A New Federal Financial Consumer Protection Framework
November 12, 2018
On October 29, 2018, the federal government introduced Bill C-86, Budget Implementation Act, 2018, No. 2 (Bill C-86), the second omnibus budget bill of 2018. If passed, Bill C-86 will, among other things, amend the Bank Act to provide for a financial consumer protection framework (Framework) for banks and authorized foreign banks. The Framework is primarily set out in a new Part XII.2 of the Bank Act, with new whistleblowing provisions set out in a new Part XVI.1. While Bill C-86 proposes other changes of interest to federal financial institutions, this bulletin focuses on the significant changes that are proposed under the Framework and Part XVI.1, as well as accompanying changes to the Financial Consumer Agency of Canada Act (FCAC Act).
Bill C-86 represents the latest attempt by a federal government to enact a consumer protection framework or code. The immediately preceding attempt was in 2016 when the federal government introduced Bill C-29, Budget Implementation Act, 2016, No. 2 (Bill C-29). Bill C-29 included a comprehensive and exclusive consumer code. However, due in part to strong reaction from the Quebec provincial government, the consumer code set out in Bill C-29 was pulled for further review. Bill C-86 is the outcome of such review. The Framework is intended to be comprehensive, but no mention is made of exclusivity, signalling that, for now, the government wishes to avoid overt reference to the constitutional question, with the expectation that Bill C-86 will pass without provincial interference.
Below we discuss several of the important changes to the consumer provisions in the Bank Act and their potential impact on banks and authorized foreign banks. It is important to note that many of these changes apply to dealings with customers that are not typically considered to be “consumers”, such as commercial entities. At this time, a similar regime has not been proposed for other federal financial institutions, such as insurance companies and trust and loan companies.
GOVERNANCE: STRONGER INTERNAL OVERSIGHT OF COMPLIANCE WITH CONSUMER PROVISIONS AND PROTECTION OF CUSTOMERS
Banks are currently required to designate a committee of the board of directors (Committee) to monitor procedures in place regarding disclosure of information to bank customers and complaints handling. Under Bill C-86, this requirement will be more prescriptive. A new Section 195.1 will be added to the Bank Act, which will provide that the committee must consist of at least three board members, a majority of which must be independent and none of which may be officers or employees of the bank or any of its subsidiaries. These membership requirements are substantially similar to the membership requirements for the audit committee and the conduct review committee.
The Committee’s duties will include requiring management to establish procedures for complying with the consumer provisions and reviewing these procedures to determine whether they are appropriate to ensure that the bank is complying with the consumer provisions. The question of what is required in order to meet this standard is one that will concern directors. The Committee’s duties will also include requiring management to report at least annually to the Committee on the implementation of the procedures and any other activities that the bank carries out in relation to the protection of its customers. The directors of the bank must report to the Commissioner of the Financial Consumer Agency of Canada (Commissioner) within 90 days after the end of each fiscal year on what the Committee did during the year in performing its required duties. The bank’s auditors are entitled to receive notice of the Committee meetings and may attend and be heard at such meetings.
STRUCTURE OF THE FRAMEWORK: A NEW PART XII.2
Consumer provisions are currently found in various sections of the Bank Act, as well as in the regulations, often with some duplication or differences where you might not expect them. Under the Framework, many consumer provisions have been consolidated into a new Part XII.2, which addresses requirements that apply to banks and authorized foreign banks (collectively defined as “institutions” under Part XII.2). Part XII.2 is divided into the following divisions.
Division 1 – Interpretation
Most definitions are now helpfully consolidated in this division.
Division 2 – Fair and Equitable Dealings
This division sets out general requirements for responsible business conduct.
In addition, fair dealing provisions regarding access to basic banking services (retail deposit accounts, access to funds), credit (prepayment of credit, default charges and mortgage renewals, minimum credit balances, credit limit increases, credit card statements, minimum payments, grace periods and allocation of payments, and debt collection), prepaid products, optional products and services, and complaints are found in this division.
