A ban does not impact your current credit line or credit payments unless credit is due for renewal (e.g. credit card about to expire). You will still be able to use any credit cards you currently hold and repay any existing loans.
A ban is initially valid for 21 days. An extension may be provided with evidence supporting that you are, or are at risk of becoming, a victim of fraud. In most cases this will require you to show that you have either a police report number or a www.cyber.gov.au report number. You will need to apply for bans with all 4 Australian CRA's:
For more information on fraud and bans please go to the Office of the Australian Information Commissioner (OAIC) or call IDCARE.
Applying for a Ban
Applying for 21 day initial bans with all agencies in one form:
You will need to apply for bans with just one credit reporting agency and request that they place bans with the remaining 3 Australian CRA’s. IDCARE recommends you request a ban with Equifax first and then request on the same online form bans with the other three credit reporting agencies if you agree to their terms and conditions. The names of the credit reporting agencies in Australia are:
Applying directly through each agency:
- Equifax: Please go to: Placing a ban with Equifax and fill in and submit the form. Once submitted, Equifax will email you to let you know the ban is in place.
- illion: Email firstname.lastname@example.org and attach the Ban application form. You will need to provide a copy of a government issued photo ID such as a Driver Licence/Passport/Birth Certificate/Proof of Age card AND a copy of a document issued by an official body (e.g. utility bill or bank statement), which includes your name and address.
- Experian: Email with the subject line: ‘Add Ban’ to email@example.com . Include your phone number in the body of the email and scanned copies of 3 forms of ID; 1. Driver Licence, 2. Medicare card and 3. Utility bill (showing your current address).
- Compuscan: Email firstname.lastname@example.org your full name, date of birth, driver licence number, residential address (current and previous), contact information (email and phone number), and the nature of the fraud experienced or call +61 2 8404 4217 or send your request to the following address: Compuscan, Attention: Compuscan, GPO Box 1969, North Sydney NSW 2060.
Applying for an Extension
- An extension needs to be applied for PRIOR to the expiry date. It is recommended you set a reminder a few days prior to the initial ban period ending (e.g. 19 days before).
- You may receive an email from each of the CRA's telling you the ban period is about to expire.
- You may directly respond to the email by saying you want to extend the ban or create a new one and remember to state your customer number.
- You will be required to provide a ‘reason’ for the extension e.g. you have been subject to a compromise or theft of your personal identity information.
- You will also be required to provide either a police report number or an www.cyber.gov.au report number in order to validate your request.
Ban Extension Periods
- Lengths of time a ban may be extended varies:
- Experian will allow an individual to extend for any length of time e.g. 1 year or 5 years.
- We have been informed that illion will extend bans for 12 months at a time, although this is not stated on their website.
- Equifax will only allow extensions for 3 months at a time.
- Compuscan will allow an individual to extend for any length of time e.g. 1 year or 5 years.
Identity Care Australia & New Zealand Ltd (IDCARE) provides identity and cyber security incident response services (the Services) in accordance with the following disclaimer of service:
IDCARE is Australia and New Zealand’s national identity and cyber incident community support service. We are a not-for-profit charity.
- The Services provide do not constitute legal advice. IDCARE recommends that you consult a solicitor in relation to your legal rights and obligations, including but not limited to your legal rights or obligations under Australian and international privacy and data protection laws.
- While every effort has been made to ensure the accuracy of the information in this product or service, to the maximum extent permitted by law all conditions, terms, representations, and warranties (in each case, whether express or implied) in connection with the provision of the Services which might otherwise be binding upon IDCARE are excluded.
- IDCARE’S liability for any loss or damage suffered by any person or organisation (including, without limitation, any direct, indirect or consequential loss or damage) arising out of or in connection with the Services (including without limitation liability for any negligent act or omission, or statement, representation or misrepresentation of any officers, employees, agents, contractors or consultants of IDCARE) shall be limited to the fees paid by you to IDCARE in respect of the Services. For the avoidance of doubt, this limitation of liability extends to any liability arising from any actions performed or not performed as a result of any recommendations made in course of providing the Services.
- The Services provided by IDCARE are intended to be provided solely to the initial recipient of this document or service and IDCARE will not be liable to any other person who may receive this document.
While every effort has been made to ensure the accuracy of the information in this alert, IDCARE disclaims any liability to any person in respect to any actions performed or not performed as a result of the contents of the alert or any accompanying data provided. Wider dissemination may be permitted by authority in writing from IDCARE’s Managing Director. If you would like to provide feedback please use our Feedback Form.