Skip to main content
Skip to secondary navigation
Australian Government - Office of the Australian Information Commissioner - Home

Credit reporting

Information about an individual's finances and credit worthiness is one of the most sensitive categories of personal information. The Privacy Act 1988 (Privacy Act) has strict provisions that apply to how this kind of personal information is handled.

Credit providers (including banks, building societies, utility companies and telecommunications carriers) provide information about individuals’ activities in relation to consumer credit to central databases managed by credit reporting bodies (CRBs). CRBs are then able to include that information on the individual’s credit report. A credit provider can obtain a copy of an individual’s credit report from a CRB to assist them in deciding whether to provide an individual with consumer credit, or to manage credit that has been provided to an individual.   

Part IIIA of the Privacy Act sets out the specific types of personal information that credit providers and CRBs are permitted to collect about an individual for the purpose of inclusion in that individual’s credit report. That Part also determines who is permitted to access an individual’s credit report and for what purposes. It also provides privacy safeguards in relation to the handling of the information.

Below are the answers to frequently asked questions about credit and finance. For more detailed information read our Privacy fact sheets 26 to 40: Credit reporting 'know your rights' series.

Additionally, the Australian Retail Credit Association (ARCA) has developed an information website (CreditSmart) to help consumers understand the effects of the Privacy Act reforms on how credit reporting will operate in Australia

In this section