Banking Code Compliance Monitoring Committee Bulletin – July 2018

Welcome to Issue 27 of The Bulletin. In this edition:

 

The CCMC’s 2018–21 Strategic Plan and 2018–19 Workplan

The CCMC’s purpose is to monitor and drive best practice Code compliance, through a collaborative approach with the banking sector and other key stakeholders.

To achieve this, the CCMC will:

  • examine banks’ practices
  • identify current and emerging industry wide problems
  • recommend improvements to bank practices, and
  • consult with and keep stakeholders and the public informed.

The CCMC has published its three-year Strategic Plan which identifies its broad priorities to meet this purpose.

In addition, the CCMC has developed its Workplan for 2018–19 to set out the specific tasks to be completed in the year ahead. Key features of the Workplan include:

  • Develop and implement a revised risk based approach to Code compliance investigations.
  • Develop and implement the CCMC’s stakeholder engagement plan and external communications strategy.
  • Conduct a major Own Motion Inquiry into a Code compliance matter of high priority and continue the CCMC’s follow up work into Direct Debits (Code clause 21).

 

Own Motion Inquiry into breach reporting

On 28 June 2018, the CCMC published the report of its inquiry into banks’ reporting of Code breaches.

The CCMC had identified inconsistencies in how banks record and report Code breaches and undertook the inquiry to better understand banks’ data and to improve its data collection strategy. The inquiry investigated breaches previously reported in the 2016–17 Annual Compliance Statement (ACS), the CCMC’s core data collection tool.

The report outlines the CCMC’s key findings, and sets out is expectations of banks for monitoring Code compliance and reporting breaches.

In summary, the CCMC expects banks will:

  • Be diligent at all times in providing accurate and complete data in response to requests for information.
  • Use breach data to identify patterns and develop systems and system controls that prevent repeated human errors.
  • Use information about breaches caused by human error to review the effectiveness of staff training.
  • Fully investigate how each breach has impacted customers.
  • Remediate customers appropriately and to record and report all corrective actions.
  • Test systems regularly and comprehensively, wherever they rely on systems to fulfil their obligations to customers.

The CCMC will continue to provide feedback to banks to ensure that the consistency and quality of breach reporting in the ACS is of the highest possible standard.

The CCMC will report outcomes from its 2017–18 ACS in its next Annual Report, due November 2018.

Report: CCMC Own Motion Inquiry – Breach Reporting PDF (567KB, 49 pages).

 

The revised Banking Code of Practice and the Banking Code Compliance Committee

In December 2017, the Australian Banking Association (ABA) submitted the revised Banking Code of Practice (the revised Banking Code) and the Banking Code Compliance Committee (BCCC) Charter to the Australian Securities and Investments Commission (ASIC) for approval under section 1101A of the Corporations Act 2001.

Following its lodgement of the revised Code, the ABA has made further changes. The latest version of the draft revised Code, as at 23 April, is available on the ABA’s website.

ASIC’s approval of the revised Code was considered at the Round 3 hearings of the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry in May 2018. The CCMC understands that the ABA and ASIC have continued discussions about the approval of the revised Banking Code following those hearings.

The CCMC awaits further information from the ABA about the approval of the revised Banking Code and will provide further details about its approach to transition following Code approval.

 

Financial difficulty transitional inquiry

The CCMC is currently conducting an inquiry into the Code’s financial difficulty obligations.

The CCMC scheduled a follow-up inquiry of banks’ compliance with Code clause 28 under item 1.7 of the its 2017-18 Workplan. The CCMC has broadened the scope of the inquiry to cover compliance with the 2013 Code and include a ‘transitional inquiry’ to account for revised Code provisions.

The CCMC expects the revised Banking Code to expand the financial difficulty provisions of the current Code and introduce a strong focus on vulnerable customers. In anticipation of the revised Code, the CCMC considers that it is timely to begin assisting banks with their transition.

Through this Inquiry, the CCMC will assess current levels of compliance with the 2013 Code, while also gathering information to provide guidance to banks on best practice principles.

