Financial firms required to submit an IDR report to ASIC every six months include all Australian financial services (AFS) licensees that provide financial services to retail clients, and all Australian credit licensees.

In addition to the above licensees, the IDR data reporting handbook also sets out some other types of firms that are in scope for IDR data reporting (e.g. certain unlicensed entities and certain superannuation trustees). However, the vast majority of in-scope financial firms will be AFS licensees and/or credit licensees.

The only exception to this is if the financial firm holds both an AFS licence and a credit licence (with the same licence number). In this instance, they must submit a consolidated report for both licences to ASIC each reporting period. This is the only scenario where a firm will submit a consolidated IDR report (see FAQ 7).

Financial firms with no complaints are not required to submit an IDR data file. Instead, they must lodge a ‘nil submission’ through the ASIC Regulatory Portal. In this scenario, the firm’s IDR report will simply confirm to ASIC that there were zero complaints for the firm during the reporting period.

To lodge a nil submission:

• Log in to the ASIC Regulatory Portal.
• Select your financial firm from your list of current connections. This will open the firm’s dashboard.
• Click on ‘Transactions’ in the top navigation bar to reveal a drop-down menu.
• Click on ‘Start a new transaction’. This will take you to a list of transactions you can select from.
• Within the list you will find a section titled ‘Internal dispute resolution data’. Open this section and click the transaction titled ‘Submit internal dispute resolution data report’ to lodge your nil submission.
• To lodge a nil submission, under IDR activity you must select ‘No’ in response to the question, ‘Do you wish to submit an IDR data file?’ (see screenshot below).

Figure 1: Lodging a nil submission

For more information regarding nil submissions, please see Appendix 1 of the IDR data reporting handbook.

A firm’s IDR data report for a particular reporting period must include specified data in relation to each complaint received by the financial firm that:

• is required to be covered, or is covered, by the firm’s IDR procedure, and
• was either:
  • made in the reporting period, or
  • open at any time during the reporting period.

The data provided to ASIC should reflect the status and progress of the complaint as at the closing date of the relevant reporting period. For example, a complaint that was ‘open’ on 31 December and then ‘closed’ on 6 January the following year would be reported to ASIC as ‘open’ for the July to December reporting period. It would then be reported as ‘closed’ for the January to June reporting period.

Note: If the firm had no complaints for the relevant reporting period (i.e. no complaints were received and there were no open complaints at any time during the reporting period) they must lodge a ‘nil submission’ through the ASIC Regulatory Portal. In this scenario, the firm’s IDR report will simply confirm to ASIC that there were zero complaints for the firm during the reporting period (see FAQ 2).

The obligation to submit an IDR report is held by the licensee and will depend on the licensee’s licence status when the relevant submission window closes, as set out below:

• If a licence will be active or suspended at the time the IDR submission window closes, the licensee is required to submit an IDR report for the relevant reporting period.
• If a licence will be pending, refused or cancelled at the time the IDR submission window closes, the licensee is not required to submit an IDR report for the relevant reporting period.

For example, for the January to June reporting period, the submission window closes on 31 August. For the July to December reporting period, the submission window closes on the last day of February.

Some firms that have just commenced operations may have had zero complaints in the relevant reporting period. These firms are still required to submit an IDR report if their licence will be active at the time the IDR submission window closes.

They will not be required to submit an IDR data file but would instead need to lodge a ‘nil submission’ through the ASIC Regulatory Portal. In this scenario, the firm’s IDR report will simply confirm to ASIC that there were zero complaints for the firm during the reporting period. See FAQ 2 for more information on nil submissions.

Some complaints that are closed at IDR will be subsequently escalated to the Australian Financial Complaints Authority (AFCA) for external dispute resolution (EDR). EDR escalation, timeframes and outcomes are out of scope for IDR data reporting. This information will instead be reflected in AFCA data.

For example, a complaint is closed at IDR on 1 October, with the financial firm offering the outcome ‘Service-based remedy’ to the complainant. The complainant is not satisfied with this outcome and escalates their complaint to AFCA. The complainant ultimately obtains a different outcome at AFCA on 1 December.

