93928 V2 DISCLAIMER This Diagnostic Review is a product of the staff of the International Bank for Reconstruction and Development/The World Bank. The findings, interpretations, and conclusions expressed herein do not necessarily reflect the views of the Executive Directors of the World Bank or the governments they represent. Abbreviations and Acronyms .................................................................................................................... 4 Acknowledgments ...................................................................................................................................... 5 Preface ......................................................................................................................................................... 6 I. Consumer Protection in the Banking and Finance Company Sector ................................................. 7 II. Consumer Protection in Savings and Loan Cooperatives ............................................................... 57 III. Consumer Protection in the Insurance Sector.................................................................................. 91 IV. Consumer Protection in Digital Financial Services ....................................................................... 115 V. Financial Education and Consumer Empowerment ....................................................................... 130 Table 1. Consumer Protection Institutional Arrangements in Digital Financial Services .......................... 116 Table 2. Main Consumer Protection Provisions Applicable to Digital Financial Services ........................ 119 Table 3. Selected Results of Recent Demand-Side Surveys ................................................................... 131 --- Currency and Equivalent Units (As of January 2015) Currency Unit = Paraguayan Guarani (PYG) USD 1 = PYG 4,707.72 Government Fiscal Year January 1 – December 31 ADEFI Association of Finance Companies (Asociación de Entidades Financieras) AML Anti-Money Laundering APCS Paraguayan Association of Insurance Companies (Asociación Paraguaya de Compañía de Seguros) ASOBAN Association of Banks (Asociación de Bancos) ASUCOP Association of Users and Consumers of Paraguay (Asociación de Usuarios y Consumidores de Paraguay) BCP Banco Central del Paraguay BCP-SIB Banking Superintendency (Superintendencia de Bancos) BCP-SIS Insurance Superintendency (Superintendencia de Seguros) BNF National Development Bank (Banco Nacional de Fomento) CAMP Centre of Arbitration and Mediation of Paraguay (Centro de Arbitraje y Mediación Paraguay) CFT Combating the Financing of Terrorism CGAP Consultative Group to Assist the Poor CONACOM National Competition Commission (Comisión Nacional de la Competencia) CONATEL National Telecommunications Commission (Comisión Nacional de Telecomunicaciones) CONPACOOP Cooperatives Cooperation of Paraguay (Confederación Paraguaya de Cooperativas) CPFL Consumer Protection and Financial Literacy DCF Financial Consumer Ombudsman (Defensora al Cliente Financiero) DDUS Division for the Defense of the User of Insurance DGEEC Department of Statistics, Surveys and Censuses (Dirección General de Estadística, Encuestas y Censos) DRGV German Cooperative and Raiffeisen Confederation EMPE E-Money Issuer (Entidad de Medio de Pago Electrónico) ENIF National Financial Inclusion Strategy (Estrategía Nacional de Inclusion Financera) GSMA GSM Association FGD Deposit Guarantee Fund (Fondo de Garantía de Depósitos) IAIS International Association of Insurance Supervisors IIF Financial Inclusion Intendency (Intendencia de Inclusión Financiera) INCOOP National Institute for Cooperatives (Instituto de Cooperativismo) INTN National Institute of Standards and Technology (Instituto Nacional de Tecnología, Normalización y Metrología) KYC Know-Your-Customer MIC Ministry of Industry and Commerce (Ministerio de Industria y Comercio) MOU Memorandum of Understanding NGO Non-Governmental Organization PIN Personal Identification Number POS Point of Sale PYG Paraguayan Guarani SEDECO Secretariat for Consumer Protection (Secretaría de Defensa al Consumidor) SEPRELAD Secretariat for Prevention of Money Laundering (Secretaría de Prevención de Lavado de Dinero o Bienes) SIPAP National Electronic Payment System of Paraguay (Sistema Nacional de Pagos Electrónicos del Paraguay) SNIPC National Integrated System of Consumer Protection TELCO Telecommunications Provider TFC Total Financial Cost WOCCU World Council of Credit Unions This Diagnostic Study was prepared by a team led by Douglas Pearce (Lead Financial Sector Specialist, GFMDR) and Ilka Funke (Financial Inclusion Specialist), and included Sarah Fathallah (Financial Analyst, GFMDR), Manuel Peraita (Insurance Sector Specialist), Jose Rutman (Banking Sector Specialist) and Luis Trevino (Sr. Financial Sector Specialist, GFMDR). Technical guidance and input was provided by Dante Mossi (Resident Representative for Paraguay, LCCPY), Javier Suarez (Lead Economist, GTCDR), Jane C. Hwang (Sr. Financial Sector Specialist, GFMDR) and on the legal framework by Mariana Paredes (Consultant). Maria Cristina Heisecke Paredes (Consultant, GFMDR) provided both technical and administrative support, while Rosa Arestivo de Cuentas-Zavala (Team Assistant, LCCPY) and Monzerrat Garcia (Consultant, GFMDR) also gave valuable administrative support. Marianna Camino (Consultant, GFMDR) provided translation support. Peer review comments were provided by Javier Suarez (Lead Economist, GTCDR), Jane C. Hwang (Sr. Financial Sector Specialist, GFMDR), and Ros Grady (Sr. Financial Sector Specialist, GFMDR). The team would like to express its gratitude to the authorities and private stakeholders for the support and collaboration it received during the preparation of the Review. Special thanks go to the management and staff of the different financial supervisory authorities for their excellent cooperation and the warm welcome extended, and to the management and staff of the Financial Inclusion Intendency (Central Bank of Paraguay) for their valuable assistance and input provided during the review. The Diagnostic was prepared with financial support of the Swiss State Secretariat for Economic Affairs (SECO), through the Global Consumer Protection and Financial Literacy Trust Fund. Volume II of the CPFL Diagnostic Review includes a detailed assessment of the institutional, legal and regulatory framework for consumer protection in four segments of the financial sector: (i) banks and finance companies, (ii) financial cooperatives, (iii) insurance companies, and, - in reflection of the important role they play in Paraguay - (iv) non-bank agents and mobile payment providers. The review further assesses the institutional framework and infrastructure in place in the area of Financial Education and Empowerment of Consumers. Volume II complements Volume I, which summarizes the key findings of the diagnostic and provides prioritized recommendations. The World Bank’s Good Practices for Consumer Protection were used as a benchmark for assessing the 1 frameworks applicable to banks and finance companies, S&L cooperatives and insurance companies. The Good Practices are based on findings of in-depth country level reviews of consumer protection and financial literacy conducted by the World Bank since 2006, as well as international benchmarks, including (i) principles released by the Basel Committee, IOSCO and IAIS, (ii) OECD recommendations in this area, as well as (iii) laws, regulations and codes of business practices from the European Union, United States, Australia, Canada, France, Ireland, Malaysia, Mexico, New Zealand, Peru and South Africa. The World 2 Bank (WB) has already conducted similar reviews in more than thirty countries worldwide. For the diagnostic of consumer protection in digital finance services, no formal Good Practices have so far been established. The review is based on general principles of institutional arrangements and legal frameworks established under the Good Practices, complemented with guidance provided by a number of recent publications, including (i) World Bank (2014), Responsible Digital Financial Services: Consumer Protection in an Electronic Environment, Presentation in preparation for the Responsible Finance Forum V, (ii) Alliance for Financial Inclusion (2014), Consumer Protection in Mobile Financial Services, Guidance Note No. 13, (iii) GSMA (2012), Mobile Privacy Principles: Promoting a User-Centric Privacy Framework for the Mobile Ecosystem, Document Version 1.0, and (iv) CGAP (2010), Protecting Branchless Banking Consumers: Policy Objectives and Regulatory Options, Focus Note 64. Finally, Financial Education and Consumer Empowerment is covered as a stand-alone assessment, and not as usually done under each of the sectors. It is based on Good Practices for Financial Education and Consumer Protection established for individual sectors, and complemented with relevant guidance material, including (i) the G20 High Level Principles on Financial Consumer Protection and the Annex to the G20/OECD Task Force Report on Financial Consumer Protection, (ii) the sections on Financial Education in World Bank (2014) Global Survey on Consumer Protection, and (iii) Financial Literacy, as well as World Bank (2013), Making Sense of Financial Capability Surveys around the World), To prepare the review, a World Bank (WB) mission visited Asunción from May 26 to June 5, 2014. Extensive consultations were held with stakeholders from the public and private sectors. 1 The Good Practices for Financial Consumer Protection (World Bank, 2012) are available at: http://bit.ly/GoodPracticesConsumerProtection 2 Recent CPFL Diagnostic reviews are available at: http://responsiblefinance.worldbank.org/diagnostic-reviews SECTION A CONSUMER PROTECTION INSTITUTIONS Good Practice A.1. Consumer Protection Regime The law should provide clear consumer protection rules regarding banking products and services, and all institutional arrangements should be in place to ensure the thorough, objective, timely and fair implementation and enforcement of all such rules. a. Specific statutory provisions should create an effective regime for the protection of a consumer of any banking product or service. b. A general consumer agency, a financial supervisory agency or a specialized financial consumer agency should be responsible for implementing, overseeing and enforcing consumer protection regarding banking products and services, as well as for collecting and analyzing data (including inquiries, complaints and disputes). c. The designated agency should be funded adequately to enable it to carry out its mandates efficiently and effectively. d. The work of the designated agency should be carried out with transparency, accountability and integrity. e. There should be co-ordination and co-operation between the various institutions mandated to implement, oversee and enforce consumer protection and financial system regulation and supervision. f. The law should also provide for, or at least not prohibit, a role for the private sector, including voluntary consumer organizations and self- regulatory organizations, in respect of consumer protection regarding banking products and services. Description a. The provisions of the law should create an effective regime for the protection of banking consumers. The legal framework for general consumer protection is set forth in the Consumer Protection Law number 1334 of 1998. It covers all sectors of the economy, including the provision of financial products and services. This law covers, among others, the basic rights of a consumer, contractual issues, information to be provided when selling goods and services, rules for advertising, legal defense of consumer rights, enforcement authority, consumer education, consumer associations, and sanctions. The Consumer Protection Law does not contain a specific chapter on financial products and services (except as stated, very briefly, under "credit operations"). The Organic Law of the Central Bank of Paraguay (BCP-Law 489 of 1995) establishes as fundamental objectives of the BCP to preserve and safeguard the stability of the value of the currency and to promote the efficiency and stability of 3 Prepared by Jose Rutman the financial system. It does not have a specific mandate for consumer protection, although some aspects of "market conduct" could be included within the broad concept of "efficiency and stability" of the financial system. The same law, in Article 44, states that interest rates may be freely agreed upon, but establishes a ceiling on lending rates (compensatory and punitive) equal to 1.30 times the average financial system interest rates for consumer loans (called "usury rate"). The fixing of maximum interest rates is mandated by Article 475 of the Civil Code, which states that arrears or countervailing interest rates cannot be more than the maximum rates established by BCP, under penalty of nullity of the corresponding clause, regardless of the denomination given to the ancillary benefit borne by the debtor. Furthermore, the General Law of Banks, Finance Companies and Other Credit Institutions (Banking Law number 861 of 1996) states in Article 107 ("Information Transparency") that the BCP, based on the opinion of the Banking Superintendency (SIB), will ensure information transparency of credit institutions in relationship to their customers. Overall, the Consumer Protection Law creates a broad regime for the protection of the consumer, while other laws (i.e. Organic Law of BCP and the Banking Law) cover selected issues like transparency of information in more depth and specificity. This raises some questions about the specific powers of the institutions involved in regulating and supervising consumer protection issues. As discussed in more detail in other best practices, there are some gaps in regulation. b, A general consumer protection agency, a financial supervision entity, or a specialized financial consumer protection agency should be responsible for implementing, monitoring and enforcing consumer rights regarding banking products and services as well as to collect and analyze information (including requests for information, complaints, and disputes). The Consumer Protection Law initially established as regulatory and supervisory agency the Ministry of Industry and Commerce (MIC), and also allowed municipalities to play a role in supervising its implementation on a voluntary basis (see Decree 20572/03, which establishes the National Integrated System of Consumer Protection (SNIPC)). To implement the system, the MIC issued various regulations, such as a summary of proceedings (Decree 21001/03); a scale of fines (Resolution 520/06); and a registry of offenders, reconciliations and complaints (Resolution 521/06). In practice, the system was however never implemented and the technical platform not created. A new system was established in September 2013 through Law 4974, which created the Secretariat of Consumer Protection (SEDECO) as the new enforcement authority of the general Consumer Protection Law. SEDECO is an autonomous and decentralized body with its own legal status and budget (Art. 1). Relations with the executive branch stand through the MIC, which may establish, for the operations of SEDECO, direct links with other government agencies and the private sector (Art. 4). Additionally, Law 4974 sets out the objectives and functions, authority, human resources, structure, economic regime, and internal control for SEDECO. A number of issues currently impede the effective functioning of SEDECO. Regulations for Law 4974 are only being developed, and SEDECO has scarce human resources (16 staff, partly non-technical) and budget. Together with its recent creation, as well as the nonexistence of expertise in financial matters, SEDECO has so far been unable to effectively monitor and enforce consumer rights (including regarding to banking products and services), publicize its role in a broad public campaign or collect and analyze statistical data on the claims received from users (including requests for information, complaints, and disputes). The general Consumer Protection Law and its subsequent amendments do not expressly contemplate a role for the BCP in regulating or supervising financial consumer protection, except for establishing the usury rate (mandated by the Civil Code). However some business conduct related topics are included in the Banking and Organic Law of BCP. Furthermore, Resolution 2 of June 2007 instructed the BCP-SIB to verify the consistency of the provisions with those of the Consumer Protection Law. BCP approved transparency rules relating to the calculation and publication of interest rates (Resolution 2 of November 2001, revised in 2007), while moving forward with the approval of credit card and bank account contracts of the institutions under its supervision. BCP disseminates on a monthly basis the usury rates, which establishes a maximum annual interest rate for lending (currently 56.16% for operations in local currency and 16.15% for foreign currency). In 2013, the BCP-SIB also constituted a Financial Inclusion Intendency (IIF) under BCP-SIB’s Extra-Situ Supervision Department, which covers Financial Consumer Protection, Financial Education and Financial Inclusion per se. In summary, neither SEDECO nor BCP-SIB exercises full and effective regulation and supervision of financial consumer protection. Nevertheless, the BCP-SIB has made significant progress in regulating information transparency and reviewing contracts and claims handling, but actual supervision is hampered by the lack of standardized procedures. c, The work of the designated agency for financial consumer protection should be done with transparency, integrity, and accountability. The enforcement authority of the Consumer Protection Law (i.e. the MIC and, more recently, SEDECO) has not released information on the activities it carried out in the area of consumer protection (either in general or with regards to financial products and services). No widespread consumer complaints have been addressed, nor their characteristics documented (size, products/sectors, type of 4 resolution) , nor have the penalties for financial service providers been published. The BCP-SIB has also not released information on its activities in the field of consumer protection, including statistics on claims received. It has added to its website a tab on "Consumer Protection" which includes FQAs, information on procedures for filing a claim (i.e. who should file a claim and how to do so), the process that should be expected by the user and the final resolution. 4 See Good Practice E.3. d, The designated agency should be adequately funded so that it can carry out its mandate efficiently and effectively. SEDECO has 16 people in total (6 of which in the Legal Department) to cover consumer protection issues for all economic sectors. In addition, under the old scheme, 13 municipalities (out of over 250) also participated in the supervision on a voluntary basis , with low to no participation in practice SEDECO is currently exploring options to renew and standardize the participation of the municipalities, but at the time of the mission no agreement had yet been signed. Under the current arrangement SEDECO does not appear to have sufficient funds and staffing to carry out its very broad mandate (Art. 5 and 6 of Law 4974) efficiently and effectively. The IIF created under the BCP-SIB has 5 employees in total, of which one person is focused specifically on financial consumer protection. Furthermore, on-site supervision has a total staff of 65 people, dedicating on average 10% of their time to review issues related to the transparency of information and compliance with maximum interest rates of banks and finance companies. Off-site monitoring of non-prudential aspects covers the approval of contracts for financial products and services. Overall, the resources of the IIF are insufficient for the activities it currently performs. For example, only one person is in charge of handling consumer claims, evaluating financial institution contracts with regard to compliance with consumer protection aspects (along with the department of Licenses and Authorizations, who has primary responsibility), and monitoring the structure and level of fees and commissions, among other responsibilities. The Capacity of off-site supervision (e.g. evaluating the information published by financial institutions) is also limited. The in-situ supervision of market conduct is done by the same team of prudential supervisors, and from the available information it cannot be judged whether the resources for this are sufficient. However, the mission noted as a core deficit the lack of manuals and standard operating procedures to carry out these tasks (which should be done in collaboration with officials of the IIF). e, The various institutions mandated to implement, monitor, and enforce consumer protection, financial sector regulation, and supervision should work in a coordinated and cooperative manner. Coordination and cooperation between SEDECO and BCP-SIB is limited. They do not meet regularly to exchange information on issues related to financial consumer protection, nor have developed procedures for referral and/or technical collaboration for the treatment of claims related to financial services or products. Under the former regime, the MIC and BCP signed a cooperation agreement, which however was not implemented effectively. Given the establishment of a new application authority for the Consumer Protection Law (SEDECO), a new agreement would have to be signed. Some interaction between SEDECO and the BCP with regard to legal initiatives has recently been observed. One example is the draft law on credit cards. f, The law should also provide or at least not prohibit, a role for the private sector, including voluntary consumer organizations and self-regulatory organizations with regard to consumer protection for banking products and services. The Consumer Protection Law establishes in Article 6 paragraph g) as a basic consumer rights "the formation of consumer associations in order to defend and represent themselves." Art. 45 of the Consumer Protection Law sets out what is meant by consumer association, defining it as "any association formed by individuals who do not have economic, commercial or political interests and whose intent is to ensure the protection and defense of consumers and users, and promote information, education, representation and respect of their rights." Art. 46 defines the requirements to be met in order to act as a consumer association, such as incorporating as a non-profit; not engaging political activity; not receiving donations/contributions/support from commercial enterprises; not accepting advertisements; among others. Finally, Art. 47 defines the purposes of consumer associations, which are to promote and protect the rights of consumers; to support consumer defense (or act jointly in this regard) in court and administrative procedures; to promote judicial proceedings aimed at legal enforcement (insofar as the users do not or do not claim compensation); to collect, report, and divulge objective information on goods and services; and to conduct training programs, counseling and consumer education. There is one major consumer association in Paraguay, the Association of Users and Consumers of Paraguay (ASUCOP), which is limited in size and activities. Its operation is carried via legal entities that voluntarily adhere to the association, and it conducts studies in an ad hoc manner on issues they consider of interest. The Association has not carried out a specific study of the financial sector. Communication is channeled mainly through social networks, where the Association has 35,000 followers. It played an important role in collecting claims for the mandatory auto insurance law (later repealed) and is currently participating in the draft credit card law. Recommendation 1. The legal framework should be enhanced to provide clarity on the mandates, responsibilities, and powers of SEDECO as the regulatory and supervisory authority of the Consumer Protection Law and of the BCP-SIB (within the framework set by BCP’s Organic Law and the Banking Law) for the effective regulation and implementation of financial consumer protection for entities under its supervision (in line with the broad principles established by the Consumer Protection Law). Alternatively, if feasible under the current legal framework, the BCP-SIB should establish and monitor regulations on information transparency, business practices, and complaint resolution mechanisms that banks and finance companies should implement. It would then intervene in cases of non- compliance with these regulations. In this scenario, SEDECO could periodically determine whether such regulations are consistent with the general Consumer Protection Law. Furthermore, SEDECO (and the participating municipalities), or a financial ombudsman, could deal with and resolve complaints from users regarding specific aspects of the relationship between the user and the provider of financial services. For either alternative to work, the coordination between SEDECO and BCP- SIB needs to improve, i.e. establishing an effective exchange of information, technical training, referral of claims, and consistency of the legal and regulatory framework. 2. Once SEDECO is strengthened in terms of human and economic resources, and has established regulations for the implementation of its function, it is recommended to institute mechanisms for adequate training and implementation of procedures to ensure the application of criteria for dispute resolution through the participating municipalities in a homogeneous and consistent manner (e.g. the same resolution when faced with the same circumstances). To achieve this objective, an electronic platform (something that once was contemplated by the MIC, when it was the enforcing authority for the Consumer Protection Law, but was never implemented) could be used. 3. The BCP-SIB should define what model of supervision to apply in monitoring aspects of financial consumer protection: if only addressed by the IIF, a greater amount of resources will be required, compared to the alternative that in-situ supervision of these aspects is made by the same team that carries out prudential supervision. Adopting this last alternative will require the development of procedures and training manuals (with the active participation of the IIF in the process) so that the team of supervisors exercises its market conduct supervision in a homogenous and efficient manner. 4. Depending on the mandates and division of roles adopted, appropriate resources should be given assigned to SEDECO as well as BCP-SIB, in order to allow for the effective implementation of legal and regulatory framework for financial consumer protection. Good Practice A.2 Code of Conduct for Banks a. There should be a principles-based code of conduct for banks that is devised by all banks or the banking association in consultation with the financial supervisory agency and consumer associations, if possible. Monitored by a statutory agency or an effective self-regulatory agency, this code should be formally adhered to by all sector-specific institutions. b. If a principles-based code of conduct exists, it should be publicized and disseminated to the general public. c. The principles-based code should be augmented by voluntary codes of conduct for banks on such matters as facilitating the easy switching of consumers’ current accounts and establishing a common terminology in the banking industry for the description of banks’ charges, services and products. d. Every such voluntary code should likewise be publicized and disseminated. Description Neither the Association of Banks (ASOBAN) nor the Association of Finance Companies (ADEFI) has as yet developed a code of conduct based on well- developed principles. However, some individual financial institutions have developed and published their own individual codes of conduct. One bank has adopted a code based on the SMART Campaign, whose principles can be found on its website and in the brochures it distributes. Other financial institutions have evaluated adhering to these best practices, without much progress or implementation to date. . Overall, the role of ADEFI and ASOBAN in the dissemination of good practices and the homogenization of fees and commissions has been very limited. Communication with the community at large has also been limited; as an example ASOBAN lacks an institutional website and has not developed external publications. Recommendation 1. ADEFI and ASOBAN could consider creating and publishing a Code of Conduct for implementation by banks and finance companies, or providing other form of guidance material. Membership in the Code would be voluntary, but should be publicly announced by participating institutions and include a scheduled review for compliance by an independent person or institution. The scheme should contemplate incentives (or penalties) for the implementation (or lack thereof) of the Code, contemplating (in extreme cases) the removal of the institution from the larger list of adherents. A simple mechanism should also be implemented for users to report breaches of the Code or lack of adherence to the established guidance material. 2. The Code or guidance material should include aspects related to transparency, business practices and customer complaints, such as guidelines on the analysis and offer of appropriate financial products and services, practices deemed abusive, possibility of customer suspension, credit recovery practices, and information transparency. 3. ASOBAN and ADEFI could furthermore play an active role in spreading among their members the best practices in areas that are identified as most critical in terms of transparency, business practices and complaint resolution. 4. An alternative to developing the Code of Conduct or stand-alone guidance material would be to incorporate aspects that the Code would contain within the regulatory framework issued by BCP. To do this, ASOBAN and ADEFI could adopt a coordinating role for their member institutions to consolidate the vision and experience of the market and provide input to BCP for better and more effective guidance on the best practices. From the point of the view of the mission, this would be preferable. Some of the initiatives that could be included in the regulatory framework and where the industry associations could have a role to play include: standardization and definition of commissions and fees; definition of total financial cost; content and format of key fact statements, among others (the abovementioned proposals are further developed in the following Good Practices). Good Practice A.3 Appropriate Allocation between Prudential Supervision and Consumer Protection Whether prudential supervision of banks and consumer protection regarding banking products and services are the responsibility of one or two organizations, the allocation of resources to these functions should be adequate to enable their effective implementation. Description SEDECO does not have sufficient resources to implement its mandate. Similarly, the IIF does not have sufficient resources to perform the financial consumer protection functions of off-site monitoring, approval of contracts, and consumer complaint resolution. The In-Situ supervision at BCP-SIB does not have specific assigned resources to address monitoring issues related to financial consumer protection; the main aspect relating to consumer protection it covers is compliance with the maximum interest rate; although it has also detected other excesses –, for example in life- insurance premiums. In addition, the prudential supervisors have not been trained to detect issues related to transparency, business practices and customer complaints. The procedures carried out by In-Situ supervision in this area are not properly formalized or standardized. Recommendation 1. Having clarified the scope of the mandate for SEDECO and BCP on financial consumer protection, the allocation of necessary resources for SEDECO and BCP-SIB (particularly the IIF, Licenses and Authorizations, and In-Situ Supervision) is recommended so that both institutions can effectively carry out their respective tasks. 2. In the short term, regardless of the mandates that may be defined in the medium term as mentioned in the previous paragraph, it is imperative to allocate more resources to the IIF, with regards to financial consumer protection, in order to allow it to carry out the tasks it is currently assigned to do and advance the development of manuals and processes for market conduct supervision and training of on-site supervisors. Good Practice A.4 Other Institutional Arrangements a. The judicial system should ensure that the ultimate resolution of any dispute regarding a consumer protection matter in respect of a banking product or service is affordable, timely and professionally delivered. b. The media and consumer associations should play an active role in promoting banking consumer protection. Description a) The judicial system is not efficient and effective in the resolution of disputes between banks and users of financial services. Judicial processes are time consuming and expensive. b) The news media have begun to engage on the issue of financial consumer protection, including the publication of articles related to personal finance. Some private initiatives published web pages including tables comparing interest rates on bank loans. The radio has significant penetration in Paraguay; weekly programs addressing issues to personal finance for low-income segments have also been identified (though with less impact). The ASOCUP does not play an active role in the dissemination and promotion of consumer protection in relation to the banking system. In practice there is not clear communication and interaction between SEDECO, BCP-SIB and the mass media/ consumer associations. The development of regulatory projects are not shared or done in consultation with consumer associations; there is no exchange of information between these institutions on improper business practices, lack of transparency and of the type and quality of consumer complaints. Recommendation 1. Agencies with primary responsibility for consumer protection in financial services should strengthen links with the media and consumer associations to promote the dissemination and understanding of the rights and obligations of financial users, reaching out to segments of the population that traditionally would be costly or difficult to reach. 2. Also, consumer associations should be consulted during the process of drafting of laws and regulations related to financial consumer protection (currently they are actively participating in the drafting of the credit card law). Good Practice A.5 Licensing All banking institutions that provide financial services to consumers should be subject to a licensing and regulatory regime to ensure their financial safety and soundness and effective delivery of financial services. Description According to the provisions of the Banking Law, only institutions that are licensed by BCP can operate as banks or finance companies (Articles 1 and 5). An institution cannot use the word bank, finance company or similar misleading language if not authorized by BCP to perform the operations reserved for those institutions. BCP, via the BCP-SIB, develops standards around the supervision of banks and finance companies. The approval process for gaining a license as a bank or finance company only marginally evaluates aspects related to financial consumer protection. Recommendation Strengthen the review process prior to licensing of a bank or finance company, including the evaluation of its transparency policy, business practices and response to claims brought by financial consumers. This would encourage financial institutions to have structures, policies and personnel to deal with financial consumer protection from their inception. SECTION B DISCLOSURE AND SALES PRACTICES Good Practice B.1 Information on Customers a. When making a recommendation to a consumer, a bank should gather, file and record sufficient information from the consumer to enable the bank to render an appropriate product or service to that consumer. b. The extent of information the bank gathers regarding a consumer should: (i) be commensurate with the nature and complexity of the product or service either being proposed to or sought by the consumer; and (ii) enable the bank to provide a professional service to the consumer in accordance with that consumer’s capacity Description The norms established by BCP for the classification of assets, credit risk, and interest accrual (Resolution 1, Act 60 of 2007) state that managers of financial institutions should establish written policies, criteria, procedures, information systems and controls designed to ensure the sound and prudent management of the risks involved, at the time of the origination of loans, throughout their existence, and until maturity or cancellation. Furthermore, these rules set forth (points IV.C and IV.D.4) the following minimum information requirements for medium, small and personal debtors: identification of the debtor (National ID or equivalent); information on the application, use and conditions of the credit; status report or sworn statement of assets, both of the debtor and the guarantor, if applicable; income certificate or information about the source of repayment of the loan; official court or business reports; information about the mortgage guarantee (if applicable), and Tax Compliance Certificate, where applicable. For microcredit (point IV.E.1), only the debtor identification and information about the application and credit conditions are required (neither a business report nor a query to the credit registry are required; the draft regulation on microcredit has not established this requirement either). Although included as minimum information, the "business report" for medium, small and personal (excluding micro) borrowers does not explicitly require entities to consult the credit registry of the BCP-SIB prior to granting a loan. On the other hand, point IV.4 provides that the classification of credit risks will be based on the assessment and qualification of the ability to pay with respect to all obligations, using the public credit registry as a reference for this qualification. In practice, entities obtain information through completed forms filled in by the consumer alongside documentation that the applicant must provide (e.g. proof of income, address) and inquiries made to the BCP-SIB’s credit registry, the private credit bureau, or entities which have knowledge had made previous inquiries of the applicant in the credit bureau. Information on the degree of indebtedness of potential borrowers collected by the financial institutions has limitations. While the BCP credit registry contains positive and negative information on borrowers, it covers only the financial institutions supervised by the BCP-SIB (banks and finance companies). On the other hand, the private credit bureau does have information from other credit providers, such as financial cooperatives and white goods retailers; however, such information includes only negative information (more than 90 days delinquent), requests from entities for information about the borrower, and other negative events from public 5 sources (e.g. trials or lawsuits initiated) . The private credit bureau contains no positive information. Consequently, financial institutions do not have complete information on the total level of indebtedness of the customer, and may try to directly contact those institutions who have had contact with the person listed by the private credit bureau (typically cooperatives, but also pawn shops and credit stores, all of them not supervised by the BCP-SIB). On that occasion they consult if the person was given a credit and the amount currently owed. This method of aggregating the debtor's credit information is unreliable, expensive, and inefficient. With the explicit permission of the owner authorizing their data to be provided (Art. 84 of the Banking Law and Art. 5 of the Private Information Law number 1682/01 as amended by Law 1969/02) the provision of positive data would be unlimited; if not, only negative information would be shared in accordance with the provisions of Art. 9 of Law 1682/01. On the other hand, some limitations on the reporting of negative credit information also affect the ability of financial institutions to properly assess prospective clients. More specifically, the legal constraint that negative information is only reported once the client is in arrears of at least 90 days restricts access to useful information, such as late repayments from 1 to 89 days. As a result of this shortcoming, financial institutions may provide credit to individuals who are already having difficulty repaying their current obligations, without being aware of it. Banks incorporate in the contract information necessary not only for opening a deposit account, but also for the granting of a credit card (even if the user does not 5 See Good Practices D.2, D.3 and D.4. want it at that time). Therefore, the requirement for information in opening a demand deposit account is comprehensive and its authorization demands at least three days from opening, but then facilitates the offer and approval of financial products and services in the future. Financial institutions argue that the request for information is related to the Know-Your-Customer (KYC) requirement of emerging from regulations that prevent money laundering. Financial institutions have difficulties in accessing information in a timely manner, on direct debit for debt repayment via deductions on the salary of their clients. In many cases, the institutions only become aware of the actual salary when they see the amount credited to accounts opened in the institution. For the provision of other financial products, the widespread use of unified contracts leads to banks and finance companies collecting a broad range of information on the client. As discussed in more detail under Good Practices B.2. and B.4., the contracts already pre-approve certain products without the client needing to express his explicit interest in receiving this product or the product necessarily being in his / her interest. Recommendation 1. Require legislation (for all types of debt) that establishes a minimum consultation with the BCP-SIB credit registry (currently it is implicit in the requirement to have business reports for medium, small and personal credit, while totally excluding microcredit). 2. Facilitate access to information by financial institutions, including total levels of indebtedness for clients; for that BCP-SIB could remind institutions (via a public announcement) that there are no legal limitations for the collection and sharing of positive information to private credit bureaus, provided there is consent from the owner of the data (client). The banks and finance companies, together with the association of cooperatives and representatives of other credit providers should act in concert to encourage their members to provide positive credit information to bureaus, which will facilitate access to information about the degree of indebtedness of their users. 3. Deepen the scope of the credit registry to include the cooperative sector (the credit registry has been working with the largest cooperatives since June 2014) and its interaction with banks and finance companies, which would be helpful in facilitating access to comprehensive information on potential users of financial products and services. 4. Expand the regulations regarding repayment capacity evaluations, especially in relation to microcredit (e.g. pro forma cash flow evaluation from field visits). 5. Establish an effective mechanism to allow financial services providers to access information in a timely manner, including the degree to which earned salary is used to pay loans. 6. Amend the law to lift the restriction that negative credit information cannot be shared if the customer is past due less than 90 days (alternatively, reduce this period to 30 days). Good Practice B.2 Affordability a. When a bank makes a recommendation regarding a product or service to a consumer, the product or service it offers to that consumer should be in line with the need of the consumer. b. The consumer should be given a range of options to choose from to meet his or her requirements. c. Sufficient information on the product or service should be provided to the consumer to enable him or her to select the most suitable and affordable product or service. d. When offering a new credit product or service significantly increasing the amount of debt assumed by the consumer, the consumer’s credit worthiness should be properly assessed. Description The regulatory framework of BCP does not establish a suitability or appropriateness evaluation that financial entities should utilize prior to credit approval. It emphasizes, for credit products (e.g. "Rules for classification of assets, credit risk, and accrual of interest") the need for a proper assessment of the repayment capacity, which does not necessarily go hand in hand with what the user needs. Financial entities generally offer a range of deposit products (savings, checking and time deposits) and credit cards. In most cases, even if the person concerned wishes to purchase only one product (e.g. a savings account), the financial institution requires the customer to only sign one contract for banking services, which includes various products and financial services (savings, demand deposits, credit cards, safe deposit boxes, etc.). This method of acquisition and marketing could induce the purchase of financial products and services that are not necessary for nor desired by the user. This practice would contravene the provisions of Art. 14, paragraph a) of the Consumer Protection Law which prohibits conditioning the purchase of a product or service to another product or service, except by custom and habit or due to the nature of the product or service typically offered as a bundle. On the other hand, financial institutions believe that by offering various products and services they can meet user needs and ensure that the user makes a suitable choice. In practice, it is necessary to supplement this with appropriate counseling, based on the information collected and the actual needs of the user. In some cases, banks have detected needs for debt refinancing, especially with regards to credit card debt, either among their own customers or those of other financial institutions. To this end, they have begun offering personal loans to reduce the number of loans with short-term maturities and lower the financial cost of credit. There has been a growth in the operations of direct debit of public employees’ wages, which in some cases have reached 100%. While the Law on the General Budget of the Nation incorporated an article specifically to limit these debits to 50% of salary (Art. 227 of Law 5142 of 2014), previous credits have compromised the availability of said wages. For this reason the article has been appealed, compromising its effectiveness. Recommendation 1. Limit / prohibit unique contracts that involve opening an account or purchasing products and services that are not required by the client and/or not needed to be offered together. 2. Incorporate into the regulatory framework that banks and finance companies must focus on providing financial products and services that are appropriate, that meet the needs of customers, and that customers have the capacity to repay (in the case of loans). 3. Set by regulation a maximum percentage (e.g. 30%) of the total wages/income, considering all loans (in aggregate), that may be debited for repayment of said loans (to effectively implement this recommendation, customer information must be collected as per the recommendation in Good Practice B.1.). Malawi, Pakistan and Saudi Arabia have for example established limits for payroll deduction of between 30-50 percent, while Panama has put in place a borrowing limit for credit cards three times the monthly income. 4. Institutions should promote awareness to salaried employees (especially in the public sector) regarding the risks of multiple direct salary debits to pay off loans. Good Practice B.3 Cooling-off Period a. Unless explicitly waived in advance by a consumer in writing, a bank should provide the consumer a cooling-off period of a reasonable number of days (at least 3-5 business days) immediately following the signing of any agreement between the bank and the consumer. b. On his or her written notice to the bank during the cooling-off period, the consumer should be permitted to cancel or treat the agreement as null and void without penalty to the consumer of any kind. Description The regulatory framework does not include the requirement that banks offer a cooling off period during which clients can withdraw from a contracted financial product or service. The Consumer Protection Law (Art. 26) provides that the consumer is entitled to withdraw within seven days after signing the contract if the agreement is reached by phone or in the consumer's home (this does not refer specifically to financial products). Similarly, Art. 30 provides that the consumer has the right to prepay the entire amount owed with a consequent reduction in proportional interests. No mention is made of whether a prepayment fee may or may not be charged. Financial institutions do not include in their policies cooling-off periods during which clients can undo the acquisition of financial products or services. Some of them, informally, accept the withdrawal even without a commitment to do so (this practice is not very common, and few offer it publicly). Institutions generally do charge for prepayment; in some cases up to 30% or 50% of the interest for the remaining term. In other cases, entities establish a cancellation fee calculated as a percentage of the outstanding debt at the time of early repayment. Such practices may be in violation of the provisions of the Consumer Protection Law (Art. 30), but would require further guidance / clarification on the interpretation of Art. 30. Cancellation fees quoted are included in the contracts of loan products, although do not figure prominently and are generally found at the end. In the case of deposit products, banks do not apply a penalty for canceling the contract, beyond the obligation – in the case of current accounts – to return any checkbooks and the face value any checks already issued. Recommendation 1. Introduce in the regulatory framework of BCP the right of withdrawal from the contract by the customer within a shortened period of time for all marketed financial products and services.. Evaluate the treatment to be provided at time of cancellation (total refund, partial or no), including potential fees charged prior to the withdrawal of the customer. 