BILLS DIGEST NO. 129, 2017–18
PDF version [377KB]
Paula Pyburne
Law and Bills Digest Section
25
June 2018
Contents
The Bills Digest at a glance
Purpose of
the Bill
Background
From
voluntary to mandatory
Recommendations
for change
Committee
consideration
Policy
position of non-government parties/independents
Position of
major interest groups
Financial
implications
Statement of
Compatibility with Human Rights
Key issues
and provisions
Other
provisions
Concluding
comments
Date introduced: 28
March 2018
House: House of
Representatives
Portfolio: Treasury
Commencement: Sections
1–3 on Royal Assent; Schedule 1, items 1–11 on the day after Royal Assent;
Schedule 1, item 12 on the later of immediately after the commencement of items
1–11 and 1 July 2018
Links: The links to the Bill,
its Explanatory Memorandum and second reading speech can be found on the
Bill’s home page, or through the Australian
Parliament website.
When Bills have been passed and have received Royal Assent, they
become Acts, which can be found at the Federal
Register of Legislation website.
All hyperlinks in this Bills Digest are correct as at
June 2018.
The Bills Digest at a glance
The National Consumer Credit
Protection Amendment (Mandatory Comprehensive Credit Reporting) Bill 2018 (the
Bill) amends the Privacy
Act 1988 and
the National
Consumer Credit Protection Act 2009 to mandate a comprehensive consumer
credit reporting scheme.
The Bill requires large Authorised Deposit-taking
Institutions (ADI) and certain other credit providers to supply comprehensive
credit information to eligible credit reporting bodies—of which there are
currently three.
The information that must be provided includes:
- identification
information, including name, date of birth and address
- consumer
credit liability information, including the name of the credit provider, type
of consumer credit, and maximum amount of credit available
- repayment
history information, including whether or not an individual is obliged to make
monthly payments in relation to a consumer credit agreement, and when those
payments are due and payable
- default
information, including information about payments that are overdue, and steps
taken to recover the overdue amounts
- payment
information including information about payments of overdue amounts that have
been made by an individual and
- new
arrangement information, including information about variations to a consumer
credit agreement.
The information is initially to be provided in two
tranches commencing on 1 July 2018 and 1 July 2019 respectively.
Purpose of
the Bill
The primary purpose of the National Consumer Credit
Protection Amendment (Mandatory Comprehensive Credit Reporting) Bill 2018 (the
Bill) is to amend the National Consumer
Credit Protection Act 2009 (Consumer Credit Act) to establish a
comprehensive credit reporting regime. The mandatory regime will require large
Authorised Deposit-taking Institutions (ADIs) to provide comprehensive credit
information on consumer credit accounts to certain credit reporting bodies.
The Bill also makes consequential amendments to the Privacy Act 1988.
Background
Licensing arrangements
The Consumer Credit Act, which contains the National Credit Code, applies to credit contracts entered into, on,
or after 1 July 2010[1]
where:
-
the lender is in the business of providing credit
-
a charge is made for providing the credit
-
the debtor is a natural person or strata
corporation
-
the credit is provided:
- for personal, domestic or household purposes or
- to purchase, renovate or improve residential property for investment
purposes, or to refinance credit previously provided for this purpose.[2]
Under the Consumer Credit Act a person cannot
engage in a credit activity if the person does not hold an Australian credit
licence (AC licence).[3]
Establishing the credit reporting
framework
The collection, use and disclosure of personal information
in Australia is regulated by the Privacy Act.
In 1991, Part IIIA was inserted into the Privacy Act
to extend its operation to consumer credit reporting.[4]
It provides a framework for the collection, disclosure and use of
credit-related information. The credit reporting provisions in Part IIIA facilitate
the sharing of credit-related information between credit providers and credit
reporting bodies. At present there are three credit reporting bodies in
Australia—Equifax, Experian and Illion
(formerly Dun and Bradstreet).[5]
Initially, the information that was shared related to
‘negative’ credit events.[6]
Negative reporting limits the collection of personal
information to that which relates to an individual’s credit delinquency, such
as defaults on payments or dishonoured cheques, and inquiries on the credit
record. Positive credit reporting permits the collection of personal
information which demonstrates an individual’s credit account activity, such as
the timeliness of payments, account type, the credit limit and the amounts of
credit liabilities.[7]
However the enactment of Privacy Amendment
(Enhancing Privacy Protection) Act 2012 (2012 Amending Act),
(in response to a report by the Australian Law Reform Commission)[8]
amongst other things:
- set
out five new kinds of personal information which would be reported and
- did
away with the concepts of ‘negative’ and ‘positive’ reporting, and instead introduced
the concept of ‘comprehensive’ reporting.
Comprehensive credit reporting will give credit providers
access to additional personal information to assist them in establishing an
individual’s credit worthiness. The additional personal information will allow
credit providers to make a more robust assessment of credit risk and assist
credit providers to meet their responsible lending obligations. It is expected
that this will lead to decreased levels of over-indebtedness and lower credit
default rates. More comprehensive credit reporting is also expected to improve
competition and efficiency in the credit market, which may result in reductions
to the cost of credit for individuals.[9]
Those amendments did not commence until 12 March 2014.
Regulatory code
An industry-developed regulatory code for Australia’s
credit reporting system was approved by the Office of the Australian
Information Commissioner in 2014.[10]
Participation in the expanded system was voluntary, with information being
shared on a reciprocal basis (participants have access only to the types of
information that they themselves have shared). The Australian Retail Credit
Association formalised this arrangement through the Principles
of Reciprocity and Data Exchange, which were approved by the Australian
Competition and Consumer Commission (ACCC) in December 2015.[11]
Notably, principle three:
... ensures that data meets a certain standard before it is
exchanged, by requiring that shared data adheres to the Australian Credit
Reporting Data Standard (ACRDS). The standardised system means that data
is communicated in a way that it can be universally understood by other
signatories to the PRDE [Principles of Reciprocity and Data Exchange].[12]
Current information shared
In the current voluntary credit reporting regime, credit
providers (such as financial services firms and utility providers) and credit
reporting bodies are permitted to share information related to:
- a
credit provider having sought a credit report (from a credit bureau) in
relation to an application for credit by an individual, and the amount of the
credit sought
- an
individual’s current credit providers
- any
credit defaults (which is the failure to meet legal repayment obligations) in
the previous five years
- a
credit provider’s opinion that an individual had committed a serious credit
infringement (such as credit fraud)
- the
type of credit account opened
- the
date the account was opened
- the
current limit of the account
- the
date on which the account was closed.[13]
In addition, ASIC-licensed credit providers are permitted
to share information related to payment history, including:
- whether
the individual was meeting their payment obligations and
- the
number of repayment cycles the individual was in arrears.[14]
From voluntary to mandatory
Responsible lending obligations
All holders of a credit licence must comply with the responsible
lending obligations.[15]
The responsible lending obligations are aimed at better informing consumers and
preventing them from being in unsuitable credit contracts. In particular:
- before
providing credit assistance to a consumer, a licensee must make a preliminary
assessment about whether the contract will be unsuitable for the consumer.[16]
To do this, the licensee must make inquiries and verifications about the
consumer’s requirements, objectives and financial situation[17]
and
- a
licensee is prohibited from providing credit assistance to a consumer in
relation to a credit contract if the contract will be unsuitable for the
consumer.[18]
Regulation 28XXF of the National Consumer
Credit Protection Regulations 2010 (Consumer Credit Regulations) deems
that a credit contract is unsuitable for a consumer if:
-
the consumer‘s requirements and objectives are to receive an
identified amount of credit
-
the credit contract is part of an arrangement by which the
identified amount of credit is provided, or to be provided, by:
- two
or more small amount credit contracts
- two
or more medium amount credit contracts or
- a
combination of small amount credit contracts and medium amount credit
contracts and
-
the amount that is payable under the combination of credit
contracts (in circumstances in which there is no default by the debtor) is
higher than the maximum amount that could be charged under a single credit
contract in accordance with the National Credit Code.[19]
|
Lenders are not able to fulfil
the responsible lending obligations where they have incomplete or inaccurate
information about the creditworthiness of a potential borrower.
Recommendations
for change
Financial System Inquiry
In December 2014, the Treasurer released the final report of
Financial System Inquiry 2014 (known as the Murray Inquiry after the chair of
the review, former CEO of the Commonwealth Bank David Murray AO) which examined
the Australian financial system.[20]
Amongst other things, the Murray Inquiry acknowledged that,
as the legislation which underpinned comprehensive credit reporting had come
into effect in March 2014, the regime had not, at that time, been fully
implemented. Nevertheless it noted:
Participation in [comprehensive credit reporting] is
voluntary, so the pace and extent of eventual participation in the regime is
not yet clear.
For credit providers, participation will depend on the
perceived net benefits, which will differ between different classes of credit
provider. For a major institution with a relatively large customer base, early
and full participation may provide, at least initially, relatively larger
benefits to other, smaller participants than for the institution itself.
As participation and system-wide data grow, net benefits
increase for all CCR participants. Further credit providers that do not
participate are at risk of adverse selection with respect to potential new
borrowers; a risk that becomes more acute as industry participation increases.[21]
Accordingly, the Murray Inquiry recommended that the
Government ‘support industry efforts to expand credit data sharing’ and if ‘participation
is inadequate, Government should consider legislating mandatory participation’.[22]
Productivity Commission inquiry
The Productivity Commission released its final report of its
inquiry into data availability and use in March 2017.[23]
For the purposes of that report, the Productivity Commission
characterised financial data as information that is created in the provision
and consumption of financial products and services, as well as data generated
in the course of government regulation and supervision of the financial system.[24]
The Productivity Commission considered whether
comprehensive credit reporting should be made mandatory or should remain
voluntary. It considered that there were ‘compelling reasons to mandate
participation in CCR’.[25]
Amongst other things, the perceived benefits of comprehensive
credit reporting are:
- additional
availability of credit-related information would improve credit allocation and
pricing so that at least some consumers who would be able to access cheaper
loans and
- allowing
smaller financial businesses and potential new entrants to have access to a
large pool of customer data may help to facilitate their entry into the market,
which could boost competition and innovation in the finance sector[26]
- if
data collected and stored by credit providers is viewed as jointly owned with
the customer then the customer should be allowed to share the data with third
parties, including for the purposes of a credit assessment, regardless of
whether their credit provider wishes to participate in CCR.[27]
On the other hand, compulsory comprehensive credit
reporting ‘would impose costs on all finance sector businesses legally obliged
to participate in the scheme’.[28]
In addition, the much greater volumes of data could give rise to ‘data quality
issues’.[29]
The Productivity Commission recommended:
The Australian Government should adopt a minimum target
for voluntary participation in Comprehensive Credit Reporting of 40% of all
active credit accounts, provided by Australian Securities and Investments
Commission (ASIC)-licensed credit providers, for which comprehensive data is
supplied to the credit bureaux in public mode. If this target is not achieved
by 30 June 2017, the Government should circulate draft legislation by 31
December 2017, to impose mandatory participation in Comprehensive Credit
Reporting (including the reporting of repayment history) by ASIC-licensed
credit providers in 2018.[30]
[emphasis added]
Move to a mandatory system
As stated above, the legislation to facilitate a voluntary
system of comprehensive credit reporting commenced in March 2014. However, in
September 2017, it was reported that ‘the figure for voluntary participation in
a CCR framework is less than one per cent, and the dial has barely
shifted for years’.[31]
The Government committed to implementing the
recommendation of the Productivity Commission in the 2017–18 Budget.[32]
In November 2017, the Government announced that it would legislate for a
mandatory comprehensive credit reporting regime to come into effect by 1 July
2018, on the grounds that the 40 per cent target would not be met. According to
the Treasurer, Scott Morrison:
The four major banks will be the first to face the mandated
reporting, given they account for approximately 80 per cent of the volume of
lending to households.[33]
Committee
consideration
Senate Standing Committee on
Economics
The Bill has been referred to the Senate Standing
Committee on Economics (Economics Committee) for inquiry and report by 29 May
2018.[34]
The comments by submitters to the Economics Committee are canvassed below.
The Economics Committee recommended that the Bill be
passed and that the Government ‘consider expediting its review of financial
hardship arrangements’.[35]
Labor senators on the Committee made additional comments, advising that they
are ‘cautiously supportive’ of the measures in the Bill, but will:
... take a very careful look at both the government's approach
to regulating the use of consumer financial data and whether any benefits of
mandatory comprehensive credit reporting will flow through to consumers.[36]
Labor senators recommended that the Bill be amended to
delay the first stage requirement by 12 months to 1 July 2019 ‘in order to
allow the Attorney-General's Department to complete its review of financial
hardship arrangements and for the government to provide a response to this
review’.[37]
Senate Standing Committee for the
Scrutiny of Bills
The Senate Standing Committee for the Scrutiny of Bills (Scrutiny
of Bills Committee) commented on the Bill in its report of 9 May 2018.[38]
The Scrutiny of Bills Committee acknowledged the
importance of improving the administration of Australia's credit reporting
regime. However, it expressed concern that requiring the disclosure of
mandatory credit information has the potential to unduly trespass on the
privacy of individuals—particularly the customers of the large ADIs
contemplated by the Bill, as the information required to be disclosed includes
a substantial amount of personal and financial information about individuals.[39]
Additional comments made by the Scrutiny of Bills Committee are canvassed below
under the heading ‘Key issues and provisions’.
Policy
position of non-government parties/independents
At the time of writing, no comments had been made by
non-government parties or independents in relation to the Bill, apart from the
comments by Labor senators on the Economics Committee, discussed above.
Position of
major interest groups
Arguments for compulsory credit
reporting
A 2015 report by KPMG to the Australian Retail Credit
Association outlines, amongst other things, the reasons for improved credit
data exchange in the following terms:
The exchange of credit data between financial institutions is
important to the ability of financial institutions to manage their credit risk—that
is, the risk of loss arising from the default by a borrower in respect of money
lent by the financial institution. Credit risk is the single largest financial
risk faced by most banks and other lenders. Reflecting this, most episodes of
bank distress or failure globally have arisen primarily because of inadequate
management of credit risk. The management of credit risk is the single biggest
factor that influences the prudential soundness of individual financial
institutions and the stability of the financial system. [40]
Generally, submitters to the Economics Committee inquiry accepted
that there are sound reasons for mandatory comprehensive credit reporting on
economic grounds—although there were some qualifications.
