Note: Where available, the PDF/Word icon below is provided to view the complete and fully formatted document
Review of the Four Major Banks: First Report
8. 8. Improve Internal Dispute Resolution Schemes
“IDR appears to be broken - one talks to different members of staff every time one calls; emails go unanswered, letters from us claiming breach of responsible lending have been treated as requests for hardship” Joint Consumer Group submission to the Review of the Financial System Dispute Resolution Framework[1]

Recommendation 8

8.1
The committee recommends that the Government amend relevant legislation to give the Australian Securities and Investments Commission (ASIC) the power to collect recurring data about Australian Financial Services licensees’ Internal Dispute Resolution (IDR) schemes to:
  • enable ASIC to identify institutions that may not be complying with IDR scheme requirements and take action where appropriate; and
  • enable ASIC to determine whether changes are required to its existing IDR scheme requirements.
8.2
The committee further recommends that ASIC respond to all alleged breaches of IDR scheme requirements and notify complainants of any action taken, and if action was not taken, why that was appropriate.
8.3
Even with appropriate internal governance and risk management processes in place, there will always be situations in which disputes arise.
8.4
Therefore it is critical that internal dispute resolution (IDR) schemes are properly designed and adequately resourced to ensure that any disputes with consumers or small businesses are resolved effectively.
8.5
Complainants must attempt to resolve disputes through a licensees’ IDR scheme before their complaints can be considered by an EDR scheme. IDR is an important first step in the disputes handling process because:
  • it gives product providers the opportunity to address consumer concerns efficiently and effectively and can alert them to potential problems within their organisation that need to be addressed; and
  • it offers consumers and small businesses faster and less stressful dispute resolution than EDR schemes.
8.6
While ASIC has established regulatory standards for licensees’ IDR schemes, existing legislation limits ASIC’s ability to monitor compliance with these requirements on an ongoing basis.
8.7
There is very little accountability for the management of IDR schemes. If a licensee’s IDR scheme was not functioning properly, it is not clear that ASIC would know.
8.8
Given that inadequate IDR schemes can significantly harm consumers, this is of concern. In the worst cases IDR schemes can operate as a delaying tactic that forces some complainants to give up on pursuing justice entirely.
8.9
Evidence provided to the Ramsey Review by a range of consumer groups suggests that there has been little change in the industry’s approach to IDR since 2011, when ASIC reported that some IDR schemes could have ‘the effect of frustrating and ultimately deterring some complainants.’[2]
8.10
This evidence is bolstered by the significant growth in the number of complaints handled by the FOS and CIO during their latest reporting periods (around seven per cent, respectively).[3]
8.11
These findings suggest that structural problems with IDR processes may currently be forcing consumers to seek redress through EDR schemes, if not abandoning their disputes all together. However, because ASIC cannot gather recurring data on licensees’ IDR outcomes under existing legislation, it is not possible to draw firm conclusions at an industry and institutional level.
8.12
The committee therefore recommends that the Government empower ASIC to collect additional data on licensees’ IDR schemes, such as:
  • the number of disputes initiated;
  • the number of disputes resolved;
  • the number of disputes abandoned; and
  • the average time taken to resolve a dispute.
8.13
This data will enable ASIC to better understand the system’s failings and take action, if required. The committee further recommends that ASIC use this data:
  • to identify entities with IDR schemes that are not operating as expected and take remedial and, if appropriate, enforcement action; and
  • to inform a review of ASIC’s IDR scheme requirements, to determine whether changes are required (such as the inclusion of more formal rules) to improve consumer outcomes.