2. Assess the scope of Art. 30 of the Consumer Protection with regards to the payment of fees for early cancellation of credit. Consider including in the regulatory framework a prohibition on such fees or fixing a maximum limit (i.e. proportion of the remaining accrued interest). Good Practice B.4 Bundling and Tying Clauses a. As much as possible, banks should avoid bundling services and products and the use of tying clauses in contracts that restrict the choice of consumers. b. In particular, whenever a borrower is obliged by a bank to purchase any product, including an insurance policy, as a pre-condition for receiving a loan from the bank, the borrower should be free to choose the provider of the product and this information should be made known to the borrower. Description As mentioned in Good Practice B.2. Art. 14, paragraph a) of the Consumer Protection Law, the tying of the purchase of one product or service to the purchase of another product or service, except by custom and habit or due to the nature of the product or service, is prohibited. The regulatory framework does not provide specifics on this topic, but approves the use of unique contracts in banking services through the authorization of such contracts. The only provision relating to the supply of tied products/services (life insurance associated with credit products) was implemented because of concerns identified by the BCP-SIB alongside the Insurance Superintendency (BCP-SIS). The SIS established a cap on the fees that agents or brokers can charge for intermediation and other concepts of life insurance, with the same maximum 30% of the premium (Resolution SS.SG 45/13 of August 2013). The above resolution was caused by the practices of financial institutions, including tying their loan products, obligatorily, to life insurance calculated on outstanding balances. Such policies are contracted by the entity and premiums are incorporated into payable balances. The client does not have the option to endorse to the financial institution their own policy with an insurance company. In addition, banks do not offer alternative insurance companies, and do not report the name of the company involved. Setting limits on life insurance premiums prompted some institutions to incorporate as pre-requisites for credit, insurance covering additional risks other than life (such as hospitalization, unemployment, etc.) and are not covered by existing limitations on life insurance premiums. The increasing tying of insurance products to credit is motivated, among other reasons, by the desire to circumvent the interest rate limits provided for in Art. 44 of the BCP Organic Law, and eventually sell products reflecting a lower interest rate (although the total cost of credit does not change, since the reduced interest rate are offset by the higher insurance premiums). Entities that do not perform this practice, are compelled to do so because if they do not: - Commercially, they are affected as users perceive that they charge a higher rate interest than competitors, when in fact it is offset by a lower premium; - Operationally, their rates are closer to the maximum interest rate established, since it is calculated on the average (now smaller in relative terms) of the entire financial system. There has also been an increase in the amount and number of commissions on loans that do not form part of the interest rate, since these charges have the same attributes as insurance premiums (no limit and permit a lowering of the stated interest rate). Financial institutions offer, along with deposit accounts, life insurance policies that reduce the cost of maintenance if the balance falls below the minimum required. While such insurance products are optional, the manner in which the products are marketed does not provide the customer with a way to analyze the costs and benefits. Recommendation 1. Prohibit, by regulation, the use of unified contracts to bundle other financial products in a non-transparent way (and without opt-out clause) and rule out mandatory insurance requirements except in specific circumstances such as for mortgage property insurance or insurance required by law. In cases where the individual must possess an insurance product (e.g. life insurance) to obtain another financial product or service (e.g. credit), institutions must offer a choice from at least two insurance companies and include information on the coverage, restrictions and premiums to be paid. The client should also have the option to endorse in favor of the financial entity - for the compliance of the compulsory insurance policy in question - the policy he/she has already contracted. The bank or finance company should incorporate into the contract information on the minimum solvency standards (e.g. risk-rating of the insurance company) that it is ready to accept in order to endorse the policy of the insurance company hired by the customer. 2. Develop a regulation to introduce the concept of Total Financial Cost (TFC) of credit, which would incorporate all interest, fees, charges and premiums (resulting in the internal rate of return on the total loan). The inclusion of this concept, along with an appropriate education would limit (at the margin) the commercialization of tied products (as it would reduce the incentive to collect more fees and lower interest rates). 3. Establish, for the purpose of maintaining the maximum interest rates provided for in Art. 44 of the Organic Law of BCP, that rates be calculated based on the TFC and not only on the effective interest rate. 4. Coordinate with other agencies that supervise credit providers (e.g. INCOOP for cooperatives and SEDECO for other unsupervised credit providers) to incorporate in their regulatory frameworks the concept of TFC, in order to ensure that it is calculated and disseminated by all credit providers ("leveling the playing field") and that all users receive the same standard of transparency, regardless of which credit provider is utilized. The dissemination and explanation to the general public of this concept (TCF) is simpler when applied equally in all sectors. Good Practice B.5 Preservation of Rights Except where permitted by applicable legislation, in any communication or agreement with a consumer, a bank should not exclude or restrict, or seek to exclude or restrict: i. any duty to act with skill, care and diligence toward the consumer in connection with the provision by the bank of any financial service or product; or ii. any liability arising from the bank’s failure to exercise its duty to act with skill, care and diligence in the provision of any financial service or product to the consumer. Description Art. 28 of the Consumer Protection Law defines a set of general contractual clauses as unfair, such as those that: strip obligations or eliminate or restrict liability for damages; waiver or restrict consumer rights or expand the rights of the other party; contain provisions that reverse the burden of proof to the detriment of the consumer; impose the mandatory use of arbitration; among others. Such clauses are general, and are no further guidance is provided for banking products. In the case of credit cards (Resolution of May 5, 2007), general rules have been established as to what appears in the credit card agreement without defining specific terms deemed to be abusive. The review and approval of contracts by the BCP-SIB is based on paragraph b) of Art. 107 of the Banking Law, which empowers the BCP-SIB to "point out certain obligations regarding the delivery and content of contract documents and communications of interest settlements to customers ". Up to now, the financial institutions complied with the clauses observed by the BCP-SIB; however it is not entirely clear whether the BCP-SIB has the legal authority to conduct such reviews. The only contracts that, by regulation, must be approved by the BCP-SIB are credit card and basic account contracts. However, when a unique contract of banking services is used, including deposit accounts, credit/debit cards and safe deposit boxes, clauses related to these other products and services are also analyzed. Contracts for deposit or credit only product (other than credit cards) are not required to be approved by the BCP-SIB (and in practice are not analyzed or reviewed off-site or one-site). The process of review and approval of contracts by the BCP-SIB is done by the Intendency of Licenses and Authorizations, supported (in aspects of consumer protection) by the IIF. As such, clauses that delimit the liability of banks in situations that do not call for it were detected. Some examples: (A) delineation of responsibility for financial institutions when funds are withdrawn from one account with a receipt containing a counterfeit but similar signature to the account holder; (B) delineation of responsibility for the financial institutions for any type of error (not only in cases where the customer can file suit). Another clause could be considered abusive is the one that curtails the right of users to refer the submission of cases exclusively to the jurisdiction of the ordinary courts of the city of Asunción (or, at the option of the bank, the courts of the city of resident for the client). This may be difficult, expensive and/or prevent the client from exercising his/her right to sue the financial institution if he/she is based outside of Asunción. The BCP-SIB has not made any comments on the use of unique banking contracts, even though these customers could be buying products and financial services which they are actually not interested in nor need. The BCP-SIB has not developed an internal procedure for the analysis of contracts, nor has it formalized a list of clauses that based on its own experience and analysis could be identified as abusive. The implementation of the above would ensure uniform treatment of contracts – during the review process and authorization – regardless of what analysts later determine. Recommendation 1. Analyze the feasibility of prohibiting entities from offering (in general or exclusively) unique contracts for banking products and services. Alternatively, require that such contracts contain clauses that require the user – with a signature, and practical, simple procedures during the signing of the contract – to accept or reject the acquisition of each individual financial product and service included in the contract. 2. Develop a regulation stipulating (as an example) the clauses which are deemed unfair and that banks may not include in their contracts of adhesion. Alternatively, the BCP-SIB could issue a list of already objected clauses so that entities become aware and adapt their contracts to the criteria adopted by the supervisory body. 3. Establish BCP internal procedures and a database of challenged clauses for review and approval of contracts. 4. Require entities to publish their contracts on their respective websites. This would provide greater transparency and knowledge for the user, while facilitating the process of off-site supervision. Good Practice B.6 Regulatory Status Disclosure In all of its advertising, whether by print, television, radio or otherwise, a bank should disclose the fact that it is a regulated entity and the name and contact details of the regulator. Description Banks and finance companies do not include in their advertising (brochures, advertisements, etc.) information on being regulated and supervised by BCP-SIB. However, only banks or finance companies that are authorized by the BCP may use the word “bank” or finance company to describe themselves (Art. 5 of the Banking Law). Banks and finance companies are mandated to (and de facto also adhere to) publish the coverage of the deposit insurance scheme in their branches and at least once a month in newspapers (Resolution on Information Transparency number 2 Act 125 of 2001, item 1). From the latter, users could infer that it is a regulated financial institution, although this would be implied. The existence of other depository institutions, such as cooperatives (possessing significant market share in Paraguay) that are not regulated and supervised by the BCP-SIB, means that the dissemination and publicity of the status of being regulated and supervised by BCP is of even greater importance. Recommendation Establish a regulation, which requires financial institutions to include in their advertisements and communications with customers standard wording (to be included in the regulation) that it is an entity regulated and supervised by BCP-SIB. Good Practice B.7 Terms and Conditions Before a consumer opens a deposit, current (checking) or loan account at a bank, the bank should make available to the consumer a written copy of its general terms and conditions, as well as all terms and conditions that apply to the account to be opened. Collectively, these Terms and Conditions should include: a. disclosure of details of the bank’s general charges; b. a summary of the bank’s complaints procedures; c. a statement regarding the existence of the office of banking ombudsman or equivalent institution and basic information relating to its process and procedures; d. information about any compensation scheme that the bank is a member of; e. an outline of the action and remedies which the bank may take in the event of a default by the consumer; f. the principles-based code of conduct, if any, referred to in A.2 above; g. information on the methods of computing interest rates paid by or charged to the consumer, any relevant non-interest charges or fees related to the product offered to the consumer; h. any service charges to be paid by the consumer, restrictions, if any, on account transfers by the consumer, and the procedures for closing an account; and i. clear rules on the reporting procedures that the consumer should follow in the case of unauthorized transactions in general, and stolen cards in particular, as well as the bank’s liability in such cases facilitates the reading of every word. Description The regulatory framework of BCP has established the characteristics of adhesion contracts only for credit cards (Resolution 5 Act 13 of 2007). For the remaining asset and liability products, there are no specific regulations on the minimum content or minimum terms and conditions. The Consumer Protection Law (Art. 24- 28) established the concept of "contractual protection", defining what is meant by contract of adhesion; requiring that the contract is clear, legible and understandable; introducing the right of cancellation for the consumer; specifying the interpretation of contractual clauses in a way favorable to the consumer; and adding a number of clauses that are deemed abusive and thus considered void. Most contracts (with the exception of personal loan contracts) are presented to the BCP-SIB for approval. However, only in the case of basic savings account (Act 51, Resolution of July 25, 2013) such a product has to be offered separately from the unique contracts for banking services (in other financial products/services there is no request to that effect). Only some aspects of contracts have been regulated, such as the minimum font size (BCP-SIB Circular No. 575/2009), which states that "... no font should be less than 2.5 mm, of good contrast between the letter and support, with spaces between characters and lines that allow readability". On the other hand, BCP-SIB recently (Circular 735/2014 of June 11, 2014) recalled the obligation to give the client a copy of the contract before signing the credit card service (Paragraph 3.3 of the Credit Card Resolution) and this requirement was extended to any product involving signing an agreement between the parties (contract), the bank and the customer, in which case it must necessarily deliver a copy of the document. In practice, banks have developed unified banking contracts that have resulted in very similar, but not equal, offerings between them. They are applicable for opening a savings account; current account; debit card and credit card; and safe deposit boxes. Since the same contract is usable for any of these products, it is large (12 to 17 pages, depending on the specific contract) and it is unclear to the customer which products and services are optional, available or, on the contrary, obligatory at the time of signing (an example in this regard is the possibility that the bank grants a credit line for overdraft on the current account, even if the customer did not request it). Some commissions are incorporated into the text of the contract itself, but most are referenced in the rate schedule. In some cases, financial institutions do not include in the product documentation or application the terms and conditions of the product; instead they simply reference that a document containing such terms and conditions is available on the website of the financial institution (the mission team found that some of these references were outdated). Contracts do not include mechanisms and processes for dealing with complaints and compensation schemes, which the bank adheres to. The list of commissions and fees is available on the boards / walls of the entities (in small letters) and on their websites, but are generally not delivered together with contracts to the client. Some entities include formulas for calculating interest and fees, while others mention that they are available upon request. The rate schedule generally contains a significant amount of fees for different items. Furthermore, it is common practice for companies to negotiate with financial institutions for the accreditation of wages in bank accounts. In these cases, the customers have a preferential fee structure, more beneficial than the available rates for the rest of the clientele. There is a wide dispersion in commissions and fees: at the level of the entire financial system, there are over 250 fees and commissions with different denominations, some of which are the same concepts with different names (for example, fee for the preparation of financial statements and charges for account maintenance). Also, many charges are related to the intensity of use and average balances held in the accounts, making it significantly more difficult for the user to understand and compare products. It has been observed that commissions are paid twice (with different names) for the same concept (e.g. checkbook fee and excessive use of checks; fee arrears and debt recovery fee). Entities do not provide to customers in general or in summary form (quarterly or annually) a total and list of commissions that have been charged over a certain period, such as a quarter or year (this would allow the customer to view, simply, the impact commissions have on the operation of each account). In one financial company that offers small credit operations, a signed copy of the contract (or a copy of the promissory note) is not given to the customer. The customer simply gets the liquidation of loans (signed by the cashier of the bank) and a reminder stub with a repayment schedule. The information in the loan settlement document does not include all contract information (e.g. it does not specify the cost of early repayment). Only some banks publish their standard contracts of adhesion on their websites, and in some cases these are not easily accessible. Recommendation 1. Require, via regulation or through the contract authorization process of BCP- SIB, that financial institutions incorporate into their contracts their procedures for handling complaints. 2. Prohibit the inclusion of clauses allowing the provision of services that are not explicitly required by the client (unified contracts). 3. Move forward with the standardization of commissions and fees in order to decrease their number and facilitate their understanding and comparison by users. Prohibit the collection of fees twice for the same service. 4. Prohibit financial institutions from excluding the terms and conditions applicable to the financial products from the documentation available at the time of subscription (e.g. prohibit references to terms and conditions which are available on the website of the entity and are not part the contract or offer). 5. Require that contracts include, at least in the Annex, a table comprising all rates in effect at the time of contracting the financial product or service. 6. Establish that model contracts should be available at branches and other service points of the financial institutions, and published in easily accessible locations on their websites. 7. ASOBAN and ADEFI should promote the design of standard contracts for the different products they offer, so that the user need not compare the general contract between different financial institutions, but instead focuses on the comparison of particular terms (e.g. commissions, interest rates, deadlines, etc.) Good Practice B.8 Key Facts Statement a. A bank should have a Key Facts Statement for each of its accounts, types of loans or other products or services and provide these to its customers and potential customers. b. The Key Facts Statement should be written in plain language and summarize in a page or two the key terms and conditions of the specific banking product or service. c. Prior to a consumer opening any account at, or signing any loan agreement with, the bank, the consumer should have delivered a signed statement to the bank to the effect that he or she has duly received, read and understood the relevant Key Facts Statement from the bank. d. Key Facts Statements throughout the banking sector should be written in such a way as to allow consumers the possibility of easily comparing products that are being offered by a range of banks. Description The regulatory framework does not require financial institutions to incorporate into their contracts a key facts statement for the different products that they offer. This aspect is relevant, considering that contracts are extensive and contain excessive information, making it difficult for the client to identify the most relevant terms. Recommendation 1. Incorporate a regulatory requirement that institutions must complete and deliver a key facts statement. In a first stage this could be mandated each time a loan product is quoted and/or agreed upon, and in a second stage extended to all other products. The key facts statement should form a supplementing part of the contract. The content and format of this document should be standardized for all banks and finance companies, and be part of the regulatory framework issued by BCP. 2. For the design and content of this document, BCP should identify the most relevant terms and conditions for the financial product or service. To this end, the content and format should be discussed with the associations of banks and finance companies so as to ensure that the variables chosen are representative and are written in a simple and understandable manner. This document must also include information for making complaints to the financial institution, as well as options for alternate dispute resolution if the user is not satisfied with (or has not received) the response to his / her complaint or grievance. Also, the document should contain some key information disclosures specific to the type of product involved. 3. Coordinate with INCOOP and SEDECO to ensure that the key fact statement template, including its content and format, is adopted and introduced by all financial service providers (banks, financial cooperatives, other credit providers, etc.). Good Practice B.9 Advertising and Sales Materials a. Banks should ensure that their advertising and sales materials and procedures do not mislead customers. b. All advertising and sales materials of banks should be easily readable and understandable by the general public. c. Banks should be legally responsible for all statements made in their advertising and sales materials (i.e. be subject to the penalties under the law for making any false or misleading statements). Description The Consumer Protection Law prohibits misleading advertising (Art. 35), defined as any form of information, dissemination, or transmission made for advertising purposes, which is totally or partially untrue, or otherwise able to induce consumer error, even by omission. Furthermore, the Transparency Resolution (Resolution 2, Act 123 of November 2001) states that institutions should provide information on interest rates, fees and other expenses to the public in a clear and comprehensive way by placing signage in visible and prominent places containing only such information. In addition, financial institutions must make available to the public a statement with examples of procedures for calculating interest rates and fees. The resolution also states (in paragraph i)) the format for publishing interest rates, in daily newspapers with national circulation, detailing the breakdown for liability (demand savings, deposits and savings certificates for different maturities) or asset (current account overdraft, personal loan, credit card, etc.) operations. Alongside interest rate information, a legend about the coverage of deposit insurance is also required. In practice, the information posted on boards within the entities is of limited utility. The excessive number of commissions and fees, and in some cases, the complexity of the calculations, may discourage the user from reading and consulting this information. Furthermore, paper brochures and product promotion web pages only describe some characteristics of individual products, but do not provide information on costs (e.g. there is no link between the product promotion page and its complete cost structure). The fees and commission provided on the web pages are not easily or directly accessible, compared with the product promotion pages. This practice leaves the user with unclear and incomplete information. The person in the bank or finance company with responsibility for consumer protection is usually not consulted prior to the development of advertising material. Recommendation 1. Require through regulation that entities link their advertisements to the products’ associated costs (or facilitate access to them). 2. Additionally, those responsible for financial consumer protection within financial institutions should intervene, prior to publication, in assessing advertisements to determine that they are not misleading, confusing and/or incomplete. Good Practice Third-Party Guarantees B.10 A bank should not advertise either an actual or future deposit or interest rate payable on a deposit as being guaranteed or partially guaranteed unless there is a legally enforceable agreement between the bank and a third party who or which has provided such a guarantee. In the event such an agreement exists, the advertisement should state: i. the extent of the guarantee; ii. the name and contact details of the party providing the guarantee; and iii. in the event the party providing the guarantee is in any way connected to the bank, the precise nature of that relationship. Description All banks, except the National Development Bank (BNF), which being a public entity is guaranteed by the national government, are covered by deposit insurance scheme administered by BCP. Financial entities, according to the requirements of the regulatory framework, promote the scope and characteristics of such coverage (one of the most used channels is through folders within branches and in footnotes on interest rate schedules). Banks do not offer additional guarantees from third parties other than the national Deposit Guarantee Fund (FGD), except in the case of the BNF as mentioned. Recommendation No recommendations. Good Practice Professional Competence B.11. a. In order to avoid any misrepresentation of fact to a consumer, any bank staff member who deals directly with consumers, or who prepares bank advertisements (or other materials of the bank for external distribution), or who markets any service or product of the bank should be familiar with the legislative, regulatory and code of conduct guidance requirements relevant to his or her work, as well as with the details of any product or service of the bank which he or she sells or promotes. b. Regulators and associations of banks should collaborate to establish and administer minimum competency requirements for any bank staff member who: (i) deals directly with consumers, (ii) prepares any Key Facts Statement or any advertisement for the bank, or (iii) markets the bank’s services and products. Description There is no specific regulation establishing a requirement for training by financial institutions in matters related to financial consumer protection. Financial institutions engage periodically in training staff on issues related to the products and services they offer. However, the staff is not told the importance of informing the customer fully (beyond what is required by formal regulation) on fees, commissions and risks associated with the different products offered (at least those that are offered in general, and, in the case of specific agreements with employers to accredit salaries in deposit accounts, where the user could obtain further information). These issues are exacerbated in cases of financial institutions that work with agents (sales people or business) who sell loans on behalf of the financial institution and receive little to no training for this (apart from incentives associated exclusively with sales volume). A similar situation occurs in the marketing of loans from financial institutions via cellular phone companies and their non-bank agents. There is no unified training at the sectoral level, led by associations of banks and finance companies, for staff dealing directly with consumers or offering them any key information document for advertising or marketing banking products and services. Recommendation 1. BCP regulations should incorporate the requirement for institutions to adequately train client-facing staff (including those with whom they outsource this activity), especially regarding the conditions and risks of financial products offered, the evaluation of the customer profile, the care arrangements for complaints and the regulatory framework. The entities should keep and make available to the BCP-SIB documentary evidence of the training provided (number and type of staff trained, content, dates, exams, results, etc.). 2. The association of banks (ASOBAN) and finance companies (ADEFI) should develop and offer training courses, including assessments to ensure adequate knowledge for all staff that interacts with customers. The content of the training should focus on the proper evaluation of the user's profile and needs, to offer those products and services that best suit the user. The entities should also develop the skills to convey the characteristics and risks of the different products and services and, in general terms, the current regulatory framework. SECTION C CUSTOMER ACCOUNT HANDLING AND MAINTENANCE Good Practice C.1 Statements a. Unless a bank receives a customer’s prior signed authorization to the contrary, the bank should issue, and provide the customer free of charge, a monthly statement of every account the bank operates for the customer. b. Each such statement should: (i) set out all transactions concerning the account during the period covered by the statement; and (ii) provide details of the interest rate(s) applied to the account during the period covered by the statement. c. Each credit card statement should set out the minimum payment required and the total interest cost that will accrue, if the cardholder makes only the required minimum payment. d. Each mortgage or other loan account statement should clearly indicate the amount paid during the period covered by the statement, the total outstanding amount still owing, the allocation of payment to the principal and interest and, if applicable, the up-to-date accrual of taxes paid. e. A bank should notify a customer of long periods of inactivity of any account of the customer and provide a reasonable final notice in writing to the customer if the funds are to be treated as unclaimed money. f. When a customer signs up for paperless statements, such statements should be in an easy-to-read and readily understandable format. Description The Civil Code contemplates the statements (summary) of current accounts (Art. 1402), without specifying the minimum content and frequency that it should have. In addition, Art. 1405 provides that if the bank issues a passbook savings, the interest income earned and fees paid should be recorded in it. BCP has regulated the minimum information that must be sent to the holder of a credit card (see more detail in Good Practice C.5.). Other than the abovementioned provisions, the legal and regulatory framework does not provide specifics on statements to be directed to financial customers. In practice, financial institutions offer monthly financial statements in which the movements of deposit accounts are detailed; and often also give the possibility to customers to receive their statement by email. Furthermore, the unified contract establishes that debits, credits, balances, interests, commissions, deductions, adjustments, taxes, tariffs or fees associated with the account will be reported in extracts or summaries of the account available to the customer within 5 business days after the month following the relevant extract or summary (unless the legislation provides for a different period). It is established that the customer may withdraw and/or revise the statements of account made available by the financial institution, whether in paper, in any of the financial institution’s branches, through the website of the entity or by other accessible means. With regards to electronic banking contracts, the client choosing to receive statements through this channel agrees to receive all account statements via the internet and expressly authorizes the bank or finance company not to send statements by any other means. Nonetheless, the financial institution will make available to the client those paper statements in their headquarters on the fifth business day of the month, being the date of notification and transmittance of the extract. There is no specific provision providing for customer notifications or other action to be taken in the case of deposit accounts with an extended period of inactivity. In the case of credit transactions, the payment schedule is given at the time of disbursement, stating the amount and due date of each payment. Only in some cases the amount of each payment is broken further down into interest and principal payment and fees/expenses. Recommendation 1. Develop a regulation establishing in a comprehensive way, minimum standards related to statements, such as frequency, permissible media, consent, content, etc. 2. Include in adhesion contracts between the bank and the customer that information will be available in a paper bank statement or, for those that operate with electronic banking, should be available at the headquarters office or at the branch where the customer has opened the deposit account and/or contracted credit (current practice states that it is only the headquarters that must provide this information, which can be complex or costly to the customer). 3. Incorporate in the existing regulations an obligation to notify the user of periods of inactivity (i.e. not making a deposit, transfer, payments, etc.) longer than one year. This recommendation is to help prevent liability for fraudulent transactions in the account. 4. Require at the time of disbursement of credits the listing of all payments, including a schedule showing the components thereof (interest, principal, commissions, expenses) for each installment to be paid. Good Practice C.2 Notification of Changes in Interest Rates and Non-interest Charges a. A customer of a bank should be notified in writing by the bank of any change in: (i) The interest rate to be paid or charged on any account of the customer as soon as possible; and (ii) A non-interest charge on any account of the customer a reasonable period in advance of the effective date of the change. b. If the revised terms are not acceptable to the customer, he or she should have the right to exit the contract without penalty, provided such right is exercised within a reasonable period. c. The bank should inform the customer of the foregoing right whenever a notice of change under paragraph a. is made by the bank. Description The regulatory framework establishes that in the case of credit cards any changes to the fees and/or charges must be communicated by the issuer to the user via a statement at least 30 days prior to the change going into effect (point 3.1 subsection h) of Resolution 5 Act of May 13, 2007). Art. 1 letter g) of the Transparency Resolution provides that financial institutions may not unilaterally change the conditions that formed the basis for setting interest rates and expenses other than interest rates. However, advance notice of changes prior to the actual change in fees and commissions for other products and services (except credit cards) is not contemplated. Credits are generally fixed-rate and in local currency (Guarani). In reviewing some contracts, the mission team found that entities provide notice of the terms in news media and on their website, setting a deadline of 10 days to express their rejection and interest to cancel the product. In some cases, the advance notice and the possibility of product cancellation is explicit, but without specifying that it is free of charge (this aspect is relevant, considering the existence of significant commissions for prepayment of loans). In general, the user is not alerted to information that may give him/her the option to cancel his/her contract. Recommendation 1. Introduce a standard notification period, after which changes in fees and commissions can go into effect. This should apply to all products and services. 2. Specify that should the client reject such changes, he or she may cancel the product or service purchased at no additional cost (e.g. no fee for prepayment). Good Practice C.3 Customer Records a. A bank should maintain up-to-date records in respect of each customer of the bank that contain the following: (i) a copy of all documents required to identify the customer and provide the customer’s profile; (ii) the customer’s address, telephone number and all other customer contact details; (iii) any information or document in connection with the customer that has been prepared in compliance with any statute, regulation or code of conduct; (iv) details of all products and services provided by the bank to the customer; (v) all documents and applications of the bank completed, signed and submitted to the bank by the customer; (vi) a copy of all original documents submitted by the customer in support of an application by the customer for the provision of a product or service by the bank; and (vii)any other relevant information concerning the customer. b. A law or regulation should provide the minimum permissible period for retaining all such records and, throughout this period, the customer should be provided ready access to all such records free of charge or for a reasonable fee. Description Art. 99 of the Banking Law states that financial institutions must retain their books and records for at least a five-year term and if, within that period, proceedings were initiated against them, the obligation to retain all documents relating to the disputed matter shall continue until the dispute is resolved. It provides that for the purposes of the provisions of this article, the entity may use microfilm or other similar means. Furthermore, Resolution 349 of November 2013 (section 2.13 on the Manual of Prevention of Money Laundering and Financing of Terrorism of the Secretariat of Prevention of Money Laundering – SEPRELAD) provides that said manual should contain "procedures to conserve, protect backups of operating records, information, and documents relating to customers and end users, for a period of 5 years." However, the client’s right to access all records kept at the bank is not covered by the Paraguayan regulatory framework or the contracts analyzed by the mission team. Habeas Data is incorporated in Art. 135 of the Constitution. It establishes that "everyone may access their own personal information and data or data on their property that is contained in official or private records, and learn how those data were used and their purpose. A user may apply to a competent magistrate to update, correct or destroy any records that are erroneous or unlawfully affect their rights. " In practice, entities keep reasonably up to date records of their clients, including contact information, documents required for the customer profile, details of the products and services provided, documents/requests signed by the client, among others. Recommendation Incorporate a regulation that banks must inform customers that they have the right to access a copy of the documentation kept on them. Furthermore, this regulation should contemplate that access to this documentation is free or at a reduced cost for the client or person acting on his/her behalf, which will ensure that customers have effective access to their personal data. Good Practice C.4 Paper and Electronic Checks a. The law and code of conduct should provide for clear rules on the issuance and clearing of paper checks that include, among other things, rules on: (i) checks drawn on an account that has insufficient funds; (ii) the consequences of issuing a check without sufficient funds; (iii) the duration within which funds of a cleared check should be credited into the customer’s account; (iv) the procedures on countermanding or stopping payment on a check by a customer; (v) charges by a bank on the issuance and clearance of checks; (vi) liability of the parties in the case of check fraud; and (vii) error resolution b. A customer should be told of the consequences of issuing a paper check without sufficient funds at the time the customer opens a checking account. c. A bank should provide the customer with clear, easily accessible and understandable information regarding electronic checks, as well the cost of using them. d. In respect of electronic or credit card checks , a bank should inform each customer in particular: (i) how the use of a credit card check differs from the use of a credit card; (ii) of the interest rate that applies and whether this differs from the rate charged for credit card purchases; (iii) when interest is charged and whether there is an interest free period, and if so, for how long; (iv) whether additional fees or charges apply and, if so, on what basis and to what extent; and (v) whether the protection afforded to the customer making a purchase using a credit card check differs from that afforded when using a credit card and, if so, the specific differences. e. Credit card checks should not be sent to a consumer without the consumer’s prior written consent. f. There should be clear rules on procedures for dealing with authentication, error resolution and cases of fraud. Description The concept of checks is provided for in the Civil Code. The Civil Code contemplates the consequences of writing checks against an account with insufficient funds for payment, as well as writing checks against a canceled bank account, foreign checks or an adulterated checkbook. Art. 10 of Law 805/96, as amended by Law 3711/09, provides that in the event that a check be presented at the time of collection and does not have sufficient available funds (or does not have authorization to overdraw) within the specified deadline will suffer a penalty of 2% of the amount of the returned check. In addition, people who in the course of a year write 3 checks, which are denied for insufficient funds, or write 10 checks which are denied for reasons attributable to the drawer of the check, shall be disqualified from operating a current account at any bank for one year. Such disqualification is published by the entity for 2 days in national newspapers and is disseminated to other banks by the BCP-SIB. After the period ends, debarment may be lifted after canceled checks are returned and the corresponding fines are paid. Art. 13 of Law 805/96, as amended by Law 3711/09, provides that the prohibition to operate a current account is 3 years if the person has drawn against a canceled current account or foreign check or adulterated check. In this case, the drawer will suffer a penalty of 1%. Notification of disqualification and lifting of the debarment operates in the same manner as disqualification for insufficient funds. If the prohibitions laid down in Articles 10 and 13 above were to occur because of an error caused by the drawer’s bank, the user may communicate this fact to the BCP-SIB for reinstatement within 48 hours. In addition, Art. 16 of Law 3711/09 establishes that banks should provide all current account holders, one a one time basis, with the extract of the current account along with the text of Laws 805/96 and 3711/09 that modified the Civil Code on aspects relating to checks. Not all entities comply with this requirement (only some entities deliver brochures about it, while others just keep this information on their website). In Resolution 22 Act 66 of November 2009, BCP regulates the procedures for disqualification, cancellation, rehabilitation and other provisions relating to the penalties provided for by Law 3711/09 in relation to issuing bank checks irregularly. As such, the resolution requires that banks clarify and adopt internal mechanisms and procedures to be used for the effective implementation of the Law and the regulations issued by BCP, according to the nature of the legal relationship they have with their account holders. It is worth noting that the Civil Code is not consistent, in its current version, with the laws and regulations cited, making it difficult in practice to know the current legal framework for checks. No information on the terms of clearing time for checks was found, although common practice is between 24 and 48 hours after the check has been deposited for collection. As to liability in situations of fraud, Art. 1733 of the Civil Code states that banks will not pay checks if they appear counterfeit, adulterated, scraped, interlined or erased in any essential way. On the other hand, Art. 1734 defines that a bank, which pays for a forged check has to bear the consequences if: (a) the signature of the drawer or endorser is noticeably forged; (b) the check has been altered in some way; and (c) if the check does not correspond to the checkbook delivered to the drawer. Furthermore, Art. 1735 provides that the drawer of the check is liable for damages in cases (a) where counterfeit signature is not visibly apparent and the signature corresponds to his or her own check stub; and (b) if the check is signed by a dependent or authorized person. In Paraguay, there is no operative electronic check or electronic check card, beyond that which is currently promoted. Recommendation 1. Homogenize the Civil Code in aspects related to current accounts and the operation of checks in a single updated document containing the current applicable legal framework related to the field of current accounts and check operations. 2. Consider the inclusion in the legal framework of the non-payment of checks by the drawer’s bank when the check stub has been denounced by the holder of the bank account, as stolen or embezzled (currently there is no explicit grounds for non-payment, if the signature does not differ significantly from the signature recorded by the bank). 