Commercial credit providers (CCPs) may be required, by the current Australian privacy laws, to join an external dispute resolution (EDR) scheme (EDR scheme) by 12 March 2015 if they wish to continue participating in credit reporting.

Significant privacy reforms commenced in March 2014. These reforms required CCPs, who participate in credit reporting, to be a member of an approved EDR scheme.

Due to practical issues in doing this, a regulation1 was made, suspending the requirement for CCPs to be members of an approved EDR scheme until 12 March 2015. That date is now fast approaching.

The definition of 'credit provider' under the Privacy Act 1988 (Cth) is broad and includes an organisation or small business (supplier) that carries on a business in the course of which the supplier defers payment for goods or services for at least seven days.

Whether the exemption will continue, is being considered by the Attorney General. While we understand that the Attorney General's Department (AGD) has provided a report to the Attorney General in relation to this issue, the Attorney General has not yet considered that report. The AGD has indicated that the matter will be resolved before the 12 March deadline.

This uncertainty places CCPs who participate in the credit reporting system in a difficult timing position.

If the exemption lapses, CCPs, who are not members of an approved EDR scheme, will not be able to obtain credit reports from, or provide credit information to, credit reporting bodies until they join an EDR scheme.

Both the Financial Ombudsman Service (FOS) and Credit and Investments Ombudsman (CIO) (which was formerly known as the Credit Ombudsman Ltd or COSL), are approved EDR schemes.

CIO is accepting memberships from CCPs. CIO made changes to its rules last year to deal with this issue. The rules changes, amongst other things, allow some CCPs to "comply with the new Privacy Act requirements regarding EDR membership without having their other (non-privacy-related) activities subject to COSL's (now CIO's) jurisdiction" (see http://www.cio.org.au/news/news-and-information/cosl-9th-edition-rules-summary-of-important-changes/). It does not appear that FOS has made a similar rule change that would also exclude non privacy activities from its jurisdiction.

We recommend that commercial credit providers watch developments in relation to this issue closely.

Footnote

1The Privacy Amendment (External Dispute Resolution Scheme – Transitional) Regulation 2014.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

K&L Gates has been awarded a 2012 EOWA Employer of Choice for Women citation acknowledging our commitment to workplace diversity.