Incorrect data has been observed in Product Reference Data APIs provided by the Major Banks, including incorrect lastUpdated dates, incorrect application of bundled discounts, misleading characterisation of fees, missing fees, and non-standard application programming interfaces (APIs) response pagination.
- What processes are in place to ensure sufficient data quality standards are adhered to?
- What are the respective roles of Australian Competition & Consumer Commission (ACCC) and Australian Securities & Investments Commission (ASIC) in the regulation of this area?
- What process should interested parties follow when errors are found?
In response to Questions 1 and 2, the ACCC and the Office of the Australian Information Commissioner (OAIC) have published their joint Compliance and Enforcement policy for the Consumer Data Right. The purpose of the policy is to help consumers and CDR participants understand the approach that the ACCC and the OAIC will adopt to encourage compliance with CDR rules, legislation (including Privacy Safeguards) and Consumer Data Standards. The policy also sets out how the ACCC and OAIC will respond to breaches of the CDR regulatory framework. The policy can be found on the ACCC website.
We use a risk-based approach to monitoring and assessing compliance matters and taking enforcement action. We cannot pursue all matters that come to our attention. Our role is to focus on those circumstances that will, or have the potential to, cause significant harm to the CDR regime or result in widespread consumer detriment.
Interested parties should make any complaints about data accuracy or how product reference data is being shared directly to the data holder. Interested parties can also report their concerns to the ACCC and we will consider in accordance with our Compliance and Enforcement policy. Reports can be submitted to us directly at firstname.lastname@example.org.