3. Establish, by regulation, a summary of all aspects of the Civil Code linked to the operation of current accounts (today only the text of Law 805/96 and 3711/09, which modified the Civil Code in aspects relating to checks are mandatory) that banks must comply with. Good Practice C.5 Credit Cards a. There should be legal rules on the issuance of credit cards and related customer disclosure requirements. b. Banks, as credit card issuers, should ensure that personalized disclosure requirements are made in all credit card offers, including the fees and charges (including finance charges), credit limit, penalty interest rates and method of calculating the minimum monthly payment c. Banks should not be permitted to impose charges or fees on pre- approved credit cards that have not been accepted by the customer. d. Consumers should be given personalized minimum payment warnings on each monthly statement and the total interest costs that will accrue if the cardholder makes only the requested minimum payment. e. Among other things, the legal rules should also: (i) restrict or impose conditions on the issuance and marketing of credit cards to young adults (below age of 21) who have no independent means of income; (ii) require reasonable notice of changes in fees and interest rates increase; (iii) prevent the application of new higher penalty interest rates to the entire existing balance, including past purchases made at a lower interest rate; (iv) limit fees that can be imposed, such as those charged when consumers exceed their credit limits; (v) prohibit a practice called ―double-cycle billing‖ by which card issuers charge interest over two billing cycles rather than one; (vi) prevent credit card issuers from allocating monthly payments in ways that maximize interest charges to consumers; and (vii) limit up-front fees charged on sub-prime credit cards issued to individuals with bad credit. f. There should be clear rules on error resolution, reporting of unauthorized transactions and of stolen cards, with the ensuing liability of the customer being made clear to the customer prior to his or her acceptance of the credit card. g. Banks and issuers should conduct consumer awareness programs on the misuse of credit cards, credit card over-indebtedness and prevention of fraud. Resolution 5 Act 13 of May 2007 establishes the specific rules for the issuance, operation, and administration of credit cards by financial institutions. This regulation establishes that entities issuing credit cards should inform the BCP- SIB of the type of cards they operate and forward sample contracts with clients, businesses accepting cards and credit card administrators. Adhesion contracts with customers must contain at least: identification of the issuer; original numbering of the credit card; identification of persons authorized to operate the credit card; the credit limit (in local and foreign currency, and may be modified upon notice to the holder by the issuer of the card); term of the conditions; terms and conditions applicable to the collection of fees and charges (that may be modified upon notice by the issuer); interest rate applicable; cost of fees/service charges applicable to emission, excess of credit limit, installment purchase, purchases abroad, insurance coverage, and other services not attributable to interest rate costs, requiring that any amendments thereto are notified to the holder at least 30 days before the effective date of the change; security measures relating to the use of the card and procedures and responsibilities in the event of theft, loss, forgery or falsification, including the requirement that the institution has a system to cover fraud; the grounds for suspension, termination, and/or cancellation of contracts; and mechanisms for dispute resolution. In general the credit card agreement must contain the rights conferred to the customer by the general Consumer Protection Law. The Resolution also provides that if the contract provides for automatic renewal of the card, the conditions must be identified in the same contract and should enable the user to discontinue the service through a notification given 30 days in advance. It states that there must be copies of the contract for both the issuer (financial institution) and the cardholder and co-titular cardholders, and the contract must be in a clear and easily readable font. The same Resolution determines that the contract will be enacted upon reception of the credit card by the cardholder, pending proof of delivery by the issuer (financial institution). Any amendment to the contract must be communicated to the BCP-SIB with at least two months’ notice prior to its enactment. In regard to the warnings to users about the use of the credit card and the consequences of missed payments, Resolution 3 Act 7 of January 2014 states that financial institutions should include physical and electronic extracts of credit information regarding payments arising from the use of credit cards based on a form provided by that resolution. The content of this information includes: (a) the highlighted expiration date extract; (b) legends with warnings about the consequences (payment of default interest and penalties) of non-receipt on the date shown of at least the minimum payment, and-in the case where the minimum payment was made and no new purchases were initiated, the months required to pay down the debt and the total amount that the customer would eventually end up paying. The entry into force of this provision was March 2014, which was postponed to May 2014 (Resolution 34 Act 12 of February 2014). Some aspects and clauses of the credit card contract observed in the unified contract that financial institutions employ could be considered abusive. Some examples are: (a) Accounts receivable and other unpaid expenses may be claimed legally by the entity before the Courts of Asunción (in some cases, at the option of the bank, it may be in the courts of the client's home: in that case, the client may see limited right of defense if he or she lives in places far from Asunción and the financial institution did not exercise the option of claiming in the courts of his or her domicile; (b) the user agrees to inform in writing the bank (with delivery receipt by the same) on the loss, diversion, damage or theft of his/her credit cards. The complaint may be done by telephone and valid for 48 hours. Even after making the complaint the user is responsible for the fraudulent charges made with the card until two days after communication with the bank regarding what happened: the user is unprotected even after making a complaint to the bank . Some banks have been more proactive in alerting consumers about the risks associated with using credit cards. However, in some cases certain conflicts of interest arise, where the business objectives of the entity collide with offering appropriate advice to the user. For example, the minimum payment warning from a financial institution establishes that "the minimum payment is the smallest amount required by the Bank, if I do not pay on time it may cause additional unnecessary expenses. We recommend that whenever possible users pay a bit more than the minimum amount in order to increase available credit and reduce the debt ” when in reality paying the entire outstanding balance is the best advice, rather than “ a bit more than the minimum”, and the user should only not pay off the balance in exceptional circumstances. With regards to the legal framework applicable to credit cards, there is a draft law under consideration (led by SEDECO) that specifically addresses these issues, called "Standards of Transparency and Consumer Protection in the Use of Credit Cards." The most important aspects that are incorporated in the draft, as compared to the regulatory framework defined by BCP are: (a) the right to transparency and information; (b) the requirement that purchases can be accessed "online"; (c) highlighting in bold the clauses of the contract obligations involving users; (d) making explicit those aspects of the contract to be considered null and void; (b) granting a 90 day period for payment of fees by the user without interest; (f) limiting account payment fees; (g) granting a waiver to the co-debtor for the debtor exceeding the line of credit originally granted (unless given proper notification of the increase) and a late fee for the title debtor; (h) prohibiting having to demonstrate that a card is lost or stolen prior to blocking; (i) requiring that the issuer offers a phone number with 24 hour access where the cardholder can check the balance; (j) requiring that information in the extract be approved by the BCP- SIB based on good practices in the use of credit cards; (k) requiring the BCP-SIB to verify compliance with promotions made by credit cards. Finally, the bill provides that BCP is the institution empowered to issue the necessary rules for implementation of the law, which must still be complied with by those institutions not under the supervision of the BCP-SIB. Regarding pre-approved cards, this was once in widespread use in the Paraguayan market, but is no longer used. Recommendation 1. Observe, and require modification of those contract clauses involving credit cards that affect the rights of users (such as those mentioned above). 2. Consider the publication of the observed clauses for financial institutions to review and adapt to, prior to the presentation of the model contracts for analysis and approval by the BCP-SIB. 3. Revise some aspects of the draft SEDECO credit card law, such as financing fees without interest (point "e") which would result in higher costs for all users; and the requirement that the BCP-SIB verify compliance with the promotions made by credit card issuers (point "k"), since this activity could be very demanding in terms of human resources affected by that institution. 4. Enact the revised credit card law, which provides a better legal and regulatory framework and a "level playing field" between bank and non-bank credit card issuers. 5. Review and propose amendments to the credit card law in the following articles: (a) fixing a period of 90 days interest free to pay commissions: the usefulness of this article is not understood, since it would tend to make cards more expensive; (b) requiring that the BCP-SIB audit all promotions for credit cards: this could be very resource-consuming for the BCP-SIB. 6 Good Practice C.6 Internet Banking and Mobile Phone Banking 6 “Internet banking” is defined as banking services that customers may access via the Internet. The access to the Internet could be through a computer, mobile phone (“mobile phone banking”), or any other suitable device. Payment services that are only initiated via the internet using a mobile phone (e.g. by a mobile banking application using an app on a smart phone) are not considered to be mobile payments; instead they are categorized as internet payments. This interpretation is consistent with the view of the Committee on Payment and Settlement Systems (CPSS) of the a. The provision of internet banking and mobile phone banking (m- banking) should be supported by a sound legal and regulatory framework. b. Regulators should ensure that banks or financial service providers providing internet and m-banking have in place a security program that ensures: (i) data privacy, confidentiality and data integrity; (ii) authentication, identification of counterparties and access control; (iii) non-repudiation of transactions; (iv) a business continuity plan; and (v) the provision of sufficient notice when services are not available. c. Banks should also implement an oversight program to monitor third- party control conditions and performance, especially when agents are used for carrying out m-banking. d. A customer should be informed by the bank whether fees or charges apply for internet or m-banking and, if so, on what basis and how much. e. There should be clear rules on the procedures for error resolution and fraud. f. Authorities should encourage banks and service providers to undertake measures to increase consumer awareness regarding internet and m-banking transactions. Description As for safeguards of financial institutions to ensure adequate control of technological risk, Resolution 4 Act 67 of December 2012 established the rules for operational risk management, which include information technology. It defines the set of tools and methods used to carry out the management of information, including hardware, software, operating systems, database management, networking, multimedia, and more. Regarding the latter, paragraph 4.3 of the Resolution states that "entities should manage the risks associated with information technology as a result of security breaches and operational continuity of computer systems, errors in the development and implementation of such systems, information quality problems, inadequate investment in technology, among others. Institutions should have formal policies and procedures to ensure proper planning and management of information technology...". Additionally, Resolution SB.SG 179/2005 regulates safety procedures for transactions through electronic means. It requires that the following security precautions be undertaken to ensure the integrity of information transmitted through the network: (a) include authentication and encryption algorithms; (b) have a good technology architecture and constant monitoring of networks; (c) have strong implementation rules for "firewalls" (including intrusion detection systems, Bank for International Settlements (BIS), who is the relevant standard setting body on payment and settlement systems. However, for practical reasons and due to the importance of mobile money in the country, Good Practice C.6. is intended here as also covering mobile payments and, to some extent, e-money. Further analysis on e-money issuers in Paraguay is provided in Section IV. access control, etc.); (d) adhere to the standards in the Manual of Internal Control of Information Systems. The unified banking contracts analyzed by the mission team establish a specific paragraph where the client agrees to the operation of electronic banking. There is also a reference to the personal and private key that will serve to identify the holder of the current account, savings account, credit card, or other service that uses electronic banking. It is established that the key replaces the customer's signature, being purely for personal use, setting aside the consequences of its use by third parties. In the same contracts the customer is informed that the bank does not assume any responsibility for error, fault or negligence on the part of its representatives or dependents of the client. It also provides that the bank may recoup damages suffered by the breach of the obligations of the client, without questioning what other deposits or other credits that the customer has in his or her favor (including the possibility of over-drafting the current account). The clauses cited are considered to be abusive clauses and may be invalidated as contemplated in Art. 28 of the Consumer Protection Law (e.g. subsection "a" refers to those that eliminate/restrict liability for damages; and subsection "c" refers to those imposing the burden of proof to the detriment of the consumer). The unified contracts provide for the case of loss or theft of the secret key, where the user must immediately notify the bank of the lost password; to make the notification valid, it must be made in writing the first business day after the block request is made and must necessarily be accompanied by a copy of the police report. If the customer’s block is lifted due to failure to file the note and police report, the client would face serious negative consequences such as undue purchases generated in the account. Only in some entities were specific alerts about the risks and precautions to be taken in the operation of electronic banking observed. Recommendation 1. The BCP-SIB should ensure that unified adhesion contracts cannot hold harmless the financial institutions in case of error, fault or negligence of its representatives. 2. The BCP-SIB should also prohibit clauses that enable the entity to initiate debits (or overdraft the customer) for damages that are not previously reported or challenged by the client. 3. Prohibit the requirement of filing a formal note with police report as a requirement for an account and password block. Good Practice C.7 Electronic Fund Transfers and Remittances a. There should be clear rules on the rights, liabilities and responsibilities of the parties involved in any electronic fund transfer. b. Banks should provide information to consumers on prices and service features of electronic fund transfers and remittances in easily accessible and understandable forms. As far as possible, this information should include: (i) the total price (e.g. fees for the sender and the receiver, foreign exchange rates and other costs); (ii) the time it will take the funds to reach the receiver; (iii) the locations of the access points for sender and receiver; and (iv) the terms and conditions of electronic fund transfer services that apply to the customer. c. To ensure transparency, it should be made clear to the sender if the price or other aspects of the service vary according to different circumstances, and the bank should disclose this information without imposing any requirements on the consumer. d. A bank that sends or receives an electronic fund transfer or remittance should document all essential information regarding the transfer and make this available to the customer who sends or receives the transfer or remittance without charge and on demand. e. There should be clear, publicly available and easily applicable procedures in cases of errors and frauds in respect of electronic fund transfers and remittances. f. A customer should be informed of the terms and condition of the use of credit/debit cards outside the country including the foreign transaction fees and foreign exchange rates that may be applicable. Description The operation of electronic fund transfers is covered by the General Rules of the National Payment Systems in Paraguay (SIPAP), Resolution 1 Act 67 of December 2012. Among other things, paragraph 5 of the Resolution sets the deadline for clearing the funds, and the consequences for breaching this period (including consideration of the interest rates that apply on the funds delayed in clearing). It also clearly defines the responsibility of the sending and receiving transfer institution. It provides that the filing of claims for breaches of the terms of clearing must be submitted by the customer to the respective financial institution, which should then investigate with all due diligence, following which the customer can file a complaint with BCP if still not satisfied. In regard to remittances, Resolution 9 Act 69 of 2004 states that entities can only perform routine services on behalf of third party financial institutions. Furthermore, Resolution 9 Act 92 of 2007 provides minimum requirements and procedures that supervised entities must meet for foreign currency remittances. The resolution specifies the obligation to provide the BCP-SIB with statistical data on the purposes, currency, amounts and geographical destinations of remittances. It also sets safety requirements for the transport and registration of foreign currency within the country, hiring theft insurance, registration of transportation companies, among others. Finally, Resolution 17 Act 18 of March 2013 establishes the requirement to have prior authorization to operate in physical remittances of funds abroad (including requirements for correspondent countries, monitoring of subjects, among others). The rights and obligations of users are not mentioned and neither are obligations by financial institutions to channel information to the user about costs, fees, terms, rates of exchange and mechanisms for correcting errors in remitting funds. The tariffs published by financial institutions generally include a schedule of fees payable by customers for both domestic and international wire transfers. In the latter case, they vary if the clearing is immediate, of 24 hours or 48 hours. In general, it is not specified if there are costs to the transferee, or if it is credited in local currency or in the currency of the remitting country. Recommendation Require through regulation that financial institutions provide information on the costs of remittance, terms of clearing, the rates of exchange (in the case of remittances to/from abroad) and resolution mechanisms for errors and fraud. Good Practice C.8 Debt Recovery a. A bank, agent of a bank and any third party should be prohibited from employing any abusive debt collection practice against any customer of the bank, including the use of any false statement, any unfair practice or the giving of false credit information to others. b. The type of debt that can be collected on behalf of a bank, the person who can collect any such debt and the manner in which that debt can be collected should be indicated to the customer of the bank when the credit agreement giving rise to the debt is entered into between the bank and the customer. c. A debt collector should not contact any third party about a bank customer’s debt without informing that party of the debt collector’s right to do so; and the type of information that the debt collector is seeking. d. Where sale or transfer of debt without borrower consent is allowed by law, the borrower should be: (i) notified of the sale or transfer within a reasonable number of days; (ii) informed that the borrower remains obligated on the debt; and (iii) provided with information as to where to make payment, as well as the purchaser’s or transferee’s contact information. Description The general Consumer Protection Law includes a provision concerning debt recovery practices that could be considered abusive or prohibited (Articles 29 and 30 under Chapter VI "Credit Transactions") without providing any specific examples. The regulatory framework issued by BCP does not cover unfair practices for credit recovery. In practice, the loan contracts do not establish procedures that the financial institution must utilize for the recovery of debt in case the client enters in default. The only aspect covered in the contracts refers to the fees that apply to debt recovery: collection phone call charges, letters of complaint, overdue fees, among others. In many cases, these charges are excessive, do not align with the actual costs of the services provided and reflect an implicit violation of the maximum rates (this may be due in part to the existence of a maximum interest rate of up to 30 % above the average rate of interest charged for consumer loans in each currency). In terms of effective management of debt recovery, it generally starts with phone calls and later escalates to letters and eventually visits. Some entities recover nonperforming loans by working with third parties (related or not to the financial institution); in general, financial institutions do not review the mechanisms employed by these companies for credit recovery, but instead focus principally on the recovery rate. Furthermore, some past due loans are sold to third parties. This transfer does not require the consent of the debtor (Art. 524 of the Civil Code). This type of operations is not very common in the financial system, and the degree of information that is provided in these cases to the debtors in question is unknown. Recommendation 1. Include, in a regulation to be issued by BCP, recovery practices that are considered unfair. This could include a limit on the days and hours that phone calls can be made, a ban on contacting with third parties other than the owner or guarantor of debt, among others. 2. The same rules should include an obligation to report on debt recovery mechanisms that the bank will use in case the credit falls in arrears, including (if applicable), to whom and from when the credit may be transferred to a third party to continue its recovery, notification of that transfer to the client, etc. 3. The financial institution must have knowledge of the practices used by third party firms in debt recovery, making sure that their techniques and mechanisms do not contain abusive practices and/or practices prohibited by regulation. 4. If in the process of recovery the debt is sold to a third party, the transferor or the transferee firm must inform the debtor, who remains bound by the debt, of the transaction and information on where the debtor can direct payments and contact the new creditor. Good Practice C.9 Foreclosure of mortgaged or charged property a. In the event that a bank exercises its right to foreclose on a property that serves as collateral for a loan, the bank should inform the consumer in writing in advance of the procedures involved, and the process to be employed by the bank to foreclose on the property it holds as collateral and the consequences thereof to the consumer. b. At the same time, the bank should inform the consumer of the legal remedies and options available to him or her in respect of the foreclosure process. c. If applicable, the bank should draw the consumer’s attention to the fact that the bank has a legal right to recover the balance of the debt due in the event the proceeds from the sale of the foreclosed property are not sufficient to fully discharge the outstanding amount. d. In the event the mortgage contract or charge agreement permits the bank to enforce the contract without court assistance, the bank should ensure that it employs professional and legal means to enforce the contract, including regarding the sale of the property. Description Art. 93 of the Banking Law states that mortgages in favor of a financial institution duly registered in the respective registry subsist with all their legal effects until the complete cancellation of the obligation they guarantee for a period of twenty years from the day of registration, having to be re-registered before the legal deadline. It also provides that the creditor may release the debtor of guarantee rights on properties with unpaid balances, provided that they have amortized over 50% of the value. On the other hand, for the enforcement of mortgage guarantees in favor of the financial institution, Art. 94 of the Banking Law states that it may proceed with the foreclosure sale of the property, as a whole or divided into lots, provided the parties have not agreed on a price in writing, to cover the value of debt, including interest and costs, without appraisals by experts. In case there is no bidder in the first auction, a new auction should be realized with a 25% on the asking price, or adjudication to the creditor will be performed. Enforcing mortgage-backed loans requires the intervention of the courts, and all deadlines are contained in the judicial legislation. The mortgage market is not very developed in Paraguay. Housing loans represented, as of April 2014, only 3.1% of total credit. On the other hand, new products are being offered including deeds of trust property, which includes a more streamlined settlement process in situations of default. Recommendation Require financial institutions, via regulation, to inform the debtor in advance and in writing about the procedures involved, prior to beginning the process of foreclosure. Such information should also contain legal remedies and options available to the debtor as well as a clarification that the foreclosure does not relieve the borrower of the debt, if it does not cover the entire debt. Good Practice Bankruptcy of Individuals C.10 a. A bank should inform its individual customers in a timely manner and in writing on what basis the bank will seek to render a customer bankrupt, the steps it will take in this respect and the consequences of any individual’s bankruptcy. b. Every individual customer should be given adequate notice and information by his or her bank to enable the customer to avoid bankruptcy. c. Either directly or through its association of banks, every bank should make counseling services available to customers who are bankrupt or likely to become bankrupt. d. The law should enable an individual to: (i) declare his or her intention to present a debtor’s petition for a declaration of bankruptcy; (ii) propose a debt agreement; (iii) propose a personal bankruptcy agreement; or (iv) enter into voluntary bankruptcy. e. Any institution acting as the bankruptcy office or trustee responsible for the administration and regulation of the personal bankruptcy system should provide adequate information to consumers on their options to deal with their own unmanageable debt. Description The legal framework for bankruptcy, bankruptcy certificates and the order/execution of bankruptcy is contained in the Bankruptcy Law (Law 154/69). The Law distinguishes and establishes different requirements and treatment for commercial debtors and non-commercial debtors in a situation of inability to pay. In the case of the personal debtors, the debtor must present accounting records and inspection records, and have had a proper accounting, among others. The topics contemplated in the Bankruptcy Law include: the convening of creditors; the appointment of the liquidator; verification of debts; holding and subsequent approval of the bankruptcy certificate; legal effects and eventual annulment/termination of the bankruptcy certificate; the withdrawal and revocation of declarative bankruptcy; legal effects of bankruptcy, including the resulting measures following the bankruptcy filing; the close of the bankruptcy proceedings and reopening of them; the rating of the financial conduct of the bankrupt debtor; rehabilitation of the debtor that has been declared bankrupt. Finally, the procedures to be followed for the implementation of the above aspects are included. Overall, for consumer and individual loans, bankruptcy is not generally applicable unless the loans are used for commercial purposes. In practice, financial institutions do not advise their clients who are in trouble on alternatives at their disposal in a situation of inability to pay and insolvency. From a regulatory point of view, the BCP rules provide that the notice of creditors or the bankruptcy certificate entail an immediate deterioration of the borrower's rating (and higher provisioning by the financial institution). Recommendation 1. Issue a BCP regulation requiring that financial institutions should provide objective information and advice to their clients about the legal channels they have at their disposal to restructure their debts in an orderly manner. 2. Consider incorporating in the legal framework (Bankruptcy Law) a specific figure or entity to facilitate (in a less onerous and more agile manner) the process of bankruptcy certification or resolution for individuals (for relatively small amounts of debt). SECTION D PRIVACY AND DATA PROTECTION Good Practice D.1 Confidentiality and Security of Customers’ Information a. The banking transactions of any bank customer should be kept confidential by his or her bank. b. The law should require a bank to ensure that it protects the confidentiality and security of the personal data of its customers against any anticipated threats or hazards to the security or integrity of such information, as well as against unauthorized access. Description As a matter of principle, the legal framework provides that banking transactions are covered by the duty of secrecy. These matters are regulated in Articles 84, 85 and 86 of the Banking Law. This confidentiality restriction covers not only the financial institution (including its directors, management, board, and staff) but also the directors and officers of the BCP (except in the case of information regarding holders of current accounts closed because of the issuance of checks without provision of funds);; as well as partners, agents, contractors and employees of audit firms that examine the balance sheets of financial institutions. Additionally, the lender must have adequate management information systems and risk management operations (such as those described in Good Practice C.6.). Recommendation Consider the incorporation of a specific regulatory requirement that states that financial institutions should protect the confidentiality and security of personal data of their customers against any anticipated threats or hazards to the security or integrity of such information, as well as against unauthorized access. Good Practice D.2 Sharing Customer’s Information a. A bank should inform its customer in writing: a. of any third-party dealing for which the bank is obliged to share information regarding any account of the customer, such as any legal enquiry by a credit bureau; and b. as to how it will use and share the customer’s personal information. b. Without the customer’s prior written consent, a bank should not sell or share account or personal information regarding a customer of the bank to or with any party not affiliated with the bank for the purpose of telemarketing or direct mail marketing. c. The law should allow a customer of a bank to stop or ―opt out‖ of the sharing by the bank of certain information regarding the customer and, prior to any such sharing of information for the first time, every bank should be required to inform each of its customers in writing of his or her rights in this respect. d. The law should prohibit the disclosure by a third party of any banking- specific information regarding a customer of a bank. Description Art. 84 of the Banking Law prohibits sharing customer information. This restriction is lifted only when authorized by the customer in writing or when the conditions set forth in the following articles (as mentioned in Good Practice in D.3.) are met. The prohibition does not apply where the disclosure of the amounts received from different customers is rendered for the purposes of forced liquidation of bank or financial institutions. Moreover, Art. 5 of the Private Information Law states that data from natural or legal persons who reveal, describe or estimate their financial position, financial solvency or compliance with obligations may only be published or distributed when: (a) those persons have given express written permission to share data on their obligations that are unclaimed in legal action; (b) in the case of information or qualifications that public or private entities must publish; (c) when stemming from public sources of information. The Law does not specifically state the client's ability to retract the authorization that had been granted to raise the duty of confidentiality; and a specific clause to that effect is not observed in contracts. Recommendation Require contracts to explicitly grant the customer the power to withdraw authorization for information being supplied to a database, except in the case of information, which must necessarily be submitted to the authorities, such as information sent to the BCP-SIB credit registry. Good Practice D.3 Permitted Disclosures The law should provide for: a) the specific rules and procedures concerning the release to any government authority of the records of any customer of a bank; b) rules on what the government authority may and may not do with any such records; c) the exceptions, if any, that apply to these rules and procedures; and d) the penalties for the bank and any government authority for any breach of these rules and procedures. Description Art. 86 of the Banking Law sets out the exceptions to the duty of secrecy. In this sense, bank secrecy does not apply when the information is required by: (a) BCP or the BCP-SIB in exercise of their statutory powers; (b) the relevant judicial authority under judgment rendered at trial, in which cases appropriate measures to ensure privacy should be taken; (c) the Comptroller General of the Republic and the tax authorities within their mandated powers on the basis that it must relate to a particular charge and must be an ongoing tax verification with respect to that charge and must have been previously formally requested; and (d) credit institutions which exchange among themselves, according to reciprocity and banking practices, while preserving bank secrecy. The duty of secrecy is transmitted to the institutions and relevant persons. In all cases, when in judicial or administrative proceedings for which information on operations covered by bank secrecy has been shared, bank secrecy will cease automatically if the guilt of the beneficiary can be derived from said operations. Those involved in a case that resulted in the prosecution being dismissed maintain their right to privacy to protect their operations. In addition, Art. 88 of the Banking Law provides sanctions for breach of secrecy, whereas the violation of the provisions by persons covered by the duty of secrecy is considered a serious labor and disciplinary offense, regardless of any criminal liability as established by law. Furthermore, Art. 10 of the Private Information Law establishes penalties that apply when the law is violated. The penalties depend on the type of violation committed and by whom (e.g. updating/correcting information to be provided to the credit bureau), varying between 50 and 100 minimum wages. Such penalties shall be doubled, tripled, etc. in the case of recidivism. The application of fines for recidivism requires that prior claims by the individual concerned are received in writing. Recommendation No recommendation. Good Practice D.4 Credit Reporting a. Credit reporting should be subject to appropriate oversight, with sufficient enforcement authority. b. The credit reporting system should have accurate, timely and sufficient data. The system should also maintain rigorous standards of security and reliability. c. The overall legal and regulatory framework for the credit reporting system should be: (i) clear, predictable, non-discriminatory, proportionate and supportive of consumer rights; and (ii) supported by effective judicial or extrajudicial dispute resolution mechanisms. d. In facilitating cross-border transfer of credit data, the credit reporting system should provide appropriate levels of protection. e. Proportionate and supportive consumer rights should include the right of the consumer (i) to consent to information-sharing based upon the knowledge of the institution’s information-sharing practices; (ii) to access his or her credit report free of charge (at least once a year), subject to proper identification; (iii) to know about adverse action in credit decisions or less-than- optimal conditions/prices due to credit report information; (iv) to be informed about all inquiries within a period of time, such as six months; (v) to correct factually incorrect information or to have it deleted and to mark (flag) information that is in dispute; (vi) to reasonable retention periods of credit history, for instance two years for positive information and 5-7 years for negative information; and (vii) to have information kept confidential and with sufficient security measures in place to prevent unauthorized access, misuse of data, or loss or destruction of data. f. The credit registries, regulators and associations of banks should undertake campaigns to inform and educate the public on the rights of consumers in the above respects, as well as the consequences of a negative personal credit history. Description There are basically two sources of credit reports for individuals: the BCP-SIB credit registry and private credit bureaus (although one company has almost exclusivity on the entire market). BCP-SIB Credit Registry In the case of the public credit registry, operated by the BCP-SIB, all financial institutions supervised by the BCP-SIB must report risks, both direct and indirect, incurred by an entity or institution with the same owner, in the public or private sector, regardless of legal form (Art. 90 of the Banking Law). Additionally, Art. 91 of the Banking Law states that financial institutions will have access to information from the credit registry, which will be used exclusively to make decisions about credit risk. Reports from the credit registry are private; they cannot be published, communicated or displayed to others, and in no case shall state the name of the creditor institution. Currently the reports from the credit registry provided to financial institutions on a particular user include historical data for the past 6 months, total amount, activity, currency; banks are not informed which credit provider the user has utilized. The reduced credit history and lack of information about banks’ operations limit the information available to properly evaluate borrowers. While the BCP-SIB is permitted to require payment of a fee for this service, it is free today. BCP is not responsible for damages arising from the provision of these reports to financial institutions or inaccurate data. To correct any errors in the information in the credit registry, the consumer must contact the reporting financial institution so that it can rectify the information, after which the correction is circulated to all financial institutions in the system. The BCP-SIB does not modify any information by itself (only incorporating data sent by financial institutions) or replace information retroactively. The BCP-SIB does not track whether the data was corrected or of the errors that were reported by the client referred to a financial institution. The BCP-SIB is developing an updated system for the credit registry, which will allow an almost daily update (currently monthly, about 15 days after the end of the previous month). To consult their information in the credit registry, users must go to the headquarters of BCP, or do so through a proxy. This process can be expensive and makes it difficult to query information from the credit registry. The right of a debtor to access his/her information at the Credit Registry is not widely publicized. Private Credit Bureaus The main (and practically only) company collecting credit data ("Informconf") is governed exclusively by the provisions of the Private Information Law. The Law does not establish an authority or agency of control. The absence of application authority prevents the exercise of adequate supervision over the compliance with the requirements or the aforementioned Law and the effective application of sanctions (as mentioned in Good Practice D.3.), the latter being critical for the execution of an agreement, mediation, or judicial intervention. No external audit is conducted to certify compliance of procedures with the legal framework. Credit bureau database queries can only be made by contributing entities or non- contributing entities with a legitimate interest justifying the query. There is a selection process for entities that can provide data; the criteria focusing on quality and safety of the information with the express authorization of the owner of the data to be shared. Art. 8 of the Private Information Law states that everyone has the right to access information and data concerning him/her held by public or private entities or entities providing information on financial solvency and patrimonial status (credit bureau). The consultation of the information available on the concerned user (including the reports on him that were ordered and received by others) can be done in person or through proxy, and are free of charge: they can be requested in any office of the credit bureau (Asunción and two other locations in the interior of Paraguay), which limits the effective exercise of the right to access information. It is being considered to provide the client in the first visit with a personal password that will allow him/her to access their data remotely in future consultations. As for the type of information that can be included in the database of the credit bureau, in addition to the provisions of Art. 5 of the Private Information Law (discussed in Good Practice D.2.), Art. 9 of the Law provides limitations on the negative information to be incorporated in the database, which excludes information on the patrimonial status, financial solvency, and compliance with obligations as follows: (a) judicially unclaimed debt arrears when less than 90 days; (c) judicially unclaimed debt after 4 years of the registration of the unexpired debt (if there have not been any further breaches); (c) 3 years following the time the debt claimed in court has been canceled; (d) debts for which the lawsuit was dismissed; (e) 5 years following the seizure of the debtor; (f) 7 years following the date of final judgment with no compliance with the obligation; (g) 7 years following the judgment granting r bankruptcy, which is reduced to 3 if the bankruptcy status was lifted; (h) 5 years following the convocation of the creditors. In practice, it is the same private credit bureau that keeps track of these deadlines and detracts from the database information on users that have reached one of them (in line with the legal framework). With regards to updating information, Art. 7 of the Private Information Law states that data must be continuously updated, but it remains the responsibility of the credit bureau and the company submitting the data. For the latter, the deadline is two days, while the credit bureau has up to 4 days to update the database. This update has no cost to the concerned user. In practice, the credit bureau, when approached by a user who has cancelled his/her debt, solicits information from the creditor; if no reply is received within 48 hours of the information request, the data is removed from the database. Recommendation 1. Establish effective mechanisms to ensure that users can exercise their right to access personal information in the public credit registry and private credit bureaus (in the latter case, also to request an amendment to the information). 2. Explore a practical technology-based alternative to facilitate access to information (both for the credit registry and the private credit bureau), including potentially the use of cell phones, which have a high penetration in Paraguay, with an association between the phone number and the user, as already used in the case of e-money accounts by e-money issuers (EMPEs). 3. Establish a legal framework for the oversight of the private credit bureau, which allows its supervision with regards to proper operation and compliance with the provisions of the applicable laws. In this context, it should be defined which institution would be responsible to carry this task (which could naturally be the BCP-SIB). SECTION E DISPUTE RESOLUTION MECHANISMS Good Practice E.1 Internal Complaints Procedure a. Every bank should have in place a written complaints procedure and a designated contact point for the proper handling of any complaint from a customer, with a summary of this procedure forming part of the bank’s Terms and Conditions referred to in B.7 abov e and an indication in the same Terms and Conditions of how a consumer can easily obtain the complete statement of the procedure. b. Within a short period of time following the date a bank receives a complaint, it should: (i) acknowledge in writing to the customer/complainant the fact of its receipt of the complaint; and (ii) provide the complainant with the name of one or more individuals appointed by the bank to deal with the complaint until either the complaint is resolved or cannot be processed further within the bank. c. The bank should provide the complainant with a regular written update on the progress of the investigation of the complaint at reasonable intervals of time. d. Within a few business days of its completion of the investigation of the complaint, the bank should inform the customer/complainant in writing of the outcome of the investigation and, where applicable, explain the terms of any offer or settlement being made to the customer/complainant. e. When a bank receives a verbal complaint, it should offer the customer/complainant the opportunity to have the complaint treated by the bank as a written complaint in accordance with the above. A bank should not require, however, that a complaint be in writing. f. A bank should maintain an up-to-date record of all complaints it has received and the action it has taken in dealing with them. g. The record should contain the details of the complainant, the nature of the complaint, a copy of the bank's response(s), a copy of all other relevant correspondence or records, the action taken to resolve the complaint and whether resolution was achieved and, if so, on what basis. h. The bank should make these records available for review by the banking supervisor or regulator when requested. Description The regulatory framework does not require banks and finance companies to have internal procedures for handling customer complaints. Some entities, although not required by regulation, have a system to handle customer claims, although it is implemented disparately across different institutions and, in general, this function is associated with other activities (e.g. marketing, quality control, sustainability, etc.). Financial institutions generally do not inform the public about the mechanisms and steps to take to make a claim, including the expected time for resolution. The channels of communication between the company and the customer usually make reference to queries or suggestions, with no mention of claims and complaints (which hinders the effective access to information about the procedures for making complaints). Entities do not inform their clients about the alternative (third parties) means of settling claims (in cases where they do not receive a response from the financial institution, or that the response is not satisfactory). It is estimated that several customers did not submit their complaints for lack of knowledge on where and how to do so, while in other cases the complaints are not recorded and processed. Financial institutions generally make limited use of claims data in order to improve their operations and management. This data is not used to identify weaknesses or points of improvement in these institutions, based on the issues that commonly rise in these complaints (e.g. errors in the recording of transactions, technological problems, fraud, bad business practices, etc.), which could be reflecting greater problems in the entities. Recommendation 1. The BCP-SIB should finalize and adopt the draft regulation that requires financial institutions to have procedures for complaints handling. Clear guidelines should be established to cover channels available to make a claim, identification, follow-up and response to the client, including the maximum turnaround time. 2. Banks and finance companies should gather data on complaints filed by customers. This should not only be done in order to identify whether these claims were responded satisfactorily, but also to identify areas for improvement that can prevent the repetition of claims in the future, as well as other aspects that could be reflecting potential weaknesses or risks in the financial institution. Good Practice E.2 Formal Dispute Settlement Mechanisms a. A system should be in place that allows customers of a bank to seek affordable and efficient recourse to a third-party banking ombudsman or equivalent institution, in the event the complaint of one or more of customers is not resolved in accordance with the procedures outlined in E.1 above. b. The existence of the banking ombudsman or equivalent institution and basic information relating to the process and procedures should be made known in every bank’s Terms and Conditions referred to in B.7 above. c. Upon the request of any customer of a bank, the bank should make available to the customer the details of the banking ombudsman or equivalent institution, and its applicable processes and procedures, including the binding nature of decisions and the mechanisms to ensure the enforcement of decisions. d. The banking ombudsman or equivalent institution should be appropriately resourced and discharge its function impartially. e. The decision of the banking ombudsman or equivalent institution should be binding upon the bank against which the complaint has been lodged. Description There is no regulatory requirement for financial institutions to inform their clients about alternative dispute resolution mechanisms for the resolution of their claims by a third party. Furthermore, the division of tasks and responsibilities between SEDECO and the BCP-SIB in addressing claims submitted to them from consumers of financial products and services provided by financial institutions regulated by BCP remains unclear. Both institutions (SEDECO and the BCP-SIB) do not have the infrastructure, budget, procedures and human resources to be able to respond in a timely manner to a significant quantity of claims (the number of claims that have been addressed to date are minimal, demonstrating the need for a wider dissemination of the existence of these channels). In the private sector realm, ADEFI developed a Financial Consumer Ombudsman (DCF). It was designed as a private instance that the user could appeal to as a second instance after filing a complaint with the financial institution and receiving no response or an unsatisfactory one. The DCF emitted a basic decision which a non-binding to the entity, so its role was more that of a mediator than an arbitrator. The Center for Arbitration and Mediation of Paraguay (which works in the private sector, under the Chamber of Commerce) also offers mediation services. In practice, both the DCF and the Center for Arbirtration have not been used widely as they have not been publicized, and the DCF went dormant in the meantime. One bank has also entered into a specific agreement with the Centre of Arbitration and Mediation of Paraguay as a third party to resolve claims, although this initiative has not had much impact on users in general. ASOBAN has not implemented any alternative resolution scheme dedicated to unresolved complaints from bank customers. Financial institutions do not inform their customers that they have alternatives available to them to resolve disputes through a second instance, such as SEDECO (which is the enforcement authority of the Consumer Protection Law) or the BCP- SIB (which has recently included into its website the possibility to submit claims). Law 1897/02 establishes the legal framework for arbitration and mediation. Mediation, beyond the initiatives initiated by ADEFI and one individual bank (both with minimal impact) is not considered as a dispute resolution channel for financial consumers in Paraguay. Recommendation 1. Clearly define the scope in addressing consumer claims between SEDECO and the BCP-SIB. 2. SEDECO and the BCP-SIB should have adequate infrastructure, technology, budget, human resources, manuals and procedures in place for filing and resolving claims, based on the responsibilities defined in 1. 3. BCP should issue a regulation stating that financial institutions must communicate, through different means, to users that they have the possibility of going to a second instance (third party), after filing a complaint to the financial institution and not receiving a response within a reasonable timeframe (defined in the regulation), or not being satisfied with the response received. Such information should be published at least on the website of each financial institution, in the brochures where customer care channels are described, in contracts, in posters in branches, and in key fact statements, among others. 4. In the medium term, SEDECO, BCP, ASOBAN and ADEFI should promote an alternative (efficient for the user) dispute resolution scheme, independent of financial institutions; it´s decisions should be binding for the financial institutions.. International experience suggests that the creation of a financial ombudsman dedicated to dealing with low-value claims is the preferred and most efficient alternative. The ombudsman could be financed privately or through public funds. Good Practice E.3 Publication of Information on Consumer Complaints a. Statistics and data of customer complaints, including those related to a breach of any code of conduct of the banking industry should be periodically compiled and published by the ombudsman, financial supervisory authority or consumer protection agency. b. Regulatory agencies should publish statistics and data and analyses related to their activities in respect of consumer protection regarding banking products and services so as, among other things, to reduce the sources of systemic consumer complaints and disputes. c. Banking industry associations should also analyze the complaint statistics and data and propose measures to avoid the recurrence of systemic consumer complaints. Description Neither the BCP-SIB nor SEDECO publish statistics on complaints they receive related to financial products or services. SEDECO has not standardized, internally, the collection of statistics on complaints received. The BCP-SIB has not required financial institutions to collect, in a standardized way (i.e. with a homogeneous classification) information on the complaints they receive or the resolution thereof (if, for example, it was favorable or not to the user). Additionally, the BCP-SIB has not requested that entities report compiled data about their claims. Banking and finance companies associations do not have statistics on complaints received by their members, nor promote practices aiming at addressing the issues from which these claims originate (e.g. business practices, staff training, information transparency, clarity in advertising, etc.) Recommendation 1. The BCP-SIB should establish (by regulation) a standardized categorization of complaints and require entities to classify the received complaints in the most appropriate category. This would facilitate the process of comparing across entities. The same rules should require each financial institution to post the data on its website in a standardized way. In addition, financial institutions should periodically report (e.g. monthly or quarterly) compiled statistics on complaints to the BCP-SIB. 2. SEDECO and the BCP-SIB should collect standardized data (under a uniform classification by type of claim) on the financial sector claims that were presented to them (as second instances). 3. Once the regulation enacted and fully implemented, the BCP-SIB should publish on its website statistics on complaints received by the financial institutions, in addition to the complaints received by the BCP-SIB. The list of financial institutions should contain nominal data along with "normalized" data that measure performance in relative terms to the volume of operations of the entity (to facilitate comparisons between entities of different sizes). 4. ASOBAN and ADEFI should require (or use public information when available) data on complaints in their respective sectors, in order to promote policies to solve the issues that generate these complaints, in a proactive manner. SECTION F GUARANTEE SCHEMES AND INSOLVENCY Good Practice F.1 Depositor Protection a. The law should ensure that the regulator or supervisor can take necessary measures to protect depositors when a bank is unable to meet its obligations including the return of deposits. b. If there is a law on deposit insurance, it should state clearly: (i) the insurer; (ii) the classes of those depositors who are insured; (iii) the extent of insurance coverage; (iv) the holder of all funds for payout purposes; (v) the contributor(s) to this fund; (vi) each event that will trigger a payout from this fund to any class of those insured; (vii)the mechanisms to ensure timely payout to depositors who are insured. c. On an on-going basis, the deposit insurer should directly or through insured banks or the association of insured commercial banks, if any, promote public awareness of the deposit insurance system, as well as how the system works, including its benefits and limitations. d. Public awareness should, among other things, educate the public on the financial instruments and institutions covered by deposit insurance, the coverage and limits of deposit insurance and the reimbursement process. e. The deposit insurer should work closely with member banks and other safety-net participants to ensure consistency in the information provided to consumers and to maximize public awareness on an ongoing basis. f. The deposit insurer should receive or conduct a regular evaluation of the effectiveness of its public awareness program or activities. Description The legal framework clearly establishes the insurer (the Deposit Guarantee Fund – FGD – administered by BCP), the extension of coverage (PYG 136,000, equivalent to approximately USD 28,000), the calculation mechanisms (netting our overdue debt, consolidating deposits), the grounds for payment (collapse of a financial institution), mechanisms for payment and deposits which are excluded from the guarantee (e.g. those linked to the entity). The amount of the deposit coverage is high (enough to fully cover 97% of deposit accounts in the financial system). The regulations make it compulsory for institutions to publish in their offices and branches the existence and extent of the deposit insurance. In addition, entities incorporate such information in some of the documents they use. The FGD has distributed informational brochures describing the characteristics and scope of the FGD, although they were not seen in branches visited by the mission team. There has been no assessment conducted on the extent of public awareness and knowledge of the existence of the FGD, nor have there been any widespread outreach programs in recent years. Recommendation 1. Conduct an assessment of the degree of awareness of the population on the existence and scope of the deposit insurance. 2. Adapt the dissemination channels based on the results of the abovementioned assessment. Consider the launch of a major widespread communications campaign on the deposit insurance scheme, using the most efficient channels (e.g. radio), both in Spanish and in Guaraní. Good Practice F.2 Insolvency a. Depositors should enjoy higher priority than other unsecured creditors in the liquidation process of a bank. b. The law dealing with the insolvency of banks should provide for expeditious, cost effective and equitable provisions to enable the maximum timely refund of deposits to depositors. Deposits are the only liabilities that are totally or partially covered (depending on the amount) by the deposit insurance. Furthermore, Law 2334 of the Deposit Insurance (Article 20) provides that, when an entity goes bankrupt, deposits are moved as a liability with the first order of priority for inclusion in the balance of exclusion and subsequent transfer (along with the assets that balance them) to one or more solvent receiving financial institutions. Recommendation No recommendations. SECTION H COMPETITION AND CONSUMER PROTECTION Good Practice H.1 Regulatory Policy and Competition Policy Regulators and competition authorities should be required to consult one another for the purpose of ensuring the establishment, application and enforcement of consistent policies regarding the regulation of financial services. Description The legal and regulatory framework for competition is recent. The Competition Law Number 4953 of June 2013 provides for the creation of the National Competition Commission (CONACOM). Art. 61 of the "Collaboration and Information" Law sets forth the requirement to submit information or issue reports as requested by the CONACOM, be it from public institutions or regulatory bodies, including BCP (in cases of violation, fines can be imposed). In any stage of the procedure, the CONACOM may request the adequate collaboration of regulators, informing them of the relevant actions needed for collaboration. In addition, the same article points out that the CONACOM is the only competent public institution to assess restrictions to free competition and to instruct the procedures it regulates. Moreover, the implementing regulation of the Competition Law (Decree 1490 of April 2014) provides in Art. 80 mandatory reporting requirements for regulated sectors. Specifically in banking, the CONACOM must solicit BCP to issue a compulsory report on the technical aspects of the services and/or products evaluated, the markets involved, the conduct investigated and the applicable regulations. In the processes associated with the notification of concentration cases, the CONACOM should ask BCP to produce information on market share of the entities involved in the operations. The report has no binding character for the CONACOM, and failure to produce it does not suspend the proceedings. Recommendation While the legal and regulatory framework provides for the intervention of BCP in procedures involving financial institutions, formal mechanisms for routine interaction and coordination between BCP and the CONACOM should be established (not just in cases of investigation). Once the CONACOM is running, it is recommended to proceed with the drafting and signing of a Memorandum of Understanding between the two institutions. Good Practice H.2 Review of Competition Given the significance of retail banking to the economy as a whole and to the welfare of consumers, competition authorities should: (i) monitor competition in retail banking; (ii) conduct, and publish for general consumption, periodic assessments of competition in retail banking (such as the range of interest rates across banks for specific products); and (iii) make recommendations publicly available on enhancing competition in retail banking. Description The newly established CONACOM has among its objectives the analysis of competition in the sector. In practice, the CONACOM is not yet operational and has not defined the priority areas in which market concentration will be analyzed. Recommendation Should the CONACOM have sufficient resources and begin to operate effectively, it is recommended to include among its priorities the analysis and review of competition in the retail financial sector. Good Practice H.3 Impact of Competition Policy on Consumer Protection The competition authority and the regulator should evaluate the impact of competition policies on consumer welfare, especially regarding any limitations on customer choice and collusion regarding interest and other charges and fees. Description BCP has been analyzing the interest rate and the commissions and fees charged by various financial institutions. In addition, representatives of the CONACOM expressed interest to maintain a close link with BCP and assess of competition in the banking sector. Recommendation BCP must continue and deepen their analysis of price trends for banking services and products to collect the information that will, in time, form the basis, for a working relationship between technical officers at BCP and the CONACOM. SECTION A CONSUMER PROTECTION INSTITUTIONS Good Practice A.1 Consumer Protection Regime The law should provide clear consumer protection rules in the area of non- bank credit institutions, and there should be adequate institutional arrangements to ensure the thorough, objective, timely and fair implementation and enforcement of all such rules, as well as of sanctions that effectively deter violations of these rules. a. There should be specific statutory provisions, which create an effective regime for the protection of consumers of non-bank credit institutions. b. There should be a government authority responsible for implementing, overseeing and enforcing consumer protection in the area of non-bank credit institutions. c. The supervisory authority for non-bank credit institutions should have a register, which lists the names of non-bank credit institutions. d. There should be coordination and cooperation among the various institutions mandated to implement, oversee and enforce consumer protection and financial sector regulation and supervision. e. The law should provide for, or at least not prohibit, a role for the private sector, including voluntary consumer associations and self- regulatory organizations, in respect of consumer protection in the area of non-bank credit institutions. Description a. Statutory provisions Consumer Protection issues are covered by the general Consumer Protection Law, the Civil Code as well as the legal and regulatory framework applicable to financial cooperatives. The provisions in the cooperative sector framework in many instances refine the Consumer Protection Law, and do not appear to be in contradiction with it. Nevertheless, the regulations on consumer protection are dispersed in different regulations and dispositions, which makes it difficult to get an overview and establish possible overlaps. This also leads to fragmentation in oversight and enforcement, with various oversight agencies being involved. The Consumer Protection Law number 1334/98 and Decree 20572/03 create a general consumer protection framework for the purchase of goods and services. This explicitly also covers financial services. The law establishes the basic rights 7 This section was prepared by Luis Trevino, with guidance from Ilka Funke. A stand-alone assessment for Savings and Loan Cooperatives was conducted with view to the separate supervisory framework in place for cooperatives, and the important role they play for financial inclusion in Paraguay. and obligations of clients (both legal and natural persons), including the rights to (i) freely choose a service or good, (ii) receive clear and correct information on the composition, quality, price and risk of the product / service, and (iii) to be protected against inadequate publicity and marketing and abusive contracts (Art. 6.). Chapter 13 also includes special provisions for “closed circles”, where co nsumers pool funds to obtain services or products. The Chapter establishes the freedom to associate and withdraw from these circles, and rules on the authority for decision making within the circle. As cooperatives are member based and in this respect closed circles, this also applies to them. The provisions are broad in nature, which in the absence of further regulations makes actual implementation and enforcement more difficult. The legal and regulatory framework for cooperatives includes a number of relevant consumer protection provisions. The general law on cooperatives, Law 438/94, establishes rules for the constitution, organization and function of all types of cooperatives (sectorial or multifunctional), as well as second and third tier gremial institutions. This includes core governance rules (including claims handling processes), which in member-based institutions generates a first level of consumer protection. It also provides for a dedicated funding for general member education, but not explicitly for financial education. Decree 14052/96 regulates the Law 438. More recently, Resolution 11102/13 (and subsequent amendments) was issued, creating a compiled regulatory framework for financial cooperatives (so called “Savings and Loan Cooperatives”), as well as their second tier entities. The compiled framework establishes a tiered regulatory and supervisory regime proportionate to the profile and risk posed by individual financial cooperatives. It differentiates between three types of cooperatives according to their assets (Type A with assets over ~USD 11 million, Type B over ~ USD 1.1 million, and Type C below this threshold). This new framework for savings and loan cooperatives includes e.g. provisions for a proper disclosure of information on credit operations, the disclosure of the terms and conditions offered for each service or product, the minimum requirements for general contracts of agreement, and general provisions for the integrity of advertisement issued. The special framework is compiled into a separate regulatory document available on INCOOP’s website, and is regularly updated to reflect regulatory revisions. Some consumer protection relevant provisions are also included in the Civil Code. The latter establishes in Art. 475 a usury interest rate, which is to be determined by the Central Bank and is the maximum interest rate that can legally be charged for lending. The Civil Code also establishes some basic provisions for contracts, including credits contracts. Art. 526 to 574 include e.g. rules for the sale of a loan to a third party and for payments being made, Art. 437 onwards cover the creditor’s rights to enforce collateral for outstanding credit. These are general provisions on contracts, to be enforced in court. b. Government authority responsible for implementing, overseeing and enforcing consumer protection Two separate entities are involved in implementing, overseeing and enforcing consumer protection issues pertaining to cooperatives: SEDECO and INCOOP. Furthermore, the courts play a role for sanctioning violations: Until recently, the Ministry of Industry and Commerce (MIC) and on a voluntary basis the municipalities were in charge of overseeing the implementation of the Consumer Protection Law. In 2013, this arrangement was modified via Law 4974/13, which establishes a new autonomous entity, the Secretary for the Defense of the Consumer and the User (SEDECO), as entity in charge of implementing and regulating the Consumer Protection Law. The entity reports to the MIC, but has its own budget. Being recently created, it currently has limited human resources and no IT system in place to carry out this cross-sectorial task. There is also no dedicated financial sector specialist on board. Given the above, SEDECO’s de facto capacity to supervise and follow-up on consumer protection issues in the area of the financial sector (including for S&L cooperatives) is currently limited. Chapter X (Art. 43-44) and Chapter XIV (Art. 51-52) of the Consumer Protection Law assigns the courts as authority in charge of sanctioning any consumer protection violations brought to their attention by individuals, SEDECO or consumer protection associations and other stakeholders. They can address both individual and collective cases. In practice, only few cases appear to have been brought to the attention of the courts, so consumer protection violations are usually not sanctioned. Regulation and oversight over cooperatives, including savings and loan cooperatives, is assigned by Law 438/94 (Art. 115) to a dedicated regulatory and supervisory body, the “Instituto Nacional de Cooperativismo” or “INCOOP”. In 2003, INCOOP was created through Law 2157/03 as an independent and autonomous supervisory body for the cooperative sector, which reports to the Ministry of Agriculture. According to Art. 4 of the INCOOP Law, INCOOP ‘s objective is to help implement Art. 113 of the Constitution, which mandates that the government should support the formation of cooperatives operating under the principles of solidarity and social benefit. Furthermore, its functions also include the provison of capacity building and support to help strengthen the cooperative movement in the country. Art. 5 (d) and (e) of the INCOOP law also provides INCOOP in with the legal faculty to establish rules to govern the correct economic and social functioning of cooperatives, and to perform an adequate supervision, control and enforcement of cooperative activities. Overall, Incoop’s role in supporting the economic and social functioning of member based institutions gives it a direct mandate to supervise and enforcement the regulatory framework for cooperatives, as well as an indirect mandate in protecting the interests of members of cooperatives. As discussed under A3, INCOOP de facto capacity to supervise and enforce consumer protection provisions incorporated into its legal and regulatory framework is limited. c. Availability of registry According to Law 2157/03 (Art. 5 h), INCOOP is in charge of maintaining the National Registry of Cooperatives. On its website, INCOOP provides information on registered entities, their location, as well as a list of closed entities. However, the information is not updated on a regular basis, with the latest available information dating from June 2011. For further detail on this see section A.4. d. Coordination and cooperation among involved institutions A Memorandum of Understanding for collaboration in the area of consumer protection was signed in September 2005 between the Ministry of Industry and Commerce and INCOOP. Since then, INCOOP introduced several consumer protection relevant modifications to its regulatory framework, in accordance to the applicable Consumer Protection Law. As MIC was recently replaced by SEDECO, a new MOU will have to be signed. e. Role for the private sector, including voluntary consumer associations and self-regulatory organizations Art. 6 g of the General Consumer Protection Law establishes as essential right of consumers to form consumer associations with the purpose of defense and representation of themselves. Art. 45 clarifies that consumers associations are associations constituted by individual persons with no economic, political or commercial interests, whose goals is to guarantee the defense and protection of the consumers and users and to promote the information, education, representativeness and respect of their rights. Art. 47 explicitly provides for a role of consumer protection associations in the education and protection of the consumer. Furthermore, Decree 20572/03 (which regulates and establishes the National Integrated System of Consumer Protection – SNIPC) allows consumer associations, NGOs and private entities associations to be part of the SNIPC. Art. 3 supports the active participation of civil society organizations through consumer associations, NGOs and unions affiliated to SNIPC. In practice, there is only one larger consumer association (Association of Users and Consumers of Paraguay, “ASUCOP”) operational in Paraguay. ASUCOP only has a reduced administrative structure in place, and its operations are managed on a voluntary basis by legal entities. The ass ociation hasn’t performed a specific role for protecting clients of the financial system, but is included in the consultations for the Credit Card Law currently being drafted. There are no specific consumer associations for cooperatives. The General Cooperative Law allows cooperatives to horizontally integrate in the form of associations to exchange and share services, complement activities more adequately, meet social objectives and, finally, support the cooperative integration principle (Law 438/94, Art. 78). Cooperatives can also integrate vertically in Central Cooperatives with three or more cooperatives or into Federations with seven or more cooperatives (Second grade cooperatives). Eight or more Central rd Cooperatives and Federations can create a Confederation or 3 grade Cooperative (i.e., CONPACOOP) that is more a gremial institution of representativeness of the sector. (Law 438/94, Art. 83, 88 and 92). While consumer protection is not explicitly mentioned amongst the roles of the horizontal or vertical forms of integration, it is also not forbidden. As of June 2014, there are 13 Central Cooperatives, 5 Federations and one Confederation (CONPACOOP). Recommendation 1. The division of labor and responsibilities in the enforcement of consumer protection in financial cooperatives need be clarified, and the role of INCOOP in the area of protection of members strengthened:  INCOOP should sign as soon as possible a MOU with SEDECO, and establish working groups with SEDECO to ascertain that the two frameworks are in line with each other and form a coherent whole, as well as to coordinate and improve efficiency of oversight and enforcement mechanisms. Furthermore, consideration should be given to introduce a formal mandate for consumer protection by INCOOP in the Consumer Protection Law as well as INCOOP’s organic law.  INCOOP should compile all statutory consumer protection related provisions into a separate guidance document, and establish structured mechanisms for supervision, as well as response and recourse for violation of these provisions. This exercise would on the one hand facilitate coordination with SEDECO, help identify potential consumer protection gaps in dedicated legal framework for cooperatives, and help INCOOP assess cost effectiveness of existing measures. It would also be useful to help coordinate the existing provisions with the BCP, with the aim to create a level playing field and enhanced transparency between financial services provided by banks, finance companies and financial cooperatives.  Finally, it would be beneficial if BCP and INCOOP, and possibly SEDECO, could collaborate to harmonize technical terms and disclosure requirements (e.g. commission terms and financial terminology used). This would help create a level playing field between financial service providers, and provide the client with the needed transparency for making financial decisions (see B7 of banking sector assessment). 2. As further discussed under A4, INCOOP should (i) establish clear and cost effective regulations and procedures for the liquidation of Cooperatives to allow closing of inactive cooperatives, and their elimination in the registry; and (ii) enforce that cooperatives have to provide as a minimum in an annual basis their financial statements to the supervisor. To adequately process the data and disclose the compiled information on a regular basis, INCOOP should acquire adequate IT systems to collect the information, and provide updated information on a timely basis both in the registry as well in statistical information on the sector. More detailed information could be disclosed in a legal repositories of information which is only accessible for members and a limited number of public authorities, while general financial and product related information should be made available to the public (if possible for each entity) on INCOOP’s general website. Good Practice A.2 Code of Conduct for Non-Bank Credit Institutions a. There should be a principles-based code of conduct for non-bank credit institutions that is devised in consultation with the non-bank credit industry and with relevant consumer associations, and that is monitored by a statutory agency or an effective self-regulatory agency. b. If a principles-based code of conduct exists, it should be publicized and disseminated to the general public. c. The principles-based code should be augmented by voluntary codes on matters specific to the industry (credit unions, credit cooperatives, other non-bank credit institutions). d. Every such voluntary code should likewise be publicized and disseminated. Description a. No industry-wide code of conduct for financial cooperatives is in place. CONPACOOP, the Paraguayan Cooperative Confederation, tried to establish a formal Ethics code amongst its member Federations and Central Cooperatives in 2009, but in the absence of sufficient member support the Code could not be adopted. b. Not applicable. c. Selected individual cooperatives and INCOOP itself introduced Codes of Conduct/Ethics: - In 2010, INCOOP introduced both an Ethics Code (Resolution 6652/10) and a Good Governance Code (Resolution 6653/10). Both are part of INCOOP’s internal control system MECIP. The Codes establish basic principles for INCOOP staff in the conduct of business. For example, Art. 13 of the good governance code mandates that INCOOP’s President and the Board should establish and promote “ethical practices” amongst its staff, towards suppliers and civil society in general; Art. 14 mandates that the institution should adhere to transparency and integrity in its operations to prevent corruption; Art. 15 is committed with the inter-institutional collaboration in the promotion of ethic practices; Art. 20 establishes the protection of confidentiality of sensitive information; and Art. 27 establishes attendance to claims. - Cooperative Nemby introduced its Code of Ethics in 2010, prohibiting e.g. fraudulent conduct of its staff, as well as improper usage or public disclosure of confidential information on members. - Cooperativa Universitaria published in 2011 a Code of Conduct to establish 8 proper governance towards members. d. All of INCOOP’s Internal Control resolutions, Code of Conduct, and good governance protocol are disclosed on the Internet. Some of the individual cooperative’s Codes of Conduct are also publicly disclosed on the Internet. Recommendation 1. CONPACOOP, INCOOP and the different gremial associations should collaborate to establish a principle-based Code of Conduct for cooperatives. The Code of Conduct could e.g. be modeled on Codes of Conducts or model provisions for consumer protection established by WOCCU or the DRGV, which cover corporate governance, disclosure of rates and fees, honest and fair promotion material, claims and dispute resolution mechanisms among others etc. CONPACOOP should assume a lead role in pursuing this project. 2. Once established, the generally applicable Code of Conduct should be publicized, broadly disseminated and become part of the cooperative 8 http://www.cu.coop.py/images/descargas/codigo.pdf education program. CONPACOOP could act as the self-regulatory body to help enforce adherence to the principles based code of conduct and for disseminating to members information on the content of the code. Good Practice A.3 Other Institutional Arrangements a. Whether non-bank credit institutions are supervised by a financial supervisory agency, the allocation of resources between financial supervision and consumer protection should be adequate to enable their effective implementation. b. The judicial system should ensure that the ultimate resolution of any dispute regarding a consumer protection matter with a non-bank credit institution is affordable, timely and professionally delivered. c. The supervisory authority for non-bank credit institutions should encourage media and consumer associations to play an active role in promoting consumer protection regarding non-bank credit institutions. Description a. INCOOP, as the supervisory body for Cooperatives, has two teams for supervision: (i) a supervision team dedicated to on-site supervision, and (ii) an off- site team which helps attend consumer protection issues in the area of corporate governance, management and general complaints. Overall, of the 200 INCOOP employees, only 45 (25% of INCOOP’s total human resources) are dedicated to on- and off-site supervision. With view to the 1,405 registered cooperatives in Paraguay, this appears highly insufficient. INCOOP currently only has the capacity to supervise the larger cooperatives (Type A) every three years (on average), and the remaining ones when deemed critical. Given these technical and human resources constraints, in combination with the lack of a clear mandate identified above, no dedicated consumer protection or market conduct supervision is carried out, and no structured and consistent approach to non-prudential supervision is established. Complaints received from individual members or from the management / Board of cooperatives are distributed to various departments within INCOOP, and not systemically tracked. As a result, no information on the complaints received, areas of concern and the suggested resolution is available as will be discussed below. b. There is no evidence that the judicial system has been involved in a more systematic way in the resolution of disputes over financial products. c. INCOOP has not been directly promoting financial consumer protection. As discussed above, the confederation CONPACOOP has taken some initiatives, but so far without direct result. Recommendation 1. Given the strategic importance of the cooperative sector in Paraguay (more than a third of the adult population is member of a financial cooperative), the strengthening of the technical and overall available human resources of INCOOP’s supervision department is urgent. As part of this strengthening, INCOOP should develop a systematic approach to non-prudential supervision and on the long term consider establishing a dedicated unit in charge of consumer protection / market conduct. 2. INCOOP, the BCP and SEDECO should collaborate to create recourse mechanisms that provide affordable out of court mechanisms for resolving disputes for clients of the financial system (for further detail see recommendations under Good Practice E.2.). 3. CONPACOOP and INCOOP should help build sector-wide awareness of the advantages of having adequate consumer protection frameworks in place, and support capacity building in this area on various levels of the sector, as well as public stakeholders. Good Practice A.4 Registration of Non-Bank Credit Institutions All financial institutions that extend any type of credit to households should be registered with a financial supervisory authority. Description According to Law 2157/03 (Art. 5 h, o and p), INCOOP has the mandate to register and cancel the registration of any cooperative in Paraguay (independent of size and type of activity). INCOOP is in charge of maintaining the National Registry of Cooperatives, and of keeping it up to date. In practice, the National Register of Cooperatives is not regularly updated, does not differentiate between cooperatives by type of activity, and many inactive entities continue to be included in the registry. Two factors contribute to this: (i) problems in INCOOP’s internal system to maintain the register updated; (ii) weaknesses in the legal and regulatory processes for closing cooperatives, which provides INCOOP with only a limited role in initiating the closing of a cooperative, and makes a voluntary liquidation costly and time consuming (see Chapter VII of the General Law on Cooperatives). As a result, particular the small Type C Cooperatives become inactive without formally closing. In the absence of notification to INCOOP, the inactive cooperative continues to be registered. As of June 2014, the information from the registry, which is publicly available on INCOOP’s website, dates from 2011. The registry lists 1405 cooperatives for 2011, while the Cooperative Census carried out by CONPACOOP in 2012 reveals that only around 450 of the 1405 cooperatives are actually in operation. The information in the registry is thus not reliable, and does not create value added. Recommendation 1. The registry should urgently be updated to provide the general public with information on how many cooperatives are currently registered, as well as de facto in operation. In the future, all changes in registration should be instantly reflected in the registry, and on a periodic basis the de facto operational entities confirmed. 2. To solve the problem of the many inactive cooperatives, INCOOP should consider revising the regulations and procedures for the liquidation of Cooperatives. The regulations could give e.g. INCOOP a right to at least eliminate from the registry those entities that do not provide annual financial statements to the supervisory authorities. 3. INCOOP should enforce the annual reporting requirements for cooperatives active in financial intermediation, and should acquire adequate IT systems to collect and report the information in a transparent, efficient and timely way. SECTION B DISCLOSURE AND SALES PRACTICES Good Practice B.1 Information on Customers a. When making a recommendation to a consumer, a non-bank credit institution should gather, file and record sufficient information from the consumer to enable the institution to render an appropriate product or service to that consumer. b. The extent of information the non-bank credit institution gathers regarding a consumer should: (i) be commensurate with the nature and complexity of the product or service either being proposed to or sought by the consumer; and (ii) enable the institution to provide a professional service to the consumer in accordance with that consumer’s capacity. Description a. The compiled legal and regulatory framework for financial cooperatives incorporates a range of information requirements to enable the institution to render an appropriate product to the member. With regard to credit:  Art 5.13 establishes that each cooperative has to have a credit manual in place, and sets minimum standards on information gathering and documentation to be included in the credit manual. This includes e.g. information on the available products, conditions to be fulfilled by solicitants to be eligible for receiving credit, specific aspects of the financial products, as well as procedures for credit evaluation.  Art. 5.9 establishes the basic parameters for lending, including (i) that the member has to formally apply for credit, and (ii) that all documents for establishing the income generating capacity of the member have to be collected and assessed to determine the repayment capacity. The cooperative also needs to verify the repayment history of the applicant through INCOOP’s Credit Bureau or other available credit information services. The underlying analysis has to be appropriately documented.  Art. 5.2 covers credits that are deemed to be high risk and thus should not be granted. It is e.g. prohibited to grant a credit to a member who does not want to provide financial information and/or adequate referrals as requested in each the credit manual, or who provides guarantees that are legally disputed.  Finally, Art. 5.8 establishes the general functions of the Credit Committee including compliance with credit approval procedures established by the credit manuals, attendance of claims and observations from members, periodic provision of non-performing loans etc. Regarding savings and deposits, Chapter 9 of the regulatory framework for financial cooperatives relates to the basic conditions for taking member deposits. Art. 9.1 establishes that Type A and B cooperatives and central cooperatives should have a manual for taking deposits, which specifies the deposit and savings products offered, conditions and general characteristics of the products, as well as internal control mechanisms needed to assure the veracity and security of information:  According to Art. 9.1 (a-1), the manual for deposits should determine the eligible subjects for savings (including legally entities) in line with constraints established by Law 438/94 and its Reglamentary Decree No. 14.052/96. The latter determines in Art. 24 that both natural and legal entities can become members of cooperatives, and establishes responsibilities and minimum membership contributions to be paid when affiliating.  According to Art. 9.1 (a-2 and a-3) manuals should establish the types of savings that are offered and their basic characteristics; as well as information on the administrative organization and processes for taking deposits, approval and management of the savings portfolio”;  Type C cooperatives must only have a basic manual of rules for savings in place in which the general conditions and characteristics of savings products and security scheme to protect the information of the deposit accounts are established. b. The above-described regulations are comprehensive, and provide for a thorough assessment of the repayment capacity of clients in the case of credit applications, as well as for appropriate documentation of products offered to a member (e.g. Art. 5.12 for credits, and 9.1.h for deposits). However, discussions and observations during the mission indicate that the human resources and capacity to actually implement the regulations and undertake a sold repayment assessment of a client is limited in many cooperatives. INCOOP’s capacity to actually monitor and enforce compliance is also restricted by the above-mentioned capacity constraints to supervise this diverse and large sector. Recommendation 1. To support implementation of the applicable regulatory framework and strengthen the sector’s capacity to assess member’s repayment capacity and product needs, substantial and ongoing capacity building of cooperative sector staff should be provided. The training should focus on tools for assessing the repayment capacity of clients, collecting and filing the needed information on clients in a safe and secure way, and on product development. 2. INCOOP should put in place standardized procedures for supervising (both on and off-site) the adherence of financial cooperatives to the information requirements established by the legal and regulatory framework, as well as on a sample basis the undertaken assessment of the repayment capacity of a borrower. Good Practice B.2 Affordability a. When a non-bank credit institution makes a recommendation regarding a product or service to a consumer, the product or service it offers to that consumer should be in line with the need of the consumer. b. Sufficient information on the product or service should be provided to the consumer to enable him or her to select the most suitable and affordable product or service. c. When a non-bank credit institution offers a new credit product or service that significantly increases the amount of debt assumed by the consumer, the consumer’s credit worthiness should be properly assessed. Description a. There are no formal provisions that mandate that the financial product or service offered to the member is in line with the actual needs of the member. With regard to credit, a number of provisions however establish that the credit should be affordable for the client:  As discussed above, Art. 5.9 of the legal and regulatory framework for financial cooperatives mandates that the cooperative must determine, prior to conceding credit, the repayment capacity of the member, as well as his or her credit history (passed and ongoing). Furthermore, the cooperative should summarize in a report or any other written document the realized analysis and conclusions. Information from INCOOP’s newly created Credit Registry, or any other private credit should be included in the assessment.  Art. 5.9. g forbids that an additional credit is provided to a member who is behind with repayment of a credit to the cooperative, while Art. 5.2 requests that more diligence in the credit evaluation should be done for “high risk” credits such as (ii) credits needed for the repayment of a loan with another financial service provider, or (iii) that hinge on the provision of a guarantee for which a limited market is available. b. Chapter II, Art. 6 of the Consumer Protection Law establishes the basic right of the consumer to receive adequate education and information about the features of the products and services offered, ensuring the liberty to decide and fairness in the contracts. In addition, Art. 2.6.g of the compiled legal and regulatory framework of financial cooperatives provides as basic requirement that all public communication and advertising of financial cooperatives is in line with the provisions of the consumer protection law and other applicable specific laws and regulations, and Art. 2.5 d and e establish that interest rates, if provided in commercials and formal communications, should be expressed both in nominal as well as annual effective terms. Art. 5.7 on the costs and interest rates of credit also mandates under provision i, that members of cooperatives should be informed about all costs and commission of credits at any time, without being specific on the form of this disclosure. Information gathered during the mission indicates that the client is not provided with the full costs when signing up for a product, and information on interest rates and commissions is not readily available or easy to find on entities’ websites, in product flyers or in the branches. This makes it difficult for the member to get an adequate overview over available products and their conditions, and to choose the most appropriate product. c. The regulations do not specifically contemplate the case in which a financial cooperative offers an additional credit to a client, which significantly increases the level of debt of a client. However, as highlighted under a, provisions are in place for determining the repayment capacity of a member, assess all available information related to outstanding credits and guarantees, credit history and credit profile. Furthermore, specific provisions are in place for more risky credits (Art. 5.2). Recommendation The legal and regulatory framework for financial cooperatives should be amended to establish provisions on the timing and form of disclosure of product related information, including pricing information:  The latter should ideally mandate disclosure of total costs of credit, standardized pricing and annual effective interest rate information.  Consideration should be given to establish a pricing list to be visibly displayed in the branches of financial cooperatives, and to mandate the introduction of a factsheet for financial service contracts. Good Practice B.3 Cooling-off Period a. Unless explicitly waived by the consumer in writing, a non-bank credit institutions should provide the consumer a cooling-off period of a reasonable number of days immediately following the signing of an agreement between the institution and the consumer. b. On his or her written notice to the non-bank credit institution during the cooling- off period, the consumer should be permitted to cancel or treat the agreement as null and void without penalty to the consumer of any kind. Description Art. 30 of the Consumer Protection Law 1334/98 gives the consumer the right of early repayment of the full credit amount, with the respective proportional reduction of the interest. This applies for all credits linked with the purchase of a good or service, and thus could be interpreted to also cover financial intermediation services. However, this provision does not cover partial early repayment, and does not prohibit the levying of penalty fees for early repayments. The specific regulatory framework for financial cooperatives also does not include a cooling off period for credit or for term savings products, but instead refer to the internal policies from each institution to allow or not for these. There are no dispositions preventing the cooperatives from charging a fee for early repayment or withdrawal. In practice, financial cooperatives (similar to practices observed in banks and finance companies) levy charges for early cancellation of loans or term deposits. The information on applicable penalty fees / impact on the interest rate for early cancellation of term deposits was not included in contracts reviewed during the mission. Recommendation 1. INCOOP should incorporate into the regulatory framework for financial cooperatives a requirement to provide a cooling off period to clients. The actual cooling off period should ideally be coordinated with the period to be established for banks and finance companies in order to ascertain a level playing field between the various market participants. 2. Furthermore, cooperatives should be obliged to provide their clients with information on fees and costs for early cancelation of loans and term deposits. The information should be included both in the general product information, as well as in the contract to be signed in an easily understandable language. 3. Similar to the framework in place for banks and finance companies, limits should be established (as a proportion of the interest to be charged) on the commission for anticipated cancellation of loans. Good Practice B.4 Bundling and Tying Clauses a. As much as possible, non-bank credit institutions should avoid the use of tying clauses in contracts that restrict the choice of consumers. b. In particular, whenever a borrower is required by a non-bank credit institution to purchase any product, including an insurance policy, as a pre-condition for receiving a loan, the borrower should be free to choose the provider of the product and this information should be made known to the borrower. c. Also, whenever a non-bank credit institution contracts with a merchant as a distribution channel for its credit contracts, no exclusionary dealings should be permitted. Description a. Art. 14 of the Consumer Protection Law prohibits bundling of products, unless the products are by nature or custom used together. This leaves room for interpretation, e.g. whether the tying of financial services with the obligatory signing of an insurance product is permissible. The legal and regulatory framework for cooperatives also does not explicitly prohibit the use of bundling. On the contrary, Art. 5.12 for example mentions that the insurance policy covering the provided guarantee should be included in the documentation if applicable. In practice, financial cooperatives bundle products, especially credit products with insurance policies to guarantee repayment of the credit in case of death. This bundling of product is not necessarily done in the form of a separate contract, but in some observed cases is part of the savings or credit product, and thus already directly included in the price of the product. b. There are no general regulations that mandate cooperatives to offer to the respective member information and alternative choices of provider for the bundled product, if it is not an integrated part of the originally offered product and has to be signed / paid for separately. Each institution can set its own policies regarding the offered insurance for credits. There is not an explicit disposition on the use of agents, and the use of exclusivity contracts. Recommendation INCOOP should introduce into the regulatory framework for financial cooperatives provisions that limit the use of bundling of products (unless directly included in the product with no additional charges). Where bundling is deemed necessary for service provision, the financial cooperative should be required to offer the client a choice of provider for the bundled product together with a cooling off period. Adequate information on the cost and terms of the provided products should be provided to the client. Ideally, the provisions should be coordinated with the BCP to establish a level playing field between the market participants. Good Practice B.5 Key Facts Statement a. Non-bank credit institutions should have a Key Facts Statement for each type of account, loan or other products or services. b. The Key Facts Statement should be written in plain language, summarizing in a page or two the key terms and conditions of the specific financial product or service, and allowing consumers the possibility of easily comparing products offered by different institutions. Description a. There is no requirement to have key fact statements on offered financial products. Furthermore, the applicable rules on information transparency are not sufficient to provide the clients with easily understandable and clear information: The Consumer Protection Law No 1334/98 mandates in Art. 29 that credit contracts should include information on (i) the applicable monthly or annual interest rate, (ii) the interest rates for overdue payments, (iii) any additional charges for commissions and fees, (iv) the number of payments to be made under the contract, and the timing, (v) the total costs to be paid for the product, which is not to be higher than the price of the product plus interest rate, and (vi) right and obligations of the contract parties in case of non-compliance / non-fulfillment. If in violation of the above, the contract can be claimed as null and void. However, Art. 29 only applies to credits linked to the purchase of products and services. This leaves room for interpretation whether stand-alone financial credits not linked to any purchase are covered by this provision. INCOOP refers to the Art. 29 of the Consumer Protection Law in Resolution 3571/10 as a general requirement for all credits, and mandates that cooperatives keep INCOOP updated on change made in their credit manuals to allow INCOOP to verify compliance with applicable regulatory requirements. The provisions under Art. 29 are however not formally introduced in Art. 5.13 (see below), or cross- references in the compiled regulatory framework for cooperatives. Furthermore, Art. 5.9 i of the compiled regulatory framework for financial cooperatives specifies that each cooperative should inform their members about nominal and effective interest rates, as well as interest rates and fees for late payments, penalties and other applicable charges. However, neither the form nor the frequency in which the information is to be made available is specified. This is also not covered by other applicable regulations and provisions:  On the contract itself, Art. 5.9 h only specifies that the borrower has to sign a provision allowing (i) the periodic review and verification of the investment plans and the destiny of the credit, and (ii) the selling of the debt to a third party.  