About the schedule
The ACCC monitors and enforces compliance with the CDR obligations set out in the Competition and Consumer Act 2010 (Cth), the Competition and Consumer (Consumer Data Right) Rules 2020 (the CDR Rules) and the Consumer Data Standards.
Data holders’ obligations commenced on various dates - see the CDR rollout.
Some data holders have received an exemption from certain obligations under s56GD of the Act. The CDR exemptions register lists all exemptions granted.
This rectification schedule sets out information provided by data holders to the ACCC. We have published this information to provide a reference for accredited data recipients and consumers regarding potential issues in data holders’ CDR implementations.
We expect data holders to promptly rectify their non-compliance or face possible enforcement consideration in line with the ACCC/OAIC Compliance and Enforcement Policy for the Consumer Data Right. Listing an issue on this rectification schedule does not preclude the ACCC from pursuing compliance or enforcement action in-line with this policy.
Data holders that are not currently active on the CDR Register and do not have an exemption from this requirement are listed in a separate rectification schedule.
This table is current as at 26 May 2023.
Banking - major data holders
The data holders listed in the table below are the four major data holders and their non-primary brands.
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
| Australia and New Zealand Banking Group Limited (ANZ) |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered - Delivered functionality that allows account holders to cease secondary user data sharing for a specific authorisation and also allows account holders to remove the secondary user permission completely. |
TBC |
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
| Commonwealth Bank of Australia (CBA) |
1. CBA – Subset of customers unable to share CDR data CBA will address an eligibility issue impacting a subset of customers who have been incorrectly assessed as ineligible to share CDR data. |
30 June 2023 |
|
2. CBA – Data sharing for some customers CBA will address an account number reconciliation issue, which is preventing some customers from CDR data sharing for the following products:
|
31 October 2023 | |
|
3. CBA – Secondary User indication Rules CBA will build the functionality for account holders to cease secondary user data sharing on an ADR basis |
TBC | |
|
Commonwealth Bank of Australia (CBA) Brand: Bankwest |
4. Bankwest - Secondary User indication Rules Bankwest will build the functionality for account holders to cease secondary user data sharing on an ADR basis |
TBC |
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
| National Australia Bank Limited (NAB) |
1. Maintenance iteration issue #547 due in April 2023. |
30 September 2023 |
|
2. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing. Implementation paused pending rules review |
TBC | |
|
3. Additional transaction service codes provided in Get transactions detail. Identifier of the applicable overlay service. Valid values are: X2P1.01. NAB also provides X2P1.04 and SCT.04 in some situations |
30 September 2024 | |
|
National Australia Bank Limited (NAB) Brand: ubank |
4. Rule 3.4(3) of Part 3 and Rule 4.6(4) of Part 4 of the CDR Rules (and all related rules) in respect of: (a) data held on the 'ubank' core banking system provided by Oracle Australia Pty Ltd in relation to joint accounts provided by NAB under its 'ubank' sub-brand; (b) the obligations arising under the Consumer Data Standards to disclose all data in relation to Phase 2 products, and to develop the following functionalities for Phase 1, 2 and 3 products:
as they relate to required consumer data held on the 'ubank' core banking system provided by Oracle Australia Pty Ltd. NAB confirms that the reference above to "all related rules" includes:
5. Sharing consumer data held on the 'ubank' core banking system provided by Oracle Australia Pty Ltd for products offered by NAB under its 'ubank' sub-brand where the account is closed prior to the customer being migrated to the 'ubank' core banking system provided by Data Action Pty Ltd. |
30 September 2023 |
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
|
Westpac Banking Corporation Brand: Westpac, St.George, Bank of Melbourne, Bank SA, Asgard |
1. NFR Response Time Uplift Westpac has identified, and is implementing, improvement initiatives with respect to certain non-functional requirements (NFR). |
1 July 2023 |
|
2. Secondary User Indication Rules Westpac received guidance from the ACCC in a letter dated 26 October on the interpretation of rules concerning an account owner’s ability to restrict authorised Secondary Users from further data sharing for specific accredited persons. Westpac have delivered functionality that allows an account owner to stop continuing data sharing consents authorised by secondary users to ‘an accredited person’. This functionality is in place for all currently delivered scope. |
TBC |
Banking - non-major data holders
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
| AMP Bank Ltd |
1. Secondary Users: Data sharing will not be available for Secondary Users until 1 July 2023. |
1 July 2023 |
|
2. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing. Alternative functionality to be delivered. |