The Australian Banking Association welcomed the removal of
the existing information symmetry between credit providers and credit
applicants. Citing the New Zealand (NZ) model of comprehensive credit
reporting, it noted that benefits identified in the NZ regime included:
- giving
credit providers a more accurate and complete picture of individuals’ credit
worthiness, allowing them to make better assessments of risk and facilitate a
more responsible lending decision
- increasing
competition in the credit industry by enabling access to better information and
- opening
mainstream credit to a wider pool of individuals who may otherwise be excluded
due to a lack of verifiable information about them.[41]
Similarly, Dr Andrew Grant of the University of Sydney
Business School stated that the ‘introduction of credit sharing should improve
the amount of loans funded and the cost of loan funding for good borrowers’.[42]
Arguments against compulsory credit
reporting
Problems for lower income
applicants
The other side of that coin is addressed in the submission
by the Queensland Law Society (QLS) to the Economics Committee. QLS acknowledged
that the measures in the Bill enhance the ability of consumer credit providers
to lend responsibly. However, the submission expressed concern that
comprehensive credit reporting ‘may result in lower income applicants being
charged more for credit due to greater differential pricing based on more
available information’.[43]
The Financial Rights Legal Centre agreed, stating:
... some lenders are likely to use this increased information
not to deny people credit where it appears their finances are already
stretched, but to charge those customers more for credit. We may see a
significant increase in price discrimination including an influx of expensive,
priced-for-risk products, such as credit cards charging up to 48 per cent per
annum for those deemed risky.[44]
Security of data
Of concern to some submitters was the need for enhanced
privacy protections relating to notification, data quality, access and
correction, and complaints.[45]
According to the Office of the Australian Information Commissioner, ‘robust
information handling practices will be essential to ensure the success and
sustainability of this initiative’ ... ‘the Bill envisages active oversight by
the OAIC, particularly of security issues arising in the mandatory
comprehensive credit reporting system’.[46]
According to one commentator, requiring the banks to
release loan data to third parties increases the risk of data breaches.[47]
For example in 2017 US credit bureau Equifax was subjected to a cyber-attack
affecting over 143 million Americans.[48]
The data breach has led to increased risks of identity fraud and targeted
scams.
Financial
implications
According to the Explanatory
Memorandum, the Bill will have nil financial impact.[49]
Statement of Compatibility with Human Rights
As required under Part 3 of the Human Rights
(Parliamentary Scrutiny) Act 2011 (Cth), the Government has assessed
the Bill’s compatibility with the human rights and freedoms recognised or
declared in the international instruments listed in section 3 of that Act. The
Government considers that the Bill is compatible.[50]
Parliamentary Joint Committee on
Human Rights
The Parliamentary Joint Committee on Human Rights (Human
Rights Committee) commented on the Bill in its report of 8 May 2018.[51]
The starting point for its consideration was Article 17 of
the International Covenant on Civil and Political Rights (ICCPR)
which prohibits arbitrary or unlawful interferences with an individual's
privacy.[52]
The right to privacy includes respect for informational privacy, including the
right to respect for private and confidential information, particularly the
collection, storing, use and sharing of such information. The Human Rights Committee
noted that the introduction of a mandatory comprehensive credit reporting
scheme engages the right to privacy by requiring large ADIs to supply
comprehensive credit information to certain credit reporting bodies.[53]
The Human Rights Committee acknowledged:
Limitations on the right to privacy will be permissible where
they are prescribed by law and are not arbitrary, they pursue a legitimate
objective, are rationally connected to (that is, effective to achieve) that
objective and are a proportionate means of achieving that objective.[54]
The Human Rights Committee noted, amongst other things, the
safeguards that were in place to protect individuals' credit information in the
2012 Amending Act but was not satisfied that the Privacy Act
would ‘constitute an effective safeguard for the purposes of the right to
privacy in the context of this particular measure’.[55]
The Committee has asked the Minister for additional
information about the Bill. In particular, it sought information about whether
the requirement to provide comprehensive credit information is sufficiently
circumscribed, and information as to the adequacy and effectiveness of
safeguards.[56]
At the time of writing, the Minister’s response had not
been published by the Human Rights Committee.[57]
Key issues and
provisions
Entities supplying credit
information
Item 4
of the Bill inserts proposed Part 3‑2CA—Licensees supplying credit information to credit reporting
bodies into the Consumer Credit
Act. Part 3-2CA
applies to:
- an
eligible licensee and
- an
eligible credit reporting body.
The holder of an AC license is an eligible licensee
on 1 July 2018 or a later day provided that the licensee is a large ADI,
or is a body corporate of a kind prescribed by the regulations and is a credit
provider.[58]
The definition of large ADI is imported from
the Banking Act
1959. Essentially, the Minister may, by legislative instrument,
determine the kinds of ADIs that are large ADIs.[59]
The Government intends that the legislative instrument will provide:
- a
small ADI would have less than or equal to $10 billion on a three year average
of total resident assets
- a
medium ADI would have between $10 billion and $100 billion on a three year
average of total resident assets and
- a
large ADI would be any ADI with greater than or equal to $100 billion on a
three year average of total resident assets.[60]
Key issue—other credit providers
Some submitters to the Economics Committee expressed
concern that the Bill restricts the compulsory credit reporting scheme to the
major banks. For instance, Westpac has stated that it holds a firm belief that
it should apply to all credit providers.[61]
Westpac expressed its concern that whilst ‘the Government is open to including
other [credit providers] at a later date, there appears to be no mechanism to
monitor when other credit providers come on board and the speed at which that
occurs’.[62]
On the other hand, the Customer Owned Banking Association
(COBA) which is the industry association for Australia’s customer owned banking
institutions such as mutual banks, credit unions and building societies, supported
the Government’s decision to confine the measures in the Bill to large ADIs,
for the time being, as it ‘avoids imposing unnecessary costs on smaller ADIs
while creating a critical mass of CCR data to encourage all credit providers to
undertake the investment needed to participate’.[63]
Entities receiving credit
information
There are two instances in which a credit reporting body
is an eligible credit reporting body (CRB) for a
licensee.
The first is if, on 2 November 2017, there was in
force an agreement between the credit reporting body and credit providers that
required the credit providers to protect credit reporting information that is
disclosed to them from misuse, interference and loss; and from unauthorised
access, modification or disclosure—as required by subsection 20Q(2) of the Privacy
Act.[64]
The second instance is where the conditions (if
any) prescribed by the regulations are met.[65]
Application of Part 3-2CA
New Part 3‑2CA of
the Consumer Credit Act applies in addition to the Privacy Act.
That is, nothing in Part IIIA of the Privacy Act which contains the
framework for the collection, disclosure and use of credit-related information,
is changed by this Bill.
Section 20Q of the Privacy Act
The Bill references subsection 20Q(2) of the Privacy
Act, which relates to the security of credit reporting information.
Subsection 20Q(2) requires a credit reporting body to:
(a) enter
into agreements with credit providers that require the providers to protect
credit reporting information that is disclosed to them under this Division:
(i) from misuse, interference
and loss; and
(ii) from unauthorised access,
modification or disclosure; and
(b) ensure
that regular audits are conducted by an independent person to determine
whether those agreements are being complied with; and
(c) identify and deal with suspected breaches of those
agreements.
|
Scrutiny of Bills Committee
comments
The Scrutiny of Bills Committee expressed its concern that
‘the Bill appears to leave a number of relatively substantial elements of the
mandatory credit reporting scheme—which may have significant privacy
implications—to delegated legislation’.[66]
The Committee singled out the definitions of eligible licensee and
eligible credit reporting body, which as discussed above, rely on
elements to be prescribed in regulations. The Committee was concerned that
this approach could weaken the protections conferred by the Privacy Act,
in particular because:
a licensee that becomes an 'eligible licensee' after 1 July
2018 must make its initial bulk supply of mandatory credit information to a
credit reporting body that meets conditions prescribed by the
regulations—rather than to a reporting body with which the licensee has an
agreement under paragraph 20Q(2)(a) of the Privacy Act.[67]
Information to be supplied
Proposed
subsection 133CR(1) of the Consumer Credit Act requires an eligible licensee to supply mandatory credit
information to each CRB for the licensee.[68]
Under proposed section 133CP of the Consumer Credit Act, mandatory
credit information for eligible credit accounts[69]
held by natural persons is personal information for those accounts that is:
- identification
information about a natural person—being the individual’s full name; any
alias or previous name; the individual’s date of birth; the individual’s sex;
the individual’s current or last known address, and two previous addresses (if
any); the name of the individual’s current or last known employer; and the
individual’s driver’s licence number (if any)[70]
- consumer
credit liability information about a natural person is the name of the consumer
credit provider; whether the provider is a licensee; the type of consumer
credit; the day on which the consumer credit is entered into; the terms or
conditions of the consumer credit that relate to the repayment of the amount of
credit and that are prescribed by the regulations; the maximum amount of credit
available under the consumer credit; and the day on which the consumer credit
is terminated or otherwise ceases to be in force[71]
- repayment
history information—includes the day on which a monthly payment is due
and payable; and if the individual makes the monthly payment after the day on
which the payment is due and payable—the day on which the individual makes that
payment[72]
- default
information—is information in relation to payments that are at least 60
days overdue and where the provider has given a written notice to the
individual informing him, or her, of the overdue payment and requesting payment
of that amount; the provider is not prevented by a statute of limitations from
recovering the amount of the overdue payment; and the amount of the overdue
payment is equal to or more than $150; or a higher amount as is prescribed by
the regulations[73]
- payment
information—if a credit provider has disclosed default information
about an individual to a credit reporting body; and on a day after the default
information was disclosed, the amount of the overdue payment to which the
information relates is paid; then payment information about the
individual is a statement that the amount of the overdue payment has been paid
on that day[74]
- new
arrangement information—if a credit provider has disclosed default
information about an individual to a credit reporting body and because the
individual is so overdue: the terms or conditions of the original consumer
credit that relate to the repayment of the amount of credit are varied; or the
individual is provided with other consumer credit; then new arrangement
information about the individual is a statement that those terms or conditions
of the original consumer credit have been varied, or that the individual has
been provided with the new consumer credit.[75]
Key issue—interaction with the
hardship provisions
Most submitters to the Economics Committee inquiry into the
Bill expressed concern about the interaction between the mandatory credit
information and the hardship provisions which are contained in Part 4
of the National Credit Code.
Operation of the hardship provisions
Clause 72 of the National Credit Code provides for hardship
notice to be given by a debtor who is unable to meet his, or her,
obligations under a credit contract and who reasonably expects to be able to
discharge those obligations if the terms of the contract were changed.
The credit provider may request further information from
the debtor within 21 days of receiving the notice. In that case the debtor
must provide the requested information. The credit provider must make its
decision on the matter within strict time limits and notify the debtor of the
decision.
The credit provider need not agree to change the credit
contract if the credit provider:
- does
not believe that there is a reasonable cause (such as illness or
unemployment) for the debtor’s inability to meet his, or her, obligations or
- reasonably
believes the debtor would not be able to meet his, or her, obligations under
the contract even if it were changed.
Where a credit provider enters into an agreement with a debtor
to change the credit contract as a result of hardship, clause 73 of the
National Credit Code requires a credit provider to give written notice to the
debtor setting out the particulars of the changes to the credit contract,
within 30 days of reaching that agreement.
However, there are exceptions to this general rule.
Clause 203A empowers the Australian Securities and
Investments Corporation (ASIC) to exempt a person, contract, mortgage,
guarantee or consumer lease from all or specified provisions of the National
Credit Code. Accordingly, ASIC Class Order CO
14/41 exempts a credit provider from the requirement to provide written
notice of an agreement with a debtor if the arrangement is a simple
arrangement—being an agreement that defers or reduces the obligations
of the debtor for a period of no more than 90 days.
|
There is a difference of opinion
between submitters about the extent of reporting obligations when a debtor is
in hardship. That issue lies with the requirement to provide the repayment
history information which includes information about the day on which a
monthly payment is due and payable and the meaning of that term.
There is a view that unless a credit default has already
been listed on a consumer’s credit report, entering into a financial hardship
arrangement should not affect a credit report because the consumer has come to
a mutually acceptable arrangement to pay their debt.[76]
To assist debtors guidelines were published by the Office of the Australian
Information Commissioner entitled What
does the term ‘due and payable’ mean in the definition of repayment history information?[77]
Submitters to the Economics Committee sought greater
clarity in relation to this issue.[78]
For instance, ANZ has expressed its belief that it cannot
report customers in hardship programs as being up to date when providing repayment
history information as this would not meet its reporting obligations.[79]
ANZ’s reasoning is as follows:
- where
a customer enters into a temporary arrangement because they are experiencing
financial hardship, there may not be a formal variation to the contract—for
instance if it is a simple arrangement (see ASIC CO 14/41 above). In that case,
the reporting of repayment information must be by reference to whether the
customer has met, and/or continues to meet, their originally contracted
repayments
- where
a customer enters a temporary repayment arrangement which does not vary the
existing contract, the original contracted repayments continue to be due
and payable
- entry
into a temporary arrangement will constitute a waiver by ANZ of its right to
continue enforcement action in relation to the missed contractual repayments
(such arrangements may also be referred to as forbearances or indulgences) and
- although
ANZ is prevented from taking enforcement action for the term of any hardship
arrangements, standard repayments are still due and payable under
the original contract and ANZ would have an obligation to report any missed
repayment(s).[80]
Westpac expressed a similar view that the framework
provided by the Bill does not give credit providers the option to withhold the
fact that customers have not met repayments in accordance with their original
contract.
The current framework does not allow for a ‘hardship flag’,
an indicator that the customer has suffered a short term, unexpected event and
is working with their financial institution. Without the ability to report a
hardship flag, Westpac will not be able to identify customers who are
experiencing short term hardship with another lender.[81]
What is clear is that the response by a credit provider to
a hardship notice is not uniform. Whilst clause 73 of the National Credit Code
refers to a change in the credit contract it does not require the credit
provider to enter into a new credit contract on more favourable terms to the
debtor.
