Monitoring Compliance with the Code of Banking Practice - 2017-18 YEAR IN REVIEW
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Monitoring
Compliance with
the Code of Banking
Practice
2017–18 YEAR IN REVIEW
2017–18 YEAR IN REVIEW 1
Contents
Message from the Chair and CEO 3 The Committee 12
Annual Compliance Statement 4 The secretariat 13
Direct debits 6 CCMC financials 14
Breach reporting 7 Appendix 1 – Investigation summary 14
Investigations 8 About the CCMC 15
Working with stakeholders and the
community 11
Year in review
Monitoring
ANNUAL COMPLIANCE STATEMENT SHARING OUR KNOWLEDGE
—— 10,123 Code breaches in 2017–18, a 9.5% —— presented to the Annual Credit Law
decrease from 11,191 breaches in 2016–17 Conference, National Elder Abuse
—— 3.43 million customers impacted – at Conference and Financial Counselling
least $95 million financial impact Australia Conference
—— banks told us 93% of breaches are —— provided training to Financial
caused by human error Ombudsman Service staff and financial
counsellors in South Australia, Victoria
—— corrective actions taken in only 39%
and Tasmania
of breaches, to address customers
individual issues —— held more than 100 meetings with
stakeholders.
INVESTIGATIONS DIRECT DEBITS BREACH REPORTING
—— prompted improvement in —— improved information INQUIRY
banks’ practices through available for customers on —— increased transparency
compliance investigations banks’ websites in banks’ compliance with
—— improving compliance the Code
with the Code’s direct —— developed new insights to
debit obligations in some support targeted inquiries
banks and investigations
—— planned ongoing —— shared learnings to
monitoring to encourage promote better outcomes
continued improvement for customers
2 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICE
Message from the Chair and CEO
go unnoticed. The CCMC also set
the expectation that banks should
assess customer impact for all
breaches. Breaches that affect
customers must be corrected and
where appropriate, the customer
should be compensated.
As the CCMC prepares for the
new year, we remain focused
on providing robust monitoring
and leading a smooth transition
to the new Code. As set out in
our Strategic Plan, we intend to
develop guidance for banks to
encourage a consistent approach
and ensure that they are ready to
comply with the new Code from 1
July 2019.
This year brought more change However, this year we decided As always, I thank my colleagues
and challenges for the banking to present only a summary of Gordon Renouf and Sharon
sector and the CCMC. In 2017–18 the data, setting out banks’ full Projekt for their support and
we faced a formidable workload end-of-year results in a separate, expertise during the year. Sharon’s
as preparations for the new dedicated report released in term on the Committee came
Banking Code of Practice hit November 2018. to an end on 26 October 2018
full swing and we were invited and we take this opportunity to
Due to ongoing and systemic express our thanks to Sharon for
to contribute to the Royal
noncompliance, the cancellation her invaluable contribution to
Commission into Misconduct in
of direct debits has been a the CCMC where she fulfilled the
the Banking, Superannuation and
consistent focus of our monitoring role of Industry Representative for
Financial Services Industry.
program over a number of years. over 6 years. Anne O’Donnell has
Despite these additional We are determined to oversee been recently appointed by the
demands on our time, we kept major improvement to banks’ Australian Banking Association as
a strong business-as-usual direct debit practices, and while the new Industry Representative
focus. Maintaining a robust our renewed focus on direct for a three-year term. Welcome to
compliance monitoring program debits prompted some progress the CCMC Anne, we look forward
is the CCMC’s top priority. To this year, banks still have a long to working with you in the years
that end, this year we devoted way to go. The CCMC will keep to come.
substantial time to improving the pressure on banks to do
our ways of working, improving better on direct debits, and will Finally, the Committee also thank
our data collection strategy and be reporting on the results of a our secretariat staff led by Chief
building on our Code compliance new large-scale mystery shopping Executive, Sally Davis, who has
risk framework to inform our activity in the first half of 2019. once again provided us with
investigations and inquiries. We’ve expert guidance and support over
Another focus for 2017–18 was the last 12 months.
also prioritised recruitment to
improving the quality and
bring in new compliance analysts
consistency in the way banks
to bolster our work capacity and
identify, record and report Code
expertise.
breaches. Reporting on our
Through our Annual Compliance breach reporting inquiry in June
Christopher Doogan AM
Statement we’ve implemented 2018, we presented a clearer
our new data collection strategy picture of banks’ Code breaches
and have been able to examine and identified a way forward
a comprehensive data set for their monitoring processes.
that better articulates banks’ We expect banks to have robust
compliance with the Code. In the compliance frameworks that Sally Davis
past we have detailed ACS results review staff, processes and
in the CCMC’s annual report. systems to ensure errors do not
2017–18 YEAR IN REVIEW 3
OVER ALL COMPLIANCE
10,123 breaches
9.5% since 2016–17
at least
3.43 million
people impacted
at least
Annual $95 million
Compliance
financial impact
Statement
The Annual Compliance TH E R ESU LTS: CO D E
Statement (ACS) was once CO M PLI A N C E I N 201 7 –1 8
again the centrepiece of our This year, banks self-reported 10,123
monitoring efforts, providing breaches of the Code, a decrease of
a big-picture overview of how approximately 9.5% from 11,191 in 2016–17.
The main categories for self-reported
well banks are complying with breaches – [provision of credit, privacy and
their Code obligations. confidentiality, and debt collection] – have
remained largely unchanged for the last
Data received through the ACS is used by three years.
the CCMC to identify emerging risks, set
its priorities for inquiries and in-depth-
investigations, and advise banks on where
they can improve.
A full summary of the CCMC’s analysis of bank’s ACS responses can be
found in the Data Report.
4 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICE
COMPL AINTS F I N A N C I A L D I F F I C U LT Y
1,130,037
complaints received
298,569
applications for assistance
6% since 2016–17 1.6% since
2016–17
91% closed within
5 days
207,545
applications approved
6% closed between
6 – 21 days
69.5% of all applications
received
3% closed after 3% since
2016–17
21 days
T O P 5 B R E A C H C AT E G O R I E S F O R 2 0 1 7 – 1 8
Internal
Privacy and Provision of Debt Compliance Dispute
Confidentiality Credit Collection with Laws Resolution
Breaches 4,464 2,489 725 594 406
People
Impacted 465,166 12,649 18,214 733,148 1,203
Financial
Impact $678,656 $8,436,790 $141,550 $9,434,113 $39,300
See the CCMC’s Code Breach Data Report 2017–18 for more detail on banks’ self-reported breaches in 2017–18.
2017–18 YEAR IN REVIEW 5Direct debits
The Code gives customers the right to cancel a direct debit with their
bank. But while our continued focus on direct debit practices prompted
some improvement this year, banks still have a long way to go.
P RE V IOUS WOR K ON D IRECT D EBIT S
In early 2017, the CCMC conducted mystery —— improve the direct debit information on
shopping in response to mounting customer their websites
concerns that banks were not complying with —— enable customers to cancel direct debits
their direct debit obligations. This revealed themselves with online banking
ongoing and systemic non-compliance: bank
—— provide direct debits training to more staff,
staff provided compliant advice in only 46% of
more often
interactions.
—— measure compliance with internal mystery
Reporting on these results, we sent a clear shopping
message that ongoing non-compliance
—— make sure compliance and quality
was unacceptable. We challenged banks to
assurance staff identify and manage
improve their practices, recommending
breaches, and
that they:
—— develop ways for customers to cancel both
direct debits and recurring card payments.
MY STERY SH OPPING IN 20 18 M A R C H 2 0 1 8 R E S U LT S
Follow-up mystery shopping this year showed
some compliance improvement. Call centre compliance:
Direct debits compliance trend, 2008 to 2018
75% (up 23%
from 2017)
56% Branch compliance:
46%
45% (up 20%
from 2017)
36% 4 banks
updated information for
33%
customers on their websites
LOO K I N G A H EA D
20%
Industry has a long way to go to comply with
its direct debit obligations. In 2018–19, we will
conduct another large-scale mystery shopping
exercise, and banks will have to report on
2008 2010 2011 2017 2018
what they have done to implement our 2017
PERCENTAGE OF CONTACTS THAT RESULTED IN recommendations. We will report on our
COMPLAINT RESPONSES findings in the first half of 2019.
