Federal Republic of Nigeria Diagnostic Review of Financial Consumer Protection Key Findings and Recommendations June 2017 This Diagnostic Review is a product of the staff of the International Bank for Reconstruction and Development/The World Bank. The findings, interpretations, and conclusions expressed herein do not necessarily reflect the views of the Executive Directors of the World Bank or the governments they represent. Federal Republic of Nigeria Diagnostic Review of Financial Consumer Protection Key Findings and Recommendations Contents Abbreviations and Acronyms .............................................................................................................iii Acknowledgments ................................................................................................................................ iv Executive Summary .............................................................................................................................. v Diagnostic Review of Financial Consumer Protection ...................................................................... 1 I. Context for Financial Consumer Protection in Nigeria ................................................................ 1 Box 1: Brief Overview of the Nigerian Financial Sector ....................................................................... 2 II. Key Cross Sectoral Issues and Recommendations ....................................................................... 3 Box 3: International Examples of Financial Consumer Protection Supervisory Arrangements and Reporting Lines ..................................................................................................................................... 10 Box 4: Models of Alternative Dispute Resolution Schemes ................................................................ 29 III. Key Issues and Recommendations – Banking and NBFIs ......................................................... 29 Box 5: Supervisory Publication of Information .................................................................................... 33 Box 6: Key Facts Statement .................................................................................................................. 35 IV. Key Issues and Recommendations – Payments ......................................................................... 38 Annex I- List of Consulted Institutions ................................................................................................ 50 Annex II: Key Laws, Regulations, Frameworks and Guidelines.......................................................... 52 Annex III: Comments to the Nigeria Financial Ombudsman Bill ........................................................ 58 Tables Table 1: Key Recommendations ............................................................................................................. x i Boxes Box 1: Brief Overview of the Nigerian Financial Sector ....................................................................... 2 Box 2: International Examples of Consumer Protection Mandate for Central Banks / Lead Financial Sector Regulator...................................................................................................................................... 4 Box 3: International Examples of Financial Consumer Protection Supervisory Arrangements and Reporting Lines ..................................................................................................................................... 10 Box 4: Models of Alternative Dispute Resolution Schemes ................................................................ 29 Box 5: Supervisory Publication of Information .................................................................................... 33 Box 6: Key Facts Statement .................................................................................................................. 35 Currency Equivalents Exchange Rate effective May 15, 2017: US$1 = 305.1 NGN ii Abbreviations and Acronyms ANMFIN Association of Non-Bank Microfinance Institutions APR Annual Percentage Rate ASIC Australian Securities & Investment Commission ATM Automatic Teller Machine BOFIA Banks and Other Financial Institutions Act CGAP Consultative Group to Assist the Poor CBN Central Bank of Nigeria CCNBI Code of Conduct in the Nigerian Banking Industry CIBN Chartered Institute of Bankers of Nigeria CMU Complaints Management Unit CP Consumer Protection CPC Consumer Protection Council DMB Deposit Money Bank EDR External Dispute Resolution EFInA Enhancing Financial Innovation and Access FCA Financial Conduct Authority FCCPC Federal Competition and Consumer Protection Commission FCP Financial Consumer Protection Findex World Bank Global Financial Inclusion Database (2014) FI Financial Institution FIRST Financial Sector Strengthening Initiative GoN Government of Nigeria IDR Internal Dispute Resolution IMF International Monetary Fund IMMRS International Mobile Money Remittance Services KFS Key Facts Statement MBAN Mortgage Banking Association of Nigeria MCU Market Conduct Unit MFB Microfinance Bank MFI Microfinance Institution MMO Mobile Money Operator MoU Memorandum of Understanding MPOS Mobile Point of Sale NBFI Non-Bank Financial Institution NCC Nigerian Communications Commission NCS National Central Switch NFIS National Financial Inclusion Strategy, 2012 NFO Nigerian Financial Ombudsman NGO-MFI Non-Governmental Organization - Microfinance Institutions NPS National Payment System OFI Other Financial Institution OFID Other Financial Institutions Department iii POS Point of Sale PSP Payment Service Provider SMS Short Messaging Service TTC Total Cost of Credit TTL Team-Task Lead USD United States Dollar WAEMU West-Africa Economic and Monetary Union WB World Bank WBG World Bank Group iv Acknowledgments A World Bank Mission visited Nigeria from February 20 to March 3, 2017 to prepare a Diagnostic Review of Financial Consumer Protection in the banking, non-bank financial institutions and payments markets in Nigeria.1 This Diagnostic Review was prepared by a World Bank Finance and Markets Global Practice team led by Andrej Popovic (Senior Financial Sector Specialist and Task Team Leader) and including Ligia Lopes (Senior Financial Sector Specialist), Marco Traversa (Financial Sector Analyst), Ros Grady (Consultant), and Douglas Melville (Consultant). Operational support was provided by John Eimuhi (Paralegal) from the World Bank Country Office in Nigeria. Oversight of the project was provided by James Seward (Practice Manager, Finance and Markets Global Practice). The team is thankful to Rachid Benmessaoud (Country Director for Nigeria) for his support. Peer review comments were received from Gian Boeddu (Senior Financial Sector Specialist, World Bank) and Alice Zanza (Senior Financial Sector Specialist, World Bank). The team appreciates the cooperation and collaboration of the Central Bank of Nigeria and other government authorities, and of the representatives of the financial industry, civil society, and donor community who were consulted for the purposes of the Diagnostic Review. In particular, the team extends its gratitude to the Consumer Protection Department, Central Bank of Nigeria whose management and staff worked closely with the World Bank team during the mission. The Review was conducted as a component of Nigeria’s Financial Sector Strengthening Initiative Program (FIRST Program). The FIRST Program is a World Bank Group (WBG) and International Monetary Fund (IMF) initiative supported by a multi-donor trust fund, which provides technical assistance and capacity building support to countries to help them strengthen their financial sector. 1 The Review is part of the World Bank Program on Consumer Protection and Financial Literacy, which seeks to identify key measures in strengthening financial consumer protection to help build consumer trust in the financial sector —and expand the confidence of households to wisely use financial services. The Reviews are conducted against Good Practices and have been prepared by the World Bank in middle as well as low income countries. For more details and country reports please refer to the following link: http://responsiblefinance.worldbank.org/diagnostic-reviews iv Executive Summary 1. The objective of the Diagnostic Review of Financial Consumer Protection in Nigeria is to assess the legal, regulatory, and institutional framework, industry practices and related new initiatives for financial consumer protection (FCP) applicable to the banking, non-bank financial institution (NBFI) and payment sectors and develop prioritized and tailored recommendations aimed at supporting the Central Bank of Nigeria (CBN) in enhancing the FCP framework and its implementation. The assessment is conducted based on the revised and enhanced World Bank Good Practices for Financial Consumer Protection2 (forthcoming) and covers five topics in each of the above- mentioned sectors: i) legal, regulatory, and supervisory framework; ii) disclosure and sales practices; iii) fair treatment and business conduct; iv) data privacy; and v) dispute resolution mechanisms. A broad variety of stakeholders was consulted for the purposes of this diagnostic review, including government entities and regulators, representatives of the banking, NBFI, and payments sectors and industry associations.3 Finally, the report reflects findings from a World Bank team visit to Nigeria from February 20, 2017 to March 3, 2017 and additional background research. 2. Strengthening and operationalizing a financial consumer protection framework is especially important in a country such as Nigeria that has relatively low levels of financial inclusion and where there is potential for rapid innovation in financial services and their delivery channels. While only 44 percent of adults in Nigeria have an account at a formal financial institution, and only 2.5 percent have a mobile account4, there are rapid innovations in the development, delivery channels and uptake of digital financial services, in addition to expanding traditional financial services. While these innovations are critical for fulfilling financial inclusion objectives, they also add a further degree of complexity and risk for consumers with low levels of financial and technological literacy. It is therefore critical that new products and services are introduced with consumer protection measures integrated and supervised from the outset to promote responsible and sustainable financial inclusion. 3. CBN has already taken an important step towards institutionalizing financial consumer protection with the establishment of a dedicated Consumer Protection Department (CP Department) and development of a high-level Consumer Protection Framework (CP Framework). The CP Framework applies to all financial institutions regulated by CBN and contains high-level provisions supporting nine key consumer protection principles. These principles relate to: i) Legal, Regulatory & Supervisory Structures; ii) Responsible Business Conduct; iii) Disclosure & Transparency; iv) Consumer Financial Education; v) Fair Treatment; vi) Protection of Consumer Assets, Data & Privacy; vii) Complaints Handling & Redress; viii) Competition; and ix) Enforcement. These Principles will need to be supported with more detailed, and clearly binding, Guidelines to ensure their implementation. 2 In the interests of brevity, specific sections of the Good Practices are not cited. Instead reference is made more broadly to international good practice. Details of the current Good Practices, which are under review, are here: http://documents.worldbank.org/curated/en/2012/06/16432567/good-practices-financial-consumer-protection . For country reports see: http://responsiblefinance.worldbank.org/diagnostic-reviews 3 A list of all stakeholders consulted is include in Annex I to this report. 4 The World Bank’s Global Financial Inclusion (Findex) Database (2014). http://www.worldbank.org/en/programs/globalfindex. The EFInA Access to Financial Services in Nigeria 2016 survey shows that 41.6% of adults are financially excluded, which is the lowest figure for Sub-Saharan Africa: http://www.efina.org.ng/assets/A2F/2016/Key-Findings-A2F-2016.pdf : slide 15. v 4. CBN’s CP Department is formally responsible for supervising all financial institutions regulated by CBN in respect to consumer protection matters but given limited capacity, resources, and enforcement powers in practice it focuses primarily on commercial banks. The CP Department also reports to the same Deputy-Governor as the prudential supervisory Departments, which is not a recommended practice because of the potential difficulty in achieving a proper balance between prudential and consumer protection functions. Currently, there are only 9 staff in the Market Conduct Unit (MCU) responsible for consumer protection supervision and 35 staff for dealing with complaints. In practice, this division of currently available staff resources should be reconsidered, with more staff dedicated to the supervision function. The CP Department does not currently have the supervisory strategy, techniques and tools it urgently needs, or the sanction and enforcement powers, to be able to efficiently and effectively operationalize and supervise compliance with the CP Framework and other parts of the legal and regulatory framework, as well as keep abreast of innovations in the financial sector (e.g. non-financial institutions using technology to offer financial services). Given these constraints, currently the CP Department only focuses its supervision activities on commercial banks and does not use a risk – based supervisory methodology. In regards to internal reporting, the CP Department should ideally report to either another relevant Deputy-Governor not responsible for prudential supervision or the Governor, given the different objectives of prudential and consumer protection functions. Having a single Deputy Governor responsible for both consumer protection and prudential regulation makes it harder to resolve situations where both functions need to be considered. For example, if imposing heavy fines on a financial institution because of a breach of a consumer protection requirement might be seen to be detrimental to the reputation and profitability of the financial institution and ultimately its soundness, a supervisor may avoid making a decision in order to minimize the prudential impact. Alternatively, where there is political or public pressure to provide relief to consumers, prudential issues may not be fully considered. Finally, it is critical that the CP Department is well resourced and supported to establish credibility with financial institutions and fulfil its mandate, as well as to avoid a reputational risk to CBN in case its financial consumer protection regulations are not properly enforced. 5. The new high-level CP Framework covers a broad range of consumer protection issues but there are still important consumer protection matters to be addressed and some overlaps to be considered. In particular, the CP Framework is a high-level document which is to be supplemented by detailed, and clearly binding, CBN Guidelines so as to be fully operational. The development of these Guidelines is provided for in the CBN Implementation Plan attached to the final form of the CP Framework. There is also a need to consider the scattered financial consumer protection provisions in the Bank and Other Financial Institutions Act 1991 (BOFIA) and the numerous CBN Frameworks, Guidelines and Circulars which touch on financial consumer protection issues (especially in relation to the payments sector). CBN has also issued a binding Guide to Bank Charges which makes provision for some controls over interest rates5 and fees and charges and has potential to be anti-competitive. The Consumer Protection Council (CPC) Act also contains a few substantive consumer protection provisions. Further, the draft Payment Systems Management Bill (PSM) Bill makes provision for consumer protection regulations to be made in the future. Given its broad and general scope of application the Federal Competition and Consumer Protection (FCCP Bill) includes a proposal to create a complaint handling and redress mechanism applicable to financial services complaints which would 5 For example, Section 1 states that the interest rate on deposits is negotiable except that the minimum interest on savings accounts is 30% of the Monetary Policy Rate; Sections 2.1 and 2.2 of the Guide to Bank Charges state that interest rates on loans and authorized overdrafts are negotiable and interest on unauthorized overdrafts are not permitted. vi duplicate the EDR function currently handled by CBN and the Chartered Institute of Bankers of Nigeria (CIBN) and which in the future is expected to be assumed by the proposed independent Financial Ombudsman. 6. Regarding the institutional mandate for financial consumer protection, there are clearly overlapping mandates, with several institutions responsible for consumer protection in the financial sector and lack of sufficient coordination and consultation. While the CBN is the most capable institution to adequately regulate and supervise financial consumer protection in Nigeria given its institutional focus on the financial sector and related technical capacity, its institutional mandate for financial consumer protection needs to be made explicit and exclusive, in order to eliminate overlaps with other agencies. The relevant CBN mandate is to promote a sound financial system in Nigeria”,6 which is supported by provisions in the BOFIA. The CPC also has explicit consumer protection functions and its mandate is provided by the Consumer Protection Council Act, 1992. In addition, the CIBN has statutory responsibilities relating to ethical standards and professionalism in the banking industry under the Chartered Institute of Bankers of Nigeria Act, 2007. The current institutional overlaps will be further exacerbated when the FCCP Bill is enacted. Under the form of the FCCP Bill at the time of the Review, the new FCCPC will replace the CPC and will have very broad consumer protection functions and powers which will apply to all financial products and services as well as to other goods and services. At the same time, the FCCPC’s broad focus and likely lack of technical capacity to deal with financial sector issues may inhibit its ability to prioritize, adequately regulate and supervise financial consumer protection. Finally, in line with international good practice, financial consumer protection is better regulated and enforced by agencies specialized for financial sector issues. It is accordingly essential that the Bill is amended to contain provisions which exclude financial products and services and make it clear that the FCCP Bill is not intended to affect CBN’s financial consumer protection mandate in any way. 7. While some limited disclosure and transparency requirements exist within the legal and regulatory framework, they are often expressed in very broad terms and lack required detail. There are only very limited requirements for simply expressed, clear disclosures of terms and conditions, interest rates and fees and charges, virtually no requirements for a standardized summary document such as a key facts statement (KFS), or statements of account and only very limited rules concerning advertisements. There are no requirements for disclosure of the total cost of a loan, and while CBN requires disclosure of an Annual Percentage Rate (APR) in an attempt to facilitate disclosure of an effective interest rate, there are no requirements to use and consistently adhere to a prescribed formula to calculate the APR. The lack of specificity in general disclosure requirements is no doubt the reason why observed industry disclosure and transparency practices vary significantly. For example, Mobile Money Operators (MMOs) are only required to provide “adequate” disclosures and the only disclosure requirements in the BOFIA relate to advertisements. In addition, terms, conditions and fees are not always provided before a contract is entered into and are rarely disclosed on websites. Further, transaction fees are not always disclosed in advance (such as the fee for an ATM withdrawal or person-to-person transfers). 8. Although the CP Framework contains useful provisions on fair treatment of consumers, they are general and lack the necessary Guidelines to make them operational; otherwise, there are no regulations with explicit requirements to restrain abusive terms and practices. The CP 6 Central Bank of Nigeria Act, 2007, Section 2(d) vii Framework provisions relate to issues such as unfair terms, responsible lending, product suitability, debt collection, sales promotion and communications with consumers. There are also provisions concerning equitable treatment and non – discrimination. These provisions are all useful, but they are expressed in very general terms and need to be urgently supplemented by detailed Guidelines. Some of the identified issues include: evidence of unfair terms in standard form contracts (such as disclaimers of liability and unilateral change clauses); irresponsible lending practices; abusive debt collection practices; inconsistencies in dealing with mistaken and unauthorized transactions; mandatory insurance bundling without providing a real choice of insurer; taking post-dated cheques as collateral to cover repayments; prepayment fees which may restrain customer mobility; trust account requirements for balances held by MMOs which are not explicit; some payment service providers are not taking clear responsibility for their agents; and only ad hoc industry practices for dealing with mistaken and fraudulent transactions and other unfair practices. 9. Regarding business conduct, some associations already have codes of conduct though compliance is not stringently monitored or enforced. CIBN, for example, has a wide-ranging Code of Conduct in the Nigerian Banking Industry (CCNBI) with important consumer protection provisions in it, but it is not monitored or enforced other than in relation to complaints. The Mortgage Banking Association of Nigeria (MBAN) also has a Code of Conduct and the Association of Non-Bank Microfinance Institutions ANMFIN is developing one to be based on the Smart Campaign Client Protection Principles 7, with the aim of establishing minimum standards for the unregulated sector. However, as with the CIBN Code, it will be important that these Codes are monitored and enforced if they are to be effective, also ensuring that their scope is coordinated and adjusted as other initiatives develop (e.g. in relations to complaints handling which is currently done by a number of institutions). 10. There is no overarching data protection regime, although the privacy of citizens in Nigeria is protected by the Constitution of the Republic of Nigeria, and the CP Framework includes Data Protection as a key Principle. In addition to brief provisions in the CP Framework, there are also fragmented provisions in the CIBN’s Code of Conduct and in aspects of the legal and regulatory framework which apply to agents, payment service providers and mobile money operators. This is a concern given that the volume, variety and velocity of personal data which is being collected and processed for traditional and innovative digital financial services is continuously increasing, with a commensurate rise in confidentiality and security risks. An immediate remedy to address these issues is to develop binding data protection Guidelines under the CP Framework, while in the medium to longer term a comprehensive Data Protection Act should be considered. 11. Finally, clear and consistent requirements for internal dispute resolution (IDR) need to be introduced and enforced and complemented with access to a single and independent external dispute resolution (EDR) mechanism up to a designated threshold. There are only fragmented requirements and a general high-level obligation for banks to have IDR mechanisms, but with limited specifications on the required processes and procedures, beyond strict timelines for complaint resolution. Similar obligations apply to payment service providers. Complaints reach financial institutions via many channels, including call centers, customer service officers, social media, agents and CBN. Industry practices in managing an apparently large volume of complaints vary substantially. Although complaints data is required to be reported to CBN, not all banks are meeting this requirement and data provided is not analyzed. There are multiple, overlapping EDR options at present (CBN, CPC, 7 Available at: http://www.smartcampaign.org/about/smart-microfinance-and-the-client-protection-principles viii CIBN and MBAN) with varying mandates, powers to compel redress, and levels of expertise in financial services. Commercial arbitration clauses are also included in some consumer agreements. Lastly, the Financial Ombudsman Bill previously submitted to Parliament has not been adopted and would need to be re-submitted to Parliament. Importantly, the version of the Bill reviewed by the World Bank team and covered in this report (see Annex III) will require revisions in order to meet international good practices for ombudsman schemes. Once available, the new version of the Bill should be reviewed against these criteria. In conclusion, the considerable volume of financial consumer complaints would be best addressed by requiring financial institutions to have an effective IDR system, monitoring compliance and providing for recourse to an independent Financial Ombudsman for those complaints that remain unresolved, up to a value threshold to be determined taking account of local market considerations and international benchmarks. This means establishing clear internal complaint handling requirements for financial institutions and implementing a robust Financial Ombudsman scheme to provide a singular independent and impartial complaint handling and redress mechanism. Complaint data should also be effectively collected, analyzed, and shared to promote market conduct improvement through feedback, public accountability, and regulatory intervention. 12. A summary of the key recommendations is listed in Table 1 below. These recommendations should be given priority though some may take more time to consider and implement than others. Hence, indicative timeframes (short, medium and long term) and priority level (high, medium, low) have been assigned to each recommendation along with institutional responsibilities. ix Table 1: Key Recommendations SECTOR RECOMMENDATION RESPONISBLE PRIORITY TIMEFRAME8 PARTY INSITUTIONAL MANDATE Cross – Urgent consideration should be given to amending the FCCP Bill so that it does Government of High Short Term Cutting not apply to financial products and services and to make clear that the FCCP Bill Nigeria is not intended to affect CBN’s mandate in any way. Cross – Finalize CBN / CPC MoU on FCP consultation and collaboration arrangements CBN/CPC Medium Short Term Cutting and division of responsibilities. Cross – Provide CBN with an explicit FCP mandate making it clear that CBN’s functions Government of High Medium Term Cutting cover the protection of individual and small business consumers and all types of Nigeria financial products and services. LEGAL AND REGULATORY FRAMEWORK Cross – Implement CP Framework with priority for the development of clearly binding CBN High Short Term Cutting Guidelines covering Disclosure, Fair Treatment and Complaints Handling and Redress (i.e. Internal Dispute Resolution) Cross – Amend Electronic Transactions Bill so it is clear that consumer disclosures can Government of Low Long Term Cutting only be made electronically if the consumer consents (with consumer having an Nigeria “opt out” right for exclusively digital products) and to repeal consumer protection provisions which overlap with the CP Framework (such as those relating to disclosures and consumers’ personal information). Banking Gradually phase out Guide to Bank Charges and introduce limited, binding and CBN High Medium Term and NBFI enforceable controls on anti-competitive fees and charges in line with international Sector good practices (such as unreasonable early repayment or termination fees) and taking into consideration the Nigerian financial sector in the new FCP Guidelines. Banking Develop CP Framework Guidelines for standardized calculation and disclosure of CBN High Short Term and NBFI the Total Cost of Credit (TTC) and for the APR for common credit and savings Sector products (including term deposits and transaction accounts). 