Conduct Standard for Banks

Consultation Report: Conduct Standard for Banks Page 1 of 133 CONSULTATION REPORT FINANCIAL SECTOR REGULATION ACT, 2017 (ACT NO. 9 OF 2017) CONDUCT STANDARD FOR BANKS

1. Definitions In this consultation report - “Authority” means the Financial Sector Conduct Authority; and “Financial Sector Regulation Act” means the Financial Sector Regulation Act, 2017 (Act No. 9 of 2017).
2. Background and Purpose 2.1 Section 104(1) and (2) of the Financial Sector Regulation Act provides that with each regulatory instrument, the Authority making the regulatory instrument must publish a consultation report which includes a general account of the issues raised in the submissions made during the consultation, and a response to the issues raised in the submissions. 2.2 In adherence with the requirements of section 104(1) and (2) of the Financial Regulation Act, the Authority hereby publishes a report on consultation undertaken during the making of the Conduct Standard for Banks.

Consultation Report: Conduct Standard for Banks Page 2 of 133 3. Summary of Consultation Process 3.1 On 29 April 2019, a draft Conduct Standard for Banks (draft Standard) and supporting documents were published for public comment and comments were due by 18 June 2019. The publication included the following documents: • Statement of Need and Impact, supporting the Draft Conduct Standard; • Invitation to comment on the draft Conduct Standard for Banks; • Draft proposed Conduct Standard for Banks; • Comment template for submission of comments on the draft Conduct Standard for Banks. 3.2 During the public comment period, on 7 July 2019, a workshop to discuss the Standard was held with members of the Banking Association of South Africa (BASA). 3.3 Eight (8) submission of comments where received in response to the draft Standard. 3.4 Some of the main policy issues raised during the public consultation process were the following: • BASA submitted that the application of the draft Standard should be limited to a “deposit” product as already defined in the Financial Advisory and Intermediary Services Act, 2002 (Act No. 37 of 2002) (FAIS Act). The Authority disagrees with this proposal. With the advent of the Financial Sector Regulation Act in 2018, the Authority has been given the explicit mandate of regulating and supervising the conduct of banks with regards to “financial products” and “financial services” as defined. Limiting the application of the draft Standard to a deposit product only as proposed would not enable the Authority to meaningfully supervise the conduct of banks. The purpose of the Standard is to act as the first step towards rolling out a comprehensive market conduct regulatory framework for the banking sector and limiting the application to a single financial product as defined would hamper the efforts of the Authority. • BASA submitted that the application of the draft Standard should be limited to retail financial customers and not apply across the entire business of a bank. The Authority disagrees with this proposal. Where relevant, such as in section 5 of the draft Standard, application has been limited to “retail financial customers”. However, where application of the Standard has not been limited specifically, the Standard applies across the business of the bank and the Authority is of the view that the requirements are sufficiently high level and principles-based for business areas not focused on “retail financial customers”. • BASA raised a concern with the timing of the Standard taking into account other regulatory developments and projects also underway, such as the development of the Conduct of Financial Institutions Bill (COFI) and issues of alignment with the COFI Bill, as well as the Retail Banking Diagnostic. The Authority acknowledges that there are various developments taking place with regards to the conduct regulatory framework in general but retains the view that it is not necessary for all these initiatives to be concluded before the draft Standard can become effective. The draft Standard is positioned at a high level and is not expected to pre-empt or conflict with

Consultation Report: Conduct Standard for Banks Page 3 of 133 the Retail Banking Diagnostic which is aimed at considering more detailed interventions. The work undertaken on the Retail Banking Diagnostic will, at a later stage, further refine the requirements contained in the Standard. With regards to the COFI Bill, this development is led by the National Treasury, supported by the FSCA, and the final implementation of the Bill is still a few years away. Postponing the implementation of the draft Standard pending the finalisation of the COFI Bill will result in banking conduct remaining unregulated for an unspecified period. Considering the fact that the FSCA has been provided with the responsibility of regulating the conduct of banks, and the fact that various risks in banking conduct have been identified to date,1 the mooted approach is therefore not desirable. The Standard has however been updated, where possible, to ensure consistency with the current developments. 3.5 Annexure A to this report sets out all the comments that were received on the proposed amendments together with the Authority’s response to each comment. 3.6 In addition, the proposed amendments were submitted to Parliament in terms of section 103(1) of the Financial Sector Regulation Act on [insert date] 2020.

1 Refer to paragraph 3 of the Statement supporting the Conduct Standard for Banks.

Consultation Report: Conduct Standard for Banks Page 4 of 133 SCHEDULE CONSULTATION REPORT: DRAFT CONDUCT STANDARD FOR BANKS RESPONSE TO COMMENTS SUBMITTED ON THE DRAFT CONDUCT STANDARD FOR BANKS FINANCIAL SECTOR REGULATIONS ACT (ACT, NO. 9 OF 2017) Index SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD.............................................................................................................................................................................. 5 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD ....................................................................................................................... 88 SECTION C - GENERAL COMMENTS ....................................................................................................................................................................................................................... 110 Commentators:

1. Adrian Harris, CEO, Charter
2. Advertising Regulatory Board (ARB)
3. The Banking Association South Africa (BASA)
4. FAIS Ombudsman

Consultation Report: Conduct Standard for Banks Page 5 of 133 5. Information Governance (Pty)Ltd Mark Heyink-Director 6. POPIA (Pty) Ltd Peter Hill-Director 7. State Bank of India 8. Thato Keikelame (Artist Manager for Tre) SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses

1. BASA Clause 1: Definitions: “bank”
2. We propose the insertion of the reference of the Banks Act 94 of 1990.
3. Taking into consideration the proposed definition of “financial group” in CoFI which includes in sub-clause (c) an “associate” within a group of companies, is it the intent that the scope of the draft conduct standards will be extended to “associate” relationships within a banking group? RECOMMENDATION
4. We suggest that the definition be amended as follows: “bank’ means a bank as defined in the Banks Act No 94 of 1990, a mutual bank as defined in the Mutual Banks Act, 1993 (Act No 124 of 1993) and a co-operative bank as defined in the Co-Operative Banks Act, 2007 (Act No 40 of
6. Disagree. Banks Act is defined in the Financial Sector Regulation Act, 2017 with the full reference contained therein. As per the preamble of clause 1, any term defined in the Financial Sector Regulation Act, 2017 has the meaning assigned in that Act.
7. Unclear why a definition in the COFI Bill is relevant to the Standard. The Conduct Standard is applicable to the legal entity licensed as a Bank in relation to their provision of financial products and financial services (both terms defined).

Consultation Report: Conduct Standard for Banks Page 6 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 2. Clarity is required around whether “associate” entities within a banking group will be subject to these Conduct Standards as well? 2. BASA Section 1. Definitions “advertisement”

1. We note the definition for “advertising” and submit that: 1.1. The reference to “any communication…which is intended to create public interest in the business…” is too wide. The definition should differentiate between general brand awareness advertising as compared to advertising specific financial products or financial services. General brand awareness advertising could relate to sponsorships of sport events and the like and should not be caught in this regulatory net. 1.2. The phrase “or to persuade” is too subjective.
2. The Draft Standard refers throughout to “advertising” and we submit that in the context in which the phrase “advertising” is used it should in many instances refer to not just “advertising” but to “advertising” and “marketing” and “Direct Marketing”. We have commented on this on a clause-by-clause basis throughout this paper. RECOMMENDATION
3. We submit that the definition should not apply to general brand awareness advertising – such as television
4. The definition of “advertising” in the Standard is intentionally defined broadly to include both advertising and marketing, instead of using two terms.
5. It is not clear what aspects of the standard are inappropriate for general brand advertising and why this should be excluded. The recommendation is not accepted.
6. It is not clear what FAIS position is being referred to.
7. The recommended definition is not accepted in lieu of the above approach.

Consultation Report: Conduct Standard for Banks Page 7 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses advertisements, advertising at sports stadiums and promotional events. 2. The FSCA must be engaged to confirm that the BASA position on brand advertising in FAIS is acceptable in the Draft Conduct Standards framework as well. 3. We submit that the clause should be reworded as follows: “advertisement” means any communication published through any medium and in any form by itself or together with any other communication, which is intended to create public interest in the business, financial products or financial services of a bank, or to persuade the public (or a part thereof) to transact in relation to a financial product or financial service of the bank in any manner, but which does not purport to provide detailed information to or for a specific financial customer regarding a specific financial product or financial service and “advertise” and “advertising” have corresponding meanings;” 3. BASA Section 1. Definitions "compensation payment"

1. The term “compensation payment” is broadly defined to include “proven or estimated financial loss”. 1.1 We are of the view that the “compensation payment” should be limited to proven or actual direct damages suffered by the complainant. 1.1. It is unclear why “direct damages” should be referenced. Should a bank compensate a client for indirect damages suffered because of non-compliance by the bank, why shouldn’t such compensation fall within the definition of compensation payment?

Consultation Report: Conduct Standard for Banks Page 8 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 1.2 The onus to prove the relevant damages should remain with the complainant. 2. We are further of the view that “interest” should be limited to the interest rate prescribed in the Prescribed Rate of Interest Act 55 of 1975. 3. We propose that the term should be changed to “compensation” and not “compensation payment”; as the definition refers to compensation in a broader sense than mere payment. 4. The definition currently refers to a “payment” which is misaligned to compensation in the form of a benefit or a service. A service cannot be paid. RECOMMENDATION We propose that the definition should be amended to read: “Compensation Payment” means a payment the provision of an award, whether in monetary form or in the form of a benefit or service, by or on behalf of a bank to a complainant to compensate the complainant for a proven, or estimated actual financial loss damages incurred as a result of the bank’s non-compliance, action, failure to act, or unfair treatment forming the basis of the complaint, where the bank accepts liability for having caused the loss damages concerned but excludes any: 1.2 The Authority does not agree with the proposal to limit instances of “compensation payments” to events of actual or proven loss with a burden of proof on the customer. It must be noted that the intention of the definition is firstly to distinguish between those payments where the bank accepts responsibility and where it does not, the intention is not to place an obligation on a bank to compensate a customer, it is unclear why, where a bank compensated a customer for a loss, it should only be a compensation payment if the onus to prove damages rested with the customer. 2. Disagree. What interest rate was implied in relation to the payment is irrelevant in the context of the definition. Accepting the proposal would mean that, for example, interest on a refund (where not contractually due) above the prescribed interest rate would not constitute a compensation payment for purposes of the Standard, whilst interest on a refund (where not contractually due) below the prescribed interest rate would constitute a compensation payment for purposes of the Standard. This approach would be

Consultation Report: Conduct Standard for Banks Page 9 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses a) goodwill payment; b) payment contractually due to the complainant in terms of a product or service agreement with the Bank bank; or c) refund of an amount paid by or on behalf of the complainant to the bank where such payment was not contractually due; and includes any interest on late payment of any amount referred to in paragraph (b) or (c), charged at the interest rate as prescribed in the Prescribed Rate of Interest Act 55 of 1975, as amended” inappropriate, and the Authority do not accept the recommendation. 3. The proposal is accepted, and the Standard amended to define “Compensation” and not “Compensation Payment”. 4. The proposal is accepted, and the definition of “Compensation” expanded to include both a payment as well as the provision of a benefit. 4. POPIA (Pty) Ltd Peter Hill Section 1. Definitions "compensation payment" Add (d) (d) settlement between any of the parties concerned in relation to a complaint under section 79(b)(ii) of the Protection of Personal Information Act, 4 of 2013. If a bank compensates a client for a loss suffered because of non-compliance, failure to act, unfair treatment and the like, it would fall within the definition (whether it relates to a complaint under section 79(b)(ii) of the POPI Act). The Authority can therefore see no reason why the scope of the definition should be expanded as proposed. It is also clear from the context that “compensation payment” refers to compensation in relation to the complaint concerned. There is no risk of confusion that it could include compensation for matters not

Consultation Report: Conduct Standard for Banks Page 10 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses related to complaints as defined in the standard. 5. BASA Section 1. Definitions "complainant"

1. To enable the bank to adhere to confidentiality and privacy obligations in law and to protect the confidentiality and privacy of the financial customer or prospective financial customer, the person submitting a complaint on behalf of another should be duly authorised to act in this regard; which authorisation should be evident from a written mandate or power of attorney duly signed by the financial customer or prospective financial customer.
2. This clause is materially misaligned to the definition of “complainant” as stated in the CoFI Bill. COFI Bill definition of ''complainant'' means a person who submits a complaint and includes a— (a) financial customer or the financial customer’s successor in title; (b) beneficiary or the beneficiary’s successor in title; (c) person whose life is insured under an insurance policy; (d) person that pays any contribution or money in respect of a financial product or financial service; (e) member or member spouse of a pension fund, insurance group scheme, (or other type of member-based product or scheme); or (f) potential financial customer or potential member of a pension fund, insurance group scheme (or other type of member based product or scheme) whose dissatisfaction relates to the relevant application, approach, solicitation or advertising or marketing material referred to in the
3. With regards to the privacy concerns raised, the Standard does not prescribe what processes the bank should follow to protect confidentiality and satisfy itself that the person concerned has the requisite authority to act on behalf of the customer, provided this is not done in a manner that creates an unreasonable barrier to the customer’s ability to complain. There is no prohibition on a bank applying reasonable requirements to ensure confidentiality and proof of authority.
4. It is not appropriate to align the two definitions in all aspects as the CoFI Act is intended to apply to all types of financial institutions and this Standard has limited application. The Standard has however been updated to also refer to a “potential financial customer” to be consistent.
5. The Authority acknowledges that there are various developments taking place with regards to Conduct oversight of the financial sector however it is not necessary for all these initiatives to be concluded before this Standard can become effective. The work undertaken on the Retail Banking

Consultation Report: Conduct Standard for Banks Page 11 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses definition of potential financial customer, who has a direct interest in the agreement, financial product or financial service to which the complaint relates, or a person acting on behalf of a person referred to in paragraphs (a) to (f); RECOMMENDATION

1. As CoFI will be the main market conduct Act going forward, we suggest that the definitions between this paper and the draft CoFI Bill should be aligned - to mitigate confusion in future as to who would be regarded as a “complainant”. At present, the draft Conduct Standards and CoFI are materially mis-aligned. Both pieces are still under construction, so it will be easy to align. For example: The CoFI Bill refers to “potential customer” and the Standard refers to “prospective financial customer”.
2. We repeat our general comment that this Draft Conduct Standard for banks include content which is still being discussed in: (a) the current FSCA retail banking diagnostic work-stream process and (b) FSCA review of CoFI Bill commentary, and some of the proposals in this paper and the proposals in CoFI cover the same definitions / issues, but with different proposals. Diagnostic will further refine the principles proposed in this Standard and is not contradictory. CoFI Bill developments are led by National Treasury, supported by the FSCA and the final implementation of the Bill is still a few years away. There is no reason for the Authority to wait several years before imposing regulatory requirements on the conduct of banks and initiating supervisory oversight over adherence to such requirements.
3. POPIA (Pty) Ltd Peter Hill Section 1. Definitions "complainant" Add (c) (c) is defined in the Protection of Personal Information Act, 4 of 2013 as a data subject; Disagree with proposal. The intention of this Standard is not to duplicate requirements already regulated under the POPI Act.
4. BASA Section 1. Definitions “complaint"
5. We note that this definition is materially aligned to the definition of a “complaint” in the CoFI Bill, except that references to “financial institution” in the CoFI definition have been replaced here with “bank”.
6. The Authority disagrees with the recommendation. Where a customer expresses dissatisfaction and the identity of the consumer is known the bank should

Consultation Report: Conduct Standard for Banks Page 12 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 2. We repeat our CoFI Bill commentary here: “We note the definition of “complaint” which is unchanged from the FSCA 2014 paper in relation to TCF complaints. We note FSCA previous submissions that reference to “an expression of dissatisfaction” in the definition agrees to international jurisdiction standards. Nevertheless, we resubmit our previous comments in relation to the inclusion of this phrase in the definition: It is noted that an “expression of dissatisfaction” is used as a basis for a complaint. This implies that a customer may lodge a complaint on the basis of a feeling/emotion and not on the basis of a clear maladministration and/or substantive/administrative injustice. It is noted that a query will also fall within the scope of a complaint, which will again not be based on maladministration and/or substantive/administrative injustice but which may well be based on a simple question.” “We are concerned that the definition proposed for “complaint” is very broad as it would encapsulate: o A financial customer query which may contain any expression of dissatisfaction; and o A comment made by a financial customer on social media, which comment contains an expression of dissatisfaction regarding the financial institution. RECOMMENDATION We repeat our CoFI Bill recommendation here:

1. We submit that the phrase “an expression of dissatisfaction” should be deleted from this definition. Similarly, it is also submitted that a query be excluded from take steps to identify the root cause and deal with this dissatisfaction as a complaint.
2. The alternative definition proposed is not accepted. a. A “query” is not included in the definition of a complaint, unless the query also includes a complaint. b. It is further unclear why it should not be appropriate for a bank which has a presence on social media to monitor and respond accordingly where a complaint is made on social media “to the bank” or its service provider as required by the definition. Also note the exclusion provided for in subsection (c) of the definition of “reportable complaint” which addresses complaints not brought to the attention of the bank in a reasonable manner.
3. This would be dependent on the nature of the Code of Conduct as to whether it is binding or being subscribed to.

Consultation Report: Conduct Standard for Banks Page 13 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses the scope of a complaint - the current FAIS definition is proposed for adaptation below. 2. We propose the following alternative definition ''complaint'' means a specific complaint by a complainant to a bank relating to a financial product or a financial service provided or offered by that bank, which alleges that— (a) the bank has contravened or failed to comply with an agreement, a law, a rule, or a code of conduct which is binding on the financial institution or to which it subscribes; (b) the bank’s maladministration or wilful or negligent action or failure to act, has caused the person harm, prejudice, distress or substantial inconvenience; or (c) the bank has treated the person unfairly; But excludes a claim.” 3. With regard to sub-clause (a), clarity is required around when is an applicable code of conduct binding? 8. POPIA (Pty) Ltd Peter Hill Section 1. Definitions “complaint"

1. Add (d)
2. (d) the bank or its service provider has contravened or failed to comply with a provision of the Protection of Personal information Act, 4 of 2013; Disagree with the proposal. The intention of the Standard is not to duplicate requirements already regulated under the POPI Act.
3. BASA Clause 1: Definitions: “goodwill payment”
4. We suggest adding wording to make clear that a goodwill payment does not prejudice any of the banks rights. RECOMMENDATION
5. To add the wording highlighted below: “goodwill payment” means a payment made without out prejudice of any the bank’s rights, whether in monetary form or in the form… The definition already states that the bank does not accept liability for the loss suffered and there is nothing in the definition that could prejudice the bank’s rights. The proposed amendment is not necessary.

Consultation Report: Conduct Standard for Banks Page 14 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 10. BASA Clause 1: Definitions: “plain language”

1. We note that the wordings in these definitions are adapted from provisions in the current FAIS General Code of Conduct and we agree with same for inclusion into the Draft Conduct Standard. Noted.
2. BASA Clause 1: Definitions: “prospective financial customer”
3. We note that this definition is misaligned to a similar (but not same) definition in the draft CoFI Bill: The CoFI Bill definition refers to: ''potential financial customer'' means a person who has— (a) applied to or otherwise approached a financial institution or intermediary to become a financial customer; (b) been solicited by a financial institution to become a financial customer; or (c) received advertising in relation to any financial product or financial service;
4. We support the definition in this draft Conduct Standard which largely agrees to a previous definition as was tabled in the TCF complaints discussion papers previously in 2014. RECOMMENDATION
5. We suggest that the proposed definition in the CoFI Bill should be aligned to the draft definition in this Conduct Standard. Refer to comment in item 5 above. Comment made with regards to CoFI amendments will be provided to National Treasury.
6. BASA Clause 1: Definitions: “reportable complaint” read with Clause 8(8) and 8(3)(h):
7. It is not clear to whom is a complaint reportable. We note the provisions of Clause 8(3)(h) which require a complaints management framework to provide for reporting to the Authority and for “public reporting”. But this obligation is not stated in this definition.
8. The Authority will in due course put in place reporting requirements to itself and would hope that internal reporting would at least include reporting with regards to “reportable complaint” information as a

Consultation Report: Conduct Standard for Banks Page 15 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 1.1. Clarity is required around what type of complaints would need to be reported internally vs to the regulator vs public reporting? 1.2. Due cognisance must also be taken of the FSR Act, where there needs to be alignment with any reporting obligations set by the Ombuds in future. 2. The five-day time period referred to in sub-clause (b) is misaligned to the FAIS General Code which provides for a 3-week period to respond to the customer on a FAIS financial service complaint in relation to a financial product (including a deposit) and for complaints to be finalised within 6 weeks. RECOMMENDATION

1. We request clarity be provided – in the definition itself - around to whom would a complaint be reportable – only internally, or to the regulator and/or public reporting and/or to the Ombud?
2. We propose that the definitions should not contain time periods (in this case reference to five business days). If it is intended that process time periods be prescribed such time periods should be in a separate section, and not included in a definition of a particular term and must align to existing laws
3. We suggest that the definition in sub-clause (b) should be amended as follows: (b): “upheld within the bank’s ordinary processes for handling customer queries in relation to the type of financial product or financial service complained about minimum. Public reporting of complaint statistics could be the next phase once reporting to the regulator has been put in place. 1.1 Provisions with regards to principle-based requirements such as the requirements to have in place a complaints framework and policy must deal with all complaints received however granular requirements with regards to categorising complaints, keeping specific complaints data and ultimately reporting complaints to the regulator, apply only to “reportable complaints”. The Standard does not prescribe “internal reporting” within the bank however the complaints framework should deal with this. 1.2 Reporting to Ombuds in future is reasonable, however this is more an issue for a future Ombud Standard, there is no misalignment at this stage.
4. The proposal is not accepted. Complaints not upheld within 5 days are defined as “reportable complaints” and must be categorised accordingly. There is no misalignment with the requirements of the FAIS Act.

Consultation Report: Conduct Standard for Banks Page 16 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses provided that such process does not take more than five business days from the date the complaint is received.” 3. The proposal is not accepted. The effect of the proposed drafting is that all complaints upheld within the bank (irrespective of how long this may take) would not be a “reportable complaint”. The intention of the Authority is that all complaints not upheld within 5 days of receipt are “reportable complaints”. 13. BASA Clause 1: Definitions: “retail financial customer” (vi) The FSCA statement supporting the draft conduct standard notes on pages 3 onward, the varied clauses in the Standard which will either apply to retail financial customers only or which will apply to all financial customers. As an example, the document states: “the application of the draft conduct standard is not limited to retail customers only although the application of section 5 of the draft standard is limited to this segment….” 1.1. Clause 2(1) of the Draft Standard however is more generically drafted and it notes that the Standard is applicable to banks when they provide financial products and financial services. 1.2. The rest of Clause 2 refers merely to the provision of such financial products and financial services to “financial customers”. 1.3. The draft Standards should define all customer types (not just retail) and should make clear which Standard applies to each customer type? At present this is merely

1. The application of the entire Section 5 of the Standard is limited to “retail financial customers” and in addition subsections from sections 2, 4, 6, 7 and 8 have been limited in application to retail financial customers.
2. “Financial customer” need not be defined within the Standard as it is already defined within the FSR Act and the Standard state that “…and any word or expression to which a meaning has been assigned in the Act bears the meaning so assigned to it, unless the context otherwise indicates and…”.
3. It is important to note that the definition of a “retail financial customer” in CoFI is still under discussion, esp. in relation to SMEs.

Consultation Report: Conduct Standard for Banks Page 17 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses noted in the statement supporting the draft Standard and is not recorded in the Standard itself. 2. “Financial customer” is not defined in the Standard but a “retail financial customer” is defined. Both should be defined, alternatively a combination definition may be adopted. 3. We note that this definition of “retail financial customer” is materially misaligned to the proposed definition for a “retail financial customer” in the CoFI Bill in that this Standard omits juristic customers where their asset value or annual turnover is less than that as stated in the NCA. The CoFI Bill definition reads: “retail financial customer" means a financial customer that is: a natural person; or a juristic person, whose asset value or annual turnover is less than the threshold value as determined by the Minister of Trade and Industry in terms of section 6(1) of the Consumer Protection Act, 2008 (Act No. 68 of 2008); and the National Credit Act, 2005 (Act no 34 of 2005).” 3.1 We suggest that the definition in the draft conduct Standard include the reference to NCA (as in the CoFI Bill). 3.2 It is important to note that the thresholds for the Consumer Protection Act 68 of 2008 (CPA) and the National Credit Act 34 of 2005 (NCA) as it relates to juristic persons differ: • The NCA threshold is R 1 million asset value or annual turnover 4. The definition has been aligned to that in the Short-term Insurance Policy Holder Protection Rules. 5. There is no need to define a non-retail financial customer within the Standard as the Standard applies to all financial customers except for the application of Section 5, where application is limited to retail financial customers only.

Consultation Report: Conduct Standard for Banks Page 18 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses • The CPA threshold is R 2 million asset value or annual turnover • We propose an alignment in this regard; especially because a credit agreement would also be a financial product. RECOMMENDATION

1. It is recommended that the drafters consider including three separate definitions in relation to the following: a. Financial customer (as per the FSR Act) b. Retail financial customer c. Non-retail financial customer The drafters are to ensure that the exclusion of market infrastructure have been applied to all impacted definitions. Non-retail clients should have the ability to opt out of Standards which apply mainly to retail clients. Alternatively we propose the definition of “retail financial customer’ to read as follows: “retail financial customer” means a financial customer that is: (a) a natural person; or (b) a juristic person, whose asset value or annual turnover is less than the threshold value as determined by the Minister of Trade and Industry in terms in terms of section 6(1) of the Consumer Protection Act, 2008 (Act No. 68 of 2008);of the National Credit Act, 2005 (Act no 34 of

2. We repeat previous BASA comments which were submitted under the CoFI Bill proposing definitions for the

Consultation Report: Conduct Standard for Banks Page 19 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses different customer types in (1) above, as well as providing clarity around to whom should the provisions apply. Please see same annexed hereto as Annexure A. 14. BASA Clause 1: Definitions: “service provider”

1. We note that this definition is misaligned to the definition in the CoFI Bill. The CoFI Bill states as follows: ''service provider'' means any person (whether or not that person is the representative or other agent of a financial institution) with whom a financial institution has an arrangement relating to the marketing, distribution, administration or provision of financial products or related services;
2. We repeat our CoFI Bill commentary which is also relevant here, adapted appropriately: 2.1. The FSCA has regulatory supervisory authority over “financial institutions”, “financial service providers” and “financial products” as defined in the FSR Act. 2.2. The FSR Act defines a “financial service provider” and not a “service provider”. The scope of regulated activities is limited in this definition to a licensed FSP providing “financial services”. 2.3. This Standard omits a definition for “financial service provider”.
3. It cannot have been the intention of the FSCA to regulate every service aspect connected to any specific financial product or service. RECOMMENDATION
4. We suggest that the definitions between the CoFI Bill and this draft Standard should be the same to avoid industry confusion. The definition in CoFI is much wider.
5. It is not appropriate to align the two definitions in all aspects as the COFI Bill is intended to apply to all types of financial institutions and the Standard has limited application.
6. Currently the term “service provider” is used in limited instances in the Standard which does not seem too onerous, also not going beyond the scope of the FSR Act. The term “service provider” is intentionally broader than “financial service provider”.

Consultation Report: Conduct Standard for Banks Page 20 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 2. We repeat our recommendations under the CoFI Bill here, adapted appropriately: 2.1. We recommend that the definition of “service provider” be deleted in its entirety. 2.2. Further that a definition for “financial service provider” exactly as per the FSR Act is inserted in this Draft Standard. 15. BASA Section 1. Definitions - We suggest insert a definition for “marketing” and “direct marketing” read with Clause 6 “Advertising” – general comment around “opt￾in” vs “opt-out” clauses in existing and future laws

1. We submit that a definition for “marketing” and “direct marketing” should also be included in the draft standards for the reasons mentioned in the Row above.
2. We further submit that the varied provisions in Clause 6 of this paper should refer not just to “advertising” but to “advertising and /or marketing and direct marketing”.
3. We submit however that any new definitions and provisions in Clause 6 should take cognisance of existing laws (CPA, NCA, ECT and POPIA) which contain different requirements in relation to “opt-in” (a consent obtained before marketing) to marketing or “opt-out” of marketing – insofar as it refers to electronic marketing - as follows: 3.1. The current “marketing” and “direct marketing” position in the NCA, CPA and ECT Act is that we may market products to a consumer and the consumer has the right to opt-out of this marketing or pre-emptively block (like a do not contact list) this marketing. We are obliged to provide the consumer with an opt-out opportunity in each marketing engagement.
4. The Authority disagree that separate definitions are required. The definition of “advertising” is wide enough to incorporate the additional elements of marketing and direct marketing.
5. Advertising requirements are not inconsistent with the opt-out regime.

Consultation Report: Conduct Standard for Banks Page 21 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 3.2. Once POPIA becomes operative, the following requirements would be applicable regarding electronic marketing: (i) A customer must opt-in into marketing of dissimilar products; (ii) A prospect must opt-in to marketing; (iii) A customer or prospect may opt-out at any time. Therefore, POPIA will change the opt-out regime to an opt￾in regime for electronic marketing. 3.3. Clause 6 of this Draft Standard - in principle - is aligned to the opt-out regime, however clause 6 refers only to “advertising”. A customer or prospect can never opt-in or opt-out from “advertising”. For example, you cannot opt￾out of a billboard on the highway. RECOMMENDATION

1. We submit that a definition for “marketing” and “direct marketing” should be included in the Draft Standard and that Clause 6 (Advertising) should be reviewed to insert a reference to “advertising and marketing/direct marketing” wherever appropriate.
2. Clause 6 should be aligned to the “opt-out” marketing regime.
3. BASA Section 1. Definitions - “annual effective interest rate”
4. Drafting suggestion. RECOMMENDATION
5. We suggest that this definition should be moved to appear after “advertisement”. Agree. Amendment made.

Consultation Report: Conduct Standard for Banks Page 22 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 17. BASA Clause 1: Definitions: NEW PROPOSED DEFINITION “financial product” for the purposes of this Standard means a “deposit as defined in the FSRA The Authority disagrees with the proposal. With the advent of the FSRA in 2018 the FSCA has been given the explicit mandate of regulating and supervising the conduct of banks with regards to “financial products” and “financial services” as defined. Limiting the application of the Standard to a deposit product only as proposed would not enable the FSCA to meaningfully supervise the conduct of banks. The purpose of the Standard is to act as the first step towards rolling out a comprehensive market conduct regulatory framework for the banking sector and limiting the application to a single financial product as defined would hamper the efforts of the FSCA. 18. BASA Clause 1: Definitions: NEW PROPOSED DEFINITION “financial services” mean financial services relating to financial products as defined in this Standard The Authority disagrees with the proposal. With the advent of the FSRA in 2018 the FSCA has been given the explicit mandate of regulating and supervising the conduct of banks with regards to “financial products” and “financial services” as defined. Limiting the application of the Standard to services with regards to a deposit product only as proposed, would not enable the FSCA to meaningfully supervise the conduct of banks. The purpose of the Standard is to act as the first step towards

Consultation Report: Conduct Standard for Banks Page 23 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses rolling out a comprehensive market conduct regulatory framework for the banking sector and limiting the application to a single financial product as defined would hamper the efforts of the FSCA. 19. FAIS Ombudsman Section 2. Application and purpose of Standard • The scope and purpose of the conduct standard must be in accordance with the six TCF Outcomes. The scope in which fair treatment of financial customers should be measured in relation to the TCF. • The draft Act must make provision for appropriate procedures and provide a system to record both verbal and written communications of financial services rendered to clients. • Procedure for record keeping and its availability upon request thereof by a client. • The Conduct Standard should explicitly state that the 6 TCF outcomes are adhered to. • The following sections of the General Code of Conduct for Authorised Financial Services Providers and Representatives (‘General Code of Conduct’) would be relevant in relation to this provision: Sections 2 (a) – Where the financial services must be conducted honestly and fairly with the required due skill care and dilligence in the intersts of the client and integrity of financial services industry, 3 (1)(d) – Where the financial service must be conducted timeously and in accordance with all reasonable requestes and instructons of the • The FSCA agrees that the TCF outcomes must be adhered to in accordance with this Standard as specifically required by Section 2(3)(a)-(f). The obligation to ensure the fair treatment of customers has been strengthened. • The implementation of appropriate governance arrangements does include policies and procedures that address recordkeeping however requirements are principled based, and a specific rule is therefore not created. • See comment above. • The FSCA agrees with the comment, refer to the requirements of Section 2(3)(a)-(f). • Requirements in terms of the FAIS Act will be applicable in addition to the requirements of this Standard to the extent that the activities concerned fall within the ambit of FAIS. It should be borne in mind that the FAIS Act will in due course be repealed and its provisions moved to the

Consultation Report: Conduct Standard for Banks Page 24 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses client and (f), 7(1) (a) – Where one must provide details of the nature and material terms of the relevant contract or transaction to a client, and make full and frank disclosure of any information that would reasonably be expected to enable the client to make an informed decision, Section 8 – Obtain all relevant and available infor ation from a client to ensure that once an analysis has been conducted that a recommendation is made that is appropriate to the complainants specific needs and circumstances. COFI Act, which process will include harmonisation of subordinate instruments such as this standard and the FAIS General Code of Conduct. In addition, please note that the draft Conduct Standard does incorporate some of the provisions of the General Code, see for example clause 3(2) of the draft that was published. 20. BASA Section 2(1) 1. We note the FSCA observations in page 3 of 5 in their “statement of need – policy context and problem definition”. The statement positions why a conduct standard for banks is necessary and refers to banking assets funded by depositors (amongst others) and also to the previous Jali Commission of enquiry and the more recent World Bank retail diagnostic into banks provision of transactional and fixed deposits. 2. The Conduct Standard should solve for the problem definition as is articulated in the statement of need paper. RECOMMENDATION

1. Accordingly, we submit that: 1.1. This Conduct Standard should only apply to “a deposit as defined in Section 1(1) of the Banks Act” as defined in sub-clause 2(1)(e) of the FSR Act “financial product” definitions. It should include the definitions for long term deposits, short term deposits and structured deposits in FAIS Board Notice 194 of 2017. 1 and 2: With the advent of the FSRA in 2018 the FSCA has been given the explicit mandate to regulate and supervise the conduct of banks with regards to “financial products” and “financial services” as defined. Limiting the application of the Standard to a deposit product only as proposed would not enable the FSCA to meaningfully supervise the conduct of banks. The purpose of the Standard is to act as the first step towards rolling out a comprehensive market conduct regulatory framework for the banking sector and limiting the application to a single financial product as defined would hamper the efforts of the FSCA. Recommendation 1.1: See response above. Recommendation 1.2: The final implementation of the COFI Bill is still a few

Consultation Report: Conduct Standard for Banks Page 25 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 1.2. When providing financial products and financial services in respect of other financial products (other than a bank deposit) as defined in the FSR Act, the Bank will be subject to the provisions of the CoFI Bill – which covers all six TCF outcomes. 2. We submit that the clause be reworded as follows: Clause 2(1): Aligned to Section 2(1)(e) of the FSR Act, This Conduct Standard is applicable to banks who been issued with a banking license by the registrar of banks in relation to their provision of financial products and financial services to retail financial customers a deposit as defined in Section 1(1) of the Banks Act; years off. There is no reason for the Authority to wait several years before initiating supervisory oversight over the conduct of banks. Recommendation 2: Disagree with proposed wording. The definition of “bank” already refers to registration under the Banks Act and the words “who has been issued with a banking license by the registrar of banks” is therefore superfluous. With regards to the proposed limitation to “retail financial customers”, please see response to comment 13. The FSCA does not intend for the application of the Standard to be limited to “retail financial customers”. 21. BASA Section 2(2) and 2(3) We note the requirement in these clauses which require that banks must treat customers fairly. We also note that these provisions include the six TCF outcomes. We support same. Noted. 22. POPIA (Pty) Ltd Peter Hill Section 2(2) This Conduct Standard is aimed at ensuring that banks treat financial customers fairly in accordance with section 106(2)(b) of the Act and the conditions for the lawful processing of personal information as referred to in Chapter 3 of the Protection of Personal Information Act, 4 of 2013. Disagree. The proposed objective is one of the objectives of the POPI Act which falls within the mandate of the Information Regulator. It is unclear why the draft Conduct Standard should duplicate such objective and mandate. The Standard would need to be read in conjunction with the requirements applicable in terms of any other relevant legislation.

Consultation Report: Conduct Standard for Banks Page 26 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 23. BASA Section 2(3) 1. We submit that any reference to “financial product” should be changed to read a “deposit, a long-term deposit and/or a structured deposit”. RECOMMENDATION

1. We suggest that sub-clause (b) should be reworded as follows: (b) a deposit, a long-term deposit and/or a structured deposit is suitably designed to meet the needs of identified types, kinds or categories of financial customers who are targeted accordingly.
2. We suggest that sub-clause (c) should be reworded as follows: (c) financial customers are given clear information and are kept appropriately informed before, during and after the time of entering into a contract in respect of a deposit, a long-term deposit and/or a structured deposit offered or provided by a bank
3. We suggest that sub-clause (d) should be reworded as follows: (d) any advice if provided to financial customers in respect of a deposit, a long-term deposit and/or a structured deposit is suitable and takes into account the needs and circumstances of these financial customers.
4. We suggest that sub-clause (e) should be reworded as follows: (e) financial customers are provided with deposits, long￾term deposits and/or a structured deposit that perform as a bank or its representatives have led them to expect, and The proposed recommendation is not accepted, see response under item 18 above.

Consultation Report: Conduct Standard for Banks Page 27 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses the related financial service is of an acceptable standard and in line with its expectations created. 5. We suggest that sub-clause (f) should be reworded as follows: (f) financial customers do not face unreasonable post￾sale barriers by or on behalf of a bank in respect of a change, replacement, withdrawal or complaint in relation to a deposit, long-term deposits and/or a structured deposit” 24. POPIA (Pty) Ltd Peter Hill Section 2(3) Add (g) Financial customers can be confident that banks give effect to their constitutional right to privacy, by safeguarding personal information when processed by a bank and balancing this right with the right of access to information; See response to item 6 above. The intention of this Standard is not to duplicate requirements already regulated under the POPI Act. 25. BASA Section 2(4) 1. As CoFI will regulate conduct in relation to the provision of financial products and financial services holistically, we recommend that the scope of this conduct Standard align to the FSCA statement of need and problem definition and accordingly should apply to deposits only. RECOMMENDATION

1. We suggest that the clause be reworded as follows: Clause 2(4): This conduct Standard applies in addition to any other regulatory requirements imposed on a bank in relation to its provision of a financial product offered or provided by a bank The proposed recommendation is not accepted, see response under item 18 above.
2. BASA Section 2(5) 1. The FSCA statement accompanying the Draft Standard states that (a) the Standard is not limited to retail financial customers, however that Section 5 of the Draft
3. The application of the entire Section 5 of the Standard is limited to “retail financial customers” and in addition subsections from

Consultation Report: Conduct Standard for Banks Page 28 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses Standard applies to retail customers (and the section is so labelled as:” Additional requirements in respect of retail financial customers”). RECOMMENDATION

1. We suggest that a clause 2(5) be added which makes clear: 1.1. whether this Draft Standard applies when financial services are provided to all customer types or whether current clients who are exempt under the “merchant banking exemption” will continue to be exempt until the CoFI Bill and the FMA consultations and work-groups conclude their reviews? 1.2. which sections of the Standard apply to all customer types? sections 2, 4, 6, 7 and 8 have been limited in application to “retail financial customers”.
2. An exemption in place under the FAIS Act and services exempted thereby is not relevant for the application of this Standard, this Standard is empowered by the FSR Act.
3. Where application of a section or subsection is not limited to “retail financial customers”, the requirement is applicable to all customer types.
4. BASA Section 3. Culture and governance
5. We submit that any Conduct Standard pertaining to banks, including provisions around culture and governance may pre-empt work and outcomes that are underway in other areas such as finalisation of the CoFI Bill and the World Bank diagnostic workstreams. 1.1. As an example, commentary has been submitted on Chapter 3 of CoFI which deals extensively with Culture and Governance and largely covers the same issues which are mentioned here. Governance and culture are the cornerstone of good conduct and it is critical that the FSCA is able to regulate banks in this regard. The final implementation of the COFI Bill is still a few years off and it is therefore not practical to wait for the implementation of the COFI Bill before governance standards (aiming at facilitating conduct supervision) are introduced for banks. We further believe that the governance requirements as contained in the Standard is positioned at a sufficiently high level which would enable alignment with any governance requirements introduced through the COFI Bill. If there are requirements in the governance clause that are problematic in the context of

Consultation Report: Conduct Standard for Banks Page 29 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses potential misalignment with the COFI Bill, please highlight these requirements. 28. FAIS Ombudsman Section 3. Culture and governance • Banks should be required to have processes and procedures in place to monitor and evaluate the provision of leads to in-house financial advisory units to ensure that the advice and or recommendations made with regards to funds in existing deposit accounts, current accounts, fixed deposits etc. are appropriate to the specific needs and circumstances of the client taking into account the established risk profile. • In this regard, reference should be made to the sections of the the General Code of Condut as contained in the FAIS Act: Section 2 - Providing the Financial service with the required due skill care and dilligence in the interests of the client and integrity of financial services industry • Section 8 where relevant and appropriate information must be collected from the client to ensure that any recomendation made is appropriate to the clients needs and circumstances. • Section 11 where a financial service provider must have the required processes and procedures in place. • There is already a “suitability of advice” requirement contained in the FAIS Act and the Authority does not deem it necessary to duplicate that requirement for purposes of the Standard. • As mentioned above, clause 3(2) of the Standard already incorporates the wording of clause 2 of the FAIS General Code of Conduct to a large extent. • Requirements in place in terms of the FAIS Act will be applicable in addition to the requirements of the Standard to the extent that the activities concerned fall within the ambit of the FAIS Act. • See comment above. 29. BASA Section 3(1) 1. We note the draft Standard and support the principle, however the inclusion of the word “prioritises” is not clear. We suggest that the phrase merely make reference to a bank ensuring that it treats its customers fairly. RECOMMENDATION The Authority disagrees with the proposal and submits that the fair treatment of customers is sufficiently important for it to be prioritised by the bank.

Consultation Report: Conduct Standard for Banks Page 30 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses

1. We submit that the clause should be reworded as follows: “A bank must act fairly, reasonably and ethically towards its retail financial customers.” Prioritise would in this context carry the normal grammatical meaning of the word.
2. POPIA (Pty) Ltd Peter Hill Section 3(1) A bank must conduct its business in a manner that prioritises the lawful processing of personal information and fair outcomes for financial customers. See response to item 6 above. The intention of the Standard is not to duplicate requirements already regulated under the POPI Act.
3. POPIA (Pty) Ltd Peter Hill Section 3(2) Add (g) (g) respect the right to privacy including a right to protection against the unlawful collection, retention, dissemination and use of personal information; See response to item 6 above. The intention of the Standard is not to duplicate requirements already regulated under the POPI Act.
4. BASA Section 3(2)(a) and (b) 1.These obligations have been adapted from the FAIS General Code but have been reworded such that the use of the word “integrity” as it is phrased here is inappropriate and misplaced. RECOMMENDATION 1.We suggest that the clause be redrafted to align to the current wording in FAIS, as follows: “A bank must at all times, act honestly, fairly, with due skill, care and diligence and in the interests of the integrity of the financial sector.” It is unclear why BASA state that the word “integrity” is not appropriate in the context in which it is used. Although the wording is not exactly the same as in the FAIS General Code of Conduct, we believe that the wording is largely aligned with the FIAS General Code of Conduct and would not result in any contradictions.

Consultation Report: Conduct Standard for Banks Page 31 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 33. Information Governance (Pty)Ltd Mark Heyink Paragraph 3(2)(a) It has been my experience in dealing with Internet Banking Fraud that some banks, even where there is no evidence of fault or negligence on the part of clients, suggest negligence. What some banks have failed to do is to take into account their own common law obligations to the client and by deflecting the issues and alleging negligence on the part of the client, have not disclosed their failure to fulfil their lawful obligations where they rely on an assumption of risk to debit a client’s account. The onus of proving the agreement or that the assumption of risk had been drawn to the attention of the client lies with the bank, but this is conveniently ignored. This is despite this requirement being crystal clear in both the Code of Banking Practice and the Consumer Protection Act. This is a failure of integrity on the part of the banks that adopt this strategy. It is suggested that this provision be considered carefully with a view to those responsible for the bank’s compliance being personally liable when it conducts itself with a lack of integrity. This is already the position in terms of Sections 76 and 77 of the Companies Act and there appears to be no reason why it should not be emphasised in this context, particularly in light of the delinquency of some of the banks in intentionally misleading clients, as they have done. Creating personal liability is an intrusive intervention and we are reluctant to impose such provision through subordinate legislation. Your comment will be forwarded to National Treasury for consideration in the development of the COFI Bill process. Note that where a bank is found to have contravened the requirements of this Standard, enforcement action can be taken in terms of the requirements of the FSR Act. 34. BASA Section 3(2)(c) COMMENT

1. Re sub-clauses (a) - (c) - Noted – we support this principle. Noted.

Consultation Report: Conduct Standard for Banks Page 32 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 2. Re sub-clause (d) - Noted – this clause is adapted from the FAIS General Code of Conduct, with the exception that the General Code wording has been amended to now include a reference to a duty to manage “potential” conflicts of interest. 3. Re sub-clause (e) - Noted – we support this principle. 35. Information Governance (Pty)Ltd Mark Heyink Paragraph 3(2)(f) It has been my experience that some banks ensure that clients are not provided with information relevant to their matters. In certain instances claims are made that this may compromise the bank’s security. These statements have typically been false and it appears to be an extension of a rather transparent strategy that some banks have of relying on the fact that clients do not have the financial wherewithal or expertise to embark on costly litigation. What has become evident in Internet Banking Frauds is that when the banks are challenged in court, they ultimately concede, but only after clients have had to incur significant cost to force the bank to be transparent. Again it is suggesterd that the Conduct Standard should specifically re-state the legislation and provide that where members of the Governing Body of a bank failed in this regard that those members may be held personally liable. As this is a statement of the law there appears to be no reason why this should not be included. See response to item 33 above. 36. BASA Section 3(4)(b)(iv) 1. This clause is not clear and “related and inter￾related parties” are not defined. In a large banking group not all related or inter-related parties will be involved in the provision of financial products or financial services. Please note that both “related” an “inter￾related” is defined in the Financial Sector Regulation Act, and as per the preamble to clause 1, terms defined in the Financial Sector

Consultation Report: Conduct Standard for Banks Page 33 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses RECOMMENDATION

1. We suggest that this clause must be reworded so that the intention of the legislation is clearly stated to provide future legal certainty. Regulation Act has that same meaning in the draft Standard.
2. POPIA (Pty) Ltd Peter Hill Section 3(4)(b) Add (xi) Data subject right to have his, her or its personal information processed in accordance with the conditions for the lawful processing of personal information as referred to in Chapter 3 of the Protection of Personal Information Act, 4 of 2013; See response to item 6 above. The intention of the Standard is not to duplicate requirements already regulated under the POPI Act.
3. Information Governance (Pty)Ltd Mark Heyink Paragraph 3(4)(b)(ix) It is not suggested that every security measure should be specifically stated. It is, however, suggested that the rather bland “we take the appropriate steps to ensure the security of your information” not be allowed and that this Conduct Standard makes it mandatory for appropriate background as to the security that is provided by the bank in particular circumstances, is definitively stated. In addition, that the interaction of clients relating to what is expected of them in this regard also be definitively stated. The Banking Ombud has publicly stated that it is not equipped to deal with issues of information security. While this is regrettable as electronic banking is the norm rather than the exception in the 21st century, it would appear that the Ombud is no longer fit for purpose in this regard. That being the case, banks should be obliged to conform with established standards for information security. History has shown that the banks are prepared to “take a chance” with regard to security as they can easily debit their client’s The requirements are drafted on a principle￾basis. The FSCA will through the supervisory approach determine whether the measures put in place to ensure adherence to the requirements are appropriate. We take note of your comments relating to liability and agree that it should be considered as part of the COFI Bill process. Your comment in this regard will be submitted to National Treasury.

Consultation Report: Conduct Standard for Banks Page 34 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses account to mitigate their own loss. Unfortunately, it is a fact of life and proven over and over again that banks prefer more profitable short-term solutions to more ethical and moral long-term practises. In the United States of America, as is the case in many European Union countries and other countries around the world, the liability of clients using banks’ electronic infrastructure is limited. This has led to banks being far more conscious and diligent in ensuring that their security and the protection of client information (and potential losses that may suffered by clients) have been more diligently applied. While this cannot be mandated in the Conduct Standard it is something that should be considered in COFI. 39. BASA Section 3(7) 1. Regarding sub-clause (b) ownership around “doing the right thing” and the “integrity” of a bank’s practices in relation to TCF delivery must remain with 1st line accountability. A TCF culture and integrity cannot be measured by second line functions using a compliance tick￾box approach. In practice, how a bank delivers on TCF outcomes 2 to 6 will provide a clear picture of their culture and their “integrity” around TCF delivery. RECOMMENDATION

1. We suggest that sub-clause (b) be reworded as follows: “The banks practises ensure the fair treatment of its financial customers” The Authority agrees that a tick-box compliance approach will not be able to fulfil this function. The recommended wording is not accepted however we agree that the word “integrity” might be misplaced and has been amended to refer to the “effectiveness” of the systems?

