Payday lenders rebranding themselves as hipster fintech credit and buy-now, pay-later providers are abusing screen scrapers to scope out when consumers’ bank balances hit a low point before hitting them with pressure marketing for high-cost loans.
That’s the disturbing reality painted by Drew McRae, policy and advocacy officer for the Financial Rights Legal Centre who is staring down a barrage of intense lobbying the Australian fintech sector to legitimise screen scraping under open banking and a review of transaction liability regulations.
Giving evidence to a public hearing of the Select Committee on Financial and Regulatory Technology late last week, MacRae rejected suggestions he was implicitly doing the bidding of big banks by advocating for screen scaping be banned, a line increasingly pushed by parts of the fintech sector.
“I want to address the issue that, weirdly enough, we align with the position of the banks,” McRae said in response to questions from the committee.
“We have spent all week fighting them on the implementation of the royal commission.”
“We sometimes align with groups that we tend to disagree with. This just happens to be one of them. We haven't really discussed very closely with them. We are not here to defend the traditional banking sector.”
It’s been a largely friendless fight for the Financial Rights Legal Centre (FRLC) which previously warned elements of the largely unregulated fintech sector were gradually becoming infested with predatory credit sharps looking for new avenues to push their ware as other loopholes were shut.
For the main banks, credit card schemes, insurers and lenders view FRLC with trepidation because it too often shows up their failings. But with many fintechs complaining banning screen scraping could put them out of business, the advocacy group is putting evidence of aberrations on the public record.
“One that we are definitely aware of is when somebody has been screen scraped and they've gone into their account to find out if their bank account has gotten low—this is the payday lender—they're subsequently sent advertising saying, 'Hey, do you need a payday loan,' and, voila, they get one,” McRae said.
“For that person, at that point, that doesn't seem to be a harm, but, in the long run, as they go into a debt spiral, it is a harm to them, and they'll eventually realise.”
McRae said that currently “there are very few laws that apply specifically to the nature of the fintech sector, and we'd like to see reforms, as outlined in our submission, to apply to that sector.”
“We have found in the past that when a new sector develops—I'm thinking, off the top of my head, of a lot of the fringe financial services sector organisations known as debt management firms—it tends to work outside of the norms of the sector," McRae said.
“Our concern is that we want to ensure that, when the fintech and regtech sectors do come in, they meet high standards of ethical behaviour and follow the law.”
The Committee heard that while FRLC understood and empathised that for many fintechs screen scraping had been the only technology available to get customer data, this did not make it an acceptable practice that should be legitimised.
“I would say that screen scraping exists because the CDR [consumer data right] doesn't exist and hasn't existed up to this point. The CDR is there to basically make screen scraping redundant, and that's what it should be— redundant,” McRae said.
“I have sympathy for the sector that has developed and used this technology over a long period, because, frankly, there was no other framework to work within; the consumer data right will now provide one. But, now that we have it, we should get rid of it.”
McRae described the tolerance of screen scraping as “this weird moral hazard where we're supporting a case for handing over your passwords, where you lose your rights under the ePayments Code and that information could be breached.”
“We've seen a couple of very dodgy cases where passwords have been used repeatedly after the initial use. From our perspective, there really is no justification for it to be legal.”
Fintech and industry meet-ups don’t sound like a lot of fun for MacRae, though they do yield valuable information.
“Where I have spoken to the fintech sector has been through the consumer data right workshops and other meetings. I'm usually the only consumer rep in the room. The scenario is usually that you have lots of fintech people and lots of bank people, and there's me in the centre trying to figure out what's going on.
“Usually they're fighting with each other, and because they don't usually know who I am they're speaking about some of the things that they want to do [like] trying to figure out the loopholes and exemptions and other ways to get around some rules.
“It has caused me some concern,” McRae said.