The purpose of the Inquiry is to:

  • Assess, benchmark, and report on banks’ level of compliance with clause 28 of the 2013 Code.
  • Share examples of good practice with the industry and community.
  • Assess the adequacy of banks’ financial difficulty frameworks and provide guidance about alterations required to meet the revised Code obligations relating to financial difficulty.
  • Develop guidance for the industry on best practice principles when working with customers to overcome financial difficulty.

The CCMC plans to publish its findings by September 2018.

If you have information to contribute to the inquiry please contact the CCMC’s Compliance Manager, Donna Stevens at dstevens@codecompliance.org.au.

 

The 2017–18 Annual Compliance Statement (ACS) program

The CCMC has provided banks with the 2017–18 Annual Compliance Statement (ACS) for completion. Following up on the breach reporting inquiry, the CCMC is asking banks to provide a detailed breakdown of Code compliance data to enable it to fully explore trends and emerging issues.

The CCMC consulted with banks on the development of the ACS between during April 2018, and will continue this engagement in the coming months to understand banks challenges when completing the ACS.

The outcomes of the ACS program, including any emerging risks and identified good industry practice, will be discussed with key stakeholders directly and published in the CCMC’s Annual Report for 2017–18.

 

Stakeholder engagement

The CCMC has met regularly with the ABA and ASIC to discuss its work program and ongoing developments regarding the revised Banking Code and the associated governance and compliance framework.

Along with the CCMC’s regular engagements with banks, consumer representatives and FOS, members of the Committee and its staff also:

  • Met with all subscribing banks and the ABA to discuss the CCMC’s Code monitoring activities and workshop the 2017–18 ACS.
  • Presented at the Financial Counselling Australia conference in Hobart.
  • Attended the Banking and Wealth Summit in Sydney.

 

CCMC Investigations – Key statistics

Between 1 March 2018 and 31 May 2018, the CCMC:

  • Received 4 new matters, which raised allegations of non-compliance with the following Code obligations:
    • provision of credit (2 allegations)
    • internal dispute resolution (2), and
    • compliance with laws (1).

 

  • Finalised 4 matters, including:
    • Two that were outside of the CCMC’s jurisdiction because they were allegations of breaches of Code clause 3 (key commitments) only. Under clause 36(b)iii of the Code, the CCMC’s investigations powers do not extend to clause 3 unless a breach of clause 3 is also a breach of another Code obligation.
    • One that was outside of the CCMC’s jurisdiction because the allegation was not about a Code subscriber.
    • One where there was no further contact from the person making the allegation.
Tagged with: , , , , , ,
Posted in Bulletins, News & Publications

CCMC 2018–21 Strategic Plan and 2018–19 Workplan

The Banking Code Compliance Monitoring Committee (CCMC) is an independent compliance monitoring body established under clause 36 of the 2013 Code of Banking Practice (the Code). Its purpose is to monitor and drive best practice Code compliance, through a collaborative approach with the banking sector and other key stakeholders.

To achieve this, the CCMC will:

  • examine banks’ practices
  • identify current and emerging industry wide problems
  • recommend improvements to bank practices, and
  • consult with and keep stakeholders and the public informed.

The Committee has prepared its 2018–21 Strategic Plan to identify the broad priorities for its work:

  • Monitor and investigate banks’ compliance with the Code.
  • Improve practices and outcomes for customers.
  • Build strong relationships with consumer, small business and agribusiness advocacy groups.
  • Lead the transition to a revised Code.

The Strategic Plan also provides a framework for how the CCMC considers it can achieve a meaningful impact on the banking industry for the benefit of its customers.

In addition, the CCMC has developed a Workplan which sets out the tasks to be completed in 2018–19 . Key features of the Workplan include:

  • Develop and implement a revised risk based approach to Code compliance investigations.
  • Develop and implement the CCMC’s stakeholder engagement plan and external communications strategy.
  • Conduct a major Own Motion Inquiry into a Code compliance matter of high priority and continue the CCMC’s follow up work into Direct Debits (Code clause 21).

When the revised Banking Code of Practice has been finalised, the CCMC will develop an additional Workplan to set out its areas of focus to support banks’ transition.

The CCMC’s Strategic Plan and Workplan can be downloaded using the links below:
 
CCMC Strategic Plan 2018–21 (PDF, 104kb)
 
CCMC Workplan 2018–19 (PDF, 248kb)

Tagged with: , , , , , , ,
Posted in News & Publications, Workplans

Media Release: Independent monitor investigates banks’ Code breach reporting

The independent Banking Code Compliance Monitoring Committee (CCMC) has today released a report examining, in detail, banks’ reporting of Code breaches in compliance with the Code of Banking Practice.