There are sound reasons why this might not occur—principally
that the discharge of one contract and establishment of another is likely to
incur additional customer costs including stamp duty.
Timing for supply of information
First bulk supply
Under the Bill, an eligible licensee must supply
mandatory credit information for at least 50 per cent of all of the
eligible credit accounts held with the licensee (or with a member of a banking
group of which the licensee is the head company) on the first 1 July on
which the licensee is an eligible licensee.[82]
It will be up to the licensee to choose which eligible accounts make up the 50 per
cent.
The general rule is that the first bulk supply of
mandatory credit information to each eligible CRB for the
licensee must occur before the end of the 90‑day period starting on the
first 1 July on which the licensee is an eligible licensee.[83]
This means that the first bulk supply of information must be completed by 24
September 2018.
There is an exception to this rule if the licensee
reasonably believes that the CRB is not complying with
section 20Q of the Privacy Act on 1 July. In that case, proposed
section 133CS of the Consumer Credit Act sets out the procedures to
be followed by the licensee as follows:
- Step
1: the licensee prepares a written notice setting out the licensee’s
reasons for its belief that the body is not complying with section 20Q of
the Privacy Act on that 1 July and stating that the body may try to
convince the licensee otherwise before the end of the 90‑day period
starting on that 1 July[84]
- Step
2: the licensee gives that notice to the credit reporting body, and a copy
to the Information Commissioner and ASIC, within seven days after that
1 July[85]
- Step
3: the licensee prepares a written notice (the final notice)
reiterating the reasons for its belief that the body is not complying with
section 20Q of the Privacy Act on the last day of that 90‑day
period[86]
and
- Step
4: the licensee gives the final notice to the body, and a copy to the
Information Commissioner and ASIC, within seven days after the last day of that
90‑day period.[87]
If, following steps 1 and 2, the licensee ceases to hold
the belief that the CRB is not complying with section 20Q of
the Privacy Act before the end of the 90-day period (called the cessation
day)[88]
the first bulk supply of mandatory credit information in respect of that CRB
for the licensee must occur before the end of the 14-day period starting on the
cessation day.[89]
Subsequent bulk supply
Under the Bill, an eligible licensee must supply
mandatory credit information for all those eligible credit accounts held with
the licensee (or with a member of a banking group of which the licensee is the
head company) that were not supplied in the first bulk supply.[90]
The general rule is that the mandatory credit information
is to be supplied before the end of the 90‑day period starting on the
second 1 July on which the licensee is an eligible licensee.[91]
The exception to the rule for the first bulk supply also operates for the
subsequent bulk supply.[92]
Reporting to
the Minister
The Bill sets out requirements for
both licensees and eligible credit reporting bodies to give the Minister
audited statements (in the form prescribed by regulation) about the mandatory
comprehensive credit reporting regime following each of the initial bulk supply
and the subsequent bulk supply. A failure to comply with the reporting
requirement gives rise to civil penalties of up to 2,000 penalty units for an
individual and 10,000 penalty units for a body corporate.[93] In addition, a person who is subject to a requirement to provide
an audited statement to the Minister commits an offence if they contravene the
requirement. The maximum criminal penalty is 100 penalty units for an
individual and 500 penalty units for a body corporate.[94]
The Australian Banking Association
(ABA) questioned the necessity of providing a statement of compliance to the
Minister—given that it is ‘a regulatory impost which would duplicate the role
of the regulator, ASIC’. The ABA stated its view that ‘only the one process of
audited compliance reporting should be made to ASIC. These statements can then
be provided by ASIC to the Treasurer’.[95] The Explanatory Memorandum to the Bill does not provide a
rationale for the requirement.
How the supply is made
Under proposed
section 133CQ of the Consumer Credit Act information must
be supplied in accordance with the supply requirements which will
be satisfied if the supply complies with:
- the
registered CR code—currently the Privacy (Credit
Reporting) Code 2014 (version 1.2)
- an
ASIC determination setting out the information that must be included in the
supply
- a
technical standard that has been approved by ASIC in writing in relation to the
supply of one or more kinds of information.[96]
Ongoing requirement to supply
Existing provisions of the Privacy Act
Subsections 20N(1) and (2) of the Privacy Act
require a credit reporting body to take such steps as are reasonable in the
circumstances to ensure that the credit information the body collects
and the credit reporting information the body uses or discloses is
accurate, up-to-date, complete and relevant.
Subsection 20N(3) of the Privacy Act requires a
credit reporting body to:
(a) enter
into agreements with credit providers that require the providers to ensure
that credit information that they disclose to the body is accurate,
up-to-date and complete
(b) ensure
that regular audits are conducted by an independent person to determine
whether those agreements are being complied with and
(c) identify and deal with suspected breaches of those
agreements.
Section 21U of the Privacy Act provides that where
a credit provider becomes aware that the credit information or credit
eligibility information it holds about an individual is inaccurate,
out-of-date, incomplete, irrelevant or misleading, the provider must take reasonable
steps to correct the information.
|
The
ongoing supply requirement in proposed section 133CU of the Consumer
Credit Act complements those provisions. The section applies to a
licensee which has supplied a CRB with mandatory credit
information. If on a later day (called the trigger day) the
licensee (or a member of a banking group of which the licensee is the head
company), would reasonably be expected to have become aware that any of the
events that are set out in the table in proposed subsection 133CU(1)
have happened then the licensee must supply the CRB with the
corresponding updated information referred to in the table. Those events are:
- changes
to the information supplied to a credit reporting body which are necessary to
keep the information accurate, up-to-date and complete[97]
- a
payment has been made where default information has previously been supplied to
the credit reporting body[98]
- new
accounts opened after the two initial bulk supplies of information have been
supplied to credit reporting bodies.[99]
The general rule is that the supply of updated information
must take must take place before the end of the 45‑day period starting
on the trigger day.[100]
An exception to the rule operates in an equivalent manner to that for the first
and subsequent bulk supplies.[101]
Offences
The Bill
creates a number of new offences, including:
- a
person commits an offence if the person is subject to a requirement to supply
mandatory credit information for the first bulk supply (under proposed
subsection 133CR(1)) or the subsequent bulk supply (under proposed
subsection 133CR(3)) and the person engages in conduct which contravenes
the requirement[102]
- a
person commits an offence if the person is subject to an ongoing requirement to
supply mandatory credit information (under proposed subsection 133CU(1))
and the person engages in conduct which contravenes the requirement[103]
and
- a
person commits an offence if the person must give a notice if a CRB
later complies with information security requirements (under proposed
sections 133CT or 133CW) and the person engages in conduct which contravenes
the requirement.[104]
In each case the maximum penalty is 100 penalty units for
an individual, being equivalent to $21,000 and 500 penalty units ($105,000) for
a body corporate.[105]
Evidential burden
The Bill inserts the definition of the term evidential
burden into subsection 5(1) of the Consumer Credit Act being, in
relation to a matter, the burden of adducing or pointing to evidence that
suggests a reasonable possibility that the matter exists or does not exist. The
defendant bears the evidential burden in respect of many of the offences in the
Bill.