For IDR data reporting, this financial firm should report the outcome that was offered at IDR (‘Service-based remedy’) and the date closed at IDR. Any revised outcomes, timeframes or other details about the complaint at AFCA are out of scope for IDR data reporting.

Note 1: AFCA may refer a complaint back to a licensee after the complaint has been closed at IDR (known as the 21-day post-IDR ‘refer back’ arrangement – see Regulatory Guide 267 Oversight of the Australian Financial Complaints Authority (RG 267) at RG 267.197). This is the first stage of EDR. As outlined above, EDR escalation, timeframes and outcomes are out of scope for IDR data reporting.

Note 2: Complaints referred to financial firms by AFCA because they have not yet been to IDR should be treated as regular IDR complaints. For these complaints, firms should record that they first received the complaint via referral from AFCA at data element 8 ‘Complaint channel’, using code 7 (Referral from AFCA) (see the IDR data reporting handbook).

Yes, this type of complaint would be reportable to ASIC.

For example, a complaint was received and closed in the first reporting period, then re-opened at IDR during the second reporting period (e.g. due to new information being provided by the complainant). During the first submission window, the complaint would be reported to ASIC with a ‘closed’ status, and with the original complaint outcome(s) listed. During the second submission window, the complaint would again be reported to ASIC, with updated information depending on progress in resolving the complaint.

The complaint might:

• now be reported with an ‘open’ status, or
• again have a ‘closed’ status, but with a different complaint outcome listed.

The data provided to ASIC should reflect the status and progress of the complaint as at the closing date of each relevant reporting period.

No, the obligation to submit IDR reports is held by individual licensees. If a higher-level entity (e.g. a parent company) has multiple subsidiaries with AFS licences and/or credit licences, the higher-level entity cannot submit a consolidated or aggregated IDR report of complaints related to its subsidiary licensees. Each subsidiary licensee must submit a separate IDR report to ASIC.

The only exception to this is if the financial firm holds both an AFS licence and a credit licence (with the same licence number). In this instance, they must submit a consolidated report for both licences to ASIC each reporting period. This is the only scenario where a firm will submit a consolidated IDR report.

In the example below, the parent company has three subsidiary licensees. Licensee A holds both an AFS and a credit licence, Licensee B holds an AFS licence, and Licensee C holds a credit licence. Licensee A will submit a consolidated IDR data report containing the IDR complaints data for both their AFS licence and credit licence.

Figure 2: Example showing when a licensee can submit a consolidated data report

IDR reporting obligations are ongoing.

Reporting periods are broken up into six-monthly periods:

• 1 January to 30 June, and
• 1 July to 31 December.

At the end of each reporting period, the submission window will open on the ASIC Regulatory Portal for two months:

• 1 July to 31 August, and
• 1 January to the last day of February.

The two-month submission window is intended to provide you with time to fix any potential validation errors and resubmit your data before the submission window closes.

Once the submission window closes you will be unable to submit your firm’s IDR data file.

Figure 3: Timeframes for reporting and submitting data to ASIC

For more information on amending your firm’s IDR data for the current and past submission windows, see FAQ 23 and FAQ 24.

Note: If a financial firm submits multiple data files during a submission window, ASIC will take the firm’s latest successful data file as its final data file submission.

Your firm’s IDR data must be submitted to ASIC in the prescribed machine-readable format.

You can download our IDR data reporting Excel template (XLSX 12 KB) to make it easy to enter your data and submit to ASIC.

Use the template alongside the IDR data reporting handbook (Table 4 to Table 6) to see what data is required in each data element.

Most data elements in your data file cannot include free text. Specific data elements are exempted (e.g. the ComplaintProduct data element, which allows alpha and numeric data input). The ProductorService and ComplaintIssue data elements will be in numerical codes.

The figure below shows an example of IDR data.

Figure 4: Example spreadsheet showing IDR data arranged under machine-readable headers

Follow the guidance in the handbook and allow time before the submission window closes to ensure your IDR data will pass basic and deep validation (see FAQ 16 and FAQ 17).

For more information on formatting your data file please, see our IDR data validation rules examples (XLSX 23 KB).

