Improving your firm’s cyber security by embracing the CDR and Open Banking

Aug 30, 2023 | Uncategorized

Having access to your business clients’ banking data is a priority for any accounting firm. With this financial information available in your practice systems, you’re in an excellent position to offer deep insights, cost-savings and improved financial management for your clients. But relying on bank feeds and screen-scraping technology to do this comes with certain risks.

Mitigating risk and improving your firm’s cyber security will always be top of your to-do list. So, could there be a better way to access your clients’ data?

Let’s explore:

  • The potential downsides of using screen-scraping for your bank feeds
  • The plus points of embracing Open Banking and the CDR legislation
  • How ACSISS offers you a secure way to make the best of client data

The potential downsides of using screen-scraping for your bank feeds

Having live bank feeds that integrate into a cloud accounting platform like Xero, QuickBooks or MYOB was a gamechanger for accounting firms. Suddenly you had near-to-real-time access to all your client’s bank transactions, line by line and pulled through to the general ledger.

But getting these bank feeds set up has always relied on the good will of the major banks and the integration of your client’s particular bank accounts with their accounting software of choice.

Because not all banks have made direct bank feeds available, many accounting systems have become dependent on the workarounds of password-sharing and screen-scraping technology. And both these approaches have their inherent risks.

Key downsides to using screen-scraping or password-sharing include:

  • Banks’ disapproval of screen-scraping – screen-scraping technology involves extracting data from banks’ websites, something that some banks consider a security risk and a violation of their terms of service. Because of this, banks may impose restrictions or even block access. This can be a serious problem, hindering your firm’s ability to retrieve accurate, up-to-date financial data for clients.
  • Limited data accessibility – when you use screen-scraping tech, you’re usually limited to the information available on the bank’s website. You may be able to access basic data for the client but not the more comprehensive financial data you need for detailed analysis and reporting. This restricts the depth and breadth of insights that the firm can deliver to clients, limiting the value and accuracy of your financial advice.
  • Poor data quality and insights – screen-scraping often results in incomplete, inconsistent or inaccurate data extraction. This limitation may compromise the reliability and usefulness of the financial reports and analysis you supply to clients. Poor-quality data hampers your ability to identify trends, patterns and anomalies, reducing the effectiveness and value of your client advice.
  • Risks of password sharing – when a client shares their banking usernames and passwords with your firm, this introduces significant security risks. If compromised, these credentials can lead to unauthorized access to sensitive financial information, potential fraud or even identity theft. It also places responsibility on the firm to securely store and protect client passwords, adding additional liability and potential legal repercussions.
  • Increased liability for accountantsif password-sharing or screen-scraping vulnerabilities led to fraud or financial mismanagement, the firm may become liable. You could face legal and financial consequences and be held accountable for any negligence in data security or breach of client confidentiality. This may be damaging for the firm’s reputation and could, potentially, lead to legal disputes.

The plus points of embracing Open Banking and the CDR legislation

Open Banking is still a relatively new innovation for Australian firms and their clients. But with the evolving rollout of the Consumer Data Right (CDR) legislation, it’s becoming easier than ever to access client data in a way that reduces risk and adds to data quality.

Under the CDR rules, your clients can instruct their bank to securely share their banking information with you, without any password-sharing or screen-scraping.

This is valuable for a number of key reasons:

  • Safer data access under Open Bankingusing Open Banking, via the CDR legislation, offers a safer and more reliable alternative to screen-scraping. It allows your firm to access client financial data securely through Accredited Data Recipients (ADR) and the banks. This ensures a high standard of data integrity and compliance with privacy regulations.
  • Reduced security risks – Open Banking eliminates the need for password-sharing and screen-scraping, significantly reducing the risk of data breaches and unauthorized access to clients’ bank accounts. Secure APIs and consent-based data-sharing help you maintain strong data security measures and protect clients’ sensitive financial data.
  • Better data accessibilitywith Open Banking, your firm can access a broader range of financial data directly from banks. This includes transaction details from a wide variety of account types, including credit cards, loans and term deposits.. With enhanced access to this data, you can offer more detailed financial analysis, reporting and forecasting to your clients. That’s a boost to your ability to add value as an adviser and to make the firm stand out in the marketplace.
  • Improved efficiency and automation – with Open Banking you have seamless data integration between your accounting software and your clients’ banks. This eliminates the need for manual data-entry and bank reconciliation. By streamlining your processes, cutting data-entry time and minimizing errors, your team can focus on value-added tasks like financial analysis, business advisory and strategic financial planning.

How ACSISS offers you a secure way to make the best of client data

ACSISS by SISS Data Services is the simplest way for your firm to embrace Open Banking. 

ACSISS Adviser overcomes the issues of screen-scraping, password-sharing and missing data associated with traditional bank data feeds. ACSISS is provided by SISS Data Services, an Accredited Data Recipient, so you can be sure your clients’ data is in safe hands at all points in the process.

With ACSISS Adviser, you can:

  • Securely receive your clients’ data – collect your clients’ transaction data from banks and other financial institutions without needing their online banking credentials or passwords. Your clients simply share their data with you via ACSISS My Data
  • View all the client data you might need – receive all of your clients’ transaction data every day, giving you the information the firm needs to add true value for clients. 
  • Export clients transaction data – export clients’ transaction data for use in accounting and other systems, or simply extract the info as a data file (e.g. CSV).

With data security such a hot topic, now’s the time to tighten your firm’s cyber security

Get the lowdown on ACSISS Adviser and strengthen your security with Open Banking.

We’re always happy to help

Get in touch today
Contact Us

Contact Us

Address: 5/31 Hume Street Crows Nest NSW 2065
Phone : (02) 9299 4547
Fax : 02 9439 4663
E-mail: sales@siss.com.au
Post: Locked Bag 3060 Crows Nest, Sydney NSW 1585

Overview

ACSISS is a range of solutions that enable bank customers to securely share their transaction data.

ACSISS is provided by SISS Data Services,  Australia’s leading independent provider of secure, bank-approved data. SISS Data Services receives direct data feeds from all major retail banks, and is an Accredited Data Recipient for Open Banking under the Consumer Data Right (Accreditation number: ADRBNK000158),

Quick Links

Copyright© SISS Data Services Pty Ltd. All rights reserved