The CDR Roadmap for Non-Bank Lenders: What You Need to Do Before 2026

The countdown is on. By mid-2026, non-bank lenders must comply with the Consumer Data Right (CDR) by sharing product reference data. While this may seem like a regulatory hurdle, it’s also an opportunity to enhance transparency, improve customer trust, and unlock new business models.

With just over a year to go, now is the time to get ahead. Here’s your roadmap to compliance, and how to turn it into a competitive advantage.

Understanding Tier 1 vs. Tier 2 Non-Bank Lender Compliance

Compliance obligations vary depending on the size of the lender, with two distinct tiers:

Tier 1 Non-Bank Lenders ('Initial Providers')

Definition: Non-bank lenders with total resident loans and finance lease balances exceeding $10 billion.
Compliance Obligations:
- Mandatory Data Sharing: Required to share both product reference data and consumer data under the CDR framework.
- Implementation Timeline: Obligations commence from 13 July 2026 for product data, followed by consumer data sharing from 9 November 2026.

Tier 2 Non-Bank Lenders ('Large Providers')

Definition: Non-bank lenders with total resident loans and finance lease balances above $1 billion and greater than 1,000 customers.
Implementation Timeline: Consumer data sharing from 13 September 2027.

Voluntary Participation: Not mandated to share data but may choose to opt into the CDR framework voluntarily. Voluntary participation can enhance competitiveness by offering customers greater data portability and transparency.

Regardless of size, any participating lender must ensure data accuracy and adhere to stringent security protocols to protect consumer information. Engaging with the CDR framework can lead to improved customer trust, innovative product offerings, and a competitive edge in the evolving financial landscape.

March–December 2025: Implement a CDR-Compliant Infrastructure

The first step is setting up the technology and processes needed to manage and share CDR product reference data. This includes:

Identifying what data must be shared – Interest rates, fees, eligibility criteria, and other product details.
Ensuring data accuracy and accessibility – The data must be structured, up-to-date, and retrievable via APIs.
Choosing a CDR technology partner – Instead of building an in-house solution, non-bank lenders can leverage managed platforms like Fiskil’s Product Portal to simplify compliance.
Establishing internal processes – Compliance isn’t just about technology; teams must be trained on data governance and reporting requirements.

Early 2026: Test, Refine & Ensure Security Measures Are in Place

By early 2026, your infrastructure should be functional, and it’s time to validate its effectiveness. Key actions include:

Testing API connectivity and data integrity – Ensure your product data is being shared accurately and consistently.
Conducting security and compliance checks – CDR comes with strict security and consent management requirements.
Finalising documentation and internal workflows – Clear processes must be in place to update product data and manage regulatory reporting.

Mid-2026: Go Live with CDR Product Reference Data Sharing

By the mid-year deadline, non-bank lenders must begin sharing product reference data publicly. This means:

Publishing product data in the required format – Making it accessible via APIs, as mandated by the CDR framework.
Maintaining compliance with ongoing updates – Regularly updating product information to reflect any changes in rates, fees, or terms.
Exploring strategic opportunities – Compliance is just the beginning. Open data can improve discoverability, fuel partnerships, and drive new customer acquisition strategies.

How Fiskil Can Help

Meeting the CDR deadline doesn’t have to be a complex, resource-heavy process. Fiskil’s Product Portal provides a seamless way for non-bank lenders to manage and share product reference data—without the technical overhead.

✅ Automate compliance with a ready-to-use solution.
✅ Ensure accuracy with real-time data updates.
✅ Future-proof your business with a trusted CDR partner.

The time to act is now. Don’t wait until 2026 to start preparing—get in touch with Fiskil today to streamline your CDR compliance journey and unlock the full potential of open data.

📩 Book a demo to see how Fiskil can help.

With just over a year to go, now is the time to get ahead. Here’s your roadmap to compliance, and how to turn it into a competitive advantage.

Understanding Tier 1 vs. Tier 2 Non-Bank Lender Compliance

Compliance obligations vary depending on the size of the lender, with two distinct tiers:

Tier 1 Non-Bank Lenders ('Initial Providers')

Definition: Non-bank lenders with total resident loans and finance lease balances exceeding $10 billion.
Compliance Obligations:
- Mandatory Data Sharing: Required to share both product reference data and consumer data under the CDR framework.
- Implementation Timeline: Obligations commence from 13 July 2026 for product data, followed by consumer data sharing from 9 November 2026.

Tier 2 Non-Bank Lenders ('Large Providers')

Definition: Non-bank lenders with total resident loans and finance lease balances above $1 billion and greater than 1,000 customers.
Implementation Timeline: Consumer data sharing from 13 September 2027.

March–December 2025: Implement a CDR-Compliant Infrastructure

The first step is setting up the technology and processes needed to manage and share CDR product reference data. This includes:

Identifying what data must be shared – Interest rates, fees, eligibility criteria, and other product details.
Ensuring data accuracy and accessibility – The data must be structured, up-to-date, and retrievable via APIs.
Choosing a CDR technology partner – Instead of building an in-house solution, non-bank lenders can leverage managed platforms like Fiskil’s Product Portal to simplify compliance.
Establishing internal processes – Compliance isn’t just about technology; teams must be trained on data governance and reporting requirements.

Early 2026: Test, Refine & Ensure Security Measures Are in Place

By early 2026, your infrastructure should be functional, and it’s time to validate its effectiveness. Key actions include:

Testing API connectivity and data integrity – Ensure your product data is being shared accurately and consistently.
Conducting security and compliance checks – CDR comes with strict security and consent management requirements.
Finalising documentation and internal workflows – Clear processes must be in place to update product data and manage regulatory reporting.

Mid-2026: Go Live with CDR Product Reference Data Sharing

By the mid-year deadline, non-bank lenders must begin sharing product reference data publicly. This means:

Publishing product data in the required format – Making it accessible via APIs, as mandated by the CDR framework.
Maintaining compliance with ongoing updates – Regularly updating product information to reflect any changes in rates, fees, or terms.
Exploring strategic opportunities – Compliance is just the beginning. Open data can improve discoverability, fuel partnerships, and drive new customer acquisition strategies.

How Fiskil Can Help

✅ Automate compliance with a ready-to-use solution.
✅ Ensure accuracy with real-time data updates.
✅ Future-proof your business with a trusted CDR partner.

The time to act is now. Don’t wait until 2026 to start preparing—get in touch with Fiskil today to streamline your CDR compliance journey and unlock the full potential of open data.

📩 Book a demo to see how Fiskil can help.

The CDR Roadmap for Non-Bank Lenders: What You Need to Do Before 2026

Understanding Tier 1 vs. Tier 2 Non-Bank Lender Compliance

Tier 1 Non-Bank Lenders ('Initial Providers')

Tier 2 Non-Bank Lenders ('Large Providers')

March–December 2025: Implement a CDR-Compliant Infrastructure

Early 2026: Test, Refine & Ensure Security Measures Are in Place

Mid-2026: Go Live with CDR Product Reference Data Sharing

How Fiskil Can Help

Related articles

The CDR Roadmap for Non-Bank Lenders: What You Need to Do Before 2026

Understanding Tier 1 vs. Tier 2 Non-Bank Lender Compliance

Tier 1 Non-Bank Lenders ('Initial Providers')

Tier 2 Non-Bank Lenders ('Large Providers')

March–December 2025: Implement a CDR-Compliant Infrastructure

Early 2026: Test, Refine & Ensure Security Measures Are in Place

Mid-2026: Go Live with CDR Product Reference Data Sharing

How Fiskil Can Help

Related articles