The Queensland Law Society (QLS) was critical of this
definition on the grounds that it ‘adopts a standard of proof contrary to that
developed by the law over time’ and that its drafting will ‘create confusion
rather than clarification’. QLS recommended that the definition should be
changed to delete the reference to ‘a reasonable possibility’ and insert ‘in
the case of a civil proceeding, on the balance of probabilities and, in the
case of criminal proceedings, beyond a reasonable doubt’.[106]
On‑disclosing credit information
Proposed
section 133CZA of the Consumer Credit Act
applies to a credit reporting body in relation to protected
information being:
- any
information that is supplied to the credit reporting body under Division 2
of new Part 3-2CA and
- any
CRB derived information that is derived from information that has
been supplied under Division 2 of new Part 3-2CA.[107]
Regulations may prescribe:
- the
conditions in which a credit reporting body must disclose, or must not
disclose, protected information to a credit provider
- the
kind or amount of protected information which must be, or must not be, disclosed
and
- the
time within which any disclosure must take place.[108]
Civil penalties of up to 2,000 penalty units for an
individual and 10,000 penalty units for a body corporate apply to any breach of
the requirements contained in the regulations relating to protected information.[109]
In addition, a person commits an offence if the person engages in conduct which
contravenes a requirement set out in proposed section 133CZA
for the disclosure of protected information.[110]
In that case, the maximum criminal penalty is 100 penalty units for an
individual and 500 penalty units for a body corporate.[111]
ASIC’s role
ASIC may, by writing, appoint one or more suitably
qualified persons or the members of one or more classes of suitably qualified
persons as auditors.[112]
In addition, the Bill empowers ASIC to give a written
notice to a Part 3-2CA body to provide a statement containing
specified information about its compliance with that Part.[113]
For the purposes of this obligation a Part 3‑2CA body
is a person that is or has been an eligible licensee or an eligible credit
reporting body for a licensee.[114]
The written notice may be given at any time.[115]
ASIC may also require, in writing, the body to obtain an
audit report prepared by a suitably qualified person before the statement is
given to ASIC.[116]
A failure to comply with such a notice in the time
stipulated in the notice gives rise to both a civil penalty[117]
and/or a criminal offence.[118]
Further,
the Bill imposes obligations for a Part 3-2CA body to give ASIC certain information which is
specified in the regulations;[119]
and to provide ASIC with assistance if it is reasonably requested.[120]
Review of
the Part 3-2CA
The Bill requires the Minister to instigate an independent
review to be conducted of the operation of new Part 3-2CA. The review is to be
completed and a written report given to the Minister before 1 January
2022. The Minister is to table copies of the report in each House of the
Parliament within 15 sitting days of that House after the report is given to the
Minister.[121]
Other
provisions
Item 11 of the Bill amends the Privacy Act
by inserting proposed subsection 20Q(3) which requires a credit
reporting body which holds credit reporting information to store that
information in Australia or an external Territory or using a service:
Concluding comments
The most compelling problem highlighted by the submitters
to the Economics Committee was that of whether and/or how to comply with
reporting obligations whilst at the same time preserving the privacy of those
debtors who have entered into hardship arrangements.
On 28 March 2018, the Attorney-General, Christian Porter,
announced that there would be a review into the hardship arrangements.[122]
Details are available from the review webpage.[123]
Members, Senators and Parliamentary staff can obtain
further information from the Parliamentary Library on (02) 6277 2500.
[1]. In
this Bills Digest, references to the Consumer Credit Act are by way of
section numbers. However, references to the National Credit Code which is a
Schedule to the Consumer Credit Act are by way of clause numbers.
[2]. Consumer
Credit Act, Schedule 1, clause 5.
[3]. Consumer
Credit Act, section 29.
[4]. Part
IIIA was inserted into the Privacy Act by the Privacy Amendment
Act 1990.
[5]. M
Sukkar, ‘Second
reading speech: National Consumer Credit Protection Amendment (Mandatory
Comprehensive Credit Reporting) Bill 2018’, House of Representatives, Debates,
28 March 2018, p. 3015.
[6]. Financial
System Inquiry, Financial
system inquiry: final report, (Murray Report), Treasury, Canberra,
November 2014, p. 190.
[7]. Explanatory
Memorandum, Privacy Amendment (Enhancing Privacy Protection) Bill 2012, p.
14.
[8]. Australian
Law Reform Commission, Australian
privacy law and practice, ALRC report 108, 12 August 2008. Recommendations
54–59 of the report relate to credit reporting.
[9]. Explanatory
Memorandum, Privacy Amendment (Enhancing Privacy Protection) Bill 2012, p.
3.
[10]. Office
of the Australian Information Commissioner (OAIC), ‘Credit
reporting’, OAIC website. See also Privacy (Credit
Reporting) Code 2014.
[11]. Australian
Competition and Consumer Commission (ACCC), Australian
Retail Credit Association Limited—Authorisation—A91482, ACCC website;
Australian Retail Credit Association (ARCA), Principles
of reciprocity and data exchange, ARCA website.
[12]. ARCA,
Principles
of reciprocity and data exchange, op. cit.
[13]. Productivity
Commission, Data
availability and use, Inquiry report, 82, 31 March 2017, pp. 548–9.
[14]. Ibid.,
p. 549.
[15]. ASIC,
Responsible
lending, ASIC website.
[16]. ASIC
issued a regulatory guide entitled Credit
licensing: responsible lending conduct in November 2014.
[17]. Consumer
Credit Act, section 117.
[18]. Consumer
Credit Act, subsection 123(1).
[19]. Consumer
Credit Act, Schedule 1, clause 32A provides that a credit provider must not
enter into a credit contract if the annual cost rate of the contract exceeds 48
per cent.
[20]. J
Hockey (Treasurer), Release
of the Financial System Inquiry report, media release, 7 December 2014;
FSI, Financial
system inquiry: final report, op. cit.
[21]. Ibid.,
pp. 191–2.
[22]. Ibid.,
p. 190.
[23]. Productivity
Commission, Data
availability and use, op. cit.
[24]. Ibid.,
pp. 542–3.
[25]. Ibid.,
p. 556.
[26]. Ibid.,
pp. 556–7.
[27]. Ibid.,
pp. 556–7.
[28]. Ibid.,
p. 557.
[29]. Ibid.
[30]. Productivity
Commission, Data
availability and use, op. cit., recommendation 5.5, p. 38.
[31]. R
Gluyas, ‘Coalition
zeroes in on credit reporting’, The Australian, 14 September 2017,
p. 21.
[32]. S
Morrison (Treasurer), Building
an accountable and competitive banking system, media release, 9 May
2017.
[33]. S
Morrison (Treasurer),
Mandating comprehensive credit reporting, media release, 2 November
2017.
[34]. The
terms of reference for the inquiry, submissions to the Economics Committee and
the Committee’s final report (when published) are available on the inquiry homepage.
[35]. Senate
Standing Committee on Economics, National
Consumer Credit Protection Amendment (Mandatory Comprehensive Credit Reporting)
Bill 2018 [provisions]—report, The Senate, Canberra, 5 June 2018, pp.
38–9.
[36]. Ibid.,
p. 41.
[37]. Ibid.,
p. 51.
