Following the registration of Treasury Laws Amendment (Consumer Data Right) Act 2024, the name ‘Data Recipient Accreditor’ has changed to ‘CDR Accreditor’. We are working towards making this name change in all ACCC documentation, guidelines and online information.

Until this is completed, the term ‘Data Recipient Accreditor’ should be read as a reference to ‘CDR Accreditor’. The name change does not change the functions and powers of the CDR Accreditor or impact applications, data recipients, data holders or consumers.

About the schedule

The ACCC monitors and enforces compliance with the CDR obligations set out in the Competition and Consumer Act 2010 (Cth), the Competition and Consumer (Consumer Data Right) Rules 2020 (the CDR Rules) and the Consumer Data Standards.

Data holders’ obligations commenced on various dates - see the CDR rollout

Some data holders have received an exemption from certain obligations under s56GD of the Act. The CDR exemptions register lists all exemptions granted.

This rectification schedule sets out information provided by data holders to the ACCC. We have published this information to provide a reference for accredited data recipients and consumers regarding potential issues in data holders’ CDR implementations.

We expect data holders to promptly rectify their non-compliance or face possible enforcement consideration in line with the ACCC/OAIC Compliance and Enforcement Policy for the Consumer Data Right. Listing an issue on this rectification schedule does not preclude the ACCC from pursuing compliance or enforcement action in-line with this policy.

Data holders that are not currently active on the CDR Register and do not have an exemption from this requirement are listed in a separate rectification schedule.

This table is current as at 26 June 2025.

Banking - major data holders

The data holders listed in the table below are the four major data holders and their non-primary brands.

Data holder (brand) Issue Proposed resolution date

Commonwealth Bank of Australia (CBA)

Brands:

CommBank and CommBiz

 1. Enablement of CDR data sharing for certain accounts under the ‘Trading Entity, Business Name’ customer profile type. CBA is working to enable CDR data sharing for certain accounts accessed via 'CommBiz' and ‘NetBank’ and held under a ‘Trading Entity Business Name’ customer profile type. TBC

 

Data holder (brand) Issue Proposed resolution date

National Australia Bank Limited

Brand:

National Australia Bank

 1.GET Accounts: call fails when required fields under the BankingCreditCardAccount object are unavailable. 30 June 2025

National Australia Bank Limited

Brand:

UBank

 2. Due to an internal error, GetMetrics API is intermittently failing to provide required data. 31 July 2025
  3. accountId field does not currently meet ID Permanence Standards 30 September 2025

Banking - non-major data holders

Data holder (brand) Issue Proposed resolution date

AMP Bank Ltd

Brand:

AMP Bank GO
  1. Customers using the AMP Bank GO banking brand to share data will be authenticated via its digital app using App2App and Web2App technology, rather than by One Time Password (OTP). App2App and Web2App technology forms part of the Data Standards Body DP 327 - Authentication Uplift Phase 1 that includes a recommendation that online customers can authenticate with their Data Holder's app.
 TBC

Australian Mutual Bank Ltd

Brand:

Australian Mutual Bank
  1. LVR Minimum & Maximum values to be added as product constraint options in Product Definitions
    Overlays added to Get Transaction Detail
    Various changes to versions of services, flows, error reporting and end points
 31 July 2025

Australian Unity Bank Ltd

Brand:

Australian Unity Bank
  1. NPP service overlays added to Get Transaction Detail
 16 November 2025
  2. Supporting Authorization Code Flow (ACF) 16 November 2025
  3. LVR Minimum & Maximum values in Product Definitions 16 November 2025

Auswide Bank Ltd

Brand:

Auswide Bank Ltd

 1. Delay in rollout of v1.33.0 item retiring existing hybrid protocol and supporting Authorisation Code Flow (ACF) 31 July 2025

B & E Ltd

Brand:

Bank of us

 1. Product fee accrualFrequency incorrect format 14 July 2025
  2. CDR release 1.33.0 – Authorisation Code Flow 14 July 2025
  3. Rate tier information (BankingProductRateTierV3) not utilised as per Rule 2.4(3)(b) TBC

