This article by me was first published in Retail Banking Review.

Websites are no longer optional marketing tools. Regulators now mandate that disclosure of certain issues must be made on a website and how other material must be displayed.

Websites (whether a company’s own website or its Facebook or Twitter sites) are amongst the first place regulators look at when conducting surveillance of an industry or a particular business.

For example, APRA requires website disclosure by ADI’s of certain prudential information and the ASX Corporate Governance Principles and Recommendations recommends that corporate governance information be clearly presented in a separate corporate governance information section of an ASX-listed company’s website. Such information must be maintained up to date.

The National Credit Act will be amended soon to require that specified information about home loans and credit cards be displayed on a credit licensee’s website.

Financial services disclosure
In support of its technologically neutral approach to financial services disclosure ASIC has published Regulatory Guide 221 Facilitating online financial services disclosures (RG 221) setting out the relief ASIC has given to enable providers to deliver disclosure documents either by sending a written notice (paper or electronic) with a reference to a website address where the disclosure can be found or by sending an email with a hyperlink to the disclosure if the client or the client’s agent agrees to receive disclosure in this way.

ASIC has set out 7 good practice guidance principles for online delivery of financial services disclosures to ensure that clients receive clear, concise and effective information as well as minimising their exposure to security risks where disclosures are delivered online:

1. Disclosure documents should be easy to retrieve and read;
2. Clients should be able to identify the disclosure;
3. Providers should use their reasonable efforts to ensure that the client or their agent receives a copy of the disclosure;
4. Clients should be able to keep a copy so that they can access the disclosure in the future;
5. Clients should be able to prove which version of the disclosure they relied upon;
6. Clients should be able to change their mind about receiving disclosures online at any time and at no cost;
7. Disclosure documents should be delivered in a way that does not unreasonably expose clients to security risks (e.g. phishing).

ASIC’s view is that, generally, unless the law provides otherwise, a provider must obtain a client’s express agreement before delivering financial services disclosures online. A client’s consent can be verbal or in writing.

Online calculators
One of the most popular features on financial websites is the calculator.

Providers of calculators and website owners need to be aware of ASIC’s Class Order [CO 05/1122] which gives relief from the usual licensing, conduct and disclosure requirements provided certain assumptions are disclosed.

The conditions for relief include:
• the calculator must not advertise or promote a specific financial product;
• if the calculator is an electronic facility or device, the calculator enables a person using it to alter the default assumptions applied by the calculator (other than a statutory assumption that reflects a rate or amount of fixed by legislation) and performs a calculation using the changed assumptions;
• if the calculator is an electronic facility or device – the calculator does not prevent the user from readily printing or electronically storing the estimate; and
• the provider keeps a copy of the calculator for 7 years from when it is first made available.

Website marketing
In Australian Competition and Consumer Commission v Allergy Pathway Pty Ltd (No 2) the Federal Court fined Allergy Pathway Pty Ltd (formerly known as Advanced Allergy Elimination) and its director, Mr Paul Keir, $7,500 each for making prohibited representations about Allergy Pathway’s purported allergy treatment on its website and on Twitter, Facebook and YouTube.

The representations included testimonials written and posted by clients on Allergy Pathway’s Facebook “wall” and testimonials written by clients and posted by Allergy Pathway on its website and Facebook and Twitter pages which it knew were false and did not remove.

Allergy Pathway was ordered to make corrective advertising which had to meet specific criteria:
• it must be viewable by clicking a ‘click-through’ icon located on the websites and Facebook and Twitter pages;
• the ‘click-through’ icon must be located at the top of the homepage of the websites and Facebook and Twitter pages;
• the ‘click-through’ icon must contain the words “False and Misleading Conduct and Contempt of Court by Allergy Pathway – Corrective Notice Ordered by Federal Court of Australia” prominently in red text on a black background and the words “click here”; and
• the notice must occupy the entire page that is accessed via the “click-through” icon referred to above.

Record retention
Record retention provisions apply to the electronic delivery of disclosure documents and notices to the same extent required for non-electronic delivery of information.

For example, if a website contains a notice required by law, a copy of the notice should be retained for the time period set out in the relevant regulation.

Generally information that is to be given in electronic form must, as far as practicable, be presented in a way that will allow the person to whom it is given to keep a copy of it so that the person can have ready access to it in the future.

Copies of website advertising should also be retained in case it becomes the subject of a dispute.

Retention of electronic copies is acceptable.

Website guidelines
Remember that a financial services website must be compliant as well as looking good and being easy to use.

Here are my guidelines for developing a compliant financial services website:

1. Implement consumer protection and accessibility through good design
2. Avoid customer confusion by using well written content
3. Ensure there is adequate disclosure of key legal information
4. Provide security information to customers
5. Protect customer privacy and confidentiality
6. Know your customers
7. Be clear about third party relationships
8. Tell your story: use your website to report to your users about governance, social and environmental matters as well as financial matters
9. Use your website to communicate with your customers and employees
10. Provide users with interactive tools and functions
11. Provide information for investors
12. Integrate legal requirements into the website
13. Develop an IT governance policy: know your strategic goal
14. Involve your compliance officer in planning.