This page covers Trusted Adviser (TA) disclosure consents as per the requirements in rule 1.10C and the associated consumer experience data standards.
Overview
The object statement in CDR rule 4.9 provides a strong foundation for giving and amending CDR consents.
Trusted adviser disclosure consents allow consumers to consent to an accredited data recipient, or CDR representative who holds their CDR data as service data, disclosing their CDR data outside the CDR system with certain professionals. These are professions that are considered to be appropriately regulated to receive CDR data, particularly due to consumer protection mechanisms that form part of their regulatory framework. This model facilitates access to relevant data for those working within these professions while ensuring that disclosure of data can only occur with a consumer’s consent.
In accordance with rule 1.10C, the accredited data recipient or CDR representative:
- can invite a CDR consumer to nominate one or more trusted advisers.
- has taken reasonable steps to confirm that the trusted adviser is a member of one of the classes outlined in rule 1.10C(2).
- must not make a trusted advisor disclosure consent a condition for supply of the goods or services requested by the CDR consumer, except where the only good or service that is requested by the CDR consumer is for CDR data to be collected from a data holder and provided to a trusted adviser.
For further guidance, see OAIC's Trusted advisers in the Consumer Data Right system.
Wireframes and guidelines
Note: The wireframes shown are examples of how to implement key rules, standards, and guidelines. Use the on-screen functions to adjust zoom level or expand the wireframes to be viewed at full screen.
Detached flow
The following wireframes show a basic example of a Trusted Adviser disclosure consent requested by an accredited data recipient. In this example,
- the collection/use consent has already been separately established, allowing a disclosure consent to be requested in a separate consent flow;
- the consumer has selected their preferred trusted adviser during consent.
This pattern could, for example, apply when an ADR provides a ‘data wallet’ service to a CDR consumer. In this hypothetical scenario, the consumer provides a collection and use consent to the ADR to locate and offer goods and services on an ongoing basis. For example, the ADR might identify a need for an accountant and offer this service to the consumer. If the consumer wants to proceed, they are first invited to select an accountant as a TA, and then provide a TA disclosure consent.
Equivalent rules for CDR representatives can be found in the CDR rules Division 4.3A.
Bundled CDR Consents
The following wireframes show a basic example of a Trusted Adviser disclosure consent requested by an accredited data recipient. In this example,
- the data recipient is then requesting a collection consent, a use consent, and a disclosure consent in a single consent flow;
- the consumer has selected their preferred trusted adviser during pre-consent.
This pattern could, for example, apply when the CDR consumer has a pre-existing relationship with a trusted adviser. In this hypothetical scenario, the consumer may be engaging with the TA face to face. The TA invites the consumer to share their data via the CDR. The TA may offer the consumer a device or direct link to the ADR's service. The consumer may not have a pre-existing relationship with the ADR, and may be using them for the sole purpose of disclosing their CDR data to their TA.
Equivalent rules for CDR representatives can be found in the CDR Rules Division 4.3A.
Download open source asset
Open source design assets are created in Figma for the purposes of assisting implementation. This Figma file contains annotated wireframes and working prototypes for Trusted Adviser disclosure consent, including:
- Detached flow
- Bundled CDR Consents
Item | File | Date released | Version introduced |
|---|---|---|---|
1CO3. Trusted Adviser disclosure consent v1.35.0.2025.09.15 | 1CO3. Trusted Adviser disclosure consent v1.35.0.2025.09.15.fig | September 15, 2025 | 1.35.0 |
For past versions, refer to Change log.
About this page
References
The artefacts on this page were informed by the following sources.
Title | Author | Date published | URL | Type |
|---|---|---|---|---|
Change Request 701: CX Guidelines | Data Language Standards changes stemming from CD367 | Data Standards Body (DSB) | June 6, 2025 | github.com | Consultations |
Change Request 700: CX Guidelines | Redirect to App (R2A) CX Guidelines Changes | Data Standards Body (DSB) | June 5, 2025 | github.com | Consultations |
Change Request 691: CX Guidelines | Expanding Amending BCDC CX Guidelines | Data Standards Body (DSB) | April 15, 2025 | github.com | Consultations |
Consultation Draft 367: March 2025 Rules - Draft Standards | Data Standards Body (DSB) | March 14, 2025 | github.com | Consultations |
Change Request 674: CX Guidelines | Updates stemming from 2024 Consent Review changes | Data Standards Body (DSB) | October 2, 2024 | github.com | Consultations |
Consumer Data Right Rules: consent and operational enhancement amendments consultation | The Treasury | August 9, 2024 | treasury.gov.au | Consultations |
Change Request 646: Clarify selection of Trusted Adviser in the CX Guidelines | Data Standards Body (DSB) | June 19, 2024 | github.com | Consultations |
Trusted advisers in the Consumer Data Right system | Office of the Australian Information Commissioner (OAIC) | January 15, 2024 | oaic.gov.au | Guidance |
Privacy Safeguard 12 | Office of the Australian Information Commissioner (OAIC) | November 20, 2023 | oaic.gov.au | Guidance |
Consumer Data Right rules – Consent Review and operational enhancements design papers | The Treasury | August 25, 2023 | treasury.gov.au | Consultations |
Disclosure Consent Research Report | Data Standards Body (DSB) | April 4, 2022 | cx.dsb.gov.au | Research |
Decision Proposal 222: CX Standards | Insights and Trusted Adviser Disclosure Consents | Data Standards Body (DSB) | November 4, 2021 | github.com | Consultations |
Noting Paper 207: Draft v3 Rules Analysis | Anticipated Data Standards | Data Standards Body (DSB) | August 4, 2021 | github.com | Consultations |
Draft v3 Rules consultation | The Treasury | July 1, 2021 | treasury.gov.au | Consultations |
Literacy and access | Australian Government Style Manual | January 1, 2021 | stylemanual.gov.au | Other |
Draft v2 Rules consultation (see concept 5.1 TA disclosure) | Australian Competition and Consumer Commission (ACCC) | November 18, 2020 | accc.gov.au | Consultations |
Phase 3, Round 3 Research Report | Data Standards Body (DSB) | August 31, 2020 | cx.dsb.gov.au | Research |
Phase 3, Round 8 Research Summary [PDF] | Data Standards Body (DSB) | August 31, 2020 | github.com | Research |
Phase 2, Stream 3 Research Report | Tobias | July 31, 2019 | cx.dsb.gov.au | Research |
Last updated
This page was updated @September 15, 2025
Have your say
Community consultations and maintenance are part of our ongoing process. Here’s how you can get involved:
- Request new Guidelines or changes to existing Guidelines through the CX Guidelines Consultation process
- Request new Standards or changes to existing Standards through the Standards Maintenance process
- Log a ticket for any questions about the rules, standards, or guidelines through the CDR Support Portal
- Email your feedback to cx@dsb.gov.au
Quick links to CX Guidelines:
Overview
Consent
Authenticate
Authorise
Consent Management
Notifications
Accessibility statement
→ cx@dsb.gov.au → cx.dsb.gov.au | cds.gov.au