Australia's Consumer Data Right is one of the most rigorous open banking frameworks in the world. For companies like Fiskil — who build the infrastructure that powers CDR compliance for banks, lenders, and fintechs — that rigor is the product. But it also creates a scaling problem.
Every new affiliate that joins Fiskil's CDR platform needs to go through a compliance onboarding process: questionnaires, security posture reviews, risk assessments, and preliminary audit reports — both for internal use and for the affiliates themselves. Done manually, this process was a bottleneck. The compliance team was the constraint on growth.
Fiskil partnered with Odella to change that equation. By deploying AI employees to handle the read-heavy, write-heavy, judgment-intensive work of compliance triage, Fiskil's team was able to do more without growing headcount — and affiliates experienced a dramatically faster path to go-live.
The Challenge: Compliance at Scale
The CDR framework requires strict governance over who can access consumer financial data, how it's protected, and how it flows between parties. As a CDR infrastructure provider, Fiskil sits in the middle of this ecosystem — helping Data Holders and Data Recipients meet their regulatory obligations.
But onboarding each new affiliate under CDR is a significant undertaking:
- Inbound compliance questionnaires — New affiliates complete detailed questionnaires covering their data handling practices, security controls, governance structures, and technical architecture. Each questionnaire runs dozens of questions across multiple compliance domains.
- Internal security posture reviews — Fiskil's compliance team reviews each affiliate against an internal security and risk framework, scoring controls and identifying gaps.
- Risk matrices — A structured assessment across domains like data residency, access controls, incident response, and CDR-specific obligations, producing a risk tier classification.
- Preliminary audit reports — Two outputs: an internal report for Fiskil's compliance team, and a customer-facing report delivered to the affiliate detailing their readiness status, identified risks, and required remediation steps.
With a growing pipeline of affiliates, processing this stack manually was slow, inconsistent, and expensive in analyst time. Some affiliates waited weeks to receive their preliminary report. Others received reports that varied in depth and structure depending on who had written them.
Fiskil needed consistency, speed, and scale — without proportionally scaling the compliance team.
The Solution: Odella AI Employees for Compliance Triage
Fiskil deployed a dedicated Odella AI employee to handle the compliance onboarding pipeline. The AI employee was trained on Fiskil's internal compliance framework, their CDR-specific questionnaire structure, risk matrix methodology, and report templates — both internal and customer-facing.
Here's how the workflow runs:
Step 1: Inbound Questionnaire Triage
When a new affiliate submits their compliance questionnaire, the Odella AI employee reads and processes it in full — extracting structured data across all compliance domains, flagging incomplete or ambiguous responses, and mapping each response against Fiskil's internal control requirements.
Instead of an analyst spending hours manually reviewing a 50-question document, they receive a pre-processed summary: which controls are evidenced, which are missing, where responses are unclear, and what follow-up is needed. The AI employee handles the read-and-extract layer; the human analyst focuses on judgment calls.
Step 2: Risk Matrix Scoring
Using the extracted questionnaire data alongside Fiskil's internal security posture inputs, the AI employee populates the compliance risk matrix — scoring the affiliate across domains including:
- Data residency and sovereignty controls
- Authentication and access management
- Incident response and breach notification readiness
- CDR consent and data minimisation compliance
- Third-party dependency and supply chain risk
- Technical infrastructure security posture
The output is a structured risk tier classification — High, Medium, or Low — with domain-level scores and the evidence basis for each. This triage layer means Fiskil's compliance team can immediately prioritise their review: High-tier affiliates get deeper scrutiny first; Low-tier affiliates move faster.
Step 3: Internal Audit Report Generation
From the populated risk matrix and questionnaire data, the AI employee generates the internal preliminary audit report. This document follows Fiskil's standard format and covers:
- Executive summary of compliance posture
- Domain-by-domain findings with evidence citations
- Risk tier classification and rationale
- Identified control gaps and their severity
- Recommended remediation steps and timelines
- Analyst review flags — areas requiring human judgment before sign-off
The report is draft-quality on first generation. A compliance analyst reviews, adjusts any flagged sections, and signs off — typically in a fraction of the time it would take to write from scratch.
Step 4: Customer-Facing Audit Report
Once the internal report is reviewed and finalised, the AI employee produces the customer-facing version — adapted in tone and scope to what Fiskil shares with affiliates. This report gives the affiliate a clear picture of their current CDR compliance standing, what's in order, what needs attention, and what they need to do to achieve full CDR readiness under Fiskil's platform.
The customer-facing report follows a consistent structure every time — no variation based on who drafted it. Affiliates receive a professional, clearly-reasoned document that builds confidence in the process and sets clear expectations for onboarding completion.
The Results
The impact was felt immediately in the affiliate onboarding pipeline:
Faster time-to-report — Preliminary audit reports that previously took days to produce are now generated within hours of questionnaire submission, with analyst review adding a few hours on top.
Consistent, structured output — Every report follows the same format, depth, and evidence standard. Affiliate experience became predictable — and the internal reports became more useful as a compliance record.
Risk triage that actually works — The AI employee's risk matrix scoring means Fiskil's compliance analysts know immediately where to focus. High-risk affiliates get the attention they need; low-risk onboarding moves faster.
Compliance team capacity unlocked — Rather than spending the majority of their time on extraction and drafting, Fiskil's compliance analysts now focus on review, judgment, and high-risk cases. The same team can handle a significantly larger onboarding pipeline without degrading quality.
Affiliate confidence — Receiving a professional, detailed preliminary audit report quickly signals operational maturity. Affiliates know exactly where they stand and what they need to do — which accelerates their own remediation timelines and reduces the back-and-forth that extends onboarding cycles.
Why This Matters for CDR
The Consumer Data Right framework is designed to expand. As more data holders come online and more data recipients seek accreditation, the volume of compliance work flowing through the CDR ecosystem will grow significantly. Infrastructure providers like Fiskil will be central to managing that growth.
The ability to scale compliance onboarding without scaling headcount linearly is a structural advantage — not just operationally, but competitively. Affiliates choose CDR infrastructure partners in part based on how smooth and fast their onboarding experience is. A week-long wait for a preliminary audit report is a friction point. A same-day report is a differentiator.
Odella's AI employees don't replace compliance expertise. They amplify it — handling the high-volume, structured work so that human judgment is applied where it counts most: complex cases, edge judgments, and final sign-off accountability.
About Fiskil
Fiskil is an Open Banking and Open Data infrastructure provider helping financial institutions meet consumer-permissioned data sharing obligations under the Consumer Data Right and global open finance frameworks. Their platform supports 115+ financial institutions and connects Data Holders and Data Recipients with the tools they need to participate in the open data ecosystem securely and at scale.
Ready to see how Odella AI employees can accelerate your compliance workflows? Talk to us →