Art. 5.13 specifies that the Board is to approve and regularly update the Credit Manual. The latter is to include interest rates, commissions and general terms and conditions of offered credits products. While in some countries the manual and the conditions are approved by the members in the General Assembly, thus automatically providing members with the information and a right to interfere if not deemed acceptable, this is not mandated in Paraguay. There are also no provisions to make the handbook or the included terms and conditions publicly available in the branches or provide it to the member upon request. The same holds for savings products, where the Board approves and regularly updates the manual. If using promissory notes to establish a credit obligation, Art. 1535 of the Civil Code sets generally applicable minimum standards. The promissory note is to include information on the outstanding debt, the promise of the debtor to repay, as well as information on the amount to be repaid, repayment date(s) and location. There is no requirement to make e.g. the interest rates and commissions transparent, nor fees and procedures in case of late payment. This leaves the client with very limited information on the credit itself, and falls way short of international best practice. For unregulated non-bank financial intermediaries such as pawnshops and moneylenders, who mostly use promissory notes to establish the contractual relationship with the borrower, this very deficient information standards are the only applicable legal framework, For cooperatives, Resolution 6587/10 issued by INCOOP complements the provisions of Art.1535 of the Civil Code on promissory notes. The latter appear to be widely used by cooperatives when issuing credit. According to the resolution, the promissory note is to include information on the due date of each payment, the denomination and amount, the client’s promise to pay, the payment location as well as the name of the cooperative, the place and date where the promise of payment is signed, and the nominal and moratorium interest rate. While including some of the information that the key fact statement should include, the information is however provided to the client after the credit has been signed, thus too late in the process to establish the transparency sought under this good practice. Furthermore, the compiled regulatory framework for financial cooperatives does not provide a reference to this resolution. b. not applicable. Recommendation 1. A key fact statement summarizing the core features of the financial product should be made mandatory, both for financial cooperatives as well as for unregulated non-bank financial intermediaries. This could be done by SEDECO to cover all financial intermediaries and help create a level playing field, but should also be incorporated into the legal and regulatory framework by INCOOP to facilitate actual enforcement and adherence. 2. The key fact statement should be provided to the client as part of the contract to be signed, and include at a minimum information on the nominal amount of the credit, annual effective interest rates, total costs of the credit and the repayment schedule in nominal terms. For savings products, commissions and charges for maintenance of an account should be provided. Furthermore, penalty fees for early repayment / withdrawal, and information on available dispute resolution mechanisms should be included. 3. The key fact statements should be written in a clear and easily understandable language, and tested with a focus group to ascertain that the information included is understandable for the target group. Good Practice B.6 Advertising and Sales Materials a. Non-bank credit institutions should ensure that their advertising and sales materials and procedures do not mislead customers. b. All advertising and sales materials should be easily readable and understandable by the general public. c. Non-bank credit institutions should be legally responsible for all statements made in advertising and sales materials (i.e. be subject to the penalties under the law for making any false or misleading statements). Description a. The Consumer Protection Law establishes in Art. 6 e) as a basic right of a consumer to be protected against misleading sales practices and advertisement. Art. 35 -37 prohibit any misleading, abusive or comparative information. Furthermore, the compiled regulatory framework for financial cooperatives establishes in Art. 2.6 as basic rules for official communications and advertisement that (i) the date of the displayed financial and institutional information and the official name of the cooperative should be provided, (ii) annual nominal and effective interest rates should be used when providing this information, and (iii) the official communications and advertisement material should not be in violation of provisions of the Consumer Protection Law and – once issued by INCOOP – on Deposit Insurance. While these provisions establish the basis, they are not sufficient to establish that the consumer is provided with adequate and holistic information on a product (see also B2 and B5). b. None of the laws and regulations provide as requirement that advertising and sales materials should be easily readable and understandable. The only indication in this direction derives from Art. 6 of the Consumer Protection Law, according to which the consumer has the right to receive “adequate” education and information about the features of the products and services offered, ensuring the liberty to decide and fairness in the contracts. c. The Consumer Protection Law includes a section on sanctions to be issued for non-compliance with the provisions of the law. The sanctions can be issued by the judge / court to whose attention the infraction was brought. The sanctions specified in the Consumer Protection Law range from fines to be paid by the non- compliant entity, to prohibiting the sales of the product and finally to the temporary closing of a business. There is no explicit mention or referral to other laws that would allow the client to get indemnified for any negative consequences of the misleading information. Furthermore, Art. 2.6 c of the compiled regulatory framework for financial cooperatives mandates that a financial cooperatives needs to rectify in the same communication media any erroneous information that it provided. The provision also fails to make the cooperative accountable for any damages caused by the misleading/false information and does not provide a timeframe for this rectification. The actual implementation and enforcement of these rules is questionable. As mentioned in Section A, both INCOOP and SEDECO have limited capacity to actively supervise and address consumer protection regulations and issues. The imposition of sanctions and mandating of remedial action thus mostly hinges on information on malpractices brought forward by clients. The mission did not learn of any cases of sanctions or court decisions taken to remedy misleading or false advertisement. Recommendation 1. INCOOP should incorporate into its regulatory framework (i) a clear prohibition of issuing misleading/false information, (ii) a timeframe for rectifying mistakenly issued misleading/false information, (iii) a requirement to use of easily understandable language in sales material and public communication on products, and (iv) a right for members of cooperatives to get indemnified / withdraw from the contract if the decision was based on misleading or incomplete information. When using agents to distribute financial products, the financial cooperative should also be accountable for misleading information on the product provided by the agent. 2. SEDECO and INCOOP need to step up the supervision of sales and advertising material to actively prevent misleading and incomplete information. To be cost effective, INCOOP and SEDECO should coordinate their efforts, and use, where appropriate, tools such as mystery shopping and sampling to monitor actual compliance. 3. As part of financial education campaigns, SEDECO and INCOOP should communicate to consumers that (i) they have the right to receive clear and understandable information on products and their core features prior to the purchase / signing of the contract, and (ii) where they can file a complaint /report non-compliance. Good Practice B.7 General Practices Specific rules on disclosure and sales practices should be included in the non-bank credit institutions’ code of conduct and monitored by the relevant supervisory authority. Description As discussed under Good Practice A.2., no sector wide code of conduct is in place, and only a few cooperatives have issued such as code. Recommendation In case a code of conduct will be introduced by the sector, consideration should be given to incorporate specific rules for the disclosure and sales practices. The rules should establish as guiding principle the provision of honest, clear and understandable information in public information material, and to abstain from abusive sales practices. Good Practice B.8 Disclosure of Financial Situation a. The relevant supervisory authority should publish annual public reports on the development, health, strength and penetration of the non-bank credit institutions, either as a special report or as part of the disclosure and accountability requirements under the law that governs these. b. Non-bank credit institutions should be required to disclose their financial information to enable the general public to form an opinion regarding the financial viability of the institution. Description a. Art. 117 (General Law on Cooperatives) and Art. 5 q (Law 2157 on INCOOP) assign INCOOP as entity in charge of regularly organizing and publishing statistics and information on the sector. Furthermore, the compiled regulatory framework for financial cooperatives introduced via Resolution 11323/13 the requirement to have the financial accounts audited on an annual basis, and as periodicity for sharing financial information mandates that Type A entities report monthly, Type B quarterly, and small Type C entities once a year. Prior to this, the available information, in particular from the smaller entities, was mostly self-reported information. Art. 12.10 of the compiled framework states that INCOOP will publicize financial indicators on the sector on its webpage. In practice, publicly available information on the sector continues to be scarce. INCOOP has some data on the larger entities for 2011 and earlier on its website, but more recent information is only available upon request. Although INCOOP does have the statistical information, they currently do not publicly release it. Even CONPACOOP, the only confederation of the sector, has no access to updated information from INCOOP. To bridge the information gap, CONPACOOP carried out a census of the sector in 2012, which has become the main and most reliable public source of information on the sector. CONPACOOP is also considering putting in place a voluntary data platform into which the sector entities can report, and which it will make regularly available to alleviate the current dearth of publicly available information. b. Art. 12.10 of the compiled regulatory framework for financial cooperatives regulates the publication of the financial statements and the audit reports. The publication is differentiated by size of entity. Type A entities having to publish their financial statements in a national newspaper or written media for at least one day, and also have to make the information available in the branches for at least 30 days. For Type B and C cooperatives, only the publication in branches is required. Adherence to this publication requirement was observed during the mission. Recommendation 1. It is paramount that INCOOP adheres to the legal requirement to provide the general public with updated and relevant financial and statistical data of the financial and economic situation of the cooperative sector in Paraguay. Special attention should be placed in the publication on cooperatives involved in financial intermediation, and in particular on Type A cooperatives, which due to their assets and number of members are of systemic importance. 2. INCOOP should also consider issuing an annual report on financial cooperatives, in which it analyzes the overall evolution and financial situation of the financial cooperative sector. Furthermore, BCP and INCOOP should strengthen their collaboration to ascertain that the activities of financial cooperatives are regularly reflected in BCP’s reports on the financial sector in Paraguay. 3. Consideration should also be given to mandate at a minimum Type A and B cooperatives to have their audited financial statements available on their websites. SECTION C CUSTOMER ACCOUNT HANDLING AND MAINTENANCE Good Practice C.1 Statements a. Unless a non-bank credit institution receives a customer’s prior signed authorization to the contrary, the non-bank credit institution should issue, and provide the customer with, a monthly statement regarding every account the non-bank credit institution operates for the customer. b. Each such statement should: (i) set out all transactions concerning the account during the period covered by the statement; and (ii) provide details of the interest rate(s) applied to the account during the period covered by the statement. c. Each credit card statement should set out the minimum payment required and the total interest cost that will accrue, if the cardholder makes only the required minimum payment. d. Each mortgage or other loan account statement should clearly indicate the amount paid during the period covered by the statement, the total outstanding amount still owing, the allocation of payment to the principal and interest and, if applicable, the up-to-date accrual of taxes paid. e. A non-bank credit institution should notify a customer of long periods of inactivity of any account of the customer and provide reasonable final notice in writing to the customer if the funds are to be transferred to the government. f. When a customer signs up for paperless statements, such statements should be in an easy-to-read and readily understandable format. Description a, b, d, and f. There is no requirement to provide members with monthly or periodic account statements for deposits or credits, whether in paper or electronically. The Civil Code only covers bank deposits, so does not formally apply to cooperatives. The regulatory framework applicable to cooperatives does not include any provisions pertaining to account statements:  Art. 9.1 of the compiled regulatory framework for financial cooperatives gives cooperatives the right to independently determine the type of documentation they want to provide to their members. Type A and B entities should determine in their Manual on savings products the form of documentation to be used, while Type C cooperatives only need to determine the basic conditions and characteristics of savings products, and put in place schemes to ascertain the security of the information of the deposit accounts. Art. 9.1. d. also mandates that a contract has to be signed for term deposits, and Art. 9.1. c. states that for savings written documentation on the available balance and undertaken transactions has to be provided to the member. Furthermore, the cooperative is required through Art. 9.1 f to provide the member “at any moment” with the account statement or other account information that it deems adequate. These provisions appear sufficient for simple savings products that require physical presence for each transaction. In those cases, a savings book would be for example sufficient to record all the undertaken transactions and balances and no periodic additional information would be needed. However, for savings products such as current accounts, which are linked to a debit card or other forms of electronic payments and which are offered by a number of cooperatives, the lack of specificity of information to be included as well as the frequency in which the statements are to be provided to the account holder is limiting. This leaves INCOOP with limited power to mandate changes if the cooperative’s savings manual does not foresee adequate transparency towards the member.  The regulations also do not cover any form of account statement to be provided to the member for credit products. Art. 5.7 n of the compiled regulator y framework only establishes that the cooperative’s internal files should reflect repayments made and the distribution of the payment towards outstanding debt, interest as well as other charges. Payments are first to be credited towards costs for extrajudicial enforcement, penalty interest rates, fees and other outstanding interest payments, with only the remaining funds to be credited towards the outstanding principle (Art. 5.7 m). If the cooperative is to work with promissory notes to establish the credit obligation (which seems to be standard practice), resolution 6587/10 mandates that the note is to include basic information on the nominal amount, due date and location of payment (see also B5). This practice, together with the absence of a requirement to provide written documentation or periodic account statement to the client, leaves the client however with limited proof of payments made, and limits his possibility to verify adequate crediting towards outstanding balances as well as costs levied on the credit over time. c. According to the compiled legal framework for financial cooperatives, Type A and B cooperatives can issue credit cards. Cooperatives are among the largest issuer of these instruments in the market, with over 3 million debit and credit cards provided by the sector (INCOOP data as of 2013). Despite the size of the market, the regulatory framework does not detail any particular provisions on credit cards, including on the issuance of periodic account statements. SEDECO, in its function of regulating and supervising implementation of the Consumer Protection Law, has recently initiated work on a law on credit cards, with the aim of introducing a number of provisions to protect the consumer and increase transparency in the market. The project is currently debated in a working group in Congress and with stakeholders. The law would apply to all financial entities that provide credit cards to their clients, so also apply to cooperatives. It is contemplated to include a provision to grant the account holder online access in real time to verify the utilization of the card and outstanding balances. e. The applicable regulations do not cover inactive accounts. Recommendation 1. INCOOP should introduce a firm requirement for cooperatives to provide periodic account statements, ideally free of charge, to members with deposit accounts and outstanding loans, and should regulate minimum information requirements for those statements. 2. With respect to credit cards, rules for the issuance of a periodic statement should be established for cooperatives (as for banks and other financial intermediaries). They should (i) cover the periodicity and form in which the statements are to be provided to the user, and also include a choice for the client to receive the statement in paper format, as not all clients have access to the internet, (ii) mandate inclusion of all transactions concerning the account during the period covered by the statement; (iii) the incorporation of details on the interest rate(s) applied to the account during the period covered by the statement; as well as (iv) information on minimum payment required and the total interest cost that will accrue, if the cardholder makes only the required minimum payment. Good Practice C.2 Notification of Changes in Interest Rates and Non-Interest Charges a. A customer of a non-bank credit institution should be notified in writing by the non-bank credit institution of any change in: (i) the interest rate to be paid or charged on any account of the customer as soon as possible; and (ii) a non-interest charge on any account of the customer a reasonable period in advance of the effective date of the change. b. If the revised terms are not acceptable to the customer, he or she should have the right to exit the contract without penalty, provided such right is exercised within a reasonable period. c. The non-bank credit institution should inform the customer of the foregoing right whenever a notice of change under paragraph a. is made by the institution. Description a. According to the applicable framework, no changes in interest rate are permissible during an ongoing and current credit contract. The Board of each cooperative is in charge of determining and updating the interest rates and commissions for both passive and active side transactions. For credit transactions, Art. 5.7 i of the compiled regulatory framework mandates that the financial cooperative must keep their members informed about the currently applicable annual nominal and effective interest rate charged for credit transactions, as well as applicable interest rates and charges for overdue payments and other punitive fees. The interest rates, commissions and fees are to apply to all members alike. Art. 5.7 c, clarifies that the applicable interest rate for credit products is the official interest rate in force when the member applied for the credit. No interest on interest can be levied (Art. 5.7 d). Resolution 2212/06, Art. 2 further clarifies that the interest rates for a loan is the rate agreed upon at initiation of the credit, and is to be levied on the loan amount alone. The resolution also establishes limits for interest rates on overdue payments. The compiled regulatory framework also establishes procedures and rules for the extension, consolidation and refinancing of an existing credit. The rules are not explicit on permissible changes in interest rates. According to Art. 5.10 on changes in terms and conditions of existing credit contracts, the Board is to establish the procedures, subject to a number of provisions. These include, amongst others - Deferral of a tranche repayment: If a borrower, due to special circumstances, cannot repay an upcoming tranche, he/she must request an extension in writing, explaining the reasons. The credit in question must have had a solid prior repayment history, and the borrower has to pay at a minimum the overdue interest to get the extension approved. Only two extensions can be granted. - Extension of the maturity of the credit: Up to two rounds of changes of original the original contract can be accepted by the cooperative, if the request is made by the borrower in written at least two weeks prior the maturity of the next tranche, and the borrower is current in its obligation. - Two or more loans with sound repayment history can be consolidated into one credit operation with a new repayment plan. - for credits with overdue payments, a refinancing can be considered. For a refinancing, the borrower has to present a written request to the cooperative, and the cooperative has to base the decision on a fresh assessment of the repayment capacity of the client, the updating of all relevant information on the borrower, as well as were deemed necessary the provision of additional collateral. For deposits, no provisions on changes in interest rates and fess are incorporated in the regulatory framework. b, and c. not applicable Recommendation 1. In tandem with recommendations made under B.1 (information on products) and B.5 (key fact statements), INCOOP should regulate supply side driven changes of interest rates during contract implementation. This should include the borrower’s and depositor’s explicit right to receive timely and easily understandable information on the upcoming changes, and an explicit right for the members to exit the contract without penalty within a reasonable period after introduction of the changes in terms and conditions. 2. If a sector-wide code of conduct is to be introduced, the obligation to inform the customer of any change in the terms and conditions should be included. Good Practice C.3 Customer Records a. A non-bank credit institution should maintain up-to-date records in respect of each customer of the non-bank credit institution that contain the following: (i) a copy of all documents required to identify the customer and provide the customer’s profile; (ii) the customer’s address, telephone number and all other customer contact details; (iii) any information or document in connection with the customer that has been prepared in compliance with any statute, regulation or code of conduct; (iv) details of all products and services provided by the non-bank credit institution to the customer; (v) a copy of all correspondence from the customer to the non-bank credit institution and vice-versa and details of any other information provided to the customer in relation to any product or service offered or provided to the customer; (vi) all documents and applications of the non-bank credit institution completed, signed and submitted to the non-bank credit institution by the customer; (vii) a copy of all original documents submitted by the customer in support of an application by the customer for the provision of a product or service by the non-bank credit institution; and (viii) any other relevant information concerning the customer. b. A law or regulation should provide the minimum permissible period for retaining all such records and, throughout this period, the customer should be provided ready free access to all such records. Description a. The compiled regulatory framework for financial cooperatives establishes clear rules and minimum standards for member records to be kept. Art. 5.12 states that cooperatives should maintain a credit file on each borrower, which is to include at a minimum:  A formal ID or document to establish the identity of the applicant, and if applicable, those of the co-borrowers and providers of guarantees.  the (written) credit application.  documents and proof of income used to establish the income of a borrower (wage settlement, tax return, among other).  report or document that reflects the analysis of the client’s repayment capacity and decision on the approval or rejection of the credit application.  report issued by the Credit Register (Central de Riesgos) of INCOOP and/or other agencies providing credit risk information, with which the cooperative has a contract.  Invoice or proof of basic service (water or electricity) for the provided address of each signer, or a certificate of residence or equivalent document.  Appraisal of the collateral, if applicable.  Insurance coverage for the collateral provided to the cooperative or central cooperative, if requested.  Copy of the document that establishes or registers the guarantee, if applicable.  The article also permits the digitalization, with each cooperative having the possibility to use the of digitalization method it has at its disposition. For savings, no specific documentation requirements other than the availability of a written contract (Art. 9.1. d) are provided. Art. 9.1 h clarifies that each savings product should have the documentation determined in the savings manual (Art. 9.1a) and be in line with the general provisions of the Law on Cooperatives (Law 438/94) and its regulation No 14052/96. For the largest depositors, Art. 9.3. of the compiled regulatory framework required that the financial cooperative  can identify the member, including his membership number and length of affiliation with the cooperative  the number on the formal ID of the member  actual information on the members’ address, and available telephone numbers  the RUC (tax identification number), if the member is registered  as well as the amount of savings held at the cooperative. The requirement is applicable to the 50 largest depositors for Type A cooperatives, the 20 largest for Type B cooperatives, and the 10 largest for Type C cooperatives. Furthermore, the cooperatives have to adhere to the anti-money laundering reporting limits established by SEPRELAD, implying that the cooperative has to be in compliance with the know your customer information requirements of SEPRELAD. The established threshold for reporting is higher for cooperatives, leaving them with a comparative administrative advantage compared to their competitors (banks and finance companies). With regard to membership records, Art. 24 of the Law on cooperatives (Law 438/94) establishes for individuals to be at least 18 years old, providing the required membership contribution (as stipulated in the cooperatives statutes), and fulfill additional requirements as specified in the social statutes of each cooperatives. This has to be documented in the records. For legal entities as members, Art. 25 of the general cooperative law also mandates that they are to be non-profit and with a social mandate. Art. 20 of the regulation of the Law (No 14052/96) specifies that INCOOP is to be provided with (i) a genuine copy of the decree or resolution that establishes the legal entity, (ii) a copy of the social statutes, as well as (iii) a copy reflecting the decision taken by the general assembly or other relevant organ to apply for membership in the cooperative. b. Article 12. 11 of the compiled regulatory framework for financial cooperatives set the minimum standards for the conservation of savings, credit and membership files. At a minimum, the files are to be stored for 5 years, and all cooperatives should at least have two different backups (written or digitalized) for each savings, credit and membership file, with adequate safety measures in place. There is no legal provision that gives the member access to the files. Recommendation The applicable legal framework largely follows good practice. However, the member should be given a periodic right to access his files to allow him / her to verify the included information. Good Practice C.4 Credit Cards a. There should be clear rules on the issuance of credit cards and related customer disclosure requirements. b. Non-bank credit institutions, as credit card issuers, should ensure that personalized disclosure requirements are made in all credit card offers, including fees and charges (including finance charges), credit limit, penalty interest rates and method of calculating the minimum monthly payment. c. Non-bank credit institutions should not be permitted to impose charges or fees on pre-approved credit cards that have not been accepted by the customer. d. Consumers should be given personalized minimum payment warnings on each monthly statement and the total interest costs that will accrue if the cardholder makes only the requested minimum payment. e. Among other things, the rules should also: (i) restrict or impose conditions on the issuance and marketing of credit cards to young adults (below age of 21) who have no independent means of income; (ii) require reasonable notice of changes in fees and interest rates increase; (iii) prevent the application of new higher penalty interest rates to the entire existing balance, including past purchases made at a lower interest rate; (iv) limit fees that can be imposed, such as those charged when consumers exceed their credit limits; (v) prohibit a practice called ―double-cycle billing‖ by which card issuers charge interest over two billing cycles rather than one; (vi) prevent credit card issuers from allocating monthly payments in ways that maximize interest charges to consumers; and (vii) limit up-front fees charged on sub-prime credit cards issued to individuals with bad credit. f. There should be clear rules on error resolution, reporting of unauthorized transactions and of stolen cards, with the ensuing liability of the customer being made clear to the customer prior to his or her acceptance of the credit card. g. Non-bank credit institutions and issuers should conduct consumer awareness programs on the misuse of credit cards, credit card over- indebtedness and prevention of fraud. Description The compiled regulatory framework for financial cooperatives permits Type A and B cooperatives to issue credit cards (Art. 2.2 k), after they have provided INCOOP with the respective bylaws. Furthermore, Resolution 1352/06 mandates that credit card issuing cooperatives report every two month to INCOOP updated information on charges and interest rates levied on each type of credit card they offer. The regulatory framework does not include other provisions pertaining to credit cards, and thus does not cover any of the above aspects. The absence of more specificity in the regulations limits INCOOP’s capacity to mandate changes and ascertain a minimum level of transparency and business conduct in the area of credit cards. It also leaves cooperatives without formal guidance on standards to follow. It is worth mentioning that Cooperatives have a considerable share in the Paraguayan credit card market. Cooperativa Binacional de Servicios Cabal LTD and Cooperativa Universitaria, two of the largest cooperatives in Paraguay share a credit card administrator and processor called Sistema Cabal de Tarjetas de Credito with more than 45 cooperative issuer entities and a network of more than 7,500 commercial retailers. Overall, over 3 million debit and credit cards are issued by cooperatives. There are some concerns nationwide on the lack of transparency and on abusive practices in the area of credit cards, including concerns about increasing over- indebtedness of clients due to credit cards. These concerns also involve cooperatives. One cooperative for example informed the client in the contract about applicable costs and fees, explains the information to be provided in the monthly statements, the minimum payment and its calculation, as well as procedures of notification in case of change in costs and fees. It also specifies that the place of residence of the account holder will determine the court in case of dispute. The fees and interest rates are displayed on the webpage, as is the model contract. However, the multitude of commissions and interest rates, as well as the fact that the interest rate is provided in monthly nominal terms, makes it difficult for the client to calculate the total costs for the credit card debt. Two other cooperatives, that offer credit cards, have no information on costs and commissions on their website, and only mention the percentage of the outstanding debt that needs to be paid as a minimum. The provided information is limited to the benefits, and minimum income requirements, without giving core information on costs and fees involved. As discussed under Good Practice C.1, SEDECO has recently initiated work on a law on credit cards, with the aim to increase transparency in the market and introduce core consumer protection provisions. The law would apply to all financial entities that provide credit cards to their clients, so also apply to financial cooperatives. As part of the law, considerations are given to include, for example, (i) a right of the client to disclosure and information; (ii) right to verify the account balance and account movements online; (iii) requirement to highlight in bold those contract clauses that implicate obligations for the client; (iv) limits on the debt collection (v) prohibition to make the blocking of a credit card contingent on the client’s ability to demonstrate that the card had been stolen or lost. The BCP, which houses the payment system group, will likely be the authority empowered to issue the necessary rules for the implementation of this law. The project is currently debated in a working group in Congress, and with stakeholders. Recommendation 1. Given the existing deficiencies in the legal and regulatory framework pertaining to credit cards, the initiative of SEDECO to introduce a law on credit cards and cover core consumer protection and transparency issues, is a welcome step in the right direction and applying to all financial intermediaries authorized to issue credit cards will help to establish market-wide transparency and a level playing field. For detailed recommendation on modifications of the suggested draft provisions see the banking assessment under C.5. Particular attention has to be place on the division of labor in actual oversight of the implementation of the law, to ascertain that BCP has the adequate power to also supervise cooperatives in the area of credit cards, or to clarify collaboration in this area. The human and technical capacity in the supervisory agency would have to be adjusted accordingly. 2. Once the law has been passed, INCOOP should assess whether additional provisions should be introduced in the dedicated legal framework for financial cooperatives to ascertain a solid level of transparency of fees, interest rates and procedures, and undermine abusive practices that emerge. 3. INCOOP should also start disclosing more information on the market of the cooperative’s credit cards. This should be facilitated by INCOOP’s new credit registry, which it recently launched. Good Practice C.5 Debt Recovery a. All non-bank credit institutions, agents of a non-bank credit institutions and third parties should be prohibited from employing any abusive debt collection practice against any customer of the non-bank credit institution, including the use of any false statement, any unfair practice or the giving of false credit information to others. b. The type of debt that can be collected on behalf of a non-bank credit institution, the person who can collect any such debt and the manner in which that debt can be collected should be indicated to the customer of the non-bank credit institution when the credit agreement giving rise to the debt is entered into between the non- bank credit institution and the customer. c. A debt collector should not contact any third party about a non-bank credit institution customer’s debt without informing that party of the debt collector’s right to do so; and (ii) the type of information that the debt collector is seeking. d. Where sale or transfer of debt without borrower consent is allowed by law, the borrower should be: (i) notified of the sale or transfer within a reasonable number of days; (ii) informed that the borrower remains obligated on the debt; and (iii) provided with information as to where to make payment, as well as the purchaser’s or transferee’s contact information. Description a, to c. The legal framework is deficient with regard to setting minimum standards and dispositions in the area of debt collection: The Consumer Protection Law does not have an explicit disposition on practices that are allowed or forbidden when collecting debt. However, Art. 29 on credit mandates that each credit contract should include information on the rights and obligations of each party in case of non-compliance with contract provisions. This would have to include information on procedures to be taken when the credit becomes overdue. A number of provisions of the compiled regulatory framework for financial cooperatives also pertain to debt collection. They focus more on informing the client about debt collection practices, but similar to above do not specify rules for debt collection practices:  Art. 5.9.h mandates that the credit contract includes a paragraph which gives the cooperative the right to sell the promissory note to a third party. The signature of the borrower thus pre-approves the sale.  Art. 5.13 on the availability of internal credit manuals requires that each cooperative has policies on the monitoring and recovery of outstanding debt in place. As mentioned above, it is not clear to what extend this information is being openly available to the member of a cooperative.  Finally, Art. 5.15 covers debt recovery in more depth. It establishes that financial cooperatives and central cooperative unions should perform all necessary administrative, judicial and legal procedure to recover loans through any lawful means and within the limits and the conditions stipulated by law. No further reference is provided to guide the reader to norms and regulations in this area, and the mission did not learn of any other relevant laws and regulations in place that establish rules for debt collection. Art. 5.15 explicitly allows the contracting of third parties for the recovery of debt, provided that they are not members or relatives of management, the Board, of any other committee of the cooperative, or are in any other formal economically related with the cooperative. While the regulation stipulates that the third party should render account at least every three month, there is not requirement to report on the methods used for recovery of debt by the third party. There is also not requirement to notify the borrower of the delegation of debt collection to a third party. d. Art. 524 of the Civil Code explicitly allows the sale of a debt to a third party, even without knowledge of the borrower. The Civil code however mandates notification of the borrower, specifying in Art. The forms of notification are specified in Art. 528, and include via notary, telegram and other “authentic” forms of notification. The compiled regulatory framework for financial cooperatives covers the sale of a loan portfolio in Art. 5.16, setting separate rules for the sale of loans that are current, and the sale of non-performing loans:  Financial cooperatives can sell performing loans in situations of illiquidity, but this requires prior authorization by INCOOP. The borrower has to be notified by the Board of this sale. For non-performing loans, no prior authorization of INCOOP is required, but the overdue amount has to be fully provisioned for. The sales price can also not be lower than the original loan amount net of provisions.  For the sale of non-performing loans, there is no explicit requirement to inform the borrower of the sale of his loan. However, the sale of the loan portfolio has to be reported as part of the financial statement, so that the General Assembly can take note of it. Bringing the sale of loans to the attention of the General Assembly allow this gremium to become a forum for discussion of observed practices of third parties, and thus introduces a first (but insufficient) element of consumer protection. According to information received in the field, the use of third party debt collectors and sale of loan portfolio is not yet widely used amongst cooperatives. Being member based, cooperatives are usually more reluctant to aggressively enforce debt, which is also reflected also in higher non-performing loans and limited write- offs undertaken. Also, there are no indication that cooperatives levy excessive fees for phone calls, overdue interest etc. as reporting in the assessment of banks and finance companies (see Good Practice C.8 of the banking sector assessment). However, with increasing competition from other formal financial institutions, there now seems to be more interest amongst cooperatives in working with third parties to recover or sell debt. There is some indication that existing third parties are using abusive enforcement practices, which would warrant to be brought under control. Recommendation 1. SEDECO, INCOOP, and BCP, should collaborate to assess options and introduce regulations that establishing rules on what constitutes abusive debt collection practices and set standards for permissible actions. This could e.g. include setting limits with regards to days and hours that a call or visit for collection purposes can be made, and the use of any false statement. 2. Furthermore, INCOOP should introduce into Art. 5.15. and 5.16 of the compiled regulatory framework for financial cooperatives a requirement to inform the borrower of the sale of the loan or the use of a third party for debt collection. Information on debt collection procedures should also be included in the contract, or - if introduced - in the key facts statement. 3. When working with third parties for debt collection, cooperatives should ascertain that the third party adheres to the debt collection practices established under recommendation 1. 4. In case a code of conduct is being introduced for the sector, CONPACOOP or the party supervising the adherence to the code should include in their general code of conduct an explicit section on debt collecting practices, and clarify applicable sanctions in case of non-compliance. SECTION D PRIVACY AND DATA PROTECTION Good Practice D.1 Confidentiality and Security of Customers’ Information a. The financial transactions of any customer of a non-bank credit institution should be kept confidential by the institution. b. The law should require non-bank credit institutions to ensure that they protect the confidentiality and security of personal data of their customers against any anticipated threats or hazards to the security or integrity of such information, and against unauthorized access. Description The compiled regulatory framework for financial cooperatives contemplates the confidentiality of the information of their members and clients: Disposition 2.5 “On the Confidentiality of Information” states that the cooperatives, cooperative central union, their leaders / managers, legal representatives, advisors and employees cannot provide information to third parties about savings and/or credit operations and its holders or beneficiaries, except  to the account holder / member himself and/or his/her legal representative,  INCOOP’s credit registry, or the entity in charge of operating it,  the external auditors hired by the cooperative, who are subject to the same confidentiality of information;  for statistical purposes, studies or academic information, with the requisite that only global and non-personalized information is passed on; and  to INCOOP, SEPRELAD and/or any other judicial authorities which explicitly request information under their legal jurisdiction, directly or through INCOOP. Furthermore, the general disposition of Art. 5.8 ‘On general norms for the Credit Committee” mandates that the credit committee respects and adheres to the rules on the confidentiality of information. For savings, Art. 9.1 establishes that cooperatives have to have adequate procedures and systems in place to ascertain the confidentiality of information. This is reconfirmed in Art. 12.11 on the keeping of records, which also contemplates that adequate measures to ascertain the confidentiality and security of the information are to be in place. Art. 12.8 sets the minimum standards for the operational systems used in Type A, B and C cooperatives. In addition, resolution 11859/14 on INCOOP’s Credit Registry refers to data privacy rules established by Laws 1682/01 and 1969/02, which cover general data privacy standards in Paraguay. However, there are no formal provision that cooperatives are to be held accountable for damages incurred to their members through a breach of security that is in the responsibility of the cooperative. Recommendation Provisions should be introduced in Art. 2.5 and 12.11 of the compiled regulatory framework for financial cooperatives, which stipulate that cooperatives are to be held accountable for damages incurred to a breach of security in their systems or for information passed on to parties other than those specified in Art. 2.5. Good Practice D.2 Credit Reporting i. Credit reporting should be subject to appropriate oversight, with sufficient enforcement authority. ii. The credit reporting system should have accurate, timely and sufficient data. The system should also maintain rigorous standards of security and reliability. iii. The overall legal and regulatory framework for the credit reporting system should be: (i) clear, predictable, non-discriminatory, proportionate and supportive of consumer rights; and (ii) supported by effective judicial or extrajudicial dispute resolution mechanisms. iv. Proportionate and supportive consumer rights should include the right of the consumer (i) to consent to information-sharing based upon the knowledge of the institution’s information-sharing practices; (ii) to access his or her credit report free of charge (at least once a year), subject to proper identification; (iii) to know about adverse action in credit decisions or less-than- optimal conditions/prices due to credit report information; (iv) to be informed about all inquiries within a period of time, such as six months; (v) to correct factually incorrect information or to have it deleted and to mark (flag) information that is in dispute; (vi) to reasonable retention periods of credit history; and (vii) to have information kept confidential and with sufficient security measures in place to prevent unauthorized access, misuse of data, or loss or destruction of data. v. The credit registers, regulator and associations of non-bank credit institutions should undertake campaigns to inform and educate the public on the rights of consumers in the above respects, as well as the consequences of a negative personal credit history. Description As of June 2014, Type A cooperatives are mandated to report credit information to the newly established Credit Registry in INCOOP (Resolution 11859/14). For Type B cooperatives, reporting will be compulsory as of January 2015, while no such provisions are yet in place for Type C cooperatives. In 2009 INCOOP issued the resolution for the Credit Registry Resolution 4238/09, which established the general framework for the development of a Credit Register. The resolution 11859/14 complements and modifies some of these guidelines. The new resolution mandates that all the cooperatives subject to the resolution implement the technological and procedural mechanisms to protect and secure the client’s information. They have to create clear rules and procedures for t he management and report to the new Credit Registry, including: (i) getting written consent of the borrower to have the information included in the credit registry, (ii) to safeguard the privacy of information, and (iii) to report on a monthly basis (five days after the end of each month) the credits to INCOOP. The resolution does not establish a mandate to provide the client access to his/her information to verify correctness or discusses procedures to rectify incorrect information. Procedures for correcting errors in the Credit Registry remain to be tested. For an assessment of private credit bureaus and their legal framework, see Good Practice D.4. Recommendation 1. INCOOP should also establish a deadline by which Type C cooperatives are to report to and use the Credit Registry, and set basic standards for reporting of Type C entities attuned to the size and technical capacities of these small entities. According to information received during the mission, the Credit Registry’s IT system would already have the capacity to handle this larger amount of information. Counting with holistic information on credit provided within the cooperative system would be important to get a better market overview and help reduce the currently elevated costs for establishing outstanding debt of a prospective borrower. 