Overall, the Committee was encouraged by the banks’ responses to its inquiry into breaches that occurred during 2016­–17. It did, however, identify several areas for improvement.

When reporting to the CCMC, banks identified human error rather than systems failure or fraud as the main cause of non-compliance. It was responsible for 98% of breaches.

In response, the CCMC suggested that banks should examine ways to develop systems and system controls that prevent repeated errors.

The inquiry also found that for around one-quarter (26%) of breaches, banks did not report any associated corrective action.

“When banks do the wrong thing, we expect them to correct their mistakes” the Independent Chair, Prof Christopher Doogan AM, said. “Our inquiry found that, of the almost 10,000 breaches examined, banks reported that at least 150,000 customers were impacted. We believe this would be significantly higher if banks comprehensively reviewed the impact of all their Code breaches.”

The most commonly breached Code obligation was provision of credit, accounting for 42% of all breaches. Other major breach categories were privacy and confidentiality (28%) and debt collection (21%).

This inquiry is part of the CCMC’s ongoing strategy to improve compliance by banks.

  • The Committee aims to ensure that subscribing banks honour their obligations to their customers under the industry Code. It monitors banks’ practices, identifies and reports on industry-wide problems and encourages continuous improvement in the sector. It is comprised of consumer and banking representatives with an independent Chair.

 

Report: CCMC Own Motion Inquiry – Breach Reporting PDF (567KB, 49 pages).

Information about the Banking Code Compliance Monitoring Committee is available on its website, www.ccmc.org.au.

 

Further information:

Donna Stevens

Chief Executive Officer (Acting)

Banking Code Compliance Monitoring Committee

dstevens@codecompliance.org.au

(03) 9099 2295

Tagged with: , , , , , , , ,
Posted in Inquiry Reports, News & Publications

Banking Code Compliance Monitoring Committee Bulletin – April 2018

Welcome to Issue 26 of The Bulletin. In this edition:

 

The revised Banking Code of Practice and the Banking Code Compliance Committee

On 19 December 2017, the Australian Banking Association (ABA) submitted the revised Banking Code of Practice (the revised Banking Code) and the Banking Code Compliance Committee (BCCC) Charter to the Australian Securities and Investments Commission (ASIC) for approval under section 1101A of the Corporations Act 2001.

The CCMC has had extensive interactions with both the ABA and ASIC in recent months to share its views on both the revised Banking Code and its associated governance and compliance monitoring arrangements.

The CCMC anticipates that the revised Banking Code will be published in the coming months and that this will initiate the CCMC’s transition to the BCCC.

 

The CCMC’s monitoring program for 2018

The following Code monitoring activities are either in progress or under development:

 

Own Motion Inquiry into breach reporting

The CCMC stated in its 2016–17 Annual report that it has recognised the need to better understand the underlying issues and customer impact of breaches reported to the CCMC. The CCMC has commenced an Own Motion Inquiry to better understand the issues, customer impact and financial impact of the breach data reported for the 2016–17 reporting period.

Through this Inquiry the CCMC will:

  • benchmark and report to industry and the wider community on banks’ monitoring practices, and compliance with the Code
  • establish the areas of highest priority for its future monitoring work, and
  • develop its strategy for future data collection.

The CCMC plans to publish its findings by June 2018.

 

A transitional inquiry into the financial difficulty obligations under the 2013 Code and revised Banking Code

The CCMC anticipates that the revised Banking Code will expand the financial difficulty provisions of the 2013 Code and introduce a strong focus on vulnerable customers.

Under item 1.7 of the CCMC’s 2017-18 Workplan, the CCMC is scheduled to undertake a follow-up review of banks’ compliance with Code clause 28 (financial difficulty). The CCMC is currently scoping an inquiry which will monitor compliance with the 2013 Code and also gather information to provide guidance that assists banks with their transition to the revised Banking Code.