Bank Australia Limited

Brand:

Bank Australia
  1. Get Transactions for Account API- no merchant name
 31 July 2025
  2. Metrics API will not be able to deliver unauthenticated metrics until transition is complete. Metrics will be provided manually. 31 July 2025

Bank of Queensland Ltd

Brands:

Bank of Queensland Ltd

Virgin Money

BOQ Specialist

DDH Graham

 1. Customers on legacy platforms do not experience commensurate latency  TBC

Beyond Bank Australia Limited 

Brand:

Beyond Bank Australia
  1. High Performance APIs not within threshold limit
 TBC
  2. We have identified that Beyond Bank does not provide the ‘Merchant Name’ field in transaction responses when calling the Get Transactions for Account API. 31 July 2025
Data holder (brand) Issue Proposed resolution date

Central Murray Credit Union Limited 

Brand:

Central Murray Credit Union Limited 
  1. CDR release 1.33.0 – Authorisation Code Flow
 14 July 2025

Central West Credit Union Limited 

Brand:

Central West Credit Union

 1. CDR Standards v1.33.0 - Retirement of existing hybrid protocol and only supporting Authorization Code Flow from 12 May 2025 will be delayed. 31 July 2025

Coastline Credit Union Limited 

Brand:

Coastline Credit Union

  1. Get Metrics v5 Error Metrics Documentation

    The change relates to error codes caused by ADRs in the 400 range.

 14 July 2025

Community First Credit Union Limited 

Brands:

Illawarra Credit Union Limited

Easy Street

Community First Bank

 1. CDR Standards v1.33.0 - Retirement of existing hybrid protocol and only supporting Authorization Code Flow from 12 May 2025 will be delayed. 14 July 2025

Credit Union SA Ltd

Brand: 

Credit Union SA

1. Get Metrics v5 Error Metrics Documentation

The change relates to error codes caused by ADRs in the 400 range.

 14 July 2025
  2. Decision Proposal 338 - Updates to Banking Products and Accounts 31 March 2026

 

Data holder (brand) Issue Proposed resolution date

First Option Bank Limited

Brand:

First Option Bank
  1. Data Holders SHALL only support Authorization Code Flow from 12 May 2025
 14 July 2025
Ford Co-operative Credit Society Limited 1. Invalid format for accrualFrequency on all product fees 30 June 2025

Ford Co-operative Credit Society Limited

Brand:

Geelong Bank

 2. CDR Release 1.33.0 Authorisation Code Flow 14 July 2025

G&C Mutual Bank Limited

Brand:

G&C Mutual Bank

 1. LVR Tier Structured Data: GetProductDetail Accuracy – Inaccurate Data: Rule 2.4(3), Data Quality 1 August  2025
  2. Interest Application Frequency for Term Deposits: GetProductDetail Accuracy – Inaccurate Data 1 August 2025
  3. Invalid format for accrualFrequency on all product fees 1 August 2025

Goulburn Murray Credit Union Co-operative Limited

Brand:

GMCU

 1. Retire existing hybrid protocol and only support Authorization Code Flow 31 July 2025

 

Data holder (brand) Issue Proposed resolution date

Heartland Bank Australia Limited

Brand:

Heartland

 1. Missing interest component for savings and transactional accounts 30 June 2025

Heritage and People's Choice Ltd

Brand:

Heritage Bank

 1. Rule 4.22A – Amendment of data sets for consents authorised prior to 24 October 2024, in respect of Heritage Bank branded products, is unavailable. 25 October 2025

Horizon Credit Union Limited

Brand:

Horizon Bank
  1. Delay in rollout of v1.33.0 which requires retiring existing hybrid protocol and only supporting authorisation code flow.
 31 July 2025

HSBC Bank Australia Limited

Brand:

HSBC

HSBC Bank Australia Limited – Wholesale Banking

 1. Implementation of Get Transaction Detail V2 30 June 2026

Judo Bank Pty Ltd

Brand:

