About the schedule

The ACCC monitors and enforces compliance with the CDR obligations set out in the Competition and Consumer Act 2010 (Cth), the Competition and Consumer (Consumer Data Right) Rules 2020 (the CDR Rules) and the Consumer Data Standards.

Data holders’ obligations commenced on various dates - see the CDR rollout

Some data holders have received an exemption from certain obligations under s56GD of the Act. The CDR exemptions register lists all exemptions granted.

This rectification schedule sets out information provided by data holders to the ACCC. We have published this information to provide a reference for accredited data recipients and consumers regarding potential issues in data holders’ CDR implementations.

We expect data holders to promptly rectify their non-compliance or face possible enforcement consideration in line with the ACCC/OAIC Compliance and Enforcement Policy for the Consumer Data Right. Listing an issue on this rectification schedule does not preclude the ACCC from pursuing compliance or enforcement action in-line with this policy.

Data holders that are not currently active on the CDR Register and do not have an exemption from this requirement are listed in a separate rectification schedule.

This table is current as at 2 October 2025.

Banking - major data holders

The data holders listed in the table below are the four major data holders and their non-primary brands.

Data holder (brand) Issue Proposed resolution date

Commonwealth Bank of Australia (CBA)

Brands:

CommBank and CommBiz

 1. Enablement of CDR data sharing for certain accounts under the ‘Trading Entity, Business Name’ customer profile type. CBA is working to enable CDR data sharing for certain accounts accessed via 'CommBiz' and ‘NetBank’ and held under a ‘Trading Entity Business Name’ customer profile type.  TBC
 

2. CDR data sharing for certain accounts accessed via 'CommBiz' and ‘NetBank’ that are held:

  • under a co-holder role type, where those account holders may include a ‘Trading Entity Business Name’ or 'trust' customer profile type;
  • by certain account holders on behalf of another person (eg, controlled monies, informal trust or representative accounts); and
  • by certain accounts holders under a 'master contract holder' or 'master contract co-holder' profile type. 
 TBC

Commonwealth Bank of Australia (CBA)

Brands:

CommBiz

 3. Enablement of data sharing for accounts held by individuals or sole traders in the CommBiz digital channel. TBC

 

Data holder (brand) Issue Proposed resolution date

National Australia Bank Limited

Brand:

National Australia Bank

 1. Issues with the time stamp returned for NPP transactions in the ‘Get Transactions for Account’ API. TBC

National Australia Bank Limited

Brand:

UBank

 2. accountId field does not currently meet ID Permanence Standards 30 September 2025

Banking - non-major data holders

Data holder (brand) Issue Proposed resolution date

AMP Bank Ltd

Brand:

AMP Bank GO
  1. Customers using the AMP Bank GO banking brand to share data will be authenticated via its digital app using App2App and Web2App technology, rather than by One Time Password (OTP). App2App and Web2App technology forms part of the Data Standards Body DP 327 - Authentication Uplift Phase 1 that includes a recommendation that online customers can authenticate with their Data Holder's app.
 TBC

Australian Unity Bank Ltd

Brand:

Australian Unity Bank
  1. NPP service overlays added to Get Transaction Detail
 16 November 2025
  2. Supporting Authorization Code Flow (ACF) 16 November 2025
  3. LVR Minimum & Maximum values in Product Definitions 16 November 2025

Bank Australia Limited

Brand:

Bank Australia

Qudos Bank
  1. AccountID does not currently meet ID permanence standards
 30 September 2025

B & E Ltd

Brand:

Bank of us

1. Product fee accrualFrequency incorrect format

  • The accrualFrequency field may still appear when accruedRate or balanceRate are not present, which it should not.
  • In some cases when it does appear, it renders as an empty string, as opposed to null.
 TBC
  2. Establish and maintain consumer consent 30 November 2025
  3. Rate tier information (BankingProductRateTierV3) not utilised as per Rule 2.4(3)(b) 31 October 2025
  4. Disclosure of product data through the product data request service 30 November 2025

Bank of China (Australia) Limited

Brands:

Bank of China
  1. Get Transaction Detail v2 implementation
 30 June 2026

Bank of Queensland Limited

Brands:

