Chapter 4
Serious credit infringements, identity theft and hardship
Introduction
4.1
During the course of the inquiry, Veda Advantage instituted
consultations with the Australasian Retail Credit Association (ARCA) and a
group of consumer representatives – Consumer Credit Legal Centre NSW (CCLC),
Australian Privacy Foundation (APF) and Legal Aid Queensland (LAQ) – in
relation to matters of concern in the Exposure Draft. The consultations
considered five key matters which were highlighted during the inquiry:
- serious credit infringements;
- identity theft;
- hardship flags;
- complaints handling; and
- simplification of key definitions.
4.2
This chapter discusses the first three matters raised. Complaints
handling is discussed in chapter 5 and the simplification of definitions is
discussed in chapters 3 and 9.
Serious credit infringements
4.3
The definition of serious credit infringement in the Exposure Draft is
based on the existing definition in the Privacy Act 1988 (Privacy Act) with
the addition of a new element in relation to a credit provider contacting the
individual:
- an act done by an individual if a reasonable person would
consider that the act indicates an intention, on the part of the individual, to
no longer comply with the individual's obligation in relation to consumer
credit provided by a credit provider; and
- the provider has, after taking such steps as are reasonable in
the circumstances, been unable to contact the individual about the act.
The Companion Guide states that this is consistent with the
Government Response to the Australian Law Reform Commission's (ALRC) Recommendation
56–6.[1]
4.4
In coming to its recommendation, the ALRC was of the view that the
concept of serious credit infringement should not be limited to conduct that is
fraudulent, as some conduct may fall short of fraud but still be of significant
concern, such as where an individual deliberately avoids contact. The ALRC,
however, noted concerns that the breadth of the current definition of serious
credit infringement leaves the definition open to different interpretations.
The ALRC did not think that more detailed drafting was called for, rather that
guidance be provided for credit providers by the Office of the Privacy
Commissioner (Recommendation 56–7).[2]
4.5
The Government Response accepted Recommendation 56–6 and stated that a
credit provider should be required to demonstrate that it has taken reasonable
steps to contact the individual where it intends to list a serious credit
infringement on a reasonable suspicion of non-compliance. The Government Response
concluded:
This will ensure that a serious credit infringement can only
be listed where there is a clear intent by the individual to avoid credit
obligations, which would be demonstrated by the credit provider being unable to
contact the individual after taking reasonable steps.[3]
4.6
The Government accepted in principle the ALRC's recommendation in
relation to guidance but considered it preferable, given the level of concern,
that this be addressed in the binding industry code. The Government Response stated:
This will allow for the guidance to be binding on all those
parties subject to the code and would provide a greater opportunity for
industry, privacy and consumer advocates, and the Privacy Commissioner to work
together to develop appropriate standards for the listing of serious credit
infringements.[4]
Issues
4.7
The addition of the requirement that the credit provider must have taken
reasonable steps to contact the individual was welcomed by the Australian
Privacy Foundation (APF).[5]
4.8
Submitters however, raised serious concerns about the use of serious
credit infringements. Of particular concern was that the credit reporting
regime will not be limited to banks, credit unions and hire-purchase companies.
The new credit reporting system will also include electricity and
telecommunication providers. Submitters commented that the failure to make
repayments on a car loan or credit card, and moving address without informing
the credit provider, should be legitimately regarded as a serious breach.
However, submitters argued that a serious credit infringement is being listed
for less serious, but more common events. The examples provided included a
telephone or electricity account being left in a person's name after they had
moved on from a share-house or failing to provide a forwarding address. It was
noted that the listing of a serious credit infringement may have significant
adverse outcomes for a consumer. Ms Karen Cox, CCLC, stated:
Serious credit infringement is a big deal. It is something
that has serious implications for people's ability to get credit and, possibly,
the price they pay for credit, and we think that the system that looks only at
the credit provider's view of what happened at the time and does not take into
account facts that later emerge treats a lot of consumers very harshly.[6]
4.9
It was also noted that even if the oversight is rectified in a
relatively short period of time, the serious credit infringement remains on the
credit report for seven years.[7]
The seven year retention of a serious credit infringement is longer than
bankruptcy information or any other type of default information. In addition, the
Consumer Action Law Centre (Consumer Action) commented that a serious credit
infringement is the only information that can be included in a credit report
that is based on the credit provider's opinion regarding the individual's
conduct.[8]
Ms Carolyn Bond, Consumer Action, stated:
...if you say, 'I have been overseas for three months, I
thought I had paid that credit card off. I did not realise there was $100 owing
on it'—sorry, serious credit infringement: that is there now for seven years.