Consultation Report: Conduct Standard for Banks Page 35 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 40. POPIA (Pty) Ltd Peter Hill Section 3(7) Add (c) (c) compliance with the conditions for the lawful processing of personal information as referred to in Chapter 3 of the Protection of Personal Information Act, 4 of 2013; See response to item 6 above. The intention of the Standard is not to duplicate requirements already regulated under the POPI Act. 41. BASA Section 3(8) 1. We support the principle that the governing body is ultimately accountable, however as the governing body is not involved in the day-to-day operations of the bank, the governing body should have the ability to formally delegate this responsibility. RECOMMENDATION

1. We suggest that the clause should be reworded to allow for the governing body to formally delegate this responsibility. To confirm, the requirement states that the governing body is accountable, not that the governing body is responsible for the execution. Accountability cannot be delegated and the responsibility to perform the work is not prescribed.
2. FAIS Ombudsman Section 4. Design, suitability and performance requirements for financial products and financial services • There must be a provision in the Act prohibiting inducement of banks to entice the customers, i.e. - not informing customers of loyalty programmes that incur charges. • It is further recommended that the necessary skills for designing a product are identified so as to ensure that the products are developed by individuals with the appropriate skill. The Draft Conduct Standard currently does not provide specific skills required and simply provides that one should possess skills without outlining any specific minimum standards, and leaves the discretion of what ‘necessary skills’ are to the specific institutions. • The development of cross-cutting standards in respect of inducements will be considered and will require appropriate research before a decision can be made on the policy response to this practise. In terms of the Standard, all costs must be disclosed to the customer, refer to section 7(1)(b) and 6(12). • Skills requirements for product design are drafted on a principle basis. The FSCA will also exercise its discretion in determining adherence to the requirement when supervising the financial institutions. Appropriate skills differ widely depending

Consultation Report: Conduct Standard for Banks Page 36 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses • Sections 4 (3) Where a provider must, where the relevant licence, terms of employment or mandate enables such provider to provide clients with financial services in respect of a choice of product suppliers, exercise judgment objectively in the interest of the client concerned - and 8 – Where one is required to obtain all relevant and available information from a client to ensure that once an analysis has been conducted that a recommendation is made that is appropriate to the complainants specific needs and circumstances- of the Code of Conduct would also provide guidance in the implementation of this section. on the product or service offering concerned and it would not be effective for the FSCA to prescribe “one size fits all” requirements. 43. BASA Section 4(1) 1. The phrase “the interest of its financial customers” in this context of product design is too wide. 2. If the use of the word “interests” is meant to align to the duty of “best interest” as noted in CoFI, it is misplaced as “best interest” applies when providing financial advice and to duties of trustees, etc. 3. We suggest that the clause be reworded to align to the FSCA TCF Outcome 2 (product design) sub-statements 2.1 and 2.4.to make clear that a product or financial service must be designed to meet the needs of a particular, identified target market. RECOMMENDATION

1. We suggest that the clause be reworded as follows: A bank must design its financial products and financial services, including the related models utilised for the advertising, distribution and provision of these financial products and financial services, with due regard to the
2. There are no reason why bespoke solutions should not be designed with due regard of the interest of the financial customer/s concerned. Is this not precisely the purpose of a “bespoke” structure? We confirm that the term “interests” is not intended to refer to “best interests”.

Consultation Report: Conduct Standard for Banks Page 37 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses interests of its financial customers. to meet the needs of the identified target market. 2. This specific requirement should not apply to non￾retail customers as bespoke solutions (rather than vanilla products) are offered to such customers. 44. BASA Section 4(4)(b) 1. This clause should not conflate the two key risk concerns mentioned here being (a) manage conflicts of interest and (b) design of products and services to meet the needs of a particular target market. RECOMMENDATION

1. We suggest that the clause be split in two and reworded as follows: (b) address the management of conflicts of interest, (c) and ensure that the objectives, interests and characteristics of targeted retail financial customers are duly taken into account;
2. This specific requirement should not apply to non￾retail customers as bespoke solutions (rather than vanilla products) are offered to such customers.
3. Standard amended as proposed.
4. There are no reason why bespoke solutions should not be designed considering the principles mentioned.
5. BASA Section 4(4)(c) 1. This clause is not clear: What is meant by “the oversight arrangement must appropriately account”? Should it not instead state “appropriately evaluate and report”?
6. Drafting note. RECOMMENDATION
7. We suggest that this clause be redrafted so as to make its meaning clear and to provide legal certainty.
8. Drafting note: “customer” in line 1 of sub-clause (c) should read “customers” Clause amended to create clarity and improve language. There are no reason why bespoke solutions should not be designed considering the principles mentioned, the recommendation to restrict application of this clause to “retail financial customers” are not accepted.

Consultation Report: Conduct Standard for Banks Page 38 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 5. This specific requirement should not apply to non￾retail customers as bespoke solutions (rather than vanilla products) are offered to such customers. We suggest the following drafting should be considered: “(c) appropriately evaluate and report on risks borne by targeted retail financial customer or groups of retail financial customers in respect of a financial product or a financial service” 46. BASA Section 4(4)(f) 1. This clause refers to a key person, but a ‘key person” is not defined in the conduct standard. 2. This clause is materially misaligned to the CoFI Bill which requires: 2.1. That a senior manager and a governing body must provide sign-off; 2.2. That the sign-off is provided before a product is marketed, offered or a contract entered into. 3. For easy reference, the CoFI Bill provisions are noted below: 48. (8) (a) A new financial product must be signed off by the governing body before a financial institution that provides a financial product starts to market offer or enter into contracts in respect of the product. 48. (2) The financial product oversight arrangements must— (f) include senior management confirmation that a product adequately meets required outcomes for the fair treatment of financial customers, including the requirement that it will perform as financial customers are led to expect; and 4. Discussion at meeting with the FSCA on 4 July 2019: The FSCA advised that banks should allocate the role of “key

1. A “key person” is defined in the FSR Act, and as per the preamble to clause 1, terms defined in the Financial Sector Regulation Act has that same meaning in the draft Standard.
2. A bank would need to identify an appropriate person falling within the definition of a “key person” within its business to fulfil this role, this could include a senior manager (e.g. see paragraph (c) of the definition of “key person” as contained in the FSR Act).

Consultation Report: Conduct Standard for Banks Page 39 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses person” to the most suited person/s within their business structures. The FSCA advised that the intent is not for the CEO of a retail bank to sign-off on a financial product or service, but for the most appropriate level of senior manager – example the CEO of Credit card – to sign off on a financial product or a financial service. RECOMMENDATION

1. .We recommend that a “key person” should not be required to sign-off on a new product or financial service. Instead a senior manager – who is an appropriately positioned senior operational manager with oversight over the product and service should be required to provide sign￾off.
2. We recommend that the wording of the clause between the CoFI Bill and this Standard be aligned as follows: “The oversight arrangements must provide for relevant senior management approval, including relevant senior management confirmation that a financial product or a financial service adequately meets required outcomes for the fair treatment of financial customers, before a financial institution starts to advertise, market offer or enter into contracts in respect of the financial product or financial service.”
3. Alternatively, if it is the intent of the regulator that a “key person” as defined in Section c (i) and (ii) of the FSRA is regarded as a more operational level senior manager, being a senior manager whose decisions could impact a particular product line or a particular financial service (but

Consultation Report: Conduct Standard for Banks Page 40 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses not necessarily the whole or a substantial part of the business of the financial institution) then we suggest that the regulator should include such a definition – duly adapted from the FSRA – into this Conduct Standard which makes same clear. 47. BASA Section 4(7) 1. This section provides that a financial product provider must ensure that their financial customers are provided with products/services that perform as it has led its customers to expect – the effect of such is that effectively the financial product provider must underwrite its product, which is not possible. There are many “external” market forces that may affect the performance of a financial product and same are outside the control of banks. 2. It is also not clear how a “financial service” would “perform” – a service is delivered to particular service standards – it does not “perform”? RECOMMENDATION

1. We submit that the clause should be reworded to provide for the bank to take reasonable steps to ensure that product performance agrees to the customers risk profile and mandate. Further that any reference to a financial service “performing” should be deleted as well as any reference to “advertising” as advertisements will provide generic information.
2. We suggest that the clause should re reworded as follows: “A bank must ensure that a financial product:
3. It is not clear what is meant by “underwrite” a product in this context. However, the provision does not in any way require the product provider to guarantee any product outcome. It simply requires that the product must perform as the provider itself has led its customers to expect. If for example the performance of a product is subject to external market forces, a bank must ensure that this is made clear to the customer (in accordance with the requirements of this Standard and any other applicable laws) to ensure that the customer’s expectations are appropriately managed.
4. Clause has been reworded to address the concern raised with regards to the “performance” of a financial service.

Consultation Report: Conduct Standard for Banks Page 41 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses Performs as the bank has led customers to reasonably expect, which expectations include those created through disclosure.” 48. Information Governance (Pty)Ltd Mark Heyink Paragraph 4(7)(b) There have been significant failures in banks’ practises relating to fair treatment of customers in the context of Internet Banking Frauds. Significant delays, while clients’ accounts are debited (in my view unlawfully) rendering the client helpless while lengthy investigations are carried out, are the norm. Further, no explanation is provided for the delays, nor are adequate explanations relating to the banks’ practises in this regard provided to clients. While some of this is dealt with elsewhere in the Conduct Standard, it is recommended that the Conduct Standard includes provisions requiring the banks to report to the Authority, to ensure that the monitoring and evaluation that is contemplated meets appropriate standards. It is not exactly clear what aspects you are proposing be reported to the Authority. Please note that reporting for supervisory purposes are usually required through conduct of business returns and/or compliance reports. The FSCA will therefore consider the development of suitable conduct returns for banks as part of its supervisory obligations. 49. POPIA (Pty) Ltd Peter Hill Section 4(7) Add (d) (d) complies with the conditions for the lawful processing of personal information as referred to in Chapter 3 of the Protection of Personal Information Act, 4 of 2013; See response to item 6 above. The intention of this Standard is not to duplicate requirements already regulated under the POPI Act.

Consultation Report: Conduct Standard for Banks Page 42 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 50. BASA Section 4(8) 1. A product variation may not be sufficiently material to warrant being re-submitted into a product approval process. 2. A senior manager and not the governing body / key person should be tasked to provide sign-off on these matters. 3. We propose that this sub-section should refer to advertising and marketing. RECOMMENDATION

1. We suggest that the clause should be reworded as follows: “The approval of a new or financial product or financial service and/or any material changes thereto by senior management must be accompanied by a confirmation that the provision of the financial product or financial service, distribution method, advertising and marketing approach and materials, and disclosure documents are consistent with the objectives set out in section 3.”
2. The Standard has been updated to refer to the approval of a new as well as the material variation of an existing product or service in alignment with the comment made.
3. It is within the discretion of the bank to determine which key person can sign off on what products.
4. The current wording of the Standard already refers to the “advertising approach and materials”, where advertising has been widely defined to include marketing. No need to add reference to marketing.
5. Information Governance (Pty)Ltd Mark Heyink Paragraph 4(10) With Internet Banking Frauds it is clear that some of the banks, despite their knowledge that security measures established by them (particularly relating to One Time Passwords (OTPs) are failing, continue to use these demonstrably insecure mechanisms, at the risk of their clients. Some of the banks claim that they advised clients of these issues. The evidence, however, indicates that this is not the case and yes, while banks continued with The Authority believe that the wording of this requirement is sufficiently wide and principles￾based to enable the FSCA to intervene where any unfair customer outcome is identified in relation to the provision of financial products and services by banks.