No, the data file needs to be machine readable. This means that you need to enter the data using the codes supplied in the IDR data reporting handbook.

For example, you may be reporting a complaint about a consumer credit product – a personal loan. In this case the IDR data reporting handbook (Table 7) indicates that the code for this product will be 20. If the complaint is about fees and charges, the handbook (Table 17) indicates that the issue code will be 7.

The ASIC Regulatory Portal is where you can access our growing suite of regulatory services, which are being consolidated into the portal over time. Financial firms use the portal to submit industry funding metrics, reportable situations, applications for relief and other regulatory services.

The ASIC Regulatory Portal FAQs page contains resources to help you use the portal including step-by-step user guides and videos. The topics covered include registering your account, connecting your registration, and inviting trusted representatives to act on your behalf.

To start the transaction:

• Log in to the ASIC Regulatory Portal.
• Select your financial firm from your list of current connections. This will open the firm’s dashboard.
• Click on ‘Transactions’ in the top navigation bar to reveal a drop-down menu.
• Click on ‘Start a new transaction’. This will take you to a list of transactions you can select from.
• Within the list you will find a section titled ‘Internal dispute resolution data’. Open this section and click the transaction titled ‘Submit Internal Dispute Resolution data report’.

The transaction will be available during submission windows only.

For step-by-step instructions on how to lodge your IDR data file via the portal, see Appendix 1 of the IDR data reporting handbook.

If the ‘Submit Internal Dispute Resolution data report’ transaction is not showing on screen once you log into the ASIC Regulatory Portal, consider the following:

• The transaction will only be visible during the two-month submission windows (January to February and July to August).
• You may need to scroll further down the page. This transaction may be one of many listed for your firm on the portal.
• If the transaction is still not showing, please contact us. You can avoid call wait times by submitting a query using our online inquiry form.

For more information on how to invite someone to connect to your account, see the Administration section on the ASIC Regulatory Portal FAQs page.

No, there is currently no testing functionality for IDR data reporting. However, there is no limit on the number of times you can resubmit your IDR data file during the submission window.

Appendix 1 in the IDR data reporting handbook sets out the rules for basic and deep validation. If your data file fails either basic or deep validation, you can make the necessary corrections and resubmit your data file as many times as necessary during the submission window.

The two-month submission window is intended to provide time for firms to fix any potential validation errors and successfully resubmit before the submission window closes.

Note: If a financial firm submits multiple data files during a submission window, ASIC will take the firm’s latest successful data file as its final submission.

All IDR reports, including those for unlicensed entities, need to be submitted to ASIC via the ASIC Regulatory Portal. To submit your report, you will need to be registered on the portal. For information on how to register, see the ASIC Regulatory Portal FAQs page.

If you are already registered under a different account that is not linked to the unlicensed entity, you will need to link your account to the unlicensed entity. For information on how to do this, please refer to the ASIC Regulatory Portal FAQs.

Once you are registered on the portal, refer to the FAQs on Submitting IDR data in the ASIC Regulatory Portal.

If you are having difficulty accessing the portal, please contact us. You can avoid call wait times by submitting a query using our online inquiry form.

Note: Only some types of unlicensed firms (such as unlicensed product issuers and secondary sellers) are required to submit IDR reports to ASIC. See the IDR data reporting handbook for more information.

Basic and deep validation are ASIC’s automatic data validation processes. An IDR data file is only successfully submitted when the data file has successfully passed both basic and deep validation.

While basic validation occurs instantly, deep validation occurs up to 48 hours after the data file has been submitted on the ASIC Regulatory Portal. If an IDR data file fails either basic or deep validation, the financial firm must fix the relevant errors and resubmit their data file before the submission window closes.

When submitting an IDR data file, ensure you do so well before the closing date of the submission window. You will need to allow enough time for deep validation to be completed and to receive any failure notification (if applicable), fix the errors and resubmit your IDR data file for further deep validation.

The IDR data reporting handbook sets out the rules for basic and deep validation. The rules are summarised in Appendix 1.

