A financial services giant has been fined millions of dollars for a repeated breach of spam laws, including promoting credit cards without giving recipients a way to opt-out.
Latitude Financial was forced to pay $3.96 million after the Australian Communications and Media Authority found it had broken the laws more than 2.7 million times, the regulator revealed on Wednesday.
The company sent more than 2.3 million spam messages between March 2024 and April 2025 which failed to include accurate contact information for the company as required by law.
Of those messages, 344,416 also lacked a working unsubscribe function.
Latitude, which is the largest non-bank consumer finance company in Australia, was forced to pay a $1.5 million fine for similar breaches in 2022.
Authority member Samantha Yorke said there was no excuse for Latitude’s repeated compliance failures, as reflected by the scale of the latest fine.
“Latitude is now a two-time offender and it is disappointing that it let consumers down again,” Ms Yorke said.
The messages, which promoted Latitude credit card products and financial services, told recipients they could reply ‘STOP’ to unsubscribe, however in many circumstances the function simply did not work.
Under Australian law consumers must have the option to unsubscribe from commercial messages which must also provide accurate contact information for the sender.
Latitude is now legally required to appoint an independent consultant to review its compliance with the spam laws and undertake regular and comprehensive reporting to the communications authority.
“Given Latitude’s history of non-compliance, we will be very closely monitoring how it meets its obligations,” Ms Yorke said.
In March 2023, Latitude was the target of a major cyber attack in which the data of 7.9 million customers was stolen, including names, addresses, telephone numbers, dates of birth and driver’s licence numbers.
Income and expense information for around 900,000 loan applications, including bank and credit card account details were also stolen.
A $1 million lawsuit brought against the company by an individual who claimed their information had reached the dark web following the breach was dismissed after a judge found it had little chance of succeeding.
Latitude declined to comment ahead of the penalty being made public.
Australian Associated Press is the beating heart of Australian news. AAP is Australia’s only independent national newswire and has been delivering accurate, reliable and fast news content to the media industry, government and corporate sector for 85 years. We keep Australia informed.
