Monitoring Compliance with the Code of Banking Practice - 2017-18 YEAR IN REVIEW
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Monitoring Compliance with the Code of Banking Practice 2017–18 YEAR IN REVIEW 2017–18 YEAR IN REVIEW 1
Contents Message from the Chair and CEO 3 The Committee 12 Annual Compliance Statement 4 The secretariat 13 Direct debits 6 CCMC financials 14 Breach reporting 7 Appendix 1 – Investigation summary 14 Investigations 8 About the CCMC 15 Working with stakeholders and the community 11 Year in review Monitoring ANNUAL COMPLIANCE STATEMENT SHARING OUR KNOWLEDGE —— 10,123 Code breaches in 2017–18, a 9.5% —— presented to the Annual Credit Law decrease from 11,191 breaches in 2016–17 Conference, National Elder Abuse —— 3.43 million customers impacted – at Conference and Financial Counselling least $95 million financial impact Australia Conference —— banks told us 93% of breaches are —— provided training to Financial caused by human error Ombudsman Service staff and financial counsellors in South Australia, Victoria —— corrective actions taken in only 39% and Tasmania of breaches, to address customers individual issues —— held more than 100 meetings with stakeholders. INVESTIGATIONS DIRECT DEBITS BREACH REPORTING —— prompted improvement in —— improved information INQUIRY banks’ practices through available for customers on —— increased transparency compliance investigations banks’ websites in banks’ compliance with —— improving compliance the Code with the Code’s direct —— developed new insights to debit obligations in some support targeted inquiries banks and investigations —— planned ongoing —— shared learnings to monitoring to encourage promote better outcomes continued improvement for customers 2 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICE
Message from the Chair and CEO go unnoticed. The CCMC also set the expectation that banks should assess customer impact for all breaches. Breaches that affect customers must be corrected and where appropriate, the customer should be compensated. As the CCMC prepares for the new year, we remain focused on providing robust monitoring and leading a smooth transition to the new Code. As set out in our Strategic Plan, we intend to develop guidance for banks to encourage a consistent approach and ensure that they are ready to comply with the new Code from 1 July 2019. This year brought more change However, this year we decided As always, I thank my colleagues and challenges for the banking to present only a summary of Gordon Renouf and Sharon sector and the CCMC. In 2017–18 the data, setting out banks’ full Projekt for their support and we faced a formidable workload end-of-year results in a separate, expertise during the year. Sharon’s as preparations for the new dedicated report released in term on the Committee came Banking Code of Practice hit November 2018. to an end on 26 October 2018 full swing and we were invited and we take this opportunity to Due to ongoing and systemic express our thanks to Sharon for to contribute to the Royal noncompliance, the cancellation her invaluable contribution to Commission into Misconduct in of direct debits has been a the CCMC where she fulfilled the the Banking, Superannuation and consistent focus of our monitoring role of Industry Representative for Financial Services Industry. program over a number of years. over 6 years. Anne O’Donnell has Despite these additional We are determined to oversee been recently appointed by the demands on our time, we kept major improvement to banks’ Australian Banking Association as a strong business-as-usual direct debit practices, and while the new Industry Representative focus. Maintaining a robust our renewed focus on direct for a three-year term. Welcome to compliance monitoring program debits prompted some progress the CCMC Anne, we look forward is the CCMC’s top priority. To this year, banks still have a long to working with you in the years that end, this year we devoted way to go. The CCMC will keep to come. substantial time to improving the pressure on banks to do our ways of working, improving better on direct debits, and will Finally, the Committee also thank our data collection strategy and be reporting on the results of a our secretariat staff led by Chief building on our Code compliance new large-scale mystery shopping Executive, Sally Davis, who has risk framework to inform our activity in the first half of 2019. once again provided us with investigations and inquiries. We’ve expert guidance