8 Short Term (1 year); Medium Term (2 years); Long Term (3 years) x Banking Develop detailed responsible lending standards in CP Framework Guidelines so CBN High Medium Term and NBFI as to require an assessment as to whether a credit product meets the financial needs Sector and capacity of the borrower and can be repaid without substantial hardship. Banking Require unlicensed Non-Bank Microfinance Institutions (NGO-MFIs and Government/CB High Medium Term and NBFI financial cooperatives) to stop unauthorized taking of customer deposits. N/ANMFIN Sector Banking Encourage CIBN, MBAN and ANMFIN to amend their Codes of Conduct to CBN, CIBN, Low Medium Term and NBFI reflect CP Framework and to monitor and enforce compliance and so that the MBAN and Sector Codes require that consumer contracts include an undertaking to comply with the ANMFIN relevant Code. Payments Develop CP Framework Guidelines to cover payments-specific consumer CBN High Short Term Sector protection issues e.g. safeguarding consumer funds, electronic disclosures, liability for agents, mistaken and unauthorized transactions and system security. Payments Develop FCP regulations under Payments Bill covering abovementioned CBN Medium Medium Term Sector payments-specific consumer protection issues, ensure they are flexible enough to cover innovations and make consequential amendments to the CP Framework Guidelines to avoid any overlap. SUPERVISORY ARRANGEMENTS AND ENFORCEMENT Cross – Build MCU resources and capacity so that it can effectively supervise all financial CBN High Short Term Cutting institutions regulated by CBN, including increasing number of staff available to MCU Unit, dedicating staff to work on either supervision or complaints handling (i.e. external dispute resolution), development of financial consumer protection capacity and supervisory tools and manuals and consultation and coordination arrangements with sector – specific supervisory Departments and other agencies. Cross – Develop FCP Supervision Strategy that covers capacity building, tools and CBN High Short Term Cutting techniques, and that is structured, proactive, forward-looking and risk-based with supervisory activities being planned and conducted on a regular basis. Cross – Provide independent reporting line for CP Department so that it either reports to a CBN High Short Term Cutting Deputy Governor other than the one responsible for Financial System Stability or directly to the Governor with a view to avoiding potential conflicts between consumer protection and prudential functions. Banking Amend the BOFIA to (i) give CBN enhanced sanction and enforcement powers Government of High Medium and NBFI (e.g. to require suspension or modification of a product or advertising material and Nigeria Sector to order refunds); and (ii) provide flexibility regarding CBN’s supervisory structure and to remove the inference that only the Banking Supervision Department is authorized to carry out supervisory activities. xi Payments Establish regular consultations between the Payments Department and the CP CBN High Short Term Sector Department on policy and supervisory matters. DISCLOSURE AND TRANSPARENCY Cross – Develop detailed disclosure and sales practice Guidelines under CP Framework CBN High Short Term Cutting covering requirements for e.g. contractual disclosures, Key Facts Statements (KFSs), statements of account and advertising and providing for flexible electronic disclosures. Banking Develop standardized, comparable form of KFS for common credit and savings CBN Medium Short Term and NBFI products. (with credit KFS Sector being highest priority) Payments Develop standardized, comparable form of KFS for common store of value CBN Medium Short Term Sector payments products. FAIR TREATMENT AND BUSINESS CONDUCT Cross – Develop Fair Treatment Guidelines under CP Framework, including to clarify the CBN High Short Term Cutting definition of what constitutes an “unfair term”. These Guidelines should be informed with prior assessment of fair treatment industry practices as part of risk- based supervision starting with analysis of observed market practices (e.g., on unfair terms) and moving to an assessment of how providers put in practice the concept of treating customers fairly. Cross – Introduce staff, agent and intermediary training rules for all regulated FIs so they CBN High Medium Term Cutting understand relevant regulatory obligations, can explain features, risks and prices of products, can assess consumers’ financial needs, objectives and understanding and can advise on consumer recourse options. Cross – Actively supervise banks and MMOs for compliance with the obligation to CBN Medium Medium Term Cutting supervise their agents. Cross – Develop enhanced product suitability and sales practices Guidelines (e.g. CBN Low Medium Term Cutting requiring detailed assessments for complex products and related record keeping and prohibiting harassment of consumers to take up products). Cross – Review incentive arrangements for staff, agents and other intermediaries and CBN Low Long Term Cutting consider need for CP Framework Guidelines e.g. to restrict inappropriate incentives. Banking Review and consider banning the practice of taking post-dated cheques to cover CBN High Short Term and NBFI repayments. Sector xii Banking Prohibit unreasonable account closure fees and procedures which restrict customer CBN High Short Term and NBFI mobility and inhibit competition and consider requirement for FIs to proactively Sector assist customers who wish to close accounts and switch provider. Banking Review current provisions on cooling-off periods and consider application to all CBN High Short Term and NBFI complex, long-term products (e.g. for 14 days) Sector Banking Develop stringent CP Framework Guidelines on debt collection practices CBN Medium Long Term and NBFI including prohibiting abusive debt collection practices such as public shaming and Sector providing practical guidance on acceptable practices (such as time of day for contacts and details of who may be contacted). Banking Require further choice and enhanced disclosures related to bundled insurance CBN Medium Long Term and NBFI products and consider whether mandatory credit-life insurance should be Sector prohibited. Payments Include in Fair Treatment Guidelines under CP Framework minimum liability CBN Medium Medium Term Sector allocation rules for consumer loss from mistaken and unauthorized payments transactions. Payments Require MMO Settlement Account to be a trust account so that funds can only be CBN Medium Long Term Sector used for paying consumers and are protected from third party creditors. PRIVACY AND DATA PROTECTION Cross – Develop detailed data protection Guidelines under CP Framework covering CBN Medium Medium Term Cutting categories of information that can be collected; limits on processing and disclosure of information for e.g. marketing purposes; informed consent requirements; and requirements relating to security; disclosure of privacy policies and use of information for discriminatory purposes. Cross – Consider feasibility of over-arching Data Protection Law covering above issues Government of Medium Long Term Cutting and Big Data issues (such as use of social media data for credit scoring and Nigeria specifying requirements for informed consent). INTERNAL DISPUTE RESOLUTION MECHANISMS Cross – Develop Complaints Handling and Redress (i.e. Internal Dispute Resolution) CBN High Short Term Cutting Guidelines under the CP Framework requiring all FIs to have consistent, transparent frameworks for internal dispute resolution and to make regular reports of complaints data to CBN. Cross – Publish complaints data by FI name and theme on CBN website in reliance on CBN Medium Short Term Cutting provisions to be included in CP Framework Guidelines. Cross – Prioritize CCMS IT development and apply to all regulated FIs. CBN Medium Short Term Cutting EXTERNAL DISPUTE RESOLUTION MECHANISMS xiii Cross – Pending the planned creation of a Financial Ombudsman, designate a single EDR Government of High Short Term Cutting provider (CBN) for retail financial consumer complaints up to a value threshold Nigeria/CBN to be determined by CBN taking account of local market considerations and international benchmarks. Once sufficient capacity is built within CBN to handle higher volumes, all FIs should refer unresolved complaints up to the designated threshold to CBN, and other EDR providers (CIBN, CPC, etc.) should no longer handle complaints below the identified threshold. In the interim, the other EDR providers should report to CBN on key complaint metrics for analysis purposes. Cross – Require financial institutions to refer consumers to designated EDR provider. CBN High Short Term Cutting Cross – Require FIs to publicize EDR option to consumers and the means to contact the CBN Medium Short Term Cutting designated EDR provider. Cross – Engage with industry to address key complaint areas e.g. through industry CBN Medium Short Term Cutting associations such as CIBN, MBAN and AMFIN. Cross – CBN to establish internal flow pathways to share information on complaints. CBN Medium Short Term Cutting Cross – Revise Financial Ombudsman Bill to reflect comments in Annex III and resubmit Government of High Short Term Cutting to National Assembly for adoption. Nigeria Cross – Establish clear terms of reference, governance, operating model, and funding CBN Medium Short Term Cutting structure for Financial Ombudsman scheme. Cross – Implement proposed Financial Ombudsman scheme with appropriate transition CBN Medium Medium Term Cutting period to effectively redirect unresolved FI complaints from CBN to the Financial Ombudsman. Cross – Migrate EDR responsibilities for complaints up to the designated threshold Government of Medium Long Term Cutting to Financial Ombudsman scheme by a date to be established by the Government. Nigeria/CBN xiv Diagnostic Review of Financial Consumer Protection I. Context for Financial Consumer Protection in Nigeria 1. The existence of a sound financial consumer protection framework is fundamental to increasing access to, and usage of, financial services, the quality of those financial services and to supporting financial sector deepening. This is because financial consumer protection is a necessary precursor to building and maintaining trust in the formal financial sector and thus in encouraging sustainable financial inclusion. Trust is particularly important in a country such as Nigeria which has relatively low levels of financial inclusion but a clear commitment to improving those levels through its National Financial Inclusion Strategy 2012 (NFIS). 9 The NFIS recognizes the importance of consumer protection by requiring CBN to “mandate consumer education and protection”.10 Further, consumer protection helps ensure that expanded access benefits consumers and the economy. While increased access can result in significant economic and societal benefits, it can be neutral or even harmful if consumers: (i) cannot exercise their rights as consumers, (ii) cannot select the financial products that suit them best; and (iii) are not protected from mis-selling, fraud and other market abuses. 2. A sound financial consumer protection regime needs to be complemented with prudential regulation and supervision and a stable macroeconomic environment. Prudential requirements are intended to ensure that the financial system remains sound and stable, while the financial promises made by financial institutions are met. Proper supervisory oversight and adequate resources are essential to ensure adherence to these standards. 3. Internationally, there is an increased focus on consumer protection in the financial sector. As shown by the World Bank’s 2013 Global Survey on Financial Consumer Protection 11 a legal framework for financial consumer protection exists in 112 out of the 114 countries surveyed. The most common approach is to have a financial sector – specific consumer protection regulatory framework, as exists in 103 countries (this number is expected to have increased since 2013, with new figures to be released in late 2017). The Global Survey also showed that the number of regulatory agencies with a specific responsibility for financial consumer protection increased from 74 in 2010 to 97 in 2013.12 The overall trend shows that more and more economies, developed and developing, are moving towards having either a separate financial consumer protection regulator13 or a separate independent financial consumer protection unit within the financial sector regulator(s).14 9 The World Bank’s Global Financial Inclusion (Findex) Database (2014) shows that around 44% of adults in Nigeria have an account at a formal financial institution, 27% have a formal savings account, 5% have a loan from a formal financial institution and only 2.5% have a mobile account. This is compared to the Sub-Saharan Africa Region where these figures are 34%, 16%, 6% and 11.5% respectively. http://www.worldbank.org/en/programs/globalfindex 10 Figure 44 page 91 of Nigeria’s National Financial Inclusion Strategy 2012 11 http://responsiblefinance.worldbank.org/~/media/GIAWB/FL/Documents/Publications/CPFL-Global-Survey-114econ- Oversight-2014.pdf 12 Note that this number takes into consideration all possible institutional arrangements: general consumer protection agency, specialized financial consumer protection agency, joint prudential and consumer protection agency (with or without a separate department). 13 See, for example, Australia, South Africa and the United States. 14 See, for example, Armenia, Georgia, Malaysia, Morocco. Mozambique, Peru and the Philippines. 1 4. Financial consumer protection is also important in countries such as Nigeria where there is potential for rapid innovation in financial services and their delivery channels. While these innovations can help fulfil important financial inclusion objectives, they add a further degree of complexity and risk for consumers with low levels of financial and technological literacy. Nigeria is a country where there is great potential for rapid innovations in the development and uptake of digital financial services and the providers, partnerships and delivery channels through which they are provided. This is notwithstanding that the use of mobile money services in Nigeria is relatively low compared to other Sub-Saharan African countries.15 Recent studies on technological innovations in financial services in Nigeria paint a glowing picture of potential growth in digital financial services, due to rapidly growing mobile penetration and smart phone ownership, a lack of constraints from traditional legacy banking systems and a growing population with a strong entrepreneurial spirit.16 Digital financial services already being provided include payments; remittances; peer – to peer lending; online lending and even bitcoin trading. For the future, currently untapped sectors which are anticipated to expand include digital savings, credit and insurance products.17 A recent survey conducted by Price Waterhouse Coopers also suggested that the sectors most likely to be disrupted in the next five years are retail banking and payments, with insurance and asset management also on the “disruption” radar.18 Box 1 below provides a general overview of the current financial sector in Nigeria and the overall legal, regulatory and supervisory arrangements. Box 1: Brief Overview of the Nigerian Financial Sector The Nigerian financial system is comprised of 22 commercial banks, 36 primary mortgage Banks (PMBs), 5 Discount Houses (DHs), 20 Finance Companies (FCs), 2,991 Bureau de Change (BDCs), 5 Merchant Banks, 6 Development Finance Institutions (DFIs), 942 Microfinance Banks, and 1 Non-Interest Bank. The financial system is dominated by the banking sector, which represents 75 percent of the system’s assets. The banking sector’s total assets stood at 32.43 trillion naira as of March 201719, a 2 percent increase compared to 31.68 trillion naira in December 2016. Total assets of Insurance, Pension and Other Financial Institutions sector stood at 5 trillion,20 3.82 trillion21 and 1.81 trillion22 respectively. The Nigerian banks are grouped into three tiers according to their size. Tier 1 is comprised of the five largest banks, representing 58 per cent of banking sector’s total assets, 62 percent in terms of loans & advances to customers, and 91 per cent of time & savings deposits23. The two largest banks, FBN and Zenith, have a similar size and their combined assets amount to more than a quarter of the banking system ’s assets (28 percent), loans & advances (30 percent), and deposits (41 percent). At the end of 2015, commercial bank assets accounted for 18.4 percent of GDP.24 The CBN also oversees the Nigerian payments system pursuant to the Payments System Vision 202025. As of 11 April, 2017, CBN had issued the following licenses: Mobile Money Operators (9 bank led and 14 non-bank led), Payment Terminal Service Providers with Approval – in – Principle (5), Switches / Processors (8), Payments Solution Service Provider (PSSP) (Approval – In – Principle (6), Super-Agents (20 and a Clearing House. The mobile money market in Nigeria is relatively small compared to other Sub-Saharan African countries. The EFInA Access to Financial Services in 15 See Box 1 below. 16 See generally: https://irrationalinnovations.com/nigerian_fintech_landscape_a_growing_opportunity/ 17 See generally: https://www.finextra.com/pressarticle/67524/nigerian-fintech-scene-expands 18 See generally: http://www.pwc.com/ng/en/pdf/nigeria-fintech-report-2017.pdf 19 According to CBN. 20 FSS 2020, data as of 2015. 21 https://www.pwc.com/ng/en/assets/pdf/nigerian-pension-industry-publication-securing-the-future.pdf, data as of 2013 22 FSR Dec 2016. 23 Tier 1 Bank’s Financial Statements. 24 GDP data: http://www.tradingeconomics.com/nigeria/gdp; Banking Sector Assets 2015 data: CBN 25 http://www.cbn.gov.ng/icps2013/papers/NIGERIA_PAYMENTS_SYSTEM_VISION_2020%5Bv2%5D.pdf 2 Nigeria 2016 Survey26 indicated that although 16 percent of the adult population are aware of mobile money services, only 1 percent of them currently use them. Apart from South Africa, Nigeria has the lowest penetration of mobile money in Sub-Saharan Africa. These figures are generally consistent with the World Bank’s Global Findex (2014) figures, which indicated 2.5 percent of adults have a mobile account in Nigeria, compared to 11.5 percent in the Sub-Saharan Africa Region. II. Key Cross Sectoral Issues and Recommendations a) Institutional Mandate Context 5. Institutional arrangements should facilitate the enforcement of financial consumer protection laws and regulations in a consistent, efficient and effective manner. It is especially important that the relevant regulator has the required financial sector skills and expertise as well as the necessary supervisory capacity, tools and resources. There should also be procedures in place for consultation and coordination between all regulators with financial consumer protection functions, as well with industry and consumer associations and any self – regulatory body. 6. The mandate of the relevant consumer protection authority should be clear and there should not be any overlaps or inconsistencies between institutional mandates. Regardless of the institutional arrangements for financial consumer protection, it is important that each relevant regulator has a clear legal mandate to supervise the financial consumer protection legal and regulatory framework and one which does not conflict or overlap with the mandate of other authorities. Although in a few countries responsibility for financial consumer protection lies with a general consumer protection agency, this is not a recommended approach. The reasons usually include limited resources; a lack of finance sector skills and expertise; and the potential for overlap with the role of financial sector regulators. There is, however, no “best practice” on how to structure financial consumer protection institutionally. The appropriate model in any country depends on the country-specific characteristics such as size and structure of the financial system and existing regulatory and supervisory arrangements. 26 http://www.efina.org.ng/our-work/research/access-to-financial-services-in-nigeria-survey/efina-access-to-financial- services-in-nigeria-2016-survey/ and slides 15, 30 and 31 of Key Findings at http://www.efina.org.ng/assets/A2F/2016/Key-Findings-A2F-2016.pdf 3 Box 2: International Examples of Consumer Protection Mandate for Central Banks / Lead Financial Sector Regulators The most appropriate form of financial consumer protection mandate needs to reflect country context and local legal frameworks. However, good practice suggests that the authorities should have an explicit legal mandate for financial consumer protection in relevant sectors. Others rely on an implicit mandate. Regardless of the type of mandate, it is important that any mandate is supported by adequate and unquestionable regulatory, supervisory, monitoring, investigatory, and enforcement powers. Examples of the two types of approach are provided below. Authorities conducting financial consumer protection regulation and supervision on the basis of an implicit mandate: - Mozambique: The Central Bank of Mozambique has established a Consumer Protection Department and is in the process of developing regulations to ensure adequate disclosure and transparency; however, it does not have an explicit mandate. Article 37 of the Organic Law 1/92 establishing the Central Bank of Mozambique, defines very broadly its powers: "to establish guidelines for the operations of these [financial] institutions ". - WAEMU Zone: The Central Bank of the West African Economic and Monetary Union has issued several requirements which cover financial consumer protection issues (including, complaints management requirements, APR formula) and has begun conducting some inspections; however, it does not have an explicit FCP mandate. Its statute, annexed to the West African Economic and Monetary Union Treaty, at Article 9 defines its fundamental functions, to include "ensuring the stability of the banking and financial system of the WAEMU " while Article 10 specifies that "The Bank, in the context of monetary policy, may carry out specific missions or projects that contribute to the improvement of the monetary policy environment, diversification and the strengthening of the WAEMU financial system and technical and professional capacities in the banking and financial sector". Authorities with an explicit financial consumer protection mandate: - Armenia: in Armenia, in 2008 amendments were made to the Law on the Central Bank of Armenia to add “ensure essential conditions for protection of the rights and lawful interests of the financial system consumers”27 to the list of its main objectives. - Australia: Australia is a “twin peaks” country with separate prudential and financial consumer protection regulators. The Australian Securities & Investments Commission (ASIC) is Australia’s corporate, markets and financial services regulator. ASIC’s express functions and powers include “promoting the protection of consumer interests”.28 - France: In France a separate entity, housed within the Bank of France, has been created to supervise (both from a financial consumer protection and prudential perspectives) banks, payment service providers, and other types of credit institutions. Its mandate is explicitly mentioned in the Monetary and Financial Code 29 which provides that such entity is charged with ensuring that all licensed entities within its purview respect financial consumer protection principles stemming out of laws, regulations, code of conduct, and industry practices. It has similar sanction powers for prudential and consumer protection enforcement. - Malaysia: After the creation of a conduct department at Bank Negara Malaysia, the Financial Services Act was modified to ensure that Bank Negara had an appropriate mandate to supervise financial institutions from a consumer protection perspective. Among its powers and responsibilities it was added that Bank Negara Malaysia needs to promote fair, responsible and professional business conduct of financial institutions and strive to protect the rights and interests of consumers of financial services and products.30 The Act makes specific reference to the powers in the Central Bank Act and specifies that in order to achieve its mandate, including ensuring the protection of consumers, Bank Negara Malaysia can use powers contemplated in both acts.31 - Morocco: The law regulating credit institutions32 and the general law on consumer protection measures33 grant the Central Bank (Bank Al-Maghrib) competence in matters regarding financial consumer protection. These relate 27 Law on the Central Bank of the Republic of Armenia of 1996, Article 5, Section 1(f). 28 Australian Securities & Investment Commission Act 2000, Section 12A (3). 29 France, Code Monetaire et Financier, Article 612-1. 30 Malaysia, Financial Services Act 2013, Section 6. 31 Malaysia, Financial Services Act 2013, Section 7. 32 Morocco, Law No. 103-12. 33 Morocco, Law No. 31-08. 4 mainly to the power to regulate on this subject matter and to monitor the implementation of relevant rules by credit institutions. - Peru: While the law on the Superintendence (main financial sector regulator) does not provide for such a mandate, the Consumer Protection Code34 and the complementary law (focusing on financial consumer protection) to the Consumer Protection Code give explicit power to the Superintendence to monitor application of the principles included in the law as well as to develop specialized financial consumer protection rules for financial services and products. - Portugal: In 2008, Banco de Portugal received the mandate for market conduct supervision through an amendment to the Legal Framework of Credit Institutions and Financial Companies. 35 The amendment provides that Bank of Portugal can issue conduct rules for the sectors it supervises and, in order to ensure the application of such rules, it can supervise financial institutions, issue further rules and regulations, as well as issue sanctions in line with the general sanction regime provided for in article 116 of the same Decree Law. - United Kingdom: Following the global financial crisis of 2008, the United Kingdom introduced a twin peaks model under which the market conduct regulator is the Financial Conduct Authority (FCA) and the lead prudential regulator is the Prudential Regulation Authority, which is part of the Bank of England. The FCA objectives include a consumer protection objective of “securing the appropriate degree of protection for consumers.”36 - United States: The Consumer Financial Protection Bureau is the federal agency responsible for financial consumer protection. The statutory purpose of the Bureau is to “seek to implement and, where applicable, enforce Federal consumer financial law consistently for the purpose of ensuring that all consumers have access to markets for consumer financial products and services and that markets for consumer financial products and services are fair, transparent, and competitive.” 37 Key Findings 7. CBN has an implicit, rather than an explicit, consumer protection mandate, which overlaps with that of other agencies. The CBN mandate is provided by section 2(d) of the Central Bank of Nigeria Decree (1991) which states one of the objectives as being to “promote a sound financial system in Nigeria”.38 The BOFIA also provides CBN with express functions and powers in relation to banks and other broadly defined financial institutions (including new types of institutions designated by CBN).39 Pursuant to this mandate, CBN established in 2012 a CP Department which reports to the same Deputy-Governor as the prudential supervision Departments within CBN (as discussed later, there is potential difficulty in achieving a proper balance between prudential and consumer protection functions). The role, capacity and resources of the CP Department is discussed in detail in Section II (c) below. 8. Other government agencies have consumer protection functions. They include the CPC, whose powers under the Consumer Protection Council Act (1992) (CPC Act) apply to all products and services, including financial products and services. The CPC’s consumer protection functions include to provide consumer redress and to conduct public consumer awareness campaigns.40 The CIBN also has statutory responsibilities relating to ethical standards and professionalism in the banking industry41 (see Section II (g) for further detail on CIBN’s Code of Conduct and complaints management functions). Further, there is potential for overlap between CBN’s mandate and consumer protection 34 Peru Consumer Protection Code, Article 81. 35 Portugal, Decree-Law No 1/2008 of 3 January, Article 76. 36 Financial Services and Markets Act, 2000, Section 5. 37 Consumer Financial Protection Act, 2010 (Dodd – Frank Act), Section 1021(a) 38 Central Bank of Nigeria Act, 2007, Section 2(d). 39 Bank and Other Financial Institution Act, 2004, Section 66. 40 Consumer Protection Council Act, 1992, Section 2. 41 Chartered Institute of Bankers of Nigeria Act, 2007, Section 3(d) 5 issues that might arise in the context of the exercise of the National Competition Commission’s (NCC) functions. 