Submission - Joint submission to the 2007 Review of the Electronic Funds Transfer (EFT) Code of Conduct to ASIC (May 2007)

1. Executive Summary

[ Galexia Dots ]

This document is a joint submission from CHOICE, the Consumer Action Law Centre and the Centre for Credit and Consumer Law to the Australian Securities and Investments Commission in respect of the 2007 Review of the Electronic Funds Transfer (EFT) Code of Conduct.

This Document was prepared by Galexia. Guidance, input and comments were received from a small reference group consisting of representatives of:

  • Consumer Action Law Centre;
  • Centre for Credit and Consumer Law;
  • Australian Privacy Foundation;
  • Consumer Credit Legal Centre (NSW); and
  • Care Inc. (Financial Counseling Service and Consumer Law Centre of the ACT).

Funding assistance was received from the Australian Securities and Investments Commission Consumer Advisory Panel (ASIC CAP).

As ASIC would be aware, many consumer and community groups have limited resources to participate in reviews of this size and import. With greater resourcing capacity, it might have been possible for other organisations to have also had a direct input into the preparation of this submission.

Consumer stakeholders see this review as an opportunity to dramatically improve the EFT Code. This submission attempts to answer every question raised in the ASIC Consultation paper and also provides additional comments and suggestions.

The core of this submission is a proposed five-step approach to improving the Code: 

Step 1: Retaining a fair liability approach

The current liability approach in Clause 5 of the Code is working well. Although there have been some changes in the vulnerability of Internet banking since the last review of the Code (for example the growth in social engineering attacks), there is no justification for changing the overall liability regime in the Code. Financial institutions remain in the best position to address security issues in Internet banking and the responsibility of consumers is already fairly addressed in the Code.

Two key suggested liability reforms are firmly rejected in this submission:

  • Increased liability for consumers who fail to secure their personal computers
    This submission presents detailed arguments outlining policy and practical issues which would be faced if this reform was to proceed.
  • Increased liability for consumers who respond to social engineering attacks
    Although there are measures that can be taken by banking customers in order to combat phishing attacks, this submission describes how these measures are considerably less effective than the technologies that can be utilised by financial institutions to deal with phishing.
Step 2: Improving the dispute resolution experience for consumers

This submission presents some suggested improvements to ensure internal and external dispute resolution processes are meeting the needs of consumers. Reference is made to the Consumer Caseworker Submission which contains detailed case studies of EFT related complaints. This submission endorses the recommendations contained in the Consumer Caseworker Submission.

Step 3: Shortening the Code

The Code has become long and unwieldy and this is having a negative impact on Code subscription, compliance, education and complaints management. Code length has a knock on impact on the length of terms and conditions as all clauses tend to be repeated by financial institutions in their terms and conditions – making them difficult to digest for consumers.

This submission recommends some significant changes to the Code in the interest of shortening the Code:

  • The complete removal of Part B of the Code;
  • Moving specific scenarios set out in the text to examples in notes rather than including them all as separate Clauses in the Code, and relying on common sense interpretation by internal and external dispute resolution; and
  • The removal of a number of minor Clauses (described in further detail in the submission).
Step 4: Simplifying the Code

The Code has become complex and difficult to interpret. This is having a negative impact on Code subscription and complaints management. Code complaints often relate to small value transactions and it is difficult to justify the expense of legal advice in interpreting the Code. Simplifying the Code will benefit all stakeholders.

This submission recommends some significant changes to the Code in the interest of simplifying the Code:

  • Removal of the business / consumer account distinction so that the Code can be more simply applied to all transactions. This will simplify terms and conditions, implementation, complaints management and data collection;
  • Removal of Part B from the Code will simplify the Code. Part B is technically complex and has delivered little benefit;
  • Removal of Part B and the collapse of Part A and Part C into one section will simplify the Code. There will be no requirement to refer to ‘Parts’ in the text;
  • Relocation of endnotes to short footnotes so that they can be read together with the text; and
  • Relocation of all Clauses on interpretation and scope into one section at the front of the Code (e.g. moving Clauses 8 and 20 to the beginning of the Code).
Step 5: Commissioning a Technology Neutrality Review of the final Code text

In addition to reviewing the Code content, this submission recommends a thorough Technology Neutrality Review of the Code text. This review should ensure that the terms used in the Code are defined broadly enough to encompass the wide range of technology that might be used to complete an EFT transaction. The key terms that require review are:

  • Electronic equipment;
  • Device;
  • Identifier; and
  • Code.

This issue is discussed in further detail in response to Q73 – Are there other issues not covered in this consultation paper that the review should address? below.