We’ve been doing Consumer Data Right (CDR) work in Australia for a couple of years now, both on the data holder side and the recipient side. New Zealand is now passing similar legislation, and the energy sector is next in line after banking. So here are some observations about what we’ve seen, what it means, and where we think the actual opportunities are.

The compliance work

For retailers and network businesses on the data holder side, the path is fairly clear. You need to make metering and billing data accessible via standardised APIs.

For most organisations, it’s a reasonably known piece of work – it costs money, it takes time, and it needs proper resourcing. The main exception is organisations running very legacy systems, where the underlying data quality and architecture issues mean CDR becomes the presenting problem for a much longer-running one. If that’s the case, the time to start looking at it is now, not when the regulations land.

The main risk we see for NZ retailers isn’t technical, it’s timeline. Organisations that treat CDR as something to address once regulations are finalised will find themselves rushing with less options. The smarter approach is to get a clear picture of your current data and systems readiness now, understand the gaps, and sequence the work deliberately. That gives you options and opportunities.

In Australia, a middleware ecosystem has emerged where intermediary providers handle much of the integration complexity across the market. Rather than each organisation negotiating integrations with every counterpart, you work through an intermediary that takes on the compliance burden. Something similar will likely develop in NZ. Worth keeping an eye on as that market matures.

What to focus on

The practical things to get across sooner rather than later:

• Metering and billing data quality: Is it consistent, accurate, and in a state you’d be comfortable exposing via API? Gaps here take time to fix.
• Systems architecture: How legacy is your core infrastructure? The older the stack, the more lead time you’ll need.
• Consent management: Customer consent flows need to be trusted, intuitive, and compliant. This is as much a UX and design problem as a technical one.
• Governance: Who owns CDR obligations in your organisation? Is there clarity on accountability before anything is built

On the data holder side, the focus should be getting compliant quickly and efficiently.

On innovation

The compliance work is table stakes. The more interesting conversation is what becomes possible when energy usage data flows more freely and more reliably and who moves first to build on it.

A few things we think are worth paying attention to:

Better energy modelling for consumers

Our work with APVI on SunSPOT (https://www.sunspot.org.au/)  is the clearest example we can point to. Integrating CDR data into their platform means households get genuinely accurate estimates of their usage and what it would look like if they switched providers, installed solar, or added a battery. Real data rather than assumptions. It’s a material improvement on what was possible before, and it’s the kind of tool that actually changes the decisions people make.

Aggregated data for sector-wide modelling

APVI is also exploring whether customers who share their data will consent to it being used for research, which starts to address the cross-industry dataset problem that makes long-term modelling difficult. Individual retailers have their own customers. Nobody has a complete picture. 

If organisations are able to gain consent to share anonymised data for research purposes, then the quality of grid planning, capacity forecasting, and demand modelling could improve substantially. 

Smarter customer onboarding

If you’re a retailer looking to compete on service, CDR creates an opportunity for how you build offers for new customers. Rather than asking people to manually pull together usage history, a retailer can (with consent) pull that data directly during the sign-up process and build a genuinely tailored offer

If you’re bundling solar, EV charging, or battery into a package, this becomes particularly valuable. It won’t transform the industry overnight, but it removes friction from a process that currently has a lot of it.

Automated plan optimisation in the future?

The idealistic end state is a world where a consumer’s plan is checked against the market automatically and switching happens when a better option exists. That’s the kind of market efficiency the legislation is designed to enable. 

The idealised outcome of open data in the energy market is one where consumers are automatically on the best plan for them and the market has to compete on merit to keep them there.

Lessons from our experience in Australia

At Ackama, we’ve been working alongside organisations in Australia, navigating CDR obligations since the framework was introduced there. What we’ve learned from the Australian experience applies directly to NZ energy retailers now facing the same curve:

• Know your data and your systems. Organisations that understand their data and system gaps early make far better decisions about sequencing and investment.
• Don’t underestimate consent and UX complexity. The technical API work is only part of the challenge. Customer-facing consent flows need to be trusted, intuitive, and compliant.
• Watch the banking rollout closely. The approach being established for NZ open banking will set precedent for standards, accreditation processes, and incident response expectations that will carry into the electricity sector.
• Treat this as a platform, not just a compliance exercise. The retailers who thrive in a CDR environment will be those who design for the opportunity, not just the obligation.

What we can help with

We’ve worked on both sides of the CDR equation in Australia, building out the data holder and billing infrastructure to make data shareable, and developing recipient-side integrations that put that data to work in meaningful ways for end users.

For NZ energy organisations, we can help with

• Readiness assessment – understanding where your data and systems are, what needs to change, and how to sequence the work
• API design and implementation – building the interfaces that will expose your data securely and to standard
• Consent and customer experience design – making the consent flows trustworthy and usable
• Recipient-side integration – if you’re building tools or services that consume CDR data, we’ve done this and can move quickly
• Innovation discovery – working through what new products or services CDR makes possible for your organisation

We’re pragmatic about this. Some of it is compliance work that needs to get done well and efficiently. Some of it is genuinely new territory where the right approach is to explore and test rather than over-engineer from day one.

The energy companies that will do well out of CDR are the ones that get compliant quickly and efficiently, and then move fast on the new opportunities that open up. Those are two separate conversations and they deserve to be treated that way.

If you want to talk through what this means for your organisation, get in touch at hello@ackama.com