2. As recommended in Section B1 for banks, efforts should be made to facilitate exchange of information and collaboration between the Credit Registry of the BCP, into which banks and finance companies report, and the new Credit Registry of Cooperatives. This would greatly reduce fragmentation in market information, and help prevent over-indebtedness of clients.. 3. Once first experiences with the data correction processes in the Credit Registry have been made, INCOOP should assess the processes for effectiveness and efficiency, and ascertain that members have easy access to the registry to verify the correctness of the information. SECTION E DISPUTE RESOLUTION MECHANISM Good Practice E.1 Internal Complaints Procedure Complaint resolution procedures should be included in the non-bank credit institutions’ code of conduct and monitored by the supervisory authority. Description The compiled regulatory framework for financial cooperatives contemplates a number of general clauses on dispute resolution:  Under Art. 5.8, the Credit Committee is responsible for addressing complaints and comments submitted in the area of credits, which were presented by members.  General complaints, or credit related issue that were not satisfactorily addressed by the Credit Committee, can be presented to the Board (Resolution 14052/96, Art. 79) or to the Supervisory Board (General Law of Cooperatives 438/94, Art. 29 e and 76 h). While these regulations establish internal channels for voicing complaints, there are no clear guidelines or minimum standards in place for receiving and processing member complaints, or periodically informing management or the Board of the complaints and to keep statistics on them. As a result, there are usually no records and reports of these complaints available in the cooperatives. As mentioned before, few cooperatives have a code of conduct in place, and there is no sector wide code. One of the visited cooperatives has established minimum procedures for collecting claims, attending them on a timely basis, and recording and reporting them to the Supervisory Board. Information received during the missions however indicates that this is not a generalized standard in the sector. Recommendation 1. INCOOP should introduce a requirement into the regulatory framework to have internal complaints mechanism in place. This should cover (i) formal procedures and channels for receiving and processing complaints, (ii) maximum timelines for processing and resolving complaints, (iii) the keeping of records on them. The management and Board of a cooperative should regularly receive and analyze this information, and INCOOP should also receive basic information on the areas and number of complaints received. INCOOP and CONPACOOP could establish a working group to determine these basic guidelines or codes of conduct for a minimum standard on claim management of the cooperative sector, and determine broad categories of classification of complaints to facilitate compilation of statistics. 2. Members should be informed about available internal complaints mechanisms and procedures. This could be established e.g. by introducing information in the contract or key fact statement for each product, and displaying visibly the information on dispute resolution mechanisms in the branches. Members should be informed about the main areas of complaints and number of complaints received as well as resolved during the General Assembly. Good Practice E.2 Formal Dispute Settlement Mechanisms a. A system should be in place that allows consumers to seek affordable and efficient third-party recourse, such as an ombudsman, in the event the complaint with the non-bank credit institution is not resolved to the consumer’s satisfaction in accordance with internal procedures. b. The role of an ombudsman or equivalent institution in dealing with consumer disputes should be made known to the public. c. The ombudsman or equivalent institution should be impartial and act independently from the appointing authority, the industry and the parties to the dispute. d. The decisions of the ombudsman or equivalent institution should be binding upon non-bank credit institutions. The mechanisms to ensure the enforcement of these decisions should be established and publicized. Description The legal framework establishes two external dispute resolution mechanisms for members of cooperatives:  General violations of the Consumer Protection Law can be brought to the attention of SEDECO. However, SEDECO is only initiating its operation, so does currently not have the capacity to handle many complaints. It also has no dedicated financial sector specialist in place. A similar situation occurred under its predecessor, the department within the MIC that was in charge of consumer protection and which lacked capacity to actually enforce the law and handle complaints.  The General Law on Cooperatives, in its Art. 29e, also contemplates that members can bring their complaint to the attention of INCOOP, if the cooperatives has been in breach with the legal and regulatory framework as well as the applicable social statutes of the respective cooperative. Some members make use of this mechanism, but in general this option is not widely advertised. Complaints received from individual members or from the management / Board of cooperatives are distributed to various departments within INCOOP, and not systemically tracked. As a result, no information on the complaints received, areas of concern and the suggested resolution is available as will be discussed below. The cooperative sector also does not have a system in place within the network or through their confederation or federations to provide in systematic way affordable and efficient third party recourse. Another instance could be from the consumer associations, but the mission did not learn of any successful broader initiative being in place. No Financial Ombudsman scheme operates in Paraguay. Recommendation It is paramount that a system is in place where members can seek affordable and efficient third-party recourse. Financial authorities and sector stakeholders should therefore jointly explore options for introducing a formal out of court dispute resolution mechanism. International experience suggests that an efficient mechanism for this could be an ombudsman scheme, whether launched as part of a public initiative or from within the sector. SECTION A CONSUMER PROTECTION INSTITUTIONS Good Practice A.1 Consumer Protection Regime The law should provide for clear rules on consumer protection in all matters of insurance and there should be adequate institutional arrangements for implementation and enforcement of consumer protection rules. a. There should be specific provisions in the law, which create an effective regime for the protection of retail consumers of insurance. b. The rules should prioritize a role for the private sector, including voluntary consumer organizations and self-regulatory organizations. Description Comprehensive protection of consumers in relation to insurance generally involves fair competition, prudential supervision and conduct of business rules. Fair competition requires a level playing field among insurance providers and choice for consumers. The main prudential issues include the solvency of the insurance company, the character of those who control it and the training of its staff. Conduct of business issues relate to how individual consumers are dealt with. (a) Legal framework In Paraguay, prudential and to a limited extent business conduct regulations are included in the Law of Insurance (ley 827/96). Conduct of business regulations are furthermore dealt with by general provisions in the Civil Code (Law 1183/85) and the Law of Defense of the Consumer and the User (Law 1334/98). These three laws are relatively general, e.g. they mandate that the text of the contracts be clear, readable and understandable for the client and that advertising should not be misleading. The only reference to the “needs and interest” of the insured is in Article 10 of the Resolution14/96 that creates the registry for agents, and mentions that agents must advise the individuals that seek insurance through them by offering the most convenient cover to their needs and interest. But there is no further regulation on what is meant by those very general terms, or the minimum content of any document that would give testimony of such procedures having taken place. The provisions of the laws do not present overlaps or conflicts with regard to their content, but lead to a certain duplication of offices in charge of consumer protection. The Law of Insurance (Article 61 e) establishes that the BCP-SIS is the supervisory authority for Insurers in all aspects of their activities, while the Law of Defense of the Consumer and the User (Article 40) establishes that the 9 This Section was prepared by Manuel Pereira. It covers those insurance companies that are formally under the supervision of the BCP-SIS. authorities to supervise actual implementation of the law are the Ministry of Industry and Commerce (MIC) and the Municipalities at the local level. The latter function has been recently transferred to the Secretary of Defense of the Consumer and User, SEDECO, which is an autonomous body linked to the MIC. Within the BCP-SIS, there is the Division for the Defense of the User of Insurance (DDUS) with a staff of four persons. The Resolution SS.SG. Nº 127/09 authorizes DDUS to request the collaboration of the MIC, but in practice this doesn’t seem to have led yet to any fluid coordination between both offices. Law of Insurance (Law 827) The Law of Insurance was enacted in December 1995. Articles 56 and 61 provide for the Central Bank of Paraguay (BCP), through the Superintendence of Insurance (SIS), to license and supervise insurers, insurance intermediaries (agents and brokers) and claim appraisers and settlers. Insurers operating in Paraguay must be either a corporation or a branch of a foreign insurer (Article 3). There are two types of licenses (Article 16): on one side those that cover losses from goods, provide guarantees and cover persons for short periods (basic and property or “non-life”) and on the other side life assurance companies (“life”). “Mixed insurers (insurers holding both licenses) are allowed. Furthermore, under a non-life license any insurer could offer life insurance products (individual or group) under the condition that the product does not require to hold mathematical reserves. This is the case when the cover period is one year or shorter (article 16.a). The minimum capital requirement amounts to 500.000 US$ per license on each of both groups of business (Article 17). The insurers can freely determine insurance premiums although the BCP-SIS controls if those premiums would be insufficient, abusive or arbitrarily discriminatory (Article 15). All the contracts and special clauses together with the corresponding rates, or their changes, must be filed at the SIS. Access to the registry of insurance contracts is open to the public (Article 61 h), but the information accessible through the Internet only provides the name of the insurance plans filed by each Insurer and the date it was approved. Certain types of insurance (like products involving lottery and those products providing pure financial guarantees) and tontine societies are prohibited (Article 13). In that regard, the insurance legislation in Paraguay is not different from what is established in many other countries. However, there are two types of services that in most countries are regulated and supervised by the respective Insurance Supervisor (at least on their financial and solvency aspects) and that are not covered in Paraguay by the BCP-SIS or any other supervisor of the financial sector (in that regard there are very few Countries, one of them being Argentina, with the same situation regarding these services). These are  Providers of funeral and burial services: in most of the cases they offer “pre-paid plans”, that imply collecting regular payments during a certain period, or while the “client” is alive. Upon the death of the person, the provider of funeral services takes care of the services defined in the contract. The amount of the payments frequently depends on the age of the “client”. This type of company doesn’t pay any indemnity but instead provides a service that is not necessarily based on a pre-paid arrangement. It seems that it has not been discussed whether the pre- paid contracts should be considered insurance and, consequently, should be regulated and supervised as such, or not. It is important to note however that the Law of Insurance in Paraguay establishes that Insurers should be dedicated to the insurance activity exclusively, and the main activity of this type of companies is not their pre-paid plans.  Providers of health care: these are entities that offer to their clients health care services in exchange of receiving a regular payment. There are different plans with different prices giving access to a larger or shorter list of diagnosis tests, treatments and other health care services. On October 26th 1999, the SIS issued the Resolution SS.RG Nº 008/99 creating the registry of the companies offering in Paraguay these services (the are known locally as “entidades de medicina pre-paga”) as it understood that these services are, on their financial aspects, similar to insurance. This Resolution was challenged at the Court and it is still pending a judicial decision. These entities still report exclusively to the Superintendency of Health. The BCP-SIS has the power to impose gradual sanctions that can even reach suspension for one year or withdrawal of license, but these sanctions relate to the obligations and conduct as defined in the Law of Insurance. The sanctions refer mainly to financial aspects or the use of contracts or premiums that have not been previously filed at the BCP-SIS (Article 112). The SIS main control activity is to make sure that the insurers’ solvency ratio is above the minimum required and that insurers are using contracts and premium rates that were previously filed and not objected by the BCP-SIS. Overall, the Law doesn’t cover a wide range of consumer protection issues. The only two main consumer protection issues that are explicitly mentioned in the law of Insurance refer to the insurance contracts (they must be clear, readable and understandable, Article 14) and the information provided in advertising material should be true and complete, and not be misleading (Article 129). The Law of Defense of the Consumer and User also refers to these two aspects in its chapters V and VIII. Insurance intermediaries (agents and brokers) must be registered at the SIS. To get registered, they must obtain a specific university degree and fulfill certain preconditions set by law (Article 74). Every two years, the registration has to be renewed, and the agent is required to have dedicated at least 20 hours to courses or sessions of professional development. Claim settlers are also required to register at the SIS, but no special qualifications are mentioned specifically for that purpose. Civil Code (Law 1183/85) The Civil Code contains general provisions on contracts and in Chapter XXIV and XXV (Articles 1546 to 1695) also specific provisions for insurance contracts. Insurance has to take the form of a contract between the parties. As in most jurisdictions with a special section of the Civil Code dedicated to insurance contracts, in Paraguay the Civil Code provisions tend to regulate when an insurance contract is valid and under which circumstances it could be cancelled by each party, or claimed as null and void. It does not regulate transparency, disclosure or other matters related to consumer protection. Law of Defense of the Consumer and the User (Law 1334/98) This Law was adopted in 1998. It establishes the basic rights of the Consumer regarding services as well as goods and works. This Law doesn’t explicitly mention insurance but rules in chapter V (contracts) and chapter VIII (advertising) are directly applicable to these types of services. The rights of the consumer recognized by that law cannot be rejected, traded or limited, and they are recognized to be above any other legal rule, custom, practice or statement that may contradict them Article 2). Consumers are entitled to freedom of choice and to receive education on the characteristics of the products and services offered in the market. (b) Role of the Private Sector Consumers are entitled to form consumers associations. The right to form associations is a universal right recognized in the Constitution of Paraguay and in several other laws. The legislation on consumer protection explicitly mentions that one of the “fundamental rights” of the consumer in Paraguay is the right to create consumer associations to defend and represent the rights of consumers. There are several associations of consumers, but none of these associations is active in the field of insurance or in the financial sector per se. The most active is ASUCOP (“Asociación de Usuarios y Consumidores del Paraguay ”), which was created in 1998 (via Decree 7213/00) to promote sustainable consumption and protect and defend of the rights of consumers. It operates mainly through facilitation of information and launching consciousness campaigns. There is one insurers’ association (“Asociación Paraguaya de Compañías de Seguros”) and two associations of insurance brokers and agents (“Asociación de Productores de Seguros del Paraguay” and “Federación Paraguaya de Productores y Corredores de Seguros ”) and one association of insurance claims settlers (“Asociación de Liquidadores de Siniestros”). None of these organizations are acting as self-regulatory bodies in their respective field within the insurance sector. They possibly have the technical capacity, with the assistance of the SIS, to create their own codes of conduct, but it is questionable whether they would be legally empowered to enforce them. The Law of Insurance establishes in its Article 62 the “ Consejo Consultivo del Seguro” as an advisory body on the draft regulation and other matters that the BCP-SIS could decide. The associations of insurers, agents and claim settlers are all represented in this consultative group. Recommendation 1. The BCP-SIS counts with the necessary legal powers to set conduct-of- business rules, but does not have a formal mandate to regulate and supervise consumer protection issues. Consideration should be given to introduce this formal mandate for insurance companies via the Consumer Protection Law and / or the BCP’s organic law. 2. The BCP-SIS should develop a more detailed and comprehensive framework for business conduct, which should include rules on complaint handling, “Know Your Client” processes, mis-selling of products, etc. The rules should apply to insurers, intermediaries (agents and brokers) and other professionals within the insurance sector. For this task, the BCP-SIS should seek participation of the insurance industry through the insurers association as well as all the professional bodies related to the insurance sector (agents, brokers and claim appraisers and settlers), but they should take into account also the opinion of the consumers’ associations. Information on this framework should be incorporated automatically into every insurance contract to raise consumers’ awareness of it s existence and their rights and, at the same time, to reinforce the legal application of these provisions as they would become also a “contractual condition”. 3. SIS should monitor compliance with the conduct of business rules and impose sanctions in the event of non-compliance. For this, a standardized approach should be developed, adequate resources allocated for actual supervision and enforcements, and capacity building provided to staff. 4. Sector stakeholders like the Paraguayan Association of Insurance Companies (APCS) should develop self-regulations on different matters of the activities of its members in order to raise the profile of insurance activity in Paraguay and promote the adherence to good practices of consumer protection from within the sector. The self-regulations should be in line with the regulations established by BCP-SIS. 5. Paraguayan authorities should take a clear decision on what is considered an insurance service to be subject to the financial and solvency supervision by the SIS. This affects mainly the services offered by the health care institutions under the name of “medicina pre-paga” which is pending a Court decision since many years ago (1999) and by the providers of funeral and burial services when the offer plans for the pre-payment of their services. Good Practice A.2 Contracts There should be a specialized insurance contracts section in the general insurance or contracts law, or ideally a separate Insurance Contracts Act. This should specify the information exchange and disclosure requirements specific to the insurance sector, the basic rights and obligations of the insurer and the retail policyholder and allow for any asymmetries of negotiating power or access to information. Description Ideally, “Business to Consumer” (B2C) contract regulation should specify clearly: (i) the minimal contents of an insurance contract, differentiated by the fundamental nature of the cover (long term, liability, property, etc.), (ii) when the contract goes into force, (iii) when underinsurance justifies the application of the reduction through the “proportional rule”, (iv) notifications requirements when an insurer wishes to cancel or alter a contract, (v) how contracts will be interpreted in the event of dispute, (vi) minimal requirements regarding the use of plain words, typeface, etc., and (vii) what clauses may not be included (for example compulsory arbitration on the insurer’s terms, etc.). As in some other Countries (e.g. Turkey, Italy), Paraguay does not have a specialized insurance contracts section in the general insurance or contracts law, nor a separate Insurance Contracts Act that determines the information exchange and disclosure requirements specific to the insurance sector. Paraguay is among the Countries where the development of the commercial and industrial insurance preceded the development of the consumer (retail) insurance market. As a result, the corpus of the insurance law doesn’t yet adequately cover B2C. However, there is a separate section of the Civil Code that specifically regulates the basic rights and obligations of the insurer and the retail policyholder, and to which the Law on Insurances directly refers. Furthermore, the Law of Insurance, in its Article 61, empowers the BCP-SIS to establish the minimum content of the insurance contracts (paragraph h) and the disclosure of information from financial statements of assets and liabilities (paragraph k). While the regulatory framework for insurance contracts in Paraguay touches upon some of these issues, the regulations continue to be deficient. One example is the case of Group Life Insurance Contracts linked to loans, which have become very frequent in Paraguay. The Contract is signed between the Insurance Company and the Bank (or the financial institution providing the loan), so does not directly involve the insured, which is the client of the financial institution receiving the loan. Regardless of the content and completeness of that insurance contract which affects the two parties that sign it (the Insurer and the financial institution), the important matter is that the insured is neither properly informed about the terms of this insurance contract (often he is not even aware of its existence) nor about the cost that he is being charged for it. To remedy this gap in information and transparency, the BCP recently issued minimal information requirements for credit card loans, mandating that the credit card holder should receive information on the cost of insurance through the monthly statements. No such regulation exists for the other loans. Other provisions, which are included in the Consumer Protection Law or in the Civil Code, (e.g. prohibiting bundling of products, and mandating contracts to be in clear language) are too general in nature and would have to be specified and incorporated into the legal and regulatory framework issued by BCP-SIS to be applicable and enforceable. Finally, the established rules and regulations also do not achieve their desired effect, as there is limited consumer awareness of the restrictions and special clauses established in their insurance contracts. Recommendation 1. The BCP-SIS should use the mandate given to it by the Article 61 (especially paragraphs h and k) to set minimum standards for insurance contracts, and regulate further the information exchange and disclosure requirements specific to the insurance sector. 2. It is also important to revise Article 14, which stipulates that insurance contracts should be written in a clear form and printed in an easily readable format. The interpretation of this “clear and understandable” stat ement should factor in the capacity of the consumer to read and understand the contract that he is signing. Good Practice A.3 Codes of Conduct for Insurers a. There should be a principles-based code of conduct for insurers that is devised in consultation with the insurance industry and with relevant consumer associations, and that is monitored and enforced by a statutory agency or an effective self-regulatory agency. b. If a principles-based code of conduct exists, insurers should publicize and disseminate it to the general public through appropriate means. c. The principles-based code should be augmented by voluntary codes for insurers on such matters specific to insurance products or channels. d. Every such voluntary code should likewise be publicized and disseminated. Description There is no insurance code of conduct in Paraguay. Recommendation A Code of Conduct should be developed in broad consultations with the industry. It should include:  For sales and distribution of insurance products: fairness, completeness and clarity of promotional material, pre-contractual information and ”key facts”.  Measures to control insurance intermediation arrangements and the use, training, remuneration and control of agents. This should also include disclosure to the consumer of the status of any intermediary and related information (e.g. Amount of commission paid, checking the appropriateness of the policy, giving a ‘cooling-off’ period, etc.).  Information on renewal and changes in the contract.  For insurance claims: provision of clear written details on the procedures to be followed in the event of an insurance claim, prohibiting rejection of a claim for non-disclosure that is not material, or which arose from lack of clarity in the insurer’s questions for the underwriting process.  With regard to complaints (including any dissatisfaction with the handling of a claim): provision of clear written details on the processes to be used, the obligation for insurers to deal fairly, effectively and promptly with any complaint, adequate notice to consumers of the existence of the complaints process and how to access it, appointment of a suitable person/department to deal independently with complaints and to keep records of this, as well as time limits for giving the consumer a full written response. Good Practice A.4 Other Institutional Arrangements a. Prudential supervision and consumer protection can be placed in separate agencies or lodged in a single institution, but allocation of resources between prudential supervision and consumer protection should be adequate to enable the effective implementation of consumer protection rules. b. The judicial system should provide credibility to the enforcement of the rules on financial consumer protection. c. The media and consumer associations should play an active role in promoting consumer protection in the area of insurance. Description a. Prudential Supervision and Consumer Protection Prudential supervision and market conduct regulations are assigned to the BCP- SIS. The BCP-SIS has a Division for the Defense of the User of Insurance (División de Defensa al Usuario de Seguros). This office counts with a staff of four persons formally mapped to it and provides some technical and legal advice to the users that approach it as well as supports the BCP-SIS in its general supervision process. It has no authority to also verify adherence to the framework of the Consumer Protection Law (Law 1334/98). The on-site inspection of insurance companies can include the assistance of the DDUS but there are no clear written processes of what that verification should comprehend in the area of consumer protection / business conduct. The BCP-SIS issued on October 28th 2009 the Regulation SS.SG. Nº 127/09, which includes a standard form to submit to the SIS any complaint in the cases where an insurer doesn’t attend properly a claim. This however doesn’t seem to be fully implemented:  The standard form to file complaints is not easily accessible to the consumers (it cannot be found on the BCP web site, nor on the internet, the insurer’s websites nor in the site of any association related to the insurance sector).  Even though the regulation establishes that the DDUS has to submit a report of its actions every six months, there are no statistics on the complaints submitted to the DDUS.  For different causes, there is no fluid and effective coordination between the DDUS and the MIC (now SEDECO).  On the premises of visited insurers, no poster or signs were visible that explained the process to follow to submit complaints to the DDUS and referring to the official form to fill for that purpose. The Secretariat for Consumer Protection (SEDECO) has the authority in the areas of consumer protection defined by the Law 1334/98. This includes insurance, but SEDECO doesn’t have the resources nor the expertise to deal with financial product related complaints. However, if it observes a breach of the law on consumer protection by any insurer it would have the power to impose a penalty. b. Judicial system Final decisions on disputes relating to insurance issues are to be resolved in the Courts, but these don’t consider yet concepts such as “mis -selling” of an insurance product. This concept is not clearly defined in any of the laws regulating insurance. The only reference that the mission team found was Resolution 14/96, Article 10 that includes among the obligations of agents and brokers to provide advice to their clients, and to offer them the most convenient coverage for their needs and interest. c. Media and consumer associations Printed media report from time to time cases regarding different types of consumer protection issues, but these seldom involve insurance, except for a recent conflict involving group life insurance bundled with credit cards and consumer loans. The consumer association ASUCOP was involved in the campaign against abusive group life premium rates applied for some group life insurance linked to consumer loans. Recommendation 1. As a first step, the BCP-SIS, in coordination with SEDECO, should fully implement Regulation SS.SG. Nº 127/009 and ascertain that the information on the complaints process at the BCP-SIS is made publicly available. 2. A comprehensive program of on-site inspection specific for the verification of the consumer protection measures adopted by insurers, agents and brokers should be defined, formally documented and executed. SEDECO’s participation would also be advisable in the process, at least in its definition phase. Good Practice A.5 Bundling and Tying Clauses Whenever an insurer contracts with a merchant or credit grantor (including banks and leasing companies) as a distribution channel for its contracts, no bundling (including enforcing adhesion to what is legally a single contract), tying or other exclusionary dealings should take place without the consumer being advised and able to opt out Description Bundling and tying of insurance cover to other contracts is not clearly prohibited. Article 14 of the Law on Defense of the Consumer and User establishes that the sale of a product or service cannot be conditional to the purchase of another product or service, unless the usage or the nature of the product or service make that they are offered as a “package”. This wording leaves room for interpretation. th On April 27 , 2000 the BCP authorized banks and finance companies to act as insurance brokers, subject to the Law of Insurance (Act 49, Resolution Nº 9 of th the Board of the BCP). On October 10 , 2000 the BCP-SIS Regulation SS.RG. Nº 03/00 opened the register to banks and finance companies that wished to become registered as insurance brokers. These entities have the obligation to create a department specialized as “insurance broker”, staffed with personnel that should pass the same type of examinations on knowledge and technical training than those required to register as an insurance agent. This regulation specifically forbids banks and finance companies to use exclusively one insurance company, or not to respect the right of their clients to freely choose their agent or broker. Banks and finance companies are obliged to include in the written insurance proposals to their clients a note referring to their freedom of choice of insurance agent and of insurer, in accordance with Article 6 of the law of Defense of the Consumer and the User. Finally, this regulation bans any clause that may imply a tacit acceptance of the proposed insurance, as well as conditioning the sale of a product or service to the purchase of another product or service. However, it also introduces the same exception as specified in Article 14 of the law on Defense of the Consumer and User, namely that they are offered as a package due to custom, usage or nature of the product or service. In practice, bundling of life insurance (using group life contracts) with loans has been and still is standard practice. This creates clear situations of conflict of interest. Banks and finance companies receive very high commissions for their brokerage services, which are passed on through very high premiums to their client. The client has no freedom of choice of the insurance contract when applying for a loan, so cannot choose the insurance that best suits him and is the most affordable. To stem this widespread practice, the BCP introduced detailed transparency rules on the cost of insurance to be disclosed to the consumers, and the BCP-SIS issued a specific regulation (Regulation SS.SG. N° 45/13) introducing a maximum commission of 30% on the premium in the case of life insurance. This maximum commission was introduced to mitigate the observed market abuses in the case of group life insurance linked to consumer and credit card loans. It seems however that full control of the high prices paid for these insurances has not yet been reached. Administrative charges do not count as commissions, so are not covered by this 30 percent cap. Thus, banks or finance companies could be assigned part of that administrative charge to compensate it for its provided administrative support. Recommendation 1. SEDECO and BCP-SIS should jointly clarify whether the bundling of insurance products with loans or other financial services is allowed under Art. 14 of the Consumer Protection Law. The regulatory framework of BCP-SIS should then be adjusted accordingly to clarify if and under which conditions this is allowed. 2. To prevent situations of conflict of interest, the regulations should clearly specify transparency and disclosure requirements, including providing the customer with a choice of at least 2 or three insurance options, and mandating a clearer description of what the insurance cover is (events insured, amount covered and exclusions). Furthermore, it is important to define which situations should give to the consumers the possibility to opt out. SECTION B DISCLOSURE & SALES PRACTICES Good Practice B.1 Sales Practices a. Insurers should be held responsible for product-related information provided to consumers by their agents (i.e. those intermediaries acting for the insurer). b. Consumers should be informed whether the intermediary selling them an insurance contract (known as a policy) is acting for them or for the insurer (i.e. in the latter case the intermediary has an agency agreement with the insurer). c. If the intermediary is a broker (i.e. acting on behalf of the consumer) then the consumer should be advised at the time of initial contact with the intermediary if a commission will be paid to the intermediary by the underwriting insurer. The consumer should have the right to require disclosure of the commission and other costs paid to an intermediary for long-term savings contracts. The consumer should always be advised of the amount of any commission and other expenses paid on any single premium investment contract. d. An intermediary should be prohibited from identically filling brokering and agency roles for a given general class of insurance (i.e. life and disability, health, general insurance, credit insurance). e. When a bank is the intermediary, the sales process should ensure that the consumer understands at all times that he or she is not purchasing a bank product or a product guaranteed by the bank. f. Sanctions, including meaningful fines and, in the case of intermediaries, loss of license, should apply for breach of any of the above provisions. Description a. Although Insurers are allowed to sell their contracts to their clients directly (without the intervention of any intermediary), they are in practice dependent on agents (individuals) and brokers (companies) to distribute their products. A limited number of these agents are paid by a combination of salary and commission and could be commercially linked to one insurer. The dominant business model, for individual products, involves the use of “independent” agents paid on a commission basis. Since the year 2000, “Bancassurance” (insurance sold by banks and other financial institutions that in the case of Paraguay should include also Cooperatives) is permitted. The regulation requires that when such institutions sell insurance in their premises they should do it using adequately trained staff that should count with the same examinations that registered agents. Overall, insurers are not held responsible for product related information provided by the agents if the insurer has not produced the information. In general, insurers don’t have a strong control over their agents since a direct contact between the insurer and the policyholder would be negatively interpreted by the agent / broker as an interference in the relationship with their clients. However, some entities exert a stronger control on the agents that sell their products, while in most cases this is minimal. There is no specific rule making responsible the insurer for the information provided by the agent or broker if it was not involved in its elaboration. In that regard, as a kind of protection (although not directly addressing the problem) it should be noted that the policyholder has the right to step off the insurance during a period of 30 days counted from the reception of the contract if the terms of the insurance policy differ from those of the proposal. Furthermore, it should be noted that agents and brokers are licensed, and have to fulfill certain regular training requirements. To a certain extent this could mitigate some of the noted gap in responsibility of the insurance company over the information provided by the agent / broker, as long as the insurer has in place some capacity building and oversight over the quality of the service provided. In practice, insurers have not adopted sufficient measures to control the sales process followed by the agents selling their products like practicing “mystery shopping” or obtain any feedback from their policyholders. b. The insurance regulation requires that consumers be given appropriate information about the nature of the relationship between the agent/broker and the insurance company. When there is a possible conflict of interest the agent or broker must disclose how he is being remunerated. Insurance regulation (Resolution SS.SG. Nº 143/12) establishes that:  the terms and conditions between them and their clients  their links with the insurer (just intermediary, or intermediary with legal power to represent the Insurer, etc.  When there is a possible conflict of interest, they must declare on which basis they are paid (agreed commissions). There is no formal control / supervision in place to verify to what extent this rule is being followed by agents/brokers. c. The obligation to disclose how the agent is being paid was introduced in 2012 - Regulation SS.SG Nº 143/12 - but in the following year (2013) the SIS issued the Regulation SS.SG Nº 45/13 waiving the commission disclosure obligation in those cases where the agent/broker’s commission is equal or below 30% of the premium. In practice the amount of the commission is never disclosed to the consumer. In fact, after the reform only commissions above 30% should be disclosed but, taking into account that 30% is the maximum commission legally permitted, if it was the case, it would be a non-sense to expect that an agent/broker would disclose to its client that he is receiving commissions above the maximum legally permitted. d. The Law of Insurance just mentions that agents/brokers should not present or suggest, any information with the intention of deceiving or misleading the consumer. There is no explicit mention in the regulation about a broker acting for the insured and the insurer in the same transaction. Regulation SS.SG Nº 143/12 establishes that agents / brokers should adopt, when applicable, the minimum governance requirements set in the Insurance Core Principle n. 7 of the IAIS (as reproduced in the Regulation SS.SG Nº 92/12). Regulation SS.SG Nº 108/10 requires that agents / brokers should give their clients complete and relevant information before the contract is signed and also after the insurance is in force, but these are relatively general statements difficult to interpret in practice, and no formal control have been implemented on the effective interpretation and application of these principles e. Although banks or brokers related to a bank act frequently as intermediaries in group-business, and regulations have been issued regarding maximum commissions and disclosure of the cost of insurance to the consumer, there is no evidence that consumers are aware of who is effectively providing that insurance cover. f. The BCP-SIS has the power to sanction, including issuing larger fines and withdrawing the license of agents and brokers. However, the law and its regulations do not provide clear guidance on the different actions that could be considered as misconducts and the rules to assess the severity of the faults. Recommendation 1. Establish more detailed disclosure obligations from the Insurers and the agents/brokers to the policyholders (or the insured in the case of group policies) in order to bring awareness to the consumer on the existence of the insurance coverage (with a clear declaration, when applicable, of the exclusions) and the cost of it. 2. Introduce some degree of co-responsibility of the insurer on the sales process followed by the agents, specifically on the information provided to the policyholders. International best practice suggests that the insurer should be held accountable for any wrong information provided on their products by the agent. 3. Insurance contracts issued should be sent to the policyholders with a “Note” recommending the immediate comparison of the terms of the contract with those of the proposal of insurance 4. Finally, the applicable sanctions for agents, which the BCP-SIS can issue, should be assessed and revised to give the BCP-SIS adequate tools to sanction observed misconduct by agents. Good Practice B.2 Advertising and Sales Materials a. Insurers should ensure that their advertising and sales materials and procedures do not mislead customers. Regulatory limits should be placed on investment returns used in life insurance value projections. b. Insurers should be legally responsible for all statements made in marketing and sales materials they produce related to their products. c. All marketing and sales materials should be easily readable and understandable by the general public. Description a. The Consumer Protection Law (Law 1334/98) in its Article 35 forbids any misleading advertising. The Law of Insurance (Law 827/96), Article 129, forbids also the publication of any advertisement or information that is false, incomplete or ambiguous on insurance or reinsurance that might lead to wrong interpretations. Regarding investment return used in life insurance projections and illustrations, it must be noted that, presently, there are 34 licensed insurance companies of which only seven have a life assurance license. Out of these 7 only 1 offers life products that are not one year term life. As apparently no savings are offered through insurances, there are no specific rules for these types of products. b. Insurers are held responsible for all the information they provide and the sales material that they produce, but they are not liable for the information that agents might give to their clients outside of the information produced by the insurance company. c. Both the Law of Insurance and the Consumer Protection Law establish that all marketing and sales material should be easily readable and understandable. In some cases, the interpretation of this statement might have a subjective component since this is closely linked with the financial literacy of the consumers. There is no regular or formal control by the SIS that this material complies with that rule. Recommendation The DDUS should be given the function to verify that marketing and sales material complies with the requisites of clarity and is understandable. This shouldn’t be interpreted as requiring pre-approval by the BCP-SIS of the marketing material, but rather as a continuous verification task (e.g. through mystery shopping) that should be addressed by the BCP-SIS. Good Practice B.3 Understanding Customers’ Needs The sales intermediary or officer should be required to obtain sufficient information about the consumer to ensure an appropriate product is offered. Formal ―fact finds‖ should be specified for long -term savings and investment products and they should be retained and be available for inspection for a reasonable number of years. Description There is no legally enforceable requirement to obtain sufficient information about the consumer to ensure that an appropriate product is offered. According to the BCP-SIS, no such formal requirement is currently in place for selling insurance products. However, Regulation 14/96 of the BCP-SIS, which creates the registry for agents and brokers and establishes their obligations (Article 10 of Annex 1) mentions that agents must give advice to the persons that wish to get insurance through them and offer the coverage that is suitable to their needs and interests. None of the sales processes described by the insurers interviewed involved any explicit action to verify that the agents understand the consumer needs. However, it is important to note that almost 50% of the insurance market in Paraguay is auto insurance, and 13% is life assurance (of which 97 % are group contracts of one year renewal term insurance). Thus, there is not a wide range of products or choices to be offered, and in most cases the main difference among products is based just on the premium. Recommendation 1. Conduct of business rules imposed by the BCP-SIS (or a code of practice if ever adopted by the insurance industry) should include:  The requirement that the insurer (or its agent or broker) is required to check the appropriateness of the policy and suitability for the client.  If no advice is given, the insurer should be required to highlight this, and to provide clarification why this was not given. These processes should be formally documented, with a copy handled to the policyholder or, in the case of group insurance, to the insured. The BCP-SIS should regularly assess the documentation to verify if appropriate products were offered, and sufficient information on the client collected. 2. In view of the underdeveloped nature of the insurance market in Paraguay, specific provisions for insurance contracts as vehicles for long-term savings and investment products would be premature. This should however be introduced, once the market develops. Good Practice B.4 Cooling-off Period There should be a reasonable cooling-off period associated with any traditional investment or long-term life savings contract, after the policy information is delivered, to deal with possible high pressure selling and mis-selling. Description Investments and long-term savings are currently not being channeled through insurance products in Paraguay. The Consumer Protection Law (Law 1.334/98) establishes as a general rule, applicable to all contracts, a 7 days cooling-off period from the signing of the contract in certain circumstances (contract signed remotely). In the case of life insurance bundled with a credit, the insurance is a group contract signed between the bank, or financial institution, and the insurer. Furthermore this type of insurance is a short-term cover of the death risk and not an investment or savings contract. This principle would need to be interpreted The Civil Code establishes in its Article 1556 that if the conditions of the insurance contract differ from the proposal of insurance it will be assumed that the policyholder is accepting the new conditions unless he refuses them in the first month of reception of the contract. Again, the fact that the signing parts are the financial institution and the insurer makes that this Article of the Civil Code is not directly applicable. Recommendation It is important to clarify and regulate the cooling-off periods of insurance products, especially those that are bundled with another product such as a credit or enclose any investment feature. Given the lack of development of the long- term savings market, the latter is not an immediate need. Good Practice B.5 Key Facts Statement A Key Facts Statement should be attached to all sales and contractual documents, disclosing the key factors of the insurance product or service in large print. Description A key facts statement is not mentioned in any law, regulation, or code of conduct in Paraguay. According to the BCP-SIS, there is currently no such requirement in place. No insurance company visited by the mission provided such a summary of the core conditions of the product to their potential customers. The promotional material of some companies was better than others in highlighting a few key features of the contract, but overall fell short of the above mentioned fact sheet. Recommendation 1. The regulatory framework should introduce the requirement for insurers to make sure that their agents / brokers provide to their clients a standardized fact sheet which summarizes the main features and costs of the products, as well as information on available dispute resolution mechanisms, both within the insurance and also alternative public and private options available for the client 2. The key fact statement should be tested prior to its introduction to ascertain that the provided information is clear and easily understandable for clients. It should also include information on the available dispute resolution mechanisms. 