Open Banking

Bank of Melbourne is committed to ensuring that your data is safe including via Open Banking. Customers who want to use Open Banking will need to be registered for Internet Banking.

Accredited Data Recipients (ADRs) who are providing products or services under Open Banking must comply with privacy and security requirements and be accredited by the Australian Competition and Consumer Commission (ACCC).

It is entirely your choice if you wish to use Open Banking. Open Banking requires you to be registered for internet banking to authorise data sharing with an ADR. You will use your Customer Access Number (CAN) and a One Time Password, through Secure Code, to authorise any sharing of information. If you change your mind you can revoke your authorisation to share data with ADRs at any time using your data sharing dashboard accessed through your Internet Banking.

For organisation customers, Open Banking requires you to nominate one or more Nominated Representatives (Individuals) who will act on your organisation’s behalf to share data with an ADR. They will use their own CAN and a One Time Password, through Secure Code, to authorise any sharing of information.

You may ask us to share your Bank of Melbourne consumer data, or other consumer data you have given us permission to collect, in order to get a banking product or service from another organisation, such as another bank.

For example, if you apply for a loan with another bank and they request to see data on your Bank of Melbourne savings account as part of their assessment, you can give us permission to share your Bank of Melbourne consumer data relating to that savings account with them if they are accredited to receive data by the ACCC. 

Under the Consumer Data Right, we will only share your Bank of Melbourne consumer data with another organisation if you give us permission to do so.

You can use your data sharing dashboard in Internet Banking to track all the permissions you have given to us to share your data. We will always notify you via the data sharing dashboard as soon as practicable after sharing your data.

You may withdraw your permission for us to share your consumer data on any account at any time by using your data sharing dashboard through Internet Banking.

Once your permission for us to share your data has been withdrawn, we will no longer share your data and will provide you with a notice of this as soon as practicable.

For organisation customers, Nominated Representatives may withdraw permission for us to share your consumer data on any account at any time by using the data sharing dashboard through Internet Banking.

Your data sharing dashboard on Internet Banking will show you all your active consents and also any previous consents that you have provided, which have expired or been revoked or cancelled.

For organisation customers, only Nominated Representatives have access to view any active and archived consents that have been provided. All Nominated Representatives will view the same dashboard and can revoke or cancel a consent regardless of which Nominated Representative granted or amended the consent.

When creating your consent, you can select how long you would like it to stay active. A consent may be for a one time share or you may select a period of up to 12 months. The maximum time limit for consent to remain active is 12 months, before it will expire. If you would like to continue sharing data once it has expired, you will need to create a new consent.

You may choose to create more than one consent or different consents for different accounts, depending on the information you wish to share and the length of consent you would like to give. 

Some Accredited Data Recipients (ADRs) may also allow you to amend an active consent on your data sharing accounts. By visiting the ADR’s app, you may have the option to extend a consent or change the accounts within the consent. This can only be activated through the ADR.

Yes, on 4 August 2022, Bank of Melbourne commenced the implementation of joint account data sharing:

1. Bank of Melbourne will enable all eligible joint accounts for data sharing, consistent with the Consumer Data Right rules and obligations.
2. When a joint account is ‘enabled’ for data sharing, any account holder can to authorise consent to data sharing with an Accredited Data Recipient (ADR). When the joint account is ‘enabled’, any Open Banking data sharing authorisations created by one account holder are taken to have been pre-approved by all account holders. This means that any joint account holder can authorise Bank of Melbourne to share data on the joint account with an Accredited Data Recipient (ADR), without requiring further approval from any other joint account holder, when Bank of Melbourne receives a valid data sharing request from an ADR in respect of that joint account. This is despite any existing banking authorities that apply to the joint account (e.g., 'more than one to sign', etc).
3. Any joint account holder can at any time view the joint account's data sharing option or change it to disabled at any time through the online consent dashboard in Internet Banking. Once the data sharing is set to disabled:

(a)    data sharing will cease for the joint account with respect to any existing data sharing authorisations;

(b)   no joint account holder will be able to share data from that account;

(c)    any subsequent request made on the online consent dashboard in Internet Banking to enable data sharing on the joint account will need to be approved by all joint account holders within a specified period of time.

Joint account holders will always be notified whenever the data sharing status of the joint account changes.

The organisation may nominate as many Nominated Representatives as they would like through the Nominated Representative form.

Note, each Nominated Representative must have individual access to Internet Banking and will access the Consent Portal on behalf of the Organisation via their own credentials. 

The Nominated Representative must meet eligibility criteria i.e. be 18 years, have internet banking access.

Nominated Representatives will act on behalf of the Organisation, to grant, amend and manage authorisations to share data with an ADR. All nominated representatives will have the same view of the Organisation's dashboard and can manage authorisations even if they were not originally initiated by them.

Bank of Melbourne will continue to share data unless another Nominated Representative removes the authorisation or the consent expires. If all Nominated Representatives are removed, Bank of Melbourne will stop sharing data with the ADR. 

Westpac Group has been approved by the ACCC as an Accredited Data Recipient under the Consumer Data Right/ Open Banking. At this stage Bank of Melbourne is not receiving Open Banking data from other banks. Ultimately Open Banking should result in customers getting better access to products that meet their needs. We are excited about the possibilities from Open Banking and over time we expect to allow customers to use Open Banking to more easily bring their banking data from other banks to Bank of Melbourne. In the meantime, your Bank of Melbourne banker is able to discuss suitable products with you and assist with data required from other financial institutions to support your needs.

As Bank of Melbourne launches services that make use of Open Banking, we will provide information to help customers use these services including transferring their Open Banking data from other banks to Bank of Melbourne. We will continue to update this internet page with updates as further data sharing services become available.