Judo Bank
  1. Data presented via API end points is currently not commensurate in latency with data presented via Judo Bank’s digital banking platform and there may be up to 24 hours delay maximum. API end points will be presented near real-time following the upgrade of Judo Bank’s new core banking platform.
 30 September 2025
 
  1. GetAccount Detail response for features (type: array) and fees (type: array) is empty.
 30 September 2025
  3. GetAccount Detail response for depositRates (type: array), lendingRates (type: array) and addresses (type: array) is empty. 30 September 2025

Liberty Financial Pty Ltd 

Brand:

Liberty Financial

 1. Secondary user functionality (Rules 1.13(1)(e) and 1.15(5)) Products not designed for secondary user functionality. Manual functionality available in limited circumstances (where necessary). TBC

Macarthur Credit Union Limited

Brand:

The Mac
  1. Implementation of CDR standard v1.33.0
 31 July 2025

MyState Bank Limited

Brand:

MyState Bank

 1. Missing amounts in the Get Transactions For Account API 29 August 2025

Newcastle Greater Mutual Group Limited

Brand:

Newcastle Permanent Building Society

Greater Bank

 1. When applying Rule 1.10B & Part 2 of Schedule 3, CDR Consumer Eligibility is determined at the Brand level (Newcastle Permanent and Greater Bank) not the Legal Entity level (NGM Group). TBC

Newcastle Greater Mutual Group Limited

Brand:

Newcastle Permanent Building Society

 2. CDR v5 dashboard changes to display the details of each authorisation’s amendment linked by cdr_arrangement_id TBC

Northern Inland Credit Union Limited

Brand: 

Northern Inland Credit Union
  1. CDR v1.33.0 [ACF] 
 31 July 2025

 

Data holder (brand) Issue Proposed resolution date

Orange Credit Union Limited

Brand:

Orange Credit Union Limited
  1. CDR v1.33.0 - Retiring the existing hybrid protocol and only supporting Authorization Code Flow (ACF)
 14 July 2025

Police & Nurses Limited

Brands:

P&N Bank

bcu

1. End to End ID not shown in Get Transaction Detail on rare instances.

 

 

 31 July 2025
 

2. Get Metrics v5 Error Metrics Documentation 

The change relates to error codes caused by ADRs in the 400 range.

 31 July 2025
  3. merchantName missing from Get Transaction from Account API 31 July 2025
  4. High Performance API’s not within threshold limit TBC

QPCU Limited

Brand:

QBANK

1. Rule 2.4(3)(b) - Data Quality: All info available via other channels must be included in response

  • BankingProductRateTierV3
 30 September 2025
  2. Fees ‘accrualFrequency’ does not conform with ISO8601 Duration standards 30 September 2025
  3. Inaccurate rate disclosure of fixed “5.49%” in product “CLASSIC_HOME_LOAN_OO_PNI” 30 September 2025

Qudos Mutual Ltd

Brand:

Qudos Bank
  1. Metrics API will not be able to deliver unauthenticated metrics until transition is complete. Metrics will be provided manually.
 31 July 2025

Queensland Country Bank Limited

Brand:

Queensland Country Bank
  1. According to the CDR specification, the merchantName field should be populated when available. However, the response omits this field, even for transactions where the data is expected to be present.
 31 July 2025
Data holder (brand) Issue Proposed resolution date

Regional Australia Bank Ltd

Brand:

Regional Australia Bank

 1. Term deposit details are missing in GetAccountDetail API response. 30 June 2025

Southern Cross Credit Union Limited

Brand:

Southern Cross Credit Union
  1. CDR Standards v1.33.0 - Retirement of existing hybrid protocol and only supporting Authorization Code Flow from 12 May 2025 will be delayed.
 31 August 2025
Data holder (brand) Issue Proposed resolution date

Warwick Credit Union Limited

Brand:

Warwick Credit Union
  1. Authorisation Flow Control
 31 July 2025

Woolworths Team Bank Limited

Brand:

Woolworths Team Bank
  1. CDR v1.33.0 - Unable to meet Mandate deadline 12 May 2025 due to constraints from External Software provider.
 14 July 2025