Would you use a service like this?

@bunkai they're regulated by ASIC and the Privacy Act, in the same manner that the banks are. They use the same types of encryption that the banks do. If they were storing clients private information they'd find themselves out of business very quickly and their directors on the wrong side of the law.

It is convenient for the broker. The borrowers loan also gets approved faster and they've got less work to do. If borrowers don't want to use this sort of service, no problem. It saves the broker some money and costs the borrower time and effort to get the statements right.

 

Peter how are they regulated by ASIC?

 

They are storing the statement data and potentially your internet banking login+password. I think that is private information but I guess that could be debated?

 

Do people have the same security concerns regarding bank data feeds into say Xero or MYOB?

I think we send so much information around these days via email etc. and do internet banking across mobile and other devices that the security these days is fairly robust. I think that if the product was endorsed by a 'trusted advisor' like a mortgage broker etc. then I would be ok with using the service.

I'm sure these sort of providers need to go through various security audits to ensure they remain compliant.

 

^^^^^^^^^^^^
Exactly. I cant see how its different to Xero or Myob etc

 

This sort of service is essentially a simple computer program that logs onto your internet banking using your username and password, automatically navigates through your accounts, and extracts the relevant information. This is known as website scraping. It's not technically complicated and most ComSci uni students (and even some savvy high school students) would be able to do it, so it's not necessarily done by a well run and reputable company. It's not a financial service, and I can't see any reason why ASIC would be involved in any way.

Xero and MYOB have agreements with the banks where customers can authorise a "data feed". This basically is a feed of account transactions to Xero's or MYOB's company servers, and the customer's software then connects to Xero or MYOB to access the data. These feeds are usually read-only. Using these web scraping services requires your username and password, which gives full access to everything that you can do. If it were misused they could drain your funds, set up new accounts, and apply for loans and credit cards. There is a very big difference between providing carte blance access to a scraper compared to a business data feed such as Xero and MYOB.