Question

Consider a situation where a joint account holder 1 (JH1) is identified as a vulnerable consumer. JH1 shares a joint account (JA1) that works like an individual account. Consequently, other account holders won’t see any detail about this sharing. Later JH1's vulnerable status is removed.

At that point, should the other account holders be updated about the sharing history and activities on JA1 performed by JH1?

Consider a situation where JH1 is identified as vulnerable. What happens if JH1 withdraws the sharing of JA1 from the consent, and later adds JA1 for sharing through amending the consent process.

What should other account holders see of the sharing history and activities on JA1?

Answer

Managing vulnerable customers is at the discretion of the Data Holder (DH). 

The CDR Rules and Standards are not prescriptive when it comes to how Data Holders identify, support, and manage vulnerability, This is because DHs have their own systems and processes that manage vulnerability issues. In consultation the DSB has determined that management of vulnerable customers  is not consistent across DHs abd does not follow a universal standard.

Data Holders decide at the their own discretion, based on guidance from CDR rules, Division 4.3, whether to show the sharing history and activities of JH1 to other joint account holders. The same applies to future amendments relating to JA1. 

See:

• How does data sharing for joint accounts work? https://cdr-support.zendesk.com/hc/en-us/articles/900004280523-Sharing-data-on-joint-accounts
• Revocation of consent on Joint Accounts https://cdr-support.zendesk.com/hc/en-us/articles/900004428406
• Joint accounts - removal of approvals https://cdr-support.zendesk.com/hc/en-us/articles/360004458636-Joint-accounts-removal-of-approvals