What is Open Banking?

Open Banking is the first phase of an Australian Federal Government initiative called the Consumer Data Right (CDR) which enables the safe and secure transfer of consumer data. Open Banking gives you the right to direct IMB to share your CDR data securely with other parties you trust – like other banks, financial apps or budgeting services you use.

Sharing your CDR data can help you:

  • compare other banking products and services to your existing arrangements
  • access up-to-date data from multiple financial institutions in one place
  • get a clearer picture of your overall financial position.


Who can share CDR data?

To be able to share your CDR data with an accredited third party, you must:

  • be at least 18 years old;
  • have Internet Banking set up;
  • have provided IMB with your mobile number; and
  • hold an IMB product that is eligible for data sharing.


What CDR data can I share?

If eligible, you’ll be able to share your customer, account, transaction, scheduled payments, direct debits, and payee history data for the following types of accounts:

  • Where you are the sole account holder;
  • Where the account is a personal savings or transaction account, a term deposit, a credit or charge card account, a mortgage or personal loan, a business loan, overdraft or line of credit; and
  • Where the account is open or was closed in the last 2 years.


What Products are Available?

From 1 February 2022, eligible IMB members can request us to share their CDR data for certain IMB products including their IMB savings and transactional accounts, term deposits, credit cards, home loans, personal loans, business loans, overdrafts, lines of credits and numerous other products. However, IMB was recently granted an exemption by the ACCC from making available and providing CDR data in relation to its Retirement Savings Accounts (RSAs).

IMB's CDR Policy

This document provides more information about CDR data sharing and how it works, including privacy and security information and how to make a CDR complaint.

Download our Consumer Data Right Policy (PDF)


How to set up and manage CDR data sharing

Step 1

An Accredited Data Recipient sends us a request to start sharing your IMB data 

Step 2

You enter your member number and we send a OTP via SMS for authentication

Step 3

We present the accounts available to share your CDR data. You authorise which accounts, for how long and what type of CDR data you want to share

Step 4

We then notify you by SMS that your consent has been provided to share your CDR data.

Managing your CDR data sharing preferences

You can view or withdraw your consent for your CDR data sharing arrangements at any time through Internet Banking. You can also manage your sharing preferences by calling us on 133 462. 

Third Party Products

IMB Mastercard* - To start the authorisation process, you will need to go through the Accredited Data Recipient (ADR) you wish to share your CDR data with. Through their CDR data sharing portal, you will be connected to the Citi authorisation portal to provide your authorisation.

*MasterCards are issued by Card Services which is a division of Citigroup Pty Limited ABN 88 004 325 080 AFSL No. 238 098 Australian Credit Licence 238098 that provides and administers credit on behalf of IMB Ltd.


RSA Exemption

IMB has ceased offering RSAs to new members and the number of active RSAs is very low. IMB is therefore not required to develop the extensive technology infrastructure required to obtain and share the relevant CDR data for this product.



Only organisations accredited by the Australian Competition and Consumer Commission can collect and use your CDR data.

Check accreditation


Frequently Asked Questions

  When did IMB launch Open Banking?

On 1 Oct 2020 IMB commenced data sharing for product reference data via our public Open Banking Product Application Solution.  The number of products available for product reference data sharing expanded on 1 February 2021 and again on 1 July 2021, in line with the phased implementation of the Open Banking regulations. Product reference data can be used by third parties to make comparisons of products and prices across the market.

In November 2021 IMB commenced consumer data sharing (phases 1 and 2), allowing eligible customers to share their data with Accredited Data Recipients. Consumer data sharing gives consumers greater access to and control over their data. IMB will continue with the expansion of consumer data sharing in line with the phased implementation of the Open Banking regulations.

  Is Open Banking secure?

Yes. Customer data security is important to IMB and all requests to access your CDR data must be initiated by you, through a secure environment. IMB cannot do this on your behalf.

Accredited Data Recipients who are providing services by Open Banking must comply with privacy and security requirements and be accredited by the Australian Competition and Consumer Commission (ACCC).

  Can I opt out of Open Banking?
It is your choice to use Open Banking. Open Banking requires you to authorise any sharing of CDR data. If you change your mind, you can revoke your authorisation to share CDR data with ADRs at any time using your data sharing dashboard in IMB Internet Banking.
  How can I see who I have shared my CDR data with?
You can see who you are sharing your CDR data with, and what CDR data they have accessed using IMB Internet Banking.
  Using IMB Internet Banking 
  1. Log into IMB Internet Banking
  2. From the main menu, click the ‘Home’ menu and select ‘Data sharing’
  3. From the drop-down list select ‘Consents’
  4. The ‘Consents’ screen displays a list of all the accredited third parties you are sharing CDR data with now and who you have shared with in the past
  5. You can also click on an accredited third party to view its details
  Can I cancel my consent?

You cannot withdraw consent at an individual account level through IMB. You can only withdraw consent for all of a particular data sharing arrangement.

Once your permission for us to share your CDR data has been withdrawn, we will no longer share your CDR data and will provide you with a notification.

  How long does my consent remain active?

When creating your consent, you can select how long you would like it to stay active. A consent may be for a one-time share, or you may select a period of up to 12 months. The maximum time limit for consent to remain active is 12 months, before it will expire. If you would like to continue sharing CDR data once it has expired, you will need to create a new consent.

Some Accredited Data Recipients (ADRs) may also allow you to amend an active consent on your CDR data sharing accounts. By visiting the ADR’s app, you may have the option to extend a consent or change the accounts within the consent. This can only be activated through the ADR.

You may choose to create more than one consent or different consents for different accounts, depending on the CDR data you wish to share and the length of consent you would like to give.

  Why are some of my accounts not visible or unavailable to share?

That’s because you won't be able to share CDR data for joint accounts until 2022.

Meanwhile, other accounts may not be visible as you may have chosen not to have access to these accounts.

  Will I be charged a fee?

Under the Consumer Data Right legislation, we will not charge you to share your CDR data with an accredited third party.

We won’t charge an accredited third party to access your CDR data either.

  Will I have to share my password with a third party?

Giving your IMB Internet Banking password to a third-party breaches IMB's Internet Banking terms and conditions.

When you use open banking, you won't be asked for your banking password; a one-time password will be sent to your phone instead.

  Can I share CDR data from my Joint Accounts?

CDR data sharing for eligible joint accounts with two or more account holders is forecast to be available by 1 July 2022.

  Where can I go for further information?

For more details on the Consumer Data Right, please refer to IMB’s CDR Policy or visit cdr.gov.au


Information for developers

On 1 October 2020 IMB commenced sharing product data publicly through our secure application program interfaces (APIs). This includes information about the products we offer – including features, rates, fees, and charges related to these products. We do not accept requests for voluntary product data.

Learn more