Submission - Credit Reporting Regulatory Framework: Submission to ALRC Privacy Inquiry (December 2007)

2.8. Compliance reviews and audits

This section discusses the use of internal and external reviews and audits to improve overall compliance and the quality/accuracy of credit reporting data.

There is strong support for an audit role in credit reporting to improve confidence levels in the accuracy of credit reporting information. Improvements in data accuracy will benefit both consumers and industry.

Audit options include audits by the regulator (the OPC), industry initiated external audits (by private sector providers), and industry initiated self audits. All three options may play a role.

The OPC has submitted that it should continue to have an audit role in credit reporting:

Given the serious consequences for individuals if adverse information is inappropriately recorded on their credit files, the Office considers that there remains a strong argument for the retention of the Office’s credit reporting audit functions.[26]

However, the OPC also acknowledge that industry audits can play a useful role and they do not seek an exclusive audit role. Credit reporting agencies may also play an enhanced role in managing data accuracy by auditing and managing both the accuracy of their own data and the data provided by credit providers.

The ALRC propose that audits requirements should be included in the proposed Privacy (Credit Reporting Information) Regulations. This Report notes that audit issues are linked to data accuracy, and therefore should be included in the proposed Privacy (Credit Reporting Information) Regulations. 

[26] Office of the Privacy Commissioner, Submission to the Australian Law Reform Commission’s Review of Privacy – Issues Paper 32 Credit Reporting Provisions, 13 April 2007, page 21,