and support over Another focus for 2017–18 was the last 12 months. also prioritised recruitment to improving the quality and bring in new compliance analysts consistency in the way banks to bolster our work capacity and identify, record and report Code expertise. breaches. Reporting on our Through our Annual Compliance breach reporting inquiry in June Christopher Doogan AM Statement we’ve implemented 2018, we presented a clearer our new data collection strategy picture of banks’ Code breaches and have been able to examine and identified a way forward a comprehensive data set for their monitoring processes. that better articulates banks’ We expect banks to have robust compliance with the Code. In the compliance frameworks that Sally Davis past we have detailed ACS results review staff, processes and in the CCMC’s annual report. systems to ensure errors do not 2017–18 YEAR IN REVIEW 3
OVER ALL COMPLIANCE 10,123 breaches 9.5% since 2016–17 at least 3.43 million people impacted at least Annual $95 million Compliance financial impact Statement The Annual Compliance TH E R ESU LTS: CO D E Statement (ACS) was once CO M PLI A N C E I N 201 7 –1 8 again the centrepiece of our This year, banks self-reported 10,123 monitoring efforts, providing breaches of the Code, a decrease of a big-picture overview of how approximately 9.5% from 11,191 in 2016–17. The main categories for self-reported well banks are complying with breaches – [provision of credit, privacy and their Code obligations. confidentiality, and debt collection] – have remained largely unchanged for the last Data received through the ACS is used by three years. the CCMC to identify emerging risks, set its priorities for inquiries and in-depth- investigations, and advise banks on where they can improve. A full summary of the CCMC’s analysis of bank’s ACS responses can be found in the Data Report. 4 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICE
COMPL AINTS F I N A N C I A L D I F F I C U LT Y 1,130,037 complaints received 298,569 applications for assistance 6% since 2016–17 1.6% since 2016–17 91% closed within 5 days 207,545 applications approved 6% closed between 6 – 21 days 69.5% of all applications received 3% closed after 3% since 2016–17 21 days T O P 5 B R E A C H C AT E G O R I E S F O R 2 0 1 7 – 1 8 Internal Privacy and Provision of Debt Compliance Dispute Confidentiality Credit Collection with Laws Resolution Breaches 4,464 2,489 725 594 406 People Impacted 465,166 12,649 18,214 733,148 1,203 Financial Impact $678,656 $8,436,790 $141,550 $9,434,113 $39,300 See the CCMC’s Code Breach Data Report 2017–18 for more detail on banks’ self-reported breaches in 2017–18. 2017–18 YEAR IN REVIEW 5
Direct debits The Code gives customers the right to cancel a direct debit with their bank. But while our continued focus on direct debit practices prompted some improvement this year, banks still have a long way to go. P RE V IOUS WOR K ON D IRECT D EBIT S In early 2017, the CCMC conducted mystery —— improve the direct debit information on shopping in response to mounting customer their websites concerns that banks were not complying with —— enable customers to cancel direct debits their direct debit obligations. This revealed themselves with online banking ongoing and systemic non-compliance: bank —— provide direct debits training to more staff, staff provided compliant advice in only 46% of more often interactions. —— measure compliance with internal mystery Reporting on these results, we sent a clear shopping message that ongoing non-compliance —— make sure compliance and quality was unacceptable. We challenged banks to assurance staff identify and manage improve their practices, recommending breaches, and that they: —— develop ways for customers to cancel both direct debits and recurring card payments. MY STERY SH OPPING IN 20 18 M A R C H 2 0 1 8 R E S U LT S Follow-up mystery shopping this year showed some compliance improvement. Call centre compliance: Direct debits compliance trend, 2008 to 2018 75% (up 23% from 2017) 56% Branch compliance: 46% 45% (up 20% from 2017) 36% 4 banks updated information for 33% customers on their websites LOO K I N G A H EA D 20% Industry has a long way to go to comply with its direct debit obligations. In 2018–19, we will conduct another large-scale mystery shopping exercise, and banks will have to report on 2008 2010 2011 2017 2018 what they have done to implement our 2017 PERCENTAGE OF CONTACTS THAT RESULTED IN recommendations. We will report on our COMPLAINT RESPONSES findings in the first half of 2019. 6 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICE
Breach reporting This year the CCMC conducted an B R EAC H R EPO R TI N G I N Q U I RY in-depth review of banks’ breach FI N D I N G S identification, management and Breach numbers reporting processes. This renewed focus on banks’ breach reporting has Code breaches reported in the 2016–17 Annual Report were revised upwards by almost 8% to 11,191 increased transparency, holding banks to account for non-compliance. Breach causes Banks reported that: —— 98% of breaches were caused by human error —— 75% of breaches had a secondary cause, most THE FOUR PILL ARS OF commonly a process deficiency or a process not C C M C D ATA C O L L E C T I O N being followed —— 1% due to a system error 1 What was the root cause? ——
Investigations The CCMC has powers to investigate allegations that a bank has breached the Code. Investigations allow us to focus on concerns raised by individual customers, and to consider compliance issues within individual banks. In 2017–18, the CCMC received 32 new matters containing 53 Code breach allegations. Alleged Code breaches The CCMC closed 35 matters during 2017–18. Of those only 10 fell within our jurisdiction and in 2017–18 could be investigated. Of these: CODE ALLEGED —— 5 matters were used to inform the direct O B L I G AT I O N BRE ACHES debits inquiry, which identified systemic non-compliance and a need for ongoing Key commitments – Act fairly and reasonably 11 monitoring. —— 2 matters resulted in three confirmed Financial difficulty 8 breaches of financial difficulty, debt collection and internal dispute resolution obligations. The banks involved Internal dispute resolution 7 acknowledged the breaches and demonstrated to the CCMC that they had Provision of credit 6 remediated the customers affected and changed their processes to prevent future breaches. Compliance with laws 5 —— 3 matters were investigated with the CCMC finding that no breach had occurred. Copies of documents 4 Matters that we could not investigate: Chargebacks 4 Withdrawn/no further contact 13 Debt collection 2 Not a Code-subscriber/product not covered by the Code 7 Privacy and confidentiality 2 Unable to investige (clause 3 and/ or 42) 4 Direct debits 1 Adopt finding of another forum 1 Terms and conditions 1 Statements of account 1 2 Code clause 36(b)iii states that the CCMC’s Information relating to foreign exchange services 1 compliance monitoring functions and powers do not extend to clauses 3 and 4 of the Code unless 53 a breach of clause 3 or 4 is also a breach of TOTAL another provision of the Code. 8 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICE
Case study: thousands of customers Don’t set and forget – all communications require regular review for compliance were sent incorrect information about financial difficulty arrangements – in The CCMC is very concerned that this letter remained in circulation for such a long breach of Code clause 32.1 period, without being identified by the In November 2016, a community legal centre bank’s compliance or legal teams. The bank’s approached the CCMC with concerns about how oversight – both in approving the letter and one bank was communicating with its customers allowing it to remain in circulation for so about financial difficulty arrangements. long – demonstrates a breakdown in the bank’s financial difficulty and debt collection The community legal centre told the CCMC that compliance framework. the bank was writing to customers, advising them that they had been approved for financial difficulty assistance and would not receive further collections The CCMC puts calls. However, the bank also advised customers that it may issue default or other legal notices, close banks on notice the account or default list the customer. that all customer The CCMC’s investigation found that for three years, the bank had been issuing this letter to all communications customers with an approved financial difficulty must be regularly arrangement. Over this time, the bank estimated, about 75,000 customers had received the letter. reviewed against legal, The bank acknowledged the breach of Code clause regulatory and Code 32.1 and removed the letter from circulation. obligations. 2017–18 YEAR IN REVIEW 9
