Woman smiling as she reads through the CDR policy on a laptop

Share your banking data with accredited organisations

Learn how the Consumer Data Right (CDR) lets you safely share Regional Australia Bank data with accredited providers.

Manage your data sharing via the CDR Dashboard

You can manage and amend all your consents 24/7 within Internet Banking – go to Settings, Data Sharing

Read our CDR Policy

Find out more on how we handle your data in our easy-to-read policy. You can request a printed copy at any of our branches. Effective date as at 30 May 2025.

cdr-policy-01-our-policy

What is the Consumer Data Right?

The Consumer Data Right (CDR) gives you more control over your data and allows you to easily access better products and services.

PRC202ValueCommunity


How does Regional Australia Bank participate in the CDR?

  1. We share your data with others.
    If you bank with us, we hold your data. When you give us permission, we can share your banking data with other approved parties.
  2. We can collect your data from others.
    We are an accredited data recipient. However we don’t currently provide any active services in this area.
rab338_cdr_step2_A-cropped

If you ask us to share your banking data

You can request us to share your Regional Australia Bank data through any accredited CDR Data Recipient.

We do not charge for this service.

rab338_cdr_step2_B

Data we can share with your permission

We accept requests to provide the following types of data; this is known as 'required data'.

  • Name and contact details.
  • Transaction details.
  • Account balance.
  • Direct debits and scheduled payments.
  • Saved payees.
  • Product information.

How to share your Regional Australia Bank data

You authorise

We'll always make sure we get your permission before sharing your CDR data

We share

We’ll confirm with you when your data has been shared.

You control

You can manage and amend all your consents 24/7 within Internet Banking – go to Settings, Data Sharing

We can collect your data from others

We are an accredited data recipient. However we don’t currently provide any active services in this area.

CDR%20Policy_DataShare1

Your data, your control

You have full control over your data. Here's what you need to know.

cdr-policy-02-things-you-should-know


You are in control of your data

  • We will confirm what data you have asked us to share.
  • We will not sell your data to anyone.
  • We won’t give your data to any third party without telling you first and asking for permission.
  • You can view and cancel your consent at any time.
  • If you cancel consent, we will delete all your data. Cancelling consent might impact a service provided by a CDR recipient.
  • We may need to keep some information for a period of time under  Australian law.
  • We will remind you every 90 days of any active consents.




Managing your data

View and change your consents

We provide a secure dashboard where you can view and revoke the consents you’ve given to us.

Here you can see

  • When you gave consent
  • When consents expire
  • When we collected data

You can access it anytime at: https://dashboard.cdr.regionalaustraliabank.com.au/

Stop sharing your data

  1. Go to your dashboard
  2. Follow the prompts to cancel. There are no penalties for withdrawal of consent.
  3. We’ll confirm via the dashboard, that we’ve stopped sharing your data




Appoint a representative

  • You can ask someone else to manage your data sharing
  • Use the dashboard to nominate a representative
  • Or appoint an authority on your Regional Australia Bank accounts. For more details, see our Account and Access Facility Conditions of Use on our website.
  • We’ve built our CDR technology with security at it's core. We follow best practices to protect your data.
  • We collect and store all CDR data in our secure banking environment. We use professionally managed, monitored, and tested infrastructure in Australia.




If a security breach occurs we:

  • Contain the data breach to prevent any further leak of personal information.
  • Assess the data breach by gathering the facts. Then check the risks of potential harm to affected consumers and take action to reduce any risk of harm.
  • Notify members that are impacted by an incident. If the breach is an ‘eligible data breach’ under the Notifiable Data Breach scheme, we will also notify the Office of the Information Commissioner.
  • Review the incident and consider what actions we can take to prevent future breaches.
  • More information

Your data and third parties

To improve our services, we may use services from some Australian- based third parties.

We will de-identify your CDR data by hiding your name and account details before we share it with these third party service providers.

cdr-policy-03-third-parties
  • We only use suppliers that have a written agreement with us to follow our terms and conditions.
  • Our CDR environment maintenance provider follows a strict confidentiality agreement.
  • Any third parties we use for CDR will also delete all your data once it has been used for the purpose you agreed to.
  • We don’t use overseas providers for CDR data.
  • We only store CDR Data in Australia.
  • In the future, if we engage any third parties to provide services to you we will update this policy to list the third party service providers and the types of data we share with them.

Accessing and correcting your data

You have the right to ask us for your CDR data at any time. If any of your CDR data is wrong, you have the right to ask us to correct it.

As a Data Holder let us know, and we’ll do our best to fix it right away. We will keep you informed throughout the entire process, starting with an acknowledgement of the receipt of your request.

cdr-policy-04-shared-data-min

Within 10 days of receiving your request, we will let you know the outcome of any CDR data correction requests you make of us, electronically. This information will;

  • Indicate what we did in relation to the request.
  • Indicate why we did not comply with the request for correction.
  • Set out the complaint mechanism available to you.
  • If the source of your CDR data is with other Data Holders, and you believe it is wrong, you have the right to ask them to correct it.

If you believe that your CDR data that we hold is incorrect, you can ask for it to be updated by:

Have your say

If you're not satisfied in any way, please tell us about it so we can make things right.

cdr-policy-05-have-your-say-min



How to make a CDR related complaint

Regional Australia Bank offers our members an internal complaint and dispute resolution procedure that is readily accessible and free of charge.

  • Report a complaint to any staff member of Regional Australia Bank.
  • Your complaint will be handled in line with our internal dispute resolution policy, which you can find on our website. If at all possible, the problem will be resolved immediately. If this is not possible, your problem will be referred to a supervisor or manager, who will try to resolve the problem by the next business day.

If you aren’t satisfied with our conduct or service, you can make a complaint by:

  • Visiting your nearest branch and talk to a staff member during the branch's business hours.
  • Calling us on 132 067
  • Using our Contact Us form online
  • Emailing us at
  • Contacting us by Mail at PO Box U631 Armidale 2351


What information you need to tell us

Tell us that the complaint relates to your data and details of the issue.

The possible resolutions available to you will depend on the nature of your complaint (for example, correcting any incorrect or out-of-date records)

If your complaint is not resolved within 5 business days, you will receive an acknowledgement letter which will provide you with a reference number for your complaint.

Our aim is to have your complaint resolved in a timely manner but may take up to 21 days.

We will contact you to notify you of the outcome.

You are not obliged to pursue a dispute with us using our internal dispute resolution procedure. If you do use our procedure, you may still commence legal proceedings against us before, after or at the same time.

Find out more about how we handle complaints on our website: Feedback and Complaints Policy.



What further options do you have?

As we are members of the Australian Financial Complaints Authority (AFCA), if you are not satisfied with the final outcome of your complaint, you may pursue the matter further with AFCA.

AFCA provides an external and impartial process for resolving disputes for financial institutions and insurance companies. You can lodge a complaint with AFCA free of charge.

Once a complaint has been made to AFCA, they will contact Regional Australia Bank directly to begin investigations. You can contact AFCA on:




How we handle complaints

  • Regional Australia Bank offers our members an internal complaint and dispute resolution procedure that is readily accessible and free of charge.
  • You can report a complaint to any staff member of Regional Australia Bank. Your complaint will be handled in line with our internal dispute resolution policy, which you can find on our website. If at all possible, the problem will be resolved immediately. If this is not possible, your problem will be referred to a supervisor or manager, who will try to resolve the problem by the next business day.
  • Our aim is to have your complaint resolved in a timely manner but may take up to 21 days.
  • What information do you need to tell us: that the complaint relates to your data and details of the issue.
  • The possible resolutions available to you will depend on the nature of your complaint (for example, correcting any incorrect or out-of-date records)
  • If your complaint is not resolved within 5 business days, you will receive an acknowledgement letter which will provide you with a reference number for your complaint.
  • We will contact you to notify you of the outcome.
  • You are not obliged to pursue a dispute with us using our internal dispute resolution procedure. If you do use our procedure, you may still commence legal proceedings against us before, after or at the same time.
  • If the complaint is about how we have handled your personal information and you are not happy with the way in which the complaint was handled, you can lodge the complaint with the Office of the Australian Information Commissioner (OAIC).
  • You can also lodge a complaint with the OAIC if we do not respond to your complaint within 30 days or if you are not happy about the response you have received from us.
  • The complaint must be in writing and can be lodged online.
  • Find out more on the OAIC website.

Role of the OAIC in external complaints

  • The OAIC acts as an impartial third party when investigating and resolving a complaint.
  • After lodging your complaint, an OAIC representative will correspond with Regional Australia Bank on your behalf. Following this, the OAIC may have to ask you for more information or request your consent to disclose your personal information to a third party. You will be consulted with throughout the entire process.
  • If a mutually agreed resolution cannot be reached, the OAIC will make a formal decision about the complaint.

Good on you

You just took the first step towards taking control of your data!

cdr-policy-06-done-min
  • Our CDR Policy is also available to download as a PDF, and you can request a printed copy at any of our branches.
  • Download policy (PDF).
  • Effective date as at 30 May 2025.