Liability working group meeting 2 – July 26, 2022
This discussion guide is provided to assist working group members in preparing for the meeting.
For questions or comments, please contact obbo@fin.gc.ca.
On this page:
Discussion guide
Objective
To ensure the efficient functioning of an open banking system, the Advisory Committee on Open Banking (the Committee) recommended that common rules be established in the areas of liability, privacy and security.
The aim of this working group is to draft common rules on liability to recommend to the government.
In their final report, the Committee noted that the core objective for implementing open banking in Canada is to realize consumers’ right to data portability and move to a system of secure, efficient and consumer-permissioned data sharing.
Approach and timelines
Meetings will be held approximately every three weeks. Members are encouraged to review the following material in advance of meetings:
- Canada's Digital Charter: Trust in a digital world
- Final Report, Advisory Committee on Open Banking
- Terms of reference for the open banking working groups and steering committee
- Annex A – Timeline of liability working group topics
The open banking lead, with support from the Department of Finance Canada (the Secretariat), will distribute documents guiding the discussion for each meeting which will also be available on the open banking implementation page. Members may also be asked to draft material for discussion.
Liability working group topics timeline
Complaints handling and redress regime
In order to foster trust in open banking, consumers should be able to resolve their concerns quickly and fully if something goes wrong. In this regard, the Committee recommended that the liability structure provide effective complaints handling and redress for consumers.
The Committee recommended that the rules regarding complaints handling and liability attribution must be simple and efficient for consumers. Further, each participant must have internal and external complaints handling mechanisms in place.
One approach could be to use the complaints system in the Bank Act as the basis for the approach in open banking. The rules for complaint handling systems related to federally regulated banks in Canada are set out in the Bank Act and Financial Consumer Protection Framework Regulations, and associated guidance from the Financial Consumer Agency of Canada (FCAC). The system comprises two parts:
- An internal complaints handling process at each bank; and,
- An external complaint handling system to address complaints that are not resolved to the satisfaction of the consumer by the bank's internal process.
One potential benefit to leveraging the existing system is that it provides a fair and impartial process to receive and arbitrate complaints and it is already established. In whatever approach, the Committee stated the approach should be simple and clear for consumers to navigate.
Discussion
- What should be the internal complaints handling requirements for open banking participants?
- Would the external complaints system for banking-related complaints be an appropriate avenue for handling consumer complaints?
The Committee further recommended that the common rules must prescribe clear and automatic terms of redress for consumers, which include immediate compensation for any financial loss, appropriate standards of care for protection, and redress regarding a loss of sensitive financial data. This includes making sure consumers are protected if a data breach makes them susceptible to fraud.
The Committee also expanded on the process for redress: if a consumer suffers direct financial loss, one participant that serves as an automatic guarantor must pay out immediately to the consumer and then work with the corresponding party or through an alternative dispute mechanism to seek compensation.
Discussion
- How should the redress process provide compensation to consumers who suffered direct financial loss?
- How should the redress process provide ongoing protection if a data breach has made consumers susceptible to fraud?
- Who should be the automatic guarantor, or how should it be decided?
Annex A – Timeline of liability working group topics
|
Timeline July |
Topic | Outcome |
|---|---|---|
| Meeting 1 | Liability limits for consumers | Common rules on liability limits for consumers |
| Meeting 2 | Complaints handling and redress regime | Common rules on internal and external consumer complaint handling; Common rules on redress |
|
Timeline Aug. to Sept. |
Topic | Outcome |
|---|---|---|
| Meeting 3 | Traceability frameworks | Common rules on monitoring and incident response for data-in-transit and held by accredited participants |
| Meeting 4 | Public accountability | Common rules on public reporting |
|
Timeline Sept. to Oct. |
Topic | Outcome |
|---|---|---|
| Meeting 5 | Liability of use of data | Common rules on liability for using data shared under consumer consent |
| Meeting 6 | Relationship between participants | Common rules on disputes between participants on operations not related to consumer complaints; Common rules on legal relationship of participants. |
| Meeting 7 | Liability under reciprocity | Common rules on reciprocity |
Outcomes
Complaints handling and redress regime
Discussion 1
What should be the internal complaints handling requirements for open banking participants?
- There was general consensus that the internal complaints handling guidelines for banks, published and enforced by the Financial Consumer Agency of Canada, should frame accreditation requirements for complaints handling. The guidelines can provide a model for a consistent standard of care across all participants in the open banking ecosystem.
- Participants noted the need to balance consistent obligations for open banking participants with flexibility to support proportionality, as well as the value of complaints data in providing feedback for the ecosystem.
Discussion 2
Would the external complaints system for banking-related complaints be an appropriate avenue for handling consumer complaints?
- There was general consensus that the external complaints body system that applies to federally-regulated banks was an appropriate model for open banking.
- Participants noted the value of one external complaints body to streamline processes, as well as considerations around binding decisions and the need for consumer education.
Discussion 3
How should the redress process provide compensation to consumers who suffered direct financial loss?
- There was general consensus that direct financial loss would be difficult to quantify in the current stage of open banking implementation (that is, the “read-access only” stage).
- A majority of participants agreed that the redress process should begin at whichever complaints desk the consumer chooses (whether data recipient or provider).
- Participants queried whether a pooled fund could be set up to provide immediate compensations for consumers, as well as ongoing transparency, while fault was being resolved between participants. Some participants raised concerns with how the fund might serve as a disincentive for individual participants.
Discussion 4
How should the redress process provide ongoing protection if a data breach has made consumers susceptible to fraud?
- There was general consensus that there is a need for a standard approach to protecting consumers before and after a sensitive data breach. This consistent standard should be adopted from existing practices and legislation and reflected in the accreditation framework. It should ensure that participants use a range of active and ongoing measures and that consumers have transparency in the process.
- Participants discussed various active measures for data protection that participants could adopt internally, such as credit monitoring services for affected consumers, shutting down compromised accounts or changing account numbers, or requiring that the party at fault investigate the root cause of the issue and share findings with other ecosystem participants.
Discussion 5
Who should be the automatic guarantor or how should it be decided?
- A majority of participants agreed that the data recipient should be the automatic guarantor.
- Participants noted challenges in ensuring liability rests with the party at fault, while providing immediate redress to consumers who suffered a loss.
Liability working group attendees
Members
- Bank of Montreal
- Banque Nationale du Canada
- Canadian Western Bank
- Canadian Imperial Bank of Commerce
- Neo Financial
- Option consommateurs
- Plaid
- Public Interest Advocacy Centre
- Servus Credit Union
- Vancity Credit Union
- Wealthsimple
Absent
- Intuit
- Meridian Credit Union
- Portage Ventures
External guests
- Autorité des marchés financiers
- Competition Bureau Canada
- Financial Consumer Agency of Canada
- Office of the Superintendent of Financial Institutions
Chair
- Abraham Tachjian, Open banking lead
Secretariat
- Department of Finance Canada
Page details
- Date modified: