The world today is witnessing a tremendous development in the field of information, technology and rapid access to electronic data. In practice, the growth of Electronic Funds Transfer makes it possible for banks to execute increasingly sophisticated analyses of their customers’ saving and spending habits, which enable banks to market their own products more effectively, but also provide a potentially very valuable source of marketing information for third parties, such as Credit Reference Agencies. Consequently, consumer protection has become a central concern especially with regard to privacy and the capacity of the banks to employ protection systems which are efficient in safeguarding customers’ confidential data. At the same time, scant attention has been given to analysing the function of the Credit Reference Agencies to determine whether they implement a public purpose for the benefit of users and business sector, or whether they merely supply a service in the interest of the banks. The conclusion reached in this article is that there is a lack of uniform or harmonizing legislation in the procedures for data exchanging and that the customer’s consent is therefore the essential key to the transmission of customer information involving. There is a further conclusion that consent for the passing of customer information should be subject to certain conditions. Therefore it is important to have an approved model to regulate and clarify the principles and conditions of customer data exchange.