Resources: Blog

FWC upholds dismissal of an employee who repeatedly and deliberately accessed customer’s confidential information without authorisation


Celebrity search

During the course of their employment, employees may have access to confidential information which belongs to their employer. This information may be in the form of personal information provided by customers and is therefore sensitive in nature.

During the course of their employment, employees may have access to confidential information which belongs to their employer. This information may be in the form of personal information provided by customers and is therefore sensitive in nature.

While access to customer information may be required by an employee in order to carryout their duties, it is critical that employers have policies in place to protect customer information and ensure that it is not misused or improperly accessed.

The importance of employers having policies in place is demonstrated in Dinov v Australia and New Zealand Banking Group Ltd T/A ANZ Bank [2021] FWC 745, where the Fair Work Commission (FWC) upheld an employee’s dismissal after finding that she had contravened policies which were in place to protect customers’ confidential information.  

The employee was a part-time personal banker who had been employed by Australia and New Zealand Banking Group Limited (ANZ Bank).

Following an investigation, ANZ Bank found that the employee had engaged in unacceptable conduct by using its software system on a number of occasions to search and access the profiles of customers without approval or a legitimate purpose. Amongst those customer profiles accessed by the employee were accounts held by her brother, a colleague and a celebrity.

ANZ Bank’s policies stated that employees were not permitted to access customer accounts including those belonging to family members or friends without an appropriate business reason or account holder approval.

Accordingly, ANZ Bank commenced disciplinary action against the employee putting allegations to her of unacceptable conduct for misuse of its software system to search and access profiles of customers in breach of its policies.

The employee denied all of the allegations and instead suggested that another person had tampered with her work station to obtain her password which was kept in a drawer and used it to conduct the searches in question.

ANZ Bank did not accept the employee’s explanation and terminated her employment immediately on the grounds that she had contravened ANZ Bank’s policies and procedures by deliberately and repeatedly accessing its customer’s confidential information.

The employee subsequently lodged an application with the FWC claiming that ANZ Bank had unfairly dismissed her.

The employee denied all allegations and submitted that she had no knowledge of why the searches were made, although acknowledged that her account had been used to carry out the searches. She claimed that she did not know any of the people whose accounts were accessed and therefore had no reason to search for people not known to her.  

The employee also accused ANZ Bank of creating accounts under her family member’s name to support the allegations against her and subsequent termination. However, before the FWC and in response to ANZ Bank’s evidence indicating the contrary, the employee conceded that this was in fact inaccurate.

The employee maintained in her submissions before the FWC that an unknown person had tampered with her work station to conduct the searches themselves and that she had raised this concern with senior management on a number of occasions, however her concerns were disregarded.

In response, ANZ Bank submitted that the employee’s explanation was not ‘plausible’or ‘logical’, as:

  • The employee was the only consistent employee working at the time each search was conducted;
  • It was policy for all employees to change their password every 60-days; and
  • The searching of accounts occurred in a short period of time between the employee having made legitimate work-related searches.

The FWC agreed with ANZ Bank and found that the employee’s explanations were 'completely without substance' and on the balance of probabilities, the misconduct alleged was indeed undertaken by the employee.

The FWC noted that ANZ Bank’s customers entrusted them with highly sensitive and personal information and to allow the employee to continue with her employment would directly undermine ANZ Bank’s values.

On this basis, it found that there was a valid reason for the employee’s dismissal.

While the FWC acknowledged that the employee would now struggle to obtain employment in the banking industry given she had to disclose her misconduct with future employers in line with industry protocol, it considered this factor to be significantly outweighed by the employee’s continual denial and lack of remorse for her misconduct. The FWC held that the employee had not been unfairly dismissed and accordingly dismissed her application.  

Lessons for employers

This case serves as a reminder for employers to ensure that they have policies in place regarding the access and use of confidential information. Where it involves personal information, these policies should reflect the Australian Privacy Principles in relation to access, use and non-disclosure of personal information.

Employers must also ensure that its policies are regularly communicated to employees as this knowledge can be relied upon in the event there is a breach of policy.

Similar articles

Employer ordered to pay maximum compensation following “entirely unjust” disciplinary process

Knives Out

The Fair Work Act 2009 (Cth) (FW Act) requires that employers comply with a number of procedural elements in a disciplinary process prior to making a decision about whether an employee’s conduct or behaviour warrants disciplinary action.


Court finds rescinded job offer was not age discrimination

The rooster and the sunrise

Discrimination in the workplace is unlawful under a number of Australian laws, including state and federal anti-discrimination legislation (such as the Age Discrimination Act 2004 (Cth)) as well as the Fair Work Act 2009 (Cth) (FW Act).


Fair Work Commission critical of investigation process despite the employer’s valid reason for dismissal

Less is more

Employers often see the disciplinary process as an opportunity to raise every single indiscretion by an employee – even though the issues occurred in the past or are minor in nature when compared to other misconduct. However, this approach can weaken the employer’s position, rather than strengthen the decision to dismiss.


FWC finds sexually explicit Facebook post warranted dismissal, despite the employer’s ‘rather unusual’ workplace culture

Not so ‘funny’ meme

The workplace culture of an organisation should reflect the values that the business upholds and expects of its employees. It is becoming increasingly challenging for employers and employees to understand where a line is drawn between a relaxed and open workplace culture and a workplace culture that tolerates inappropriate behaviour.


Casual employee unfairly dismissed for Facebook recommendation

Halt before you post

Social media and employee’s conduct online has without doubt added a layer to the employer and employee relationship. While employees may think that their online activities done outside of work hours may be private, their conduct online may become relevant to their employment, for example, where it may disparage their employer, other employees or clients.


Vaccinations and the workplace

Shots fired

One of the most topical questions for employers during the COVID-19 pandemic has been whether they need to introduce policies that mandate vaccinations and, if so, what can be done to enforce them in the workplace.


Let's talk

please contact our directors to discuss how ouR expertise can help your business.

We're here to help

Contact Us
Let Workplace Law become your partner in Workplace Relations.

Signup to receive the latest industry updates with commentary from the Workplace Law team direct to you inbox.