Monitoring compliance with Internal Dispute Resolution requirements

8.14
ASIC is a risk-based supervisor. ASIC focusses its activities on sectors and institutions that present the greatest potential harm to consumers and/or market integrity.
8.15
However, because ASIC does not have the power to collect recurrent data on licensees’ IDR schemes,[4]it cannot determine which institutions’ IDR schemes present the most potential harm to consumers. This makes it very difficult for ASIC to monitor institutions’ compliance with IDR scheme requirements.
8.16
Given this knowledge gap, the committee is unsurprised that questions about whether ASIC dedicates sufficient resources to monitoring compliance with IDR requirements have been raised.
8.17
The committee is surprised, however, at suggestions by both Legal Aid NSW[5] and the Consumer Action Law Centre that ASIC has not responded to serious complaints about certain institutions’ IDR processes. These complaints included that:
[CBA’s] IDR appears to be broken - one talks to different members of staff every time one calls; emails go unanswered, letters from us claiming breach of responsible lending have been treated as requests for hardship.[6]
8.18
This is of serious concern to the committee. Given the importance of IDR within Australia’s dispute resolution framework it is critical that it operates as intended.
8.19
The committee therefore recommends that:
  • ASIC respond to all alleged breaches of IDR scheme requirements and notify complainants of any action taken, and if action was not taken, why that was appropriate; and
  • ASIC review its level of ongoing assessment of licensees’ compliance with IDR scheme requirements to ensure that it is sufficient to ensure good consumer outcomes.

Internal Dispute Resolution Scheme Requirements

8.20
ASIC’s IDR scheme requirements are set out in Regulatory Guide 165: Licensing: Internal and external resolution. Requirements include:
  • IDR scheme compliance is to be self-certified;
  • IDR procedures should account for the size and complexity of the business, the nature of the consumer base, and the likely number and complexity of disputes;
  • disputes must be completed within 45 days (unless other timelines apply - for example, different timelines apply to some credit disputes);
  • the licensee must have systems to identify disputes related to hardship so that these can be prioritised; and
  • the IDR scheme must be capable of dealing with retail clients (which includes small businesses with less than 100 employees) at a minimum.
8.21
Australian Standard ISO 10002-2006 sets out additional requirements. For example:
  • the organisation’s top management should assess the needs for IDR resources and provide them;
  • the organisation should be actively committed to effective and efficient complaints handling; and
  • all complaints should be classified and then analysed to identify systematic, recurring and single incident problems and trends, and to help eliminate the underlying causes of complaints.
8.22
Principles-based requirements such as these have a number of advantages over a more explicit rules-based approach. For example they:
  • allow regulations to keep pace with technological and market developments;
  • promote compliance with the spirit of the law; and
  • can be appropriate for all regulated entities.[7]
8.23
As ASIC describes in relation to Regulatory Guide 165:
ASIC’s guidance provides significant scope for firms to tailor their IDR procedures according to the size and nature of their business, the range of products or services on offer, the profile of their customer base and the likely volume or complexity of complaints they may receive.[8]
8.24
However, principles-based systems can also create ambiguity about specific requirements and about minimum standards of expected compliance.[9] For this reason, in many cases regulations should be a ‘hybrid’ of principles and rules, where detailed rules provide clarity and structure to supplement high-level principles that remain flexible and promote a culture of compliance.
8.25
Given potential failings in the financial sector’s application of ASIC’s IDR requirements, the committee believes that ASIC must review Regulatory Guide 165 to determine whether changes, including the introduction of formal rules for matters such as scheme resourcing, are required to improve outcomes.

[1]     

Care Inc et al., Submission to Review of the Financial System Dispute Resolution Framework - Issues Paper, 10 October 2016, p. 26.

[2]     

ASIC, Report 245:Review of general insurance claims handling and internal dispute resolution procedures, August 2011, p. 34.

[3]     

FOS, Annual Review 2015-16, 2016, p. 4 and CIO, Annual Report on Operations 2014/15, October 2015, p. 2.

[4]     

ASIC, Review of the financial system external dispute resolution framework: Submission by ASIC, October 2016, p. 10.

[5]     

Legal Aid NSW, Submission to Review of the Financial System Dispute Resolution Framework - Issues Paper, October 2016, p. 16.

[6]     

Care Inc et al., Submission to Review of the Financial System Dispute Resolution Framework - Issues Paper, 10 October 2016, p. 26.

[7]     

Australian Law Reform Commission, For Your Information: Australian Privacy Law and Practice, 2008, p. 234.

[8]     

ASIC, Review of the financial system external dispute resolution framework: Submission by ASIC, October 2016, p. 9.

[9]     

Australian Law Reform Commission, For Your Information: Australian Privacy Law and Practice, 2008, p. 236.