The current version of these provisions are in the Bank Act, Access to Basic Banking Services Regulations, Access to Funds Regulations, Complaints (Banks, Authorized Foreign Banks and External Complaints Bodies) Regulations, Cost of Borrowing (Authorized Foreign Banks) Regulations, Cost of Borrowing (Banks) Regulations, Credit Business Practices (Banks, Authorized Foreign Banks, Trust and Loan Companies, Retail Associations, Canadian Insurance Companies and Foreign Insurance Companies) Regulations, Negative Option Billing Regulations and Prepaid Payment Products Regulations.
Division 3 – Disclosure and Transparency for Informed Decisions
This division begins with new general disclosure requirements. Following the general disclosure requirements are more specific disclosure requirements relating to deposit accounts, financial instruments and notes, advertisements, credit, prepaid payment products, optional products and services, registered products, and mortgage insurance. The division also includes provisions on public notice requirements for branch closures and public accountability statements.
The current version of these provisions are in the Bank Act, Access to Basic Banking Services Regulations, Access to Funds Regulations, Cost of Borrowing (Authorized Foreign Banks) Regulations, Cost of Borrowing (Banks) Regulations, Deposit Type Instrument Regulations, Disclosure of Charges (Authorized Foreign Banks) Regulations, Disclosure of Charges (Banks) Regulations, Disclosure of Interest (Authorized Foreign Banks) Regulations, Disclosure of Interest (Banks) Regulations, Negative Option Billing Regulations, Notice of Branch Closure (Banks) Regulations, Notices of Deposit Restrictions (Authorized Foreign Banks) Regulations, Notices of Uninsured Deposits Regulations (Banks), Prepaid Payment Products Regulations, Principal Protected Notes Regulations and Registered Products Regulations.
Division 4 – Redress
This is a brief division dealing with an express requirement to credit or refund charges (which is defined to include interest and fees) or penalties that were charged but were not provided for or were under-disclosed in the relevant agreement. Institutions are also required to credit or refund charges and penalties that were imposed under an agreement if the institution had not obtained the customer’s express consent for such product or service.
Division 5 – Regulations
Broad regulation-making powers are set out in this division, including a power to make regulations dealing with training, the names of the positions used by an institution for its employees, representatives and agents in their dealings with the public, and a “catch-all” power to make regulations regarding the carrying on of permitted activities or providing products and services.
While the Framework is presented as a consolidation of existing requirements, very few provisions that exist today are completely untouched. The spectrum of changes ranges from minor drafting changes, including some efforts to modernize (for example, the definition of prepaid payment product no longer refers to a “card,” but rather to a “product”), to additional drafting changes that significantly expand the scope of the provision as it exists today. In addition, there are many brand-new provisions with potentially far-reaching implications.
We will need to wait for the regulations to properly assess the scope of the changes to the consumer provisions. However, key changes that we have identified at this time include:
On the heels of the Financial Consumer Agency of Canada (FCAC) and Office of the Superintendent of Financial Institutions (OSFI) reviews on sales practices (see our March 2018 Blakes Bulletin: FCAC Concludes No Widespread Mis-Selling by the “Big Six” Banks), several new provisions have been added and existing provisions were enhanced to cover sales practices, including:
- Expanded Definition of Complaints. A “complaint” will be defined to include a complaint about the manner in which a product or service in Canada is offered, sold or provided (Section 627.01(1)). This is clearly intended to capture complaints relating to sales practices and mis-selling. Consistent with the prior definition, the definition will apply to complaints by a “person” and, therefore, applies to complaints by entities, as well as natural persons acting for non-business purposes, in relation to the consumer provisions. We also note that the definition includes a clarification that a complaint includes both justified and unjustified complaints. These changes will likely require amendments to the institutions’ complaint-handling policies and procedures.
- New Definition of Undue Pressure. A new definition of “undue pressure” will be added, which will mean any pressure imposed in the form of a practice or communication or otherwise that could be reasonably considered to be excessive or persistent in the circumstances (Section 627.01(1)). This term is used currently in the restriction on tied selling in Sections 459.1(1) and 576.1(1) of the Bank Act, which is now expanded as discussed in the next bullet below (Section 627.04). The term is also used in the new debt recovery provisions under the Framework (Section 627.37).
- Broad Prohibition on False or Misleading Information. It will be prohibited for an institution to communicate or otherwise provide false or misleading information to a customer, the public or the Commissioner (Section 627.03). This very broad provision may prove challenging to operationalize.
