated Representative must have individual access to Internet Banking and will access the Consent Portal on behalf of the Organisation via their own credentials. 

The Nominated Representative must meet eligibility criteria i.e. be 18 years, have internet banking access.

Nominated Representatives will act on behalf of the Organisation, to grant, amend and manage authorisations to share data with an ADR. All nominated representatives will have the same view of the Organisation's dashboard and can manage authorisations even if they were not originally initiated by them.

St.George will continue to share data unless another Nominated Representative removes the authorisation or the consent expires. If all Nominated Representatives are removed, St.George will stop sharing data with the ADR. 

Westpac Group has been approved by the ACCC as an Accredited Data Recipient under the Consumer Data Right/ Open Banking. At this stage St.George is not receiving Open Banking data from other banks. Ultimately Open Banking should result in customers getting better access to products that meet their needs. We are excited about the possibilities from Open Banking and over time we expect to allow customers to use Open Banking to more easily bring their banking data from other banks to St.George. In the meantime, your St.George banker is able to discuss suitable products with you and assist with data required from other financial institutions to support your needs.

As St.George launches services that make use of Open Banking, we will provide information to help customers use these services including transferring their Open Banking data from other banks to St.George. We will continue to update this internet page with updates as further data sharing services become available.