People of the same trade seldom meet together, even for merriment and diversion, but the conversation ends in a conspiracy against the public, or in some contrivance to raise prices.
— Adam Smith, The Wealth of Nations (as quoted in Civilisation 4)
The New Zealand Banking Code of Practice, which introduces new provisions that arguably undermine public trust in internet banking, needs to be revisited. Last week the Australian owners of most of New Zealand’s banks all made clear statements indicating they would not follow New Zealand’s lead and make customers more accountable for online fraud.
While it is pleasing to see that New Zealand’s banks indeed have a measure of local autonomy, the public might prefer it if it were better employed. To this end, Computerworld and the Dominion Post’s InfoTech Weekly have jointly proposed amendments to the controversial code, which came into effect on July 2.
The proposed changes, put to the Bankers’ Association last Wednesday, would strike a balance between recognising the concerns banks have regarding customer behaviour, while providing customers with the assurances they need to continue to confidently bank online.
The code of practice, as it stands, means customers could be liable for the losses from internet fraud, up to their overdraft limit, if they access internet banking using computers that are not fully protected with up-to-date security software and operating systems. Banks have hinted they will continue to reimburse customers for genuine fraud losses, but that this will be on a “case-by-case” basis.
InfoTech and Computerworld editors, Tom Pullar-Strecker and Rob O’Neill, respectively, say the changes they propose would encourage banks to educate customers on the safe use of the internet. They would give banks protection from claims that might arise from customers colluding with fraudsters and would also shield them from underwriting losses incurred by customers who had been repeatedly negligent about security.
Otherwise, liability for fraud losses would reside with the banks.
The Australian parents of New Zealand’s big four banks say they will continue to indemnify customers in Australia against fraud losses, with one even providing discounted security software to customers.
It’s time New Zealand’s banks did likewise.
Proposed changes to section 8C of the code
Banks will provide customers with advice on steps they can take to protect themselves from the risk of internet banking fraud and may advise customers to only bank from computers that are fully protected, but:
Banks will accept all liability for losses from fraud that result from the use of internet banking, unless it has been proved in a court of law that the customer acted with deliberate intent to assist the fraud.
Banks may withdraw access to internet banking facilities if customers have been victims of internet banking fraud on more than one occasion, but must then provide an alternative means for those customers to manage their accounts that incurs no extra charges beyond those customers would incur if banking over the internet.
Banks will use risk management techniques to minimise fraud, and will offer security and authentication options to their customers that conform to international best practice.
Alan Yates, CEO of the Bankers’ Association, was unable to comment on the suggested amendments by press-time.