Note: Financial firms with no complaints in the relevant reporting period are not required to submit an IDR data file but are instead required to lodge a ‘nil submission’ through the ASIC Regulatory Portal. In this scenario, the firm’s IDR report will simply confirm to ASIC that there were zero complaints for the firm during the reporting period. Basic and deep validation are not conducted for nil submissions (see FAQ 2).

If your IDR data file fails either basic or deep validation, you must fix the relevant errors and resubmit the data file before the submission window closes. There is no limit to the number of times you can resubmit during a submission window.

If your file fails basic validation, you will be notified on screen as to what the error is.

If your file fails deep validation, you will be notified via email, and will also receive a message in the ASIC Regulatory Portal containing an attached error file. This error file will contain detailed line-item information that identifies each individual error.

It will be necessary to fix the errors by referring to the IDR data reporting handbook, which sets out the rules for basic and deep validation. The requirements are summarised in the submission checklist (Appendix 3).

The two-month submission window is intended to provide time for firms to fix any potential validation errors and successfully resubmit before the submission window closes.

For more information, see FAQ sections Preparing your data file for submission to ASIC and Troubleshooting.

If your IDR data file fails the deep validation process, you will receive an email with the subject ‘ASIC Regulatory Portal – Message about Submit Internal Dispute Resolution data report – Data validation failure’. You will also receive a message in the portal.

The error file will be attached to the message in the ASIC Regulatory Portal (not the email that you received). The error file will show your data along with additional columns AA, AB, AC, which will state where the errors are in the data.

To access the error file in the ASIC Regulatory Portal:

• Log in to the portal.
• Scroll down the list of ‘Transactions’ and select the relevant one.
• Click on the ‘Messages’ tab (see arrow 1 in Figure 4).
• Click on the paperclip attachment icon (see arrow 2).
• Click on the ‘Attachments’ heading (see arrow 3).
• Download the file (see arrow 4).

Figure 5: How to access the error file in the ASIC Regulatory Portal

No. ASIC is unable to accept your IDR data file by email. You must submit your data in the prescribed format via the ASIC Regulatory Portal.

If you are having difficulty accessing the portal and the Troubleshooting section has not resolved your problem, please contact us. You can avoid call wait times by submitting a query using our online inquiry form.

An IDR data file is only successfully submitted when the data file has passed both basic and deep validation. While basic validation occurs instantly, deep validation occurs up to 48 hours after the data file has been submitted on the ASIC Regulatory Portal. If an IDR data file fails either basic or deep validation, the financial firm must fix the relevant errors and resubmit their data file before the submission window closes.

If your firm’s IDR data file fails deep validation, you must fix the relevant errors and resubmit the data file before the submission window closes. To do this, you will need to start a new transaction in the ASIC Regulatory Portal and upload the corrected data file. You can do this as many times as necessary during the submission window until the data file passes deep validation.

Your data file will need to pass deep validation before it can be considered successfully submitted. Deep validation occurs up to 48 hours after the data file has been submitted on the ASIC Regulatory Portal. If and when the IDR data file passes deep validation, your IDR report will be considered to be successfully submitted.

If your data file has been successfully submitted:

• the submitting user and your firm’s senior administrator(s) will receive a confirmation email from ASIC stating that the file passed deep validation. The email will include the statement ‘This means that your IDR data report has been successfully submitted’, and
• on the portal dashboard, your IDR data report status will be listed as ‘Completed’. See example below of successfully submitted IDR data file.

Figure 6: Screenshot showing ‘Completed’ status

If your data file has failed deep validation, the submitting user and senior administrator(s) will receive an email stating that the file failed deep validation. The email will include the statement ‘This means that your IDR data report has not been successfully submitted’.

You will need to fix the errors and resubmit your IDR report. An IDR data file is only successfully submitted when the data file has successfully passed both basic and deep validation.

If you need to update, correct, or add to your firm’s IDR data that has already been submitted in the current submission window, you must submit a new data file that contains the updated data as well as the IDR data you’d previously submitted.

For example, if you have already lodged an IDR data file containing 100 complaints and wish to correct data elements for 6 of those complaints, then all 100 complaints, including those with updated data elements, must be submitted to ASIC in a new IDR data file.

