Operational risks in compliance: BOQ fixes IT error

In recent years IT “glitches” have resulted in customer account charging errors and consequent Credit Code breaches (eg The Rock Building Society in 2010).

With growing reliance on technology it is critical that product specifications are clear so that software programmers understand the requirements. The output must be checked against the product design to ensure they match.

ASIC has now announced that Bank of Queensland Ltd (BoQ) will refund customers after a system error resulted in a failure to link Mortgage Offset Accounts (MOA) to some eligible home loan accounts over a number of years.

UPDATE 16 August 2013:BOQ ASX Announcement

Current estimates are that the error affected approximately 6000 customers and total refunds will be in the order of $12 million.

BoQ discovered the problem and reported it to ASIC. BoQ has agreed to appoint an independent expert to review its remediation processes to ensure that:

  • all affected customers are identified and appropriately compensated, and
  • BoQ’s compliance systems are adequate to prevent a similar error occurring in future.

BoQ has already compensated some customers and will ensure that the remaining affected customers are contacted and advised of their compensation.

Even well-run businesses which have training programs and compliance policies are at risk if compliance is not monitored and breaches fixed.

Monitoring requires staff with skills and resources to identify potential risks and “join the dots”.

Sometimes breaches are only identified following customer complaints.

And if a breach is detected there must be a prompt appropriate response. Ignoring a breach or covering it up can lead to further breaches.

 

Your Compliance Support Plan

We understand you need a cost-effective way to keep up to date with regulatory changes. Talk to us about our fixed price plans.