HSBC Australia Fined Over Alleged Consumer Data Disclosure Failures

BySamson Ononeme

Apr 2, 2024 ,
HSBC Bank Australia paid A$33,000 in penalties after the ACCC issued two infringement notices for alleged violations of Consumer Data Right (CDR) rules.

Key Insights

  • HSBC Bank Australia paid A$33,000 in penalties after the ACCC issued two infringement notices
  • The alleged violations related to HSBC failing to disclose complete mortgage interest rates
  • HSBC cooperated with the ACCC’s investigation and has taken steps to improve its CDR compliance

SYDNEY (MarketsXplora) – HSBC Bank Australia Limited has paid penalties totalling A$33,000 ($22,165) after the country’s competition watchdog issued it two infringement notices for alleged breaches of the Consumer Data Right (CDR) rules, the regulator said on Tuesday.

The Australian Competition & Consumer Commission (ACCC) said the infringement notices related to HSBC’s alleged failures to disclose complete mortgage interest rate details and accurate credit card balances in response to separate consumer data requests made via the CDR system.

Under the CDR regime, banks are required to share product and consumer data with accredited third parties through data transfer APIs upon consumer request.

In one instance, the ACCC investigated allegations that between Feb. 20 and April 25 this year, HSBC failed to accurately disclose its fixed interest rates for certain home loan products when that data was requested through the CDR.

Some of the product data HSBC disclosed did not include the corresponding advertised interest rates featured on its website, the ACCC said.

Separately, the regulator probed allegations that from Jan. 9 to May 27, HSBC failed to accurately report credit card account balance data after receiving CDR data requests.

While HSBC cooperated with the ACCC’s investigation and has taken steps to rectify data quality issues identified, the payment of infringement notice penalties is not considered an admission of violating CDR rules, the watchdog noted.

The CDR, introduced in Australia initially for the banking sector, aims to provide consumers greater control and choice over their data held by corporations. It requires banks to securely share product and customer data through APIs when approved by customers.

The ACCC has actively enforced CDR compliance through penalties and court actions as part of efforts to build trust in the data portability regime, which is being progressively rolled out to other sectors like energy and telecommunications.

HSBC’s alleged disclosure failures represent some of the first CDR cases publicly pursued by the ACCC against a major bank. The regulator did not disclose details of any specific customer impact from HSBC’s data errors.

“The CDR aims to promote innovation and help consumers access better products and services, but this can only occur if the data is accurate and complete,” said ACCC Chair Gina Cass-Gottlieb.

An HSBC Australia spokesperson said the bank has implemented changes to enhance its CDR data sharing processes.

Samson Ononeme

Meet Samson Ononeme, a dynamic writer, editor, and CEO of With a passion for words and a sharp business acumen, Samson captivates readers with captivating storytelling and delivers insightful market analysis. He is a trailblazer in the finance industry, empowering individuals with knowledge and shaping the narrative of money. Get ready to be inspired by his literary prowess and entrepreneurial leadership.

Leave a Reply