Attention Commercial Credit Providers – Deadline Looms and Uncertainty on EDR

Jim Bulling
K&L Gates LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Commercial credit providers (CCPs) may be required, by the current Australian privacy laws, to join an external dispute resolution (EDR) scheme (EDR scheme) by 12 March 2015 if they wish to continue participating in credit reporting.

Significant privacy reforms commenced in March 2014. These reforms required CCPs, who participate in credit reporting, to be a member of an approved EDR scheme.

Due to practical issues in doing this, a regulation[1] was made, suspending the requirement for CCPs to be members of an approved EDR scheme until 12 March 2015. That date is now fast approaching.

The definition of ‘credit provider’ under the Privacy Act 1988 (Cth) is broad and includes an organisation or small business (supplier) that carries on a business in the course of which the supplier defers payment for goods or services for at least seven days.

Whether the exemption will continue, is being considered by the Attorney General. While we understand that the Attorney General's Department (AGD) has provided a report to the Attorney General in relation to this issue, the Attorney General has not yet considered that report. The AGD has indicated that the matter will be resolved before the 12 March deadline.

This uncertainty places CCPs who participate in the credit reporting system in a difficult timing position.

If the exemption lapses, CCPs, who are not members of an approved EDR scheme, will not be able to obtain credit reports from, or provide credit information to, credit reporting bodies until they join an EDR scheme.

Both the Financial Ombudsman Service (FOS) and Credit and Investments Ombudsman (CIO) (which was formerly known as the Credit Ombudsman Ltd or COSL), are approved EDR schemes.

CIO is accepting memberships from CCPs. CIO made changes to its rules last year to deal with this issue. The rules changes, amongst other things, allow some CCPs to "comply with the new Privacy Act requirements regarding EDR membership without having their other (non-privacy-related) activities subject to COSL's (now CIO's) jurisdiction" (see http://www.cio.org.au/news/news-and-information/cosl-9th-edition-rules-summary-of-important-changes/). It does not appear that FOS has made a similar rule change that would also exclude non privacy activities from its jurisdiction.

We recommend that commercial credit providers watch developments in relation to this issue closely.

[1] The Privacy Amendment (External Dispute Resolution Scheme – Transitional) Regulation 2014.

 

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© K&L Gates LLP | Attorney Advertising

Written by:

K&L Gates LLP
K&L Gates LLP
Contact
more
less

K&L Gates LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide