The Australian Competition and Consumer Commission (ACCC) has confirmed that the Bank of Queensland (BOQ) has now paid a penalty of $133,200 in response to the infringement notice that was issued to it for allegedly breaching the consumer data right (CDR) rules.
As reported last week, the bank was required to be in a position to share data for financial products, including savings accounts, term deposits and credit cards, by 1 July 2021.
The ACCC alleges that the Bank of Queensland did not meet this obligation on 1 July 2021 as required.
Indeed, it stated that BOQ did not make the required services available until 13 December 2021, which meant that the bank’s customers were unable to share their CDR data for more than five months after the date by which this service was required to be available to them.
As such, the competition watchdog had issued the bank with infringement notice – the first infringement notice sent to a lender for non-compliance with the consumer data right (CDR) regime.
In deciding to issue an infringement notice to BOQ, the watchdog said it “took into account a number of factors, including the period of alleged non-compliance, the number of customers potentially impacted, the resourcing constraints Bank of Queensland faced in developing its CDR infrastructure and the steps it took to limit the duration of its non-compliance”.
After confirming that the penalty had now been paid, ACCC commissioner Peter Crone said: “Under the CDR, consumers have a right to safely and securely share certain data with accredited providers, including fintech firms and other third parties, who in turn can use that data to create better customised products and services for the consumer.
“For the CDR to work effectively for consumers, participants including all banks must meet their data sharing obligations within the timeframes set by the regulations,” he said.
“In the current environment of rising interest rates, consumers benefit from greater access to information and tools to help them compare products and make informed decisions about switching banks, and the CDR assists this.”
While the penalty has now been paid, it is not an admission of a contravention of the CDR Rules.
At the time of writing, BOQ had not yet issued a statement on the penalty being paid – however a BOQ spokesperson told Mortgage Business last week that the delay was largely due to the complexity of adapting BOQ source systems to the open banking requirements and third-party testing issues.
“Those issues have now been addressed and BOQ commenced data sharing from 13 December 2021,” they said.
“BOQ is committed to selecting and implementing sustainable, quality solutions and look forward to providing the best quality data so that our customers can make informed decisions about their banking needs.”
Other enforcement actions that the ACCC can take in regard to alleged breaches of the CDR compliance and enforcement policy include: administrative outcomes, enforceable undertakings, infringement notices, suspension or revocation of accreditation, or commencing court proceedings.
Several lenders have been delayed in implementing their CDR solutions, which the ACCC said was “in part due to issues related to the COVID-19 pandemic and a shortage of skilled IT resources”.
The ACCC said it “closely monitors compliance with CDR obligations and provides support for participants to assist them in preparing for and entering the CDR program”.
“As it is rolled out, the CDR will increase consumer choice and promote the innovation needed to improve competition in financial services and other areas. It will play a central role in enhancing productivity,” Mr Crone said.
[Related: BOQ issued infringement notice for CDR delays]