Consultation Report: Conduct Standard for Banks Page 43 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses campaigns relating to phishing which are important, they did not draw attention of the public to the known risk of failures with the communication of OTPs. I am not certain whether the Financial Sector Conduct Authority is the appropriate oversight mechanism to deal with this. Some banks indicate that they are subject to regulation by the South African Reserve Bank (SARB), as they do, is misleading. That regulation relates to systemic risk and not the risk of clients’ interactions. If it is felt that the SARB in particular and the Payment Association of South Africa (PASA) are the appropriate body to regulate security then it is believed that the security requirements of SARB or PASA, as may be appropriate, relating to the security of client information and transactions conducted with clients, should be published. 52. BASA Section 5. Additional requirements in respect of retail financial customers

1. As mentioned before, we submit that it is appropriate for the Standard to apply to retail financial customers only. RECOMMENDATION
2. We therefore suggest that the clause 5 heading changes to the following:
3. General requirements Disagree. The Standard applies to all financial customers except where the application is limited to retail financial customers such as Section 5.
4. FAIS Ombudsman Section 5. Additional requirements in respect of retail financial customers • The terms, conditions and requirements in the contract relating to a financial product/services must be in accordance with the six TCF outcomes as detailed above. • The TCF outcomes are overarching principles that must be applied across the Standard.

Consultation Report: Conduct Standard for Banks Page 44 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses • It is also recommended that the suitability of the product in relation to the retail business needs are considered. • It is recommended that sections 2 - Where the financial services must be conducted honestly and fairly with the required due skill care and dilligence in the intersts of the client and integrity of financial services industry,and 8 - Obtain all relevant and available infor ation from a client to ensure that once an analysis has been conducted that a recommendation is made that is appropriate to the complainants specific needs and circumstances - of the Code of Conduct be considered when contemplating the suitability of a product for a retail business customer. • Retail “business” needs is addressed by definition of “retail financial customer” which includes small businesses. • See response to item 19. 54. BASA Section 5(1)(a)(iii) 1. The phrase “limit access” is too wide. A bank will necessarily market and advertise its products on varied media platforms including online. The Standard should differentiate between creating general awareness of a financial product or service as compared to screening customers in terms of their eligibility to take up a product. If the latter is intended by the phrase “limit access” then the clause should be reworded to make the legislative intent clear and to provide legal certainty. 2. The sub clause can be interpreted to extend limitation of access at application stage, which is out of the control of the bank. As an example: whilst measures can take place to ensure that access is limited in the case of application for an investment type long-term deposit, it cannot be applied to the extent that it can ensure limited The requirement is for “reasonable measures” that should be taken to limit access to inappropriate customers. It would not be appropriate to be prescriptive as to what would constitute reasonable measures in every instance. We would expect banks to exercise judgment, taking into account the nature of the products and target markets concerned, in putting such measures in place. The Authority will if necessary engage with banks on the appropriateness of the measures when conducting supervisory activities.

Consultation Report: Conduct Standard for Banks Page 45 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses access for the entire target audience. Certainly, risk controls are applied at the stage of evaluating suitability of the investment long-term deposit matched to individual customer needs.. RECOMMENDATION

1. We suggest that the clause therefore be deleted or amended to replace the word “limit” with “ensure” The Authority disagree with the recommended wording as ensuring access for retail financial customers for whom the financial product or financial service is likely to be inappropriate is not appropriate.
2. POPIA (Pty) Ltd Peter Hill Section 5(1)(a) Add (v) (v) are supported by adequate measures in order to comply with the conditions for the lawful processing of personal information as referred to in Chapter 3 of the Protection of Personal Information Act, 4 of 2013; See response to item 6 above. The intention of this Standard is not to duplicate requirements already regulated under the POPI Act.
3. BASA Section 5(1)(c) 1. We repeat our comment submitted under the CoFI Bill around the issue of flexibility: clarity is sought in relation to the FSCA’s intention in respect of flexibility. It should be noted that in some instances the exercise of “flexibility” will be accompanied by an associated cost (for the financial institution and / or the financial customer), especially in instances where products are structured based on underlying components that carry a cost for exiting the product prior to the initially agreed on timeframe.
4. Reference to ”reasonable flexibility” is vague. What is the intention of this clause? Products are designed with specific features and specific benefits for the Customer as well as the bank. How is it envisaged that this must be adjusted in accordance with the change in the needs of the Customer? If the clause is referring to a specific part of customer base or product, then same must be clarified. The bank would need to determine what is “reasonably flexible” taking into account the target market and the product being referenced as it would not be a one size that fits all. This would include exercising judgment in balancing the flexibility of product features against the cost implications of providing such flexibility and being able to demonstrate why the agreed product design is considered fair in light of these considerations. The requirement for reasonable product flexibility is separate from the requirement to make adequate disclosures regarding the

Consultation Report: Conduct Standard for Banks Page 46 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses RECOMMENDATION

1. We suggest that the clause should speak to the duty to make clear disclosure upfront and in all marketing content around flexibility of the product.
2. In addition, we suggest rewording as follows: (c) ensure reasonable flexibility in the design of financial products and financial services to deal with and adjust to the reasonably expected changes in the needs of targeted financial customers during the lifetime of the financial product or financial service the identified target market product features concerned, as required by section 7. The suggested wording is therefore not accepted.
3. BASA Section 5(1)(d) 1. We note that this clause is adapted from CoFI, and repeat our CoFI commentary here: 1.1. In general, we are of the view that this provision should be subject to the contractual law principles which include the freedom to contract, the sanctity of contracts and the good faith of both contracting parties. 1.2. The word “unfair” is used in the proposed clause. We suggest that the test for adherence with this principle should be objective and that both contracting parties should have obligations in this regard.
4. We propose that this sub-section clearly articulate that the “contract” refers to the contract between the bank and the relevant financial customer. RECOMMENDATION
5. We submit that the clause should be redrafted as follows: “A bank that provides financial products or services to retail financial customers must:
6. As both parties to the contract are not equals (information asymmetry) and contract terms of standard contract forms cannot be negotiated in most cases, it is submitted that it is in the interest of customers that the bank has an obligation not to include contract terms that are unfair. The World Bank Retail Banking Diagnostic report discusses a range of example with regards to its finding regarding “potentially unfair product terms” and the proposal to implement an unfair terms regime.
7. The Standard has been updated in line with the recommendation provided.

Consultation Report: Conduct Standard for Banks Page 47 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses Ensure that the terms, conditions and requirements in a contract between the bank and its financial customer, relating to a financial product or financial services, including fees and charges, are not unfair.” 58. Information Governance (Pty)Ltd Mark Heyink Paragraph 5(2) • As is indicated in the South African Retail Banking Diagnostic Report (June 2018) it is strongly arguable that the provisions relating to liability of clients are required to create an unreasonable imbalance and are so adverse to the customer that they are inequitable. Noted. See response in item 33 above. In addition, the requirements in clause 5(2) are drafted on a principles basis which enables the FSCA to apply its discretion in determining whether measures put in place to ensure adherence to the requirements are appropriate. 59. BASA Section 5(2)(a) RECOMMENDATION Suggested wording: (a) it would cause a significant and unreasonable imbalance in the parties’ rights and obligations under the contract between the bank and a retail financial customer; See response to item 57 above. The concern raised has been addressed by amendment to clause 5(1)(d). 60. BASA Section 5(2)(b) 1. This clause is similar to CoFI. We repeat our CoFI Bill commentary: We are of the view that this should be objectively determined and not based on the subjective perspectives of the retail customer. RECOMMENDATION

1. We propose that this sub-section clearly articulate that the “contract” refers to the contract between the bank and the relevant financial customer.
2. Alternatively that the clause be deleted as the content and intent is captured in 5(2)(a). Clause has been deleted.

Consultation Report: Conduct Standard for Banks Page 48 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 61. BASA Section 5(2)(c) 1. This clause is similar to CoFI. We repeat our CoFI Bill commentary: It is our view that contractual terms and conditions must serve to reasonably balance the nature and consequence of contractual obligations and rights between the contracting parties. RECOMMENDATION

1. We propose that this sub-section clearly articulate that the “contract” refers to the contract between the bank and the relevant financial customer.
2. Alternatively that the clause be deleted as the content and intent is captured in 5(2)(a). With regards to recommendation 1, please see response to item 57 above. With regards to recommendation 2, in our opinion paragraph (c) is different from (a) and will therefore not necessarily be captured under (a).
3. BASA Section 5(2)(d) 1. The proviso must be made that where a perceived “unfair outcome” is because of application of the law, this will supersede the provision. The example of this will be freezing of accounts with a positive balance, where the funds cannot be released due to the application of anti￾money laundering reasons. RECOMMENDATION
4. We propose that this sub-section clearly articulate that the “contract” refers to the contract between the bank and the relevant financial customer.
5. Alternatively that the clause be deleted as the content and intent is captured in 5(2)(a). Disagree. It is trite that an outcome cannot be relied upon as unfair where the application of law compels a certain action by the bank.
6. BASA Section 5(2)(e) 1. This provision seems to make any and all waivers of rights; limitations of liability; indemnities and disclaimers unlawful. We propose that it would be more reasonable to limit illegality of waivers of financial customer rights and absolutions of liability be limited to those that are It is unclear in which circumstances it would be fair for a retail financial customer to waive their rights or absolve the bank from liability due to

Consultation Report: Conduct Standard for Banks Page 49 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses unreasonable either in context or by way of the outcome to the financial customer and provided that the waiver and/or absolution is not otherwise in conflict with the law. RECOMMENDATION Suggested wording: (e) it requires a retail financial customer whether as a condition to enter into a transaction or otherwise, to: (i) waive any rights; or (ii) absolve the bank of any obligation or liability. provided that such waiver and/or absolution is not in conflict with any other law; the inequality of the relationship between the two parties. The recommendation is not accepted. 64. BASA Section 5(3) read with Section 5(1)(b)

1. We submit that this draft standard should only apply to deposits. Conduct standards for other financial products should be dealt with in the CoFI Bill.
2. Additionally, this clause is similar to CoFI. We repeat our CoFI Bill commentary, duly adapted: 1.1. The ‘look through principle’ has far reaching effects as it effectively would shift the burden from an asset consultant, independent financial adviser, trustees of a pension fund or board of an insurer from being responsible for the suitability of the financial products they offer to their clients or pensioners onto the investment manager. 1.2. We do not believe this is the intention of the section, but the wording provided creates this impression. RECOMMENDATION
3. We submit that this clause be deleted as a similar clause is in the CoFI Bill.
4. Additionally, this clause is similar to CoFI. We repeat our CoFI Bill commentary, duly adapted:
5. See response to item 18 above.
6. The requirement intends to place a level of reasonable responsibility on the bank to ensure members are also treated fairly.
7. The recommendation to delete subsection 5(3) is not accepted.

Consultation Report: Conduct Standard for Banks Page 50 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 2.1. A clear distinction needs to be made in regard to where the lines of responsibility are drawn. 2.2. This principle should be limited to the most direct cause (i.e. whether it be as a result of advice or a client investing directly) of a financial customer investing or having exposure to a specific financial product or service. 65. Advertising Regulatory Board (ARB) Section 6. Advertising The Advertising Regulatory Board is the self-regulatory body responsible for enforcing the rules around the content of advertising. (www.arb.org.za). Our funders include a number of banks committed to the self-regulation of advertising. As such, we have enforcement and decision making processes that are appropriate for the content of advertising. As such, we would propose the inclusion in s6 of the Draft Standards, a clause along the following lines: A bank is bound by the jurisdiction, Code and decisions of the Advertising Regulatory Board NPC. We will then undertake to update our Code to reflect the provisions of s6 in so far as they may not already be included, to ensure consistent and meaningful decisions across the bodies in regard to banking advertising. It is not appropriate for the FSCA to, through subordinate legislation, establish the jurisdiction of a self-regulatory organisation such as the ARB. The ARB can prescribe the same or similar rules as contained in the conduct standard to ensure consistency and the FSCA will ensure that, to the extent deemed necessary and appropriate, disclosure requirements we prescribe are aligned to the ARB rules regarding the content of advertising. 66. BASA Section 6. Advertising 1. We propose that the heading should be altered to “Promotion and Marketing” to align to the CoFI Bill – The definition of “advertising” in the Standard is intentionally broad enough to include both

Consultation Report: Conduct Standard for Banks Page 51 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses Chapter 6, Part 1. Promotion should include advertising and marketing practices of banks. RECOMMENDATION

1. In general, we propose that this clause should be aligned with the requirements of the following pieces of legislation / draft legislation as it relates to marketing and advertising to achieve legal certainty and to prevent conflicting requirements: • The CoFI Bill – Chapter 6 • The National Credit Act 34 of 2005; • The Protection of Personal Information Act 4 of 2013; and • The Electronic Communications and Transactions Act 25 of 2002. • The FAIS Act 37 of 2002 (pending implementation of CoFI) advertising and marketing, instead of using two terms. The general point around consistency is noted however the recommendation is not accepted.
2. FAIS Ombudsman Section 6. Advertising • There must be a provision in the Draft Conduct Standard prohibiting inducement of banks to entice customers. • Any hidden charges that the customer may incur must also be disclosed in the advertisement so as to promote transparency between banks and their customers. • There are also concerns surrounding the usage of loyalty programmes to sell products and services and then to encourage clients to apply for a wider range of products to qualify for a higher loyalty level. Loyalty programmes or the level of loyalty to which one qualifies, should not be the defining issue in a clients • See response to item 28 and 42 above. • Section 7(1) disclosures will address the concern raised with regards to hidden costs.

