The government’s plan to enlist banks to help protect consumers from the impact of fraudulent activity in the telecommunications industry, following the recent Optus breach, will operate on an opt-in basis.

The government announced yesterday that it has prepared amendments to the Telecommunications Regulations to allow Optus and other telcos to work with financial institutions, as well as Commonwealth, state and territory authorities, to detect and mitigate risks of fraud, scams and other malicious cyber activities.

APRA released a statement, saying: “All APRA-regulated financial institutions, excluding branches of foreign banks, would be eligible to receive the data should they choose to.

“To opt in, entities will be required to provide written attestation to APRA Prudential Standard CPS 234 Information Security.”

Last month Optus reported that it had suffered a cyber attack resulting in the theft of personal details of 10 million customers.

The amendments will allow telcos to share approved government identifier information such as drivers licence, Medicare and passport numbers with financial institutions to allow them to enhance monitoring and safeguards for customers affected by data beaches.

The amended regulations cover APRA-regulated financial institutions, excluding branches of foreign banks. 

The information sharing will only be done on a “temporary” basis and information received must be destroyed once it is no longer required.

In a statement yesterday, Treasurer Jim Chalmers said approved recipients must satisfy “robust information security requirements and protocols” for any transfer and storage of data.

The government has asked the Council of Financial Regulators to report on options to further improve the ability of financial institutions to identify at-risk customers and credentials through a data sharing platform.

The Australian Banking Association also issued a statement yesterday, saying it welcomed the government’s move. It did not say whether it expected its members to opt in.