1 July 2023 | |
|
3. Individual account owners with secondary user on their account. Individual account owners who have set up secondary users on their accounts are unable to data share. Secondary users on these accounts are able to data share. This issue impacts single-owner accounts only. Joint accounts are not impacted by this limitation. |
1 July 2023 | |
|
Australian Military Bank |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements -Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC |
|
Australian Military Bank Brand: RSL Money |
2. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements -Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC |
| Australian Mutual Bank Limited |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements -Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
| Australian Unity Bank Limited |
1. Allow business owners to nominate a representative to share data on behalf of the business 2. Secondary users indication rules Implementation paused pending rules review |
30 June 2023 |
| Auswide Bank Ltd |
1. No verification was being performed on the value of x-fapi-customer-ip-address request header 2. For AccountDetail version 2 of the API was requested but version 3 was returned. 3. When requesting the invalid endpoint /banking/partyballoons what is returned is a HTML page instead of application/json content. 4. Accounts: 424 Failed Dependency, 500 internal server error, errors are also not added as individual items in the structure they are added as part of the body. |
31 July 2023 |
|
5. Aspects of the Secondary User obligations for Data Holders relating to the ability of an Account Holder to block a Secondary User from sharing data from a specific account with a specific accredited person (i.e. Data Recipient). Implementation paused pending rules review |
TBC | |
|
B&E Ltd (T/a Bank of us) |
1. Page beyond last page produces unexpected error when a 400 error should be returned |
31 May 2023 |
|
2. Blocking sharing for specific ADRs in relation to secondary users not supported Alternative functionality to be delivered |
TBC | |
| Bank Australia Limited |
1. Non-Individuals Not able to meet the mandate prescribed date 1 November 2022 |
1 July 2023 |
|
2. Non-Individuals Ceasing secondary user sharing to specific ADR Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) of the Competition and Consumer (Consumer Data Right) Rules 2020. Implementation paused pending rules review |
TBC | |
| Bank of China (Australia) Ltd |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements -Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC |
|
Bank of Queensland Ltd Brand: BOQ, Virgin Money Australia, BOQ Specialist, DDH Graham |
1. Pending transactions are not currently shared. | 15 October 2023 |
|
2. Blocking sharing for specific ADRs in relation to secondary users not supported Implementation paused pending rules review |
TBC | |
| 3. Customers on legacy platforms do not experience commensurate latency | TBC | |
|
Bank of Queensland Ltd Brand: BOQ, Virgin Money Australia, BOQ Specialist, DDH Graham ME Bank |
4. Product data optional fields missing in Get Account Detail API. |
31 July 2023 |
|
Bank of Queensland Ltd Brand: BOQ BOQ Specialist DDH Graham |
5. Some complex non-individual entity accounts are not currently shareable. |
30 June 2023 |
|
Bank of Queensland Ltd Brand: BOQ Specialist |
6. Secondary users not supported from 1 November 2022 for credit card secondary card holders | 31 July 2023 |
| 8. Data presented via the CDR APIs is not commensurate with data presented via the primary digital channel | 31 August 2023 | |
|
Bank of Sydney |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC |
|
Bendigo and Adelaide Bank Ltd Brand: Bendigo Bank |
1. Joint Account Management (JAMs) CDR rules requiring that a joint account holder has the option to remove a specific account from a specific consent with a specific ADR is not yet enabled. Under the current solution, if a joint account holder elects not to share, then this will prevent the account being shared with any ADR. 2. Joint Account Management (JAMs) CDR rules requiring joint account owners being able to preference which notifications they receive, how often and when for notification preferences is not yet enabled. Under the current solution, all required notifications will be sent to joint account holders. |
30 June 2023 |
|
3. Data sharing is not currently available for Equipment Finance products 4. Nominated representatives of business entities, and secondary users of individually owned accounts, are not yet able to share CDR data |
1 July 2023 | |
|
5. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements – Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC | |
|
Beyond Bank Australia |
1. Non-individual Facilitate compliance with the CDR rules for non-individual/partnership accounts and Secondary users for Financial Institutions. 2. PRD API is currently returning invalid data for 'frequency' values, including term deposit terms, fixed rate home loan terms, interest rate calculation frequencies and interest rate application frequencies. |
1 July 2023 |
|
3. Non-Individuals Ceasing secondary user sharing to specific ADR Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) of the Competition and Consumer (Consumer Data Right) Rules 2020. Alternative functionality to be delivered. |
TBC |
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
|
Cairns Penny Savings & Loans Ltd t/as Cairns Bank |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
| Central Murray Credit Union Limited |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
| Central West Credit Union Ltd |
1. One time password when providing consent is not working 2. Unable to cancel consent from within Ultracs environment |
9 June 2023 |
|
3. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing. Alternative functionality to be delivered |
TBC | |
| Challenger Bank Ltd | 1. Joint Account Management and Complex Accounts
2. Data quality a. Transactions returned in API requests include non-statemented transactions. b. Transaction descriptions on transaction data are system descriptions not transaction narratives. c. Biller name is incorrect in Scheduled Payments response and Transaction response. d. Deposit maturity is being reported as rolled over before the maturity date e. Interest type is being provided as principal and interest for interest only loans. f. PayerReference and PayeeReference are blank in scheduled payments response. g. Special characters are being return in product data in Account Details response. h. AvailableBalance is missing in getBalance response. i. If Payee request is requested by 'Type', payee details are not being returned in the response. 3. API error a. 404 error is returned on Account Details where an account has a closed status. b. API failure where interest rate is fixed or floating. c. Future scheduled payments has an empty string where it should be providing a payer reference. d. Account Details response fails for new home loans created after 21 August 2022 due to a new debit interest property in home loan product configuration. 4. Consent management a. Consent authorisation is failing when customer does not have any open accounts, only closed accounts. b. Revoked consents are still reflecting as active. c. Consent withdrawn date not being populated in dashboard. d. Consent creation date is incorrect where consent was created prior to 10am EST. |
31 May 2023 |
|
5. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC | |
| Coastline Credit Union Ltd |
1. Maintenance Iteration 11
|
30 March 2023 |
|
2. Non-Individuals – Cease Sharing |
30 June 2023 | |
|
Community First Credit Union Brand: Community First Credit Union; Easy Street; Amigo |
1. Rule 15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
| Credit Union Australia Ltd (T/a Great Southern Bank) |
1. More customer friendly descriptions for various transaction types. 2. A code fix required for correcting the mapping of payee data internally. |
29 August 2023 |
| 3. Stop Personal Delegate Sharing with Specific ADR.
Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements – Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC | |
|
Credit Union SA Ltd |
1. Duplicate Account ID's are being provided for 2 separate items
|
30 June 2023 |
| 2. Non-personal account data sharing not available | 1 July 2023 | |
| 3. Missing transaction long description | 31 December 2023 | |
|
4. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Account holders will be unable to indicate that they no longer approve of data disclosure to a particular accredited person in response to a request made by a particular secondary user. Implementation paused pending rules review |
TBC | |
| Defence Bank Limited |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
|
Family First Credit Union Limited |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC |
| Fire Service Credit Union Ltd |
1. Non-individuals Delivery of Non-individuals functionality |
1 July 2023 |
|
2. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC | |
| First Choice Credit Union Ltd | 1. Non-individuals Delivery of Non-individuals functionality |
1 July 2023 |
|
2. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC | |
|
First Option Bank Ltd |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
| Ford Co-operative Credit Society Limited (T/a Geelong Bank) |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
| G&C Mutual Bank | 1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
|
Gateway Bank |
1. Gateway Bank is unable to deliver data sharing for business customers by 1 November 2022. | 30 June 2023 |
|
2. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
1 January 2024 | |
| Goulburn Murray Credit Union |
1. API endpoints returning an incorrect 406 error 2. Scheduled Outage to be set |
31 May 2023 |
|
|
3. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
|
Heritage and People's Choice Ltd Brand: People's Choice Credit Union |
1. Secondary Users functionality to enable an account holder to permanently withdraw authority for a secondary user to share to a specified ADR entity not available Functionality available to enable account holders to cease secondary user data sharing for a specific authorisation. |
TBC |
| Horizon Credit Union Ltd (T/a Horizon Bank) |
1. Account holder unable to cease data sharing to a particular accredited person in response to a request made by a secondary user (Rule1.15(5)(b)(i)) Implementation paused pending rules review |
TBC |
|