- Prohibited Conduct. It will be prohibited to impose undue pressure on a person or coerce a person for any purpose, not just in respect of obtaining a product or service from a particular person, including the institution, under the current prohibition on tied selling. In addition, Section 627.04 states that an institution shall not “take advantage of a person.” This provision is troubling as it is very unclear what institutions will be required to do in order to meet this standard. We also note that under Bill C-29, the prior iteration of the consumer framework, this provision applied to a person “who is unable to protect their own interests.” This concept has now been removed, and Section 627.04 broadly applies to all persons, even sophisticated commercial entities. Section 627.04 also provides that additional prohibited conduct may be set out in the regulations. Regulations may also be passed under the power set out in Section 627.998(l), specifying conduct that will be considered (or not) to be coercion.
- Policies and Procedures. An institution will be required to establish and implement policies and procedures to ensure that the products or services that it offers or sells to a natural person, other than for business purposes, are appropriate to the person having regard to their circumstances, including their financial needs (Section 627.06). Interestingly, this provision is limited to dealings with natural persons in a non-business context, whereas the prohibited conduct provisions apply more broadly to dealings with persons, including commercial entities. The concept of a needs analysis will not be new to anyone familiar with the sale of insurance products and services. However, such analysis is typically conducted in the context of more complex products. Institutions will need to consider how to adapt this requirement to a wide range of products and services and how this will impact the front line.
- An institution will need to ensure that the remuneration of its officers and employees and of any third party who offers or sells its products or services, as well as any payment or benefit that the institution offers to the third party, does not interfere with the person’s ability to comply with the policies and procedures referred to in Section 627.06 and discussed above. Institutions will need to ensure that arrangements with third parties who offer or sell the institution’s products or services include appropriate oversight mechanisms in this regard.
- The institution will need to ensure that officers, employees and third parties who offer or sell the institution’s products or services are trained in respect of the policies and procedures that the institution has established for complying with the consumer provisions (Section 627.02). Note that this section refers to policies and procedures in respect of the consumer provisions more generally, and not only those referred to in Section 627.06.
New Cooling-Off Period for All Ongoing Products and Services
The Framework introduces a new cooling-off period that will apply to all agreements with a person for an ongoing product or service (Section 627.1). The cooling-off period is 14 business days if the agreement was entered into by mail or telephone and three business days if the agreement was entered into in any other manner, unless a different period is prescribed in each case. Importantly, this provision will apply to both consumer and commercial products and services. It would seem unreasonable to apply this provision to commercial transactions, particularly negotiated commercial arrangements for services with a sophisticated party. There may be some relief as prescribed products and services may be excluded from this requirement by regulation. However, the preferred approach would be to limit the application of this section to transactions with natural persons for a non-business purpose. Retail deposit accounts, deposit-type instruments, credit cards and other prescribed products are not captured by this section but may be subject to other requirements to be set out in regulations.
Mandatory Information Boxes
Currently, information boxes are mandatory for certain required disclosures for consumer credit products, as well as in respect of fees payable for prepaid payment products. Under the Framework, all information that is required to be disclosed in an application or before entering into an agreement in respect of a product or service will need to be disclosed in a single prominently displayed information box (Section 627.57(1)).
At a minimum, the information box requirement will apply to the new baseline disclosures that are required in respect of every product or service provided to a natural person (not limited to a natural person engaging in a transaction for a non-business purpose) on an ongoing basis as set out at Section 627.59. These baseline disclosures will include the features of the product or service, a list of all charges and penalties that apply, the particulars of the person’s rights and obligations in respect of the product or services, complaints procedures, and any additional requirements that may be set out in the regulations. However, regulations may be passed that restrict the application of this section (Section 627.998(k)).
The mandatory information box requirement will also apply to commercial products and services to the extent that information is required to be disclosed.
This requirement will necessitate significant forms changes and will entail significant time and cost to implement.
Peppered throughout Part XII.2 is the phrase “in Canada”. In some instances, the phrase applies to an activity engaged in by the institution (see, for example, Section 627.04 that provides “An institution shall not, in its dealings in Canada with its customers and the public….”). However, in several other instances, the phrase “products or services in Canada” is used, and it is not always clear what this means (see, for example, Section 627.12(1), which provides that “An institution shall not impose on a person a charge or penalty in relation to a product or service in Canada unless….”). The concern is that the phrase could capture banking activities that are engaged in by a foreign bank on a cross-border basis, given that the definition of authorized foreign bank refers to the foreign bank, and not simply the Canadian branch. If the intent is to limit Part XII.2 to business carried on in Canada, a general statement to that effect would provide welcome clarity, particularly for authorized foreign banks.
Under Section 627.13, institutions must send an alert to a natural person if the balance of the person’s personal deposit account falls below a threshold or if the amount of credit available on the person’s line of credit or credit card (for non-business purposes) falls below a threshold. In both cases, the threshold will be communicated by the natural person to the institution, or if no threshold is communicated, then the amount will be C$100. The alert must be in electronic form, which is not defined, and the contents of the alert are prescribed in the section. This will require a significant effort on the part of institutions to implement a system to request and implement customized thresholds, as well as ensure that the consents required under the Electronic Documents (Banks and Bank Holding Companies) Regulations appropriately reflect this, and any other new electronic communications (for example, the complaint acknowledgement referred to below).
Increasing Credit Limits
The prohibition on increasing the limit on a non-business credit card account with a natural person without express consent will be extended to lines of credit, which is not surprising (Section 627.32). This requirement is subject to the regulations, if any.
Before entering into an agreement with a person by electronic means or by mail, an institution must provide the person with a local or toll-free number of a natural person who is an employee or agent of the institution and who is knowledgeable about the terms and conditions of the agreement (Section 627.58). This provision will apply to consumer and commercial transactions. Additional requirements may be set out in the regulations.
Enhanced Complaints Regime
The Framework sets out a more robust complaints-handling regime, including:
- Complaints-handling procedures will need to be satisfactory to the Commissioner (Section 627.43(1)(a)).
- The officer or employee designated to be responsible for implementing the complaints-handling procedures will need to be in Canada, as will the officer(s) or employee(s) designated to receive and deal with the complaints (Section 627.43(1)(b) and (c)). Authorized foreign banks that outsource this function to their head office will need to take note of this requirement.
- Institutions will be prohibited from using any misleading term with respect to its complaints procedures or designated officers or employees, including any term that suggests that the procedures, officers or employees are independent of the institution (Section 627.43(2)). For example, institutions will not be permitted to use the word “ombudsman” in connection with its own internal complaints handling.
- A written acknowledgement of the date on which the complaint was received will need to be provided to the person making a complaint (Section 627.43(4)).
- Detailed records of complaints will need to be kept for seven years (Section 627.44). Such records will need to be accessible to the Commissioner (Section 627.45).
- A quarterly report will need to be made to the FCAC regarding the complaints received during the quarter, which will need to include a copy of the records to be kept under Section 627.44, except for certain personal information (Section 627.46).
- The annual complaints information that must be made publicly available now includes the nature of the complaints, as well as the number (Section 627.47).
Separate Agreement for Optional Products and Services
Optional products and services (defined in Section 627.01(1)) provided to a natural person for non-business purposes will need to be provided under a separate agreement from the primary product or service (Section 627.41). This may entail a re-examination of optional products or services that are considered to be a feature of the primary product and the delivery of optional products and services more generally.
The Framework contemplates that regulations may be passed that set out prescribed disclosure requirements for certain types of amendments (Section 627.62).
ID verification procedures on opening a deposit account or cashing a government cheque have been updated to more closely reflect current ID verification obligations under anti-money laundering laws (Sections 627.17(1) and 627.25(1)).
Public Accountability Statements
Section 627.996 will set out expanded requirements for the public accountability statements that banks must file each year with the Commissioner. Among other things, the statement will need to include:
- The names of the voluntary codes of conduct that the bank has adopted that are publicly available and any public commitments that the bank has made, in each case, that are designed to protect the interests of its customers, and the means by which the codes and commitments are made available to its customers and the public
- A description of the measures taken by the bank and its prescribed affiliates to provide products and services to low-income persons, senior persons, persons with disabilities and persons who face accessibility, linguistic or literacy challenges
- A description of the consultations undertaken by the bank and its prescribed affiliates with their customers and the public on certain topics, including the development of products and services and emerging issues that may have an impact on their customers
Expanded Application to Commercial Products and Services
As we have noted above, there are many provisions of the Framework that are not limited in scope to transactions with a natural person for non-business purposes. Once the regulations are available and the full effect of the Framework is known, institutions will need to carefully catalogue all such provisions and enhance their forms, policies and procedures as required.
