CommBank has been slapped with a record $3.55 million fine by the Australian Communications and Media Authority (ACMA) after an investigation found that the bank sent more than 65 million emails that did not comply with Australia’s spam laws.
Of the illegal marketing emails, ACMA found that 61 million unlawfully required users to log in to unsubscribe to CommBank’s mailing list. The bank also sent a further four million marketing emails that did not have a functioning unsubscribe facility.
ACMA also found that CommBank committed one of the email marketing cardinal sins and sent 5,000 emails to customers who had previously asked to unsubscribe.
“The scale and duration of the breaches by the CBA is alarming, especially when the ACMA gave it early warnings it might have some issues and the steps it took were ineffective. The failure to fix the issues shows a complete disregard for the spam rules and the rights of its customers,” said ACMA chair Nerida O’Loughlin.
“Consumers are frustrated by marketing intrusions on their privacy, especially when there is no option, or it is difficult, to unsubscribe,” O’Loughlin added.
This marks the largest penalty imposed by ACMA for breaches of spam laws. The bank has also committed to a three-year enforceable review of its email marketing practices and implement improvements. CommBank also has to give regular compliance reports to ACMA.
“We acknowledge and accept the findings of ACMA’s investigation into CBA’s compliance with certain provisions of the Spam Act. We apologise to all customers impacted by these issues which should not have occurred. We’ve fixed the problem and are making changes to ensure it doesn’t happen in the future,” said CBA Group executive marketing and corporate affairs, Monique Macleod.
“The issues resulted in some customers receiving communications from us after they had unsubscribed, and others receiving communications without a functioning unsubscribe mechanism.
“Since reporting this matter to ACMA, we’ve fixed the issues that were the subject of ACMA’s investigation, and strengthened our systems, processes and controls to support ongoing compliance.”