6 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICEBreach reporting
This year the CCMC conducted an B R EAC H R EPO R TI N G I N Q U I RY
in-depth review of banks’ breach FI N D I N G S
identification, management and
Breach numbers
reporting processes. This renewed
focus on banks’ breach reporting has Code breaches reported in the 2016–17 Annual Report
were revised upwards by almost 8% to 11,191
increased transparency, holding banks
to account for non-compliance. Breach causes
Banks reported that:
—— 98% of breaches were caused by human error
—— 75% of breaches had a secondary cause, most
THE FOUR PILL ARS OF commonly a process deficiency or a process not
C C M C D ATA C O L L E C T I O N being followed
—— 1% due to a system error
1 What was the root cause? ——Investigations
The CCMC has powers to investigate allegations that a bank has breached
the Code. Investigations allow us to focus on concerns raised by individual
customers, and to consider compliance issues within individual banks.
In 2017–18, the CCMC received 32 new matters containing 53 Code
breach allegations.
Alleged Code breaches The CCMC closed 35 matters during 2017–18.
Of those only 10 fell within our jurisdiction and
in 2017–18
could be investigated. Of these:
CODE ALLEGED —— 5 matters were used to inform the direct
O B L I G AT I O N BRE ACHES debits inquiry, which identified systemic
non-compliance and a need for ongoing
Key commitments – Act fairly
and reasonably 11 monitoring.
—— 2 matters resulted in three confirmed
Financial difficulty 8 breaches of financial difficulty, debt
collection and internal dispute resolution
obligations. The banks involved
Internal dispute resolution 7 acknowledged the breaches and
demonstrated to the CCMC that they had
Provision of credit 6 remediated the customers affected and
changed their processes to prevent future
breaches.
Compliance with laws 5 —— 3 matters were investigated with the CCMC
finding that no breach had occurred.
Copies of documents 4
Matters that we could not investigate:
Chargebacks 4 Withdrawn/no further contact 13
Debt collection 2 Not a Code-subscriber/product not
covered by the Code
7
Privacy and confidentiality 2 Unable to investige (clause 3 and/
or 42)
4
Direct debits 1 Adopt finding of another forum 1
Terms and conditions 1
Statements of account 1
2
Code clause 36(b)iii states that the CCMC’s
Information relating to foreign
exchange services 1 compliance monitoring functions and powers do
not extend to clauses 3 and 4 of the Code unless
53
a breach of clause 3 or 4 is also a breach of
TOTAL
another provision of the Code.
8 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICECase study: thousands of customers Don’t set and forget – all communications
require regular review for compliance
were sent incorrect information about
financial difficulty arrangements – in The CCMC is very concerned that this letter
remained in circulation for such a long
breach of Code clause 32.1 period, without being identified by the
In November 2016, a community legal centre bank’s compliance or legal teams. The bank’s
approached the CCMC with concerns about how oversight – both in approving the letter and
one bank was communicating with its customers allowing it to remain in circulation for so
about financial difficulty arrangements. long – demonstrates a breakdown in the
bank’s financial difficulty and debt collection
The community legal centre told the CCMC that compliance framework.
the bank was writing to customers, advising them
that they had been approved for financial difficulty
assistance and would not receive further collections
The CCMC puts
calls. However, the bank also advised customers
that it may issue default or other legal notices, close
banks on notice
the account or default list the customer. that all customer
The CCMC’s investigation found that for three
years, the bank had been issuing this letter to all
communications
customers with an approved financial difficulty must be regularly
arrangement. Over this time, the bank estimated,
about 75,000 customers had received the letter. reviewed against legal,
The bank acknowledged the breach of Code clause regulatory and Code
32.1 and removed the letter from circulation.
obligations.
2017–18 YEAR IN REVIEW 9or language difficulties. The Code and financial counsellors to foster
requires banks to have processes better working relationships.
to swiftly accept and act on those The CCMC understands that the
authorities and instructions. bank now assigns represented
customers to specialist staff for
In late 2016 a community assistance.
legal centre employee raised
concerns that a bank was not
acting on her letter of authority.
