Australia's CBA pays over $524,000 penalty for consumer data rule breach

Dec 9 (Reuters) - Commonwealth Bank of Australia has paid a penalty of A$792,000 ($524,462.40) after the country's competition regulator accused the lender of breaching consumer data rules, both parties said in separate statements on Tuesday.  

The Australian Competition & Consumer Commission (ACCC) had issued CBA four infringement notices for allegedly breaching Consumer Data Right (CDR) Rules, saying the bank failed to enable data sharing for some business and partnership accounts.

Australia's CDR allows consumers to share their data with accredited third parties to get better deals on products and services.  

"This is the highest total penalty to date for an alleged breach of the CDR Rules," ACCC Deputy Chair Catriona Lowe said, adding that this should serve as a reminder that failure to comply with the rules may result in enforcement action.

Consumers had complained that they faced difficulties accessing CDR-enabled products and services, according to the regulator.

CBA, however, said it identified and voluntarily reported the issue to the ACCC, and has accepted the investigation's findings.

CBA is the second major bank this year to face a penalty for breaching CDR rules, after National Australia Bank was fined A$751,200.

"Banks have now had a few years to understand and implement their CDR obligations," Lowe said.

CBA said it will contact customers who were unable to share their data to inform them that they may be eligible to participate in a remediation.

($1 = 1.5101 Australian dollars)

(Reporting by Sneha Kumar in Bengaluru; Editing by Sherry Jacob-Phillips)