Bank of Queensland Limited
  1. A subset of Sole Traders under our Bank of Queensland brand are incorrectly classified as ineligible for CDR.
 TBC

Bank of Queensland Limited

Brands:

Bank of Queensland Limited

Virgin Money

BOQ Specialist

DDH Graham

 2. Customers on legacy platforms do not experience commensurate latency  TBC

Beyond Bank Australia Limited 

Brand:

Beyond Bank Australia

 1. PRD RepaymentType is shown as Principal and Interest rather than Interest Only.  31 December 2025
  2. High Performance APIs not within threshold limit TBC

BNK Banking Corporation Limited

Brand:

BNK Bank (Goldfields Money/BCHL)
  1. Remaining datasets on Interfi BNK platform for Phase 2 delivery
 30 March 2026
  2. CDR arrangement for Secondary Users cannot be accommodated by definition because Secondary Users do not exist within the Core Banking Systems of BNK 30 June 2027
  3. Phase 1 - The 24-hour delay in certain CDR data availability due to old version (R16) of existing Core Banking System (T24) 31 December 2028

The Broken Hill Community Credit Union Limited

Brand:

Broken Hill Bank
  1. AccountId does not currently meet ID permanence standards
 September 30 2025

Data holder (brand) Issue Proposed resolution date

Central Murray Credit Union Limited 

Brand:

Central Murray Bank

 1. CDR release 1.33.0 – Authorisation Code Flow 31 October 2025

Coastline Credit Union Limited

Brand:

Coastline Bank

 1. AccountId does not currently meet ID permanence standards 30 September 2025

Community First Credit Union Limited 

Brands:

Illawarra Credit Union Limited

Easy Street

Community First Bank

 1. CDR Standards v1.33.0 - Retirement of existing hybrid protocol and only supporting Authorization Code Flow from 12 May 2025 will be delayed. 30 September 2025

Defence Bank Limited 

Brand:

Defence Bank

 1. accountId field does not currently meet ID Permanence Standards 30 September 2025

 

Data holder (brand) Issue Proposed resolution date

Fire Service Credit Union Limited

Brand:

Fire Service Credit Union
  1. AccountId does not currently meet ID Permanence Standards
 30 September 2025

Ford Co-operative Credit Society Limited

Brand:

Geelong Bank

 1. Invalid format for accrualFrequency on all product fees 30 September 2025
  2. CDR Release 1.33.0 Authorisation Code Flow 30 September 2025

Goulburn Murray Credit Union Co-operative Limited

Brand:

GMCU

 1. Retire existing hybrid protocol and only support Authorization Code Flow 31 October 2025

 

Data holder (brand) Issue Proposed resolution date

Heritage and People's Choice Ltd

Brand:

Heritage Bank

 1. Rule 4.22A – Amendment of data sets for consents authorised prior to 24 October 2024, in respect of Heritage Bank branded products, is unavailable. 25 October 2025

Horizon Credit Union Limited

Brand:

Horizon Bank
  1. Delay in rollout of v1.33.0 which requires retiring existing hybrid protocol and only supporting authorisation code flow.
 30 September 2025
  2. Data Standards v1.33.0 #657 - Get Product Detail;  unable to support Min and Max LVR values. 30 September 2025
  3. Data Standards v1.33.0 #664 - Get Transaction Detail; changes required to NPP Service Overlays. 30 Septmeber 2025

HSBC Bank Australia Limited

Brand:

HSBC

HSBC Bank Australia Limited – Wholesale Banking

 1. Implementation of Get Transaction Detail V2 30 June 2026

Judo Bank Pty Ltd

Brand:

Judo Bank
  1. Data presented via API end points is currently not commensurate in latency with data presented via Judo Bank’s digital banking platform and there may be up to 24 hours delay maximum. API end points will be presented near real-time following the upgrade of Judo Bank’s new core banking platform.
 30 November 2025
  2. The product data request service for our Term Deposit product does not delineate between Personal, SMSF and Business term deposit channels on the basis that the underlying product (including interest rates) are the same. For greater granularity, we are proposing to include all three channels separately via the product data request service. 30 October 2025

