Lessons learned from the new financial consumer protection framework

On June 30, 2022, the long-awaited Bank Act (Canada) (BA) consumer protection framework (the Framework) comes into force. The Framework, which was originally introduced in October 2018 as Bill C-86, is intended to provide bank customers with enhanced legislative protections. As banks worked towards ensuring that their processes, procedures, policies and agreements comply with the Framework, they have learned key lessons. Let’s analyze those lessons with the help of three well-known proverbs.

The devil is in the details

Currently, consumer protection requirements are scattered throughout the BA and largely imposed by way of subject-specific regulations, including cost of borrowing, prepaid payment cards, and access to basic banking. However, as of June 30, all consumer provisions will be consolidated into a new Part XII.2 in the BA (other than the new whistleblowing regime, which will be in a new Part XVI.1) and one set of consolidated regulations, the Financial Consumer Protection Framework Regulations (the Regulations). Appreciating how the legislation and the regulations are organized is critical to understanding the new requirements and ensuring that all obligations are identified.

As an example, to analyze a question on loan disclosure, one will need to navigate between Part XII.2 and the Regulations and examine:

• general responsible business conduct requirements, which provide for the banks’ obligations pertaining to prohibited conduct, imposition of charges or penalties, consent, cancellation periods, alerts and similar matters;
• product-specific responsible business conduct requirements, which, depending on the product, may include obligations such as default charges, no credit or credit limit increase without express consent, liability for unauthorized use, and periodic statements;
• general disclosure requirements, which include requirements such as telephone agreements, information boxes, promotional or other offers; and
• product-specific disclosure requirements, which include the specific disclosure requirements for applications and agreements.

In the Regulations alone, there are 40 sections that address the disclosure obligations with respect to loans.

For help navigating this new regime, please refer to our roadmap for the new financial consumer protection framework.

It’s no use crying over spilled milk

As banks moved towards compliance, it was at times challenging to understand many of the new requirements and how best to operationalize them. For example, what may on its face appear to be a simple obligation—such as the sending of alerts when the balance in an individual’s deposit account or the amount of available credit on a line of credit or credit card falls below $100)—could have significant systems and operational implications. The requirement, for example, fails to take into consideration the number of characters that can be inserted in a text message. Other examples of challenging obligations on which we have been advising include:

• new complaint process requirements (sections 627.43 to 627.47) which, when combined with the Financial Consumer Agency of Canada’s (FCAC) Guideline on Complaint-Handling Procedures for banks and authorized foreign banks, imposes an onerous new complaint management framework;
• implications of the affiliates’ clause (section 627.15), which now extends to third parties, and several of the Framework’s obligations, including market conduct requirements, whistleblowing and complaints;
• application of certain of the Framework’s obligations to businesses, including the “cooling off” provisions that will apply to eligible enterprises;
• application of the Framework to authorized foreign banks, which have very few compliance obligations under the existing BA consumer protection provisions; and
• safeguarding of customer privacy under the Framework, as the Framework significantly expands the amount of personal information that banks and authorized foreign banks may collect and hold in respect of their clients.

The proof is in the pudding

The most challenging aspect in interpreting the Framework is the fact that many of the Framework’s provisions have not been tested. Although the FCAC published three guidance documents on the Framework’s requirements, there are still several outstanding interpretation questions. Ultimately, the success of the interpretation and compliance approaches adopted by the banks will only be tested in the months and years to come as the FCAC examines each bank’s compliance with the Framework.

The importance of the banks’ compliance departments who ensure that processes, policies and procedures that have been developed and implemented will operate as expected cannot be understated. This is particularly true considering that future violations of the Framework could be costly under the FCAC’s new penalty regime that came into effect on April 30, 2020.

Hopefully, as the Framework comes into effect, the fitting proverb will be “all’s well that ends well”.

To discuss these issues, please contact the author(s).

This publication is a general discussion of certain legal and related developments and should not be relied upon as legal advice. If you require legal advice, we would be pleased to discuss the issues in this publication with you, in the context of your particular circumstances.

For permission to republish this or any other publication, contact Janelle Weed.

© 2024 by Torys LLP.

All rights reserved.