IT system flaws, staff shortages contribute to higher banking code breaches
Banks need to do a better job monitoring their IT systems to ensure customers are not the victims of over-charging and other breaches, says the Code Compliance Monitoring Committee in a review of breaches of the Code of Banking Practice.According to the CCMC annual report, banks reported 16 significant breaches of the Code during the year to June - double the number in the previous year. These breaches affected 150,000 customers, with a total estimated financial impact of A$13 million.The number of less significant breaches increased by 14 per cent and the number of customer complaints received by banks rose by 11.5 per cent.Significant breaches included a bank charging the wrong interest rate to its credit card customers, a bank charging ongoing financial advice fees when no advice was provided, failure to provide product disclosure statements where required and products being sold by staff not qualified to sell them.In one case a staff member "sold" life insurance policies to a number of dormant accounts as a way of increasing his bonus.In another, 23,500 customers were charged late payment and over-limit fees in error due to a system failure.And in another, 6800 customers received statements that included details of other customers' accounts.Factors that contribute to a breach being classified as significant include the number of consumers affected, the value of actual or potential loss suffered by consumers arising from the breach, the number and frequency of similar events, the impact of the breach on the bank's ability to supply the service, and indications that code compliance arrangements are inadequate.Banks also reported 6558 breaches that were not classified as significant - an increase of 14 per cent over the previous year.These breaches related to privacy and confidentiality, the provision of credit, debt collection, internal dispute resolution and financial hardship applications.Problems with the provision of credit included misinterpretation of internal lending policies and errors in affordability and serviceability assessments.The CCMC said that banks had improved the way they helped customers in financial difficulty but more needed to be done. Another area needing attention was meeting requests to supply copies of documents.The CCMC said the increases in both significant and non-significant breaches were the result of a combination of factors. There was inadequate monitoring of IT systems and, in many cases, a lack of staff able to cope with demand.It said a high proportion of significant breaches related to systems issues and it recommended that banks do more to monitor their IT systems.On the positive side, the increases were also the result of greater staff awareness of their obligations and a higher degree of monitoring in areas such a credit. There was evidence that banks were better able to identify and deal with issues.CCMC said it was satisfied that banks had developed and implemented initiatives to improve their compliance with the Code.Banks reported that they had received 1.2 million customer complaints - an 11.5 per cent increase.The Australian Bankers Association, which writes the Code of Banking Practice, has 25 members but only 13 of