If an authority
The representative told the
CCMC that she had advised
is in any way
the bank that the customer ambiguous
was particularly vulnerable and
unable to manage her financial bank staff
affairs. After providing a standard
form authority to the bank, the should make
customer continued to receive
phone calls and text messages.
further
Through its investigation, the enquiries,
CCMC found that the breach had
been caused by human error. The rather than
Case study: a bank failed
letter of authority had not been
loaded to the system correctly,
rely on
to act on a customer’s letter and the bank failed to follow-up assumptions.
and understand the nature and
of authority, and continued extent of the authority.
pursuing her for debt – in The CCMC expects banks to build
The bank acknowledged that it strong working relationships
breach of Code clause 32.1 had breached the Code, and said with not-for-profit community
that it had remediated the breach lawyers and financial counsellors,
Customers have the right
by providing refresher training on helping customers to overcome
to appoint a third-party
letters of authority to all financial their financial difficulty by
representative
difficulty and debt collection communicating and working
A customer may wish to appoint staff. The bank advised that it had flexibly with their representatives.
a third-party representative for a also improved its engagement
range of reasons, such as illness with community legal centres
Referrer’s location, matters received in 2017–18 LOO K I N G A H EA D
In last year’s Annual Report, we highlighted
1 overseas challenges in the investigations process and
1 unknown flagged our intention to revise the approach to
9 compliance investigations. While this remains
3 a priority, implementation has been set back
3 due to the delay in the approval of 2019
5 Banking Code of Practice and the associated
7 1 Committee Charter.
At the time this Report is printed, both the
Code and Charter have now been settled and
Referral source, matters received in 2017–18 approved, and the CCMC are actively working
toward its revised investigations process.
REFERRAL SOURCE NUMBER
Direct (individual customer) 28
Direct (small business customer) 1
Consumer advocate 2
The Financial Ombudsman Service (FOS) 3
1 3
The Financial Ombudsman Service (FOS) was replaced by
the Australian Financial Complaints Authority (AFCA) on 1
Australian Banking Association 0 November 2018.
10 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICEWorking with stakeholders
and the community
This year, the CCMC continued to build strong relationships with community
and consumer organisations, whose work on the front line provides invaluable
assistance to customers.
WO R KIN G W ITH CONS UME R The CCMC was also pleased to present at the
Annual Credit Law Conference, National Elder
A DVOCATES A ND Abuse Conference and 2018 Financial Counselling
R E P R ESEN TATIVE S Australia Conference.
Part of the CCMC’s role is to educate and provide The CCMC thanks the organisations that reported
guidance to consumer advocates and representatives potential non-compliance and contributed to
about the Code’s benefits and its relevance to their CCMC’s investigations and inquiries this year.
work. During 2017–18, the CCMC held Code training Drawing on this input, the CCMC was able to
sessions with financial counsellors in Victoria, target and improve direct debits compliance and
Tasmania and South Australia; covering key Code begin a wide-ranging inquiry into how banks assist
protections and how to refer potential breaches to customers in financial difficulty.
the CCMC.
WO R K I N G WI TH I N D U STRY A N D
Presented at PR EPA R I N G FO R A N EW CO D E
—— Annual Credit Law Conference
The CCMC was pleased to increase its engagement
—— National Elder Abuse with industry this year. Preparing for the 2019
Conference Banking Code of Practice was a focus, and we met
—— Financial Counselling Australia regularly with the Australian Banking Association and
Conference ASIC on its development. Our priority was to put in
place a strong governance framework that empowers
Provided training to the new Banking Code Compliance Committee to
—— Financial counsellors in robustly monitor compliance, share and encourage
Victoria, Tasmania and South good practice and hold banks to account when
Australia things go wrong. We also engaged with banks who
are planning to subscribe to the new Code, and were
—— FOS staff encouraged by some banks’ proactive approach.
Held more than 100 meetings, This year the CCMC made significant changes to
including with our operations, data collection and inquiries. We
acknowledge Code subscribers’ cooperation and their
—— FOS
contributions to this work.
