Australian Information Commissioner accepts enforceable undertaking offered by CBA

Maria Nikolova

The enforceable undertaking concerns two incidents: one relating to the disposal of magnetic data tapes containing historical customer statements; and the other relating to internal user access to certain systems and applications containing customer personal information.

The Australian Information Commissioner has accepted an Enforceable Undertaking (EU) offered by Commonwealth Bank of Australia (CBA), the bank has announced.

The EU follows CBA’s ongoing work to address two incidents. The first one relates to the disposal of magnetic data tapes containing historical customer statements. The second one relates to internal user access to certain systems and applications containing customer personal information. CBA reported both incidents to the Office of the Australian Information Commissioner (OAIC) in 2016 and 2018 respectively and has since been working to address these incidents.

CBA notes that it has found no evidence to date, as a result of these incidents, that its customers’ personal information was compromised, or that there have been any instances of unauthorised access by CBA employees or third parties. There is no action required from CBA’s customers as a result of the EU.

CBA’s commitments in the EU announced today include reviewing and implementing further enhancements to:

  • internal privacy policies, procedures and record retention standards;
  • internal user access controls on systems and applications that hold personal information; and
  • the privacy risk management and monitoring processes that apply to service providers to CBA and certain subsidiaries.

The EU provides CBA with 90 days to develop and submit to the OAIC a work plan, and timetable of work that CBA will complete to meet its obligations under the EU.

Commonwealth Bank Group Chief Risk Officer, Nigel Williams, said: “We have offered this EU as a demonstration of our continued commitment to appropriately managing the privacy of customer personal information, and addressing any concerns identified by the Commissioner.

“We continue to take action to address issues, earn trust and be a better bank for our customers. This includes proactively engaging with our regulators to ensure we continue to build better systems, processes and controls to manage the personal information of our customers.”

Read this next

Retail FX

Italian watchdog red flags Olympus Brokers, UnicoFX and Allfina Group

Italy’s Commissione Nazionale per le Società e la Borsa (CONSOB) has shut down new websites in an ongoing clampdown against firms it accuses of illegally promoting investment products in the country.

Retail FX

XTB revenues hits zł1.45 billion in 2022, Q4 earnings disappoint

Poland-based Forex and CFDs broker, XTB has reported its final results for Q4 of 2022 and the full fiscal year ending on December 31, 2022, showing one of its most successful corporate years.

Executive Moves

Lirunex Limited recruits Waleed Salah as head of MENA sales

Maldives-based brokerage firm Lirunex Limited has secured the services of Waleed Salah, who joined the company in the role of its head of sales for the MENA region.

Executive Moves

Trading 212 parts ways with co-founder Borislav Nedialkov

Trading 212 has a void to fill at its FCA-regulated business in London, following the departure of two key players, Raj Somal and Borislav Nedialkov.

Digital Assets

Binance acquires troubled crypto exchange GOPAX

Binance, the world’s largest digital asset trading platform, has reportedly acquired a majority stake in the troubled South Korea-based cryptocurrency exchange GOPAX.

Digital Assets

Kraken exits Middle East, closes UAE office

Digital currency exchange Kraken will close down its operations in Abu Dhabi, UAE and lay off the majority of its team focused on the Middle East and North Africa.

Industry News

CFTC comments on ION Cleared Derivatives issues after Russian-linked hack

“The ongoing issue is impacting some clearing members’ ability to provide the CFTC with timely and accurate data. As this incident unfolded, it became clear that the submission of data that is required by registrants will be delayed until the trading issues are resolved.”

Industry News

FCA took down 14 times more misleading ads in 2022 thanks to technology

The FCA has made significant improvements to the digital tools it uses to find problem firms and misleading adverts. These improvements have enabled it to work through a much larger number of cases compared with 2021.

Executive Moves

HKEX appoints ex-Goldman Sachs Matthew Cheong to lead platform’s focus on derivatives

“He has worked for a number of the world’s leading investment banks and his experience will be invaluable to HKEX as we continue to enhance our derivatives product offerings and build on our innovative and robust platform business, connecting capital with opportunities.”