One of the major banks reported a 50 per cent increase in Banking Code of Practice breaches last year, as ASIC’s stricter reporting requirements and its own increased monitoring had a big impact.
The Banking Code Compliance Committee has released its latest report, covering the period from January to June last year. Overall, breach numbers were down but a number of banks reported increases.
The 19 banks that subscribe to the code reported 20,605 breaches for the period, a fall of around 10 per cent compared with the previous six months. Two of the major banks reported falls (one a 38 per cent decline), along with seven other banks.
Two major banks reported increases – one by 50 per cent the other by 5 per cent – and six other banks reported increases.
Banks that reported increases said this was due to better detection and identification of potential code breaches due to improved risk culture, training and awareness.
The BCCC has long called for better monitoring by banks and also more effort on prevention. It said there was some evidence of banks improving their systems.
Breaking breaches down by parts of the code, one of the biggest increase was in breaches relating to guarantees. Last year, the BCCC issued a separate report on banks’ compliance with the guarantee provisions of the code, saying that “all audited banks had control gaps in their guarantee process which were not previously detected by their routine monitoring activities.”
Other areas where breach numbers increased included inclusive and accessible banking, managing an account, opening an account and using banking services.
Banks reported that 69 per cent of breaches were caused by human error alone and another 3 per cent by human error and another factor.
The BCCC is sceptical about this feedback. It said: “We are concerned that banks are continuing to identify human error as the cause of the majority of code breach incidents. Our analysis of many incidents attributed to human error indicates that better systems and processes, along with better controls and oversight could have prevented the breaches from occurring.”
There were 63 breaches related to scams and fraud, which affected 170 customers and had a financial impact of around A$6 million. These breaches included misuse of power of attorney, bank staff not completing identification processes and enabling fraudulent withdrawals, and repeated payments to scammers that were not subject to scrutiny.