'Sorry, that is it.' You cannot do a thing. So it is based on what the credit
provider thinks at the time, even if later on the credit provider might think,
'Oh well, if I had known they were only overseas and they were coming back, or
if I had known the person was in hospital,' or something like that, and there
was a reasonable excuse, 'I wouldn't have listed it.' But at the moment, once
it is listed, it is there for that entire period of time, and it sends out a
pretty scary flag to anyone who is likely to lend you money.[9]
4.10
Submitters, including the APF, noted that while the Exposure Draft
appears to focus on the 'fraud' aspect of a serious credit infringement, it
appears that this is rarely a cause for a serious credit infringement. It was
believed that, in most cases, serious credit infringements are listed because
an individual has failed to respond to correspondence from the lender. The CCLC
stated that there should be some mechanism to allow a serious credit
infringement to be downgraded or removed completely if it is subsequently
demonstrated that the debtor has not attempted to defraud the credit provider,
or to permanently evade his or her obligations. While a credit provider should
not be penalised if they formed the requisite opinion on reasonable grounds,
the consumer should not be unfairly penalised if that opinion is shown to be
unfounded once all the requisite facts are known.[10]
4.11
Some submitters were of the view that there should be a separate
category for suspected fraud rather than combining the two distinct scenarios:
the individual or group acting fraudulently (parts (a) and (b) of the
definition); and other individuals who have left an address or changed phone
numbers without advising the lender (part (c)). There was agreement that a
serious credit infringement should be listed for fraudulent activity. Submitters,
however, argued that listing a serious credit infringement in the second
scenario was very harsh, particularly where the consumer did not know of the
debt or the consumer makes contact soon after the listing is made and pays the
outstanding amount.[11]
Legal Aid Queensland (LAQ) added that telephone companies can back bill for a
period of up to 180 days and it is thus not surprising that individuals may
legitimately believe that they have paid a final account with a provider.[12]
4.12
Consumer Action stated that the Exposure Draft provides for serious
credit infringements to be listed immediately without waiting for 60 days
arrears. This is a benefit to credit providers, as they are able to act quickly
if a borrower is committing fraud, the provider may be able to avoid suffering
losses. However, Consumer Action argued that the ability to list a serious
credit infringement so quickly can mean that consumers have little time to show
there is a reasonable excuse for failing to respond to correspondence. Consumer
Action argued that the benefit to creditors must be balanced with appropriate
protections for consumers.[13]
4.13
Consumer Action suggested that the interests of industry and consumers
could be met by allowing a credit provider to list a serious credit
infringement in the circumstances outlined in the Exposure Draft, but requiring
the credit provider to confirm the serious credit infringement listing after
six months has elapsed. If the serious credit infringement is not confirmed by
the credit provider, it should be removed. Consumer Action concluded that this
would meet the industry's desire to have access to information about potential
fraud (or genuinely serious conduct) as soon as possible, but treat consumers
more fairly.[14]
4.14
In addition, Consumer Action and the CCLC suggested:
- debts for utilities which are provided to a particular address
(that is, excluding mobile phones) should not be able to be listed as serious
credit infringements. Alternatively, the Privacy Act could allow such debts to
be listed if they are over a threshold amount, for example, $1 000;
-
a serious credit infringement should not be able to be listed by
a credit provider that holds any security over the debtor's home; and
- a serious credit infringement should be removed if it is later
determined that had all the facts been known, it would not have been reasonable
for the credit provider to form the view that it was the individual's intention
to no longer comply with his/her obligations.[15]
4.15
Other submitters also suggested changes to the serious credit
infringement provisions. LAQ suggested that:
- those credit providers which are not subject to the responsible
lending criteria under the National Consumer Credit Code (generally utilities
or other service providers), should not list a serious credit infringement
unless they can establish fraud;
-
in relation to those credit providers subject to the National
Consumer Credit Protection Act 2009 (NCCP Act), the legislation could
provide that they may list a serious credit infringement that meets the
criteria contained in part (c) of the definition if the following additional
criteria are met:
- the amount overdue is more than $500; and
- the amount is overdue for more than 60 days; and
-
the legislation could provide that the credit provider must
remove the listing if the basis on which they formed the view that the person
indicated an intention not to pay was not reasonable if all the facts were
known to the credit provider at the relevant time.[16]
4.16
The APF was of the view that, given the serious impact of the recording
of a serious credit infringement, the provisions relating to correction should
provide further clarification in relation to correction of a serious credit
infringement. Given that a serious credit infringement is based on an
'opinion', the APF also argued that it is unclear when a serious credit
infringement might be 'inaccurate' (subsection 149(2) –correction of
