CBA fined after alleged breaches of consumer data right rules
The news: Commonwealth Bank has paid penalties totalling $792,000 after the Australian Competition & Consumer Commission (ACCC) issued it with four infringement notices for alleged breaches of consumer data right (CDR) rules.
The context: The ACCC alleges that CBA did not comply with the rules by failing to enable data sharing for certain accounts for business consumers and partnerships.
This meant affected consumers were unable to share their data to access CDR-enabled products and services, such as those used for business accounting.
The ACCC said it received complaints from consumers reporting difficulties accessing CDR and impacted customers had to either perform manual workarounds or revert to less secure methods of data sharing.
The regulator noted that CBA cooperated with its investigation and has made several commitments as part of a resolution with the ACCC, including providing remediation to customers and accredited data recipients affected by the conduct.
CDR is an economy-wide data sharing reform that empowers Australians to use the data businesses hold about them for their own benefit. Since November 2021, the four major banks, including CBA, have been required to enable consumer data sharing of in-scope products for non-individual CDR consumers.
Earlier this year, NAB paid penalties totalling $751,200 for alleged contraventions of the CDR rules relating to data quality issues.
What they said: “This is the highest total penalty to date for an alleged breach of the CDR rules,” said ACCC deputy chair Catriona Lowe.
“We will continue to focus our compliance and enforcement efforts to enable the benefits the CDR system delivers for consumers including more choice and greater access to better deals on products and services.”
The source: ACCC media release