Commonwealth Consolidated Acts Commonwealth Consolidated Acts(1) A reporting entity that makes a verification request in relation to an individual must make a record of the following;
(a) the name of the credit reporting body to which the request was made;
(b) the personal information about the individual that was provided by the reporting entity to the credit reporting body;
(c) the assessment (if any) provided by the credit reporting body in relation to the individual;
(d) such other information about the verification request as is specified in the AML/CTF Rules.
(2) The reporting entity must retain the record, or a copy of the record, until the end of the first 7 year period:
(a) that began at a time after the verification request was made; and
(b) throughout the whole of which the reporting entity did not provide any designated services to the individual.
(3) A reporting entity that retains a record, or a copy of a record, under subsection (2) must delete the record at the end of the 7 year period referred to in that subsection.
Civil penalty
(4) Subsections (1), (2) and (3) are civil penalty provisions.
(a) a reporting entity is part of a designated business group; and
(b) such other conditions as are specified in the AML/CTF Rules are satisfied;
the obligation imposed on the reporting entity by subsection (2) or (3)
may be discharged by any other member of the group.