ASIC has outlined a set of actions for banks to better protect customers against advisers carrying out fraud on customers’ accounts.
ASIC has released Report 584: Improved protections for deposit accounts with third-party access which outlined the findings of a review that the regulator conducted in April 2017 into the compliance controls that banks had in place to protect customers from potential fraud.
The impetus for the review came after Sherwin Group collapsed in 2013, with Wickham Securities director Garth Robertson and Wickham Securities chairman and Sherwin Financial Planning director Bradley Sherwin convicted of fraud and dishonesty offences and sentenced to imprisonment.
ASIC’s review involved three of the Big Four banks (CBA, NAB and Westpac) as well as Bendigo and Adelaide Bank and Macquarie Bank.
“In particular, we reviewed whether the banks offering these accounts had sufficiently robust compliance measures and controls in place to address the risk of fraud and other risks where an adviser has authority to withdraw the customer’s money,” the report said.
ASIC found that while “widespread misconduct” was not found, the current controls and measures in place were not fully sufficient.
“We consider that the banks could do more to manage the risks to customers associated with third party access to money in customers’ accounts.
“Even though the instances of fraud are not widespread, the potential impact of fraud on individual customers is significant.”
The ASIC report also outlined concrete steps that banks could take in order to strengthen their compliance controls and “mitigate the risk of potential fraud”.
The report noted Macquarie was the largest issuer of accounts – but that it also already had many existing practices in place that mitigated potential fraud.
Although ASIC had outlined ten recommended actions, these alone would not entirely eliminate the risk of fraud, the report warned.
“A range of measures and controls are needed to respond effectively to the risk of fraud. All banks involved in our review have considered the recommended actions and agreed to make improvements to their current practices.
“If individual instances of fraudulent conduct involving adviser-operated deposit accounts arise in the future, ASIC will investigate both the individual matter and the bank’s broader compliance with the recommended actions set out in this report.”