Australia

Tardy bank breach reports costs consumers

ASIC has estimated about five million consumers have been left $500 million out of pocket due to late breach reporting by financial institutions.

CONSUMERS LEFT OUT OF POCKET BY DELAYS IN BREACH REPORTING BY FINANCIAL INSTITUTIONS

WHAT DID ASIC FIND?

* Serious and unacceptable delays in time taken to identify, report and correct significant breaches by 12 major financial services groups including the big four banks and AMP

WHAT IS THE AVERAGE TIME FOR THE KEY BREACH REPORTING STAGES?

* 1517 days (over four years) to identify an incident; for the four major banks it's 1726 days

* 28 days for an investigation to begin

* 128 days from investigation beginning to lodging breach report with ASIC

* 226 days until compensation for affected customers starts

* All up that's 1899 days or over five years

WHAT IS THE IMPACT ON CONSUMERS?

* ASIC says consumers out of pocket for an excessive period

* In some cases consumers are permanently disadvantaged (as firm was not able to return all funds to consumers financially affected by the significant breach)

* Total financial loss $497.2 million to 4.96 million consumers

- Average loss of $1.8 million per significant breach

- Average loss of $100 per consumer

* So far $437 million in financial remediation paid

WHAT DID ASIC'S REVIEW COVER?

* Big four banks - ANZ, CBA, NAB and Westpac

* AMP, Bank of Queensland, Bendigo and Adelaide Bank, Credit Union Australia, Greater Bank, Heritage Bank, Macquarie and Suncorp

* 715 significant breaches reported to ASIC between 2014 and 2017 (279 involved financial loss to consumers)

* Superannuation accounted for 40 per cent of the significant breaches

WHAT MUST BE REPORTED?

* Significant breaches of financial services laws and licence conditions must be reported to ASIC within 10 business days of institution determining there is a significant breach

* Test of whether breach is significant is subjective

* One in seven significant breaches reported late; majority were from NAB

WHAT ARE THE CONSEQUENCES?

* Failure to report within 10 business days is a criminal offence

* ASIC says current penalty - maximum of $52,000 for a corporation - is too low to have a deterrent effect

* A taskforce last December recommended making breach reporting rules stronger, clearer and more enforceable; extending requirement to cover breaches of credit laws; introducing a civil penalty for failure to report

* Government accepted recommendations in-principle, but deferred their implementation until it has the findings of the banking royal commission.

(Source: ASIC)

Share

3 min read

Published

Source: AAP

Share this with family and friends

Get SBS News daily and direct to your Inbox

Sign up now for the latest news from Australia and around the world direct to your inbox.

By subscribing, you agree to SBS’s terms of service and privacy policy including receiving email updates from SBS.

Follow SBS News
facebook
X (Twitter)
instagram
youtube
tiktok
rss
Download our apps
SBS News
iOSAndroid
SBS Audio
iOSAndroid
SBS On Demand
iOSAndroid
Listen to our podcasts
SBS News Update
An overview of the day's top stories from SBS News
SBS News In Depth
Interviews and feature reports from SBS News
SBS On the Money
Your daily ten minute finance and business news wrap with SBS Finance Editor Ricardo Gonçalves.
SBS News in Easy English
A daily five minute news wrap for English learners and people with disability
Get the latest with our News podcasts on your favourite podcast apps.
Watch on SBS
SBS World News

SBS World News

Take a global view with Australia's most comprehensive world news service
Watch nowOn Demand
Watch the latest news videos from Australia and across the world