Note: During a submission window, ASIC will take a financial firm’s latest successful data file as its final data file submission.

Firms must give ASIC complete and accurate IDR information. However, if firms identify errors or omissions in past submissions, they may add or update IDR data for previous reporting periods during an open submission window.

For example, a firm left out data for a complaint in the July to December reporting period, but only discovered the omission after the January to February submission window had closed. They will need to update the IDR data for that complaint in the July to August submission window.

To update IDR data already reported in a previous submission window:

• ensure the financial firm’s complaint unique identifier (ComplaintUniqueID), matches the identifier in the previous IDR data report
• for that ComplaintUniqueID, include all the data elements that are new or changed, as well as those that are unchanged, and
• the updated complaint data must be in a single IDR data file together with all the IDR data the financial firm wishes to lodge for the current submission window.

To add to IDR data reported in a previous submission window, include the complaint data to be added in a single IDR data file together with all the IDR data the financial firm wishes to lodge for the current submission window.

If you fail to submit an IDR report in the prescribed format during the submission window, you will be in breach of the IDR reporting requirements set out in ASIC Corporations (Internal Dispute Resolution Data Reporting) Instrument 2022/205 and may face penalties.

More information on penalties is available on ASIC’s Fines and penalties webpage.

ASIC will send general emails about IDR data reporting (e.g. to notify all firms that the submission window has opened for a particular reporting period). These emails will be sent to the senior administrator(s) for the entity, as listed in the ASIC Regulatory Portal.

You can review the list of individuals connected to your firm and their access levels on the Administration > Users page in the portal.

ASIC will also send more specific emails about IDR data reporting (e.g. to notify an individual firm that a submitted data file has passed or failed deep validation). These emails will be sent to the user who submitted the IDR report and the senior administrator(s).

Yes, this type of complaint is reportable to ASIC.

For example, Firm A receives complaints relating to products it distributes but does not issue (e.g. bundled products such as credit cards with consumer credit insurance). Firm A refers the complaint to the product issuer (Firm B) for resolution.

Firm A should record and report complaints received and then referred to another financial firm using the outcome type ‘Referred to another financial firm’.

Firm B should also record and report the complaint to ASIC, including the final outcome/s of the complaint (and any other required information). See the IDR data reporting handbook for more information.

Note: For complaints about insurance in superannuation, the IDR reporting obligation is held by the trustee. This will be the case even if the trustee uses an outsourced model where the insurer responds ‘on behalf’ of the trustee. In practice, this will require trustees and insurers to share data with one another before the data is reported to ASIC.

For complaints involving insurance provided within a superannuation fund it is the superannuation trustee’s responsibility to report the complaint to ASIC: see Section A of IDR data reporting handbook.

ASIC expects financial firms to submit an IDR report that is as complete and accurate as possible. In circumstances where a complaint may not precisely align with the IDR data dictionary or glossary, we expect firms to consider the details and context of each complaint and choose the most applicable code.

The product or service categories listed in the IDR data dictionary include some products that firms are not legislatively required to report to ASIC (e.g. some business credit products). We have included these categories for use by those firms who currently do deal with these complaints under their IDR procedures. This is consistent with our guidance (see Regulatory Guide 271 Internal dispute resolution (RG 271) at RG 271.44), which encourages credit licensees to deal with complaints from small businesses under the IDR procedures, and our general view that firms should take an expansive approach to what complaints their IDR procedures cover.

Check that the submission window is open. Each submission window opens for two months (1 January to the last day of February; 1 July to 31 August). You will not be able to submit your data report outside of these windows.

If you are satisfied that your data is correct you may need to consult with your firm’s IT specialist. There may be security software in place preventing the data being uploaded and submitted to the ASIC Regulatory Portal.

Sometimes the error file will show more rows of data than you submitted. This is because the error file adds a line of data for each data element that contains an error. For example, if a firm records the date a complaint was opened in the MMDDYY format, the error file would show an extra line of data stating ‘date opened, data is formatted incorrectly’.

To see a description of each error, scroll along to columns AA, AB and AC.

Check your data by opening your Excel file in NotePad. This will reveal any blank cells (that should not be blank) as well as date formatting errors.