Data security has become even more imperative in an era of rapid financial and technological evolution.
For accountants and bookkeepers, choosing the right method for accessing sensitive financial data is not just about convenience. It’s important to safeguard against cyber threats and ensure all the data is correct.
Here, we question how secure the accounting and bookkeeping profession is when using current screen-scraping technology to access client bank transaction data. We also reveal how the new Open Banking system will better protect the profession, and our clients.
End of an era? Bank investment in Open Banking signals a big change.
There’s no mistake that accountants and bookkeepers are frustrated by current technology to access transaction data, putting up with:
- Gaps in data. This is the biggest burden. Not all data is accessible. Neither are all bank accounts. Without the full picture of business transaction data accountants and bookkeepers can’t do their job properly.
- Limited historical data. When onboarding new clients, there’s utter frustration when transaction data is often limited to just 3 or 6 months back.
- Third-party software raising security concerns. With the rise of cyber fraud, it’s difficult to justify using software providers that keep client bank passwords on file to access bank information.
Prompted by new Open Banking legislation, banks are finally backing a new approach. They’re investing hundreds of millions in new technology to enable bank-approved sharing of transaction data that will give accountants and bookkeepers complete and safe access to all data agreed to by the client with a simple click of a button.
That technology is now accessible to every Australian. However, accessing it isn’t mandated yet. Though, with the federal government taking steps toward phasing out the old technology, and banks investing big in the new technolgy, it’s a clear signal that Open Banking will be the new approach, and that the time to switch is here.
The problem with screen-scraping technology.
Screen-scraping has long been a favoured method for accountants and bookkeepers to access client bank transaction data. This technique uses automated scripts to mimic user interactions with a bank’s website to extract financial data.
While it may appear efficient, screen scraping comes with a host of security vulnerabilities that cannot be ignored.
When using screen-scraping based data feeds, accountants and bookkeepers are asking their clients to disclose their bank passwords to third party applications – a practice that poses serious ethical and security concerns.
- Security Concerns: Disclosing bank passwords to third parties is inherently risky. It exposes clients to the possibility of identity theft, fraud, and unauthorised access to their financial information.
- Ethical Dilemma: Encouraging clients to share their passwords goes against ethical guidelines and professional standards in the accounting and bookkeeping profession.
- Liability: By endorsing or facilitating the sharing of bank passwords, accountants and bookkeepers could potentially open themselves up to legal liability if any issues or breaches occur as a result.
- Loss of Trust: Such practices erode trust between clients and their advisers. Clients may feel uncomfortable or hesitant to work with professionals who ask for sensitive login information.
Sharing passwords compromises the clients’ financial security and exposes accountants and bookkeepers to potential legal repercussions in the event of a data breach.
Lack of Transparency and Inconsistency of Access.
The reliability of screen-scraping also isn’t assisted by the dynamic nature of banking websites, which makes their scripts quickly obsolete. As banks update their website layouts and security protocols or add new layers of authentication, screen-scraping scripts have the potential to break, leading to incomplete or inaccurate data extraction.
The data received can be unreliable, leading to difficulties trying to analyse the financial data and reporting is based on warped and erroneous information.
The Innovative Alternative of Open Banking
Open Banking has many benefits, with enhanced security being significant among them. Open Banking is enabled by new Consumer Data Right (CDR) legislation that prioritises security.
Through a new government and bank approved portal, transaction data can be accessed that uses advanced encryption and authentication mechanisms to protect financial data. This gives accountants and bookkeepers peace of mind when accessing sensitive information.
This can be accessed only with explicit consent from users – allowing nothing to be lost in translation.
Gone are the days of potential legal repercussions of sharing login details, as we welcome a solution that is rooted in security.
Open Banking and Additional Layers of Security.
A significant security benefit of Open Banking lies in its regulated consent process. Users can grant specific permissions for data access, ensuring that only relevant information is shared.
This contrasts sharply with screen-scraping technology, where all credentials are shared, potentially creating unnecessary security vulnerabilities and placing an accountant or bookkeeper in difficult situations.
Extra Protection through Accreditation.
Open Banking is enabled by data providers to connect the open banking network and securely deliver data to clients’ trusted accountants and bookkeepers. Overseeing those providers chosen for this important role is the Australian Customer and Consumer Commission (ACCC).
SISS Data Services has undertaken a strict and complex approval process to become an Accredited Data Recipient (ADR), which protects trust in our industry to deliver secure services for clients.
Open Banking supports the accounting and bookkeeping profession’s dedication to safeguarding sensitive client data.
It’s quick and easy to get started.
It just takes one simple step for accountants and bookkeepers to register for ACSISS Adviser by SISS Data Services. Once registered, the accountant and bookkeeper then sends an email link to the client. The client then takes two simple steps to give approval to access their data. No password sharing. No paperwork. It’s quick, easy, and secure.
So why wait? You can utilise ACSISS Adviser by SISS Data Services today to ease the process for you.