Banking Code monitoring body calls for further improvements in breach reporting

Magnifying glass held over a piece of paper

In a report released on Monday, the Banking Code Compliance Committee (BCCC) has urged banks to improve their breach reporting to the BCCC.

The report summarises banks’ self-reported breach data for the six months that followed their adoption of a revised Banking Code of Practice on 1 July 2019.

The report outlines that banks have reported:

  • 20,863 breaches for the period July to December 2019
  • there were more than 4.4 million customers affected, and
  • the breaches had a financial impact of more than $100 million.

The report notes that compared to the final year of the previous 2013 Banking Code, there was a pro rata increase in breaches. That increase is mostly attributed to two subscribing banks improving how they report.

The BCCC’s Independent Chairperson, Ian Govey AM, noted the importance of banks reporting fully and transparently to the BCCC.

“Self-reporting to the BCCC is a demonstration that banks can identify and fix problems,” he said. “The BCCC is encouraged that the data indicates some banks are taking our feedback on board and making progress. We expect it will lead to improved customer outcomes in the long term.”

Mr Govey also noted the Committee’s ongoing concerns about the quality of data banks are reporting.

“While the quality of reported data is generally better than we have received previously, there remains substantial room for improvement. Now, more than ever, it is important that banks provide accurate, complete and consistent data about how well they are living up to their promises to customers.”

The Code obligations most commonly breached by banks were privacy and confidentiality requirements, commitments to train staff to understand the Code, and engaging with customers in a fair, reasonable and ethical manner.

BCCC Media Release 31/08/2020