Customer Owned Banking Code Compliance Committee releases Annual Data Report

The independent committee that monitors the Customer Owned Banking Code of Practice (the Code) has released its Annual Data Report. Drawn from breach and complaints data and from detailed discussions with all Code subscribers, the report includes insights, recommendations and examples of good practice.

This is a media release from the Customer Owned Banking Code Compliance Committee (COBCCC). It was originally published on 17th March, 2022. 

The report presents the findings of the 2021 Annual Compliance Statement Verification Program which, for the first time, involved detailed discussions with every one of the Code’s 56 subscribers. As well as enabling clarification of data supplied by subscribers, these conferences deepen the Customer Owned Banking Code Compliance Committee’s (the Committee) understanding of the challenges facing the sector and the practical everyday issues at individual institutions.

The report can be accessed here.

Data showed that breach numbers fell for the first time in six years, with subscribers reporting 2,248 Code breaches (down 11%), although there was a small rise in the number of subscribers reporting one or more breaches. More than 568,000 customers were affected, with a total financial impact exceeding $9 million.

The most breached Code provisions related to privacy, customer service, and legal and industry obligations, with privacy issues accounting for one in three self-reported breaches.

The Committee noted some improvements in reporting processes. More accurate reporting resulted from subscribers assessing breaches against specific Code obligations rather than categorising them under ‘catch all’ requirements such as customer service. Compliance uplift programs and upgraded reporting tools often led to improved data, especially when underpinned by robust compliance policy and staff training.

Concerningly, 15 subscribers reported nil breaches (which can indicate a flaw in detection systems). Almost all of these were subscribers with less than $500m in assets and typically relied on a single source of identification, usually a breach and complaints register. The report includes a number of recommendations to remedy this issue.

The Committee was also disappointed to find that subscribers did not specify a short-term remedial action for one-quarter of all breaches and did not provide details for long-term remedial action for three-quarters of all breaches. It reminds subscribers that breach information is a valuable source of intelligence that can lead to improved business practice as well as preventing Code breaches.

Self-reported complaints rose by almost 10% to 29,650, largely attributed by subscribers to the implementation of changes to meet ASIC’s new internal dispute resolution guidance. Measures included rolling out new complaints management systems, hiring additional staff, and training.

Code subscribers also reported an increased focus on training for staff and customers to combat the increasing prevalence of scams, fraud and other criminal activity.

“The Committee urges Code subscribers to review and share the findings and guidance provided in the Annual Data Report 2020–21 to help improve compliance monitoring and reporting, as well as all aspects of day-to-day business practice” said Jocelyn Furlan, the independent Chair of the Committee.

This data report supplements three key publications covering the same reporting period – the Annual Report, individualised Benchmark Reports, and ‘Learning by Example’ Report.


Enjoy this article? Sign up to our monthly newsletter and stay up to date on the latest consumer policy news.