The Customer Owned Banking Code Compliance Committee (the Committee) has released its ACS Verification Report 2019–20: Insights and Learnings.
This Report is an addition to the summary data published in the Committee’s Annual Report in December 2020. It contains analysis of the self-reported data collected in the 2019–20 Annual Compliance Statement (ACS) and of the Committee’s subsequent in-depth discussions with 25 subscribing customer owned banking institutions.
This is a Customer Owned Banking Code Compliance Committee (COBCCC) media release, originally published on 31st May, 2021.
The Report outlines the Committee’s observations about compliance with obligations set out in the Customer Owned Banking Code of Practice (the Code) during a year marked by devastating natural disasters and global pandemic. It also provides important recommendations and shares useful examples of better practice.
With the imminent release of the revised Code, the Committee urges subscribers to use this Report and the guidance and examples it contains as a catalyst for self-examination of compliance with Code obligations to customers. Key observations include:
- Connection between reported breach numbers and solid compliance frameworks: Analysis highlighted a link between high levels of self-reported Code breaches and the possession of solid compliance frameworks – and, conversely, the link between low or nil breach numbers and poor frameworks. The Committee observed that higher reported breach numbers often – though not always – reflected closer monitoring of specific Code obligations and organisations willingness to investigate and learn from root causes of breaches.
- A focus in the 2019–20 ACS on vulnerable customers identified many subscribers working to improve in this critical area. Practical actions included increasing staff awareness, creating designated advocates, and leveraging IT systems to protect vulnerable customers from scams and fraud.
- A sharper subscriber focus on privacy might have contributed to more reported breaches in this area, as subscribers implemented strategies to address privacy issues, including the appointment of specific privacy officers and supporting stronger action from front-line staff.
- While the pandemic presented challenges for business continuity, this sector’s close relationship with its customers often came to the fore, with many subscribers adopting a highly personalised approach. The Committee encourages subscribers to maintain this focus in the future.
In previous years, analysis of ACS data and information gathered in subscriber surveys appeared in the Committee’s Annual Report. In 2019-20 the Annual Report contained summary data and the full analysis is published in this supplementary ACS Verification Report.
Separate publication of the detailed findings gives the Committee the time and scope to explore the background, context and practicalities underlining breach and complaint data collected in the ACS and associated issues to deepen our understanding of day-to-day practices and to provide greater insight into how customer owned banking institutions can best respond to the consumer protections enshrined in the Code.
There was some subscriber confusion about ACS terms and requirements, which sometimes led to errors in reporting and over-reporting. The Committee is refining its ACS instructions in response.
This year’s verification process included detailed discussions with 25 subscribing institutions, almost half our subscriber base and the most we have ever canvassed.
The insight the Committee gained into the day-to-day workings of customer owned banking institutions, and how they address Code obligations, proved invaluable. We expect to continue this deeper exploration in future standalone ACS reports.