3. In the longer term, SEDECO should explore options to also extent the mandate to provide clients with a standardized factsheet for all types of services provided similar to insurance (see A1) Good Practice B.6 Professional Competence a. Sales personnel and intermediaries selling and advising on insurance contracts should have sufficient qualifications, depending on the complexities of the products they sell. b. Educational requirements for intermediaries selling long-term savings and investment insurance products should be specified, or at least approved, by the regulator or supervisor. Description a. The Law of Insurance (Law 827/96) establishes that agents and brokers must be registered at the SIS. In order to register for the first time, the candidates have to obtain first a specific university degree. Registered agents and brokers have to renew their license every two years and are requested to have at least 20 hours of continuous Professional Development during those two years. The content of the courses is approved by the BCP-SIS and the associations of agents/brokers are frequently in charge of proposing the content and organizing the courses. The BCP-SIS keeps regular contacts with the University in order to keep updated the syllabus of the degree that will give access to the register of insurance agents. b. No long term savings or investments products are offered in Paraguay through insurance products. Educational requirements for these products form part of the syllabus to become an agent but, since this type of products are practically not offered in the market, there is no significant culture on these issues among agents. At this stage it is still premature to consider insurance as a possible vehicle for channeling long term savings or investments. Recommendation The process and requisites to follow for accessing the profession of insurance agent that are in place seem to guarantee their professional competence. However these requisites don’t cover yet with sufficient depth and specialization issues related to long-term savings and investment since the Paraguayan insurers do not offer such products. Should that market develop in the future, the SIS would have to revise with the academics at the University the content of the programs followed to obtain that degree (“updating and recycling” the agents already registered should also be addressed). Good Practice B.7 Regulatory Status Disclosure a. In all of its advertising, whether by print, television, radio or otherwise, an insurer should disclose: (i) that it is regulated, and (ii) the name and address of the regulator. b. All insurance intermediaries should be licensed and proof of licensing should be readily available to the general public, including through the internet. Description a. According to BCP-SIS, there is currently no legally enforceable requirement for an insurer to disclose: (i) that it is regulated, or (ii) the name and address of the regulator. In practice, some insurers do include this information in their offices, their promotional material and/or provide a copy of their license on their websites. Every month the BCP-SIS publishes the list of licensed insurers, their rating and some of the financial ratios. At the same time the BCP-SIS publishes a list of entities that have been reported offering insurance services (as carrier or intermediary) and that don’t count with a proper authorization for that. b. Insurance intermediaries who are agents/brokers are required to be licensed and registered at the BCP-SIS. The list of registered agents and brokers is accessible at the website of the SIS. The content of the courses that have to be followed to become an insurance agent, and of the requested Continuous Professional Development courses to renew the license every two years have to approved by the SIS Recommendation 1. It would be recommendable to introduce a requirement that all providers of insurance and/or services similar to insurance should disclose whether or not they are regulated, and by whom. 2. SEDECO and BCP-SIS should collaborate to assess the best option for issuing this requirement to cover those providers of services similar to insurance that are not registered and regulated by BCP-SIS. Good Practice B.8 Disclosure of Financial Situation a. The regulator or supervisor should publish annual public reports on the development, health, strength and penetration of the insurance sector either as a special report or as part of the disclosure and accountability requirements under the law governing it. b. Insurers should be required to disclose their financial information to enable the general public to form an opinion with regards to the financial viability of the institution. c. If credible claims paying ability ratings are not available, the regulator or supervisor should periodically publish sufficient information on each insurer for an informed commentator or intermediary to form a view of the insurer’s relative financial strength. Description a. BCP-SIS doesn’t publish a comprehensive annual public re port on the development, health, strength and penetration of the insurance sector, but it provides in its website detailed statistical and financial information about each insurer. b. The Law on Insurance Activities requires insurance companies to publish their audited financial statements in the relevant official publications and mass media. Moreover, when a consumer takes out a policy, he/she can ask for a copy of the insurance company’s financial statements. c. BCP-SIS publishes every month in two newspapers, and on its website, information about the insurers ratings including 10 ratios on their financial performance (claims and expenses to premiums, return, etc.). BCP-SIS also includes in its monthly publication as a warning a list of entities that have been detected to offer insurance services (as insurers or agents/brokers), but that are not authorized nor registered at the BCP-SIS. Recommendation 1. The BCP should include more financial information on the insurance sector when publishing general financial sector statistics and assessments. 2. The detailed monthly financial information on the insurers that is shown in the BCP website should be made more easily accessible and understood by consumers and users. SECTION C CUSTOMER ACCOUNT HANDLING AND MAINTENANCE Good Practice C.1 Customer Account Handling a. Customers should receive periodic statements of the value of their policy in the case of insurance savings and investment contracts. For traditional savings contracts, this should be provided at least yearly, however more frequent statements should be produced for investment- linked contracts. b. Customers should have a means to dispute the accuracy of the transactions recorded in the statement within a stipulated period. c. Insurers should be required to disclose the cash value of a traditional savings or investment contract upon demand and within a reasonable time. In addition, a table showing projected cash values should be provided at the time of delivery of the initial contract and at the time of any subsequent adjustments. d. Customers should be provided with renewal notices a reasonable number of days before the renewal date for non-life policies. If an insurer does not wish to renew a contract it should also provide a reasonable notice period. e. Claims should not be deniable or adjustable if non-disclosure is discovered at the time of the claim but is immaterial to the proximate cause of the claim. In such cases, the claim may be adjusted for any premium shortfall or inability to recover reinsurance. f. Insurers should have the right to cancel a policy at any time (other than after a claim has occurred – see above) if material non-disclosure can be established. Description a, b, and c. There is practically no insurance investment product or products with a cash value sold in Paraguay. d. There does not appear to be any legally enforceable requirement that customers be provided with renewal notices before the renewal date for policies or that they be notified if the insurer does not wish to renew a contract. SIS reported that it is up to the policyholder to remember to pay any renewal premium. e. and f. Insurers can cancel a policy for non-disclosure, but the non-disclosure has to be material. Materiality is defined in the Civil Code (Article 1549) as any information that, if the Insurer had known it when underwriting the contract, would have led it to reject the risk or accept it under different conditions. Recommendation 1. The BCP-SIS should introduce a requirement for insurance companies to provide a renewal notice to policyholders with sufficient anticipation. 2. If insurance investment products are starting to be offered in the market, BCP- SIS should also regulate the information and disclosure requirements that the insurance company should regularly send to the policyholders of savings and investment insurance products. SECTION D PRIVACY & DATA PROTECTION Good Practice D.1 Confidentiality and Security of Customers’ Information Customers have a right to expect that their financial transactions are kept confidential. Insurers should protect the confidentiality and security of personal data, against any anticipated threats, or hazards to the security or integrity of such information, and against unauthorized access. Description The law that sets the rules for the treatment of “private information” (Law Nº 1682) was issued in January 2001. This regulation does not appear to impose detailed requirements on the processing of personal information such as found in more advanced economies concerning the security of systems in which data are held, and the circumstances in which data can be shared. In September 2002, the Law 1682 was modified by Law 1969, but the introduced changes do not change significantly the general depth and breadth of the previous regulation. Individual have the right to access copies of the data about them, to know what use is made of it and to correct any mistakes. Information on unpaid debts not claimed judicially has to be eliminated from these records three years after due date. Information about debts claimed judicially that were paid has also to be taken out three years after payment. Information about judicial liquidations has a period of five years after the Court decision. The financial information has to be updated permanently, and those persons or companies that keep the databases have to introduce the new information in a maximum of 4 days from the date they received it. Recommendation 1. The regulation on the “treatment of private information” doesn’t establish any specialized body with the capacity of analyzing the security, content and use of any database containing private information, nor the obligation to communicate the existence of such databases by the persons or entities creating such databases, even if they are for their own use. 2. It is important that for all the databases containing “private or personal information” there is one individual accountable for the security measures implemented, for updates and the use of the information. It would be advisable to create a specialized agency where all the databases containing personal or private information should officially declare their existence, who is responsible of it, the security measures adopted to control the access and the record kept on who has consulted it. SECTON E DISPUTE RESOLUTION MECHANISMS Good Practice E.1 Internal Dispute Settlement a. Insurers should provide an internal avenue for claim and dispute resolution to policyholders. b. Insurers should designate employees to handle retail policyholder complaints. c. Insurers should inform their customers of the internal procedures on dispute resolution. d. The regulator or supervisor should investigate whether insurers comply with their internal procedures regarding consumer protection. Description a. Insurance distinguishes between ‘claims’ (meaning asking the insurer to pay out under the terms of an insurance contract) and ‘complaints’ (meaning complaining about an insurer’s refusal of a claim or other alleged misconduct). BCP-SIS has previously taken the view that both claims and complaints are subject to the terms of the insurance contract, and an issue of customer service rather than consumer protection. The focus of its supervision has been on claims, in particular on the adequacy of reserves and whether the insurance contracts and rates had been filed and registered at the BCP-SIS before being used Visited insurers reported that they had special departments to deal with claims. As far as the mission team was able to verify, the procedures of claims handling ranged from bureaucratic to being accessible. Some insurers (especially those providing cover for international organizations and their staffs) claimed to have a telephone hotline available 24 hours per day and 7 days per week, with all calls being recorded. In some cases, assessment of the claim might involve inspection by an expert appointed and employed by the insurer (for example, inspecting the site of an accident); and/or obtaining a valuation from an appraiser registered at the BCP-SIS. Claim appraisers and settlers have to act independently but the most frequent is that they are hired and paid by the insurance companies. The policyholder has the right to designate and use a claim appraiser and settler but he would have to pay at his own. Interviewed insurers reported that they did receive few complaints about their decisions on claims, but that such complaints were almost always resolved at the company level. They keep no statistic or record on the nature, resolution or even the number of complaints. They reported that consumers could escalate complaints to the BCP-SIS (a large insurer mentioned that this happened around 5 or 6 times per year; a medium size insurer mentioned 2 cases in the last ten years). However, the mission could not obtain any more detail from the insurers or the BCP-SIS. All insurers explain in their websites how to proceed in the case of a claim (when the event covered by the insurance contract occurs). However, this doesn’t seem to extend to the case when the policyholder or beneficiary wanted to raise a complaint or dispute about the service provided by the insurer. All of the insurers reported that claims were settled to the entire satisfaction of the insured, but this opinion was not shared by the consumers associations or other individuals that the mission team interviewed. The received feedback much rather indicates that clients do not consider it worth disputing with insurers, as the legal terms established in the contracts are difficult to dispute, and insurers are better equipped economically to handle long judicial disputes. b, and c. The mission team did not find any insurer which had designated employees or published written procedures in place for the handling of complaints. It does not appear to be the practice for insurance policies, or promotional materials, to set out details of how customers can make a complaint if they are dissatisfied. This seems to contradict what was established in the Resolution SS.SG Nº 127/09 which established an official form to file complaints at the DDUS of the BCP-SIS, and requires insurers to have in their premises visible signs explaining the process and presenting that official form. d. The mission team found no documented complaints procedures that SIS could check against. However, the on-site inspection plan can include the assistance by a member of the staff of the DDUS to check the handling of the process of complaints by policyholders, although we were given no details on what this verification comprises. Recommendation 1. The BCP-SIS should pass a regulation to establish written procedures on the verification of the handling of the complaint process by the insurers. At the same time the Resolution SS.SG Nº 127/09 that establishes a standard form to communicate to the DDUS any complaint about non-paid claims, should be better publicized and enforced. 2. The insurers and the BCP-SIS should take the necessary measures to keep adequate statistics about complaints (with a detail of the policyholder, nature of claim and final resolution). Good Practice E.2 Formal Dispute Settlement Mechanisms a. A system should be in place that allows consumers to seek affordable and efficient third-party recourse, which could be an ombudsman or tribunal, in the event the complaint with the insurer cannot be resolved to the consumer’s satisfaction in accordance with internal procedures. b. The role of an ombudsman or equivalent institution vis-à-vis consumer disputes should be made known to the public. c. The ombudsman or equivalent institution should be impartial and act independently from the appointing authority and the industry. d. The decisions of the ombudsman or equivalent institution should be binding upon the insurers. The mechanisms to ensure the enforcement of these decisions should be established and publicized. Description The Law of Insurance doesn’t establish any specific out -of court procedures to deal with disputes related to insurance products, which could not be settled directly between the insurer and the policyholder. Therefore, in principle these have to be resolved in court. Insurers reported that there have been very few court cases related to insurance. However, the Resolution SS.SG. Nº 112/10 established mediation as an alternative way for the solution of conflicts between insurance companies and users of insurance, even when that mechanism is not mentioned on the insurance contract. The DDUS has to inform about that possibility in those complaint cases that would reach it. Agents and brokers are also supposed to inform their clients in those cases of claims refused by the insurer. The Center for Arbitrage and Mediation of Paraguay is explicitly designated as a recognized mediator for these situations, but this is a private organization that charges participation fees that would make sense only for discussions involving very high amounts. We were told by the Center of Arbitrage and Mediation that they have been involved yet in no case of insurance claim. State bodies The Division for the Defense of the Insured (of the BCP-SIS) reported that Court cases brought forth by consumers are very rare. It pursued individual insurance cases that were referred to it by consumers, and for which it has the power to provide advice. Where appropriate, the DDUS can suspend or withdraw an insurer’s license (this situation never occurred), but it lacks the power to impose lesser administrative sanctions (such as a public warning or a fine). Furthermore, BCP-SIS is constrained by limited resources. The resolution SS.SG Nº 31/14 th issued on May 9 , 2014 assigns a staff of three to the DDUS, but there is no description of their functions nor the necessary profile and experience of this staff. The DDUS takes up around 60 insurance cases on behalf of consumers per year, although it doesn’t keep any statistic about these interventions. The Secretariat for Consumer Protection (SEDECO) has been recently created as an autonomous body, related to the Ministry of Industry and Commerce. SEDECO doesn’t have the expertise and resources to deal with complaints of insurance users, although it has the capacity to impose administrative sanctions (such as a public warning or a fine). Alternative dispute resolution There is no mechanism for consumers to obtain affordable and effective redress against insurers through an ombudsman or other alternative dispute resolution body. There is no entity or inter-company arrangements, for resolving the distribution of costs between two insurers involved in providing indemnity in relation to one incident. Recommendation 1 The DDUS should take more effective actions to enforce the Resolution SS.SG Nº 127/09 that establishes a standard form for the communication to the BCP- SIS of complaints related to claim settlement that must be clearly publicized at the insurer’s offices. The DDUS should take also actions involving consumer protection on other issues related with insurance but not just to claims. 2. The activity of the DDUS should be transparent and publicly known, with the issuance of regular statistics about its interventions. 3. On the medium term, consideration should be given to introduce an Ombudsman scheme to facilitate dispute resolution SECTION F GUARANTEE SCHEMES AND INSOLVENCY Good Practice F.1 Guarantee Schemes and Insolvency a. With the exception of schemes covering mandatory insurance (and possibly long-term insurance), insolvency guarantee schemes are not to be encouraged for insurance because of the opaque nature of the industry and the scope for moral hazard. Strong governance and prudential supervision are better alternatives. b. Nominal defendant arrangements should be in place for mandatory insurances such as motor third party liability insurance to cover situations where there is no insured guilty party. c. Assets covering life insurance mathematical reserves and investment contract policy liabilities should be segregated or at the very least earmarked, and long-term policyholders should have preferential access to such assets in the event of a winding-up. Description a. There is no insolvency guarantee scheme for insurance in Paraguay. The Law of Insurance provides BCP-SIS with authority to oversee the financial position of insurance companies. Regarding Governance, more recently, the Regulation SS.SG. Nº 032/13 imposes that the reports produced by the boards of Directors, senior management and internal committees (audit, comptroller, actuarial and other outsourced services) of insurers must adopt the standards and guidelines derived from the Insurance Core Principle N. 8 of the IAIS (Risk Management and Internal Control). b. There is no mandatory insurance in Paraguay. c. There is almost no long-term life insurance in Paraguay (about 97% of the life insurance premiums are Group Term Life, on an annual basis); policyholders have preference over other creditors. Recommendation 1. Motor insurance is in the process of being introduced as mandatory. When this new legislation will be introduced, it is important to establish in parallel the required regulation to cover at least situations where there is no insured guilty party. SECTION A INSTITUTIONAL ARRANGEMENTS Good Practice  The legal and regulatory framework establishes clear institutional arrangements for regulating and enforcing consumer protection in digital financial services.  Necessary arrangements or mechanisms are in place to ensure interagency cooperation for overlapping and/or unclear areas of authority. 11 Description By September 2014, all e-money issuers will come under the oversight of 12 BCP. Resolution no. 6 of 2014 on e-money (E-Money Resolution) introduced a new license for the creation of e-money issuers (Entidad de Medio de Pago Electrónico, or “EMPE”). EMPEs have to request prior authorization from BCP, and will be subject to its supervision (Art. 20). It is expected that both existing players in the market, Tigo and Personal, will apply for this authorization. To request a license to become a EMPE, the following documentation must be provided to BCP (Art. 9): 1. “In the case where the EMPE and the telecommunications service provider are different legal entities, which are not related, [the EMPE] must present: a.1) The contract(s) signed with the telecommunications service provider that would enable the EMPE to provide the services authorized in this Regulation. a.2) The certification issued by CONATEL verifying that the contracts submitted conform to the standards and regulations in place in the telecommunications regulatory framework [...]. 2. In the case where a telecommunications service provider constitutes the EMPE, it must present: b.1) The technical and economic conditions for the provision of the telecommunications services that enable the provision of the services authorized in this Regulation. b.2) The certification issued by CONATEL verifying that the technical and economic conditions for the provision of telecommunications services are conform to the rules and regulations in place in the telecommunications regulatory framework.” 10 The section was prepared by Sarah Fathallah, with feedback provided by Jennifer Chien. It is based on general principles in the area of legal and institutional framework, complemented with available guidance material such as: -World Bank (2014), Responsible Digital Financial Services: Consumer Protection in an Electronic Environment, Presentation in preparation for the Responsible Finance Forum V -Alliance for Financial Inclusion (2014), Consumer Protection in Mobile Financial Services, Guidance Note No. 13 -GSMA (2012), Mobile Privacy Principles: Promoting a User-Centric Privacy Framework for the Mobile Ecosystem, Document Version 1.0 -CGAP (2010), Protecting Branchless Banking Consumers: Policy Objectives and Regulatory Options, Focus Note 64 11 The deadline provided by the regulation is set to mid-June 2014, but a three-month extension can be requested from BCP. 12 Resolución nº 6, Acta n° 18 de fecha 13 de marzo de 2014, Reglamento de Medios de Pagos Electrónicos. The abovementioned documentation represents the only licensing pre-requisites for EMPEs, and no requirements regarding providing business plans, corporate structure, finances, shareholders, or fit and proper management teams and boards of directors are provided in the regulation. Various entities are involved in market conduct supervisory arrangements for e-money issuers, depending on the type of legal entity they represent and whether or not they offer electronic contracts (cf. Table X). In addition to entering under the supervision of BCP, EMPEs also fall under the general consumer protection mandate of the Secretaria de la Defensa al Consumidor (SEDECO) which can take matters to court and impose sanctions to any provider of goods and services according to the provisions of Chapter XIV of the Consumer Protection law. In addition, in cases where EMPEs are also telcos, they are also under the purview of the National Commissions of Telecommunications (CONATEL), as per Chapter II of Law 642 of 1995 (Telecommunications Law). And finally, regardless of whether or not the EMPE is a telco, should it provide electronic contracts and accept electronic signatures, it also enters under the authority of application of the Ministry of Industry and Commerce (MIC), as per Art. 38 of Law 4.017 of 2010 (Electronic Signatures and 13 Contracts Law). The existence of these various institutional mandates poses the risk for potential overlaps. For instance, should there be issues related to electronic contracts issued by a EMPE, they theoretically fall under the purview of both BCP (in its capacity as EMPE supervisor) and MIC (in its capacity as authority of control for electronic contracts). While the mission team has not met with nor assessed the enforcement capacity of CONATEL and MIC, there are concerns as to whether BCP and SEDECO will have the adequate resources for market conduct supervision of EMPEs. This is demonstrated by their limited human resources to supervise market conduct of already authorized financial entities, and the fact that they do not use, in any systematic way, many of the specific tools that are more appropriate for monitoring market conduct, such as mystery shopping, customer focus groups and surveys, review of advertising materials or a systematic analysis of customer complaints made to the various mediation services on offer. SEDECO BCP CONATEL MIC E-money issuers - If a non-telco in partnership with a ● ● ◌ telco - If a telco ● ● ● - In both cases, if uses electronic ● 13 Later amended by Law 4610/12 transferring the authority of application from the National Institute of Standards and Technology (INTN) to the Ministry of Industry and Commerce. contracts Agents All non-bank agents ● ● ◌ Does not fall under the supervision of CONATEL, but requires its prior certification. The institutional arrangements for market conduct supervision applicable to non-bank agents are more straightforward, falling under the purview of 14 BCP-SIB and SEDECO. Resolution 1 of 2011 (Non-Bank Agents Resolution) places agents, although indirectly, under the purview of BCP-SIB. Prior to 15 contracting non-bank agents, banks, finance companies, and soon EMPEs are required to solicit an authorization from BCP-SIB (Art. 2.2.), by providing a number of documents including a copy of the contract between the financial entity and the non-bank agent. This contract is used as a way for BCP-SIB to ensure that certain market conduct pre-requisites are accounted for (e.g. the contracts must include data privacy and provider liability clauses). Once the agent authorization obtained, financial entities are required to actively report monthly data on the number and location of their non-bank agents to BCP-SIB (Art. 4.), and shall passively keep at the disposal of BCP-SIB certain documents and/or information (Art. 3.14.), including the operating manuals applicable to their non-bank agent activities, the procedures and policies for the selection, training, and monitoring of non-bank agents, as well as any reports from the entities’ Risk and/or Internal Audit Units pertinent to the internal controls in place for non-bank agent operations. These reports, along with the monthly data on agents, are analyzed by BCP-SIB via off-site supervision. However, BCP-SIB has not yet begun conducting on-site inspections at agent premises. In addition, non-bank agents also fall under the general consumer protection mandate of SEDECO, but this newly formed Secretariat lacks the internal resources and financial sector- related expertise to effectively enforce its general consumer protection mandate. Recommendation 1. To ensure effective market conduct supervision of EMPEs, the institutional arrangements and legal mandates between SEDECO, BCP, CONATEL, and MIC need to be assessed and individual roles and competences for enforcement clarified. Following this assessment, mechanisms for coordination (e.g. to conduct join inspections and supervision) and information sharing should be implemented. 2. In line with the recommendations related to strengthening the oversight capacity of BCP-SIB to effectively monitor and enforce compliance of the entities under its supervision, procedures for on-site supervision for non- bank agents should be developed. 3. In addition to on-site supervision, consideration should be given to develop off-site supervision and market monitoring tools such as mystery shopping, customer focus groups / surveys, as well as periodic reviews of advertising materials and customer complaints. 14 Resolución nº 1, Acta n° 70 de fecha 22 de noviembre de 2011, Reglamento para el Uso de los Corresponsales no Bancarios. 15 Art. 17 of the E-Money Resolution allows EMPEs to contract and form agent networks. SECTION B LEGAL AND REGULATORY FRAMEWORK Good Practice  An adequate and comprehensive legal and regulatory framework for consumer protection is in place for digital financial services.  The legal and regulatory framework applicable to digital financial services providers promotes fair competition across providers and sectors. Description The legal and regulatory framework in support of the development of digital financial services is relatively nascent. It establishes minimum standards and parameters for the respective services, and also includes some basic consumer protection provisions in conjunction with the application of the general consumer protection framework. The legal and regulatory framework for digital financial services in Paraguay can be broken down into four categories: (i) payments, (ii) e-money issuance, (iii) the use of agents, and (iv) electronic signatures and contracts. While some of these laws and regulations contain consumer protection-related provisions (as summarized in Table X), digital financial services providers must in theory also comply with 16 the provisions of the Constitution, the Civil Code, the General Consumer 17 Protection Law which applies to all “goods and services” (Art. 3), as well as the legal framework applicable to telecommunications providers when relevant. The complexity of laws and frameworks makes it difficult for service providers to understand and comply with all the provisions that are applicable to them. Payments There is an extensive body of laws and regulations on payments in Paraguay. 18 Resolution no. 1 of 2012 on the payments systems (Payment Systems Resolution) addresses a variety of consumer protection-related provisions, including on transparency and disclosure as well as provider liability, which all “participating entities” in the payments systems must comply with (Book I, 2.). E-money BCP-SIB’s recently issued E-Money Resolution establishes the legal basis for e- money issuance in Paraguay. In this regulation, e-money is defined as a “monetary value stored electronically in an electronic money account upon the receipt of funds in local currency” (Art. 2). E-money is not considered as a deposit and does not accrue interest (Art. 3, e.). With regards to consumer protection, the E-Money Resolution deals with issues related to the protection of client funds, provider liability, complaints handling, and contracts. According to the E-Money Resolution, EMPEs can be formed under two arrangements: either as a non-telco in a contractual partnership with a telco, or as a telco. In both 16 Constitución Política de 1992 17 Ley nº 1.334/98 de Defensa del Consumidor y del Usuario 18 Resolución nº 1, Acta n° 67 de fecha 27 de diciembre de 2012, Reglamento General de los Sistemas de Pagos del Paraguay. cases, the applying entity has to provide a certification from CONATEL certifying the its conformity with the legal framework applicable to the telecommunications sector, including the Telecommunications Law which contains provisions related to fair treatment, complaints handling, and data privacy. Non-Bank Agents BCP’s Non-Bank Agents Resolution regulates the use of non-bank agents (“corresponsales no bancarios”), defined as any natural or legal person which, “under a contractual agreement and under the responsibility of the financial institution,” provide financial transactions and services (e.g. basic account opening, loan disbursement and collection, payments and transactions, bill payment, deposits) as an additional activity to their main business (Art. 1). It should be noted that dedicated payments service providers such as Aqui Pago do not formally fall under this non-bank agent model. The entities have long established separate contracts with financial institutions, which cover the range of services they are providing. Their operation is currently not formally under any form of supervision of a financial supervisory agency, although they play an important role facilitating payments, including paying of electricity and taxes. In the medium term, it is expected that payment service providers will become authorized and supervised as stand-alone financial service providers by BCP’s payments system department. While no consumer protection-related concerns were reported during the mission, bringing the payments service providers under a clearer consumer protection / market conduct oversight would be warranted. Electronic Signatures and Contracts An important aspect for the development of digital financial services in the ability to form contracts remotely. Law no. 4.017 of 2010 (Electronic Signatures and Contracts Law) concerning the legal validity of electronic signatures, digital 19 signatures, and electronic information and records, as amended by Law 4.610 of 2012, provides the legal basis for the validity of electronic contracts and signatures in Paraguay. Art. 5 authorizes the formation of electronic contracts for any “offer, acceptance, as well as any negotiation, statement or agreement made by parties”, as long as not contrary to the provisions of the Civil Code on the 20 requirements of consent and validity of contracts. The same article provides that the conclusion of electronic contracts is not subject to the prior consent of parties regarding the use of electronic means. The authority of application of this law is the National Institute of Standards and Technology (Art. 38). 19 Ley nº 4.017 de Validez Jurídica de la Firma Electrónica, la Firma Digital, los Mensajes de Datos y el Expediente Electrónico, 24 de diciembre de 2010. 20 Relevant provisions under the Civil Code are set forth in Book III, “Contracts and Other Sources of Obligation”. Main law/regulation Main consumer protection-related provisions Constitution  Individuals can access their personal (Political Constitution data/information in official or private records of 1992) public, as well as update, rectify, or delete records that are incorrect or unlawfully affect their rights (Art. 28 and Art. 135 re: Habeas Data). Civil Code  Provisions related to transactional activities, (Law no. 1183 of 1985) including the obligation to provide a proof of payment/receipt (Book II, Chapter IV, Section I).  Provisions related to contracts, included prohibited clauses, and the ability of the parties to end a service contract prior to its termination date for specific reasons including incompetence or negligence of the services provided, the inability to provide the services, and the violation of the contract’s terms (Book III). Consumer Protection  The obligation to disclose the prices of Law products and services (Art. 10) and other (Law no. 1.334 of information on the service provider (Art. 15). 1998)  Provisions related to contracts (Chapter V), including the definition of abusive clauses, the obligation to use legible characters and simple language, and the ability for the consumer to withdraw within 7 days of signing the contract when the contract has not been concluded at the provider’s premises.  Provisions related to credit operations (Chapter VI), including the disclosure of annual or monthly interest rates, fees and charges, the repayment schedule, and the right of the the consumer to pay the debt by anticipation.  Provisions related to misleading advertisement (Chapter VIII). Payment Systems  Provisions on transparency and disclosure Resolution (Book I, 7.), including query facilities for clients (Resolution 1, Act 67, to get at least monthly account and/or 2012) transaction information.  The liability of providers to the consumers (Book I., 13. And 17.). Non-Bank Agents  Provisions related to non-bank agent training Resolution by the financial entity, including on KYC, (Resolution no. 1, Act complaints handling, and data privacy (Art. 70, 2011) 3.7.).  The liability of the contracting entity for the actions and operations of its non-bank agents (Art. 3.8.).  The prohibition for agents to charge additional fees or commissions to clients (Art. 3.9.).  Provisions related to transparency and disclosure at the non-bank agent premises, including the non-bank agent status, prices and charges, and complaints handling channels, as well as the obligation to provide receipts for each transaction (Art. 3.13.). E-Money Resolution  Provisions related to the protection of client (Resolution no. 6, Act funds through the use of trust funds (Chapter 18, 2014) III) and a technological platform that allows for real-time processing and conciliation of funds (Art. 10).  The liability of the EMPE for the actions of its agent networks (Art. 17).  The obligation for EMPEs to implement effective, easy to use, and free of charge complaints handling channels (Art. 22).  Provisions on the minimum contents of contracts (Art. 23), both in physical and electronic formats, including the disclosure of prices and limits in transactions and withdrawal amounts.  Provisions regarding the transfer of funds from inactive e-money accounts into bank accounts. Telecommunications  Provisions related to the protection of users Law and subscribers (Title IX), including on free (Law 642 of 1995) and fair treatment, and contracts.  The obligation for providers to establish efficient mechanisms for complaints handling, and disclose them to clients (Art. 84-85).  Provisions on data privacy and the inviolability of the secrecy of client correspondence (Art. 89-90). Electronic Signatures  Provisions on the ability to form electronic and Contracts Law contracts and accept signatures, including in a (Law no. 4.017 of form that the parties can keep and consult 2010, as amended by subsequently (Art.8-9). Law 4.610 of 2012) Recommendation 1. The legal and regulatory framework is currently spread over many laws and regulations and involves various government bodies, as discussed under the institutional arrangements. In tandem with the evaluation of institutional roles of involved oversight bodies, there is a need to assess the existing regulatory framework for consistency and completeness with regards to consumer protection related provisions. Any legal and regulatory gaps revealed by such assessment needs to be addressed as well. There is also a need to consolidate the core provisions under one or two regulatory bodies to facilitate the oversight over market conduct and consumer protection standards. 2. Given the complex nature of the legal and regulatory framework applicable to digital financial services, there is a need for BCP to provide consolidated guidance to market players on the applicable consumer protection regime, including legal and regulatory provisions outside of its legal realm. 3. Consideration should also be given to develop guidance or informational materials that inform the clients about the core features of digital financial services, as well as the client’s rights and obligations under the legal framework. The material could for example be visibly displayed in the premises of agents, and used by stakeholders when providing financial education measures. SECTION C TRANSPARENCY AND DISCLOSURE Good Practice  Appropriate standards for disclosure of information in digital financial services are in place.  Simple, legible, and standardized information is provided in a form that consumers can keep, including through the devices used for transacting such as mobile phones.  Agents are required to disclose their agent status to customers and / or to post specific information on the service they provide. They are prohibited from charging extra fees to the customers for this service. Description There are basic requirements on transparency and disclosure imposed on digital financial service providers, which are adhered to in practice. The legal and regulatory framework contains basic provisions around the disclosure of fees and charges by the providers, and the requirement to provide account statements. Art. 23 f) of the E-Money Resolution requires that modalities related to the issuance of account statements, either in print or electronically, are specified in the contract provided to the client. The requirement to provide account statements is also reinforced by Book I. 7. of the Payment Systems Resolution, which sets forth that participating entities in the payments systems “must provide their clients with adequate means of consultation to enable them to obtain, at least on a monthly frequency, up to date information on their payments system services.” However, neither provision requires that the periodic access to account statements should be free of charge as suggested by international best practice with regards to account information. In addition, EMPEs are required to provide what appears to be an early form of a Key Facts Statement, described as “a summary of the minimum conditions mentioned [in the contract], in legible and understandable terms” (E-Money Resolution, Art. 23). Nevertheless, a format or template for this summary has not been provided in the regulation. Finally, and while Tigo and Personal both have not yet formally entered under the supervision of BCP, the delivery of receipts for each transaction, required by the Civil Code (Book II, Chapter IV, Section I), and the publication of fees and charges by e-money issuers (including in their branches and on their website) seems to already be a common practice. While the minimum set content for e-money services contracts seem adequate, contracts are not required to be provided to clients prior to signing. Contracts for e-money services must first adhere to the general provisions provided by the Civil Code and the General Consumer Protection Law, including the requirement to be written in “clear and understandable terms for consumers” (Art. 25, Consumer Protection Law). The opening of an e-money 21 account must be supported by a “contract of adhesion” which can be signed by the client, either physically or electronically (Art. 23, Resolution no. 6 of 2014). When provided electronically, contracts should be conserved with the aim of being accessed for subsequent reference, while remaining “complete and unaltered” (Art. 8 and 9 of the Electronic Signatures and Contracts Law). In practice, while the mission team was not able to assess existing electronic contracts, paper contracts provided by Tigo and Personal to their clients seem simpler and shorter (generally one page) than contracts seen from other financial service providers. However, these contracts precede the introduction of the E- Money Resolution, which contains more extensive content requirements, so they will have to be adjusted once the entities have become EMPEs. The minimum contents and guidelines of e-money contract are set in this Art. 23 of the E- Money Resolution, including the requirement to indicate the costs and commissions, the express indication that the e-money float does not accrue interest and is not covered by BCP’s Deposit Insurance, as well as the modalities related to the issuance of account statements. With regards to ensuring effective disclosure in agent operations, the non- bank agent resolution provides the essential basis for requiring price disclosure at agent premises, prohibiting agents to charge fees other than those disclosed by the provider, as well as requiring the disclosure of the agent’s status. According to the Non-Bank Agents Resolution, it is the 21 A contract of adhesion is defined by the General Consumer Protection law as a contract for which the “have been unilaterally established by the provider of goods or services, without the consumer’s ability to observe, discuss, alter or substantially modify its contents” (Art. 4). responsibility of the financial institution to ensure that agents are advertised as such, including by using a sign of “adequate size in a conspicuous place on the premises” which includes the term “Agent”, the name of the contracting financial institution, the address of its closest branch, and the opening hours of the agent (Art. 3.13). In addition, Article 3.13 sets forth that agents should advertise “the fees charged by the [financial institution] for each of the services offered by the non-bank agent,” as well as the fact that agents are not allowed to charge additional fees for the provision of these services. Article 3.13.4 also provides that “every transaction carried out by the no n-bank agent should automatically produce a document issued by the [POS] terminal [...], which shall include, at a minimum, the date, the type and amount of the transaction, as well as the identity of the non-bank agent and the financial institution.” In practice, providing transaction receipts and information on prices and commissions at agent premises does not seem to be a systematic and common practice. Recommendation 1. While the regulatory framework for EMPEs already includes most of the provisions that are considered international best practice, a requirement to provide the account statements periodically free of charge (e.g. once a month), and the provision of the contract prior to the client’s signature is still missing and should be introduced. 2. BCP should issue guidance on the content and format for the Key Facts Statements required from EMPEs, preferably in accordance with Key Facts Statements to be developed for other financial services and products provided by financial institutions under its supervision. 3. Once formally authorized as EMPEs, the service providers have to adjust their contracts. In anticipation of this, BCP should develop internal guidelines for assessing the contracts to ascertain that they adhere to minimum standards set forth by the legal and regulatory framework and do not include abusive conditions. 4. In line with the recommendation set forth above with regards to strengthening on-site supervision for non-bank agents, issues related to the provision of transaction receipts and the disclosure of prices and commissions at agent premises need to be better monitored. SECTION D BUSINESS PRACTICES Good Practice Liability Regime  The legal and regulatory framework creates clarity and transparency on who is liable in the case of fraud, system malfunctions, and unauthorized payments.  The supervised financial entity is liable for the agent’s and agent networks’ regulatory compliance with regard to the services the agent provides in the name of the financial entity. Description Overall, the liability regime in cases of fraud, system malfunctions, unauthorized transactions, and other operations is borne by the provider, as opposed to the consumer, or any third parties involved. With regards to agents, Article 3.8 of the Non-Bank Agents Resolution provides that “financial institution[s] may not transfer to the agent or other third parties, [...] its liability to the customer and to the Superintendent of Banks for the provision of services, the management of risks, and the regulatory compliance related to the operations provided through non-bank agents.” No regulation does addresses the damages and costs borne by the client out of the malfunction or misuse. Recommendation Consideration should be given to introduce a regulatory provision that the financial service provider is also liable to cover any losses incurred by the client due to system malfunction or fraud / misuse outside of the client’s responsibility. Good Practice Privacy and Data Protection  Clear data privacy and confidentiality rules are in place for the collection, use, disclosure and security of personal client information.  