Rules Navigator

Four UK high street banks rapped for breaking rules on customer information

HSBC bank
This is the second time HSBC has been rebuked over customer information. Photo: Matt Cardy/Getty Images

Jean Hurley, Martin Cloake

 Click to share on Facebook (Opens in new window/tab) Click to share on Twitter (Opens in new window/tab) Click to share on LinkedIn (Opens in new window/tab) Click to share on WhatsApp (Opens in new window/tab)

Competition regulator issues formal warning to quartet and sets detailed directions for repeat offender HSBC to comply with.

Four UK high street banks have been reprimanded by the competition regulator after breaking rules on providing customers with information about their services.

HSBC, Lloyds, TSB and Allied Irish Bank (AIB) all received letters from the Competition and Markets Authority (CMA) telling them they were in breach of the Retail Banking Market Investigation Order 2017.  

The reprimand issued to HSBC is the second it has received over failings connected to its overdraft fees, and the bank has been given legally binding directions to improve its internal processes.

“It’s disappointing that, seven years on, we have to put in place formal enforcement measures to secure better compliance from a major bank like HSBC which, yet again, is in breach of the rules.”

Dan Turnbull, Senior Director, CMA

“People deserve banks they can trust to serve them well. Having correct information is essential when making important decisions about our finances,” Dan Turnbull, Senior Director at the CMA, said.

“Banks handling our hard-earned money should have adequate processes in place to ensure this happens. It’s disappointing that, seven years on, we have to put in place formal enforcement measures to secure better compliance from a major bank like HSBC which, yet again, is in breach of the rules.”

The Order requires all banks and building societies to follow a strict set of rules about the information given to customers about products offered. That information ranges from providing the correct information about interest rates for loans and displaying accurate information on the location of ATMs.

Open Banking

It also introduced a framework for Open Banking, which enables third parties such as comparison sites to improve services and create innovative apps. The CMA seeks to ensure high standards of  transparency and data security are adhered to in the process.

All four banks were found to have failed to make the correct data available on their products or services. The Order was breached in the following ways.

  • HSBC listed 167 closed branches as open, and two open branches were not listed.
  • HSBC failed to keep some annual rates for business loans and overdrafts up to date on its website.
  • HSBC gave incorrect information to customers on the maximum amount they would be charged for unarranged overdrafts on personal accounts, and TSB failed to disclose the amount.
  • AIB failed to make the correct annual rates for some loans and some overdrafts available through Open Banking and on its website.

Lloyds failed to make 363 ATM addresses available through Open Banking.

The directions given to HSBC are particularly detailed.

Banks respond

An HSBC UK spokesperson said: “We are sorry for errors on our part which caused these breaches.  When we discovered them we reported these to the regulator. We have taken steps to avoid a repeat of these issues in the future.

A spokesperson for AIB Northern Ireland and Great Britain said: “AIB Northern Ireland and AIB Great Britain have apologised for an issue that resulted in incorrect rates for some business loans and overdrafts showing on its website and Application Programming Interface (API) channel between July 2022 and September 2023.

“No customers were placed on an incorrect rate as a result and none were overcharged. The bank has apologised to all customers who applied for one of these loans during that time and provided a goodwill gesture in recognition of the fact that the incorrect information was on our website and API channels during the time of their application.”

A statement from TSB said: “We have co-operated fully with the CMA on this matter and apologise for any inconvenience caused to customers.”

Lloyds Banking Group said: “Earlier this year we notified the CMA that some ATMs temporarily weren’t showing in Open Banking data made available for third party searches. There was no evidence of detriment to customers at any point, as they remained able to find the information through our websites and LINK’s ATM locator, alongside Open Banking continuing to show information about our branches and alternative ATMs at these locations.”

UK Finance said: “Firms take their regulatory obligations to keep customers informed very seriously. Where errors are made, firms will engage with CMA and ensure the issues are quickly put right.”

“There is no real excuse for the breaches other than a lack of thoroughness, underscoring the importance of accuracy, transparency, and compliance in banking operations.”

Mark Taylor, founding partner, Ibex Compliance

We asked Mark Taylor, founding partner at Ibex Compliance, to comment on the CMA’s reprimand. He said: “It really does highlight the need to be in the detail and to have systems and controls to ensure that you are. This is all basic compliance. There is no real excuse for the breaches other than a lack of thoroughness, underscoring the importance of accuracy, transparency, and compliance in banking operations. The consequent reputational embarrassment should have been easily avoidable.”

The fact that these banks have been found to break CMA rules could show a disregard for regulatory requirements and may suggest potential breaches of FCA rules as well. The CMA and FCA have an overlapping regulatory scope, with both assuming responsibilities in protecting consumers in the financial services sector. While the CMA’s focus is on competition and market dynamics, the FCA’s primary role is consumer protection and market integrity. Both regulators have powers to impose fines, public reprimands, or other sanctions on firms that breach their rules.

FCA role

Seung Earm, who founded Ibex compliance alongside Taylor, said: “I think the FCA has reacted on similar issues and took actions against firms already – though it is possible some investigations might be still ongoing. The CMA will act within its remit as per the recent announcement but so would the FCA – joint efforts to protect the customers interests and market integrity.”

Seung Earm also noted that the FCA has published a policy statement (PS24/8) setting out final rules for its new access to cash regimes especially after all the branch closures. From September 18, 2024, banks and building societies will need to: 

  • assess cash access and understand whether additional services are required when changes are being made to local services;
  • respond to local residents, community organizations and representative groups, who will be able to request an assessment of whether there are gaps in local access to cash;
  • deliver reasonable additional cash services, where significant gaps are found; and
  • keep facilities, including bank branches and ATMs, open until any additional cash services identified are available.

In the same context, Earm also suggested that we should look at the FCA fine in May 2024 on HSBC UK Bank plc and Marks and Spencer Financial Services plc (together HSBC) for its historic inadequate treatment of customer financial difficulty across secured and unsecured products. The FCA found that HSBC breached its Principle 3 to exercise reasonable care to organise and control itself affairs responsibly and effectively and its Principle 6 requirements to pay due regard to the interests of customers.

The FCA’s press release said: “People must be able to trust their lenders to treat them fairly when in financial difficulty.”

Rob Mason, Director of Regulatory Intelligence at Global Relay, said: “The FCA’s Primary objectives are making sure markets operate well; protect consumers; protect integrity of UK finance; and promote effective competition.

“The failures outlined do affect consumers but it’s relatively administrative errors and not really damaging customers. In all honestly, I’d like the FCA to concentrate on more wholesale market issues anyway and the less material consumer stuff be dealt with elsewhere.”

, , ,

You may also like