Compliance investigations are one of our key tools for monitoring customer owned banks’ compliance with the Customer Owned Banking Code of Practice.

Why we investigate

Our investigations examine if a customer owned bank has complied with its Code obligations in providing a banking service to a customer and if it needs to change its policies or processes.

Our investigations focus on helping the customer owned bank to remedy its non-compliance. We do not:

When we investigate

Anyone can contact us to report a concern that a customer owned bank may have breached the Code. For us to investigate a matter, at a minimum:

  • the customer owned bank has adopted the Code
  • the banking service has taken place in Australia
  • the matter has involved an individual or small business customer or their guarantor, and
  • a Code obligation covers the issue.

Allegations can be made by emailing us or calling 1800 931 678 (ask to speak with AFCA Code’s Investigations Manager).

We can also undertake our own inquiries, which we call Own Motion Inquiries; these types of investigations do not depend on a specific allegation.

How we investigate

  1. We register the allegation of a breach of the Code.
  2. We check we have jurisdiction and that we are the most appropriate forum to investigate the allegation.
  3. We ask the customer owned bank to respond to the allegation and conduct our investigation.
  4. We decide on the most appropriate case outcome.
  5. We provide feedback to the person making the allegation and monitor how the customer owned bank remedies the breach.

What we consider in our investigations

Each investigation is unique and depends on its facts. However, as a general guide we take into account:

  • evidence before us
  • the law
  • our decisions or guidance where relevant
  • decisions or guidance by other entities (such as ASIC)
  • if the issue might affect other consumers, and
  • how the bank has handled the issue.

Investigation outcomes

Our investigation outcomes depend on what we have found. Outcomes include:

  • Determinations – these are formal compliance decisions.
  • Undertakings or monitoring – to check process improvements are working.
  • Sanctions – which may include publicly naming a customer owned bank.
  • ‘No further action’ decisions.

Back to the top