Contino Helps NAB and UBank Deliver the Consumer Data Right
National Australia Bank (NAB) is the second largest financial institution in Australia in terms of market capitalisation and is ranked the *22nd largest bank in the world. Today, the bank has more than 30,000 people serving 8 million customers at more than 900 locations in Australia, New Zealand and around the world.
UBank is a digital bank subsidiary of NAB. Established in 2008, UBank has no physical branches, providing savings products and home loans.
NAB and its digital brand, UBank, provide customers with access to their own credit and debit card, and deposit and transaction accounts data, under the Consumer Data Right (CDR). To meet set deadlines and industry targets as part of the CDR scheme, NAB and UBank needed to rapidly mobilise a team capable of building the translation layer and APIs specified by the CDR Standards framework, and adhere to security needs within a rapidly evolving environment.
A challenge of making credit and debit card, and deposit and transaction account data readily available, was the need to interface with multiple systems of record. Achieving this required working closely with service teams to address gaps between Consumer Data Standards (CDS) requirements and data available from existing backend services.
Additionally, NAB needed to comply with technical standards set by the Data Standards Body (DSB) from 1 July 2020 across four workstreams: API standards; information security standards; consumer experience standards; and engineering. The CDS Security Profile required obtaining consent from bank customers before sharing data with ADR. This is built on top of OAuth2, OIDC and FAPI standards. Having customer consent was determined as a key plank of managing customer data for the bank, regardless of CDR. Consent was built as a standalone business service that can cater to multiple use cases within the bank.
The CDR technical standards specify how the accredited parties within a sector comply with the requirements of the rules. Developing frameworks and processes to comply with these technical standards was a challenge in a complex, highly regulated environment alongside a tight timeline.
NAB chose Contino as its delivery partner following the success of its '30 in 50' migration program with the specialist DevOps consultancy. Contino was selected to work closely with NAB to establish a dedicated team that comprised specialists from both firms with expertise in cloud-native software engineering, test automation, cloud infrastructure automation, deployment and management.
To date, this cross-functional team has successfully delivered:
- API functionality as outlined by ACCC over several release cycles, including;
- October 2019 - NAB products API
- July 2020 - NAB simple accounts
- Nov 2020 - NAB complex ownership data sharing
- Feb 2021 - NAB closed accounts
- July 2021 - Ubank simple accounts
- Sept 2021 - Foreign currency accounts
- Nov 2021 - NAB business accounts and Ubank complex ownership data sharing, closed accounts
- An accelerated initial build of a highly secure, cost-efficient and scalable platform using Amazon Web Services components: AWS Lambda, Amazon RDS and Amazon Elastic Container Service.
- An agile, cross-functional DevOps team composed of both Contino and NAB members collaborating together with a unified goal.
- Rapid deployment rate using a CI/CD pipeline to build, deploy and test software from start to finish to reduce churn and improve the frequency of releases.
- Microservice architecture of services delivered.
- Baked in test cases within the CICD pipeline to validate releases.
- Integration with ACCC test harness.
- Integration into enterprise eventing platform (Kafka) for compliance data capture and supporting system integration.
- Creation of a reusable, consent mini-app (micro front-end), used across several digital channels to end-customers. This consent mini-app is one of the most reused mini-apps within NAB.
The Business Outcome
NAB has now completed the first several stages of CDR and is well on its way to delivering the remaining road-mapped and to-be-determined CDR features to its customers in 2022 and beyond.
Some examples of immediate and tangible benefits for NAB include:
- An established toolset and team to continue to manage, update and improve Open Banking APIs in a rapid and controlled manner.
- The delivery of phase 1, 2 and 3 CDR services within the timelines stipulated by the ACCC.
- Minimal, load-driven operational costs by using cloud and request-driven services that incur charges only when used, rather than the overhead of pre-provisioned resources leveraging NAB’s Engineering Framework (NEF).
By establishing a collaborative relationship between Contino and NAB teams, the teams were able to significantly cut down the time traditionally needed to deliver the first release of open banking APIs.
“A competitive and innovative financial services industry is critical to ensuring great customer outcomes, and the growth of the economy more broadly. To help us deliver open banking, we invested heavily in our technology foundations. With the help of partners like Contino, we’ve been able to navigate the challenges and complexity of delivering open banking for customers, which very few countries in the world have done. We know it will take time for customers to develop familiarity, trust and understanding in the system, and we’re continuing to employ a test and learn approach to refine propositions that best meet our customer’s needs.”
Damian Fitzgibbon, Executive Enterprise Digital Platforms, NAB
*Ranking as of 26 April, 2022