About the schedule

The ACCC monitors and enforces compliance with the CDR obligations set out in the Competition and Consumer Act 2010 (Cth), the Competition and Consumer (Consumer Data Right) Rules 2020 (the CDR Rules) and the Consumer Data Standards.

Data holders’ obligations commenced on various dates - see the CDR rollout

Some data holders have received an exemption from certain obligations under s56GD of the Act. The CDR exemptions register lists all exemptions granted.

This rectification schedule sets out information provided by data holders to the ACCC. We have published this information to provide a reference for accredited data recipients and consumers regarding potential issues in data holders’ CDR implementations.

We expect data holders to promptly rectify their non-compliance or face possible enforcement consideration in line with the ACCC/OAIC Compliance and Enforcement Policy for the Consumer Data Right. Listing an issue on this rectification schedule does not preclude the ACCC from pursuing compliance or enforcement action in-line with this policy.

Data holders that are not currently active on the CDR Register and do not have an exemption from this requirement are listed in a separate rectification schedule.

This table is current as at 19 December 2024.

Banking - major data holders

The data holders listed in the table below are the four major data holders and their non-primary brands.

Data holder (brand) Issue Proposed resolution date

Commonwealth Bank of Australia (CBA)

Brands:

CommBank and CommBiz

 1. Enablement of CDR data sharing for certain accounts under the ‘Trading Entity, Business Name’ customer profile type. CBA is working to enable CDR data sharing for certain accounts accessed via 'CommBiz' and ‘NetBank’ and held under a ‘Trading Entity Business Name’ customer profile type. TBC

 

Data holder (brand) Issue Proposed resolution date

National Australia Bank Limited

Brand:

National Australia Bank

1. Additional transaction service codes provided in Get transactions detail.

Identifier of the applicable overlay service. Valid values are: X2P1.01. NAB also provides X2P1.04 and SCT.04 in some situations.

 TBC
 

2. In Account Details API, current “DepositRate” and “LendingRate” is provided to ADRs. However, additional fields present in” Deposit Rates” and “Lending Rates” objects are currently not returned for business and personal products.

3. In Account Details API, “Features” optional object  for the accounts is not returned for business and personal products.  

4. In Account Details API,  “Fee” optional object for the accounts is not returned for business and personal products. 

 TBC

National Australia Bank Limited

Brand:

UBank

5. CDR v5 dashboard changes - to display the details of each authorisation’s amendment linked by cdr_arrangement_id - will be delivered prior to the obligation date of 1 July 2024. The following items, as uncovered by the CX guidance on 11 Apr 2024, will be delivered later.

  • additional requirements regarding the latest/current authorisation details being part of the consent history
  • details of the amendment in line with the date of amendment in the consent history
  • highlighting of relevant area(s) changed in the amendment
 TBC

Banking - non-major data holders

Data holder (brand) Issue Proposed resolution date

AMP Bank Ltd

Brand:

AMP Bank

 1. Home loan product descriptions in PRD are not aligned to website.
Home loan fee information in PRD does not contain references to $0/nil fees.		 20 December 2024
  2. Information Security Profile - refresh tokens
Missed implementation related to cycling refresh tokens.		 TBC

Bank Australia Ltd

Brand:

Bank Australia

 1. Get Outages API missing mandatory "data" section TBC

Bank of Queensland Ltd

Brands:

Bank of Queensland Ltd

Virgin Money

BOQ Specialist

DDH Graham

 1. Customers on legacy platforms do not experience commensurate latency  TBC

Bank of Queensland Ltd

Brands:

Bank of Queensland Ltd

Virgin Money

ME Bank - ME Go

 2. Transaction descriptions provided in the CDR APIs may differ from transaction descriptions provided in the primary digital channel in very limited circumstances 28 February 2025

Bendigo and Adelaide Bank Ltd

Brand:

