HSBC fined for data breaches
HSBC Bank Australia has been fined $33,000 by the competition regulator for allegedly providing incomplete and inaccurate home loan and credit card data to users seeking to compare products under the consumer data right (CDR).
The Australian Competition and Consumer Commission (ACCC) issued two infringement notices to HSBC after it investigated claims the bank breached its data-sharing obligations on mortgage interest rates and credit card balances in response to CDR requests.
“If accurate home loan rates are not provided, product data users are unable to present accurate comparisons to consumers. This has the potential to lead to consumers making decisions based on incorrect information,” ACCC commissioner Peter Crone said.
“For the CDR to be effective, it is critical that CDR data is of high quality. This means that product data and consumer data – which a consumer has consented to share – must be accurate, up-to-date, complete, and in the required format,” he said.
CDR laws stand behind the open banking concept designed to give customers the power to safely share their personal data from banks and other companies.
It is meant to fuel competition by making it easier for people to compare different products and services across providers. But banks have been accused of dragging their feet in implementing the regime since its introduction in 2019.
Between February 20 and April 25 last year, HSBC allegedly did not disclose all its fixed rate home loan interest rate details in response to CDR data requests, the regulator said.
Some of the rates it provided did not match the featured rates advertised on its website.
HSBC – which has a 1.7 per cent share and a 1.4 per cent stake of the home loans and credit card market in the country, respectively – paid the fines last month, according to the ACCC website.
The regulator said HSBC cooperated with its investigation and had taken steps to improve its compliance with the CDR by fixing “data quality issues” identified by the ACCC.