What is Wych Data Holder?
Wych Data Holder helps banks, lenders, energy retailers, and other organisations expose customer-permissioned data through secure, standards-aligned open data APIs.
It provides the infrastructure, consent support, security controls, integration patterns, and compliance tooling needed to participate as a Data Holder in open banking, open energy, and broader open data ecosystems.
You can use Wych Data Holder to:
- expose consumer-consented data to authorised third parties
- support Australian CDR and New Zealand open banking style data sharing obligations
- manage Data Recipient and third-party registration
- validate consent, authorisation, and access requests
- publish standards-aligned APIs for accounts, balances, transactions, customer data, and product reference data
- support operational monitoring, audit evidence, and compliance reporting
- optionally support payment initiation and open payments use cases where enabled
What can I implement with Wych Data Holder?
- Data sharing APIs
- Compliance and operations
- Open payments
Use Wych Data Holder to expose customer-permissioned data through standards-aligned APIs, reducing the need to build open data infrastructure from scratch.
Best for: banks, lenders, and energy retailers that need to provide secure access to customer data for authorised third parties.
Use Wych Data Holder to support consent validation, participant onboarding, audit evidence, request monitoring, and operational controls.
Best for: compliance, risk, product, and operations teams responsible for open data obligations and ongoing assurance.
Where enabled, use Wych to support open payments capabilities alongside data sharing, including secure integration patterns for payment initiation.
Best for: organisations preparing for open banking payment initiation, account-to-account payment services, or future open payments obligations.
How it works
Wych Data Holder follows a secure data sharing flow:
- Register and validate the third party requesting access to customer data.
- Receive a consented request from an authorised Data Recipient or third-party provider.
- Validate consent, authorisation, certificates, tokens, and access scope.
- Retrieve the required data from your source systems or integration layer.
- Return a standards-aligned response through the Wych Data Holder APIs.
- Record operational and compliance evidence for monitoring, audit, and support.
In an open banking or open data flow, the customer authenticates directly with the Data Holder. Wych does not require the Data Recipient to collect or store the customer’s banking credentials.
Choose your integration model
Option 1: Wych-managed Data Holder platform
Use Wych’s Data Holder platform to provide the core open data infrastructure, including standards-aligned APIs, consent validation support, participant controls, monitoring, and compliance evidence.
Use this when: you want a faster, lower-risk path to production without building the full Data Holder capability in-house.
Option 2: Integrated Data Holder services
Use Wych as the standards, security, and API layer while integrating with your existing identity, consent, product, account, transaction, payment, and customer systems.
Use this when: you already have mature internal systems and need Wych to provide the compliant open data interface and orchestration layer.
Option 3: Data Holder testing and assurance
Use Wych Data Holder Tester to validate your Data Holder implementation against supported standards, scenarios, and expected behaviours.
Use this when: you need confidence before production release, regression testing, or evidence to support compliance and operational readiness.
Implementation review
Data Holder integrations usually require environment, source system, identity, security, and operational readiness review before production use.