information that is inaccurate, out-of-date, incomplete or irrelevant).[17]
Outcome of consultations
4.17
As a result of the Veda Advantage consultations, an agreed position on
serious credit infringements was provided to the committee. It was suggested
that the definition of serious credit infringement be deleted and two new
definitions be added:
- un-contactable default:
- a default that is listed where the debtor has not responded and cannot
be contacted throughout the default period;
- the default would remain listed for seven years; and
- if at any point the debtor contacts the credit provider/default
lister, the default is re-categorised as a standard default which remains
listed for five years from the date of original listing; and
- never paid flag:
- can only be listed by a telecommunications or utility credit
provider after 60 days when the credit provider has:
- never received any payment on the account;
- has reasonable grounds to believe that the consumer never had any
intention to make a payment on the account;
- the flag is removed at the end of six months and may be converted
to an un-contactable default;
- guidance to be provided in the Code of Conduct on what
'reasonable grounds' might be, including evidence that the consumer is
un-contactable, and/or evidence of a pattern of dishonesty; and
- guidance to be provided in the Code of Conduct on how to deal
with compassionate reasons why some consumers might be un-contactable (for
example, ill-health, mental health issues, language difficulties).[18]
Response from the Department of the
Prime Minister and Cabinet
4.18
The Department of the Prime Minister and Cabinet (the department)
provided a response to the outcomes of the consultation process. The department
noted that the definition of a serious credit infringement is contained in
section 180, with a new requirement in subparagraph (c)(ii) to require a credit
provider to take reasonable steps to contact the individual. Regarding the
proposal to replace the definition of serious credit infringement with two new
definitions, 'un-contactable default' and 'never paid flag', the department
considered that the proposal combines the current regulation of serious credit
infringements with the regulation of default listings. The department stated
that:
The ALRC recommended that serious credit infringements should
be retained to deal with fraudulent activity or situations in which a
reasonable person would consider that the individual does not intend to comply
with their consumer credit obligations. The Veda proposal appears to remove
any element of fraudulent activity from consideration, apparently reclassifying
serious credit infringements into a default that occurs when a person cannot be
contacted.
The Department considers that the exposure draft effectively
implements the Government's response to ALRC recommendation 56–6.[19]
Committee comment
4.19
The committee notes that the ALRC considered that the definition of
serious credit infringement should not be limited to fraud and did not
recommend a change to the definition in the current Privacy Act. The Government
accepted the ALRC's recommendation making it clear that the Government also did
not support limiting a serious credit infringement to cases of fraud. The only
change from the current Privacy Act is the additional requirement for credit
providers to take reasonable steps to contact the individual.
4.20
The listing of a serious credit infringement has a significant adverse
impact on a consumer, as it should in relation to acts of credit fraud.
However, the committee acknowledges the concerns of privacy and consumer
advocates in the listing of a serious credit infringement where there has been
an 'inadvertent' loss of contact with the credit provider such as moving without
passing on a change of address to a telecommunications or utilities provider.
In addition, a serious credit infringement remains listed for seven years and
there is no avenue for removal of the listing if it is found subsequently that
the consumer did not have an intent to defraud.
4.21
The committee considers that some of the concerns identified will be
addressed through the addition of the requirement that a credit provider take
reasonable steps to contact the individual. Guidance on the meaning of taking 'reasonable
steps' and 'reasonable grounds', will be addressed in the binding industry code
as indicated in the Government Response and will assist in ensuring a
consistent approach by credit providers.
4.22
In relation to the approach proposed as a result of consultations
between industry stakeholders and advocates, the committee considers that there
is some merit in this approach. It appears that the concerns of consumer
advocates will be addressed in relation to listings by telecommunications and
utilities providers as well as providing some flexibility where a debtor
contacts the credit provider/default lister. In addition, this approach has the
advantage of providing a more appropriate response to the vast majority of
matters which are currently dealt with as serious credit infringements that
arise from telecommunications and utilities debts. However, the committee is
concerned that the approach proposed does not reflect the serious nature of
intentional credit fraud as is provided for in the current credit reporting
system. The committee therefore considers that further consideration will need
to be given to the approach proposed before such a significant change to the
serious credit infringement provisions can be recommended.
Recommendation 8
4.23 The committee recommends that consideration be given to a change of
approach in dealing with serious credit infringements to allow for those
listings, not relating to intentional fraud, to be dealt with in a different
manner.
Identity theft
4.24
Pursuant to section 113 of the Exposure Draft, an individual may, if
they believe on reasonable grounds that they have been or are likely to be the
victim of fraud, request a credit reporting agency not to use or disclose
credit reporting information held by that agency. Section 113 also provides:
- an exception if the individual expressly consents, in writing, to
the use or disclosure of the credit reporting information or the use or
disclosure is required by or under Australian law or an order of a court or
tribunal;
- commencement of the ban period when the individual makes a request;
- an initial ban period of 14 days;
- an extension of the ban period 'by such period as the agency
considers reasonable in the circumstances' if the individual so requests before
the ban period ends and the agency believes on reasonable grounds that the
individual has been, or is likely to be, a victim of fraud; and
- that credit reporting agencies cannot charge an individual for
making or giving effect to a request for a ban period.
4.25
Section 134 requires credit providers to withhold information from
credit reporting agencies where credit is provided 'during' a ban period.
4.26
The provisions in the Exposure Draft reflect ALRC Recommendation 57–5.
The ALRC supported the right of individuals to prohibit the disclosure by a
credit reporting agency of credit reporting information about them without
their express authorisation (that is, to 'freeze' disclosure). The ALRC also
supported that during this time, should a credit provider advance credit, no
information should be listed, in particular, default information, concerning
that credit, except with the consent of the individual.[20]
In accepting the ALRC's recommendation, the Government stated:
The Government strongly agrees that there should be measures
in place to allow individuals to highlight to potential credit providers in
their credit reporting information that they are a victim of fraud, including
identity theft. These measures could assist in preventing credit reporting
information from being used to perpetuate fraud.[21]
4.27
The ability to request a ban period was welcomed by the APF. However,
the APF raised the following matters:
- there should also be provision for action by credit reporting
agencies which become aware of fraud by other means;
- the 'reasonable grounds' provision may lead to disputes,
therefore consideration should be given to placing a ban on a report if there
is any doubt;
- the use or disclosure of credit reporting information where an
individual expressly consents in writing is too broad; and
- the extension period 'by such period as the agency considers is
reasonable in the circumstances' provides too much discretion to the credit
reporting agency and an appeal mechanism should be provided to individuals.[22]
4.28
The APF commented that, in relation to fraud and the destruction of
credit reporting information in cases of fraud, the credit reporting agency
must be 'satisfied' that the individual has been a victim of fraud (paragraph 126(1)(c)).
However, there is no obligation for the credit reporting agency to take steps
to satisfy itself of the fact, often leaving the consumer to prove that s/he
didn't apply for credit. The APF argued that it may be necessary to place
obligations on credit providers and credit reporting agencies to assist in the
investigation of a fraud allegation.[23]
4.29
Other submitters also noted that there is no provision for a
notification requirement so that a credit provider can be advised that a ban
period is in place and when it ends.[24]
The ANZ Bank commented that if the ban period is disclosed to the credit
provider, it will 'trigger' the credit provider to obtain consent from the
individual to obtain credit reporting information. Further, disclosure of the
ban period will alert the credit provider that they may be dealing with a
fraudster and therefore need to take additional steps to protect the individual
from further fraud.[25]
4.30
In relation to the length of the initial ban period, the Law Institute
of Victoria, (LIV) submitted that it was onerous for individuals to apply for
an extension to the ban period every 14 days. Rather, the ban should apply
until after appropriate investigations have been conducted and concluded.[26]
The Telecommunications Industry Ombudsman (TIO) also noted that, in the TIO's
experience, 14 days is not an adequate period of time for a consumer's
complaint to be considered and resolved. The TIO pointed to a number of matters
for further consideration including whether provision could be made for an external
dispute resolution (EDR) scheme to request a ban period and/or extension to a
ban period when a matter had been referred to an EDR scheme. The TIO went on to
suggest that where an individual believes that they are a victim of fraud, it
may be reasonable for a ban period which:
- is consistent with complaint handling guidelines pertinent to the
credit provider responsible for investigating the matter, for example, 30 days
in the telecommunications industry; and
- where the matter is referred to an EDR scheme, lasts until the
case is closed.[27]
4.31
Experian did not support the ban provision and stated that it preferred
a system that allowed an individual to require a credit reporting agency to put
a 'flag' on the individual's file that notifies recipients of the credit
information that the individual may be a victim of fraud or identity theft. Experian
added that such 'flagging' systems are used successfully in other
jurisdictions.[28]
4.32
Experian went on to state that it considered that the ban mechanism
would not prevent fraud nor would it satisfactorily alert credit providers to
potential identity fraud associated with the individual. It appears that credit
providers would simply receive a 'nil' result from any searches performed on
the individual. As a consequence, Experian argued that there was a danger that
individuals, who are genuine adverse credit risks, to use the system to
deliberately conceal poor credit histories from prospective credit providers.[29]
4.33
In addition, Experian pointed to a number of aspects of the proposed
provisions which it considered would be unworkable in practice:
- it is unclear what evidence is required for the credit reporting
