Galexia
             home
       about us
        services
        projects
       research
          contact
» home » research » assets » eft review  

Subscribe to Galexia news and announcements.
More information »

Specialised Legal and Regulatory Consulting: Galexia delivers detailed legal and regulatory analysis with a strategic perspective. Find out more »

[Review of E-commerce Legislation Harmonization in ASEAN (2013)]

Review of E-commerce Legislation Harmonization in ASEAN (2013)
Find out more »

Submission - Joint submission to the 2007 Review of the Electronic Funds Transfer (EFT) Code of Conduct to ASIC (May 2007)

[« previous] [next »] [up] [title page] [full contents]

Q9 – Do you have any suggestions as to how the scope of Part A of the Code might be defined more simply? Should Part A include a non-exhaustive list of the main types of transactions to which it applies?

The definition of scope in Part A appears to remain sufficiently broad enough to cover all target transactions. However, the drafting might be improved if the entire scope was described in Clause 1.1 without any need to refer to later provisions (e.g. 1.3 and 1.4).

Also, Clause 1.1 (B) appears to include a substantive regulatory requirement rather than a statement of scope – in that it requires financial institutions to be responsible for the actions of some third party providers. This Clause has always appeared out of place in a scope section.

A further issue relates to the definitions of some terms. These may need to be reviewed to ensure technology neutrality is maintained. One issue here is that modern access methods now include two-factor authentication approaches resulting in a plethora of new devices – smart cards, one-time password generators, mobile phones, USB tokens – all of which might play a role in providing access.

As a result, some of the definitions (e.g. ‘device’ and ‘electronic equipment’) may need to be reviewed for technology neutrality. Some initial observations show the complexity of these definitions in practice:

  • A mobile phone is currently defined as both a device and electronic equipment.
  • The definition of code means that it must be known to the user, but modern codes (e.g. one-time passwords) are generated by devices and only ‘known’ to the consumer for a short period.

It may be useful to conduct a thorough Technology Neutrality Review of the definitions in the Code once other clauses are agreed in the Review process. 

[« previous] [next »] [up] [title page] [full contents]

[view all] [download PDF version]

[up to research]

 

Search for:

HERE

PrintVersionprint this page

Sitemapsitemap

Subcribe to RSS newsrss news feed

Manage email subscriptionsmanage email subscriptions

Latest News

September 2019
Register of Public Galexia PIAs. Read more »

September 2019
Updates to Galexia Website. Read more »

September 2019
PM&C / Office of the National Data Commissioner (ONDC) releases Discussion Paper and accepts recommendations from Galexia’s PIA on the proposed Data Sharing and Release legislative framework. Read more »

August 2019
Galexia providing privacy advice and an independent public Privacy Impact Assessment (PIA) on 2021 Census for ABS. Read more »

June 2019
Galexia completes privacy advice and an independent Privacy Impact Assessment (PIA) on the Naval Shipbuilding College Workforce Register. Read more »

view all news items »

[Home] [Sitemap] [Print this page] [Privacy statement]

© Galexia Pty Ltd
Telephone: +61 (02) 9660 1111
Email: [email protected]