Bank secrecy provision also apply to agents and to non-bank e-money issuers Description The E-Money Resolution contains provisions on privacy and data protection applicable to EMPEs. Art. 24 sets forth that EMPEs should “comply with the requirements of conservation of information and documentation” applicable within the AML/CFT framework, and “must obtain the permission of [account] owners or remitters to verify and update the data and information provided by themselves.” In addition, to obtain their EMPE license, applying entities must provide a certification from CONATEL justifying that their plans to provide e-money services are conform to the legal framework in place in the telecommunications industry. As such, the Telecommunications Law sets forth the obligation for telcos to respect data privacy (Art. 89), providing an indirect way of ensuring the compliance of EMPEs through CONATEL’s certifica tions. Nevertheless, the CONATEL certifications are only produced at the moment of application for a license, and not throughout the activity of the EMPE, in addition to being only based on a self-assessment of the technical and economic conditions for service provision by the EMPE. Agents are contractually bound by their respective financial institution to respect bank secrecy rules. The contract between a financial institution and an agent must include the obligation of the agent to respect bank secrecy rules with regards to client information (Non-Bank Agents Resolution, Art. 3.10.9). In addition, the contracting financial institution must provide training to their non- bank agents on information confidentiality and bank secrecy (Art. 3.7.), and is liable for agent’s actions. Recommendation No recommendations. Good Practice Professional Competence  Providers are required to have policies in place for selecting agents, which include necessary quality and security standards.  Staff, intermediaries, and agents of digital financial service providers are subject to regular training (both prior to service commencement and periodically afterwards), which covers at a minimum: o KYC, in particular the collection and verification of information about identity in an electronic environment consistently with AML/CFT laws); o Product suitability for financial services provided through digital means; and o Record keeping obligations for e-money accounts/transactions. Description The legal and regulatory framework establishes some basic professional competence standards, mostly applicable to non-bank agents. No provisions regarding the training of staff and intermediaries of EMPEs are in place. For non-bank agents, financial service providers are required to have “policies and procedures for the selection, training, [and] monitoring ” of non-bank agents, which BCP-SIB is entitled to control (Non-Bank Agents Resolution, Art. 3.14.8.). In addition, Art. 3.7 sets forth the obligation for financial institutions to provide proper training to their non-bank agents, “including at least the aspects related to the proper identification and care of customers, information confidentiality and bank secrecy.” This is of particular importance when it comes to KYC procedures, as Art. 22 of the Electronic Signatures and Contracts Law provides the obligation to duly verify the relationship between the signatory and the digital signature, with the physical presence of the signatory and a valid ID. In addition, Book I, 12.01of Resolution no. 1 of 2012 states that “the issuing [entity] is responsible for verifying the identification of the originating client involved in a transaction.” In practice, this seems to be commonly applied. Nevertheless, even 22 though it seems that there is a handful of “superagents” (or agent network managers) contracted by most providers, there are no standards for the training of non-bank agents, and the application of these provisions is left to the discretion of each provider. Training requirements focused on certain specificities of digital financial service provision are lacking. There are no provisions in the E-money Resolution or the Non-Bank Agents Resolution around the obligation to train front-line staff and intermediaries in order to conduct a suitability assessment or in terms of record keeping. Recommendation It is recommended that BCP sets out standards for professional competence that apply to EMPE staff and agents, that cover the peculiarities of digital finance and basic consumer protection (including data secrecy and transparency requirements), in order to ensure the providers develop training programs that meet these standards. Good Practice Client Fund Protection  Safeguarding arrangements are in place to protect e-money floats/back-up funds from misappropriation, insolvency or any operational risk. This can include provisions to hold funds in a trust account, to directly link e-wallets with a bank account, or to arrange for guarantees.  There is transparency towards the client on whether or not the applicable deposit insurance schemes apply to money held in an electronic 22 C.A.R., Divicom, Grupo BB, and Super Tarjetas. environment. Description While not subject to BCP’s Deposit Insurance, the E-money Resolution provides for basic safeguards on the e-money floats/back-up funds. EMPEs must constitute one or several trust funds in financial institutions to cover at least 100% of the total amount of the outstanding float (Art. 15, E-Money Resolution). Balances have to be provided in writing on an individualized basis. The sole beneficiaries of these trust funds are to be the e-money clients, including agents or points of sale. The needed adjustments of the trust funds must be calculated on a daily basis, and settlement done the following work day (Art. 16), While the specified timelines can lead to a small temporary gap in coverage of up to 3 days, the scheme in place adequately balances cost/benefit considerations of covering potential risks. Interests accrued on the trust deposits must be used to cover expenses related to the trust fund management (Art. 15). In addition, balances of dormant accounts (defined as 90 days with no transactional activity) must be transferred by the EMPE to a deposit account in a financial institution previously agreed to by the customer (Art. 7). Some weaknesses were noted in the procedures for clients to get reimbursed. The e-money resolution does not yet specify any particular circumstances and procedures for clients to get reimbursed. According to the e-money resolution, EMPEs can e.g. be closed by BCP after its operations have been suspended for more than 6 month. So unless clear procedures and timelines are in place for getting reimbursed under the trust fund, the client in this scenario would have to wait 6 month for getting reimbursed for the float held. The e-money funds are not to be considered as “bank deposits insured by the Deposit Guarantee Fund administered by the [BCP]” (Art. 23, d)). It will be important that the contracts and key fact statements make this information transparent to the client, once EMPEs are authorized by BCP. Recommendation 1. The procedures and circumstances under which the clients can get reimbursed from the Trust Fund have to be established. They could be mimicked on the procedures and timelines established for the Deposit Insurance scheme of financial service providers. 2. BCP should make sure that the e-money clients of EMPEs are aware that the held float is not subject to a deposit insurance scheme, but covered by a Trust Fund. This information should be made transparent in both contract and key fact statement, and should be included in financial education material made available by stakeholders. 3. In addition, BCP should ensure that a clear legal provision is added specifying that the float held in trust funds is not accessible to EMPEs that go into bankruptcy, in order to make sure that the trust funds remain relatively safe. Good Practice Cooling-Off Period The client should be given the right to cancel the contract free of charge within a brief period of time after signing the contract (cooling off). Description The cooling-off provision applicable to EMPEs is stipulated in the General Consumer Protection Law. Art. 26 provides that the consumer has the right “to withdraw within seven days of signing the contract” or from the moment they received the product or service, in the case where the contract has been concluded remotely from the provider’s premises, including through a phone. So, unless the contract was signed in the premises of the service provider or its agents, the client can withdraw free of charge from the contract. Recommendation Consideration should be given to reviewing the General Consumer Protection Law in order to generalize the cooling-off period requirement to contracts formed at the provider’s premises as well as contracts formed remotely. SECTION E DISPUTE RESOLUTION MECHANISMS Good Practice  Digital financial service providers are required to provide internal complaints handling and dispute resolution mechanisms to their customers.  Other instances are available to consumers to go to if their complaints were not resolved by the provider.  Redress channels are communicated clearly and consistently to consumers, in particular through agents.  Consumer complaints in digital financial services are collected, analyzed, and made publicly available by the regulator. Description EMPEs are required to establish internal complaints handling systems, and non-bank agents must disclose the contracting financial institution’s customer service channels at their premises. Art. 22 of the E-Money Resolution states that EMPES “must implement effective and widely advertised claims collection and resolution systems. The procedure must be free and easy in its use.” In addition, EMPEs are required to submit to BCP the “number of claims and complaints per month, by type of claim, average processing time, and result” (Art.20, 10)). EMPEs are the only type of financial service providers required to have internal dispute resolution mechanisms and to generate and report statistics on claims, but the resolution does not provide much detail with regards to aspects such as timelines for the resolution of claims, and the record- keeping and classification of claims. It remains to be seen how both existing e- money providers will comply with these requirements, but they both seem to have adequate call centers and internal complaints handling systems in place. In addition, Art. 3.13 of the Non-Bank Agents Resolution provides that non-bank agents should advertise the contracting financial institution’s customer service phone number, as well as any other channels available to submit customer complaints. Nevertheless, there are no requirements for financial institutions (other than EMPEs) to actually have these channels in the first place, which challenges the de facto implementation and effectiveness of the abovementioned requirement. If consumers are not satisfied with the responses of the providers, there is a lack of clarity around the alternative dispute resolution options they have at their disposal. As of now, other than the ability to go to a court, customers can turn to the SEDECO or the Consumer Protection Unit under BCP (once EMPEs are formally licensed by BCP). Yet, these avenues are not properly advertised, as demonstrated by the low numbers of complaints they receive (less than 50 claims a year). Recommendation 1. Similarly to the recommendations presented for the banking and finance companies sectors, financial service providers need to have a formal system and procedure for complaints and claims-handling in place, with standardized complaints reporting and classification. This is a precondition for effectively advertising the available complaints mechanisms on the premises of their agents. 2. It is recommended that BCP uses reported data on complaints to monitor emerging consumer protection issues. 3. Given BCP’s capacity constraints (as noted above and in previous sections of this report), it is recommended that BCP establishes internal systems and procedures for receiving and resolving complaints in second instance, for customers who are unsatisfied with the response provided by the financial provider. 4. In the medium term, and once they have received a sufficient number of reports from EMPEs, BCP can use this initial data to inform further guidance on expected resolution timelines for customer claims. SECTION A DEMAND-SIDE INFORMATION ON FINANCIAL SERVCES Good Practice Demand side survey to measure the usage of financial services and the financial literacy of the population a. Holistic surveys to measure the use of a broad range of financial services (including electronic payments, savings, loans, and insurance) are in place and regularly conducted. They should cover both formal and informal service providers. b. Surveys to assess the level of financial education and capabilities of the population have been carried out to establish baseline and assess needs. Description a. The Department of Statistics, Surveys, and Censuses (DGEEC) is the national institution formally in charge of generating, systematizing, and implementing surveys, as well as of evaluating and disseminating their findings. It carries out a number of surveys, such as the national household survey, the national employment survey, and periodically the population census. Only the household survey includes a few financial sector-related questions, covering the population’s enrollment in pension schemes (Caja de jubilación), as well as basic questions related to remittances and channels used for sending remittances payments. The captured information is incomplete, and not sufficient to get a holistic view of the usage of financial services, and financial capabilities of the population or by type of service provider. Furthermore, the results on the usage of financial services are usually not included in the compilation of results from the Household survey, so not publicly available. In addition to these regular surveys, a few donor funded demand side surveys have recently been carried out to measure the population’s use of financial services. The Global Findex survey in 2011 provides demand side data on the adult population’s actual usage of formal sector checking and savings accounts, electronic payments, and credit instruments, as well as assesses the use of informal financial services. It was recently complemented by the National Financial Inclusion Survey, which in addition to core Global Findex Survey questions also included a number of questions on the financial services used by the population and their underlying rationale. The results show that actual usage of financial services is still low, and insurance products are hardly used (see table IV-1). 23 This note was prepared by Ilka Funke. It is based on the Good Practices for Financial Education and Consumer Protection established for individual sectors, and complemented with relevant guidance material , including (i) the G20 High Level Principles on Financial Consumer Protection and the Annex to the G20/OECD Task Force Report on Financial Consumer Protection, (ii) the sections on Financial Education in World Bank (2014) Global Survey on Consumer Protection and Financial Literacy, as well as (iii) World Bank (2013), Making Sense of Financial Capability Surveys around the World. With regard to enterprise financing, the World Bank Enterprise Survey in 2010 provides some information on the usage of checking accounts and main sources of financing for small, medium, and large enterprises. It was complemented by focus group discussions held for a study on the demand and supply of microfinance in Paraguay, which was undertaken by the “Red de Microfinanzas Paraguay” in 2013 and focused on smaller entities. The surveys indicate that larger firms use a range of financial services, while small and informal entities only use credit from formal financial entities and are not familiar / do not see the benefit of using other financial products for managing their business. While the donor funded surveys help create a baseline, they are not carried out in regular intervals to identify trends and understand change over time. They are also not embedded in the regular national statistics infrastructure, and thus hinge on the availability of donor funds. Nat. Global Financial Findex 2011 Inclusion Survey 2014 % of adults with formal account 21.7 29 % of adults using formal account for 5.7 n.a. business % of adults using account to get 0.9 n.a. government payments % of adults using account to get wages 10 8 % of adults with credit card 9 8 % of adults with a debit card 11.3 15 % of adults using mobile phone to make 1.3 28 payments % of adults using mobile phones to receive 5.6 remittances % of adults with a loan from formal 12.8 24 institution % of adults with any form of loan in the last 29.5 34 12 month % of adults with life insurance n.a. 4 % of adults with health insurance n.a. 25 Source: World Bank (2014): National Financial Inclusion Survey, for 2011 Global Financial Inclusion Database (Global Findex), World Bank b. Surveys to assess financial capabilities The recent World Bank supported National Financial Inclusion Survey incorporated a small financial capability module with questions on received financial capability training, the use of budgeting to plan expenditure, frequency of experienced financial shortfalls as well as are options for bridging shortfalls. In particular, the questions on experienced financial shortfalls highlight that people of all income levels find themselves in situations with insufficient funds to pay for food and other necessary items. This indicates substantial gaps in financial budgeting. A non-representative survey carried out by the “Red de Microfinanzas Paraguay” in 2013 also indicates that microentrepreneurs are not aware of the benefits of using other financial services than credit, which explained the lack of usage. While these surveys helped understand some of the existing gaps in financial capabilities, they are not sufficiently detailed to enable the understanding of the underlying causes of the observed gaps in usage of financial services. The information still needs to be refined to help prioritize and target financial education measures. The sample size was also not large enough to representatively determine potential differences between rural and urban areas, by gender and income level. More in-depth focus groups would have to be carried out to bridge these gaps, and understand the cultural, behavioral, educational as well as perceived supply side factors that lead to the observed gaps in usage. Recommendation 1. The government, in particular the DGEEC in collaboration with the BCP, should explore options for either (i) incorporating a financial sector module in regular demand-side surveys such as the national household survey carried out by DGEEC or (ii) to carry out a stand-alone survey on the use and demand for financial services. The module should include questions to measure usage of formal and informal financial services, and to understand the underlying rationale behind the observed pattern (e.g. too expensive, not enough money). A short- term commitment to initiate this is recommended, although implementation would be medium term. Examples for a stand-alone survey include the Mexico Financial Inclusion Surveys or the Kenya FinAccess Study. The latter is e.g. carried out roughly every four years, and has allowed the government and donors to get a holistic overview over a fragmented market, in which both formal and informal service providers play a large role in providing financial services. An example for a module incorporated into a household survey would be the Guatemala household survey. 2. Focus groups or other qualitative research should be conducted to better understand the underlying cultural, behavioral, educational and supply side constraints factors that negatively impact the uptake and responsible use of financial services as reported in the NFIS (2014). This could be a first input into the development of a national financial education strategy. On the medium to longer term, in-depth financial capability survey should be conducted, and complemented by focus group discussions. Examples for this include the World Bank Financial Capability surveys (conducted in 17 countries) and the OECD / INFE Financial Literacy survey (conducted in 16 countries). The surveys on access and financial capabilities could be combined into one survey to achieve economies of scale link behavioural patterns to financial capabilities. Good Practice Supply side information on availability and usage of formal financial services a. For formal financial institutions, information on number of entities, outreach, available products, core pricing information, and actual usage is regularly published. The information is easily accessible and understandable for the broad public and stakeholders. b. Information on informal financial institutions is regularly made transparent, and provides information on estimated number of entities, products and pricing. Description Available supply-side information is fragmented and does not allow getting an overview over the providers of financial services, their outreach and uptake of products by clients. There is no entity formally in charge of providing a holistic overview over financial intermediaries and their products. The limited and fragmented availability of data is for instance reflected in the annual compilation of statistics (Anuario Estatistica) done by the Department of Statistics, Surveys and Censuses (DGEEC). The compilation includes information on the assets and balance sheet of the banking system, as well as some general indicators for insurance companies, but does not include information on finance companies, the financial cooperatives or other financial service providers. An effort to overcome some of the fragmentation was recently done by the BCP. It included a one-page summary on financial services provided by cooperatives in its financial stability report. This is however not yet sufficient to get a solid overview over the supply of financial services. a. Supply side information on formal financial institutions Bank, finance and insurance companies: According to Art. 82 of the Central Bank Law, the BCP has the mandate to regularly compile statistics on monetary and financial issues, external financing, the GDP, as well as on the financial intermediaries supervised by the BCP-SIB and the SIS. In line with Art. 34 i) of the Central Bank Law, the Superintendency of Banks annually compiles information on the 16 commercial banks (including the public bank BNF), 10 finance companies, one mortgage association, 4 warehouse companies, and 35 foreign exchange bureaus it supervises. The 35 insurance companies, which are supervised by the Superintendency of Insurance (SIS), have to report quarterly financial information to the SIS (Art. 30 of the Insurance Law N. 827), which compiles the information on an annual basis (Art. 61 l). The BCP regularly publishes information on the supervised financial intermediaries on its webpage. Data from financial statements of banks and finance companies is available on a monthly basis, and is also reflected in the financial stability report. Furthermore, some information on pricing of products is available, such as charged interest rates. Since 2013, the BCP also conducts and publishes a supply side survey to assess factors constraining the credit growth. Financial information on insurance companies is provided under the insurance section, and some limited information is also available for warehouses and foreign exchange bureaus. However, the available information is spread over various sub-pages on the BCP’s website, does not reflect usage data (e.g. number of accounts, borrowers or insurance contracts), and is not provided in a time series, which makes getting a quick overview and understanding trends more difficult. Financial cooperatives For the cooperative sector (including financial cooperatives), the National Institute for Cooperatives (INCOOP) is in charge of collecting supply side data. Art. 117 (General Law on Cooperatives) and Art. 5q (Law 2157 on INCOOP) assigns INCOOP as the entity in charge of regularly organizing and publishing statistics and information on the sector. The recently revised regulatory framework for financial cooperatives establishes that Type A entities have to monthly report their information, Type B quarterly, and small Type C entities once a year. A requirement to have audited financial accounts was also recently introduced. Until end of 2013, the available information, in particular from the smaller entities, was however mostly self-reported information. Despite the legal framework for reporting being in place, publicly available information on the sector is scarce. INCOOP has some data on the larger entities for 2011 and earlier on its webpage, but more recent information is only available upon request. To bridge the information gap, the Confederation of Cooperatives (CONPACOOP) carried out a census of the sector in 2012, which has become the main and most reliable public source of information on the sector. CONPACOOP is also considering putting in place a voluntary data platform into which the sector entities can report, and which it will make regularly available to alleviate the current dearth of publicly available information. BCP published some information on financial cooperatives in its financial inclusion section of the financial stability report. This data is based on information received from INCOOP, but not otherwise publicly available. b. Non-supervised financial service providers (including pawnshops and moneylenders) No reliable data on the size and number of informal financial service providers is available: Two non-profit microcredit organizations as well as an estimated 467 pawnshops and 796 moneylenders provide credit service to the population. They are not formally regulated or supervised by any financial regulator. The constitution and operation of these entities is covered under the Civil Code. The provisions in the Civil Code are general in nature, and no dedicated entity is specified to be in charge of monitoring the sector and safeguarding its compliance with these general provisions. Foundations such as the Fundación Paraguaya are not required to register, while other forms of basic societies have to register with the Commercial Registry. Neither has a formal obligation according to the Civil Code to report periodic information to a government entity. The Civil Code only broadly refers to the executive (“poder ejecutivo”) as having the right to solve identified issues. Furthermore, four payment providers operate in the country, providing the bulk of financial payment services to the population. While they would formally fall under the regulation and supervision of the BCP payment system group, the latter so far did not yet have the capacity to formally start regulating and supervising them, or collecting data on their services. Recommendation 1. Holistic supply-side statistics should be prepared and published on a regular basis. This would not only give the consumer’s an overview of available service providers and products, thus empowering him/her to make appropriate and informed choices, but – outside of the diagnostic’s remit – enable regulators, financial service providers and consumer representatives to monitor market trends. The statistics ought to consistently reflect all regulated financial intermediaries, and include supply side information on actual usage of different financial services.  An entity needs to be identified and given a clear institutional mandate and adequate funding for this. BCP or DGEEC both appear natural candidates for this.  A standardized spreadsheet with data and definitions will have to be developed to allow comparability and compilation of data from the different sources, and each financial sector supervisor mandated to report the respective data in the timeframe and quality needed to the entity in charge for compiling the data. 2. The BCP should reassess the available statistics on banks, finance and insurance companies to present them in a more user-friendly way, facilitate compilation along time series, and comparison across supervised sectors. Supply side information on the usage of financial services should be added. 3. INCOOP urgently needs to improve its capacity to compile and publish information on the sector. At a minimum, it is recommended that INCOOP regularly collects financial information on individual Type A and B cooperatives, as well as general information on the number of clients, accounts, loans, debit and credit cards. The information should be available on INCOOP’s website on a quarterly basis, as well as wid ely distributed disseminated to the public. Good Practice Unbiased Information for Consumers a. Consumers, especially the most vulnerable, should have easily accessible, understandable and affordable access to information on the main types of financial services and products. The available resources should enable them to understand financial products and services available to them. b. Financial regulators should provide, via the internet and printed publications, independent information on the key features, benefits and risks—and where practicable the costs–of the main types of financial products and services. c. The relevant regulatory and supervisory authority should undertake measures to inform consumers of the available independent information, and encourage actual usage. Description a. Available information for consumers Most formal financial entities have some information on their products on their websites, as well as flyers and brochures available in their branches. The information however usually only explains prerequisites and documentation requirements, as well as in broad terms the benefits of the products. It usually lacks information on costs, commissions or risks. For banks, the client has e.g. to distill information on costs and commissions from the pricing list on the web or in the branch. The provided information on commissions is usually very complex, involving a broad variety of terms, and not easily understandable (see B7 of the banking sector assessment). For cooperatives, the pricing list is usually not available on the website, or in the branch, and the client has to ask to get this information personally. The same situation was observed for semi-formal and informal financial service providers. Overall, the information is neither easily understandable for the client (e.g. complexity and multitude of terms for commissions), nor easily accessible, as it has to be pulled from various sources. This makes it difficult for the client to shop around and get a solid overview over the products and their pricing conditions. It should be mentioned that some financial entities have developed pricing calculators for individual products, or provide some information / financial education material to explain e.g. information that is provided in monthly credit card statements. While accessible, the information is however usually not very visibly located or widely advertised. b. Product and pricing information provided by the regulator The BCP has developed a number of information brochures to help clients understand credit cards, basic accounts, inflation, and how to keep a budget. Further topics are expected to be added over time. The brochures can be downloaded on the BCP webpage under its financial education section. The BCP–SIB also publishes monthly interest rate information on its website. The information is detailed, listing the nominal and effective interest rates charged by each bank and finance company for a broad range of lending and savings products. Furthermore, the BCP’s homepage prominently displays information on the usury rate applicable for banks and finance companies. A discussion of interest rate evolution is also included in the monthly financial stability report. No such information is available for insurance products. However, the interest rates information alone does not allow for an easy comparison of products, as the listed interest rates do not include all the commissions and upfront costs charged by financial entities. This total cost information is currently still missing (see B7 banking assessment). INCOOP has on its website a link to interest rates charged by financial cooperatives, but no information is yet posted there. Together with the noted gap in product and pricing information from individual cooperatives, prices and commissions charged by cooperatives are currently not transparent to the public. c. Measures to inform costumers of available public information The mission team has not learned about broad based efforts by the regulators to publicly communicate and encourage the use of independent information. Nevertheless, the pricing information provided by the BCP is used by newspapers to regularly report on interest rates, and has also facilitated the development of independent websites such as www.tasasfinancieras.com.py, which allows the client to compare a number of tailored bank products based on interest rates. Recommendation 1. INCOOP should improve its website to allow uploading of regular statistical information, including on interest rates. 2. In line with recommendations made on introducing a total cost requirement in the regulatory framework, BCP and INCOOP should provide total cost information for individual financial services of financial institutions on their websites. 3. To enhance transparency in savings and payment products, consideration should also be given to introduce sample price packages (similar to a price index), which are based on an established number of transactions or usage pattern. This would allow for a comparison of total costs for savings and payment products between financial institutions. Pricing packages could for example include a sample package for clients with only 2-3 transactions per month, another sample package with a limited number of withdrawals, debit card purchases and electronic transfers, as well as a high frequency sample package that includes a large number of diverse transactions. The sample packages should be modeled on actual usage patterns observed in the market, and made transparent on BCP and INCOOP websites. The industry should also be mandated to include this information on the respective sample packages in their pricing table. 4. A broader communication effort has to be made to guide stakeholders and the general public to available independent information. Consideration should also be given to making the available information more user friendly, including using different communication tools such as video tutorials, comics, or visual tools to help communicate core features of products and what to look out for. SECTION B FINANCIAL EDUCATION AND CAPABILITY ENHANCEMENT MEASURES Good Practice Broadly based Financial Capability Program a. Demand and supply side information is regularly assessed to establish gaps in usage, and determine financial capability needs. b. Based on a, a broadly based program of financial education and information is developed. c. An institution such as the central bank or a financial regulator is assigned to lead and coordinate the development and implementation of the national financial capability program. d. A range of organizations, including those of the government, state agencies, non-government organizations and sector associations are involved in developing, implementing and where needed revising the financial capability program. A clear division of labor has been established between the stakeholders. Description a. Regular assessment of demand and supply side information Given the described deficiencies in available demand and supply side data, no regular gap assessment has taken place so far. To develop a National Financial Inclusion Strategy (ENIF), the BCP, with support of the World Bank, has commissioned an in-depth assessment of demand and supply side constraints, as well as of the legal and regulatory framework. The assessments are expected to be finalized by September 2014 and will serve as basis for developing a prioritized action plan for fostering financial inclusion, including measures to enhance financial literacy. b. Development of a broadly based program of financial education: No formal broad-based financial education program is currently in place. It is however foreseen that a working group on financial education will be created under the umbrella of the Committee for Financial Inclusion. The working group would develop priority interventions (based on the overall financial inclusion action plan) and coordinate programs of public and likely also private stakeholders in the area of financial education. There is no dedicated budget foreseen to implement the programs of the working group. Instead, the expectation is that the participating stakeholders will finance identified measures from their regular budget. This is likely to create bottlenecks, unless the planned measures are firmly integrated in each entity’s budget for the upcoming fiscal years. c. Institutional arrangement to lead and coordinate a national financial capabilities program. No entity is currently in charge of leading and coordinating financial capability programs:  The Consumer Protection Law assigns the responsibility for general consumer education to the Ministry of Industry and Commerce, as well as the municipal governments. In 2013, this role was formally transferred to SEDECO, which started operation in early 2014. The mandate for consumer education is geared towards helping the client understand his rights and obligations under the Consumer Protection Law, and thus too broad to give SEDECO a formal role in financial education. Furthermore, SEDECO (as well as formerly the MIC) is faced with a lack of capacity and technical expertise with regard to the financial sector (no dedicated financial sector expert is in the team). The municipalities have not played an active role in consumer protection and education.  The BCP has signed Memoranda of Understanding (MOUs) with individual ministries (e.g. the Ministry of Education and, the Ministry of Social Affairs) and other stakeholders to coordinate and collaborate in financial capability measures. In the aftermath of the worldwide financial crisis, the BCP Board also formally incorporated into its work plan measures to inform the population on financial markets and the economic issues. Finally, it has one staff member dedicated to financial education initiatives within the newly created Financial Inclusion Intendency.  INCOOP, as the supervisor for cooperatives, only has a mandate to foster the cooperative movement in the country, and does not provide any measures in the area of transparency of services and financial education per se. A draft decree to create the Committee for Financial Inclusion is in an advanced stage of preparation, and it is expected that the Committee will be formally created in the fall of 2014. Once created, it will be in charge of formally adopted and implemented the national financial inclusion action plan. The Ministry of Finance will chair the planned National Committee for Financial Inclusion. Leadership arrangements for the individual working groups have not yet been assigned, but it is expected that a working group on financial education will be created. d. Involvement of a range of public and private stakeholders A number of public and private stakeholders are providing financial capability training and education measures to clients and stakeholders (see below), but these are mostly stand-alone initiatives and not yet coordinated. Recommendation The establishment of a working group on Financial Education under the umbrella of the Financial Inclusion Committee follows international best practice and is highly encouraged. The mandate of the working group should be to develop a prioritized and well-sequenced financial education strategy, and monitor its implementation:  To create broad ownership, the working group should ideally include representatives from both public and private stakeholders. In the public sphere, in addition to the Financial Inclusion Committee members, the Deposit Insurance Fund, the BCP credit registry, the Secretariat of Social Assistance, as well as the Ministry of Education should be included as needed. Participants from the private sector should include the sector associations, and selectively also donors, NGOs and financial entities that actively conduct financial education programs.  The plan should be based on identified underlying constraints, and define remedial actions and entry points, sequencing, communication media to be used, responsibilities of public and private stakeholders, and funding sources for each measure. A monitoring and evaluation framework should be included to assess the effectiveness of individual measures, and progress over time.  Prior to launching of activities to improve the financial literacy of clients, the programs / modules should be tested in focus groups for effectiveness.  Consideration should be given to provide the financial education working group with a dedicated budget or to pool available resources. Good Practice Usage of a broad range of communication strategies (including the Mass Media) a. A range of initiatives are developed and implemented by the relevant ministry and stakeholders to improve people's financial capability. This includes direct training, information brochures and flyers, as well as mass media such as TV and radio. b. The usage of mass media should be encouraged by the relevant ministry or institution to provide financial education, information and guidance to the public on financial services and products. c. The information is available in all relevant languages spoken in the country. d. The government should provide appropriate incentives and encourage collaboration between governmental agencies, banking regulators, the banking industry and consumer associations in the provision of financial education, information and guidance regarding banking products and services. Description a. Overview over initiatives provided by public and private stakeholders Public sector initiatives: The BCP signed Memoranda of Understanding with the Ministry of Education, the former Department of Consumer Protection, as well as recently with the Secretariat for Social Affairs to establish bilateral working groups and design joint financial education programs. This has led, amongst other programs to the development of a dedicated high school course, which is now incorporated into the new high school curriculum and recently received a prize from Child and Youth Finance International. The new course is already rolled out and being offered in 1,300 schools, but educational materials such as books and model lessons to supplement the course program have not yet been developed. In addition, the teachers have only received a day of training to prepare them for the course, which given the lack of supplementary material appears limited. The BCP and the Ministry of Social Affairs also collaborate to help improve the financial literacy of beneficiaries of the Tekopora conditional cash transfer program, which will in the future receive their transfers via accounts held at the public bank BNF. The capacity building will be provided by a leading international NGO and will aim to foster savings and help beneficiaries understand financial products and services. Under earlier pilot programs, two participating private banks provided capacity building to beneficiaries of Tekopora to help them understand how to withdraw money with payment cards from ATMs and improve their understanding of financial products. The BCP also maintains a webpage with some financial education materials, and provides capacity building to teachers and professors, supervisors, and individuals on a broad range of topics and via various communication media (including workshops, pamphlets, information brochures etc). The Deposit Insurance for banks and finance companies has a brochure on Deposit Insurance available, which it distributes through bank branches. Private sector and stakeholder initiatives: A number of banks and finance companies have developed brochures, training materials and games, which they provide during financial education workshops or other courses to students, clients, and interested enterprises. Some of the material is also available on the web, including for example guides to help clients understand the information on financial statements or the calculation of interest rates. One of the NGO-MFIs provides financial education to children to help them establish a sound savings culture, and includes financial education and management in its vocational training programs. Donors, public banks and NGOs are also actively supporting members of cooperatives and producers to help improve their financial management skills and understand financial concepts. The two existing e-money issuers is working separately on developing financial education programs targeted at their existing and potential customers. On the one hand, Tigo initiated a project named “Projecto Ultima Milla” (Last Mile Project) in partnership with a commercial bank, aiming to provide basic financial services to populations currently financially excluded. Through this project, Tigo is currently developing a pilot for financial education through SMS messages in Spanish, around three themes (savings, credit, budgeting). On the other hand, Personal is planning to roll out a financial education campaign using radio, television, and SMS messages as delivery channels. The launch date for this campaign is expected to be in August 2014, and the topics covered would include the use of e-money accounts to encourage savings, training to use basic phones and smart phones for e-money services, the use of agents to conduct transactions, and costs and charges applicable in e- money services. b. Use of mass media So far, limited use is made of mass media for financial education purposes. The BCP has most of its information available on their webpage, but limited use of mass marketing is made to guide the population to the available material or the available complaint mechanism. The same holds for the other measures and initiatives mentioned above. With limited funds and human resources available, the focus continues to be on dedicated workshops and trainings. Many of the stakeholders visited by the mission team indicated that the use of radio as a communication tool would be the most effective if funds were available. c. Languages used The material is so far provided in Spanish. There is agreement amongst the consulted stakeholders that the majority of the population is capable of reading in Spanish (as Guarani is mostly a spoken language). In this sense, it appears sufficient to provide the written materials in Spanish alone. When using mass media such as the radio, Guarani should be used where appropriate. d. Incentives by the government The mission team did not learn about direct incentives provided by the government for the implementation of financial education measures. However, the new government has a focus on financial inclusion and consumer protection, and as such has reiterated the importance of introducing and implementing measures to foster the responsible use of financial services to all stakeholders. A number of stakeholders, in particular the sector associations and the confederation of cooperatives, are currently exploring options for integrating financial education into their overall work program. Recommendation 1. The findings highlight the importance of increasing coordination amongst available public and private financial education measures. The working group on financial education can serve as this much needed forum for coordination of activities, and enhancing focus and efficiency, but needs to involve both representatives from the public and private sector. 2. Appropriate funding of measures has to be put in place to allow full implementation of programs and the dissemination via mass media where appropriate. This requires fully costing of individual measures, and allocating or securing dedicated funding for the roll-out. 3. When designing financial education measures, it will be important to enhance prioritization and targeting of initiatives (e.g. a broad financial education campaign involving mass media could be implemented in tandem with regulatory measures to enhance the information transparency for credit cards, or together with regulatory measures to enhance the transparency of commissions and their terms). 4. The government should continue to assess possible entry points for financial education programs. Entry points could for example include the delivery of conditional cash transfers, pension payments for former civil servants, as well as other government payments, as well as moments when a consumer is in the process of making a financial decision, thus is receptive for this information. Good Practice Measuring the Impact of Financial Capability Initiatives a. Prior to the launch of financial literacy initiatives, the government should test in a small sample the effectiveness of the initiative, and fine-tune the messages and approach as needed. b. From time to time, the effectiveness of key financial literacy initiatives should be evaluated by the relevant authorities, and assessed towards their continued relevance Description a. Consumer testing for planned financial education measures The mission team did not learn about any prior testing of planned measures with focus groups, and also noticed a general lack of understanding of stakeholders as to the relevance of prior testing. Financial education modules tend to be developed based on programs implemented in other countries or based on “generally considered” best practice. b. Measuring the impact of implemented financial education initiatives As discussed in the first two guiding principles for financial education, neither the demand nor supply side data is sufficient to monitor changes in the use of financial services or measure the financial literacy levels of the population. This makes assessing the impact of broad financial education initiatives difficult. Regarding the impact of individual financial education tools, the mission team did not learn about holistic assessments. For example, the newly developed economic and finance course for high school plans to evaluate the knowledge of teachers at the end of the school year, but no considerations are currently given to evaluate the gained knowledge of the final beneficiaries of the program: the students. This eliminates an important corrective tool for a program that is still in its infancy and needs to build a reputation to be successful on the longer term. Recommendation 1. Prior to launching activities to improve the financial literacy of clients, larger programs/modules should be tested in focus groups or pilots for effectiveness. This will help ensure that the initiatives have the intended impact and that messages are correctly understood, and as also help improve cost effectiveness of undertaken measures over time. 2. The working group on financial education should establish baselines as well as targets and timeframes for broad financial capabilities of the target population. The indicators should be regularly monitored, and used to fine- tune existing programs and adjust the work program. 3. Pilot financial literacy initiatives, or key financial education programs should be evaluated to assess their impact and potential for scaling up.