HSBC Bank Australia Limited (HSBC) |
1. Functionality for joint account customers to invite other account holders to indicate disclosure option is not currently available. A manual workaround is available for customers. |
30 June 2023 |
| 2. Trust accounts with single and joint individual trustees are not being shared | 30 September 2023 | |
|
3. Secondary user data sharing not supported Implementation paused pending rules review |
30 November 2023 | |
|
4. Performance times not aligned to non-functional requirements in limited cases. 5. Get metrics reporting is not aligned to the standards in some instances. |
31 December 2023 | |
|
HSBC Bank Australia Limited – Brand: HSBC Bank Australia Limited - Wholesale Banking |
6. Direct debit issue – HSBC is not able to share customer direct debit reference data. 7. Payee details issue - HSBC is not able to share customer Payee details. 8. Scheduled payments issue - HSBC is not able to share customer Scheduled payment details 9. HSBC revised its corporate account authorisation amendment functionality in Q1 2022 to ensure compliance with the ACCC's requirements. 10. Historical transaction data older than 60 days will not be available for CMB and GBM corporate accounts until 31 March 2023. |
30 June 2023 |
|
11. Closed accounts issue – Data sharing for corporate accounts that have been closed for over 180 days is not available at this time. 12. Get metrics reporting is not aligned to the standards in some instances. |
31 December 2023 | |
| Hume Bank Limited |
1. FDO for data holders ignoring unsupported authorisation scopes 2. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
| Illawarra Credit Union Ltd |
1. Get Bulk Balances API returned nil data 2. Further testing has revealed in certain circumstances where balanceRate or accruedRate are not present, the accrualFrequency is not required, but is being included with a null value. This issue has now been logged with core banking provider. |
30 June 2023 |
|
3. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC |
|
|
4. Historical CDR data available from 1 January 2017: Transactional data is not available from 1 January 2017 to 1 October 2018. Transactional data is available from 2 October 2018 onwards. |
No proposed resolution date | |
| IMB Ltd (T/a IMB Bank) | 1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements – Ceasing Secondary User Data Sharing Implementation paused pending rules review | TBC |
| ING Bank (Australia) Ltd (ING) |
1. Accounts owned by Business Entities Nominated Representatives of Business Entities are not able to share CDR Data |
30 June 2023 |
|
2. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements – Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC | |
|
Laboratories Credit Union |
1. AdditionalInfoUri value contained invalid characters for the UriString type. 2. Eligibility additional Value needs review 3. Validate the additional Value usage in ProductDetails features 4. Get products with updated-since query is not filtering correctly 5. Need to validate 0 item page links 6. Clarification of error message eg "invalid_request", "error Description" 7. Additional scope language clusters are rendered when only scope "profile" is requested 8. Need to verify that DCR is working for response_types of ["code id_token","code"] 9. Host not returning the correct error for invalid page 10. Change http: status from 406 to 400 for invalid Content-Type header 11. Host not returning the correct error for Invalid Banking Account Needs to be 422 12. Need to change the status code to 403 for invalid scope "Consent Is Invalid" 13. Content type checking in Open Banking services is not working when the request method is a POST 14. Testing Error 400 - System.DateTime format - The datetime that passed to host must be in format which has T between the date and time 15. Returns 400: Expected error encountered unmasked account number is included in the error message. Where Consent is Invalid 16. Error code detail is "Decryption failed with result '6' occur when encrypted account is failed to decrypt. This happen when the encrypted account id from GetAccounts. 17. Configuration of the error if the request does not supply a certificate 18. Secondary User obligations for Data Holders relating to the ability of an Account Holder to block a Secondary User from sharing data from a specific account with a specific accredited person. |
15 June 2023 |
|
19. Secondary User obligations for Data Holders relating to the ability of an Account Holder to block a Secondary User from sharing data from a specific account with a specific accredited person. Non-compliance with Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) from Secondary Users/Nominated Representatives Nov 1 Update Implementation paused pending rules review |
TBC | |
| Macarthur Credit Union Ltd |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
| Macquarie Bank Ltd |
1. Availability of closed Joint Accounts in the Macquarie CDR Consumer Data. |
31 August 2023 |
|
2. For some joint accounts, the account holders do not receive email or push notifications related to consent and disclosure options management. |
31 August 2023 |
|
|
3. Availability of alternative notification schedules for joint account notifications. |
31 August 2023 |
|
|
4. Rectify incorrect mapping of "postingDate" for Get Transaction API call. |
31 August 2023 |
|
|
5. Availability of Business Banking joint accounts for Consumer Data Sharing. |
31 August 2023 |
|
|
6. Supporting Secondary Users for Consumer Data Sharing. |
31 August 2023 |
|
|
7. Availability of Consumer Data Sharing for Personal Banking accounts held by non-individual entities. |
31 August 2023 |
|
|
8. API response for Get Account Details has the following gaps for Business Banking products: Features that can be turned on (activated) or off (de-activated) against customer accounts are not included in the response to the ADR. feeType for some fees is set to ‘Variable’ even if the fee is not ‘Variable’ in nature. |
31 August 2023 | |
| 9. Ability to support increased transaction volume in Get Transactions API calls. | 31 October 2023 | |
| 10. For customer accounts of Business Banking products, API response for Get Bulk Direct Debits and Get Direct Debit for Specific Accounts does not include Direct Debits created on the same day as the API call and the API may return an error if the account list includes more than 50 accounts. | 31 October 2023 | |
| 11. For customer accounts of Business Banking products, API response for Get Scheduled Payment for Account, Get Scheduled Payment Bulk, and Get Scheduled Payment for Specific Accounts does not include Scheduled Payments created using the ABA and Bulk BPAY files. | 31 October 2023 | |
| Maitland Mutual Limited |
1. CDR Data Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) due 1 November 2022 – Secondary Users obligations (non- account holders) to share data on the account owner(s) behalf Alternative functionality to be delivered |
TBC |
|
Members Banking Group Limited (t/a RACQ bank) |
1. 865 non-personal members do not have access to CDR. | 30 June 2023 |
|
2. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC | |
| MyState Bank Limited |
1. Delayed delivery of Joint Accounts requirements 2. Delayed delivery of non-individuals, or partnerships, or nominated representatives or secondary users Implementation paused pending rules review |
30 November 2023 |
|
Newcastle Greater Mutual Group Limited Brand: Newcastle Permanent |
1. Compliance with Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) of the Competition and Consumer (Consumer Data Right) Rules 2022. Alternative functionality to be delivered |
TBC |
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
| Orange Credit Union Ltd |
1. Product reference data compliance - loan purpose field missing. |
30 June 2023 |
|
2. Rule 1.15 (5)(b)(b) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC | |
| PayPal Australia Pty Ltd |
1. The payee/ merchant name for scheduled payments is not being returned. This impacts consents related to our personal and premier digital wallet accounts and will impact business digital wallet accounts. |
31 July 2023 |
|
2. In relation to the non-individual CDR consumer data sharing obligations (with a compliance date of 1 November 2022), PayPal merchants who use their own Identity Provider (idP) and related Single Sign On based authentication to log into their enterprise PayPal business accounts will be unable to complete CDR authentication. This issue does not impact PayPal CDR consumers (individual or non-individual) who do not use this authentication model with PayPal. |
31 December 2023 | |
|
3. In relation to the non-individual CDR consumer data sharing obligations (with a compliance date of 1 November 2022), PayPal merchants who hold multiple PayPal business accounts under the same merchant entity and therefore have multiple users with access to the PayPal merchant’s business digital wallet, will be unable to:
This issue does not impact PayPal CDR consumers (individual or non-individual) who do not hold multiple PayPal accounts. |
1 November 2025 |
|
|
Police & Nurses Limited Brands: P&N Bank bcu |
1. Non-individuals – Delivery of Non-Individuals functionality. |
30 July 2023 |
| 2. loanPurpose field to be added as part of the Product Reference Data for lending products. | 31 August 2023 | |
| 3.OBS-780: Missing VISA transaction long description – interim fix implemented, full description displays the day after the transaction is processes | 30 September 2023 | |
|
4. OBS-572: Reference displayed on transaction in internet banking is not displayed 5. OBS-857: Nickname and payee reference not displaying in schedule payment information. Determine correct nickname when payment linked to a saved payee |
31 December 2023 | |
|
6. Non-individuals - Ceasing secondary user sharing to specific ADR Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) of the Competition and Consumer (Consumer Data Right) Rules 2020. Alternative functionality to be delivered |
TBC | |
| Police Credit Union Ltd |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
| Police Financial Services Limited (T/a BankVic) |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC |
| QPCU Limited (QBANK) |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered. |
TBC |
| Qudos Bank | 1. Non-individuals
Delivery of Non-Individuals functionality |
1 July 2023 |
|
|
2. Non-individuals Ceasing secondary user sharing to specific ADRRule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) of the Competition and Consumer (Consumer Data Right) Rules 2020. Seeking clarification on requirements to determine changes and impact to delivery timeline. |