Laboratories Credit Union Limited 

Brand:

Laboratories Credit Union

 1.1.30 Delay in vendor delivery 31 October 2025
  2. 1.31 Delay in vendor delivery 31 October 2025
  3. 1.33 Delay in vendor delivery 31 October 2025

Liberty Financial Pty Ltd 

Brand:

Liberty Financial

 1. Secondary user functionality (Rules 1.13(1)(e) and 1.15(5)) Products not designed for secondary user functionality. Manual functionality available in limited circumstances (where necessary). TBC

MyState Bank Limited

Brand:

MyState Bank

 1. Missing amounts in the Get Transactions For Account API 28 November 2025

Newcastle Greater Mutual Group Limited

Brand:

Newcastle Permanent Building Society

Greater Bank

 1. When applying Rule 1.10B & Part 2 of Schedule 3, CDR Consumer Eligibility is determined at the Brand level (Newcastle Permanent and Greater Bank) not the Legal Entity level (NGM Group). TBC

Newcastle Greater Mutual Group Limited

Brand:

Newcastle Permanent Building Society

 2. CDR v5 dashboard changes to display the details of each authorisation’s amendment linked by cdr_arrangement_id TBC

 

Data holder (brand) Issue Proposed resolution date

Police & Nurses Limited

Brands:

P&N Bank

BCU

 1. High Performance API’s not within threshold limit TBC

QPCU Limited

Brand:

QBANK

 1. The Fee ‘accrued Rate’ filed is not displayed in API 31 December 2025

Data holder (brand) Issue Proposed resolution date

Rabobank Australia Limited

Brand:

Rabobank

 1. Online Savings: All applicable tiers are not being shared. Currently sharing only the tier associated with the current account balance. 31 March 2026
  2. Online Savings: All applicable rates should be shared. Currently sharing only the rate applicable to the first balance tier. 31 March 2026
  3. Online Savings: The overall deposit rate should be shared. If more than one balance tier is applicable, it must be the weighted average interest rate. Currently sharing an incorrect overall deposit interest rate if more than one balance tier is applicable. 31 March 2026
  4. Online Savings: The correct applicable balance range of 0 to 250,000 should be shared. Currently Sharing an incorrect balance range if the introductory bonus and more than one balance tier is applicable. 31 March 2026
  5. Farm Business: The deposit rate tiers should not be shared because the CB accounts have a single interest rate which applies to the entire balance. Currently sharing only one tier which is associated to the current account balance. 31 March 2026

Regional Australia Bank Ltd

Brand:

Regional Australia Bank

 1.Term Deposit Details are missing in GetAccountDetail API Response 30 September 2025

Southern Cross Credit Union Limited

Brand:

Southern Cross Credit Union

 1.CDR Standards v1.33.0 - Retirement of existing hybrid protocol and only supporting Authorization Code Flow from 12 May 2025 will be delayed. 31 October 2025

Data holder (brand) Issue Proposed resolution date

Transport Mutual Credit Union Limited

Brand

TMCU

 1.v1.33.0; retire existing hybrid protocol and supporting Authorisation Code Flow (ACF) TBC
Unity Bank Limited 1. LVR Tier Structured Data: GetProductDetail Accuracy – Inaccurate Data: Rule 2.4(3), Data Quality 9 October 2025
  2. Interest Application Frequency for Term Deposits: GetProductDetail Accuracy – Inaccurate Data 9 October 2025
  3. Invalid format for accrualFrequency on all product fees 9 October 2025
  4. CDR Standards v1.30.0, v1.32.0 and v1.33.0 9 October 2025

Warwick Credit Union Limited

Brand:

Darling Downs Bank
  1. Authorisation Flow Control
 30 September 2025

Woolworths Team Bank Limited

Brand:

Woolworths Team Bank
  1. CDR v1.33.0 - Unable to meet Mandate deadline 12 May 2025 due to constraints from External Software provider.
 30th April 2026

Energy - data holders

The data holders listed in the table below are the energy data holders and their non-primary brands.


Aurora Energy Pty Ltd

Brand:

Aurora Energy
  1. A small number of customer accounts will have less than 2 years billing data available
 30 June 2026