Designation of the banking sector - Open banking
The Customer and Product Data (Designations for Banking and Other Deposit Taking) Regulations designate the banking sector under the Customer and Product Data Act. The regulations enable and accelerate ‘open banking’, which is a system that enables banks’ customers to share their banking information with trusted third parties, such as fintechs. It also enables accredited persons to initiate payments on behalf of customers, if they have the customer’s authorisation.
On this page
MBIE is currently consulting on draft Customer and Product Data (Banking and Other Deposit Taking) Standards. Submissions are due 5pm, 27 October 2025.
The Customer and Product Data (General Requirements) Regulations 2025 set out additional requirements relating to accreditation criteria and other matters. The regulations come into force on 1 December 2025.
What the regulations do
The regulations will improve New Zealanders’ ability to digitally share their banking data with other businesses, such as fintechs, to enable new and innovative low-cost services, such as payments and accounting software.
The 5 largest banks in New Zealand have begun implementing a voluntary standardised system for sharing banking data. This system has been designed collaboratively between banks and digital technology companies under the auspices of the API Centre, which is part of Payments NZ.
The regulations accelerate this industry-led work and ensure that open banking occurs in a secure and regulated fashion. The regulations fulfil a recommendation from the Commerce Commission in its report on banking competition in 2024
Market study into personal banking services(external link) — Commerce Commission
Read the regulations:
Customer and Product Data (General Requirements) Regulations 2025(external link) — legislation.govt.nz
Read the factsheet summarising the contents of the regulations:
The Customer and Product Data (Designations for Banking and other Deposit Taking) Regulations:
- Designate ASB, ANZ, BNZ and Westpac as ‘data holders’ on 1 December 2025; Kiwibank as a data holder with respect to payments on 1 June 2026 and with respect to account information on 1 December 2026; and allow other deposit-takers to opt-in to being data holders
- Set out that ‘relevant accounts’ include all transaction, savings and loan accounts provided by the data holders that are denominated in New Zealand dollars, and for which customers already have access through an electronic facility (e.g. online banking)
- Set out that ‘designated data’ with respect to each relevant account includes the customer’s name, contact details, and whether they are a joint or sole customer; and the account’s number, names, currency, type (e.g. transaction versus savings account), balance, transactions, and statements
- Set out that ‘designated actions’ will include the initiation of payments, so long as those payments are made using the bulk electronic clearing system, in New Zealand currency, and only require authorisation of a single customer
- Allow banks to set payment limits on the dollar amount of open banking payments, provided the limit is not less than what the bank sets through online banking
- Set out classes of accreditation status that a data requestor may apply for
- Provide time-limited partial exceptions for ASB, ANZ, BNZ and Westpac (detailed below).
The Customer and Product Data (General Requirements) Regulations 2025:
- Require data holders to give access to accredited requestors within 20 working days of the requestor submitting written notice to the data holder and providing the necessary information
- Prohibit data holders from charging accredited requestors for providing open banking
- Require data holders to enable customers to give permission to other individuals to act as ‘secondary users’ who can approve data-sharing and payments from the account
- Set out accreditation criteria for data requestors in addition to those provided for in the Act, covering insurance, dispute resolution, and adequate safeguards
- Set out that accredited requestors must report significant changes to their business to MBIE
- Set out that accredited requestors must notify customers about any active authorisations every 12 months, and inform customers how to revoke authorisations
- Allow MBIE to share relevant information with the Financial Markets Authority and the Registrar of Financial Service Providers.
Under the unregulated system, there was concern that some banks were charging fintechs too much for requests for customer data. This may have been impacting the commercial viability of certain products and services, such as those involving frequent, small payments or data requests. While the Government had initially proposed to cap bank charges, new information and public feedback made it clear that some valuable use cases would not be viable if providers were charged up to the capped amount. We also looked at international best practice, noting that banks have been prohibited from charging for basic requests in the UK and Australia. In considering this and weighing up options, the Government decided that charges should be prohibited. This will help to ensure that New Zealanders will not miss out on valuable products and services.