Consultation Report: Conduct Standard for Banks Page 52 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses decision to apply for a specific financial service, at the expense of • It is recommended that sections 2- Where the financial services must be conducted honestly and fairly with the required due skill care and dilligence in the intersts of the client and integrity of financial services industry, and 8 - Obtain all relevant and available infor ation from a client to ensure that once an analysis has been conducted that a recommendation is made that is appropriate to the complainants specific needs and circumstances - of the Code of Conduct be considered when financial products/ services are advertised. 68. BASA Section 6(3) 1. This clause is similar to CoFI. We repeat our CoFI Bill commentary: 1.1. It is not clear how the FI will be expected to identify upfront if the FI will be perceived as “likely to be misleading”. 1.2. Nor is it clear who would decide if the material is “deceptive”, or “contrary to public interest”? 1.3. To merely state that the material may not be “fraudulent” is also a concern – fraud is generally established after an internal or criminal enquiry? RECOMMENDATION

1. We recommend that the reference to “likely to be misleading” is deleted and that reference is made to promotion and marketing.
2. We repeat our CoFI Bill recommendations duly adapted:
3. Disagree. It is submitted that the bank should apply its mind to whether the advertising could be reasonably considered to be misleading, e.g. where a financial customer would be expected to calculate their own rate of return on a financial product as the one advertised is not the commonly accepted rate of return.
4. The wording of the Standard has been updated to align more with the requirements already in place in the FAIS General Code of Conduct.

Consultation Report: Conduct Standard for Banks Page 53 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 1.1. We recommend that the provisions in the current FAIS GCC should be referenced to amend this clause to read as follows: “Promotional and marketing material by a bank must be factually correct and must be provided in plain language, avoid uncertainty or confusion and not be misleading”. 69. POPIA (Pty) Ltd Peter Hill Section 6(3) Add (c) (c) comply with section 69 of the Protection of Personal Information Act, 4 of 2013; See response to item 6 above. 70. BASA Section 6(4) read with 7(4)

1. The sub-section is ambiguous in the following manner: 1.1. It is not clear whether the sub-section is referring to a general indication that interest is payable; 1.2. It is not clear whether the sub-section is referring to a specific interest rate (for example, 10% per annum) which is payable; 1.3. It is not clear whether the sub-section is referring to a specific interest Rand amount which is payable; 1.4. It is not clear whether the provision is referring to interest payable by the bank to the financial customer or by the financial customer to the bank. Note: there is no Section 7(5) in the Standard. Clause 7(4) however refers to interest and states: where a financial product provides for the payment of interest, a bank must, in addition to any other disclosure regarding the Partially accepted. See revised standard.

Consultation Report: Conduct Standard for Banks Page 54 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses interest rate concerned, also disclose to a financial customer the annual effective interest rate of the financial product. RECOMMENDATION Suggested wording: Where promotional and marketing material includes a reference to interest payable by the bank to a retail financial customer (either on a per annum basis or as a Rand amount), in respect of a financial product, the material must comply with the disclosure requirement in section 7(4). 71. BASA Section 6(6) 1. Advertising is usually directed at the public at large or a part of the public and not a specific person or specific financial customer. When general advertisements are flighted, the bank will not be in a position to offer the financial customer an option to opt out. 2. Upon the reading of the provision it seems that the intent of the drafter is that the requirement should apply to “marketing” and / or “direct marketing” rather than “advertising”. Marketing or direct marketing is directed at a specific person or specific financial customer. RECOMMENDATION

1. We would therefore propose that this sub-section should refer to marketing.
2. We propose that the definition of “electronic communications” should be aligned with the definition used
3. The definition of “advertising” in the Standard is intentionally broad enough to include both advertising and marketing, instead of using two terms.
4. It is not the intention of the Authority for application of the requirement to be limited to a specific advertising medium.
5. It is not the intention of the Authority for application of the requirement to be executed by the financial customer repeatedly for every medium used and every different product offered.

Consultation Report: Conduct Standard for Banks Page 55 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses in the Protection of Personal Information Act 4 of 2013. This definition states: “electronic communication” means any text, voice, sound or image message sent over an electronic communications network which is stored in the network or in the recipient’s terminal equipment until it is collected by the recipient.” This would exclude telemarketing (that is telephone; mobile phone and voice (where the voice is not automated); marketing via post and face-to-face marketing. 3. We propose that the financial customer should be permitted to opt-out of the marketing medium used for the specific marketing approach. We would therefore propose the follow wording: “the opportunity to demand that the bank not make use of the specific marketing medium used for the marketing approach”. 4. The comma at the end of the sub-section should be replaced with a full stop. Suggested wording: (6) Where a bank uses a telephone or mobile phone call, voice or text message or other electronic communication for any marketing and/or direct marketing, it must allow the retail financial customer during that call or within a reasonable time after receiving the message, the opportunity to demand that the bank not make use of any of these mediums to provide any further advertising to the financial customer the specific marketing medium used for the marketing approach, 4. The use of the punctuation mark has been corrected; 5. The recommended wording is not accepted however the clause has been amended to clarify application of the requirement where the advertisement is directed at a targeted customer as opposed to the public at large.

Consultation Report: Conduct Standard for Banks Page 56 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 72. BASA Section 6(9) RECOMMENDATION Suggested wording: (9) A bank must have in place processes and procedures for the approval of advertisements and advertising methods promotional and marketing material and marketing methods by a person of appropriate seniority and expertise within the bank, which must form part of the governance arrangements required in section 3 above. Disagree. The term advertising is defined and used throughout the Standard, not “promotional and marketing material”. 73. BASA Section 6(10) RECOMMENDATION Suggested wording: Where a bank becomes aware that any promotional or marketing content advertising that relates to its business, financial products or financial services, whether published by the bank or any other person, is inconsistent with this Conduct Standard, the bank must: Disagree, See response to item 72 above. 74. POPIA (Pty) Ltd Peter Hill Section 6(10) Insert text “or a provision of the Protection of Personal Information Act” Where a bank becomes aware that any advertising that relates to its business, financial products or financial services, whether published by the bank or any other person, is inconsistent with this Conduct Standard or a provision of the Protection of Personal Information Act, the bank must: See response to item 6 above. The intention of this Standard is not to duplicate requirements already regulated under the POPI Act. 75. BASA Section 6(10)(a) RECOMMENDATION Suggested wording: as soon as reasonably practicable correct or withdraw the advertising material Disagree. The preamble to paragraph (a) specifically refers to advertisement, hence the reason why the advertisement must be

Consultation Report: Conduct Standard for Banks Page 57 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses withdrawn (which would include all material related to the advertisement). 76. BASA Section 6(10)(c) 1. As advertising is directed at the public at large or a part of the public at large; it is not clear how the bank would establish which members of the public relied on the advertisement. 2. However, it is realistic for the bank to be able to determine which financial customers may have relied on “marketing” and / or “direct marketing. 3. The use of the word “relied” is not clear? “Does it refer to someone who “relied” on the advertisement as a basis for contracting into the financial product or financial service? RECOMMENDATION

1. We submit that the sub-clause (c) be deleted.
2. Alternatively, we would propose that this provision should only be applicable to “marketing” and / or “direct marketing”.
3. The requirement does not place an obligation on a bank to actively identify who would have relied on an advertisement. The requirement only requires the bank to act where it knows that a specific person relied on the advertisement that is inconsistent with the Standard (e.g. if a person queried the advertisement).
4. Noted.
5. Yes. It refers to someone who has “relied” on the advertisement as a basis for contracting or expressing an interest in the product. Disagree with recommendations as no sound argument has been made why the clause should be deleted. It is also not clear why it is proposed that this clause should only apply to marketing.
6. BASA Section 6(11) 1. Advertisements may be in many forms – example a brochure, or through SMS or television ads and the like. It is not clear what the regulatory expectation is in relation to this requirement?
7. Subsequent to a financial customer viewing an advertisement, should he be interested in a product or This is a record keeping requirement aligned to existing requirements already in place. Records would for example be necessary to enable supervisory oversight of compliance with the standards relating to advertising and to enable

Consultation Report: Conduct Standard for Banks Page 58 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses financial service, a formal engagement will occur thereafter wherein the bank will disclose all relevant and key information during the pre-contractual / contractual process. We would therefore appreciate clarity around why advertisements must be stored for 5 years – as compared to records of financial services / products? 3. We request clarity on what is the expectation of the regulator in relation to this clause? RECOMMENDATION Suggested wording: A bank must keep adequate records of all advertisements promotional and marketing material for a period of at least five years after publication. a response to, and investigation of, complaints regarding advertising content or methods. 78. FAIS Ombudsman Section 7. Disclosures • The Draft Conduct Standard must make provision for appropriate procedures and provide a system in place to record verbal and written communications of services to client. • The Draft Conduct Standard must make provision pertaining to the procedure for record keeping and its availability upon request thereof by a client. • It is also recommended that all benefits and risks should be disclosed and not a balance of benefits and risks as currently provided for in section 7 (1) (a). • It is further recommended that key information be disclosed before the acceptance of the product or service being sold to the consumer. • The fact that a broker's commission can be negotiated by the customer should also be disclosed as the Requirements in place in terms of the FAIS Act as well as other relevant pieces of legislation will be applicable in addition to the requirements of this Standard. The Standard does require adequate record keeping policies and procedures to be in place, proportionate to the complexity of the business. The Authority has opted for more principle￾based requirements as opposed to prescribing specific disclosures. The specific disclosure mentioned can therefore be dealt with under the proposed principle-based requirements.

Consultation Report: Conduct Standard for Banks Page 59 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses broker's commission may be a significant amount of the customer's financial service or product. • With regard to fees and charges in 7(1)(b), not only must concise details be provided as to the percentage and monetary value of those fees and charges, but the impact of those fees and charges on the performance of the investment must be highlighted as to must the manner in which the fees and changes are collected. • With regard to section 7 (3), it is recommended that concise details of a financial product or service be given, which will be useful to the financial customer's informed decision regarding a financial product or service. • We recommend that section 7(a) of the General Code of Conduct- Where one must provide details of the nature and material terms of the relevant contract or transaction to a client, and make full and frank disclosure of any information that would reasonably be expected to enable the client to make an informed decision – and section 7 (1)(a)(iv – vi) - the nature and extent of monetary obligations assumed by the client, directly or indirectly, in favour of the product supplier, including the manner of payment or discharge thereof, the frequency thereof, the consequences of non￾compliance and, subject to subparagraph (xiv), any anticipated or contractual escalations, increases or additions; v) the nature and extent of monetary obligations assumed by the client, directly or indirectly, in favour of the provider, including, the manner of The Authority is also in the process of considering the development of a more detailed disclosure framework to be applied across all financial institutions under the COFI Bill.

Consultation Report: Conduct Standard for Banks Page 60 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses payment or discharge thereof, the frequency thereof, and the consequences of non-compliance; vi) the nature, extent and frequency of any incentive, remuneration, consideration, commission, fee or brokerages ("valuable consideration"), which will or may become payable to the provider, directly or indirectly, by any product supplier or any person other than the client, or for which the provider may become eligible, as a result of rendering of the financial service, as well as the identity of the product supplier or other person providing or offering the valuable consideration: Provided that where the maximum amount or rate of such valuable consideration is prescribed by any law, the provider may (subject to clause 3(l)(a)(vii)) elect to disclose either the actual amount applicable or such prescribed maximum amount or rate; of the Code of Conduct be considered when contemplating the concise details of the financial product or service be given. 79. Information Governance (Pty)Ltd Mark Heyink Section 7. Disclosures By failing to draw clients’ attention to the contractual liability imposed on the client, despite the client using the structures and security measures established by the bank, clients believe that they are safe in interacting with the bank. In the circumstances, in this case it is the non￾disclosure which misleads the client. It is recommended that should a bank wish to impose liability obligations, that this be properly brought to the attention of a client (as indeed the law requires) and clients not be misled into thinking that their transactions will be secure as is currently the case. We believe that the current requirements are sufficiently principle-based allowing flexibility when supervising disclosures and that the principle-based requirement would cover the situation raised in your argument.

