Finch CDR Policy

ASAE 3150 Accreditation

Finch is an ASAE 3150 accredited company.

This accreditation enables us to provide Accredited Data Recipients (ADRs) with advanced data intelligence solutions helping ADRs deliver on the Open Banking promise of greater choice and personalisation for customers. As an ASAE 3150 accredited company we can provide our services as an Outsourced Service Provider to Accredited Data Recipients (ADRs) meeting all the security controls required to work with CDR data.


CDR Rules Privacy Safeguard

Our ASAE-3150 assurance report covers all of the Schedule 2 security requirements, including over 24 prescribed security controls under CDR such as multi-factor authentication, firewalls, protections against malware and data leakage, and related business processes around user access and systems monitoring. Some of these controls are briefly covered below. Finch is audited annually to ensure compliance with Schedule 2 information security controls, as set out per CDR Rules Privacy Safeguard 12.

For more information please contact Finch CEO: