Consumer Data Right enforcement policy released

By Dylan Bushell-Embling
Monday, 11 May, 2020

Participants in the government’s Consumer Data Right scheme could face penalties for non-compliance ranging from administrative resolutions to penalties and injunctions under the new scheme’s new Compliance and Enforcement Policy.

The ACCC and the Office of the Australian Information Commissioner (OAIC) have jointly introduced the policy, which has been developed in consultation with current and future data holders and recipients.

The policy is designed to help clarify the regulatory obligations each participant in the scheme must adhere to once it is introduced in July.

The Consumer Data Right is designed to allow consumers control over the data held on them by businesses in various industries, starting with the banking sector. The scheme will allow consumers to direct companies to share their data with accredited participants such as price comparison service providers.

“It is the responsibility of each Consumer Data Right participant to be fully aware of their regulatory obligations or face scrutiny by the ACCC and the OAIC,” ACCC Commissioner Sarah Court said.

“[The] release of the Compliance and Enforcement Policy helps clarify these obligations as people prepare to participate in the Consumer Data Right from July 2020.”

Under the new policy, the ACCC and OAIC will be able to pursue enforcement options such as issuing infringement notices and demanding court-enforceable undertakings, suspension or revocation of accreditation by the ACCC and court proceedings which may result in penalties, injunctions and other orders.

The agencies have revealed plans to adopt a “strategic risk-based approach to compliance and enforcement” and to use a wide range of information sources and monitoring tools to assess compliance.

These methods will include issuing both information requests and compulsory notices, as well as conducting regular audits and assessments.

Image credit: ©stock.adobe.com/au/peshkov