agency to put a ban in place. The time taken to examine the details of the
alleged or suspected fraud may be to the consumer's disadvantage. A flag on a
file would provide a more timely indication to a credit provider that there may
be a problem with fraud;
- it may be difficult for a credit reporting agency to ensure that
the correct person is providing the written consent to use, or disclose, their
information;
- there is a need for a maximum period of ban, as it appears that
under the proposed provisions it may continue indefinitely or require the
credit reporting agency to repeatedly consider requests for an extension; and
- the interaction of section 134 and the ban provisions would mean
that a credit reporting agency would not receive updated information from a
credit provider. This would result in degraded information on a credit file if
a ban was in place for an extended period of time. Experian commented that this
would not be consistent with the need to ensure that credit files are accurate,
up-to-date, complete and relevant. This could be addressed by allowing
information to be added to files but to be marked private or restricted until
the ban period has expired. The new information would then be available,
subject to any corrections sought by the consumer under section 121. Experian
noted this system is in place in other jurisdictions in which it operated.[30]
4.34
Veda Advantage stated that, while it understood the intended purpose, 'bans
are not without challenges'. For example, if a consumer genuinely applies for
credit during the ban period, automated systems commonly used by lenders are
likely to decline the application or 'people may deliberately keep shut their
file to avoid negative information appearing'. Veda went on to comment that an alternative
solution could include a fraud flag, allowing the victim of identity theft to apply
for credit, but alerting the credit provider of the necessity for higher
vigilance regarding identity.[31]
4.35
In addition, Veda commented that the legislation is too prescriptive concerning
the steps a credit reporting agency must take, thus preventing the flexibility
required to adapt as fraudster's techniques change. Instead, Veda Advantage
recommended:
...the legislation should mandate the outcome – 'the CRA
shall take all reasonable steps to enable a consumer to ban use or disclosure
of credit reporting information' – and leave operational details to an industry
Code of Conduct and, where appropriate, regulation.[32]
Outcome of consultations
4.36
The agreed position arising from the Veda Advantage consultations
between stakeholders was that:
- rather than prescribing bans, the credit reporting system should
provide for:
- obligations on credit reporting agencies and credit providers to
take reasonable steps to:
- help correct victims of identity theft from further consequences
of theft;
- correct any inaccurate listing due to identity theft;
- obligations on credit reporting agencies to provide a flag on the
file noting the consumer alleges they have been a victim of identity theft
(this information must be made available to all credit providers accessing the
affected information file);
- more detailed provision to be included in the Code of Conduct;
- the data exchange standard to provide technical specification for
the flag;
- statute to oblige credit providers to have appropriate policies
and procedures in place to act on the flag and to appropriately assess credit
applications in the name of a consumer that has such an entry.[33]
Response from the Department of the
Prime Minister and Cabinet
4.37
The department commented on the proposal to implement a 'flag' system
rather than a 'freeze'. Under the 'flag' proposal, use and disclosure of an
individual's credit reporting information would be permitted. The department
noted that the proposal does not include a provision based on section 134,
which states that a credit provider cannot list credit as part of an
individual's credit information if the credit provider extended the credit to
an individual whose information is subject to a ban period without having taken
sufficient steps to verify the identity of the individual. Rather, it is proposed
that credit providers would be required to have appropriate policies and
procedures in place to appropriately assess credit applications.
4.38
The department noted that there is extensive discussion in chapter 57 of
the ALRC report on the issue of identity theft and credit reporting. The ALRC
considered both 'flag' and 'freeze' models before recommending the 'freeze'
model (Recommendation 57–5). The department noted that 'the Government strongly
agreed with the need for protective measures for individuals against identify
theft, and the Government also specifically agreed with the elements of the
ALRC's recommendation'. The department concluded that the Exposure Draft effectively
implements the Government's clear policy directions to establish a 'freeze'
model for use by individuals in the event of fraud and identity theft.[34]
Committee comment
4.39
As noted by submitters, the incidence of identity theft has increased
substantially. Submitters also noted that credit reporting assists in the
reduction of fraud, particularly identity theft. Credit reporting allows
monitoring of activity on credit accounts such as whether any unusual credit
behaviour is occurring. Comprehensive reporting is also generally accompanied
by increased levels of automation that improves identity verification and data
quality and matching.
4.40
In addition to the monitoring undertaken by credit providers and credit
reporting agencies, consumers must also have access to an efficient system that
allows them to notify their credit provider when they suspect that they may
have been the victim of identity theft. Once notification has been given by a
consumer, a mechanism within the credit reporting system should highlight that
an instance of identity theft may have occurred. As noted by the department, the
ALRC considered both flags and freezes as means of highlighting that fraud may
have occurred. Submitters to the ALRC inquiry including Veda, ARCA, Consumer
Action and National Legal Aid supported a freeze on credit reporting
information.[35]
Flags were not supported as it was argued that they may have no effect where
credit reporting information is processed electronically.