9. The current overlaps will be exacerbated when the Federal Competition and Consumer Protection Bill (FCCP Bill) is enacted. It is understood that the Bill has been under development for around 10 years, and has now gone through nearly all the required Parliamentary stages. It is expected to be finalized, and have the President’s approval, by the end of 2017. The FCCPC will replace the CPC, and have very broad consumer protection functions and powers which will apply to all products and services (including financial products and services).42 Further, the FCCP Bill makes it clear the Bill will prevail over sector – specific legislation and the FCCP will have precedence over any other government agency (which would presumably include CBN). 43 Ideally there would be only one regulator responsible for financial consumer protection, and it is considered that this should be CBN. This is because of the CBN’s critically important financial sector mandate (including to “promote a sound financial system”) and given CBN’s financial sector expertise, and the desirability of minimizing the confusion and inefficiencies with having two regulators responsible for different aspects of the financial sector. Importantly, the linkages between consumer protection and financial stability are widely acknowledged, which is another reason for CBN having sole responsibility for this role. Further, it is uncommon, and not in line with international guidance, 44 for a general consumer protection regulator to have sole responsibility for financial consumer protection. The World Bank’s Global Survey on Consumer Protection and Financial Literacy (2014) showed that there are only 4/114 countries where this is the case.45 10. The agencies with responsibilities for financial consumer protection could improve their level of collaboration and coordination. The CBN and CPC are currently negotiating a Memorandum of Understanding (MoU) covering their overlapping functions, which is to be encouraged. It is also understood that CBN and the NCC have regular communications and have established working groups for specific purposes (for example, relating to mobile money services). Recommendations 11. It is recommended that urgent consideration be given to amending the FCCP Bill so that it does not apply to financial products and services and to make clear that the FCCP Bill is not intended to affect CBN’s mandate in any way. It is strongly recommended that CBN, rather than the new FCCPC, should have responsibility for the regulation and supervision of consumer protection matters in the financial sector. This would avoid any concerns about limiting CBN’s mandate and would also make best use of CBN’s financial sector expertise and minimize the risk of overlapping mandates and regulatory frameworks, with all the resulting inefficiencies and confusion for industry and consumers. 12. Regardless of whether the FCCP Bill is amended as proposed, it is recommended to sign an MOU between CBN and CPC (and the FCCPC when it is established) establishing regular 42 Draft Federal Competition and Consumer Protection Bill, Clause 17. 43 Draft Federal Competition and Consumer Protection Bill, Clause 106 (2). 44 See for example: G20 High-Level Principles on Financial Consumer Protection. 45 Global Consumer Protection and Financial Literacy, 2014, available at: https://openknowledge.worldbank.org/handle/10986/18978 6 formal consultation and collaboration arrangements. The MoU should clearly state the respective functions of the different agencies and provide for regular liaison meetings; consultation on shared policy and regulatory issues; sharing of information on matters of common interest (subject to obligations of confidentiality and security); cooperation in relation to compliance and enforcement matters as necessary; referrals of complaints where appropriate and exchange of information about systemic complaints issues and complaints data. There should also be provision for the establishment of joint task forces on appropriate matters and coordination of operational matters such as on-site supervision visits and relevant media releases. The MoU should be regularly reviewed and amended as necessary from time to time. 13. In the medium term, CBN should be provided with an explicit financial consumer protection mandate. This would require an amendment to the CBN Act. The amendment should make it clear that CBN’s functions include the protection of both individual and small business consumers of all types of financial products and services. This mandate should apply on a “level playing field” basis to all types of entities regulated by CBN i.e. regardless of whether the provider is a formal financial institution (such as a bank) or another form of entity (such as non-financial firm utilizing technology to offer financial services). Legal and Regulatory Framework Context 14. Good practice suggests that either a standalone legal framework for financial consumer protection, or financial consumer protection-specific provisions in the general legal framework, are necessary to effectively address consumer protection issues specific to the financial sector. Although there is no one-size-fits-all approach, and some countries continue to adopt only a general consumer protection law, a standalone financial consumer protection legal framework or specific financial consumer protection provisions in broader laws allow greater flexibility to address issues that are unique to, or affected differently in, the financial sector. This approach also facilitates complementarity with other regulatory measures that typically apply to the financial sector, such as prudential regulation. 15. The legal and regulatory framework should apply to all FIs on a “level playing field” (activities) basis to minimize the risk of regulatory arbitrage and should cover key consumer protection principles. There should be a focus on issues such as transparency and disclosure, business conduct, data protection and recourse mechanisms. Further, there should be provisions addressing issues specific to different types of consumer products. They should include responsible lending requirements for credit products and provisions addressing the risks with payments products such as the need to safeguard customer funds held in e-wallets issued by non-banks and to deal with agent- related risks and unauthorized and mistaken transactions. Key Findings 16. CBN has taken an important step with the issue of the high-level CP Framework. The CP Framework applies to all financial institutions regulated by CBN and documents the roles and 7 responsibilities of the financial institutions, consumers and CBN itself. 46 The consumer protection provisions are based on nine key principles covering: i) Legal, Regulatory & Supervisory Structures; ii) Responsible Business Conduct; iii) Disclosure & Transparency; iv) Consumer Financial Education; v) Fair Treatment; vi) Protection of Consumer Assets, Data & Privacy; vii) Complaints Handling & Redress; viii) Competition; and ix) Enforcement. 17. The CP Framework is a high-level document which needs to be supplemented by detailed, and clearly binding, CBN Guidelines to be fully operational. The CP Framework is expressed to be made pursuant to CBN’s financial stability mandate as well as CBN’s powers under the CBN Act and the BOFIA and provides for sanctions to be imposed by CBN for its breach.47 It is obviously intended that regulated institutions should comply with the CP Framework, but the basis on which it is binding is not obvious. The CBN Act makes express provision for binding "guidelines" to be issued by CBN with penalties for breach and the BOFIA provides that a license can be revoked for a persistent failure to comply with CBN guidelines or directives.48 The term “guidelines” is not defined in either Act and so it is not entirely clear that it would include CBN documents issued as a “Framework”. To avoid any doubt on this issue, and given the need to supplement the Framework with details as to how its Principles should be implemented, the CP Framework should be supplemented by Guidelines which are clearly expressed to be binding as provided for by section 33 of the CBN Act. 18. Beyond the CP Framework, the overall federal legal and regulatory framework for financial consumer protection is fragmented with significant gaps and overlaps. 49 There are scattered financial consumer protection provisions in the BOFIA and CBN has issued numerous Frameworks, Guidelines and Circulars addressing certain financial consumer protection issues relevant to banking, non-bank financial institutions, and payments. The CBN Circular to All Banks and Discount Houses: The Revised Guide to Bank Charges (Guide to Bank Charges)50 sets a mandatory standard for the application of several charges on products and services of Deposit Money Banks (DMB) and makes provision for some controls over interest rates 51 and fees and charges. As noted above, the general-purpose CPC Act also covers all products and services (including financial) and the CIBN Act covers ethical standards and professionalism in the banking sector. Further, the draft PSM Bill makes provision for consumer protection regulations to be made in the future and the Financial Ombudsman Bill is under consideration, though it will require revisions to integrate good practices in this area. 19. There are also industry codes of conduct which are relevant to financial consumer protection. They are discussed further in Section III (a) below. 20. The general purpose FCCP Bill also applies to financial products and services, creating the potential for overlap. The FCCP Bill contains consumer rights provisions of general application 46 Consumer Protection Framework, Preamble and Section 1.2. 47 Consumer Protection Framework, Sections 1.2 and 2.9. 48 Central Bank of Nigeria Act 2007, Section 33 and Banks and Other Financial Institutions Act, Section 60(4) 49 This diagnostic review considers only the legal and regulatory framework of the Federal Republic of Nigeria and not State laws such as those relating to consumer protection, hire – purchase, moneylending and pawnbrokers. 50 Circular, FPR/DIR/GEN/CIR/03/002, Circular to All Banks and Discount Houses: The Revised Guide to Bank Charges. 51 For example, Section 1 states that the interest rate on deposits is negotiable except that the minimum interest on savings accounts is 30% of the Monetary Policy Rate; Sections 2.1 and 2.2 of the Guide to Bank Charges states that interest rates on loans and authorized overdrafts are negotiable and interest on unauthorized overdrafts are not permitted. 8 which appear to apply to services of any type. 52 They cover, for example, provisions relating to disclosure of information in plain and understandable language; disclosure of the price of goods and services; fair dealing; false, misleading and deceptive information, and unfair terms. The proposed new Commission also has complaints and dispute resolution functions.53 21. An overarching gap is the current lack of a law providing for electronic transactions. Such a law can give legal certainty and confidence in electronic transactions, which is important for digital financial inclusion and consumer protection generally. However, there is an Electronic Transaction Bill, 2015 which addresses many of the key issues in this context. They include electronic contracts, disclosures and records. The one obvious gap is that there does not appear to be any requirement for consumer consent before disclosures can be made electronically, or at least a provision which gives a consumer an “opt out” right. 22. The Electronic Transactions Bill contains provisions which overlap with the CP Framework. They include provisions concerning disclosures, cancellation of contracts, a consumer’s personal information and unsolicited messages.54 23. Further details of these laws and subordinate legislation and Codes are discussed in the sector – specific sections of this Report. They are also summarized in Annex II. Recommendations 24. In the short term, the CP Framework should be implemented in a prioritized manner, with the support of detailed Guidelines. Priority should be given to implementation of the recommendations relating to Disclosure, Fair Treatment and Complaints Handling and Redress (i.e. internal dispute resolution) as discussed in Sections II (d), (e) and (g) of this Report. 25. As noted in section II(a) above, it is also recommended that urgent consideration be given to amending the FCCP Bill so that it does not apply to financial products and services. 26. The following longer term recommendations are also made: i. Payments Bill: Payments - specific consumer protection regulations should be developed under the Payments Bill (once enacted). The existing payments – related Frameworks, Guidelines and Circulars would then need to be amended or repealed as necessary. The new regulations may also necessitate consequential amendments to the CP Framework and related Guidelines, depending on the extent to which they cover payments specific consumer protection issues (see Section IV (a)) for the relevant recommendations). ii. Electronic disclosures and contracts: The Electronic Transactions Bill should be amended so it is clear that consumer disclosures can only be made electronically if the consumer consents, with consumers having an “opt out” right for an exclusively digital product. All consumers should have the right to require a paper copy of any contractual or transactional document. Consideration should also be given to deleting consumer protection provisions which overlap with the CP Framework (such as those relating to disclosures). 52 Federal Competition and Consumer Protection Bill, Part XV. See also broad definition of “services” in clause 170. 53 Federal Competition and Consumer Protection Bill, Clauses 17 (h) and 147. 54 Electronic Transaction Bill 2015, Part VII. 9 Supervisory Arrangements and Enforcement Powers Context 27. Good practice suggests it is important to have either a specialized agency for financial consumer protection or a specialized unit within the overall financial sector supervisor. Regardless of the model chosen, it is important that any such agency or unit is independent from the relevant prudential supervision agency or unit, while coordinating and communicating appropriately with each other regarding their respective activities. Each function should also be at a similar hierarchical level. The need for independence is driven by concerns related to a potential conflict of interests between prudential and market conduct/financial consumer protection supervisors. Such a conflict may arise, for example, where measures to protect financial consumers may be detrimental to the profit of a financial institution or could potentially indirectly affect its soundness. 28. The consumer protection regulator’s enforcement powers and tools, and the actions taken against financial institutions by the regulator, should create a credible threat of enforcement. It is especially important that the supervisor has a wide range of civil and administrative enforcement powers, and consumer – protection specific supervisory processes and procedures and tools (such as mystery shopping, customer focus groups and surveys, review of advertising materials and a systematic analysis of customer complaints). Box 3: International Examples of Financial Consumer Protection Supervisory Arrangements and Reporting Lines There is no single model of institutional arrangement for financial consumer protection supervision that is optimal in all countries. Regardless of the model, it is important that there is a balanced allocation of resources between the consumer protection and the prudential supervisory authorities (or respective departments, if these two functions are under the same authority). When a single authority (e.g., a central bank) covers both consumer protection and prudential regulation and supervision, the two functions should be distinct and at similar hierarchical levels, with preferably different reporting lines. Such arrangements would not only help to minimize potential conflicts of interest and unbalanced decision-making and resource allocation, but also allow specialization of staff for greater effectiveness in the long run. Such a structure has been adopted in many countries, of which some examples are provided below: - Armenia: In Armenia, the Consumer Protection Department was initially established as a division within the Financial System Stability and Development Department but later it transitioned into being a separate department. 55 - Australia: Australia is a “twin peaks” country with separate and independent prudential and financial consumer protection regulators. ASIC is Australia’s corporate, markets and financial services regulator. - Brazil: The Central Bank of Brazil, when creating the Conduct Supervision Department in 2013, placed it at the same hierarchical level as the prudential supervision departments. - France: In 2010, in the aftermath of the financial crisis, it was decided that financial sector supervision needed to be reinforced into one “maxi-authority”. Hence, the insurance supervision authority and the banking supervision authority were merged into one single independent institution, housed within Banque de France, the Banking Commission. Within this institution several departments have been created (e.g., on-site inspection, off-site supervision) and a separate department for supervision of conduct of business has also been created. This department is equal in hierarchy to the prudential supervision departments and reports directly to the Secretary General of the Commission.56 55 J. Chien, Establishing a Financial Consumer Protection Supervision Department - Key Observations and Lessons Learned in Five Case Study Countries, 2014. 56 See Organigram, available at https://acpr.banque-france.fr/fileadmin/user_upload/acp/L_ACP/Organisation/201703- Organigramme-acpr-fr.pdf 10 - Georgia: In Georgia, in line with international good practice, a new Consumer Protection Department has been created within the Central Bank of Georgia. To ensure its independence, it was decided that such department should not have the same reporting line as the prudential supervision department. Hence, this new department reports directly to the Governor.57 - Peru: In Peru, a Consumer Protection Unit was created in 2005 as an internal division within a broader unit. When it became more operational, it was then moved to the same hierarchical level as a deputy superintendency the following year. However, it was legally structured as a “unit” and not a deputy superintendency, and therefore lacked the legal protections provided to deputy superintendencies within the Superintendence. 58 Following increasing concerns about conflicts of interests, the Consumer Protection Unit has now become a formal deputy superintendency with the same organizational level and legal protections as other deputy superintendencies. - Portugal: In Portugal, the Banking Conduct Supervision unit was first created within the Banking Supervision Department in 2007. With time, it became important, that the unit had a clear, specific assignment and set of responsibilities separate from prudential supervision. In addition, even though it was within the Banking Supervision Department, to avoid conflicts of interests, the deputy director of the Banking Conduct Supervision unit reported directly to the Vice Governor of the Banco de Portugal, bypassing the director of the Banking Supervision Department and providing the unit with a degree of independence. The unit became an autonomous, stand-alone department in 2011 when the Supervision Department was split into Prudential Supervision and Banking Conduct Supervision.59 - United Kingdom: The United Kingdom’s twin peaks model includes the independent statutory body, FCA.60 - United States: The Consumer Financial Protection Bureau is the federal agency responsible for financial consumer protection and is an independent bureau within the Federal Reserve System.61 Key Findings 29. CBN’s Consumer Protection Department (CP Department) is responsible for supervising all financial institutions in respect to consumer protection matters, but has very limited capacity and resources, especially when compared to other supervisory Departments. The CP Department’s professional staff are divided between the MCU (9 staff), the Complaints Management Unit (CMU) (35 staff) and the Consumer Education / Financial Literacy Unit (8 staff). The balance of the 65 staff members is administrative staff. This allocation means that the CP Department has only 9 staff to supervise all regulated financial services providers in relation to consumer protection matters. In contrast, CBN’s prudential supervisory departments (Banking Supervision; Other Financial Institutions (OFID) and Banking & Payments Systems) have around 700 staff in total. 30. The CP Department reports to the same Deputy-Governor as the prudential supervisory Departments (Financial System Stability), which may lead to difficulty in achieving a proper balance between prudential and consumer protection objectives. Conflicts may arise between the need to protect the safety and soundness of financial institutions and the financial sector generally and the need to protect the interests of consumers. For example, imposing heavy fines on a financial institution because of a breach of a consumer protection requirement might be seen to be detrimental to the reputation and profitability of the financial institution and ultimately its soundness. A separate reporting line to another relevant deputy Governor should be established for the CP Department to facilitate the resolution of any such challenges. The choices would be between the Deputy Governors 57 See Organigram, available at https://www.nbg.gov.ge/uploads/structure/2014/2017/f/struktura_eng.pdf 58 J. Chien, Establishing a Financial Consumer Protection Supervision Department - Key Observations and Lessons Learned in Five Case Study Countries, 2014. 59 J. Chien, Establishing a Financial Consumer Protection Supervision Department - Key Observations and Lessons Learned in Five Case Study Countries, 2013. 60 Financial Services and Markets Act, 2000, Section 5. 61 Consumer Financial Protection Act, 2010 (Dodd – Frank Act), Section 1021(a) 11 for Corporate Services, Operations and Economic Policy. However, the CP Department is not an obvious fit in any of these Departments and there would still be potential challenges in striking a balance between consumer protection objectives and the objectives of these other Departments. In this regard, an alternative would be for the CP Department to report directly to the Governor. 31. The CP Department current allocation of staff between CMU and supervision of DMBs (MCU) should be reconsidered with more staff dedicated to the MCU function. As noted above, there are only 9 staff formally allocated to the MCU and 35 to the CMU. Even though there is some sharing of staff between Units, this allocation of current resources does not seem appropriate as in practice substantially more staff should be dedicated to supervision than complaints handling functions. In this regard some of the staff currently in the CMU could be transferred to the MCU so that the MCU has a staffing level commensurate with its responsibilities. Staff should also be dedicated to work on either MCU supervision or complaints handling (i.e. EDR), with the aim of avoiding overlaps with these two distinct functions. This is notwithstanding that providing an external recourse system for customer complaints is a critical component of a well-functioning financial consumer protection framework. Allocation of further resources to the MCU is especially important given the need to implement the CP Framework and to broaden the scope of supervisory activities beyond DMBs to other forms of CBN regulated entities, including NBFIs and payment service providers (PSPs). 32. The CBN consumer protection supervisory structure and process need to be enhanced to provide for a risk-based, comprehensive and systematic approach. Although the CP Department’s examiners carry out off-site monitoring activities and limited on-site inspections, supervisory activities are not based on structured and formalized processes, tools and techniques or a detailed risk assessment. Further, there is very limited coordination with the prudential supervisory departments (for example, in relation to on-site visits or policy development), and no formal process for sharing of information. There is a clear need to minimize overlaps between Units, improve communication with the prudential supervision departments, build capacity of market conduct examiners and structure supervisory processes so they are consistent, standardized, forward-looking, and risk-based. 33. There is also a need to deepen the CP Department’s expertise in relation to consumer protection supervision. This is especially as some staff have a prudential supervision background. Consumer protection and prudential supervision require different types of supervisory profiles, skills and approaches, with the latter focusing more on quantitative skills and analysis of an institution’s financial soundness, and the former on qualitative skills and assessment of how an institution deals with consumers. As well as having well developed supervisory manuals, there is also a need for staff to use many of the specific tools relevant to this area (such as mystery shopping, customer focus groups and surveys, review of advertising materials and a systematic analysis of customer complaints). These skills, expertise and tools are especially important for MCU staff, whilst also noting the need for relevant staff to have their capacity enhanced in relation to good practice with regard to external complaints resolution schemes (see Section II (g)). 34. There is no systematic collection and analysis of data for consumer protection supervision and no disclosure of information to the public. The MCU should make use of several data sources, such as its own database containing details of complaints received from consumers and complaints reported by financial institutions, in order to undertake its supervisory activities, and inform the public of institution-focused and market-wide analyses. In this context, the CP Department should make use 12 of the complaints data it receives to prepare regular analytical reports for regulatory and supervisory purposes and to disclose information on common complaints issues to the public (see Section II (g)). 35. CBN has limited enforcement powers. Both the CBN Act and the BOFIA make provision for the imposition of fines and terms of imprisonment for a breach. For example, a penalty of up to NGN 2,000,000 can be imposed under the CBN Act for a failure to comply with CBN Guidelines and there is a similar provision in the BOFIA, as well as provision for a license to be suspended. 62 However, these potential penalties and sanctions are insufficient when it comes to financial consumer protection matters. This is because: (i) the penalty amounts are not high enough to be a deterrent; and (ii) CBN needs a broader range of sanction and redress powers for financial consumer protection purposes. 36. The Director of Banking Supervision is the only Director appointed by law to carry out supervisory activities for CBN. The BOFIA provides for a Director of Banking Supervision to be appointed by the Governor, with powers to carry out supervisory duties in respect of banks, other financial institutions and specialized banks. The Director has powers to examine books and to require information and explanations, amongst others. The Governor can also appoint examiners to assist the Director.63 The language of these provisions with regard to the Banking Supervision Department and the functions of its Director has potential to imply limitations to the functions and powers of the CP Department (and other Departments). This is particularly the case with regard to undertaking supervision activities. Recommendations 37. There is a clear need to reconsider the resources and structure of the CP Department, whilst recognizing that consumer protection supervision is at an early stage. CBN should consider the following: i. Increase the number of staff members allocated to the MCU. Even if further staff cannot be hired in the short term, some staff from the CMU might be transferred to the MCU. Further, as recommended below, the CP Department’s resources could be enhanced through formal consultation and coordination arrangements with CBN sector - specific supervisory Departments. In the longer term, further staff should be allocated to the MCU as part of a gradual process to give the MCU the resources it needs as the financial consumer protection legal and regulatory framework is developed and so there is an appropriate balance between consumer protection and prudential supervision. ii. Alter the CP Department’s reporting lines to ensure its independence and to remove any potential for conflicts with prudential supervision concerns. It is considered that the CP Department should either report to a different Deputy Governor (i.e., not the Deputy Governor responsible for Financial System Stability) or directly to the Governor which may be preferable under the circumstances described above. This is the best way to avoid conflicts between prudential and consumer protection supervisory objectives. 38. Also in the short to medium term, it is recommended that a systematic approach for consumer protection supervision be developed and gradually implemented. There is a clear need to develop a consumer protection supervision strategy that covers FCP supervision capacity building, 62 Bank and Other Financial Institutions Act, 2004, sections 51 and 64 and Central Bank of Nigeria Act 2007, section 33. 63 Bank and Other Financial Institutions Act, 2004, Part I Supervision Chapter. 13 tools and techniques, and that is structured, proactive, forward-looking and risk-based with supervisory activities being planned and conducted on a regular basis. The strategy should, at a minimum: i. Provide for a transition period, whilst not delaying unnecessarily a gradual implementation of the new approach. ii. Delineate the supervisory approach, which we recommend being risk-based, in the interests of efficiency and given scarce resources. Both market and firm specific risks should be considered. The supervisory approach, and the related risks, should be evaluated regularly and adjusted accordingly. iii. Establish a periodic supervision action plan that identifies the financial institutions to be supervised within the relevant period, having regard to the identified risk factors and the resources available. iv. Detail the supervisory tools that will be used, such as market monitoring, thematic reviews, institution-based assessments and onsite activities. v. Detail the guides, manuals and worksheets to be developed for the consumer protection supervisors, so that they can act in a standardized, consistent and transparent manner. vi. Set out the consultation and coordination arrangements between the CP Department and CBN sector - specific supervisory Departments, as well as with other agencies (such as the CPC and, in the future, the FCCPC – see Section II (a)). vii. Specify a comprehensive capacity building plan for consumer protection supervisors covering at least the legal and regulatory framework and supervisory tools and techniques. 39. In the medium to long term, CBN should assess its FCP supervisory effectiveness by reference to whether it is able to effectively supervise all financial institutions within its mandate. CBN’s longer term goal should be to ensure that it has over time sufficient staff resources, adequate capacity, and an appropriate supervisory strategy so that it can supervise, not only DMBs, but all financial institutions under its mandate (including NBFIs and PSPs). 40. Formal consultation and coordination arrangements should also be developed between the CP Department and CBN sector-specific supervisory Departments. The supervisory Departments should include Banking Supervision, Other Financial Institutions Supervision and Banking and Payments, with the Financial Policy & Regulation Department also consulted in appropriate cases. The arrangements should provide for both regular and “as needed” meetings and cover at least: close consultation on policy matters of shared interest (such as the Guidelines proposed to be made for the purposes of the CP Framework); shared supervision arrangements (for example, in relation to on-site visits) and sharing of information about complaints, as well as technical support to the CP Department by the prudential supervisory Departments. 41. Finally, in the medium to long term, the supervision and enforcement powers of CBN should be expanded and clarified. It is recommended that: i. It be clarified that CBN has flexibility in deciding how its supervisory resources and internal structure are organized. A related amendment would be to repeal the current BOFIA provisions concerning the Director of Banking Supervision so as to remove the inference that only the Banking Supervision Department is authorized to carry out supervisory activities. ii. Enhance CBN’s sanction and enforcement powers. They should include, at least, powers to require suspension or modification of a product or advertising material and to order refunds to 14 customers (such as for unauthorized fees or underpayment or overcharging of interest).64 The maximum amount of fines should also be revised and increased, so they are a more effective deterrent and reflect more appropriately the seriousness of the relevant breaches. Disclosure and Transparency Context 42. Proportionate disclosure requirements can help foster a more informed consumer marketplace and facilitate financial inclusion. Disclosure requirements should focus both on provision of specific / individualized information at the pre-contractual, contractual and post- contractual stages of a financial institution’s dealings with a consumer and on disclosures in sales and advertising materials. It is, however, important that disclosure requirements are proportionate in the sense of reflecting the risks of the relevant activity, the literacy/capability level of the relevant consumers, and do not impose compliance costs that outweigh their intended benefits. 43. Disclosures can also enable product comparisons and encourage competition. The focus should be on disclosures which reflect key information, are easily understandable and, for pre- contractual disclosures, are comparable between providers. This is especially important for consumers with low levels of financial capability and in relation to innovative financial services (such as mobile money). Access to, and understanding of, information (including through advertising) at the comparison shopping and pre-contractual stages is crucial in informing the decision-making process. Adequate pre-disclosure rules, including in relation to advertising, can also have a positive impact on competition through providing a level playing field for product providers and facilitating product comparisons. Key Findings 44. While some useful disclosure requirements exist within the legal and regulatory framework, these are often expressed in very broad terms and are incomplete. Disclosure requirements can be found in the CP Framework and in sector specific parts of the legal and regulatory framework such as the BOFIA, the Guide to Bank Charges, the Mobile Money Guidelines and other payments – related Frameworks and Guidelines. The sector specific provisions are discussed below. The new CP Framework includes “Disclosure & Transparency” as a key principle and requires all regulated financial institutions to “provide accurate information on financial products and services to consumers at all times to enable them make informed decisions”. 65 This broad requirement is supplemented by general provisions requiring disclosure of terms and conditions, risks, fees, charges and other payments, advertisements, account statements and notices of variation. However even these provisions need to be enhanced by more detailed Guidelines, as provided for in the CP Framework. Somewhat surprisingly, neither the CPC Act nor the FCCP Bill contains specific disclosure requirements, other than the FCCP Bill requirement to display prices.66 64 According to the Monetary, Credit, Foreign Trade and Exchange Policy Guidelines for Fiscal Years 2014/2015, banks must self-report to CBN under payment of interest and other entitlements to consumers and must refund such amounts to consumers within two weeks. CBN has powers to penalize banks that breach such requirements (Article 3.2.5.d). 65 Consumer Protection Framework, Section 2.3. 66 Draft Federal Competition and Consumer Protection Bill, Clause 116. 15 45. There are also only very limited requirements as to the language, format and manner in which the information should be disclosed. The CP Framework requires financial institutions to be “factual and clear” in all communications and that contractual agreements be “precise and clear” and in a legible font size. Information is also required to be communicated in simple language and there is a requirement that technical terms be explained to the customer.67 However, as mentioned above, the CP Framework has not yet been implemented. The CCNBI also contains brief requirements which are discussed in Section III(a) below. The lack of format requirements at present means, for example, that although DBMs and MMOs are obliged to disclose their terms and conditions, fees, and charges at their premises and at their points of sale (POSs), the information may not be clearly displayed or easily legible and may be in a very small font. 46. The lack of specificity in general disclosure requirements is no doubt the reason why observed industry disclosure and transparency practices vary significantly. Nevertheless, most institutions met do provide consumers with a copy of their contract and a fees schedule although the time at which this occurs varies (it may be before the contract is signed, when it is signed or even afterwards). In some cases, standard product terms and conditions and a schedule of fees and charges are also made available online, but this is not always done. In addition, none of the institutions met provides consumers with a standardized pre-contractual disclosure form, to allow them to better understand the key features of the product and compare among different providers. 47. There is no obligation to provide consumers with a standardized summary document/ KFS and none of the institutions met provides one for any type of product. Although the Guide to Bank Charges provides minimum content requirements for contracts and terms and conditions for some products, there is no obligation for any type of financial institution to provide consumers in advance with a standardized summary document/key facts statement highlighting the main features, terms and fees and charges for the given product. The provision of standardized, comparable information will become increasingly important as products become more complex, include additional features and as fee structures also gain in complexity. 48. Most of the consulted institutions provide consumers with a statement either on a regular basis or upon request. Requirements about statements are vague; the CP Framework simply requires that a statement of financial position be provided while the contract subsists.68 The Guide to Bank Charges requires current and savings accounts statements to be provided monthly free of charge.69 The CCNBI also provides that all DMBs need to give a comprehensive statement to customers at regular intervals or as agreed between the parties.70 49. The CP Framework contains useful provisions on advertisements in contrast to the generic provisions in the CPC Act and sectoral requirements. The CPC Act contains general provisions making it an offence to publish a “wrong” advertisement and providing for affected 67 Consumer Protection Framework, Sections 2.3.3 and 2.4.1 (4). 68 Consumer Protection Framework, Section 2.3.1 (8). 69 Circular, FPR/DIR/GEN/CIR/03/002, Circular to All Banks and Discount Houses: The Revised Guide to Bank Charges, Section 11.4. 70 Code of Conduct in the Nigerian Banking Industry, paragraph 3.3. 16 consumers to obtain compensation.71 The BOFIA prohibits any unauthorized person from advertising for the collection of deposits and obliges DMBs to submit any form of advertisement to CBN. The CCNBI also prohibits any signatory from disseminating false or misleading information and provides for sanctions in case of violation. However, the CP Framework has quite detailed provisions on advertisements, which should be implemented as soon as possible. The CP Framework requires advertisements to be “factual and clear”, not misleading, clearly and explicitly state product features, disclose all conditions and not mispresent or exaggerate the benefits of products or services.72 These provisions are expected to address the current practice of focusing on the benefits of the products and services offered in advertisements, without providing adverse information about costs, fees and charges or interest rates. However, their operationalization requires development and enforcement of related Guidelines. 50. Lastly, most financial institutions retain the right to unilaterally change terms and conditions and, while they tend to notify consumers, not all of them provide the right to rescind. Most of the terms and conditions examined include either a general right to change all terms and conditions or at least a right to change fees and charges and, in some cases, the interest rate. In line with the obligations included in the Guide to Bank Charges and the CCNBI,73 it seems that institutions do communicate such changes to consumers through various means. Nevertheless, none of the consulted institutions allow consumer to rescind the contract because of any such change, regardless of whether it was foreseeable at the time of signing the contract. Recommendations 51. In the short term, specific disclosure and sales practice requirements should be mandated through Guidelines issued under the CP Framework. In particular, it is recommended that CBN prioritize development and implementation of: i. Overarching format and manner of disclosure requirements: These provisions should require legibility, simple and clear expression, minimum font and language requirements and allow CBN to prohibit the use of documents which do not meet prescribed requirements; ii. Contractual disclosures: There should be requirements for contractual disclosures of key terms and conditions, interest rates and fees and charges, as well as disclosure of information about key product features and dispute resolution mechanisms. These disclosures would be in addition to the KFSs discussed below. There should also be a requirement to give the consumer a copy of the signed contract. If agreed to by the consumer, these disclosures should also be able to be made electronically. iii. KFSs: A standardized KFS should be required for each of the most common retail financial products, together with requirements as to the form and content of the KFS, mandatory warnings and assumptions, when and how the KFS is to be provided and how it should be explained to a consumer. The form of each KFS should be consumer tested, as well as discussed with industry, before it is finalized. iv. Statements of account requirements: They should cover the form, content and timing of free periodic statements of account, together with requirements for statements of account balances to be provided on request. 71 Sections 8, 11 and 12. 72 Consumer Protection Framework, Section 2.3.3 73 Code of Conduct in the Nigerian Banking Industry, Paragraph 3.4 17 v. Advertisements: There should be specific requirements as to the form and content of advertisements for common retail financial products (for example, a requirement that if there is any reference to the cost of credit, an advertisement must include a reference to payable fees and charges and an indicative total cost of credit rate). These requirements would be in addition to the general prohibition on misleading and deceptive conduct. vi. Unilateral change provisions: There should be a requirement to the effect that a consumer has a right to terminate a financial services contract if they wish to do so following a unilateral change to its terms and subject to payment of any amount due under the contract at the time. The amount due should be calculated consistently with the CP Framework and any related Guidelines. Fair Treatment and Business Conduct Context 52. A key consumer protection concern is that financial institutions, and their staff and other intermediaries, do not engage in unfair business practices. Specific issues in this context include proper training of agents, retail sales officers and other intermediaries, unfair contract terms, product suitability advice, responsible lending standards, misleading and deceptive advertising and sales practices, customer mobility between financial services provides, fraud and safeguarding of customer’s assets, and debt collection practices. Key Findings 53. Key Principles in the CP Framework relate to Responsible Business Conduct and Fair Treatment of consumers.74 The Responsible Business Conduct Principle is supported by high-level provisions relating to communications with consumers; financial advice; responsible lending; debt collection practices and sales promotion.75 The Fair Treatment Principle is enhanced by provisions dealing with access to finance; equitable treatment of consumers; and unfair contract terms. These aspects of the CP Framework are very useful, but they need to be expanded on in the areas discussed below. 54. Beyond what has been included in the CP Framework, there are no specific regulations establishing rules on the fair treatment of consumers and prohibiting unfair terms and conditions. Apart from the CP Framework, there are no regulations which explicitly make void unfair terms and conditions or abusive contract clauses and neither CBN nor industry associations consider consumer contracts to identify unfair or abusive clauses in a systematic manner or as part of ongoing supervision. This is a significant gap given the apparent prevalence of unfair terms (see Section IV(d), for examples). However, the CP Framework states that “contract terms must not undermine the rights of consumers giving FIs undue advantage”76 The Framework also contains further provisions which make “null and void ab initio” unfair terms and conditions. The CP Framework states that contract terms will be considered as unfair “where there is a significant imbalance in one party’s rights and 74 Consumer Protection Framework, Section 2. 75 Consumer Protection Framework, Section 2.2. 76 Consumer Protection Framework, Section 2.5. 18 obligations to the detriment of the other”. 77 A non-exhaustive list of examples is then provided. They include (in summary) clauses which: i. Limit an FI’s liability for total or partial non-performance of contractual obligations; ii. Exclude the liability of the FI for negligence; iii. Bind a consumer while the corresponding obligation on the FI is conditional; iv. Allow the FI to terminate the agreement or alter clauses without reasonable notice to the consumer; v. Limit the FI’s liability for the actions or commitments undertaken by their agents; vi. Give the FI the ability to transfer their contractual rights and obligations under the contract to the detriment of the consumer, without the consumer’s consent; and vii. Exclude or limit the consumer’s right to take legal action. 55. There are no regulations specifically prohibiting mis-selling and aggressive sales and no product suitability requirements, other than the provisions in the CP Framework. The CP Framework contains useful, but broad brush, provisions on the need for FIs to act in the best interests of consumers; to assess the suitability of a product for a consumer having regard to their needs and the consumer’s capacity to fulfil the terms and conditions; and to provide appropriate financial advice. There is also a helpful provision where CBN states that it will use appropriate mechanisms (such as mystery shopping) to monitor compliance with these provisions. 78 Further, there is a high-level provision requiring sales promotions to be conducted professionally and ethically and in a way which is not misleading.79 There are reports of aggressive sales practices for loans in Nigeria, which highlights the importance of these provisions. 56. Similarly, there are few rules on disclosure and management of conflicts of interests and it is unclear what internal institutional policies there are in this regard. While the CCNBI provides for an obligation to disclose all conflicts of interests at the earliest opportunity,80 it does not state how the disclosure should be made, the extent of the information to be disclosed or whether “earliest opportunity” means before the contract is signed (which it should). CCNBI also helpfully requires upfront disclosure of commissions.81 However it is unclear whether this obligation is respected or not. In a more general manner sectorial acts provide for rules regarding conflicts of interest for managers.82 57. There are no regulations requiring cooling off rights other than the seven-day cooling off period for loan contracts referred to in the Guide to Bank Charges. Such cooling off requirements allow consumers a limited time to withdraw from contracts for financial products and services and usually specify if any fees and charges are warranted. They can help consumers deal with the consequences of high pressure selling and mis-selling, as well as give them time to consider contracts for financial services which are becoming increasingly complex and may have long term implications. Although financial service providers may comply with the simple requirement in the Guide to Bank Charges (allowing consumers to rescind loan contracts within seven days from the date of execution 77 Consumer Protection Framework, Section 2.5.3. 78 Consumer Protection Framework, Section 2.2.2. 79 Consumer Protection Framework, Section 2.2.5. 80 Code of Conduct in the Nigerian Banking Industry, Paragraph 1.3. 81 Code of Conduct in the Nigerian Banking Industry, Paragraph 3.1. 82 Bank and Other Financial Institutions Act, 2004, Section 18. 19 but without specifying if any fees and charges may be payable), they do not otherwise seem to allow such rights to be exercised, even for more complex longer term products. 58. There are no regulations dealing with customer mobility, other than a prohibition on account closing fees in the Guide to Bank Charges. This is a concern as charging relatively high pre- payment fees seems to be common practice. The ability of consumers to move between providers can assist in improving competition and lowering the cost of financial products and services. The Guide to Bank Charges also usefully states that there should not be any fee charged for closure of a savings or current account. However, good practice suggests there should be express provisions which provide for early prepayment and termination rights on credit contracts and the right to terminate any other form of credit, savings or payments product. 59. Although (mostly larger) FIs appear to have staff training programs and appropriate compensation schemes, there are only minimum mandated requirements. The CCNBI requires members to provide guidelines to ensure their staff act ethically and professionally.83 The BOFIA also imposes requirements and limits for the appointment and training of management and staff, requiring segregation of duties and internal controls to ensure compliance with regulations and internal policies.84 The Agent Banking Guidelines have more specific provisions relating to the training of agents. 85 Generally major financial institutions met claim to have internal policies in place guaranteeing that staff are appropriately trained and providing incentives for them to take into consideration consumer protection related issues in undertaking their functions (e.g. compensation based not only on sales volume but also on qualitative indicators). Recommendations 60. There should be a specific regulatory and supervisory focus on unfair terms in standard form contracts. New Guidelines issued for the purposes of the CP Framework provisions on unfair terms should: clarify the definition of what is an “unfair term” (for example, by reference as to whether the term is not reasonably necessary to protect the legitimate interests of the relevant party); cover the question as to whether the unfair terms provisions only apply to standard form contracts which are not subject to negotiation; provide further examples of terms which are always considered to be unfair; clarify whether any terms cannot be considered unfair (such as pricing terms); provide recourse options for consumers whose contracts contain unfair terms; set out sanctions for use of unfair terms and provide CBN with power to require institutions to cease using standard form contracts with unfair terms. Before finalizing the Guidelines, CBN should review a broad sample of product terms and conditions with a view to assessing the type and prevalence of unfair terms. Review of standard terms and conditions for unfair terms should also be part of the ongoing risk – based supervisory process and as part of any product approval process. However, it is not considered that CBN should always “approve” the terms of new products and services, or review all current standard form contracts. This is because of CBN’s resource constraints, the possibility that this would be seen as implicit approval of the product by CBN and given the desirability of not stifling innovation and with a view to not causing market distortions. 83 Code of Conduct in the Nigerian Banking Industry, Paragraph 3.1 (c). 84 Bank and Other Financial Institutions Act, 2004, Sections 31 and 48. 85 The Guidelines for the Regulation of Agent Banking Relationships in Nigeria, 2013, Section 6.1 (vii). 20 61. As part of its risk-based approach to supervision, the CP Department should assess the business practices of relevant institutions with a view to assessing the extent to which they comply with the Fair Treatment Principle and related Guidelines. The CP Department could gradually incorporate this topic into its future risk – based supervisory process, starting with analyses of observed market practices (e.g., cross-sector thematic reviews and analyses of complaints data reported by financial institutions) and moving to an assessment of how providers put in practice the concept of treating customers fairly. 62. All CBN regulated institutions should be required to periodically train all the staff, agents and other intermediaries that deal with consumers. The training should, in particular, ensure that staff and other intermediaries dealing with consumers: (i) understand relevant regulatory obligations (especially the CP Framework provisions relevant to their responsibilities); (ii) have updated knowledge about products and can clearly explain their features, risks and prices to consumers; (iii) appropriately assess consumers’ financial needs, objectives and understanding for product suitability requirements; and (iv) have adequate knowledge of internal procedures (especially concerning complaint resolution). 63. In the longer run, the CP Department should seek a broader understanding of corporate incentives (e.g., financial and other) for staff (including senior management), agents and other intermediaries that could give rise to inappropriate conflicts of interest or incentives for mis- selling. Guidelines providing further detail on these requirements would be helpful. 64. The CP Framework rules on sales practices and product suitability should be supplemented by more specific provisions. For example, there could be further provisions prohibiting harassment of consumers to take up a financial product or service and restrictions on providing unsolicited credit cards or offers of credit. It is also important to ensure that the new standards result in appropriately detailed analysis of product suitability being undertaken, and that records are retained for lengthy periods to enable the details of the analysis to be available to identify mis-selling and for dispute handling. There should also be clarification as to how the financial advice provisions are to work in a mobile / Internet based environment where there is no face to face contact and including where automated financial product advice is provided without any human intervention (“robo – advice”).86 65. Consideration should be given to mandating a specific cooling-off period (e.g. for 14 days) for more complex financial products (such as those with a long-term savings or investment component). It is, however, recognized that there may be a need for some qualifications to an automatic right of cooling off. For example, there could be a right to retain reasonable administrative fees relating to the cancellation of the contract or for the application for the facility. Further, an FI should be able to recover any loss arising from an early withdrawal of a fixed rate term deposit, or early termination of a credit contract, where the loss arises because of a difference in interest rates. 66. Fees and practices which inhibit customer mobility should also be regulated. In particular, unreasonable termination fees and penalties and burdensome operational procedures for account closure requirements should be prohibited. Consideration should also be given to requiring financial institutions to proactively assist customers who wish to close accounts and switch providers (for 86 For an example of a regulatory approach to “robo – advice” see the Australian Securities & Investment Commission Regulatory Guide 255 Providing Digital Financial Product Advice to Retail Clients, August 2016. 21 example, by assisting with the transfer of direct debit arrangements and providing pay-out figures). However, as with the exercise of cooling – off rights, an FI should be able to recover any direct loss arising from an early repayment or termination of an agreement. Privacy and Data Protection Context 67. FIs are major collectors and users of personal information that should be appropriately protected. FIs collect a variety of personal information about consumers and related parties, such as contact details, dates of birth and other identifiers, account and transaction information, and security identifiers (such as PINs) etc., which can have particularly sensitivity. Further, the volume, variety and velocity of personal data which is being collected and processed for digital financial services (commonly known as the “Big Data” phenomenon) is continuously increasing, with a commensurate rise in confidentiality and security risks, as well as new risks for consumers (such as the use of traditional and new forms of data for discriminatory purposes and unfair price segmentation). Another consideration is the new distribution channels and partnerships being developed for digital financial services, which mean an ever-increasing range of actors may access the personal information of financial consumers. Against this background, it is critical that such information is safeguarded and used and disclosed for purposes, and in circumstances, about which the consumer is aware and to which they have agreed, or which are otherwise appropriately permitted by law. Financial institutions should therefore be required to have policies and procedures in place to protect personal information, with accountability for compliance. Key Findings 68. The privacy of citizens in Nigeria is protected by the Constitution of the Republic of Nigeria, however there is no overarching data protection regime. The Constitution protects the privacy of citizens, their homes, correspondence, telephone conversations and telegraphic communications.87 Other than this constitutional provision, there are no overarching data protection rules regulating the collection, retention, use and sharing of personal information customers’ data. 69. The CP Framework contains useful high-level requirements on data protection88 , which need further specification to be effectively implemented. The protection of “Consumer Assets, Data and Privacy” is a key principle under the CP Framework, which also requires that: (i) appropriate measures be established to guarantee protection of consumer assets and privacy; (ii) disclosures to third parties not be made without consent or as required by law; (iii) specified consumer information be protected at all times; and (iv) adequate controls be put in place to prevent unauthorized access. There is also a specific requirement that CBN establish Guidelines to safeguard consumer assets and privacy against unauthorized access. 70. There are also confidentiality obligations in the CCNBI. They cover issues such as: (i) the disclosure of a customer’s business information; (ii) sanctions for misuse of information; and (iii) 87 Constitution of the Federal Republic of Nigeria, Section 37. 88 Consumer Protection Framework, Sections 2 and 2.6. 22 importantly, the strict duty of confidentiality that applies to customer information. 89 However, as noted above, the CCNBI is not actively monitored or enforced. 71. Fragmented and high-level data privacy provisions also apply to agents, PSPs and MMOs. These are briefly described in Section IV(e) below. However, as with the CP Framework, there is none of the detail that is normally found in overarching data protection laws and the provisions only apply in limited circumstances. 72. The Electronic Transactions Bill also contains provisions concerning consumers’ personal information and data protection. They include provisions concerning the collection, use and disclosure of collection of information, privacy policies and access and review rights as well as broader provisions concerning automated processing of personal data.90 Recommendations 73. In the medium term it is recommended that Guidelines be developed for the purposes of providing details of the data protection high-level principles in the CP Framework. Ideally the Guidelines would apply to all regulated financial services providers and would contain requirements relating to (at least): (i) the categories of information which can be collected and processed by an FI; (ii) limitations on processing and disclosure of personal information for purposes beyond the primary purpose of collection (such as marketing); (iii) when consumer consent is required for the collection, processing and disclosure of personal information and any requirements as to the form of consent; (iv) access and correction rights; (v) security standards; and (vi) requirements for disclosure of an FI’s privacy policy; and (vii) a prohibition on using personal information for discriminatory purposes. 74. The Electronic Transaction Bill should be reviewed and any overlap in the data protection provisions with the CP Framework and any proposed Guidelines should be removed. 75. In the long term, the Government of Nigeria (GoN) might consider the feasibility of adopting an overarching data protection regime. Such a regime should cover the above issues, as well as specific provisions: (i) considered necessary for sectors other than the financial sector (such as the health sector); (ii) to reflect “Big Data” developments in the collection and analysis of personal information; and (iii) to repeal and amend as necessary those aspects of the current legal and regulatory framework covering privacy and data protection issues. Dispute Resolution Mechanisms Context 76. Effective consumer redress through IDR and EDR mechanisms is an essential element of an effective financial consumer protection framework. Such systems should be transparent, accessible and ideally free to the consumer. Effective redress assists in ensuring that substantive consumer protection measures are themselves effective (such as by resulting in mitigation and in compensation where appropriate and bringing about changes in behavior and industry practice). Once 89 Code of Conduct in the Nigerian Banking Industry, Paragraphs 1.2, 2.4 and 3.7 90 Electronic Transaction Bill 2015, Part 4 and section 35. 23 financial institutions’ IDR systems mature, ideally most financial consumer complaints would be successfully resolved without the need for recourse to an EDR scheme. Nevertheless, there remains a need for an independent EDR scheme for those complaints that are not resolved through the IDR system. Hence, it is important to address both IDR and EDR as interrelated elements of an effective end-to-end dispute resolution framework for financial consumer complaints. (i) Internal Dispute Resolution Mechanisms Key Findings 77. Requirements governing FI internal handling of consumer complaints are inconsistent and found in various instruments applicable to different financial sectors. While the CP Framework covers complaints handling and redress at a high level, more specific fragmented requirements were found in several places including: 2011 CBN Help Desk Circular; various CBN guidelines issued with regard to mobile money services, agent banking, electronic payment channels and other guidelines; the Banking Code of Conduct; the Guidelines for Agent Banking; and the Circular on Extension for Timeline on Resolution – Excess Charges (2014). 78. FIs in the banking sector report a high volume of retail consumer complaints being handled by their internal processes while NBFIs and payment service providers report dealing with relatively few complaints. Given the lack of transparency of NBFIs’ and payment systems providers’ complaint handling processes and complaint volumes, it is unclear whether there are significant numbers of unresolved and/or unreported consumer complaints. 79. Internal systems for complaints handling by FIs are inconsistent ranging from excellent to virtually non-existent. In general, retail banks were found to have significantly more robust internal complaint handling capability than NBFIs and payment system providers. Some retail banks demonstrated capabilities appearing to be at or near world-class for their size and scope of operation. 80. Consumer complaints reach the FIs via numerous channels including referrals from regulator intermediaries such as CIBN, CPC, and CBN. The range of channels reported in use may be indicative of insufficient clarity of consumer guidance regarding complaint handling and/or a lack of consumer trust in FIs or their internal complaint handling processes prompting premature consumer recourse to regulators. The fragmented consumer pathways to FIs’ internal complaint handling contribute to consumer confusion and demonstrate the value of clear consumer guidance regarding IDR options and guidance on how to bring a complaint. They also demonstrate the potential value, both in terms of process clarity and efficiency, of a single point of contact for EDR to redirect the consumer to the correct FI contact to enable the internal complaints handling process to attempt resolution. 81. Common complaints reported by FIs are broadly consistent with the experience of other jurisdictions and include ATM cash dispense disputes, claims of unauthorized transactions, and network service issues. Many of the complaints regarding ATM cash dispensing and network service issues stem from the telecommunication and electricity network infrastructure challenges facing the industry. The strategic emphasis on remote channels, particularly electronic banking and payments through personal technology, are reflected in the complaint themes observed. 24 82. The CCMS platform that links FIs with CBN to report customer complaints is not yet fully implemented and, at present, is only in use by the deposit money banks. Complaints from other FIs are not being consistently captured by CBN. The result of this fragmented approach is a greatly reduced ability to hold FIs accountable for their adherence to complaint handling requirements. The fragmentation also limits CBN’s ability to easily and efficiently conduct timely analysis of complaint volumes, issues and trends to inform market conduct, supervision and enforcement. 83. Not all banks appeared to be publicly disclosing complaint data in abridged financial reports published in newspaper as required by CBN, although CBN has advised that they all disclosed the required data in their full financial statements91. It is unclear whether the reason for the non-compliance in relation to the abridged statements is due to a lack of internal capability to easily report or simply that the non-compliance has not yet been flagged as a priority by CBN to compel consistent and regular adherence by the banks. The reduced public disclosure in newspapers limits the ability of individual consumers and other public stakeholders like the media, consumer groups, and legislators from easily identifying institutions generating specific customer complaint issues. This also reduces the market pressure on banks to prioritize internal investment to reduce complaint-generating issues whether they be policy, procedure, systems, or staff-related. Recommendations 84. In the short term it is recommended that CBN develop clear, detailed and consistent complaints handling and redress guidelines (i.e. IDR) under the CP Framework which are applicable to all FIs. This will prompt capacity building and begin to instill a culture of internal complaint handling within FIs who are not already effectively managing this important function. As most consumer complaints should be resolved by FIs themselves, increased internal capability will likely reduce the load on CBN’s CMU in the short term. Having consistent expectations across all FIs will reduce complexity, potential for consumer confusion, and will facilitate regulatory supervision of FI compliance with complaints handling guidelines. 85. In the short term, it is recommended that CBN consider publishing customer complaint data by FI name and complaint theme on the CBN website. This will promote internal FI attention to resolving complaint issues and will empower individual consumer choice as well as assist other stakeholders to hold FIs accountable for service issues. 86. In the short term, it is also recommended that CBN prioritize CCMS IT development to complete the platform for FI online complaint reporting and extend the online reporting requirement to all regulated FIs. The CCMS system, once completed, will greatly facilitate the collection and analysis of FI internal complaint data. The extension of the reporting requirement to non- banks will further leverage this system to replace manual reporting or to create visibility to FI complaint volumes and complaint thematic information. (ii) External Dispute Resolution Mechanisms Key Findings 91 It is understood that these details must be in both the full financial statements and in abridged financial reports published in newspapers. 25 87. The courts in Nigeria are not considered an effective alternative to resolve consumer disputes that cannot be resolved with their FI. The requirement for counsel, cost, time, complexity and intimidation factors all mitigate against the ability to practically bring a retail consumer complaint to the courts for resolution. The geographic size of Nigeria and the distances to be travelled by financial consumers to access the courts are another consideration which limits access to effective dispute resolution. 88. There are multiple EDR options already in place for financial consumers with different mandates, powers to compel redress, and levels of expertise in financial services. The bodies currently active in EDR for financial consumer complaints include CIBN, MBAN, CPC, CBN, and for larger disputes, arbitration through local arbitration services or individual arbitrators. This range of options creates confusion for financial consumers, promotes possible arbitrage by FIs preferring specific EDR options, and creates inconsistent results for consumers in terms of both process and outcome. 89. CBN is seen by FIs as having the appropriate industry knowledge for financial complaint handling in comparison to CPC. Given the complexity of financial services and the broad range of products and services involved in financial consumer complaints, specialist knowledge and a good understanding of industry processes, policies, and procedures is critical to effective complaint investigation and resolution. Industry expressed a strong preference for a singular specialist EDR provider for financial services complaints. 90. Mandatory arbitration clauses in some consumer agreements with FIs could divert complaints inadvertently away from the chosen EDR solution. Mandatory arbitration clauses commonly found in commercial agreements were observed in some retail consumer agreements. Such clauses are generally viewed as restricting consumer access to redress. 91. Some ATM cash dispense complaints present unique challenges as they can involve more than one FI. Where the customer uses his or her access card at an ATM provided by another bank, a resulting problem can give rise to a complaint against either the customer’s own bank or the bank owner of the ATM. In some cases, it is not initially apparent which FI is responsible for the problem. This requires a process that can flexibly handle such complexity and compel cooperation from various financial sector parties with the complaint handling process. 92. While the initiative to establish the Financial Ombudsman is a welcome development, the Financial Ombudsman Bill, as drafted, is inconsistent with good practice for EDR structure and design in several important respects. There is insufficient independent oversight and protection of the critical independence of the Financial Ombudsman function. An independent board of directors appointed by the Minister, on the recommendation of an independent panel, would lend credibility and independence to the mandate which must function in a contentious space between industry and consumers. There is need for clarity of the scope of the proposed Financial Ombudsman mandate in terms of the type of FIs subject to the mandate and the nature of eligible complainants (e.g., retail consumers, microenterprises, charities?). Some proposed elements in the draft legislation suggest a legalistic approach including appearance before the office, precedence and appeal. This is not consistent with international good practice which tends to favor a fairness and reasonability test in the 26 circumstances of the individual case, not bound by precedent and informal in process to ensure accessibility. Finally, in order to effectively perform its mandate, the Financial Ombudsman must have the ability to compel the production of material and be able to compel witnesses to provide information. Recommendations 93. In the short term, pending the creation of the planned Financial Ombudsman, the Nigerian Government should designate a single interim EDR provider (CBN) for retail financial consumer complaints up to a designated value threshold. The value threshold should be determined by CBN taking account of local market considerations, international benchmarks and the compensation limit to be established for the planned Financial Ombudsman. Most financial Ombudsman schemes have a defined compensation limit. The rationale underlying this good practice is that lower value complaints warrant an accessible, informal, and non-legalistic approach while higher value complaints can have recourse to the courts, or other quasi-judicial means of resolution, which offer both parties a more formal and legalistic process. 94. All FIs should refer unresolved complaints up to the designated threshold to CBN once the threshold is defined and sufficient capacity is built within CBN to handle higher volumes. Other EDR providers (CIBN, CPC, etc.) could continue during this interim period of CBN capacity building to handle complaints above the threshold with reporting to CBN on key complaint metrics for analysis purposes. CBN would subsequently notify all other EDR providers to refer the complaints below the specific threshold to CBN. 95. In the interim the CBN should require FIs to effectively publicize the availability of EDR and the means to contact the designated EDR office (i.e. CBN). This may include guidelines that set out the timing and content of prescribed disclosure by FIs to ensure that consumers are fully aware of the EDR option when faced with a choice of whether to accept the final decision of an FI’s internal complaint process. The guidelines would need to be revised when the planned Financial Ombudsman is implemented to clarify expectations for FIs to ensure continued effective referrals of unresolved complaints. 96. In the short term, the CBN should engage with the financial industry to address key consumer complaint areas. Early engagement will guide internal complaint handling and identify possible changes to FI policies and procedures which could avoid future complaints being referred to EDR. 97. In the short term, CBN should establish internal information flow pathways to share the business intelligence obtained from complaints with appropriate teams within the regulator responsible for such functions as market conduct regulation, supervision, and enforcement. Complaints can serve as an effective early warning system of market conduct or systemic issues that can guide timely response from the appropriate regulatory teams. There is tremendous insight to be harnessed from analysis of complaints. Development of appropriate pathways for dissemination of this insight within the regulator will maximize the benefits and build an understanding of the utility of complaint information. 98. In the short term, the Government of Nigeria should revise the Financial Ombudsman Bill to align it with international good practice and ensure that key elements such as independence 27 are appropriately included and safeguarded. Comments on the existing Financial Ombudsman Bill with suggested areas for revision are provided in Annex III. 99. In the short term, CBN should establish clear terms of reference, a governance structure, operating model and a funding mechanism for the Financial Ombudsman scheme to support and give greater clarity and specificity to the framework set out in the Financial Ombudsman Bill. The complexity of a financial Ombudsman scheme is best handled through framework legislation that sets the critical high-level parameters while leaving the detail to be set out in more comprehensive and easily adapted terms of reference or similar instruments to enable nimble design and repositioning as required to meet changing market circumstances. 100. In the medium term, the Financial Ombudsman scheme should be implemented with an appropriate transition period to effectively redirect unresolved FI complaints to the Financial Ombudsman. The transition will have to address communication of new complaint referral requirements by FIs, community outreach to announce the change to the public and various stakeholders, and dealing with the current inventory of referred complaints in process with CBN at the point of transition to the new Financial Ombudsman. Once CBN complaint volumes are transitioned to the Financial Ombudsman, this will allow CBN to focus its limited resources on supervision and will avoid any potential for conflicts between CBN’s supervisory role and their previous complaint resolution role. 101. In the long term CBN should migrate all complaints up to the designated value threshold to the Financial Ombudsman scheme. This will complete the transition to a singular EDR provider with financial services expertise and investigative and redress powers set out in law. The Government of Nigeria should set the date by which all EDR shall be migrated. 28 Box 4: Models of Alternative Dispute Resolution Schemes The following are three key examples of types of alternative dispute resolution schemes that have been implemented in other jurisdictions: - Financial ombudsman established by financial services association: Decisions by such an ombudsman may or may not be made binding under legislation but, if they are not, to be effective their findings will be followed by financial institutions as a part of a self-regulation model, such as by financial institutions committing contractually to be bound. In countries such as Germany an industry-based ombudsman structure for each part of the financial sector has proven effective. If taking this approach, where the ombudsman structure is established by the industry, attention should be paid to ensuring that potential conflicts of interest are addressed, as well as providing the scheme with effective powers. Also, consumer mistrust or skepticism regarding impartiality and fairness may need to be addressed (in substance, as well as through appropriate information dissemination). - Statutory independent financial ombudsman: Such an ombudsman would have functions and powers, such as to make binding decisions, established under national laws and its membership would be appointed by a relevant government authority. For example, the UK enacted legislation establishing an independent ombudsman institution, while Armenia legally requires financial institutions to join a central bank-approved ombudsman scheme with binding rules for all member institutions. A single statutory ombudsman would make it easier for consumers to identify to which agency they should submit their inquiries and complaints. This model has the advantage of allowing clearly defined objectives and legal mandate. The independent statutory power makes the existence of effective governance critical to protect the independence and impartiality of the office and maintain the support of key stakeholders. - Complaints handling structures established within the regulatory / supervisory agency: A third model is the establishment of a complaints handling structure within a regulatory and supervisory agency. For example, in the case of Spain there are complaints departments in the three financial sector regulators. While this model has the advantage of leveraging existing institutional arrangements, the challenge is to ensure independence of the function within such a structure, avoid conflicts of interest, allocating sufficient resources (without taking resources away from other supervisory functions, including with regard to consumer protection) and ensuring that the function has sufficient and appropriate powers to deal with individual complaints effectively. III. Key Issues and Recommendations – Banking and NBFIs Legal and Regulatory Framework Context 102. Institutions offering consumer banking products and services should be required to meet certain minimum common consumer protection standards. All financial institutions (such as banks and NBFIs) providing banking products and services (e.g., credit, current accounts, and deposit services including savings) should be subject to legal requirements that establish appropriate minimum standards of protection for consumers (specific standards are discussed in more detail further below). Where protections for consumers of banking products and services are found in multiple laws (e.g. covering different sub-sectors) regulators should ensure they are comprehensive enough to cover all relevant consumer protection issues and harmonize their provisions to the greatest extent possible so that consumers using different types of financial institutions are protected on the basis of similar consumer protection principles as far as appropriate. 103. It is also important for screening and supervisory purposes that all relevant institutions are adequately licensed or authorized. While in most jurisdictions banks must now obtain a license from a prudential regulatory authority prior to commencing operations, in some jurisdictions NBFIs (and non-financial firms) providing retail banking products and services are not required to obtain a license or any other form of authorization from any regulator. Where this is the case, good practice indicates that they should still at least be required to register with the financial consumer protection 29 authority (which may be the same authority). Ideally, in the interests of achieving a level playing field, they should be required to go through licensing procedures that permit a fuller analysis of the NBFI as compared to a mere registration. Such procedures (whether for banks or NBFIs) should allow for appropriate screening of prospective entrants into the financial sector, as well as information gathering to assist ongoing supervision. Key Findings 104. The Guide to Bank Charges is designed to protect consumers in the banking sector, and facilitate financial inclusion, but has potential to be anti-competitive and to provide a disincentive to innovation and development of some banking services. The Guide to Bank Charges regulates several charges for DMB products and services and sets minimum disclosure requirements. It was first issued in 2004, with a revised version being issued in 2013, aiming to reflect developments in the market. The Guide standardizes terminology for fees and charges, and categorizes them mainly as: (i) negotiable or to be agreed, in which parties need to mutually agree on the applicable charge; (ii) not permissible or not to be charged; and (iii) capped or fixed amount fees and charges. The list of fees and charges is not exhaustive, but banks are mandated to request prior approval from CBN for any product, service and charges not covered by the Guide. Concerns about the Guide expressed by stakeholders include: (i) DMBs tend to apply the same fees and charges to basic services, up to the capped amount, undermining competitive initiatives in the banking industry; (ii) the Guide does not reflect current costs, which creates a disincentive to further development of some banking services (such as ATM services); (iii) differences between fees for different types of services encourage DMBs to push customers towards the higher priced service (such as branch transactions, as compared to using an ATMs); and (iv) the Guide creates a potential for regulatory arbitrage as the Guide only applies to DMBs, and no other FIs. Overall, the effect may be anti- competitive and inhibit financial inclusion. 105. The CCNBI, adopted by CIBN and approved by the Bankers’ Committee, contains comprehensive provisions on financial consumer protection matters, although it is not monitored or enforced by CIBN or any other authority in Nigeria. The CCNBI’s overall objective, in summary, is to ensure strict adherence to best banking practice and a strong commitment to ethical and professional standards.92 The CCNBI extends to all banks and Discount Houses in Nigeria, including all executive directors, managers, officers, supervisors and employees. 93 It contains comprehensive provisions on financial consumer protection issues related to disclosure and transparency of information to consumers, confidentiality of customers’ information, and fair treatment and business conduct. Relevant aspects of these provisions are explained in the following parts of this Section. There is provision for sanctions for infringements to be imposed, and CIBN has disciplinary mechanisms and investigating panels it can employ for cases of misconduct. However, the CCNBI is not systematically monitored or enforced, except in relation to provisions the subject of complaints to CIBN (see Section II(g)). 