iiNet and Dodo have been warned to comply with the Telecommunications Consumer Protection (TCP) Code rules on customer authorisation for direct debits.
For telecommunications companies that bill their customers via direct debit where the money is withdrawn automatically from a customer's bank account, the TCP Code sets out strict guidelines on the time taken for the telecommunications companies to act on authorisation or cancellation from customers.
The Australian Communications and Media Authority (ACMA) found that on 12 occasions between June and September 2013, Dodo did not comply with a customer's authorisation on direct debit, and did not cancel a direct debit authorisation within three days on seven occasions.
iiNet did not comply with customer authorisation on four occasions between June and August in 2013, and did not cancel a direct debit authorisation within three days on three occasions between June and September 2013, the ACMA said. iiNet also did not allow 10 working days for customers to check their bill before the direct debit occurred 96 times during July 2013 alone, and then took customers to credit management action on a disputed amount five times between June and October 2013.
ACMA chairman Chris Chapman said telcos are switching to direct debit-only payment methods, and need to ensure that they are complying with the TCP Code.
The ACMA said Dodo and iiNet have both since acted to ensure that similar direct debit breaches do not occur in the future.
A spokesperson for Dodo parent company M2 said that the company takes its compliance obligations seriously.
"We process millions of transactions successfully each month and our processes have been proven to be compliant, however in the instances highlighted we did experience human error."
iiNet declined to comment.
Since the TCP code was registered in 2012, the ACMA has issued 152 formal warnings, 10 directions, and one infringement notice.