[38]. Standing
Committee for the Scrutiny of Bills, Scrutiny
digest, 5, 2018, The Senate, 9 May 2018, pp. 34–9.
[39]. Ibid.,
p. 36.
[40]. KPMG,
Report
to the Australian Retail Credit Association: the benefits of enhanced credit
data exchange, KPMG, January 2015, p. 16.
[41]. Australian
Banking Association, Submission
to the Senate Economics Committee, Inquiry into the National Consumer Credit
Protection Amendment (Mandatory Comprehensive Credit Reporting) Bill 2018,
20 April 2018, p. 2.
[42]. A
Grant (University of Sydney Business School), Submission
to the Senate Economics Committee, Inquiry into the National Consumer Credit
Protection Amendment (Mandatory Comprehensive Credit Reporting) Bill 2018,
n.d., p. 1.
[43]. Queensland
Law Society,
Submission to the Senate Economics Committee, Inquiry into the National
Consumer Credit Protection Amendment (Mandatory Comprehensive Credit Reporting)
Bill 2018, 20 April 2018, p. 2.
[44]. Financial
Rights Legal Centre (jointly with Consumer Action Law Centre, Financial
Counselling Australia, Australian Privacy Foundation and ACCAN),
Submission to the Senate Economics Committee, Inquiry into the National
Consumer Credit Protection Amendment (Mandatory Comprehensive Credit Reporting)
Bill 2018, 20 April 2018, p. 3.
[45]. Office
of the Australian information Commissioner (OAIC), Submission to the Senate
Economics Committee, Inquiry into the National Consumer Credit Protection
Amendment (Mandatory Comprehensive Credit Reporting) Bill 2018, 24 April
2018, p. 3.
[46]. Ibid.,
pp. 4–5.
[47]. J
Malbon, ‘Forcing
the banks to hand over our credit history might help with a home loan but it
has risks’, The Conversation, 3 November 2017.
[48]. C
Yeates, ‘How
your profile may help get a loan’, The Sydney Morning Herald, 30
December 2017, p. 2; E Bagshaw, ‘Customers
of banks face new database “intrusions”’, The Sydney Morning Herald,
7 May 2018, p. 5; A Andriotis and R McMillan, ‘Equifax
slammed for huge data attack’, The Australian, 11 September 2017, p.
22.
[49]. Explanatory
Memorandum, National Consumer Credit Protection Amendment (Mandatory Comprehensive
Credit Reporting) Bill 2018, p. 3.
[50]. The
Statement of Compatibility with Human Rights can be found at pages 41–9 of the Explanatory
Memorandum to the Bill.
[51]. Parliamentary
Joint Committee on Human Rights, Human
rights scrutiny report, 4, 8 May 2018, pp. 12–16.
[52]. International
Covenant on Civil and Political Rights, done in New York on 16 December
1966, [1980]
ATS 23 (entered into force for Australia (except Art. 41) on 13 November
1980; Art. 41 came into force for Australia on 28 January 1994).
[53]. Parliamentary
Joint Committee on Human Rights, Human
rights scrutiny report, 4, 2018, op. cit., p. 13.
[54]. Ibid.,
p. 14.
[55]. Ibid.,
p. 16.
[56]. Ibid.
[57]. Parliamentary
Joint Committee on Human Rights, ‘Correspondence
register’, Australian Parliament website.
[58]. Consumer Credit Act, proposed subsection 133CN(1).
[59]. Importantly,
the definition is inserted into subsection 5(1) of the Banking Act by
item 10 of Schedule 1 to the Treasury Laws
Amendment (Banking Executive Accountability and Related Measures) Act 2018.
The relevant provision does not commence until 1 July 2018.
[60]. Revised
Explanatory Memorandum, Treasury Laws Amendment (Banking Executive
Accountability and Related Measures) Bill 2017, pp. 22–3.
[61]. Westpac,
Submission
to the Senate Economics Committee, Inquiry into the National Consumer Credit
Protection Amendment (Mandatory Comprehensive Credit Reporting) Bill 2018,
23 April 2018, p. 1.
[62]. Ibid.
[63]. Customer
Owned Banking Association (COBA), Submission
to the Senate Economics Committee, Inquiry into the National Consumer
Credit Protection Amendment (Mandatory Comprehensive Credit Reporting) Bill
2018, 20 April 2018, p. 1.
[64]. Consumer Credit Act, proposed paragraph 133CN(2)(a).
[65]. Consumer Credit Act, proposed paragraph 133CN(2)(b).
[66]. Standing
Committee for the Scrutiny of Bills, Scrutiny
digest, 5, 2018, op. cit., p. 36.
[67]. Ibid.,
p. 37.
[68]. This
is a civil penalty provision with a maximum penalty of 2,000 penalty units for
an individual and 10,000 penalty units for a body corporate. Subsection 167(3)
of the Consumer Credit Act provides that the maximum pecuniary penalty
that can be imposed on a body corporate for contravention of a civil penalty
provision is five times the maximum number of penalty units referred to in the
civil penalty provision. Section 4AA of the Crimes Act 1914
provides that a penalty unit is equivalent to $210. This means that the maximum
amount payable for a contravention of this subsection by an individual is
$420,000 and by a body corporate is $2,100,000.
[69]. Proposed
section 133CO of the Consumer Credit Act defines an eligible
credit account as one that relates to the provision, or possible
provision, of consumer credit; is held by one or more natural persons with a
credit provider; and is not of a kind prescribed by the regulations.
[70]. Privacy
Act, section 6.
[71]. Ibid.
[72]. Privacy
Act, subsection 6V(1).
[73]. Privacy
Act, subsection 6Q(1).
[74]. Privacy
Act, section 6T.
[75]. Privacy
Act, section 6S.
[76]. Financial
Rights Legal Centre, Submission to the Senate
Economics Committee, op. cit., p. 4.
[77]. QLS,
Submission
to the Senate Economics Committee, op. cit., p. 3.
[78]. Financial
Rights Legal Centre, Submission
to the Senate Economics Committee, op. cit., pp. 4–5.
[79]. ANZ,
Submission
to the Senate Economics Committee, Inquiry into the National Consumer
Credit Protection Amendment (Mandatory Comprehensive Credit Reporting) Bill
2018, April 2018, paras. 12–16.
[80]. Ibid.,
paras 12–16.
[81]. Westpac,
Submission
to the Senate Economics Committee, Inquiry into the National Consumer
Credit Protection Amendment (Mandatory Comprehensive Credit Reporting) Bill
2018, 23 April 2018, p. 3.
[82]. Consumer
Credit Act, proposed subsection 133CR(2).
[83]. Consumer
Credit Act, proposed subparagraph 133CR(1)(a)(i).
[84]. Consumer
Credit Act, proposed paragraph 133CS(2)(a).
[85]. Consumer
Credit Act, proposed paragraph 133CS(2)(b).
[86]. Consumer
Credit Act, proposed paragraph 133CS(2)(c).
[87]. Consumer
Credit Act, proposed paragraph 133CS(2)(d).
[88]. Consumer
Credit Act, proposed subsection 133CR(5).
[89]. Consumer
Credit Act, proposed subparagraph 133CR(1)(a)(ii).