106. MBAN also has a code of conduct and ANMFIN is developing one. MBAN has developed and adopted a code of conduct which contains similar principles to the CCNBI. The MBAN Code is not enforced except in consumers can bring infractions to the attention of the Bankers Committee as MBAN is represented in this body. Further, as explained in this Section III (c), MBAN has also gone 92 Code of Conduct in the Nigerian Banking Industry, Paragraph 1.1. 93 Code of Conduct in the Nigerian Banking Industry, Paragraph 1.2. 30 further and produced standardized offer letters for use by their industry members. ANMFIN is also in the process of adopting a code of conduct, which is to be based on the Smart Campaign Client Protection Principles,94 with the aim of establishing minimum standards for the unregulated sector. 107. All banks must publish in detail penalties they have paid for contraventions of the BOFIA. According to the BOFIA, published financial statements or accounts of a bank must disclose details of the penalties paid for any contravention of the provisions of the Act and of any related Guidelines during the relevant financial year and their auditor’s report must also refer to any such contravention.95 108. NGO-MFIs and financial cooperatives are not licensed by CBN and therefore not authorized to take deposits; however, in practice they seem to be collecting deposits in breach of this restriction. According to BOFIA, to carry out banking business96 in Nigeria, a person must be an incorporated company which is licensed under the Act.97 The term “banking business” is defined to include the business of receiving deposits on a current or savings account “or other similar account”.98 The CBN Act also provides that no person other than a bank or any other authorized institution99 shall issue any advertisement inviting the public to deposit money with it. While both NGO-MFIs and financial cooperatives are allowed to operate as credit institutions under the oversight of relevant Ministries (e.g. ministries not specified in the Revised Microfinance Policy, 2011) they are not allowed to take deposits without being licensed by CBN. In this regard it is critical to enforce the regulation and prevent the NGO-MFIs and financial cooperatives from continuing with this unauthorized practice. Recommendations 109. In the medium term, it is recommended that CBN gradually phases out the Guide to Bank Charges and regulates specific charges in the new guidelines for the reasons stated above. The recommended alternative is to include in Guidelines under the CP Framework limited prohibitions on anti-competitive fees and charges in line with international good practices (such as the unreasonable early repayment or termination fees discussed above) and tailored to the local context. The parts of the Guide relating to Minimum Disclosures in Offer Letters for Credit Facilities / Loans should be covered under Guidelines to be issued under the CP Framework. 110. In the medium term, CBN should encourage CIBN, MBAN and ANMFIN to supervise and enforce their codes of conducts in a systematic way. They should also be encouraged to review, and amend as necessary, their codes so they are consistent with, or impose higher obligations than, the 94 Available at: http://www.smartcampaign.org/about/smart-microfinance-and-the-client-protection-principles 95 Bank and Other Financial Institutions Act, 2004, Section 27 (2). 96 Under the Bank and Other Financial Institution Act, 2004, Section 66, “Banking business” is defined as “the business of receiving deposits on current accounts, savings account or other similar account, paying or collecting cheques, drawn by or paid in customers, provision for finance or such other business as Governor may publish as banking business. ” 97 Bank and Other Financial Institution Act, 2004, Sections 2 and 3. 98 Bank and Other Financial Institution Act, 2004, Section 66 99 Under the Bank and Other Financial Institution Act, 2004, Section 66, “other financial institutions” are defined to include: “any individual, body, association or group of persons; whether corporate or unincorporated, other than the banks licensed under this Act which carries on the business of a discount house finance company and money brokerage and whose principal object include factoring, project financing, equipment leasing, debt administration, fund management,…and such other business as the Bank may from time to time designate.” 31 new CP Framework and so that they require that consumer contracts include an undertaking to comply with the relevant Code. 111. In the medium term, it is recommended that CBN consider options and identifies relevant authorities that could take appropriate action on unauthorized deposit taking practices of NGO- MFIs and financial cooperatives. It is important to address any potential regulatory and legal inconsistency in this regard, given that some of these institutions take deposits, which requires a banking license under BOFIA. The remedial action could be explored with ANMFIN to prevent its members from engaging in illegal deposit taking practices. ANMFIN should also be encouraged to consider replicating the same FCP standards applying to regulated credit providers envisaged under the CP Framework (and related Guidelines) in the medium term. Supervisory Arrangements and Enforcement Powers Context 112. See Section II(c). Key Findings 113. CBN does not currently have a specific consumer protection supervision strategy to cover the large number of MFBs in Nigeria. CBN is responsible for supervising MFBs, which currently number over 900. They are divided into three categories: (i) Unit MFBs, authorized to operate in one location only; (ii) State MFBs, authorized to operate in one state only; and (iii) National MFBs, authorized to operate in more than one state and allowed to open branches and /or cash centers in all states with the prior approval of CBN. Given their large number and potentially remote geographic locations, MFBs pose a consumer protection (as well as prudential) supervisory challenge for CBN, especially as the MCU currently has neither the capacity nor the resources, tools or techniques, to effectively and efficiently supervise these institutions. Recommendations 114. It is recommended that the supervision of MFBs be specifically covered in the CP Department’s new risk – based supervisory strategy. For detailed recommendations see Section II (c). 32 Box 5: Supervisory Publication of Information Disseminating information is important to increase supervisory effectiveness in financial consumer protection, including to provide additional tools for consumers to influence their decision-making. Publicizing information may be even more important for NBFIs and non-financial firms than for banks, as these are more diverse sectors (e.g., more types of institutions offering more types of products, and many new types of players in retail financial services), operating in a fast-changing environment, which makes it difficult for the public to access updated information. Disseminating information can also serve the purpose of facilitating access to information by, and helping in the work of, the financial consumer protection authority’s own staff. Dissemination should be done at least through the authority’s institutional website, although other channels may be used as well (e.g., newspapers). The range, depth, and complexity of information to be published, and the channels and materials used, will depend on the resources available to the authority. For the sake of accountability, the financial consumer protection authority should publish annual reports with a summary of its regulatory, supervisory, and enforcement work. The Banking Conduct Supervision Department of the Bank of Portugal publishes bi-annual reports on conduct supervision, reports on market monitoring, and even has impact evaluation reports on some key regulatory measures. Annual reports may also highlight the performance of financial institutions in complying with the legal and regulatory framework for financial consumer protection. If resources and data availability permit, the financial consumer protection authority may also consider publishing a wealth of additional items, such as: Statistics about consumer complaints against financial institutions; Analytical sectoral reports; Tips for choosing between different products and services; Fees and charges calculators; Warnings about recent scams against consumers; and Comparative information on fees and prices on key products. Examples of tools to facilitate consumer choice and other general descriptions of consumer rights can be found in the web portals of Peru’s Superintendence of Banks, Insurance and Pension Funds, 100 the Malta Financial Services Authority, 101 the Bank of Portugal,102 and many other supervisory authorities. Disclosure and Transparency Context 115. See Section II(d). Key Findings 116. As mentioned in the cross-cutting section, disclosure practices are inconsistent amongst providers, despite some standardization efforts at the industry level. While some DMBs, mortgage banks, and MFBs have adequate disclosure practices and not only provide a copy their terms and conditions in advance but also publish them on their websites for easy consultation from consumers, overall practices are inconsistent. The format and content of terms and conditions vary substantially. There are, however, some initiatives at the industry level to ensure some standardization. For example, MBAN reported standardizing the content and format of their mortgage contracts to facilitate consumers’ comprehension. 117. Some minimum content requirements for credit products exist; however, these do not include key elements like the TTC. The TTC is the cumulative monetary amount a borrower must pay for a loan product, including all interest charges and all fees and charges. Together with the APR, subject to introduction of uniform calculation methodology, (see Section II(d)), it is a useful metric that 100 See for example, http://www.sbs.gob.pe/usuarios 101 See for example, http://mymoneybox.mfsa.com.mt/ 102 See for example, http://clientebancario.bportugal.pt/pt-PT/Paginas/inicio.aspx 33 can be used to compare loan product offers. The Guide to Bank Charges103 provides minimum general content requirements for all credit products and specific requirements for certain types of credit products (consumer loans, mortgage loans, and overdrafts). While these requirements are quite comprehensive and include key elements like repayment schedules, conditions for early repayment, etc., they do not include an obligation for providers to disclose the total nominal cost of the loan/TTC or to clearly state to consumers what upfront fees they must pay or the precise amount they will receive. 118. Although DMB lending rates are required to be annualized, they do not need to be calculated in a standardized way which means they are not comparable. DMBs are obliged to submit to CBN on a weekly basis their average lending and deposit rates for publication by CBN. The rates must also be published on the DMB website. 104 To calculate their average lending rate, banks are also required to annualize their charges, commissions and fees and add them to their base lending rate.105 Such a rate is commonly known as an APR.106 The Guide to Bank Charges also requires credit providers to disclose their APRs. However, there is no prescribed formula to calculate these rates, which means they are not comparable. There is also no requirement to disclose an APR on request. Further, there is no requirement for disclosure of a standardized APR for any type of savings product, including fixed term deposits and transactional savings accounts. 119. All lending institutions met provide a repayment schedule to consumers, but its format and content are not standardized. In line with the existing requirements all lending institutions met provide a repayment schedule to consumers, including a revised one if there is any change in the interest rate and / or other terms and conditions. The lack of any requirement for a standard repayment schedule format means institutions do not provide the same information: some institutions clearly disclose for each repayment the total repayment, the principal, interest rate, and fees and charges to be repaid; others only provide consumers with the total repayment making it harder for them to understanding the remaining principal vs. the remaining interest charges after each repayment. Recommendations 120. The recommendations in Section II(d) should be implemented in relation to all banking products and services. 121. CBN should also develop requirements for the standardized calculation and disclosure of the TTC and for the APR for commonly used credit and savings products (including term deposits and transactional savings accounts). This will assist in ensuring transparency and comparability. A formula should be specified for the APR and both the TTC and the APR should be required to be calculated in accordance with specified assumptions (for example, that there will be no changes made to fees and charges, the borrower will pay on time and as required by the loan contract and, for transaction accounts, that the account will be used in accordance with a specified scenario). These changes should be introduced as part of developing KFS requirements for common retail 103 Circular, FPR/DIR/GEN/CIR/03/002, Circular to All Banks and Discount Houses: The Revised Guide to Bank Charges. 104 Circular, BSD/DIR/GEN/CIR/04/001, January 2010. 105 Circular, BSD/DIR/GEN/CIR/02/019, January 2009. 106 An APR can also be viewed as total cost of credit converted into an annual percentage, or more precisely as a cost of borrowed money (including all interest and fees and charges) expressed in current prices in the form of an annualized percentage rate. 34 products (see Section II(d)). As noted in Section II (d), it will also be necessary to specify the form and content of the KFS, mandatory warnings, when and how the KFS is to be provided and how it should be explained to a consumer. The form of each KFS should be consumer tested, as well as discussed with industry, before it is finalized. Box 6: Key Facts Statement A ‘key facts statement’ (KFS) refers to a standardized , typically one or two-page, document written in easy-to- read print and plain language, that describes key aspects of a financial product. A KFS does not replace the terms and conditions for a financial product or service, but rather is required to be given to a consumer prior to starting a contractual relationship with a financial institution (e.g. opening an account or signing a loan agreement). A KFS should aim to help consumers better understand the key features, terms and conditions of the product or service, and to provide them with useful information in the process of acquiring a financial product, and during the life of the financial product. The standardization of the KFS across providers allows for comparability of offers from different providers of the same type of financial product. The KFS should clearly indicate all, or at least key, fees and charges related to a financial product, and also inform consumers about their basic rights, including the resolution mechanisms available in the event of a complaint. For example, for consumer loans a KFS should include: (1) the total amount of the loan; (2) the amounts of monthly payments; (3) the final maturity of the loan; (4) the total amount of payments to be made; (5) fees, including prepayment and overdue penalty fees, possible taxes for remittances, and any other charges that could be incurred; (6) any required deposits or advance payments; (7) if the interest rate is variable, the basis on which the rate varies; (8) any additional insurance that is required (such as personal mortgage insurance); (9) any prepayment penalty; and (10) if the credit is used to finance a product, the cash price of the product without financing charges. In a jurisdiction lacking such disclosure, KFSs could first be established for basic retail financial products such as personal loans and basic savings accounts, and later for more complex ones like mortgage loans, life insurance policies, and collective investment funds. Development of KFSs should include appropriate consultation and testing with industry and consumer stakeholders. It is also important that KFSs be available at least in the language(s) most spoken in the location where the financial product is offered. Finally, it is important that adequate supervisory mechanisms (e.g., targeted visits, ad-hoc or systematic reviews, mystery shopping) are established to ensure that providers give and explain KFS to their customers at required stages. Several countries have already implemented KFSs and equivalent documents , such as Ghana’s “Pre-Agreement Truth in Lending Disclosure Statement” and Peru’s “Hoja Resumen” (Summary Sheet) for consumer loans; South Africa’s “Pre-Agreement Disclosure” for consumer credit products; Hong Kong’s “Product Key Facts Statement” for unit trusts and mutual funds, investment-linked assurance schemes and unlisted structured investment products, and summary disclosure documents required within the European Union. Fair Treatment and Business Conduct Context 122. A key consumer protection concern is that financial institutions, and their staff and other intermediaries, do not engage in unfair business practices. Specific issues in this context include training of retail sales officers and other intermediaries, product suitability advice, responsible lending standards, misleading and deceptive advertising and sales practices, tying and bundling of different types of financial services and products, unfair contract terms, cooling – off periods and abusive debt collection practices. 35 Key Findings 123. Minimal responsible lending standards are in place, amidst concerns about irresponsible lending practices and aggressive sales techniques. The CP Framework includes high-level provisions which require FIs to carry out “proper” credit worthiness assessments and have structures to prohibit reckless and predatory lending and to provide credit counselling. 107 These provisions need to be supplemented by more detailed Guidelines, given the reports of aggressive lending practices, and the risks of over-indebtedness as access to credit expands. For example, there are concerns about online lenders which negotiate standard loan terms with trade unions and employers to be offered to employees on an unsolicited basis, with repayments taken directly from salaries. Credit assessments are carried out by larger FIs, but the focus seems to be on basic DTI (monthly debt to income) ratios and credit bureau checks rather than the overall affordability of the loan. With the increase in consumer lending and online lending over-indebtedness could become an endemic issue among retail consumers. 124. Debt collection practices are a concern, with only minimal protections from abuse. Debt collection is usually outsourced by lenders (including the commercial banks) to unregulated third-party collectors. There are reports of unethical practices, including complaints about disclosure of outstanding debts in churches, to family and friends and by posting notices on POS terminals. The Delinquent Credit Facilities Circular applies to banks and discount houses and requires that a delinquent debtor be given a three-month grace period and that a bank or discount house is required to “Publish the list of delinquent debtors that remain non-performing in at least three national daily newspapers quarterly (The delinquent debtors are those whose accounts have been classified lost and include the persons, entities, directors, subsidiaries and other related parties).”.108 The CP Framework however helpfully provides that: “Debt collection: financial institutions shall adopt debt recovery processes that are courteous and fair to consumers. Consumers must be proactively engaged and given early notice of outstanding obligations prior to the commencement of debt collection efforts.” There is also provision for CBN to issue Guidelines on ethical debt collection practices.109 125. While bankassurance per se is prohibited, mandatory insurance bundling is not and is common practice. The universal banking model, under which banks can provide a wide variety of financial services, has been prohibited in Nigeria for some time. Recently CBN also regulated issues pertaining to bankassurance, which is only permitted through the referral model.110 “Bankassurance” is defined as “An arrangement in which insurance companies leverage on the customer base of banks to sell insurance products to banks’ customers”.111 It appears to be common practice for credit-life insurance to be required in addition to mortgaged property insurance, without borrowers being given a real choice of insurer. Further, borrowers may not even be aware that they are acquiring insurance or its cost or key policy terms. This seems to be a particular issue for credit life insurance in the microfinance sector. 126. Another common practice is that of taking post-dated cheques as collateral to cover repayments, which may result in the debtor’s imprisonment if the cheque is not honored when 107 Consumer Protection Framework, Sections 2.2 and 2.2.3. 108 Circular concerning Recovery of Delinquent Credit Facilities April 22, 2015, Paragraphs 1 and 2 109 Consumer Protection Framework, Sections 2.2 and 2.2.4. 110 BSD/DIR/GEN/LAB/08/014 of March 16, 2015, Guidelines on Bancassurance Products - Referral Model. 111 BSD/DIR/GEN/LAB/08/014 of March 16, 2015, Guidelines on Bancassurance Products - Referral Model, Section 2. 36 presented. It is understood that some NBFIs take a series of post-dated cheques to cover each repayment due under a loan. If a cheque is not paid when presented, the borrower (and any guarantor) potentially faces 2 years in jail under the terms of the Dishonoured Cheques Act.112 A jail term seems a disproportionate response to a missed loan repayment (especially where there is no fraud) and the practice may lead to harassment of a borrower as to the risks they face if a cheque is not paid when presented. Further, the post-dated cheques are a form of security, but the lender is not required to warn the borrower of the implications of a cheque not being cleared. Recommendations 127. The recommendations in Section II(e) should be implemented in relation to all banking products and services. 128. CBN should introduce more detailed responsible lending requirements to supplement the CP Framework provisions. In particular, credit providers should be required to assess whether a proposed loan meets the financial needs and capacity of the borrower and, more specifically whether it can be repaid without substantial hardship. Responsible lending standards should be actively enforced by CBN and consumer relief should be provided for a breach of those standards. For example, there could be provision for a court to unilaterally change the credit contract terms to reduce the repayment obligations of the customer under the contract or to change the loan term or the applicable interest rate. 129. In the longer term, CBN should also develop more stringent standards on debt collection practices. The proposed CBN Guidelines should clearly prohibit abusive debt collection practices and provide for minimum conduct standards when dealing with borrowers in default (going beyond merely mandating the provision of default notices). It should also be clear that lenders are responsible for the actions of outsourced debt collectors. There should also be practical industry guidance covering, at a minimum: (i) a prohibition on public shaming (e.g., no public display / publication of debtors’ identities photos in newspapers or at the point of sale and no shaming in churches or disclosures to family, friends, employers or other third parties)); (ii) acceptable collection practices (such as by reference to the time of day at which contacts can be made and who can be contacted); and (iii) a prohibition on undue intervention by public authorities or employers in debt collection issues. In the longer term, debt collectors could also be required to be registered to assist with supervision and vetting. 130. The practice of taking post-dated cheques to cover repayments should be regulated. It is important that post-dated cheques are not used as a substitute for collateral, threatening consumers with imprisonment. If no clear rules are introduced forbidding such abusive practice, at a minimum, rules should be introduced ensuring that the consumer is clearly, and separately, warned as to the implications of such a cheque not being cleared. Consideration should also be given to banning the practice. 131. In the medium to long term, insurance bundling practices should be regulated. There should also be a requirement for separate disclosure of any requirement to take out insurance. The premiums, key policy terms and exclusions and any commission should also be clearly disclosed. The consumer should also be given a copy of the insurance policy. Further, consideration should be given to requiring a rebate of insurance premiums if a credit contract is paid out early. Finally, consideration should be given to whether mandatory default credit-life should be prohibited given concerns about 112 Dishonored Cheques (Offences) Act 1977, Section 1(b). 37 whether consumers understand the nature and terms of the insurance, how to make a claim and overall poor disclosure practices. These recommendations apply to any type of insurance required by a credit contract (such as mortgaged property insurance or credit life insurance). IV. Key Issues and Recommendations – Payments Legal and Regulatory Framework Context 132. A well-founded legal and regulatory framework that is clear, transparent and enforceable is an important element in ensuring a sound and efficient payments system. Apart from including a clear payments system mandate for the regulator, the legal and regulatory framework should also include measures to ensure that users of payment services are adequately protected. This is especially important in the payments context, given the new consumer risks that have arisen in relation to the use of digital payments products and services (such as e-money wallets). Financial consumer protection issues with regard to payment instruments include, for example: licensing of all PSPs113; transparency of fees, terms and conditions in an electronic environment; the need to safeguard client funds (for example, funds held on an e-wallet account with a PSP that is not a prudentially regulated financial institution); effective disclosures of the features and risks of payment instruments; liability for agents and other intermediaries; system security and system downtime that prevents access to funds; protection of users’ data; and appropriate liability allocation of consumer loss due to fraud and unauthorized transactions.114 Key Findings 133. Nigeria does not at present have an overarching Payments Act, but this is likely to be remedied soon with the enactment of the NPS Bill, 2016. This Bill expressly provides that CBN has power to carry out supervisory duties in respect of payment systems and system participants.115 This provision will supplement existing provisions in the CBN Act relating to CBN’s mandate in relation to payments and settlement systems.116 134. There are wide-ranging general and specific consumer protection laws, frameworks, guidelines and circulars applying to payments products and services which cover some key consumer protection issues but are fragmented and overlapping. They include the CP Framework (which applies to all CBN regulated institutions) and the CPC Act, as well as the Agent Banking Guideline, the Super - Agents Network and the Guide to Banking Fees and Charges (which applies to electronic banking as well as other banking products). Each has been described in Section II of this Report. Further, there is a wide range of payments - specific frameworks, guidelines and circulars 113 A “payment service provider” is defined as follows in Annex 2: Glossary in the Payments Aspects of Financial Inclusion Report, 2016 of the Bank for International Settlements: “Payment service provider: an entity that provides payment services, including remittances. Payment service providers include banks and other deposit-taking institutions, as well as specialized entities such as money transfer operators and e-money issuers”. 114 These risks are highlighted in Principle 5 of the G20 High-Level Principles for Digital Financial Inclusion (2016). See also the Better Than Cash Alliance Responsible Digital Payments Guidelines (2016) 115 Payment System Management Bill, Clause 14. 116 Central Bank of Nigeria Act, 2007, Section 47. 38 (Payments Legal Framework) which deal with various consumer protection issues. They include the following (see Annex II for further detail): i. Guidelines on Operations of Electronic Payment Channels in Nigeria, 2016 (Electronic Payment Guidelines). ii. Framework for Mobile Money Services in Nigeria, 2015 (Mobile Money Framework). iii. Framework for the Establishment of Pass – Through Deposit Insurance for Subscribers of Mobile Money Operators in Nigeria, 2015 (MMO Deposit Insurance Framework). iv. Guidelines on Mobile Money Services in Nigeria, 2015 (Mobile Money Guidelines). v. Guidelines on International Mobile Money Remittance Services in Nigeria 2015 (IMMRS Guidelines). vi. Guidelines for the Operation of International Money Transfer Services Operators in Nigeria, 2014 (IMTS Guidelines). vii. Circular on Establishment of Industry Fraud Desks (Fraud Desk Circular). viii. Circular on Anti-Skimming Devices, 2014 (Anti-Skimming Circular). ix. Circular on Non-Refund of Monies to Customers Shortchanged by ATMs’ Non-Dispense or Partial Dispense Error, 2014 (ATM Dispense Error Circular). x. Guidelines for Card Issuance and Usage in Nigeria, 2014 (Card Issuance Guidelines). xi. Circular on Nigerian Issued Card Present Fraud in Non-EMV Environments, 2014 (Non-EMV Fraud Circular). 135. The consumer protection issues covered by the Payments Legal Framework are generally expressed in high-level terms with little detail and consistency. For example, the Mobile Money Guidelines set out obligations such as: “Ensure that customers understand the transactions they are entering and adequate disclosures are made”; “ensure that appropriate consumer protection measures are put in place against loss of service, fraud and privacy…”; “provide the leading role in dispute resolution’ and “resolve consumer complaints in a reasonable time”.117 An MMO applicant must also provide details of their consumer protection arrangements. 118 The IMMRS Guidelines have similar provisions. 119 Further, the relatively new Electronic Payment Guidelines and the Card Issuance Guidelines do not have even this level of detail on consumer protection issues. 136. The Bills of Exchange Act 1990 governs the operations of bills of exchange,120 including cheques, as defined in the Act. The Act is somewhat outdated, having been passed in the 1990’s. It has however been supplemented by the Guidelines for Cheque Truncation in Nigeria (2012), which provide for electronic cheque truncation rather than the physical movement of cheques and should accordingly expedite the availability of customer funds. However, the Bills of Exchange Act makes no reference to specific issues of consumer protection, such as disclosures concerning the effect of dishonor of a cheque or the procedures to stop payment of a cheque. Although the Industry Fraud Desk Circular does require that industry Fraud Desks offer services relating to the blocking of accounts and 117 Guidelines on Mobile Money Services, Article 17. 118 Guidelines on Mobile Money Services, Section 7.6. 119 Guidelines on International Mobile Money Remittance Services in Nigeria 2015 Article 15. 120 Bills of Exchange Act, 1990, Section 3(1) defines a “bill of exchange” as follows: “A bill of exchange is an unconditional order in writing, addressed by one person to another, signed by the person giving it, requiring the person to whom it is addressed to pay on demand or at a fixed or determinable future time a sum certain in money to or to the order of a specified person, or to bearer.”. 39 fraud alerts and complaints, there are no legally binding requirements concerning the advice to be given to consumers about such matters.121 137. From a consumer protection perspective, it seems clear that the breadth of this broad range of regulatory requirements, and the lack of detail, is likely to confuse PSPs as to what their obligations are, and consumers as to what their rights and responsibilities are. Further details of key gaps and overlaps are discussed in following sections. 138. The current overlaps will be exacerbated when the NPS Bill, 2016 and the FCCP Bill, and any related regulations, come into effect. The concerns about overlaps between financial sector- specific laws and the FCCPC have been discussed above in Section II(b). The NPS Bill simply provides at this stage that CBN must consider the “interests of consumers, including the terms and conditions governing their relationship with payments system providers” in assessing a potential payment system operator,122 and there is provision for CBN to make regulations relating to “consumer protection”.123. 139. A final concern is that the various instruments comprising the Payments Legal Framework seem to be framed around existing product types (such as mobile money and payment cards), without any provision for innovation in payments products and services. With the rise of technological innovation in provision of financial services in Nigeria (see Section I above on Context for Financial Consumer Protection in Nigeria), it seems inevitable that there will be a continued increase in new types of products, delivery channels, providers and their partners and a consequent rise in the risks to which consumers may be exposed. Examples of new types of payments products include biometrically – enabled payments products available through mobile phone apps (such as Novopay in India); contactless payments (for example, the Visa NFC payment ring or bracelet); Bitcoins, Apple pay; account aggregation and many more. These products can bring significant consumer convenience, but they can also bring increased risks - for example in relation to the viability of the provider as well as system security, confidentiality of customer data, identity theft and fraud. 140. A number of regulators have introduced “regulatory sandboxes” to help them work with industry, and especially on innovations in financial products and services and their providers. Put simply, a regulatory sandbox is usually a “safe house” where pilots of specified types of innovative financial products and services can take place, with the support of financial sector regulators. In this space, there may be relief from regulatory requirements which would otherwise prevent the pilot taking place. Many countries have established such sandboxes, with 2016 being an especially busy year. Relevant countries include Abu Dhabi, Australia, Indonesia, Malaysia, Singapore, Thailand, the United Kingdom and the United States of America. The form and approach in each country varies but there appears to be an international trend for regulators to establish rules – based “regulatory sandboxes” to support technological innovations. Recommendations 141. In the short term, it is recommended that Guidelines are developed under the CP Framework to cover payments-specific issues. At a minimum, it is recommended that Guidelines be 121 Circular on the Establishment of Industry Fraud Desks, June 2015 122 Payment Systems Management Bill, Section 5(2)(i) 123 Payment Systems Management Bill, Article 17(1) 40 developed to cover the specific issues relating to financial products and services discussed elsewhere in the Report: (i) standardized KFSs for common store-of-value products (see Section II (c)); (ii) mistaken transactions and unauthorized payments (see Section II (d)). 142. In the longer term, once the Payments Bill is enacted, consumer protection regulations specific to payments products and services should be developed, reflecting international good practice. The regulations should address the consumer risks that can arise with payments products, such as risks relating to: (i) safeguarding consumer funds; (ii) disclosures of terms and conditions and fees and charges in an electronic environment (such as on a feature phone); (iii) agents who may be poorly trained and / or have compensation arrangements which may affect their ability to give impartial advice and should be disclosed; (iv) unauthorized and mistaken transactions; (v) fraud; (vi) inadequate security of systems; and (iii) confusing user interfaces; (vii) failure to keep personal data confidential and secure. These risks need to be addressed, as well as more traditional consumer protection issues (such as disclosure and transparency, fair treatment and recourse systems). At the same time, those parts of the CP Framework applying to payments products and services, and the consumer protection aspects of the Payments Legal Framework, should be reviewed and amended as necessary so that consumer protection regulations made under the Payments Bill prevail to the extent of any inconsistency. It will also be important that the new regulations are flexible enough to provide for innovations in payments products, delivery channels, providers and their partners. More generally, there is a need to ensure that explicit oversight mandate for CBN in relation to the payments sector and all PSPs. Supervisory Arrangements and Enforcement Powers Context 143. Payment services are very heterogeneous, ranging from simple paper-based products linked to bank accounts (e.g., checks) to e-money services provided by non-bank. Many of these payment services involve innovative technologies, delivery channels, and business models. Identifying and keeping track of consumer protection issues in fast-paced markets such as electronic retail payments requires sufficient resources and capacity and a well-designed and effective forward-looking supervisory approach. Key Findings 144. The CBN Banking and Payment Systems Department does not at present supervise consumer protection aspects of the Payments Legal Framework. This is on the basis that this is the responsibility of the CP Department. However, the CP Department does not appear to have the capacity and resources to consider consumer protection issues with payments products provided by commercial banks (which are the only entities it currently attempts to supervise) or, indeed, any other type of payment service provider. 145. There are no formal consultation and coordination arrangements between the CP Department and the Banking and Payment Systems Department. The CP Department will, however, consult the Banking and Payment Systems Department on an “as necessary basis” concerning complaints and technical matters. There was also minimal consultation on the new CP Framework, with neither the Banking nor the Payment Systems Department considering whether there was a need 41 for payments-specific consumer protection provisions (for example, in relation to unauthorized and mistaken transactions). Ideally, there would be a more formal consultation arrangement. For example, such an arrangement could cover consultation on consumer protection regulations under the Payments Bill, Guidelines applying to payments products under the CP Framework and complaints relating to payments products. Recommendations 146. In the longer term the capacity of the CP Department should be developed so that it can assume the responsibility to independently supervise FCP in the payments sector, including the ability to respond to innovations in the payments market. Payments products and services are varied, ranging from simple paper-based products linked to bank accounts (e.g., checks) to e-money services (such as mobile money accounts) to all the innovative digital financial services (see Section I for a discussion of financial sector innovations in Nigeria). Identifying and keeping track of consumer protection issues in such a fast-paced payments markets requires sufficient resources and capacity and a well-designed and effective forward-looking supervisory approach. 147. Establish regular consultations between the Payments Department and the CP Department on policy and supervisory matters of mutual interest. Such a forum would also assist the CP Department to leverage the expertise of the Payments Department in technical issues and also in regard to innovations in the payments market. The CP Department should also have regard to the work of the Payments System Strategy Board (PSSB), which provides strategic direction for the National Payments System.124 Disclosure and Sales Practices Context 148. The principles regarding effective consumer disclosure discussed in Section II(d) also apply to the provision of payment products and services. However, there are some differences in the features of payments products, and the applicable delivery channel, which may affect how and when disclosures should be made and their nature. The differences include the electronic nature of most payments products, the innovative nature of some payments products and services (such as mobile money) and the one – off nature of others (such as remittances). These differences may mean, for example, that there is a need to provide for flexible, cost - effective electronic disclosures rather than disclosures which are in writing and physically signed. Such disclosures should be able to be made through multiple channels (such as via the provider’s web site, by email, short-messaging service (SMS), agents or ATMs). The suitability of a channel which will depend on the nature of the information and the consumer’s circumstances (for example, whether they have access to the Internet). Regardless of such flexibility, it remains important for consumers to be well informed regarding the features, costs and risks of payments products and for information to be provided in a clear, comparable and easy to understand manner. Consumers should also be able to access and keep key contractual and transaction information. 124 http://www.cbn.gov.ng/FeaturedArticles/2015/articles/PaymentsSystemStrategyBoard.asp 42 Key Findings 149. The broad disclosure principles in general consumer protection laws and in the Payments Legal Framework, need to be supplemented by further detail. The requirements in the CP Framework and the CCNBI are discussed in Section II (d) above. Examples of the more specific payments-related requirements include the Mobile Money Guidelines and the IMMRS Guidelines which simply require “adequate disclosures”.125 The Card Issuance Guidelines also require disclosure of contractual terms prior to activation.126 There are also helpful requirements in the Mobile Money Guidelines and in the Card Issuance Guidelines relating to the education of customers on security features of payments services. 127 Further, there are quite detailed requirements for receipts to be provided in respect of mobile money and international money transfer transactions and on request for ATM transactions. 128 However, stakeholders met indicated that these receipt requirements are not always met. Some providers advised they provide receipts on request or only via SMS and they are not always free. 150. Overall, there are extensive gaps in the Payments Legal Framework disclosure requirements applicable to payments products and services, when considered against good practices. They include gaps in relation to advertising and sales material standards; disclosure of terms and conditions and fees and charges; prior disclosure of foreign ATM fees and electronic transfers; statements of account (or at least access to account information); and notice of changes to terms and conditions and fees and charges. There are also no requirements as to the format and manner of disclosures (i.e. that they should be objective, plain and understandable; in a minimum font size and not misleading); for standardized KFSs to be provided for common store-of-value products; or for disclosures to be made in a language relevant to the geographical area in which the disclosure is made (all disclosures viewed were in English). Recommendations 151. The recommendations in Sections II(d) and III(d) concerning Disclosure and Transparency also apply in relation to payments products and services, as well as more generally. The recommendations relating to the following issues are especially important in the payments context: i. Develop a standardized KFS for common store-of-value payment products to facilitate transparency and comparability. ii. Overarching format and manner of disclosure requirements. iii. Contractual disclosures. 152. The new disclosure requirements should also provide some flexibility for disclosures relevant to digital payments products (and others). For example, some PSPs use their websites, pre - recorded calls, SMS text messages, and social media mechanisms as communication channels. These practices should be taken into consideration when designing flexible rules on the format and manner of 125 Guidelines on Mobile Money Services, Section 17 (a), and Guidelines on International Mobile Money Remittance Services in Nigeria 2015, Section 15. 126 Card Issuance Guidelines, Section 3.18 127 Guidelines on Mobile Money Services, Section 8.1(g), and Card Issuance Guidelines, Section 3.4. 128 Guidelines on Mobile Money Services, Section 16; IMTS Guidelines, Section 3.10.3; and Guidelines on Operation of Electronic Payment Channels in Nigeria, Section 1.2(d). 43 disclosure for retail payments services. In principle, usage of these mechanisms could be encouraged, provided consumers are clearly informed and have access to the relevant channel. Fair Treatment and Business Conduct Context 153. The fair treatment and business conduct concerns addressed in Section II (e) also apply to payments products and services. Specific issues in the payments context include safeguarding of client funds; liability for agents; system security and downtime; allocation of liability for mistaken and unauthorized transactions (consumer liability should generally be limited to a specified amount, except where there is fraud and gross negligence); and requiring providers to meet product suitability and unfair terms requirements, especially given the likely low levels of financial capability of consumers using innovative payments products and services. Other issues such as disclosure and transparency, data protection and consumer recourse systems are discussed elsewhere in this Report. 154. Competition and interoperability are also important and have a clear direct impact on financial consumer protection. Fostering interoperability is in general a key policy action of payment systems overseers. This stems from the positive impact interoperability of platforms and agents is likely to have on efficiency of the overall national payments system and also for consumers. Achieving interoperability requires several different elements to be in place: an effective payment system infrastructure in which interested PSPs can participate; appropriate pricing and business rules to make it commercially viable for the participants to participate; and, effective oversight arrangements to ensure that the payment system infrastructure remains safe, reliable, and efficient. Key Findings 155. There are numerous examples of unfair terms in payments products. As noted in Section II(e), a key Principle in the CP Framework relates to Fair Treatment of consumers and CBN is currently developing Guidelines to implement this Principle. Section 2.5.3 of the CP Framework is to the effect that unfair terms are void. Examples reviewed include: provisions for fees to be determined by the bank from time to time without any prior disclosure; the ability to increase (or decrease) credit limits without prior notice or consent; disclaimers of liability; unilateral change clauses; provision for high default rates of interest on card products (one example was up to 29 percent per annum); broad indemnity provisions in favor of the issuer; assignment to the issuer of any assets they hold belonging to the cardholder (such as a deposit); a commitment to a minimum monthly spend limit and to paying a specified fee if the limit is breached; and mandatory bundling credit life insurance products with payments product (such as a credit card) without providing any choice of insurer; and making cardholders liable for transactions on lost or stolen cards which occur a short period after the loss is reported. 156. It appears that PSPs are not taking clear responsibility for their agents. This is notwithstanding that the Mobile Money Guidelines 129 and the Agent Banking Guidelines 130 both provide for a financial institution to be responsible for the acts and omissions of their agents and the 129 Guidelines on Mobile Money Services, Section 17.0(f). 130 Guidelines for the Regulation of Agent Banking and Agent Banking Relationship in Nigeria, Article 3(xi). 44 Agent Banking Guidelines also requires that a financial institution “periodically” train its agents and establish an effective oversight over agent banking services.131 However, the mission findings suggest that PSPs find it logistically difficult to supervise their agent networks. It may of course be the case that there is little incentive to supervise and train agents, given that agent exclusivity arrangements are prohibited in Nigeria. 132 A further concern is that although super-agents are required to have a consumer protection policy,133 CBN has not issued any guidance as to what that policy should contain. 157. There are no rules as to allocation of liability for mistaken and unauthorized transactions. However, the industry practices on helping customers deal with mistaken transactions seem fair. For unauthorized transactions, the practice seems to be that customers will not be liable unless they are at fault e.g. for disclosing a PIN. Nevertheless, evidence suggests that these issues are addressed on an ad hoc basis signifying that consumers could get different treatment for the same issue. 158. As mentioned before, the Guide to Bank Charges has had a negative effect on competition and it appears that maximum permitted fees are always charged. The maximum fees allowed under the Guide to Bank Charges for ATM transactions are apparently charged by all banks. This suggests a lack of competition, which is not of course in the interests of consumers. Further, there is an apparent practice under which the cash withdrawal limit is apparently set relatively low (20,000 NGN) to maximize the potential fee revenue. 159. Mobile money customer funds are not clearly required to be safeguarded in a trust account. There is requirement that all obligations arising from mobile money accounts be settled into a non-interest bearing, separate accounts held with DMBs. 134 However, there is not an explicit requirement that the account be a “trust account” to protect the account against other creditors in the event of insolvency of the MMO. In summary, a trust account involves a legal relationship under which the settlor of the trust (say the PSP) gives legal title to the funds in question to a trustee who would then hold the property (the monies in the account) for the beneficiaries (the account holders). However, although the Mobile Money Guidelines do not explicitly refer to a trust account, the MMO Deposit Insurance Framework makes it clear that funds will only be covered by Nigeria’s deposit insurance scheme if they are held in a trust account.135 The MMO Deposit Insurance Framework provides for the pass -through to MMO subscribers of deposit insurance covering the MMO accounts in DMBs in which subscriber’s funds are held. Notwithstanding the provisions in the MMO Deposit Insurance Framework, consumers would be better protected if the MMO Guidelines explicitly required that the relevant account be a trust account for all purposes. 160. Although stakeholders did not express significant concerns about fraud in payments systems, this is potentially an area of key concern for consumers. The CP Framework provides that financial institutions need to establish policies and controls to safeguard consumer assets against fraud and notes that they “may” include the use of sophisticated software and transaction monitoring systems 131 Guidelines for the Regulation of Agent Banking and Agent Banking Relationship in Nigeria, Article 6(xi) and 6.1 (i). 132 Guidelines for the Regulation of Agent Banking and Agent Banking Relationship in Nigeria, Article 7. 133 Regulatory Framework for Licensing Super Agents in Nigeria, Article 3(xix). 134 Guidelines on Mobile Money Services, Section 5 and see the various references to subscribers’ funds being held by MMOs in “trust (pool) accounts” (e.g. ss. 7, 9 and 10). 135 Framework for the Establishment of Pass-Through Deposit Insurance for Subscribers of Mobile Money Operators in Nigeria, June 2015, Sections 3, 4.2, 4.3 and 7.1. 45 which should cover specified issues.136 The mandatory topics relate to segregation of duties; access to information; security of customer data and records; data storage infrastructure; and periodic audits. Importantly, the CP Framework also provides for an FI’s Customer Compensation Policy to cover compensation for fraud by employees. 137 This should also apply to fraud by agents and other intermediaries. 161. Interoperability of payments platforms and agents is mandated in Nigeria. The Mobile Money Framework requires MMOs to connect to the National Central Switch (NCS) to ensure interoperability of all schemes in the system.138 Further, all POS terminals must accept cards issued by any Nigerian bank and all commercial switches and other entities driving POS terminals must ensure NCS connection.139 The Agent Banking Guidelines also prohibit exclusivity of agent banking contracts in Nigeria. A few industry commentators mentioned that this rule is a disincentive to investments in agent network infrastructure. Nevertheless, the rule is generally considered to be helpful for access to agent services and the new rules on super-agents may assist in dealing with industry concerns. 140 Further, the Payments Bill includes within CBN’s powers “ensuring interoperability and promotion of wider participation within set risk management parameters”.141 Recommendations 162. The recommendations in Sections II(d) and III(d) concerning the proposed Fair Treatment Guidelines apply in relation to payments products and services, as well as more generally. The recommendations relating to the following issues are especially important in the payments context: i. Review of standard terms and conditions for unfair terms as part of the supervisory process and as part of any product approval process. ii. Training and supervision of staff, agents and other intermediaries. 163. The new Fair Treatment Guidelines under the CP Framework should also contain minimum liability allocation rules for consumer loss arising from mistaken and unauthorized payments transactions. In particular: (i) a consumer’s liability for losses from unauthorized transactions should be limited to a maximum amount specified by law, except in cases of consumer fraud or gross negligence; (ii) a PSP should be required to provide timely and necessary assistance to consumers to recover mistakenly transferred funds; and (iii) consumer should be immediately notified of any fraud which affects their account or transactions; and (iv) consumers should be clearly informed of their obligations in relation to suspected cases of mistaken or unauthorized transactions. 164. In the longer term, CBN should include in its new CP Supervision Strategy the need to actively supervise banks and MMOs for compliance with the obligation to supervise their agents. There should be a particular focus on the risk management practices of the PSP or the relevant super- agent, such as for signing up new agents, training, ongoing monitoring, and other risk management 136 Consumer Protection Framework, Section 2.6.1. 137 Consumer Protection Framework, Section 2.7.3.2 (c) 138 Regulatory Framework for Mobile Money in Nigeria, Section 4. 139 Guidelines on Operation of Electronic Payment Channels in Nigeria, Section 2.4.1.7. 140 Regulatory Framework for Licensing Super-Agents. 141 Payment Systems Management Bill, Clause 19(1)(d). 46 procedures, including transaction monitoring, KYC procedures and agent dismissal. While supervision is likely to be primarily focused on the headquarters of the PSP or the super-agent, there may be a need for on-site visits to conduct mystery shopping or in-person observations by supervisors. 165. Each MMO settlement account should also be explicitly required to be a trust account. The aim should be to ensure that an amount equal to outstanding balances on mobile money accounts are held in a trust account for the benefit of clients and are used only for making payments to clients and not for operational purposes. The account should be managed on behalf of the customers, either by the PSP itself or a trustee. The funds in these accounts should also be protected from claims by third party creditors. Any new requirements for trust accounts would, of course, need to be developed having regard to the requirements of Nigerian trust law. Privacy and Data Protection and Operational Reliability Context 166. Payments data can include a significant amount of personal information about consumers which can be open to misuse. In addition to financial data on the underlying transaction, a payment transaction can also generate information on the location and time of the transaction, as well as indicate information about a consumer’s relationships with various entities and, depending on the nature of the transaction (such as the type of product or service being paid for), about their personal circumstances more generally. Furthermore, with the increasing linkage of payment and data systems with other channels and systems (e.g. social networks), there is a continual increase in the type of data that can be juxtaposed with payment date to derive additional personal information about individuals. It is therefore critical (as with other financial information discussed in Section II(f)) that such information is safeguarded and used and disclosed for purposes and in circumstances about which the consumer is aware and, as relevant, to which they have agreed, or as otherwise appropriately permitted by law. PSPs should therefore be required to have policies and procedures in place to protect personal information, with appropriate accountability for compliance within those institutions. Key Findings 167. The Payments Legal Framework contains fragmented, high level and overlapping confidentiality provisions applying to agents, payment service providers and other participants in the payments system. Although it is clear that relevant participants must take steps to ensure the confidentiality of personal information, there is none of the detail that is normally found in privacy laws (see Section II(f) for details), that recognizes the special sensitivity of payments related information, or that provides for appropriate sanctions. Examples include: i. MMOs are required to have “appropriate consumer protection measures” concerning “privacy of customer information” and Appendix 1 requires that MMOs have a Privacy Policy; ii. The Electronic Payments Guidelines contain confidentiality provisions concerning ATM transactions142; and 142 Guidelines on Operation of Electronic Payment Channels in Nigeria, Sections 1.2 (k), 1.5(c) and (d). 47 iii. The Agent Banking Guidelines require confidentiality provisions to be included in the agent’s contract and that financial institutions to have in place “appropriate consumer protection systems against risks of … loss of privacy”.143 Recommendations 168. The recommendations made in Section II(f) also apply to payments products and services. Dispute Resolution Mechanisms Context 169. The good practices for internal and external complaints and dispute resolution processes are as described in Section II(g). They are especially important in the payments context, given the potential for innovative products to be provided to customers with low levels of financial and technological capability. Key Findings 170. There are numerous high-level references to complaints and dispute resolution in the Payments Legal Framework but they lack the details which would make them consistent with good practice. The relevant good practices are described in Section II(g). In summary, with few exceptions, the relevant provisions in the Payments Legal Framework provide as follows: i. There are different time limits within which complaints and disputes must be resolved. For example, the Mobile Money Guidelines requires complaints to be resolved “within a reasonable time” and not later than 48 hours from the lodging of the complaint, with disputes to be settled within 14 days.144 The Electronic Payments Guidelines has different time limits for settling disputes in relation to the various payments products covered by the Guidelines (for example T+ 3 days for ATM disputes 145 and T+5 for cardholder disputes involving mPOS services 146 ). For the Card Issuance Guidelines, the dispute resolution time is stated to be “internationally acceptable timeframes for international transactions” and T+2 for domestic transactions.147 ii. In some cases, disputes must be referred to CBN, with arbitration under the Commercial Arbitration Act to be used if CBN cannot resolve a dispute. For example, the Mobile Money Guidelines has a provision to this effect148 as does the Electronic Payments Guidelines.149 143 Guidelines for the Regulation of Agent Banking and Agent Banking Relationship in Nigeria, Sections 3(xv) and 15 respectively. 144 Guidelines on Mobile Money Services, Section 17.0 (g) and 17.1. 145 Guidelines on Operation of Electronic Payment Channels in Nigeria, Section 1.6. 146 Guidelines on Operation of Electronic Payment Channels in Nigeria, Section 3.10. 147 Card Issuance Guidelines, Section 9.1. 148 Guidelines on Mobile Money Services, Section 17.1. 149 Guidelines on Operation of Electronic Payment Channels in Nigeria, Section 3.10.3. 48 iii. The MMO Deposit Insurance Framework requires MMOs to have “robust consumer complaints policies”.150 However, there is no detail as to what the policies should cover or applicable time limits or other processes for dealing with complaints. 171. The NPS Bill is similarly vague as to the required complaints and dispute resolution requirements. It simply provides (in summary) that disputes between system participants, service providers and payers or beneficiaries are to be settled through any agreed Alternative Dispute Resolution mechanism, with the dispute to be referred to the Office of the Nigerian Financial Ombudsman if there is no agreement.151 172. There are various difficulties with the above approaches. They include: the differing time limits for resolving complaints; the lack of requirements for transparent internal complaints resolution procedures; consumers are unlikely to have the bargaining power to agree on an acceptable ADR scheme and the Financial Ombudsman does not currently exist. Further, as noted Section II g), there are no provisions which transparently set out the processes and procedures to be followed by CBN. In addition, commercial arbitration is unlikely to be an appropriate dispute resolution mechanism for consumer disputes, given the likely time, expense, and procedural complexity involved. Recommendations 173. The recommendations made in Section II(g) also apply to payments products and services. 150 Framework for the Establishment of Pass-Through Deposit Insurance for Subscribers of Mobile Money Operators in Nigeria, June 2015, Section 10. 151 Payment System Management Bill, Clauses 24 (2) and (3). 49 Annex I: List of Consulted Institutions Government Institutions Central Bank of Nigeria – Banking Supervision Department Central Bank of Nigeria – Banking and Payment Systems Department Central Bank of Nigeria – Consumer Protection Department Central Bank of Nigeria – Financial Policy and Regulation Department Central Bank of Nigeria – Legal Services Department Central Bank of Nigeria – Other Financial Institutions Department Nigeria Consumer Protection Council Nigerian Communications Commission Financial Services Providers Access Bank Credit Direct Limited FIRST Bank FIRST Monie FORTIS Microfinance Grooming Centre Guarantee Trust Bank Paga Stanbic IBTC TurstBond Mortgage Bank United Bank Africa VDF Microfinance Technology Providers E-Tranzact Interswitch Industry Associations Association of Non-Bank Microfinance Institutions Charted Institute of Bankers Nigeria 50 Mortgage Banking Association of Nigeria Other Institutions Tony Elumelu Foundation 51 Annex II: Key Laws, Regulations, Frameworks, Guidelines and Circulars SECTOR LAW / BILL / ACRONYM RESPONSIBLE TOPIC COVERED REGULATION / INSTITUTION FRAMEWORK / GUIDELINE GENERAL Central Bank of Nigeria CBN Act CBN Provides CBN with a mandate to Act, 2007 regulate financial sector (i.e. specifying that the principle objective of CBN is to promote sound financial system). Central Bank of Nigeria CP Framework CBN The CP Framework, which applies Consumer Protection to all financial institutions Framework, 2016 regulated by CBN, documents the roles and responsibilities of the financial institutions, consumers and CBN itself. The consumer protection provisions are based on 9 key principles covering: 1.Legal, Regulatory & Supervisory Structures 2.Responsible Business Conduct 3.Disclosure & Transparency 4.Consumer Financial Education 5.Fair Treatment 6.Protection of Consumer Assets, Data & Privacy 7.Complaints Handling & Redress 8.Competition 9.Enforcement. Consumer Protection CPC Act CPC The CPC Act provides for the Council Act, 1992 establishment of the Consumer Protection Council and contains consumer protection provisions relating to complaints management, conduct detrimental to consumers, advertising and compensation. It appears to apply to all goods and services, with no exception for financial products and services. Federal Competition FCCP Bill FCCPC / The FCCP Bill provides for the and Consumer Minister establishment of the Federal Protection Bill, 2016 responsible for Competition and Consumer trade matters Protection Commission, substantive provisions relating to anti-competitive practices and consumer protection for all goods and services and the repeal of the CPC Act. Guide to Bank Charges, Guide to Bank CBN The Guide to Bank Charges sets a 2013 (under review) Charges mandatory standard for the 52 application of charges on products and services of Deposit Money Banks and covers both interest rates and fees and charges. Chartered Institute of CIBN Act CIBN Establishes CIBN and sets out Bankers of Nigeria Act, responsibilities (including 2007 concerning ethical standards and professionalism). Guidelines for the Agent Banking CBN The Agent Banking Guidelines Regulation of Agent Guidelines apply to agents acting on behalf of Banking Relationships licensed deposit taking institutions in Nigeria, 2013 and mobile money operators. The Guidelines cover application and approval requirements for financial institutions wishing to engage in agent banking; agent banking contracts; assessment of agents; key responsibilities of the financial institution; supervision; exclusivity; publication of lists of agents; risk management; money laundering; branding and advertisements; minimum consumer protection requirements and dispute resolution. Regulatory Framework Super-Agents CBN The Framework covers the for Licensing Super- Framework following topics in relation to Agents (2016) super-agents: licensing, responsibilities; the platforms to be used for mobile money services; interoperability; interchange fees; branding; and dispute resolution. Circular on Consumer Complaints CBN This Circular requires all regulated Complaints Handling Circular financial institutions to establish a (2011) Help Desk, to refer any complaints to CBN which is not resolved in 14 days and to submit monthly returns on consumer complaints to CBN. BANKING Bank and Other BOFIA CBN The BOFIA is the main Act AND NBFIs Financial Institutions concerning the provision of Act banking services and products. It establishes the relevant framework for the provision of banking products and services by banks and other financial institutions. It covers the following topics: functions and powers of CBN, licensing of banks, prohibition of deposit taking activities for non- banks, basic corporate governance structure of banks, duties of banks, transparency of financial information, supervisory role of CBN, licensing of other financial institutions, supervisory powers of 53 CBN towards other financial institutions. Revised Microfinance MFIs CBN and The framework provides for Policy, Regulatory and Framework appropriate CBN’s vision of the sector with the Supervisory Framework Agency / objective of creating a healthy and for Nigeria 2011 Ministry stable sector. It further contains some key rules. It identifies all the possible types of MFIs which can exist in Nigeria, including MFBs, NGO-MFIs, and financial cooperatives. It also forbids the collection of deposits by non- licensed MFIs and clearly outlines the different roles which each institution can play to the promotion of microfinance activities. It further provides for a framework for the supervision of the different types of MFIs and the role and responsibilities of the different stakeholders. Revised Regulatory and MFBs CBN The MFBs Framework provides Supervisory Guidelines Framework more detailed rules, than the MFIs for Microfinance Banks Framework, on how MFBs should (MFBs) in Nigeria operate. It covers the following topics: CBN’s power to regulate MFBs, permissible and prohibited activities by MFBs, ownership and licensing requirements for MFBs, corporate governance of MFBs, accounting requirements and financial transparency, compliance with AML/CFT rules, prudential requirements and minimum capital. Delinquent Credit Delinquent CBN The Circular applies to banks and Facilities Circular, Credit Facilities discount houses and requires that a April 22 2015 Circular delinquent debtor be given a three- month grace period and that a bank or discount house is required to “Publish the list of delinquent debtors that remain non- performing in at least three national daily newspapers quarterly (The delinquent debtors are those whose accounts have been classified lost and include the persons, entities, directors, subsidiaries and other related parties).” (para. 2). Framework for the Deposit Nigeria Deposit The purpose of the Framework is Establishment of Pass- Insurance Insurance to provide for the establishment on Through Deposit Framework Corporation pass – through Deposit Insurance Insurance for (NDIC) to MMOs. It includes provisions Subscribers of Mobile requiring MMOs to have consumer complaints policies and practices. 54 Money Operators in There is also provision for Nigeria, June 2015 consumers to contact the NDIC (section 10). The maximum level of coverage is 500.000 naira per subscribed per DMB. PAYMENTS Payment Systems Payments Bill CBN Covers the administration and Management Bill 2016 operation of payments, clearing and settlement systems in Nigeria. In granting an authorization to operate a payment system, CBN is required to consider the “interests of consumers, including the terms and conditions governing their relationship with payments system providers;” (section 5(2)(h)). CBN also has power to make regulations relating to “consumer protection” (section 17(1)). The Bill also covers dispute resolution in a provision which anticipates the existence of the Office of the Nigerian Financial Ombudsman (section 24). Guidelines on Electronic CBN Covers topics relevant to electronic Operations of Payment payment systems which include Electronic Payment Guidelines ATMs, POS card acceptance Channels in Nigeria, services. MPOS acceptance 2016 services and web acceptance services. They include guidelines on consumer disclosures and refunds, security, and dispute resolution. There are also Guidelines on cardholder obligations re security. Note the Guidelines state they supersede previous Standards and Guidelines on ATM Operations in Nigeria and Guidelines on PoS Card Acceptance Services Regulatory Framework Mobile Money CBN The Mobile Money Framework for Mobile Money Framework sets the business rules for the Services in Nigeria, operation of mobile payment 2015 services, defines the roles and responsibilities of participants and sets the basis for the regulation of services. It includes high level provisions covering participants in the mobile money system; mobile money scenarios and processes; infrastructure; settlement; scheme dispute resolution; technology; risk management; user interfaces, KYC and a very high level dispute resolution provision. 55 Guidelines on Mobile Mobile Money CBN Covers approved mobile money Money Services in Guidelines types, licensing, agents, business Nigeria, 2015 rules, roles and responsibilities of partners, settlement accounts infrastructure, KYC, risk management and transaction security and high level consumer protection provisions. Guidelines on IMMRS CBN Covers the use of mobile money as International Mobile Guidelines part of international money Money Remittance transfer services in Nigeria and Services in Nigeria specifies infrastructure and risk 2015 management requirements. Specific topics covered include authorizations and high level consumer protection measures. Guidelines for the IMTS CBN Applies to inbound and outbound Operation of Guidelines international money transfer International Money services. Covers licensing, Transfer Services operations, agents, disclosure Operators in Nigeria, requirements, dispute resolution 2014 and remedial measures. Circular on Anti- Anti- Skimming CBN Mandates compliance with Skimming Devices, Circular sections 3.2 “ATM Operations” 2014 and 3.4 “ATM Security” of the Standards and Guidelines on Automated Teller Machines in Nigeria and requires installation of “risk mitigating devices” on ATM terminals. Circular on Non- ATM Dispense CBN Contains direction to Deposit Refund of Monies to Error Circular Money Banks to return money to a Customers customer held as a result of an Shortchanged by ATM dispense error, as required ATMs’ Non-Dispense by section 9.1 of Guidelines for or Partial Dispense Card Issuance and Usage in Error, 2014 Nigeria. Guidelines for Card Card Issuance CBN The Guidelines relate to the Issuance and Usage in Guidelines issuance and usage of payments Nigeria, 2014 cards. Topics covered include permitted issuers (licensed banks), infrastructure standards, customer disclosures; continuous customer education on e.g. security issues and disputes; KYC: unsolicited cards; fraud and risk management; and specific requirements for stored value cards; prepaid cards; debit cards; credit and charge cards; and high level requirements on dispute resolution. Circular on Nigerian Non-EMV CBN Requires Deposit Money Banks to Issued Card Present Fraud Circular take fraud prevention measures on Fraud in Non-EMV Nigerian issued cards when used in Environments, 2014 Non-EMV environments (such as USA). 56 Bills of Exchange Act Bills of Not specified Bills of exchange, including 1990 Exchange Act cheques. Guidelines for Cheque Cheque CBN Regulation and management of Truncation in Nigeria Truncation cheque truncation. (2012) Guidelines 57 Annex III: Comments on the Nigeria Financial Ombudsman Bill Recommendation Replace the previously proposed legislation with a new draft drawing elements from suitable legislation and other material from other Commonwealth jurisdictions and tailor it to the Nigerian experience and aspirations. Key Issues with Current Proposed Legislation • There is an absence of independent oversight and protection of the critical independence of the Ombudsman function. Having an independent board of directors appointed by the Minister on recommendation of an independent panel would lend credibility and independence to the function which must exist in a contentious space between industry and consumers. • The scope of the proposed mandate needs to be clarified in terms of financial services providers subject to the mandate and the nature of eligible complainants. It is recommended that eligible complainants to the financial Ombudsman include the following: (i) an individual who, in relation to the relevant financial service provider and the relevant act, is acting for purposes other than his or her trade, business, or profession; (ii) a microenterprise, within the meaning of the established definition of micro, small and medium-sized enterprises, or some other objective third party reference point; (iii) any other category that: - relates to charities, trusts, foundations or other bodies, - appears to the Minister responsible to be appropriate for this purpose, and - is specified for this purpose by the Minister responsible on the recommendation of the financial Ombudsman. • Some proposed elements suggest a legalistic approach including appearance before the office, precedence and appeal. This is not consistent with international good practice which tends to favor a fairness and reasonability test in the circumstances of the individual case, not bound by precedent and informal in process to ensure accessibility. • In order to effectively perform its mandate, the Ombudsman must be able to compel the production of material and be able to compel witnesses to provide information. The draft legislation does not confer such powers on the Ombudsman. Observations on the proposed Financial Ombudsman legislation: Article 3 • It is suggested that the overall mandate of the Office should be simplified to simply state that it will resolve complaints arising from the provision of financial services by a financial services provider to an eligible complainant (and define the financial services providers and eligible complainants in the regulations as appropriate/necessary). If the intention is also to enable review of complaints from financial services providers against the regulator (as they do in the United 58 States where the Ombudsman within the Office of the Comptroller of the Currency has that role in addition to resolution of consumer complaints), then the legislation could state that clearly as a separate mandate/power. Article 4 • It is recommended to broaden the mandate beyond transactions to any complaint arising from the provision of financial services…as noted in comments on Article 3 above. • It was not clear if the intention of the draft legislation was to extend the mandate of the Ombudsman beyond currently-regulated entities to all providers of financial services. If in fact this was the intention, it is not recommended that the mandate of the Ombudsman extends beyond complaints involving regulated entities at this time for the following reasons: • As the regulator, CBN is currently handling a large proportion of financial consumer complaints and, in this report, is being recommended as the point of consolidation for all complaints pending the introduction of a financial Ombudsman. CBN would not have the statutory authority to compel unregulated entities to engage with their complaint handling function during this interim period. • With limited resources, the proposed financial ombudsman will be challenged to effectively handle the volume of unresolved complaints referred from regulated entities alone. To add an unknown volume of additional potential complaints from a largely unknown population of financial service providers could undermine the initial performance of the office, and its credibility in the eyes of key stakeholders. • To establish a mandate over unregulated financial service providers would require a business activity (e.g., consumer lending, retail payments, etc.) rather than a regulated entity approach to defining the scope of the Ombudsman’s remit. This introduces an additional and complex track of financial sector policy and legislative activity to the current program. Alternatively, if such a business activity approach was used, even if only to define the scope of the financial Ombudsman’s remit, it would essentially define the scope of the unregulated financial sector. This is a much more complex and nuanced exercise that could affect the remit of CBN and deserves careful attention beyond the scope of the financial Ombudsman initiative. The scope of the Ombudsman’s remit can always be broadened once it is firmly established and operating effectively. • It would be very difficult to establish a funding model which fairly and effectively sought contribution from unregulated financial service providers to the cost of the financial Ombudsman scheme. The regulated financial service providers would not wish to subsidize the financial Ombudsman to devote resources to resolving complaints from their unregulated competitors. Article 6 • To function effectively, the Ombudsman function must be, and be seen to be, completely independent of the government, regulator, industry, and consumer activism. For this reason, the governance of the mandate must be equally independent. Ideally governance would be provided by an independent board of directors selected to provide the appropriate oversight and accountability for the mandate and reflective of the diversity of stakeholder interests inherent in the mandate. The 59 Ombudsman would be appointed by the board of directors on terms that secure his or her independence. This independent selection and oversight of the Ombudsman/office enables the performance of the mandate with independence and impartiality which will enhance both its credibility and effectiveness. You may wish to refer to the effective approaches to fundamental principles prepared for the World Bank by David Thomas and Francis Frizon. • The nature of good candidates for the Ombudsman role is as varied as the role itself. It is recommended that the hiring panel have complete latitude to hire subject to any appropriate restrictions, such as to ensure cooling off periods for candidates coming from industry, government, or regulators. The key is to find a person for the Ombudsman role with unimpeachable integrity, intellect, and judgment. The subject matter expertise is arguably a secondary consideration as it can be obtained externally or secured through the hiring of appropriate staff. Article 22 • Article 22(c) suggests that there will be an appeal mechanism for decisions made by the Office. This is not consistent with international good practice. The Office itself is the appeal mechanism for unresolved complaints against the financial sector. The only appeal from the Office should be via judicial review in accordance with principles of administrative law and the Office should be established in law so as to maximize the likelihood of a significant amount of judicial deference being given to decisions made by the Ombudsman. For this reason, the explicit power of the Ombudsman to make a binding decision based on fairness and reasonability in the circumstances is critical to guide the Nigerian courts’ interpretation in any judicial review of a decision from the Ombudsman. Reference Legislation • In other comparable jurisdictions, details analogous to the elements found in the proposed Nigerian legislation are commonly found not only in legislation, but also in regulation or terms of reference. There are useful examples from other Commonwealth jurisdictions which align well with Nigerian common law. The following are useful examples: Jersey152 • While not a country, Jersey’s legislation governing the financial Ombudsman scheme is tightly defined and clear, except for the exclusion of certain industry sectors/products, which exclusions are not recommended for inclusion by any other jurisdiction. This is a much simpler structure than most Ombudsman schemes from a legislative standpoint. The complexity is found in the identification of financial services providers subject to the Ombudsman mandate, eligible complainants, and the funding structure. As it is one of the newest financial Ombudsman schemes to emerge, it has incorporated numerous innovations from other jurisdictions. The overall framework is provided by high-level yet clear and flexible legislation underpinned by more easily adapted detailed regulations, constitutions, or terms of reference. This is a recommended approach. 152 https://www.jerseylaw.je/laws/enacted/Pages/L-14-2014.aspx#_Toc394071702 60 UK Financial Ombudsman Service • UK FOS is the statutory dispute-resolution scheme set up under the provisions of Part XVI and Schedule 17of the UK’s Financial Services and Markets Act 2000 (as amended). • The rules governing the scheme are from the UK’s Financial Conduct Authority and can be seen at: https://www.handbook.fca.org.uk/handbook/DISP/ • This is a complex and convoluted structure but made necessary by the historical evolution, scale and complexity of the industry and FOS’ operations. It is good for ideas on elements to include in scheme design, but not a useful precedent overall. • Many schemes derive their authority from the regulators but are established to be independent of them through boards of directors. The relationship between the Ombudsman scheme and the regulator is governed by regulation, or less formally through a memorandum of understanding (MoU). Constitutions • The corporate details of a governance structure can be in the legislation, or can be placed in the constitution of the corporate entity, enabling a degree of flexibility. A couple of examples include: • Australia: available at http://fos.org.au/custom/files/docs/fos_constitution.pdf • New Zealand: available at https://www.bankomb.org.nz/ckeditor_assets/attachments/297/constitution_august_2015.pdf Terms of Reference • Some Ombudsman schemes adopt terms of reference subordinate to their empowering legislation which set out the details of the Ombudsman’s powers and operation. This promoted ease of amendment when the need arises but are only recommended in specific circumstances where the independence of the Ombudsman is sufficiently protected from potential interference. Where the risk of interference is higher, more detailed legislation is preferred. • Several examples of terms of reference for schemes with a range of powers ranging from the quasi-judicial (Australia) to more voluntary (Canada): • Australia: available at http://fos.org.au/about-us/terms-of-reference/ • New Zealand: available at https://www.bankomb.org.nz/ckeditor_assets/attachments/306/terms_of_reference_january_2 016.pdf 61 • South Africa: available at http://www.obssa.co.za/images/Publications/approved_terms_of_reference_updated_may_201 1.pdf • Canada: available at https://www.obsi.ca/download/fm/318 62