4.41
The alternative approach now being put to the committee supports the use
of flags, as it was argued that a flag would notify credit providers to proceed
with caution when assessing credit applications. It was also stated that this
approach provides a simpler model to deal with possible fraud and does not
affect provision of data updates to credit providers, while putting the credit
provider on notice of suspected fraudulent activity. Support for this approach
seems to be based on concerns that:
- the ban approach could be used by people with flawed credit
reports to restrict access; and
- the process will require credit providers to implement complex
management systems.
4.42
In relation to people using the system to restrict access, the committee
notes that paragraph 113(2)(a) of the Exposure Draft expressly permits
disclosure where the person expressly consents. A credit provider could simply
seek approval from the individual, after making reasonable efforts to identify
the person (consistent with section 134). As to the need to implement
management systems, the committee notes that credit providers obtain
significant benefits from increased information flows in the credit reporting
system. In addition, the committee considers that ensuring effective protection
for potential victims of identity fraud is part of the responsibility of
accessing more comprehensive credit reporting system.
4.43
The committee also notes the department's comments in relation to section 134.
4.44
Having considered the above matters, the committee is not persuaded that
the use of flags is a significant improvement on the use of bans. As noted by
Veda, both systems have challenges, however, the provisions of the Exposure
Draft reflect the ALRC's recommendations.
4.45
In addition, the committee notes three aspects regarding the ban
provisions in the Exposure Draft. First, there appears to be some concern that
there is no provision for a credit provider to be notified that a ban period is
in place or when it ends. The committee notes that the Government Response
states that:
Where credit providers seek access to credit reporting
information that has been restricted, credit reporting agencies would be
required to advise the credit provider that they are unable to release information
due to the individual's concerns about fraud.[36]
4.46
The committee understands that there appears to be nothing in section
113 to stop a credit reporting agency informing a credit provider that there is
a ban period in place. However, the committee considers that the intent of the
Government's response should be made clearer. In addition, this will assist
with concerns that ban periods may not be an effective mechanism for dealing
with identity fraud.
4.47
Secondly, the committee has noted comments in relation to the need to
extend the ban period every 14 days. The committee considers that this is an
onerous obligation on consumers already facing the challenge of dealing with
potential identity theft. The committee has noted concerns that long ban
periods may result in degraded credit information. However, the committee
considers that identity theft is a difficult matter and may take some time to
resolve. The committee thus considers that the initial ban period of 14 days is
too short and a more realistic period is 20 to 30 days. In relation to concerns
about credit information degradation, the committee again reiterates that
credit reporting agencies and credit providers obtain significant benefits from
increased information flows in the credit reporting system and therefore the
obligation to ensure that accurate information is recorded must rest with them.
4.48
Thirdly, the committee is concerned as to whether the provisions will
provide enough flexibility to respond to the ever changing ways in which fraud
is perpetrated. This is a difficult issue to address: legislation must be clear
to allow consumers and industry to meet their obligations and understand their
rights, but not allow fraudsters to identify the means to get around systems
developed in response to statutory obligations.
Recommendation 9
4.49
The committee recommends that the Exposure Draft be reviewed to ensure
that the intent of the Government's response to ALRC Recommendation 57–5, that credit
reporting agencies be required to advise a credit provider that they are unable
to release information due to an individual's concerns about possible fraud, is
clearly provided for.
Recommendation 10
4.50 The committee recommends that the time of the initial ban period be
extended from 14 days to 21 days.
Hardship flags
4.51
While the term 'hardship' is not used in the Exposure Draft, it is used
in the National Consumer Credit Protection regime. In that context, a consumer
may request a change to the terms of their credit contract on the grounds of
hardship. Hardship only applies when the consumer changes the terms of their
contract. If the consumer refinances, a new contract is entered into and it is
not regarded as hardship.
4.52
The Government Response to Recommendation 58–2 stated that 'where a
default or serious credit infringement has been listed in an individual's
credit reporting information and the individual enters a new scheme of
arrangement relating to that listing, any future default under that arrangement
may be listed separately'. Accordingly, section 181 of the Exposure Draft
defines credit information to include 'new arrangement information', which is
then defined in section 184. The definition covers new arrangements entered
into as a result of default or serious credit infringement, and includes as a
new arrangement either a variation of the original credit contract or new
consumer credit that relates to the original lending.[37]
4.53
The committee received evidence about how hardship is treated in
repayment history information. On the one hand, consumer advocates argued that consumers
have a right to hardship variations under the NCCP Act and, if they have not
already defaulted or listed for a serious credit infringement, consumers should
not be subject to a hardship flag when they are only exercising a legal right.