[90]. Consumer
Credit Act, proposed subsection 133CR(4).
[91]. Consumer
Credit Act, proposed subparagraph 133CR(3)(a)(i).
[92]. Consumer
Credit Act, proposed subsections 133CR(3) and (5). Subsection
135CR(3) is a civil penalty provision with a maximum penalty of 2,000 penalty
units for an individual and 10,000
penalty units for a body corporate. Subsection 167(3) of the Consumer Credit
Act provides that the maximum pecuniary penalty that can be imposed on a
body corporate for contravention of a civil penalty provision is five times the
maximum number of penalty units referred to in the civil penalty provision. The
maximum amount payable for a contravention of this subsection by an individual is
$420,000 and by a body corporate is $2,100,000.
[93]. Consumer
Credit Act, proposed subsections 133CZC(1) and (2). Subsection
167(3) of the Consumer Credit Act provides that the maximum pecuniary
penalty that can be imposed on a body corporate for contravention of a civil
penalty provision is five times the maximum number of penalty units referred to
in the civil penalty provision.
[94]. Consumer
Credit Act, proposed section 133CZE. Subsection 4B(3) of the Crimes Act 1914
provides that a body corporate convicted of a Commonwealth offence is liable to
a maximum penalty equal to five time the amount that could be imposed on a
natural person convicted of the same offence. The Explanatory Memorandum (p.
34) states that the criminal penalty is a ‘continuing offence’. That is, the
person is guilty of a separate offence for each day of non-compliance. For
example, for each day that an eligible licensee fails to supply the initial
bulk supply of information, the penalty amount will apply.
[95]. ABA,
Submission
to the Senate Economics Committee, Inquiry into the National Consumer
Credit Protection Amendment (Mandatory Comprehensive Credit Reporting) Bill
2018, 20 April 2018, p. 4.
[96]. Consumer
Credit Act, proposed subsections 133CQ(1)–(4).
[97]. Consumer
Credit Act, proposed subsection 133CU(1), table item 1.
[98]. Consumer
Credit Act, proposed subsection 133CU(1), table item 2.
[99]. Consumer
Credit Act, proposed subsection 133CU(1), table item 3.
[100]. Consumer
Credit Act, proposed subparagraph 133CU(1)(c)(i). Proposed
subsection 133CU(1) is a civil penalty provision with a maximum penalty of
2,000 penalty units for an individual and
10,000 penalty units for a body corporate. Subsection 167(3) of the Consumer
Credit Act provides that the maximum pecuniary penalty that can be imposed
on a body corporate for contravention of a civil penalty provision is five
times the maximum number of penalty units referred to in the civil penalty
provision. Under section 4AA of the Crimes Act 1914, a penalty unit is
equivalent to $210. This means that the maximum amount payable for a contravention
of this subsection by an individual is $420,000 and
by a body corporate is $2,100,000.
[101]. Consumer
Credit Act, proposed section 133CV.
[102]. Consumer
Credit Act, proposed section 133CX.
[103]. Consumer
Credit Act, proposed section 133CY.
[104]. Consumer
Credit Act, proposed section 133CZ.
[105]. Subsection
4B(3) of the Crimes
Act 1914 provides that a body corporate convicted of a Commonwealth
offence is liable to a maximum penalty equal to five time the amount that could
be imposed on a natural person convicted of the same offence. Under section 4AA
of the Crimes Act, a penalty unit is equivalent to $210. The Explanatory
Memorandum (p. 34) states that the criminal penalty is a ‘continuing offence’.
That is, the person is guilty of a separate offence for each day of
non-compliance.
[106]. QLS,
Submission
to the Senate Economics Committee, op. cit., p. 2.
[107]. Section
6 of the Privacy Act defines CRB derived information as
information about an individual being any personal information (other than
sensitive information) about the individual that is derived by a credit
reporting body from credit information about the individual that is held by the
body; that has any bearing on the individual’s credit worthiness and that is
used, has been used or could be used in establishing the individual’s
eligibility for consumer credit.
[108]. Consumer
Credit Act, proposed subsections 133CZA(2)–(4).
[109]. The
maximum penalty is equivalent to $420,000 for an individual and $2,100,000 for
a body corporate.
[110]. Consumer
Credit Act, proposed section 133CZB.
[111]. Subsection
4B(3) of the Crimes
Act 1914 provides that a body corporate convicted of a Commonwealth
offence is liable to a maximum penalty equal to five time the amount that could
be imposed on a natural person convicted of the same offence. The maximum
penalty is equivalent to $21,000 for an individual and $105,000 for a body
corporate. The criminal penalty is a ‘continuing offence’. That is, the person
is guilty of a separate offence for each day of non-compliance.
[112]. Consumer
Credit Act, proposed subsection 133CZD(1).
[113]. Consumer
Credit Act, proposed subsection 133CZG(1).
[114]. Consumer
Credit Act, proposed section 133CZF.
[115]. Consumer
Credit Act, proposed subsection 133CZG(2).
[116]. Consumer
Credit Act, proposed subsection 133CZG(3).
[117]. Consumer
Credit Act, proposed subsection 133CZG(6). The maximum penalty is
2,000 penalty units for an individual and 10,000 for a body corporate.
[118]. Consumer
Credit Act, proposed subsection 133CZG(7). The maximum penalty is 25
penalty units or six months imprisonment or both.
[119]. Consumer
Credit Act, proposed section 133CZH.
[120]. Consumer
Credit Act, proposed section 133CZI.
[121]. Consumer
Credit Act, proposed section 133CZL.
[122]. C
Porter (Attorney-General), Review
of financial hardship arrangements, media release, 28 March 2018.
[123]. Attorney-General’s
Department (AGD), ‘Review
of financial hardship arrangements’, AGD website.
© Commonwealth of Australia
Creative Commons
With the exception of the Commonwealth
Coat of Arms, and to the extent that copyright subsists in a third party,
this publication, its logo and front page design are licensed under a Creative Commons
Attribution-NonCommercial-NoDerivs 3.0 Australia licence.
In essence, you are free to copy and
communicate this work in its current form for all non-commercial purposes, as
long as you attribute the work to the author and abide by the other licence
terms. The work cannot be adapted or modified in any way. Content from this
publication should be attributed in the following way: Author(s), Title of
publication, Series Name and No, Publisher, Date.
To the extent that copyright subsists
in third party quotes it remains with the original owner and permission may
be required to reuse the material.
Inquiries regarding the licence and
any use of the publication are welcome to webmanager@aph.gov.au.
Disclaimer: Bills Digests are prepared to support the work of the Australian Parliament.
They are produced under time and resource constraints and aim to be available
in time for debate in the Chambers. The views expressed in Bills Digests do
not reflect an official position of the Australian Parliamentary Library, nor
do they constitute professional legal opinion. Bills Digests reflect the
relevant legislation as introduced and do not canvass subsequent amendments
or developments. Other sources should be consulted to determine the official
status of the Bill.
Any concerns or complaints should be
directed to the Parliamentary Librarian. Parliamentary Library staff are
available to discuss the contents of publications with Senators and Members
and their staff. To access this service, clients may contact the author or
the Library’s Central Enquiry Point for referral.