Bendigo Bank
  1. Bendigo Bank does not currently supply the reference attribute for transactions prior to October 9 2024.  For the period October 9 - November 13 2024, NPP transactions' reference attribute may be truncated and will not contain unicode characters.
 30 November 2024
  2. Accounts opened via a newly developed trial eBanking app will not initially have access to Open Banking, during a proof of concept trial period.  17 March 2025
  3. Missing historical transaction data for some types of accounts. 30 April 2025

Beyond Bank Australia Ltd

Brand:

Beyond Bank
  1. CDR v5 dashboard changes were introduced on 11 April 2024, which require displaying the details of each authorisation’s amendment linked by cdr_arrangement_id  with an obligation date of 1st July 2024.
 31 December 2024
Data holder (brand) Issue Proposed resolution date

Cairns Penny Savings & Loans Ltd

Brand:

 Cairns Bank

1. Data Quality:

  • When the Scheduled Payment API is called the following conditional fields are not being returned: “onceOff” and “intervalSchedule”.
  • When the Get Account Details API is called the following fields are not returned:  “depositRate”, “lendingRate”, “feeAmount”, “feeDiscounts” and “additionalInfo” for fees. Also “isActivated” returns a true response for all features.
 31 March 2025

Credit Union SA Ltd

Brand: 

Credit Union SA
  1. CDR v5 dashboard changes:
  • additional requirements regarding the latest/current authorisation details being part of the consent history
  • details of the amendment in line with the date of amendment in the consent history
  • highlighting of relevant area(s) changed in the amendment
 31 December 2024
  2. Missing transaction long description 30 June 2025

 

Data holder (brand) Issue Proposed resolution date
Fire Service Credit Union Ltd
  1. CDR v5 dashboard changes - to display the details of each authorisation’s amendment linked by cdr_arrangement_id - was delivered to production prior to the 1 Jul 2024 obligation date. Consumers now have the ability to view and access all historical amendments made to each data sharing arrangement via a Consent History section in digital channels

However, the following items are an implementation gap to be delivered before 31 December 2024:

  • additional requirements regarding the latest/current authorisation details being part of the consent history
  • details of the amendment in line with the date of amendment in the consent history
  • highlighting of relevant area(s) changed in the amendment
 31 December 2024
First Option Bank Ltd
  1. Rule 2.4(3) Data Quality - Term Deposit product terms
 31 January 2025
  2. Rule 2.4(3) Data Quality - Missing Product Features 31 January 2025

G&C Mutual Bank Limited

Brand:

G&C Mutual Bank

 1. LVR Tier Structured Data: GetProductDetail Accuracy – Inaccurate Data: Rule 2.4(3), Data Quality 15 January 2025
  2. Interest Application Frequency for Term Deposits: GetProductDetail Accuracy – Inaccurate Data 15 January 2025
  3. Invalid format for accrualFrequency on all product fees 15 January 2025

 

Data holder (brand) Issue Proposed resolution date

Heartland Bank Australia Limited

Brand:

Heartland
  1. A single repayment made towards loans in arrears, is displayed as a single transaction in our channels but displayed as multiple transactions via the  API.
 31 Mar 2025
 
2. Parameter to be introduced to reflect that transaction filter by Text is not supported.		 31 Mar 2025
  3. Unable to retrieve pending transactions via API. 31 Mar 2025
  4. The ‘postingDateTime’ tag in the transaction API is defaulting time to 00:00:00. 31 Mar 2025
  5. Transactional data from 1 November 2020 onwards can be retrieved through transaction API. Any transactional data prior to this period is available upon request and can be provided manually. TBC

Heritage and People's Choice Ltd

Brand:

People's Choice Credit Union

 1. Rule 1.13(1)(c)(i) Members with People’s Choice branded sole trader business accounts are not able to nominate more than one nominated representative for sharing on those accounts. 13 December 2024

Heritage and People's Choice Ltd

Brand:

