Consumer Credit Reporting Webinar: Key issues in complaints handling
The webinar will focus on the following issues: 1.Overview & introduction 2.Types of personal information that can be held in the consumer credit reporting system 3.Key requirements to list a default 4.Access rights and obligations 5.The new corrections process 6.Complaints about incorrect personal information
Part IIIA of the amended Privacy Act 1988 supplemented by: – Privacy Regulation 2013 – Privacy (Credit Reporting) Code 2014 (CR code)
Separated into divisions based on the type of participant: – Division 2 – CRBs – Division 3 – credit providers – Division 4 – affected information recipients Separate division (Division 5) setting out complaints handing rights and obligations CR code divided by topic
No reference to a credit report or a credit information file in the legislation however, expected that industry will continue to use these terms.
Information in the credit reporting system is categorised based on: – the entity that holds the information, – the entity that disclosed the information, and – the purpose for which that information can be used Reflects the flow of information in the system Obligations and rights expressed by reference to these different categories
There are six key categories: – credit information (CI) collected by credit providers – CRB derived information produced by CRBs using CI – credit reporting information (CRI) = CI + CRB derived information disclosed by CRBs to credit providers – CP derived information produced by credit providers using CRI – credit eligibility information = CRI and CP derived information used & disclosed by credit providers (but not to CRBs) and includes CRI and CP derived information – regulated information held (used) by AIRs
Credit information is the key category: – raw types of information permitted to be collected by CRBs for inclusion in a credit report – credit information is defined in s6N – equivalent to s18E of the current Part IIIA
1.Pre-commencement information – information prescribed by the old s18E that is no longer permitted to be collected by a CRB for inclusion in a credit report 2.Other publicly available information – that doesnt meet the requirements of s6N & Para 11 CR code 3.Other consumer credit information – other information about an individual's consumer credit activities (Para 5.1 CR code, E.g. information about the balance on a credit account) 4.Other commercial information – other information about an individual's commercial credit activities
The exception applies if… a CRB lawfully held the information immediately prior to 12 March 2014, or a CP holds the information, that was lawfully disclosed to it by a CRB and… the personal information is NOT information about a small default (a default of < $150) the use or disclosure occurs on or before 12 March 2016 OR the expiry of the relevant retention period, whichever is sooner. or… the personal information is a file note entered at the request of the individual prior 12 March 2014 and the individual has not subsequently requested its removal.
BUT… any pre-commencement information (or file note) captured by this exception MUST BE HANDLED AS IF IT WERE CREDIT INFORMATION For example, the relevant retention period will be the NEW retention period for the most analogous type of credit information
Previously publicly available information not regulated by Part IIIA But this has changed…
Part IIIA (s6N): – MUST be about an individuals activities in Australia and creditworthiness CR code (Para 11): – MUST be available to the general public – MUST be collected by a CRB from an agency or state/territory authority
Part IIIA exhaustively sets out the types of personal information able to be included in an individuals consumer credit report Paragraph 5.1 of the CR Code makes this absolutely clear
Credit information includes information about: commercial credit enquiries, and commercial credit applications (type & amount) Credit laws DO NOT regulate other types of commercial credit information But… …the laws DO regulate when and for what purpose a commercial provider can access the consumer system
NOT statute barred NOT less than $150 at the time of listing ALL of that amount must be at least 60 days overdue 2 notices – Notice requesting payment – Notice of intention to disclose a default
2 notices must be issued 30 days apart (cant be in one envelope!) 2 nd notice must be issued at least 14 days prior to listing Default cannot be listed more than 90 days after 2 nd notice is given
Key concerns: – double listings – artificial extension of the retention period Solution: – each overdue payment must be the subject of a separate listing (even for the same credit account) – default can only be updated to reflect accrual of incidental fees and charges that result from the overdue payment
A CRB must provide FREE access in the following circumstances: 1.if the individual has applied for, and been refused credit, within the past 90 days 2.if the access relates to a decision by a CRB or a credit provider to correct information, and 3.in addition, once every 12 months.
must be as available and easy to identify as fee- based access services within 10 days of receipt request includes access to a current credit score must include summary & explanation to aid understanding CRB required to verify the identity of the individual seeking access
Single point of access obligation to consult evidence substantiating correctness 30 day timeframe
How might this work…? establishment of a corrections interchange centralised registry of all corrections requests incorrect information held by multiple CRBs can be corrected simultaneously
3 tiered complaints system: 1.CRB or credit provider to which the complaint relates 2.recognised external dispute resolution scheme 3.the OAIC
OAIC can decline to investigate complaint if: – individual did not first complain to the CRB or credit provider – complaint is already being dealt with by an EDR scheme – complaint would be more effectively or appropriately dealt with by an EDR scheme
Individual not required to complain to a CRB or a credit provider about the outcome of their correction or access request
15 NEW consumer credit reporting fact sheets available on the OAIC website – OAIC Business Resource 3 – What has changed in credit – ARCA – Possibility of future webinars (Feedback!)
Protecting information rights – advancing information policy Questions?