—— Australian Securities and
Investments Commission
(ASIC)
—— Australian Banking Association
—— Code-subscribing and non-
subscribing banks
—— Financial Counselling Groups
—— Consumer Advocacy Groups
2017–18 YEAR IN REVIEW 11The Committee
Three representatives make up the Committee. The CCMC’s Independent Chair
is jointly appointed by the ABA and the Australian Financial Complaints Authority
(AFCA) Chief Ombudsman. The Chair is joined by an Industry Representative,
appointed by Code-subscribing banks, and a Representative of Individual and
Small Business customers, appointed by the consumer representatives of the
AFCA Board of Directors.
Christopher Doogan AM Sharon Projekt
FIML FAICD, Independent Chairperson Industry Representative
Current term: 31 January 2017 – 30 January 2020 Current term: 7 August 2015 – 26 October 2018
Chris is a company director and lawyer by background, having Sharon has a legal background with broad
occupied several senior positions in both the private and experience across the Australian retail banking
public sectors. sector in the areas of legal advice, compliance,
and internal and external dispute resolution.
His public sector positions included Deputy Comptroller-
She was first appointed to the CCMC in August
General and Comptroller-General of Customs prior to his
2012.
appointment to the High Court of Australia as inaugural Chief
Executive and Principal Registrar. In addition to partnership in She has extensive experience in escalated
a leading law firm of which he was the Managing Partner, he and complex complaint handling and
has been CEO of the National Capital Authority; Chairman of a investigations, having worked on a number of
company owned by the Commonwealth of Australia and the high-profile projects.
State of New South Wales, Law Courts Limited; Chairman of
Sharon has also worked on compliance-
a health insurance company, Australian Health Management
related projects including coordinating and
Group Limited; and Chairman of Community CPS Australia
implementing a terms and conditions project
Limited, a mutual bank (trading as Beyond Bank Australia).
to ensure banking compliance following the
He has written an administrative law textbook, is a trained introduction of the Financial Services Reform
mediator from Harvard Law School and has filled many Act, Code of Banking Practice and anti-money
community positions including Vice President of the Australian laundering legislation.
Institute of Management and membership of advisory bodies
Sharon has worked in debt recovery, providing
relating to tertiary education, health and finance.
legal advice on insolvency issues related to
He has been a member of several regulatory agencies mortgage and small to medium business
including the Commonwealth Tax Practitioners Board and banking customers. She completed the
the ACT Legal Practitioners Admission Board, and was a Insolvency Practitioners Association of Australia
member of the Australian Business Foundation Board, the Advanced Insolvency Law and Practice course
Principal Member of a specialist Commonwealth Appeals in 2002.
Panel, the independent Chairman of the Audit and Risk
Committee for the Family Court of Australia and the Federal
Circuit Court of Australia; and Chairman of the Board of
the Centre for Customs and Excise Studies. He is currently
the independent member of the ACT Community Services
Directorate Audit and Risk Committee, an Adjunct Professor
at Charles Sturt University, a Director of ACT & Southern NSW
Rugby Union Limited (the Brumbies) and a member of The
Winston Churchill Memorial Trust fellowship selection panel.
12 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICEThe secretariat
The Committee is supported by
a secretariat through a business
arrangement with the AFCA.
The secretariat is led by Chief Executive Officer, Sally
Davis, and is supported by a team made up of a Code
Compliance Manager, an Investigations Manager and
Compliance Analysts.
Gordon Renouf Sally Davis
Consumer and Small Business GAICD, Chief Executive Officer
Representative
September 2015 – current
Current term: 1 July 2017 – 30 June 2020
Sally was appointed as Chief Executive Officer
Gordon is a lawyer and consumer advocate. He on 1 September 2015. Sally previously worked
is a co-founder and CEO of Ethical Consumers as Senior Manager of Systemic Issues at FOS
Australia, which operates the Good On You and has worked at FOS and its predecessor
ethical shopping service. He is Deputy Chair schemes for over 18 years. Sally is an accredited
of Justice Connect and the Consumers’ mediator and holds a Bachelor of Commerce
Federation of Australia and serves on the and a Bachelor of Laws degree from the
boards of the Telecommunications Industry University of Melbourne and a Graduate
Ombudsman (as a Director with Consumer Diploma (Arts) from Monash University.