or language difficulties. The Code and financial counsellors to foster requires banks to have processes better working relationships. to swiftly accept and act on those The CCMC understands that the authorities and instructions. bank now assigns represented customers to specialist staff for In late 2016 a community assistance. legal centre employee raised concerns that a bank was not acting on her letter of authority. If an authority The representative told the CCMC that she had advised is in any way the bank that the customer ambiguous was particularly vulnerable and unable to manage her financial bank staff affairs. After providing a standard form authority to the bank, the should make customer continued to receive phone calls and text messages. further Through its investigation, the enquiries, CCMC found that the breach had been caused by human error. The rather than Case study: a bank failed letter of authority had not been loaded to the system correctly, rely on to act on a customer’s letter and the bank failed to follow-up assumptions. and understand the nature and of authority, and continued extent of the authority. pursuing her for debt – in The CCMC expects banks to build The bank acknowledged that it strong working relationships breach of Code clause 32.1 had breached the Code, and said with not-for-profit community that it had remediated the breach lawyers and financial counsellors, Customers have the right by providing refresher training on helping customers to overcome to appoint a third-party letters of authority to all financial their financial difficulty by representative difficulty and debt collection communicating and working A customer may wish to appoint staff. The bank advised that it had flexibly with their representatives. a third-party representative for a also improved its engagement range of reasons, such as illness with community legal centres Referrer’s location, matters received in 2017–18 LOO K I N G A H EA D In last year’s Annual Report, we highlighted 1 overseas challenges in the investigations process and 1 unknown flagged our intention to revise the approach to 9 compliance investigations. While this remains 3 a priority, implementation has been set back 3 due to the delay in the approval of 2019 5 Banking Code of Practice and the associated 7 1 Committee Charter. At the time this Report is printed, both the Code and Charter have now been settled and Referral source, matters received in 2017–18 approved, and the CCMC are actively working toward its revised investigations process. REFERRAL SOURCE NUMBER Direct (individual customer) 28 Direct (small business customer) 1 Consumer advocate 2 The Financial Ombudsman Service (FOS) 3 1 3 The Financial Ombudsman Service (FOS) was replaced by the Australian Financial Complaints Authority (AFCA) on 1 Australian Banking Association 0 November 2018. 10 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICE
Working with stakeholders and the community This year, the CCMC continued to build strong relationships with community and consumer organisations, whose work on the front line provides invaluable assistance to customers. WO R KIN G W ITH CONS UME R The CCMC was also pleased to present at the Annual Credit Law Conference, National Elder A DVOCATES A ND Abuse Conference and 2018 Financial Counselling R E P R ESEN TATIVE S Australia Conference. Part of the CCMC’s role is to educate and provide The CCMC thanks the organisations that reported guidance to consumer advocates and representatives potential non-compliance and contributed to about the Code’s benefits and its relevance to their CCMC’s investigations and inquiries this year. work. During 2017–18, the CCMC held Code training Drawing on this input, the CCMC was able to sessions with financial counsellors in Victoria, target and improve direct debits compliance and Tasmania and South Australia; covering key Code begin a wide-ranging inquiry into how banks assist protections and how to refer potential breaches to customers in financial difficulty. the CCMC. WO R K I N G WI TH I N D U STRY A N D Presented at PR EPA R I N G FO R A N EW CO D E —— Annual Credit Law Conference The CCMC was pleased to increase its engagement —— National Elder Abuse with industry this year. Preparing for the 2019 Conference Banking Code of Practice was a focus, and we met —— Financial Counselling Australia regularly with the Australian Banking Association and Conference ASIC on its development. Our priority was to put in place a strong governance framework that empowers Provided training to the new Banking Code Compliance Committee to —— Financial counsellors in robustly monitor compliance, share and encourage Victoria, Tasmania and South good practice and hold banks to account when Australia things go wrong. We also engaged with banks who are planning to subscribe to the new Code, and were —— FOS staff encouraged by some banks’ proactive approach. Held more than 100 meetings, This year the CCMC made significant changes to including with our operations, data collection and inquiries. We acknowledge Code subscribers’ cooperation and their —— FOS contributions to this work. —— Australian Securities and Investments Commission (ASIC) —— Australian Banking Association —— Code-subscribing and non- subscribing banks —— Financial Counselling Groups —— Consumer Advocacy Groups 2017–18 YEAR IN REVIEW 11