Heritage Bank

 2. Rule 4.22A – Amendment of data sets for consents authorised prior to 24 October 2024, in respect of Heritage Bank branded products, is unavailable. 25 October 2024
HSBC Bank Australia Limited (HSBC)

    Data Quality:

  1. When the Scheduled Payment API is called the following conditional fields are not being returned: “onceOff” and “intervalSchedule”.
  2. When the Get Account Details API is called the following fields are not returned:  “depositRate”, “lendingRate”, “feeAmount”, “feeDiscounts” and “additionalInfo” for fees. Also “isActivated” returns a true response for all features.
 31 March 2025

HSBC Bank Australia Limited

Brands:

HSBC 

HSBC Wholesale Banking

 3. CDR v5 dashboard changes requiring the display of each authorisation’s amendment linked by cdr_arrangement_id as per the CX guidelines released on the 11 April 2024. 31 March 2025
  4. The ‘postingDateTime’ is defaulting to 00:00:00 for a sub-set of transactions. 30 June 2025 

HSBC Bank Australia Limited

Brand:

HSBC Wholesale Banking

 5. Performance times not aligned to non-functional requirements. TBC
Illawarra Credit Union Ltd 1. Historical CDR data available from 1 January 2017: Transactional data is not available from 1 January 2017 to 1 October 2018. Transactional data is available from 2 October 2018 onwards. No proposed resolution date

ING Bank (Australia) Limited 

Brand:

ING Bank (Australia) Ltd
  1. Merchant information is not being provided for some EFTPOS transactions.
 TBC

MyState Bank Limited

Brand:

MyState Bank

 1. Missing amounts in the Get Transactions For Account API TBC

Newcastle Greater Mutual Group Limited

Brand:

Newcastle Permanent Building Society

Greater Bank

 1. When applying Rule 1.10B & Part 2 of Schedule 3, CDR Consumer Eligibility is determined at the Brand level (Newcastle Permanent and Greater Bank) not the Legal Entity level (NGM Group). TBC

Newcastle Greater Mutual Group Limited

Brand:

Newcastle Permanent Building Society

 2. CDR v5 dashboard changes to display the details of each authorisation’s amendment linked by cdr_arrangement_id TBC
 

3. Rule 2.4(3), Product Reference Data Quality:

  • In relation to some home loan products within BankingProductRateTierV3, where more than one criteria (loan to value ratio and loan balance) applies in relation to eligibility for a particular interest rate, only one criteria is displayed in structured unitOfMeasure fields. The secondary criteria is described in the additionalInfo field.
 30 June 2025

Northern Inland Credit Union Limited

Brand: 

Northern Inland Credit Union

 1. Rule 2.4(3) Product Reference Data Quality TBC
 

2. Rule 2.4(3), Data Quality

For Dream Home Loan (productId “NICUL33V_NB”), the product data disclosure Lending Rate is showing as “variable”. Should be “Discount” for Variable Special Offer $500,000+; LVR80% or below (new borrowing only)” Discount is 0.45% below the variable rate. Pending fix or functionality change.

 31 January 2025

 

Data holder (brand) Issue Proposed resolution date

Orange Credit Union Ltd

Brand:

Orange Credit Union
  1. an inaccurate lendingRateType value (DISCOUNT) for ‘INTRODUCTORY’ rate and inaccurate introductory rate were disclosed for some introductory mortgage products
 28 February 2025
PayPal Australia Pty Ltd 1. ‘Get Metrics’ version 5; unable to provide a number of fields for amended consents or abandoned consent flows. 31 January 2025
  2. Unable to display message about the consequences of proceeding with withdrawing an authorization. 28 February 2025

Police & Nurses Limited

Brands:

P&N Bank

bcu

 1. Get Outages API missing component 31 March 2025
 

2. End to End ID not shown in Get Transaction Detail.

 

 

 30 April 2025
  3. High Performance API’s not within threshold limit TBC

Police Financial Services Limited

Brand:

BankVic

1. CDR v1.29 -

Proposed changes in Consumer Data Right Standards v1.29.0 were released on 21 Dec 2023.