Experience) and Good Environmental Choice
Sally brings to this position extensive
Australia. He served two terms as a member of
experience in financial services, as well as good
the Commonwealth Government’s Consumer
relationships with regulators, industry and
Affairs Advisory Council, and from 2007 to
consumer groups.
2009 he was a member of the executive of
Consumers International, the global peak body Sally is also General Manager of Code
for national consumer organisations. Compliance and Monitoring at the AFCA. Her
work as General Manager involves the oversight
Gordon has worked as Director, Policy and
of four other codes of practice in the financial
Campaigns for the consumer group CHOICE,
services industry in addition to the Code of
Director of the National Pro Bono Resource
Banking Practice.
Centre, Director of the North Australian
Aboriginal Legal Aid Service and Director of the
Northern Territory Government’s 2004 Alcohol
Framework Inquiry.
The Committee met
11 times in 2017–18
2017–18 YEAR IN REVIEW 13CCMC financials Appendix 1
– Investigation summary
No determinations were made during the
30 JUNE 30 JUNE
2017 2018 2017–18 period.
Salaries CASES 2016 –17 2017–18
Salaries, gross Number of cases open
including at beginning of year 19 23
Committee (1 July)
$656,815 $697,451
remuneration, leave
provisions, Super Number of new cases 49 32
and Payroll Tax
Number of cases closed 45 35
Expenses Number of cases open
23 20
at end of year (30 June)
Office Costs $8,943 $10,575
(including 12 (including 8 on
Professional on hold*) hold*)
$82,659 $19,950
Assistance
BRE ACHE S 2016 –17 2017–18
Communications
Number of alleged Code
and Stakeholder $79,742 $108,594 77 53
breaches
Relations
Number of Code breaches
Technology $14,324 $8,998 4 3
confirmed
Occupancy Costs $28,424 $51,511
CLOSED C A SES 2016 –17 2017–18
Number of cases closed by
1 3
decision
Total Salaries and
Expenses $870,907 $897,079 Number of cases closed by
16 2
delegated decision
Total Funding $944,069 $1,120,919
Annual Surplus/
$73,162 $223,840*
(Deficit)
* Where an allegation is being considered by another forum, such as
AFCA or a court, the investigation is placed on hold until that other forum
has finished its review.
* Noting that the new Banking Code of Practice was
approved later than expected, the CCMC’s expenses for the
2017–18 period were less than anticipated. The CCMC has
therefore committed to contribute a portion of the surplus to
the 2018–19 budget.
14 MONITORING COMPLIANCE WITH THE CODE OF BANKING PRACTICEAbout the CCMC
The CCMC is an independent compliance CONTACTI N G TH E CCM C
monitoring body established under clause 36
of the 2013 Code of Banking Practice. Do you want to:
Its purpose is to monitor and drive best —— report a concern that a bank has
practice Code compliance, through a breached the Code?
collaborative approach with the banking —— make a general enquiry?
sector and other key stakeholders. —— provide feedback?
To do this the CCMC will: —— make a media enquiry?
—— examine banks’ practices You can contact the CCMC using the
—— identify current and emerging industry contact details below.
wide problems
—— recommend improvements to bank
practices, and
BANK I N G CO D E
—— consult with and keep stakeholders and COM PLI A N C E M O N I TO R I N G
the public informed.
COM M I TTEE
Do you want to know more about m. PO Box 14240 Melbourne VIC 8001
the Code or the CCMC? e. info@codecompliance.org.au
If you would like to know more about the p. 1800 931 678 (please ask for ‘Code
Code of Banking Practice or the CCMC, you Compliance’)
can refer to the CCMC website
w. www.ccmc.org.au
www.ccmc.org.au
2017–18 YEAR IN REVIEW 15B A N K IN G CODE COMPLIANCE M O NITORIN G COMMIT T E E www.ccmc.org.au
You can also read