The Committee Three representatives make up the Committee. The CCMC’s Independent Chair is jointly appointed by the ABA and the Australian Financial Complaints Authority (AFCA) Chief Ombudsman. The Chair is joined by an Industry Representative, appointed by Code-subscribing banks, and a Representative of Individual and Small Business customers, appointed by the consumer representatives of the AFCA Board of Directors. Christopher Doogan AM Sharon Projekt FIML FAICD, Independent Chairperson Industry Representative Current term: 31 January 2017 – 30 January 2020 Current term: 7 August 2015 – 26 October 2018 Chris is a company director and lawyer by background, having Sharon has a legal background with broad occupied several senior positions in both the private and experience across the Australian retail banking public sectors. sector in the areas of legal advice, compliance, and internal and external dispute resolution. His public sector positions included Deputy Comptroller- She was first appointed to the CCMC in August General and Comptroller-General of Customs prior to his 2012. appointment to the High Court of Australia as inaugural Chief Executive and Principal Registrar. In addition to partnership in She has extensive experience in escalated a leading law firm of which he was the Managing Partner, he and complex complaint handling and has been CEO of the National Capital Authority; Chairman of a investigations, having worked on a number of company owned by the Commonwealth of Australia and the high-profile projects. State of New South Wales, Law Courts Limited; Chairman of Sharon has also worked on compliance- a health insurance company, Australian Health Management related projects including coordinating and Group Limited; and Chairman of Community CPS Australia implementing a terms and conditions project Limited, a mutual bank (trading as Beyond Bank Australia). to ensure banking compliance following the He has written an administrative law textbook, is a trained introduction of the Financial Services Reform mediator from Harvard Law School and has filled many Act, Code of Banking Practice and anti-money community positions including Vice President of the Australian laundering legislation. Institute of Management and membership of advisory bodies Sharon has worked in debt recovery, providing relating to tertiary education, health and finance. legal advice on insolvency issues related to He has been a member of several regulatory agencies mortgage and small to medium business including the Commonwealth Tax Practitioners Board and banking customers. She completed the the ACT Legal Practitioners Admission Board, and was a Insolvency Practitioners Association of Australia member of the Australian Business Foundation Board, the Advanced Insolvency Law and Practice course Principal Member of a specialist Commonwealth Appeals in 2002. Panel, the independent Chairman of the Audit and Risk Committee for the Family Court of Australia and the Federal Circuit Court of Australia; and Chairman of the Board of the Centre for Customs and Excise Studies. He is currently the independent member of the ACT Community Services Directorate Audit and Risk Committee, an Adjunct Professor at Charles Sturt University, a Director of ACT & Southern NSW Rugby Union Limited (the Brumbies) and a member of The Winston Churchill Memorial Trust fellowship selection panel. 12 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICE
The secretariat The Committee is supported by a secretariat through a business arrangement with the AFCA. The secretariat is led by Chief Executive Officer, Sally Davis, and is supported by a team made up of a Code Compliance Manager, an Investigations Manager and Compliance Analysts. Gordon Renouf Sally Davis Consumer and Small Business GAICD, Chief Executive Officer Representative September 2015 – current Current term: 1 July 2017 – 30 June 2020 Sally was appointed as Chief Executive Officer Gordon is a lawyer and consumer advocate. He on 1 September 2015. Sally previously worked is a co-founder and CEO of Ethical Consumers as Senior Manager of Systemic Issues at FOS Australia, which operates the Good On You and has worked at FOS and its predecessor ethical shopping service. He is Deputy Chair schemes for over 18 years. Sally is an accredited of Justice Connect and the Consumers’ mediator and holds a Bachelor of Commerce Federation of Australia and serves on the and a Bachelor of Laws degree from the boards of the Telecommunications Industry University of Melbourne and a Graduate Ombudsman (as a Director with Consumer Diploma (Arts) from Monash University. Experience) and Good Environmental Choice Sally brings to this position extensive Australia. He served two terms as a member of experience in financial services, as well as good the Commonwealth Government’s Consumer relationships with regulators, industry and Affairs Advisory Council, and from 2007 to consumer groups. 2009 he was a member of the executive of Consumers International, the global peak body Sally is also General Manager of Code for national consumer organisations. Compliance and Monitoring at the AFCA. Her work as General Manager involves the oversight Gordon has worked as Director, Policy and of four other codes of practice in the financial Campaigns for the consumer group CHOICE, services industry in addition to the Code of Director of the National Pro Bono Resource Banking Practice. Centre, Director of the North Australian Aboriginal Legal Aid Service and Director of the Northern Territory Government’s 2004 Alcohol Framework Inquiry. The Committee met 11 times in 2017–18 2017–18 YEAR IN REVIEW 13
CCMC financials Appendix 1 – Investigation summary No determinations were made during the 30 JUNE 30 JUNE 2017 2018 2017–18 period. Salaries CASES 2016 –17 2017–18 Salaries, gross Number of cases open including at beginning of year 19 23 Committee (1 July) $656,815 $697,451 remuneration, leave provisions, Super Number of new cases 49 32 and Payroll Tax Number of cases closed 45 35 Expenses Number of cases open 23 20 at end of year (30 June) Office Costs $8,943 $10,575 (including 12 (including 8 on Professional on hold*) hold*) $82,659 $19,950 Assistance BRE ACHE S 2016 –17 2017–18 Communications Number of alleged Code and Stakeholder $79,742 $108,594 77 53 breaches Relations Number of Code breaches Technology $14,324 $8,998 4 3 confirmed Occupancy Costs $28,424 $51,511 CLOSED C A SES 2016 –17 2017–18 Number of cases closed by 1 3 decision Total Salaries and Expenses $870,907 $897,079 Number of cases closed by 16 2 delegated decision Total Funding $944,069 $1,120,919 Annual Surplus/ $73,162 $223,840* (Deficit) * Where an allegation is being considered by another forum, such as AFCA or a court, the investigation is placed on hold until that other forum has finished its review. * Noting that the new Banking Code of Practice was approved later than expected, the CCMC’s expenses for the 2017–18 period were less than anticipated. The CCMC has therefore committed to contribute a portion of the surplus to the 2018–19 budget. 14 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICE
About the CCMC The CCMC is an independent compliance CONTACTI N G TH E CCM C monitoring body established under clause 36 of the 2013 Code of Banking Practice. Do you want to: Its purpose is to monitor and drive best —— report a concern that a bank has practice Code compliance, through a breached the Code? collaborative approach with the banking —— make a general enquiry? sector and other key stakeholders. —— provide feedback? To do this the CCMC will: —— make a media enquiry? —— examine banks’ practices You can contact the CCMC using the —— identify current and emerging industry contact details below. wide problems —— recommend improvements to bank practices, and BANK I N G CO D E —— consult with and keep stakeholders and COM PLI A N C E M O N I TO R I N G the public informed. COM M I TTEE Do you want to know more about m. PO Box 14240 Melbourne VIC 8001 the Code or the CCMC? e. info@codecompliance.org.au If you would like to know more about the p. 1800 931 678 (please ask for ‘Code Code of Banking Practice or the CCMC, you Compliance’) can refer to the CCMC website w. www.ccmc.org.au www.ccmc.org.au 2017–18 YEAR IN REVIEW 15
B A N K IN G CODE COMPLIANCE M O NITORIN G COMMIT T E E www.ccmc.org.au
You can also read