The changes identified are from Decision Proposal #334: Added Dashboard Standards section to include detail for Data Holder Dashboards - in particular, a text change required for the Data Holder Dashboard which is required by 1st July 2024 and will require a solution update.

 31 October 2024

QPCU Limited

Brand:

QBANK
  1. CDR Release 1.29.0
  • Data Holder Dashboard: Amending authorisation details
  • Data Holder Dashboard: Data recipient handling details
 24 January 2025
 

2. CDR Release 1.28.0

  • Get Products (v4)
  • Get Product Detail (v5)
  • Get Account Detail (v4)
 24 January 2025
 

3. Rule 2.4(3)(b) - Data Quality: All info available via other channels must be included in response

  • BankingProductRateTierV3
 TBC

Qudos Mutual Ltd

Brand:

Qudos Bank

1. CDR v5 dashboard changes:

  • additional requirements regarding the latest/current authorisation details being part of the consent history
  • details of the amendment in line with the date of amendment in the consent history
  • highlighting of the relevant area(s) changed in the amendment
 31 December 2024
Data holder (brand) Issue Proposed resolution date
Rabobank Australia Ltd
  1. High Priority Tier not meeting the nominated threshold
 28 February 2025
  2. Low Priority Tier not meeting the nominated threshold 28 February 2025
Regional Australia Bank Ltd

1. Product data fields are missing in GetAccountDetail call response.

 

 28 February 2025
  2. Term deposit details are missing in GetAccountDetail API response. 30 April 2025
  3. Historical transactions older than around three years are not being shared. TBC

Southern Cross Credit Union Ltd

Brand:

Southern Cross Credit Union
  1. Rule 2.4.3 Data Quality: Mortgage product information in product reference data is not aligned to website disclosures.
 28 February 2025
 

2. Rule 2.4(3)(b) Data Quality: All info available via other channels must be included in the response

BankingProductRateTierV3

 TBC
Data holder (brand) Issue Proposed resolution date
The Broken Hill Community Credit Union Ltd

1.The following items, as uncovered by the CX guidance on 11 Apr 2024:

• additional requirements regarding the latest/current authorisation details being part of the consent history
• details of the amendment in line with the date of amendment in the consent history
• highlighting of relevant area(s) changed in the amendment

 2. Transaction long description (Teller Journal Transactions) (780)

3. NPP End to end ID missing - Get Transaction Detail (572)

 31 December 2024
  4. Get Outages API missing mandatory "data" section. TBC

WAW Credit Union Co-Operative Ltd

Brand:

bankWAW

 1. Get Customer Details - areaCode and fullNumber in CommonPhoneNumber for purpose HOME 31 December 2024

Energy - retailers

 

Data holder (brand) Issue Proposed resolution date

Blue NRG Pty Ltd

Brand:

Blue NRG

1. Blue NRG acknowledges a delay in meeting the obligations outlined in Rule 4.6(4) of Part 4 of the Rules, which require the disclosure of necessary consumer data pertaining to accredited consumer data requests.

On 29 April 2024, Blue NRG submitted a Rectification Schedule addressing delays in meeting its Consumer Data Right (CDR) obligations due to challenges encountered during the implementation of the Flux billing solution, with a proposed resolution date of 1 June 2024. In line with this timeline, by 31 May 2024, Blue NRG passed all internal tests and received ACCC approval as compliant with its CDR obligations. However, thereafter, Blue NRG identified ongoing non-compliance issues stemming from the FLEXIBILL component of Flux billing system, impeding Blue NRG's progress towards achieving full compliance with CDR requirements for complex requests.

 31 March 2025
Data holder (brand) Issue Proposed resolution date

Ergon Energy Queensland Pty Ltd

Brand:

Ergon Energy Retail

 1. Ergon Retail are unable to accurately report Banded Supply Charges until a planned update is released by the DSB. TBC