The Credit Reporting Privacy Code requires credit reporters to submit an assurance report to the Privacy Commissioner annually (see clause 9 and Schedule 6).
The reports seek to demonstrate how each credit reporter has systematically achieved and monitored compliance with the code's obligations. The reports are required to have been prepared with the involvement of an independent person, such as a trained auditor or privacy law expert, and must be submitted within three months of the end of the financial year.
The requirement for assurance reports is intended to promote and demonstrate accountability for handling sensitive personal information. The Privacy Commissioner has determined that the reports ought to be publicly released to give effect to that objective.
The reports may be viewed below. Parts of some reports have been redacted where release of information may prejudice a commercial position or for reasons of systems security or individual privacy.
2012 reports submitted by credit reporters
Media statement on public release of reports
Dun & Bradstreet