Through this Transitional Inquiry, the CCMC will aim to:

  • Assess, benchmark, and report on banks’ current level of compliance with the Code.
  • Share examples of good practice with the industry and community.
  • Assess the adequacy of banks’ financial difficulty frameworks and provide guidance about alterations required to meet the revised financial difficulty Code obligations.
  • Develop guidance for the industry on best practice principles when working with customers to overcome financial difficulty.

The CCMC plans to publish its findings by September 2018.

 

The 2017–18 Annual Compliance Statement (ACS) program

The CCMC is currently developing its 2017–18 ACS which enables the CCMC to:

  • Benchmark banks’ compliance with the Code during that period.
  • Report on current and emerging issues in Code compliance to the industry and wider community.
  • Establish the areas of highest priority for its future monitoring work.

In line with the CCMC’s approach to data collection in its breach reporting Inquiry, the CCMC will seek detailed breach reporting data from banks, along with information about:

  • the implementation of recommendations from previous CCMC reports
  • complaint and dispute resolution, and
  • requests for financial difficulty assistance.

The outcome of the 2017–18 ACS program will be reported in the CCMC’s 2017–18 Annual Report in November 2018.

 

Improving banks’ compliance with direct debit cancellation obligations

In October 2017, the CCMC reported that:

  • customers continue to be frustrated by bank staff providing incorrect information about cancellation of direct debits, and
  • will continue this monitoring until it is satisfied that compliance has permanently improved to a sufficient level.

The CCMC is conducting periodic, ad-hoc and small-scale mystery shopping exercises to test banks’ compliance and will include several questions in the 2017–18 ACS asking banks to report on their efforts to enhance compliance and the effect of those efforts.

Again, the CCMC will report on the outcomes of these activities in its 2017–18 Annual Report.

 

More broadly, the CCMC is mindful of the many external developments that are likely to have an impact on its operations and those of Code subscribing banks throughout 2018, including the Royal Commission into misconduct in the banking, superannuation and financial services industry.

The CCMC will continue to monitor these developments for any impact on its work.

 

Stakeholder engagement

The CCMC has met regularly with the ABA and ASIC to discuss its work program and ongoing developments regarding the revised Banking Code and the associated governance and compliance framework.

In December 2017, Rural Bank Limited became the 14th bank to adopt the 2013 version of the Code. CCMC staff have met with Rural Bank to discuss the CCMC’s Code monitoring program.

Among other things, CCMC staff and representatives also recently:

  • Attended the ASIC Annual Forum in Sydney.
  • Met with Gerard Brody (Chair, Consumers’ Federation of Australia and CEO, Consumer Action Law Centre)
  • Attended the Financial Counsellors’ Association of Queensland 2018 Annual State Conference in Noosa, Qld.
  • Presented at the South Australian Financial Counsellors Association Professional Development Day in Adelaide, SA.
  • Presented at the ‘Together making change’ 5th National Elder Abuse conference in Sydney.
  • Met with staff from the Consumer Action Law Centre in Melbourne to discuss current issues for customers in financial difficulty.
  • Met with a bank that plans to adopt the revised Banking Code.

In April 2018, the CCMC will meet with all subscribing banks and the ABA to discuss the CCMC’s Code monitoring activities and workshop the 2017–18 ACS.

 

CCMC Investigations – Key statistics

Between 1 December 2017 and 28 February 2018 the CCMC:

  • Received 8 new matters, which raised allegations of non-compliance with the Code related to:
    • financial difficulty (3 allegations)
    • provision of credit (2)
    • key commitments (1)
    • direct debits (1)
    • debt collection (1)
    • terms and conditions (1)
    • internal dispute resolution (1), and
    • information relating to foreign exchange services (1).

 

  • Finalised 19 matters, including:
    • Two where banks agreed to self-report breaches of the Code.
    • One where the CCMC found that there had not been a breach of the Code.
    • Five where the CCMC incorporated allegations into its wider monitoring of the direct debit obligations under the Code.
    • Two that were outside of the CCMC’s jurisdiction because they did not relate to a Code subscriber.
    • Four that were outside of the CCMC’s jurisdiction because they did not relate to products or services to which the Code applies.
    • Two where the Code breach allegations were withdrawn.
    • Three where there was no further contact from the person making the allegation.
Tagged with: , , , , , , , ,
Posted in Bulletins, News & Publications