Credit providers, on the other hand, supported a 'flag' system arguing that
hardship information is required for them to fulfil their responsible lending
obligations.
4.54
Consumer and privacy advocates provided the committee with examples of
where they believed it would not be appropriate for a hardship flag to be
included in repayment history information. The CCLC noted that, as a result of
the Queensland floods, lenders provided agreed moratoriums. Consumers accepted
these moratoriums to assist them in coping with costs associated with the
floods. The CCLC commented that in such circumstances it did not follow that
the consumer could not meet the loan repayments. Rather, consumers took up an
offer from the credit provider, and therefore hardship flags or recording a
negative payment history would be inappropriate. Further, the lender offered
the new arrangements unbidden. The credit report, if no agreed variation is
recorded, would thus be misleading.[38]
The LAQ supported the CCLC's view.[39]
4.55
Ms Carolyn Bond, Consumer Action, commented further:
I think that one key thing we want to get out of this is that
we want to make sure that somebody who approaches their lender about a
variation or even a hardship is not worse off in relation to what is on their
credit report than someone who does not do that. We tell people to talk to
their credit provider early. What we do not want to see is someone ringing up a
credit provider and saying, 'Look, I am not in default at the moment. Things
are getting a little bit tough. Can I pay a lower payments for six months?' If
that were flagged as hardship automatically, I think that you would find that
people just would not do it unless they absolutely had no choice. I think we
need to encourage people even before they are in hardship to say, 'Just in
case,' or, 'Talk to your credit provider early.' Clearly, if people default and
then they ask for hardship later, there will be a default on their record. But
I just have concerns about noting hardship where perhaps somebody is wondering
whether they should talk to their credit provider or not. We do not want people
to say that they had better not because they might be worse off if they speak
to them.[40]
4.56
Credit Ombudsman Services Limited (COSL) also argued that an
individual's repayment history should take into account any variations to the
terms of the contract between the credit provider and the individual. These
variations may arise due to temporary financial hardship or any number of other
circumstances. The COSL observed that:
If the parties have agreed to vary the contract so that the
times at which repayments are due and/or the amounts of the repayments have
changed, it would be nonsensical to report repayment history against the
repayment obligations as they stood before they were varied, or against any
other repayment schedule.[41]
4.57
Similarly, CCLC did not agree that a hardship variation should be
recorded in a repayment history, rather it should be treated as an agreed
variation and should not result in a negative repayment history. The CCLC noted
borrowers have the right under the National Credit Code to apply to vary their
contract on the grounds of hardship where they are unable to pay as a result of
illness, unemployment or other reasonable cause. If this occurs before a
default and the lender agrees and the consumer adheres to the arrangement, the
CCLC argued that the credit report should still reveal an unimpaired repayment
record. The CCLC went on to state:
This is consistent with the concept of a contract variation
under the law and with contractual principles. It is also consistent with the
right to a hardship variation under the law.[42]
4.58
The CCLC saw potential harm to consumers if a hardship variation is
recorded as:
- the consumer may not seek early assistance from their credit
provider for fear of impacting on their credit report, greatly reducing their
chances of getting a workable arrangement in place;
- there will be no incentive for consumers to seek early
assistance, or to get an arrangement in place after defaulting, because the
result for their credit report will be the same whether they make an official
arrangement with their credit provider or not;
- the consumer may seek to refinance on less favourable terms (that
is turn to predatory loans) in order to avoid unfavourable information being listed
on their credit report, ultimately reducing their capacity to recover from financial
hardship in the longer term; and
- the consumer may be charged a higher interest rate on credit in
future as a result of a period of temporary hardship, despite the fact that the
loan was ultimately repaid within a reasonable time - this is undesirable from
a social equity perspective, and may create otherwise avoidable financial difficulty
in the future as a result of the higher cost of credit. It also defeats the
purpose of government initiatives aimed at improving access to temporary
hardship arrangements and promoting financial rehabilitation.[43]
4.59
Credit providers argued that hardship should be able to be listed on
credit repayment histories. The ANZ Bank, for example, commented that the
definition of repayment history information needs to be defined more broadly so
that it can include an indication of when an individual is in hardship. The ANZ
Bank noted that there are adverse consequences for both the individual and
credit providers if their repayment history shows either that the individual is
making their regular monthly repayment or is not making any repayments when in
fact a hardship arrangement is in place. The ANZ Bank recommended that the
definition of repayment history information be amended so that hardship
arrangements can be reported thus ensuring that consumers are protected from a
default listing or payment history deterioration.[44]
4.60
ARCA also stated that the credit reporting regime should allow for the
disclosure of hardship 'pre-default'. If not, the consumer's credit report
would start to show delinquency issues that are indistinguishable from
situations where this is not the case. ARCA submitted that the consumer may
then find it very difficult to get credit when they both need it and it would
responsible to grant it.[45]
Mr Carlo Cataldo, ARCA, commented:
One option is to disallow reporting of hardship altogether
and protect those who are victims of these circumstances beyond their control,
but leave creditors or credit providers blind to the circumstances where a
consumer has recognised that they are in difficulty and seek assistance—the
exact circumstances that credit providers and ARCA members do not want—and are
obligated not to further extend credit. This would seem to be just as unfair,
possibly even more so, to those who did contribute to their difficulty in some
manner, but may need greater protection.[46]
4.61
If hardship was included in repayment histories, industry also supported
that the listing should allow for the distinction between circumstances where a
debtor is a victim of circumstances beyond their control, such as a natural
disaster, and where a person is facing financial difficulty and seeks
assistance because they are overcommitted. Dr David Grafton, Commonwealth
Bank, commented:
But the issue for us, particularly if you think about the
requirements under the new legislation that we are considering here today, is
that it is very difficult for us to distinguish in our reporting between those
customers...we are dealing with on the basis of difficulties that are outside
of their control and those customers who have actually got themselves
overcommitted, and therefore we would have a very different set of concerns in
relation to those customers.[47]
4.62
ARCA supported amending the provisions of the Exposure Draft to allow
for flagging compassionate action in difficult circumstances.[48]
Mr Cataldo, ARCA, suggested a data standard to allow the identification of
consumers who are victims of circumstances beyond their control versus those
who had a part in their financial matters and are not meeting their
obligations. Mr Cataldo went on to state:
This could be simply done by a standard allowing hardship to
be reported under different codes: (1), for instance, where the hardship is
clearly due to circumstances beyond their control such as a natural disaster
and (2) where it is not. That will enable groups to be treated appropriately,
which would seem a better outcome than having to choose who gets fair
treatment.
...ARCA advocates an approach that better enables fairer
treatment of consumers dependant on their circumstances, something that the
NCCP Act on responsible lending obligations already requires.[49]
Outcome of consultations
4.63
During the consultations, the position of credit providers and consumer
advocates were identified. No agreed response was provided to the committee.
Committee comment
4.64
The committee notes the different views in relation to hardship flags
put forward by credit providers and consumer advocates. The suggestion from
credit providers that a 'flag' system be implemented without first listing a
default was considered by the ALRC but not agreed to. The ALRC commented:
The ALRC is not convinced that allowing the reporting of
schemes of arrangement without a default report being listed first is
desirable—especially in the absence of any significant support from consumer groups
for such a reform.[50]
4.65
The ALRC recommendation, accepted by the Government, is to basically
maintain the current arrangement in the new legislation.
4.66
The committee notes the arguments from industry that hardship
information is essential to fulfil their responsible lending obligations, as
without it a complete picture of an individual's credit worthiness cannot be
obtained. However, the committee is mindful of the concerns of consumer
advocates. Consumer advocates pointed out that people have a right to hardship
variations under the NCCP Act and, if they haven't already defaulted or been
listed for a serious credit infringement, they should not be subject to a
hardship flag for exercising a legal right to seek a variation of their
obligations.
4.67
On balance, the committee supports the views of consumer advocates: that
if a person has not defaulted and enters a new arrangement for existing credit,
no hardship variation should be recorded. There are a wide range of legitimate
reasons for consumers to seek a hardship variation and to apply for more
credit, including natural disasters and personal issues such as loss of
employment. If a person, who has not defaulted and is up-to-date on their
repayments, seeks a hardship variation on a ground accepted by the credit
provider, and then applies for further credit, it is for the credit provider to
consider the application. That credit provider will have information about the
existing credit, and can make inquiries of their own about the person's reasons
for seeking credit, as required by responsible lending obligations. The
committee therefore does not consider that the addition of provisions to the
Exposure Draft for hardship flags is warranted.
4.68
The committee notes, however, that the meaning of new arrangement information
(section 184) only applies where a consumer has already defaulted. The
committee supports expansion of new arrangement information to include circumstances
where a person seeks a new arrangement before they default. As a consequence, new
arrangement information will be held as credit information about the
individual.
Recommendation 11
4.69 The committee recommends that consideration be given to expanding the
meaning of new arrangement information to include circumstances where an
individual seeks new terms or conditions for their original consumer credit
before they default.
Navigation: Previous Page | Contents | Next Page