Australian Information Commissioner accepts enforceable undertaking offered by CBA

Maria Nikolova

The enforceable undertaking concerns two incidents: one relating to the disposal of magnetic data tapes containing historical customer statements; and the other relating to internal user access to certain systems and applications containing customer personal information.

The Australian Information Commissioner has accepted an Enforceable Undertaking (EU) offered by Commonwealth Bank of Australia (CBA), the bank has announced.

The EU follows CBA’s ongoing work to address two incidents. The first one relates to the disposal of magnetic data tapes containing historical customer statements. The second one relates to internal user access to certain systems and applications containing customer personal information. CBA reported both incidents to the Office of the Australian Information Commissioner (OAIC) in 2016 and 2018 respectively and has since been working to address these incidents.

CBA notes that it has found no evidence to date, as a result of these incidents, that its customers’ personal information was compromised, or that there have been any instances of unauthorised access by CBA employees or third parties. There is no action required from CBA’s customers as a result of the EU.

CBA’s commitments in the EU announced today include reviewing and implementing further enhancements to:

  • internal privacy policies, procedures and record retention standards;
  • internal user access controls on systems and applications that hold personal information; and
  • the privacy risk management and monitoring processes that apply to service providers to CBA and certain subsidiaries.

The EU provides CBA with 90 days to develop and submit to the OAIC a work plan, and timetable of work that CBA will complete to meet its obligations under the EU.

Commonwealth Bank Group Chief Risk Officer, Nigel Williams, said: “We have offered this EU as a demonstration of our continued commitment to appropriately managing the privacy of customer personal information, and addressing any concerns identified by the Commissioner.

“We continue to take action to address issues, earn trust and be a better bank for our customers. This includes proactively engaging with our regulators to ensure we continue to build better systems, processes and controls to manage the personal information of our customers.”

Read this next

Institutional FX

Euronext’s FX volume takes yet another step back in July

Pan-European exchange, Euronext has reported a 7.6 percent drop in the average daily volume on its spot foreign exchange market. The ADV figure stood at $21.4 billion in July 2022, which is down from June’s $23.1 billion.

Executive Moves

IG Group strengthens institutional sales with appointment of Glen Hastings

IG Group, Europe’s largest online trading platform, has onboarded Glen Hastings to the role of its institutional sales manager. He joins the FCA-regulated broker with immediate effect, based out of its offices in London.

Digital Assets

Voyager customers can withdraw up to $100K in cash via ACH transfer

Following approval of the bankruptcy judge, cryptocurrency brokerage firm Voyager plans to return $270 million in customer cash. The amount represents a small portion of investors’ crypto holding that have been locked up since the company filed for bankruptcy in April.

Retail FX

Britain’s lifeboat system to conclude LCG compensation scheme

Britain’s Financial Services Compensation Scheme (FSCS) said today it’s preparing to close the compensation scheme of the collapsed mini-bond provider, London Capital & Finance.


Robinhood parts ways with its first CPO Aparna Chennapragada

In what apparently part of the restructuring it announced last month, Robinhood is parting ways with its Chief Product Officer Aparna Chennapragada. However, she’ll remain employed in an advisory role to the CEO through January 2023.

Digital Assets expands regulatory footprint with new licence in South Korea has acquired payment service provider ‘PnLink Co., Ltd.’ and virtual asset service provider ‘OK-BIT Co., Ltd.’ The move effectively provides a regulatory stamp for the company’s digital assets and cryptocurrencies business in South Korea.

Metaverse Gaming NFT

Why NFT Technology Could be the Much Needed Solution to Crypto Inheritance 

The digital asset market may have started with Bitcoin’s humble beginning but its fortunes have changed over the past decade.

Industry News

Kohle Capital Markets expands CFDs lineup to 200+ stocks

Kohle Capital Markets (KCM), the leading international provider of online trading, has once again expanded its contracts-for-difference (CFDs) offering, this time with the addition of new products on its trading platform.

Industry News

Kohle Capital Markets continues CSR initiatives with donation of art piece to Lions Club International

Global brokerage firm Kohle Capital Markets (KCM) is taking its corporate social responsibility very seriously and continues to navigate the challenging period brought forth by the pandemic and Russia-Ukraine war.