Navigation Menu

Maintaining regulatory compliance

bankmecu holds an AFSL, which allows it to deal in or advise on deposit and payment products, superannuation and general insurance products. We also hold an ACL to engage in credit activities. We are registered under the Corporations Act 2001 (Cth).

Several Commonwealth agencies monitor and enforce the Bank’s compliance with various laws and regulations, including APRA, ASIC, ACCC, ATO, AUSTRAC and the Office of the Australian Information Commissioner. An independent auditor, Ernst&Young, conducts an external audit of our financial accounts. Internal audit is outsourced to KPMG.

bankmecu sources its supplies in the Australian market through providers who demonstrate ongoing compliance with all relevant Australian laws and regulations. Major suppliers must state any non‑compliance in all new tender applications and report breaches as they occur.

The results of bankmecu’s compliance efforts are summarised below:

  • Breaches of banking requirements. The Bank recorded one reportable breach of banking requirements. Our insurance underwriter, Allianz Australia, advised an insurance product we offered was not listed on our AFSL as a product we were authorised to sell. We notified ASIC, which advised it did not intend to take action. ASIC approved a variation of our licence to allow us to sell the product in November 2013.
  • Fraud and fraud write offs. The Bank is committed to protecting customers’ wealth from fraud. We invest in preventative and detective measures, train staff and promote general awareness for customers. Fraud losses increased 6% on average for the past five years. Approximately 80% of these losses related to card and internet banking, card skimming, identity theft and compromised online banking details. Despite the increase in fraud activity, losses were within acceptable limits and well below 0.8% of net profit after tax.
  • Customer privacy. The Bank’s Privacy Policy complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. The Policy outlines how and when we collect, store and distribute personal information. There were two incidents in 2014, where a customer received another customer’s personal information. Both incidents were caused by staff error. We apologised to the customers affected by the error, counselled the staff members concerned, reviewed and updated procedures around handling information, and advised the customers they may refer the matter to the Office of the Australian Information Commissioner if they were dissatisfied with our response. No customers referred their matter to the Office of the Australian Information Commissioner.