The communications watchdog has hit the Commonwealth Bank with the largest fine imposed by the body for breaching spam laws.
The bank was fined $3.55 million by the Australian Communications and Media Authority for sending out more than 65 million spam emails to its customers.
An investigation by the authority found the bank sent 61 million emails that unlawfully required them to log in should customers want to unsubscribe from receiving the messages.
A further four million emails were sent with no option for people to unsubscribe, while 5000 were sent to people who had already asked to unsubscribe.
The fine is the largest financial penalty imposed by the authority for breaches of spam laws.
The bank said the breaches to the spam laws came following updates to electronic banking terms and conditions in November 2021.
ACMA chair Nerida O’Loughlin said companies needed to ensure customers had options to unsubscribe from messages they did not want to receive.
“The scale and duration of the breaches by the CBA is alarming, especially when the ACMA gave it early warnings it might have some issues and the steps it took were ineffective,” she said.
“Consumers are frustrated by marketing intrusions on their privacy, especially when there is no option, or it is difficult, to unsubscribe.”
Commonwealth Bank marketing and corporate affairs executive Monique Macleod said the company had fixed the issues at the centre of the fine, www.difacomputer.com and that the problems were self-reported to the authority.
“Since reporting this matter to ACMA, we’ve fixed the issues that were the subject of ACMA’s investigation, and strengthened our systems, processes and controls to support ongoing compliance,” she said.
“We apologise to all customers impacted by these issues which should not have occurred.”
The Commonwealth Bank has agreed to an independent review of its e-marketing practices, as part of a three-year court-enforceable undertaking.
The bank will also be required to give regular compliance reports to the communications watchdog.
Under current spam laws, companies sending messages to customers once they have unsubscribed is banned, while marketing messages are required to have functions for people to opt-out of receiving further communication.
Companies have been fined more than $11 million in the past 18 months for breaching spam laws.
“We continue to see large and well-known businesses who should know better than breaching the spam laws,” Ms O’Loughlin said.
“We will be closely monitoring the Commonwealth Bank’s compliance and the commitments it has made to review its practices. If we find future non-compliance, we will not hesitate to take further action.”