Fees and levies under the Customer and Product Data Act
The Government has also agreed to the fees and levies that will apply under the Customer and Product Data Act to make the system fiscally neutral for taxpayers. These will be set in regulations that are being developed and will be published soon. Businesses applying to be accredited requestors will be required to pay an application fee:
| Application to become accredited | Application to renew accreditation | |
| Intermediary | $2,000 | $1,700 |
| Non-intermediary | $1,500 | $1,000 |
The 5 banks and accredited requestors will also be required to pay an annual levy that will recover the remaining costs of the system. Accredited requestor annual revenues are calculated as New Zealand gross revenue of the accredited requestor and its corporate group.
| Data holder (bank) | |
| Assets exceeding $100 billion | $1,248,700 |
| Assets between $20 billion to $100 billion | $578,000 |
| Assets between $1 billion and $20 billion | $192,000 |
| Assets not exceeding $1 billion | $63,400 |
| Accredited requestor | |
| Annual revenue exceeding $100 million | $85,000 |
| Annual revenue between $10 million and $100 million | $32,000 |
| Annual revenue between $1 million and $10 million | $10,000 |
| Annual revenue not exceeding $1 million | $1,300 |
Timeline and key documents for the open banking regulations
Pre-2020
In 2017 and 2019, former Ministers of Commerce and Consumer Affairs wrote to New Zealand’s banks to encourage them to advance sector-led initiatives for open banking.
2024
From 29 August to 10 October 2024, MBIE consulted on policy settings for banking regulations under the Customer and Product Data Act.
-
Consumer Data Right – Release of Banking and Electricity Discussion Documents [PDF 156KB]
-
Consumer Data Right – Release of Banking and Electricity Discussion Documents – Minute of Decision [PDF 165KB]
-
Discussion paper — open banking regulations and standards under the customer and product data bill [PDF 925KB]
-
Summary of the potential banking designation under the customer and product data bill [PDF 520KB]
2025
In April 2025, Cabinet agreed to the overarching policy settings for banking regulations under the Customer and Product Data Act. In August 2025, MBIE released an exposure draft of these regulations.
We received 20 submissions:
We also procured advice from an expert in Māori Data Governance:
Māori data governance expert advice on open banking [PDF, 623 KB]
In September 2025, Cabinet agreed to the policy settings for fees and levies that will recover costs of the Customer and Product Data Act. In October 2025, the Government made the Customer and Product Data (Designation of Banking and Other Deposit Takers) Regulations and the Customer and Product Data (General Requirements) Regulations. Also in October, MBIE consulted on draft standards.
-
Customer and Product Data Regulations banking designation and general requirements [PDF 125KB]
-
Customer and Product Data Regulations banking designation and general requirements - Minute of Decision [PDF 135KB]
-
Customer and Product Data Act – Proposed Fees and Levies for Regulated Open Banking [PDF 236KB]
-
Customer and Product Data Act – Proposed Fees and Levies for Regulated Open Banking – Minute of Decision [PDF 271KB]
-
Designating banking under the Customer and Product Data Bill [PDF 192KB]
-
Designating banking under the Customer and Product Data Bill – Minute of Decision [PDF 175KB]
-
Regulatory Impact Statement and Stage 1 Cost Recovery Impact Statement: Designating the banking sector under the Customer and Product Data Bill [PDF 2.6MB]
-
Exposure draft of Customer and Product Data (Banking and other Deposit Taking) Regulations 2025 [PDF 190KB]
-
Exposure draft of Customer and Product Data (General Requirements Regulations) 2025 [PDF 157KB]
Read the press release for open banking policy decisions:
Better banking competition one step closer for Kiwis(external link) — beehive.govt.nz
Read MBIE’s consultation on draft Customer and Product Data (Banking and Other Deposit Takers) Standards, 13 – 27 October 2025:
Consultation on standards – Customer and Product Data Act 2025
Key documents relating to the economy-wide Customer and Product Data Act
Please email us if you would like to be added to our mailing list to receive updates on regulations and standards under the Act: consumerdataright@mbie.govt.nz