The Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry has detailed significant failings in banks’ risk and compliance tools and scorned their inability to produce much useful data.

The Commission today handed down its Interim Report and in its Executive Summary (pdf) strongly criticized financial institutions for greed, while hitting out at regulators for letting banks off easy.
While the three-part report doesn’t directly comment on Australian banks’ use of technology, they do offer hints about problems with it.
In the report’s analysis of the Commission’s early inquiries, Commissioner Hayne revealed that banks protested they could not produce evidence of misconduct within his deadlines.
NAB explained it had no central record of non-compliance and would need to trawl “many separate sources” to figure out the extent of its non-compliance including its five databases used to record customer complaints and myriad reports filed to regulators.
Hayne also wrote that “neither CBA nor NAB could readily identify how, or to what extent, the entity as a whole was failing to comply with the law.”
“And if that is right, neither the senior management nor the board of the entity could be given any single coherent picture of the nature or extent of failures of compliance; they could be given only a disjointed series of bits of information framed by reference to particular events,” he said.
NAB was criticized for an “apparent inability to draw together information about instances of misconduct identified during the immediately preceding five years”.
That it was not able to do so, the report says, “shows that it was then unable to identify promptly, whether for its own internal purposes or for any external purpose, a single, reasonably comprehensive and accurate picture of whether and how it had failed to comply with applicable financial services laws.”
In response to a request for additional data to help the Commission understand its misconduct, CBA “protested that it could not do this within the time allowed and instead proffered spreadsheets derived from its risk management system recording events that had been thought appropriate to record in that system during the relevant period.”
Westpac also had problems producing data, and told the Commission that “the information it had provided in those submissions did not take account of some categories of data and that further acknowledgments may be provided.”
“Westpac thereafter made a number of further acknowledgments of conduct amounting either to misconduct or conduct falling short of community standards and expectations," the report states.
"Again, this course of events points towards a disjointed, piecemeal approach to monitoring compliance with applicable laws.”
Among the big four, only ANZ did well, with the report stating “on their face, ANZ’s responses appeared to be detailed and comprehensive.”
IT failures
The report’s second volume also calls out a few IT failures.
In a section on CBA’s personal overdrafts it reports that bank “discovered a programming error that resulted in certain data from customers’ long form applications not being included in the serviceability calculations within the automated decision-making system.”
The resulting incorrect calculations led to offers of overdrafts to people who didn’t warrant them.
Aussie Home Loans’ systems had trouble connecting to a source of data that would have helped it to comply with responsible lending obligations.
At Westpac, automated analytics created conditions whereby offers for increased credit limits were sometimes sent to people who could not afford repayments.
Worse still, Westpac didn’t use historical data that would have helped it to understand the risks for some customers.
AMP’s fee for no service scandal was blamed, in part, on slow implementation of analytics tools.
The Interim Report is just that: it offers some findings but no recommendations.
But in attempting to explain the many acts of bastardy described by witnesses, it does offer one important conclusion from its work to date: “Too often, the answer seems to be greed – the pursuit of short term profit at the expense of basic standards of honesty.”
Commissioner Hayne does not, however, suggest a remedy. Indeed he seems to despair of any being available.
“Passing some new law to say, again, ‘Do not do that’, would add an extra layer of legal complexity to an already complex regulatory regime,” he wrote, adding “What would that gain?”
That’s a fine question given that the Interim Report shows banks are clearly struggling to track compliance in accordance with current regulations.
But the report also says regulators didn't help matters, as they too often negotiated with banks rather than taking them to court. The report suggests ASIC and APRA felt it was better to have good relationships with banks rather than to be belligerent.