The Australian Privacy Commissioner has handed down a ruling that should serve as a warning to all consumers of financial services that they need to check their credit reports to be sure their credit providers have not made errors in their filings. Errors do occur more often than banks and other financial institutions like to admit, and they can be costly for consumers.
The bottom line is you can’t trust your lender to get it right all the time and you can’t rely on credit reporting agencies to correct errors. It’s up to you.
In a ruling handed down at the end of last month, the Privacy Commissioner found that Commonwealth Bank breached the Australian Privacy Principles by using and disclosing personal information that was inaccurate, out of date and/or incomplete.
It ordered CBA to apologise to a customer, acknowledging that it “interfered with” his privacy and pay compensation of $15,000.
The bank has also been ordered to change its policies and operating processes and procedures, “establishing reasonable steps to ensure that financial information about a person that CBA uses or discloses to other entities for the purpose of providing a credit reference is accurate, complete, up-to-date and relevant.”
The bank must have its new practices audited to determine their effectiveness.
The complainant (who is not named in the ruling) had a business credit card account with CBA. In November 2013 he received a letter from debt collector Credit Corp, which advised that the bank had assigned it a credit card debt of a little over $3000.
The complainant entered into a payment arrangement with Credit Corp and paid off the debt by January 2015.
In December 2013 the complainant sold his house after being unable to refinance his home loan.
In March 2015 the complainant applied for a home loan with Liberty Financial. It was conditionally approved but later declined. When the complainant’s wife called Liberty, she was told the complainant had failed to disclose an outstanding credit card debt.
The complainant contacted CBA and was told the credit card debt was still outstanding.
In September, the complainant lodged his complaint with the Privacy Commissioner, saying the debt had been paid off when he made the loan application with Liberty.
In its inquiries, the Privacy Commissioner found that CBA had disclosed information about the complainant to mortgage insurer Genworth, lender Pepper and Bankwest. The bank was entitled to do this but some of the information it provided was inaccurate and out-of-date and/or incomplete.
CBA acknowledged that the complainant’s record should have been updated to show that his credit card debt had been paid off.
The Privacy Commissioner found that the bank “failed to take reasonable steps to ensure the quality of the personal information that it used and disclosed about the complainant.”
As the case shows, banks can have errors on their files and then share that “information” with other lenders, insurers and credit reporting agencies. Consumers must take what steps they can to detect any errors and have them corrected.
They can request a copy of their credit report from agencies Equifax, illion and Experian, which are obliged to supply one copy free each year.