NEW PART XVI.1 – WHISTLEBLOWING
Any employee of an institution who has reasonable grounds to believe that the institution or any person has committed or intends to commit a wrongdoing will be able to report the particulars to the institution, OSFI, the FCAC, a government agency or body that regulates or supervises financial institutions or a law enforcement agency. “Wrongdoing” will be broadly defined as including a contravention of any provision of the Bank Act or its regulations, a voluntary code of conduct that has been adopted by the institution, a public commitment made by the institution, or a policy or procedure established by the institution. The identity of the whistleblower will be kept confidential, with some exceptions. Institutions will need to establish and implement procedures for dealing with reported matters, and will be prohibited from taking adverse action against a whistleblower.
CHANGES TO THE FCAC ACT
In addition to amending the definition of “consumer provision” in the FCAC Act to include the new consumer provisions set out in Bill C-86, there are several changes of note.
Purposive Statement to Protect Consumers of Financial Products and Services and the Public
A new Section 2.1 will provide that the purpose of the FCAC Act is to ensure that financial institutions, external complaints bodies and payment card network operators are supervised by an agency of the Government of Canada so as to contribute to the protection of consumers of financial products and services and the public, including by strengthening the financial literacy of Canadians.
The objects of the FCAC will include that the FCAC is to strive to protect the rights and interests of consumers of financial products and services and the public, although this concept is tempered somewhat as the FCAC will also account for the need of financial institutions to efficiently manage their business operations.
Name and Shame
The Commissioner will be required to name the person who committed a violation, although this requirement will be subject to the regulations. Currently, the Commissioner has the discretion to name such a person. However, this discretion has rarely been used. We will need to wait to see what exceptions are provided by the regulations.
The maximum penalty for a violation will be increased from C$50,000 to C$1-million in the case of violation committed by a natural person, and from C$500,000 to C$10-million in the case of a violation committed by a financial institution or payment card network operator. Penalties will be assessed based on the duration of the violation and the person’s ability to pay (a concept perhaps borrowed from Canada’s Anti-Spam Laws or CASL), in addition to the prior factors which remain untouched, such as the history of the person who committed the violation.
Financial Literacy Leader
The concept of the Financial Literacy Leader will be removed, although the FCAC will still be tasked with strengthening the financial literacy of Canadians.
We also note that Section 659 of the Bank Act will be expanded to include a new special audit right. Pursuant to this right, the Commissioner may direct that an audit be conducted if, in the opinion of the Commissioner, it is required for the purposes of administering the FCAC Act and the consumer provisions. The Commissioner may also direct an institution or a person to comply with a compliance agreement or a consumer provision pursuant to a new Section 661.1 of the Bank Act.
Collectively, these provisions signal a shift in enforcement powers and mandate. This is not surprising given the recent hires by and increased prominence of the FCAC in the wake of the sales practices review. Financial institutions will need to recalibrate their reputation and regulatory risk assessments in light of the above changes.
Regulations will need to be released in order to fully implement the proposed changes. No in-force date has been set for the changes to the Bank Act, although we hope that significant transition time will be given in respect of those provisions that will require system, document and procedural changes, and related training. There is also no in-force date for the changes to the FCAC Act, except those changes relating to the repeal of the Financial Literacy Leader provisions, which will come into force on April 10, 2019. It also remains to be seen whether any similar changes to the consumer provisions of the Trust and Loan Companies Act and the Insurance Companies Act and their respective regulations are forthcoming.
For further information, please contact:
or any other member of our Financial Services Regulatory group.
Blakes and Blakes Business Class communications are intended for informational purposes only and do not constitute legal advice or an opinion on any issue.
We would be pleased to provide additional details or advice about specific situations if desired.
For permission to reprint articles, please contact the Blakes Client Relations & Marketing Department at email@example.com. © 2019 Blake, Cassels & Graydon LLP