Below are common credit reporting terms explained in brief (see the Privacy Act 1988 for complete definitions).

Access seeker

A person who assists an individual to deal with a credit provider or credit reporting body with the individual’s consent. An access seeker acts on written authority from the individual. An access seeker can be a community lawyer or financial counsellor who supports individuals experiencing credit/debit problems, victims of fraud or identity theft and people experiencing domestic abuse.

APP entity

An APP entity is an Australian Government or a private sector organisation that’s required to comply with the Australian Privacy Principles (APP) in the Privacy Act 1988.

Australian Credit Licence

The Australian Securities and Investments Commission issues an Australian Credit Licence to credit providers that offer certain types of credit.

Australian Privacy Principles

The Australian Privacy Principles (APP) are legally binding principles that set out standards, rights and obligations for handling personal information. They apply to APP entities.

Commercial credit

Commercial credit is any credit you have applied for that’s not for personal, household or family purposes. This includes business loans and goods or services that you’ve purchased while running a business and where payment has been deferred.

Consumer credit

Consumer credit is any credit that you apply for, or that is given to you, that you intend to use wholly or primarily for one or more of the following reasons:

  • for personal, family or household purposes
  • to acquire, maintain, renovate or improve residential property for investment purposes
  • to refinance consumer credit that has been given wholly or primarily to acquire, maintain, renovate or improve residential property for investment purposes.

Credit eligibility information

Credit eligibility information is your credit reporting information and any further information a credit provider derives from your credit reporting information.

Credit information

A type of personal information about an individual that Part IIIA of the Privacy Act covers. It includes information:

  • that identifies you
  • about the amount you’ve borrowed
  • about repayments
  • about defaults.

Credit provider

The Privacy Act defines the following as a credit provider:

  • a bank
  • an organisation or small business operator, if a substantial part of its business is the supply of credit (for example, a building society, finance company or a credit union)
  • a retailer that issues a credit card for the sale of goods or services
  • an organisation or small business operator that supplies goods and services where payment is deferred for 7 days or more (for example, a telecommunications carrier, an energy utility or a water utility)
  • an organisation or small business operator that supplies credit for the hiring, leasing or renting of goods.

Importantly, the following are not a credit provider:

  • a real-estate agent
  • a general insurer
  • an employer.

Credit reporting code

The Privacy (Credit Reporting) Code 2014 (Version 2.3) (CR Code) is a written code of practice about credit reporting. The code supplements the credit reporting rules in Part IIIA of the Privacy Act, and a breach of the code is a breach of the Privacy Act. The CR Code is on our Codes Register.

Credit reporting information

Credit reporting information is your credit report and your credit score. Credit reporting bodies produce credit reporting information.

Credit reporting laws

Credit reporting laws are the laws regulating the handling of personal information for consumer credit reporting in Australia that are in Part IIIA of the Privacy Act, the Privacy (Credit Reporting) Code 2014 (Version 2.2) and the Privacy Regulation 2013.

Credit reporting body

A credit reporting body is an organisation whose business involves handling personal information to give another organisation information about the creditworthiness of an individual.

The main credit reporting bodies in Australia are:

The credit reporting laws require your credit provider to tell you which credit reporting bodies they share your personal information with (for including in your consumer credit report) when you apply for credit.

Credit score

A credit score is a number that indicates your creditworthiness (including your eligibility to be given credit) that a credit reporting body or credit provider calculates.

A credit reporting body calculates it from the personal information in your consumer credit report.

A credit provider calculates it from the information in your consumer credit report and other personal information it holds about you. However, a credit provider can’t give this score to a credit reporting body.


An assessment of your creditworthiness includes an assessment of your:

  • eligibility to get consumer credit
  • consumer credit history
  • capacity to repay an amount of credit that relates to consumer credit.

For example, you may be considered more eligible to get consumer credit (and have a high level of creditworthiness) if your credit report shows that you consistently meet your repayments on time or you’ve not defaulted on a consumer credit payment. Also, your credit report contains no other information that would make additional credit unsuitable under a credit provider’s responsible lending obligations.

External dispute resolution scheme

An external dispute resolution scheme is a body that gives an individual an impartial way to resolve a complaint.

Generally, a credit provider and a credit reporting body must be a member of an EDR scheme recognised under the Privacy Act 1988 to take part in credit reporting.

Financial hardship arrangement

An agreement between an individual and a credit provider to change an individual’s repayment obligations when the individual is experiencing financial hardship. It can be either temporary or permanent.  A permanent financial hardship arrangement is also called a variation financial hardship arrangement.

Financial hardship information

Financial hardship information is information that can be reported about a financial hardship arrangement between a credit provider and an individual to change the individual's repayment obligations. Financial hardship information is reported against an individual's repayment history information.

Personal information

Your personal information is information or an opinion about you, or from which you are reasonably identifiable. The information or opinion doesn’t need to be true to be personal information.

Small business operator

Under the Privacy Act 1988, a small business operator is a person or organisation with an annual turnover of $3,000,000 or less.

Certain people and organisations aren’t considered to be small business operators, regardless of annual turnover. For example, if they offer a health service or trade in personal information.

A small business operator is usually not an APP entity and is exempted from complying with the APPs.

A credit provider may also be a small business operator. However, a small business operator that is credit provider must still comply with the credit reporting laws.

For more information about credit reporting terms, see the definitions in the Privacy Act 1988