TBC |
| Queensland Country Bank Ltd |
1. OBS-842 Maintenance Iteration 9 – Physical addresses showing when no data is present 2. Non-individuals Delivery of Non-Individuals functionality |
1 July 2023 |
|
3. Non-individuals Ceasing secondary user sharing to specific ADRRule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) of the Competition and Consumer (Consumer Data Right) Rules 2020. Seeking clarification on requirements to determine changes and impact to delivery timeline |
TBC |
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
| Rabobank Australia Ltd |
1. The functionality for an Account Holder to block their Secondary User from data sharing from an account with a specified Accredited Data Recipient is currently unavailable. Implementation paused pending rules review |
TBC |
|
Regional Australia Bank Ltd |
1. Delayed support for joint accounts 2. Delayed support for non-individuals, partnerships, nominated representatives and secondary users |
14 April 2023 |
|
3. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC | |
| Southern Cross Credit Union Ltd | 1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing
Alternative functionality to be delivered |
TBC |
|
South West Slopes Credit Union Ltd |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
| Summerland Financial Services Ltd (T/a Summerland Credit Union) |
1. Non-individuals Delivery of Non-Individuals functionality |
1 July 2023 |
| 2. Loan Purpose Code | 31 August 2023 | |
|
3. Non-individuals Ceasing secondary user sharing to specific ADR Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) of the Competition and Consumer (Consumer Data Right) Rules 2020. Seeking clarification on requirements to determine changes and impact to delivery timeline |
TBC | |
| Suncorp-Metway Limited (T/a Suncorp Bank) |
1. Loans that have a redraw facility with available funds for transfer are not reporting correct Available Balance. The reported balance does not consider any redraw facility or available funds. 2. Loans that have uncleared funds are not reporting correct Current Balance. The reported balance does not include any uncleared funds. 3. Loans that are for the purpose of investment or are owner occupied are not returning the loan purpose. |
31 July 2023 |
| 1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing
Alternative functionality to be delivered |
TBC |
|
Data holder (brand) |
Issue | Proposed resolution date |
|---|---|---|
| Teachers Mutual Bank Ltd |
1. Get Bulk Balances API returned nil data |
31 October 2023 |
|
2. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC | |
| The Broken Hill Community Credit Union Ltd |
1. Non-individuals Delivery of Non-Individuals functionality |
1 July 2023 |
| 2. Loan Purpose and Repayment Type | 31 August 2023 | |
|
3. Transaction long description (Teller Journal Transactions) (780) 4. NPP End to end ID missing - Get Transaction Detail (572) 5. Non-individuals - Ceasing secondary user sharing to specific ADR Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) of the Competition and Consumer (Consumer Data Right) Rules 2020. Seeking clarification on requirements to determine changes and impact to delivery timeline |
TBC | |
| The Capricornian Ltd |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC |
| Transport Mutual Credit Union Limited |
1. FDO for data holders ignoring unsupported authorisation scopes 2. Incorrect error for missing x-v - Response and error code incorrect 3. Invalid x-fapi-customer-ip-address does not error 4. Page beyond last page produces unexpected error when a 400 error should be returned 5. Scheduled Payments nextPaymentDate incorrectly formatted |
1 July 2023 |
|
Unity Bank Limited Brands: Unity Bank Reliance Bank |
1. Fee types accrualFrequency incorrectly included in Get Account Detail responses | 30 June 2023 |
|
2. Existing software does not cater for Rule 1.15 (5)(b)(i) and Rule 4.6A(a)(ii) in relation to account holders ceasing a sharing arrangement to a data recipient made by a secondary user Alternative functionality to be delivered |
TBC | |
|
Victoria Teachers Limited (t/a Bank First) |
1. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Implementation paused pending rules review |
TBC |
| Warwick Credit Union Ltd | 1. Rule 1.15(5) (b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
| WAW Credit Union Co-Operative Ltd |
1. Get Customer Details - areaCode and fullNumber in CommonPhoneNumber for purpose HOME |
Ongoing |
|
2. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC | |
| Woolworths Team Bank |
1. Rule 1.15(5)(b) (i) and Rule 4.6A(a)(ii) requirements - Ceasing Secondary User Data Sharing Alternative functionality to be delivered |
TBC |
Energy - initial retailers
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
| AGL Energy Limited | On-market residential network customers cannot access energy CDR services | 15 November 2023 |
|
Data holder (brand) |
Issue |
Proposed resolution date |
|---|---|---|
| Origin Energy |
1. Get Energy Account Detail’ API fields 2. Providing Concession Details for Commercial Customers |
1 November 2023 |
| 3. Rule 1.15(5)(b)(i) and Rule 4.6A(a)(ii) requirements- Ceasing Secondary User Data Sharing
Implementation paused pending rules review. |
TBC |