Consultation Report: Conduct Standard for Banks Page 61 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 80. POPIA (Pty) Ltd Peter Hill Section 7. Disclosures Insert text to conform to section 18(1) (a) to (h) of POPI Act Before, during and after the conclusion of a contract or agreement for the provision of a financial product or a financial service, a bank must take reasonable steps to ensure that a financial customer is aware of: (a) the information being collected and where the information is not collected from the data subject, the source from which it is collected; (b) the name and address of the responsible party; (c) the purpose for which the information is being collected; (d) whether or not the supply of the information by that data subject is voluntary or mandatory; (e) the consequences of failure to provide the information; (f) any particular law authorising or requiring the collection of the information; (g) the fact that, where applicable, the responsible party intends to transfer the information to a third country or international organisation and the level of protection afforded to the information by that third country or international organisation; (h) any further information such as the— (i) recipient or category of recipients of the information; (ii) nature or category of the information; (iii) existence of the right of access to and the right to rectify the information collected; (iv) existence of the right to object to the processing of personal information as referred to in section 11(3); and (v) right to lodge a complaint to the Information Regulator and the contact details of the Information Regulator, which See response to item 6 above.

Consultation Report: Conduct Standard for Banks Page 62 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses is necessary, having regard to the specific circumstances in which the information is or is not to be processed, to enable processing in respect of the data subject to be reasonable. and understands, all relevant facts that could reasonably be expected to influence the financial customers' decisions relating to the financial product or financial service, including: 81. BASA Section 7(1) COMMENT RE CLAUSE 7(1)(a):

1. Whilst this clause is similar to the CoFI Bill, it inserts the phrases: “or agreement”, “and understands” and “a balanced presentation”.
2. We propose that the requirement should be that the financial customer “generally understands” rather than “understands”. The financial customer’s understanding should be objectively determine based upon the reasonable financial customer who would exercise reasonable care to understand various disclosures and the relevant financial product or financial service. RECOMMENDATION
3. We submit that the clause should be redrafted to agree to the CoFI Bill as follows: “Before, during and after the conclusion of a contract for the provision of a financial product or a financial service, a bank must make a financial customer aware of all relevant facts that could influence the financial customers’ decisions relating to the financial product or financial service, including but not limited to—
4. The Standard has been amended to delete both “agreement” and “and understands” however the Authority disagree that “a balanced presentation” should be removed. The Authority disagrees with the recommended wording for the clause.
5. The Authority disagree that the disclosure standards only apply during the existence of the contract. The Standard correctly states that it applies “before, during and after” conclusion of the contract, which is further amplified by the requirements relating to appropriate timing of disclosures in order to make informed decisions (see s.7(3)(c).
6. With regards to misalignment with COFI: COFI is primary legislation and more detailed requirements could be imposed through standards. This is already a standard and, although aspects of this standard have been

Consultation Report: Conduct Standard for Banks Page 63 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses (a) benefits and risks in relation to the financial product or financial service; “ 2. We propose that the sub-section should clearly articulate that the contract or agreement is between a bank and the financial customer and that the disclosure obligations only remain whilst the contract or agreement in place between the bank and financial customer have not been terminated. COMMENT RE CLAUSE 7(1)(b):

1. This clause is miasaligned to the CoFI Bill. CoFI does not place an obligation on the licensee to provide total expected or actual costs and for the same period total actual or expected returns. RECOMMENDATION
2. We submit that sub-clause (b) be redrafted to align to the CoFI Bill as follows: “Before, during and after the conclusion of a contract or agreement for the provision of a financial product or a financial service, a bank must take reasonable steps to ensure that a financial customer is aware of, and understands, all relevant facts that could reasonably be expected to influence the financial customers’ decisions relating to the financial product or financial service, including: (b) all costs to the financial customer in relation to the supply of that product or service;” kept principle-based at this stage, we believe more detailed requirements would be appropriate. The clause has been amended to address the regulatory burden.
3. Information Governance Paragraph 7(1) It is suggested that in addition to the provisions relating to financial services that a further sub-clause be added We believe that the current requirements are sufficiently principle-based allowing flexibility when supervising disclosures and that the

Consultation Report: Conduct Standard for Banks Page 64 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses (Pty)Ltd Mark Heyink governing disclosures where clients assume risk that in the normal course would be that of the bank. principle-based requirement would cover the situation raised. 83. BASA Section 7(2) 1. This clause is materially misaligned to a similar clause in the CoFI Bill. It includes a reference to disclosure that must not be “fraudulent or contrary to the public interest”. 2. The phrase “contrary to the public interest” is wide and unclear – what would be regarded as being contrary to the public interest? The clause needs to be more specifically drafted so as to provide legal certainty. RECOMMENDATION

1. We submit that the clause be redrafted to agree to the corresponding provisions in the CoFI Bill, as follows: “A bank must make disclosures to financial customers that— (a) use plain language that is clear, unambiguous, and is appropriate for the target market; (b) are adequate, appropriate, timely, relevant and complete; (c) are factually correct and not misleading or deceptive; (d) promote understanding of the financial product or financial service being provided;”
2. Alternatively – reword the phrase “contrary to the public interest” to provide clarity and legal certainty.
3. With regards to misalignment with COFI: COFI is primary legislation and more detailed requirements could be imposed through standards. This is already a standard and, although aspects of this standard have been kept principle-based at this stage, we believe more detailed requirements would be appropriate. Although the provisions should not be inconsistent, there is no reason why the provisions of this standard should not be more granular than COFI.
4. The Authority disagrees with the comment that the requirement is “wide and unclear”, the term “public interest”, is a generally accepted measure in legislation.
5. BASA Section 7(2) 1. “Any party” affected by an agreement is wide and could potentially include individuals such as a spouse or a minor child or if a business client, a trust or a partnership.
6. The Standard has been amended to limit application to the financial customer affected.

Consultation Report: Conduct Standard for Banks Page 65 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 2. We submit that disclosures should only be made between the bank and the contracting party. RECOMMENDATION

1. There is no such provision in the CoFI Bill (under the Disclosure Chapter 6, Clause 60 of CoFI) and we therefore suggest that sub-clause (e) be deleted in its entirety.
2. With regards to misalignment with COFI, see response to item 83 above.
3. BASA Section 7(3) 1. The last line should refer to financial product and financial service rather than product and service. Standard has been amended as proposed.
4. BASA Section 7(4) 1. It is not clear whether the provision is referring to interest payable by the bank to the financial customer or by the financial customer to the bank.
5. Please provide clarity on intention.
6. For a number of wholesale banking products this will not be practical and is not how the market currently works for wholesale clients. These disclosures should only apply to retail financial customers.
7. Reference to interest payable by the bank to the financial customer has been included.
8. It is unclear why this requirement would not be appropriate for the wholesale market as it is applicable only to advertising referencing interest payable by the bank.
9. BASA Section 8. Complaints NOTE:
10. BASA and members have not participated in the PPR and Insurance project to define and refine Complaints management, therefore many of the concepts included in this part have not been discussed with banks. We need to engage separately on a Complaints management framework for banks. Our comments below are therefore in addition to this request.
11. BASA members have agreed to a Complaints Management policy which is integrated into the OBSSA ToR. We suggest that this policy, which is adhered to by members form the basis of the Standard requirements. We attach it as Annexure D.
12. The Authority respectfully disagrees with the comment as BASA and its members, as well as the Ombud for Banking Services actively participated in the consultation process both before and after publication of the then FSB’s TCF Complaints Management Discussion Document published in October 2014. The provisions in the Standard are substantially based on the proposals put forward in that Discussion Document. 2 and 3. The recommendation is not accepted, and it is submitted that banks can do more in

Consultation Report: Conduct Standard for Banks Page 66 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 3. The Code of Banking Practice contains a section dealing with complaints. We include the relevant wording in Annexure D. the area of complaints management than merely propose that the status quo remain in place. 88. FAIS Ombudsman Section 8. Complaints • It is recommended that the term "regularly" be qualified so as to ensure that there is consistent improvement to a bank's complaints management framework. It is suggested that the framework is reviewed annually. • With regard to section 8 (22), it is recommended that all Ombud's details are provided to the customers. The entity should not be required to refer clients to any preferred Ombud structure, but allow the client access to the Ombud scheme that would best suit the specific circumstances surrounding the complaint. • The process and procedure pertaining to refusal, withdrawal, of the financial services or products must be specific with detailed process and procedures to assist a financial customer. • Section 8(2) and (3), it is recommended that the term "reasonable" be qualified so as to ensure that banks revert to customers timeously. A period of 30 days is recommended. • The Authority disagrees with the recommendation, generally we do not want to be prescriptive about the frequency of review of governance processes. • This requirement is provided for in section 8(22)(b), which requires all relevant ombud details to be provided. • We believe that the proposed requirements are sufficiently principle￾based allowing flexibility when supervising complaints and that the principle-based requirement would cover the situation raised. • The Authority disagrees with the recommendation, generally we do not want to be prescriptive with regards to timelines. 89. Information Governance (Pty)Ltd Mark Heyink Section 8. Complaints See prior comment relating to the lack of transparency of complaints mechanisms employed by some of the banks. Noted.

Consultation Report: Conduct Standard for Banks Page 67 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 90. POPIA (Pty) Ltd Peter Hill Section 8(1) Add (f) (f) does not limit or restrict any provision of Chapter 10 of the Protection of Personal Information Act, 4 of 2013. See response to item 6 above. 91. BASA Section 8(3)(b) 1. While we support the principle that complaints must be dealt with objectively and impartially, it would not be appropriate to include into an operational level complaints handling policy any details around remuneration and reward strategies for complaints handling staff. Objectivity and impartiality can be achieved if there are varied and independent levels of oversight and escalation in the complaints handling process. 2. CoFI and this Draft standard {see Clause 3(4)(b)} propose that the governance arrangements of the bank must include remuneration, compensation and incentive practises. We agree that such matters are accordingly more appropriately dealt with in a remuneration policy – which under CoFI is a policy that the governing body is accountable for, correctly so. RECOMMENDATION

1. We submit that the clause should be redrafted as follows: “The complaints management framework must at least provide for: Appropriate performance standards and for complaints management to ensure objectivity and impartiality as well as for the escalation of complaints to independent mandated staff with adequate expertise.” Disagree. It is submitted that including reward strategies and incentives that drive incorrect behaviours are very relevant at this operational level and must be included. It would not be necessary for actual remuneration and reward details of individuals to be reflected in the policy. In addition, escalation of complaints is already dealt with in clause 8(3)(d).

Consultation Report: Conduct Standard for Banks Page 68 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 92. BASA Section 8(3)(h) 1. We request opportunity to engage with the regulator on this requirement so that we have a proper understanding of the requirements and expectations. RECOMMENDATION

1. As we have not engaged on this requirement we may be in a position of non-compliance with the expectations therefore we either request the subclause to be deleted or that it forms part of a staggered inclusion in a transitional period. The Authority will in due course set reporting obligations with regards to complaints to the Authority and the Authority may make these public or require the banks to make these public. Banks will have an opportunity to engage the Authority on the reporting obligations when they are put in place as the usual consultation processes will be followed.
2. POPIA (Pty) Ltd Peter Hill Section 8(3) Add (k) (k) A bank must make provision, in the manner prescribed in section 17 of the Promotion of Access to Information Act, with the necessary changes, for the designation of such a number of persons as deputy information officers as is necessary to perform the duties and responsibilities as set out in section 55(1) of the Protection of Personal Information Act; See response to item 6 above.
3. BASA Section 8(4) 1. Whilst the governing body may be held ultimately accountable, it cannot be expected to oversee the effectiveness of implementation. The governing body should be able to formally delegate such tasks to duly mandated complaints stakeholders of sufficient seniority. RECOMMENDATION
4. We submit that the Draft Standard should insert a clause which provides for the formal delegation of authority of certain tasks by the governing body to other mandated persons. The Standard has been amended to make provision for delegation of the responsibility.

Consultation Report: Conduct Standard for Banks Page 69 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses RECOMMENDATION Suggested wording: (4) The governing body senior management regime of a bank is responsible for effective complaints management and must approve and oversee the effectiveness of the implementation of the bank's complaints management framework. 95. BASA Section 8(6), 8(7) and 8(8) COMMENT We request opportunity to engage with the regulator on these requirements so that we have a proper understanding of the requirements and expectations. RECOMMENDATION

1. As we have not engaged on these requirements we may be in a position of non-compliance with the expectations therefore we either request the subclause to be deleted or that it forms part of a staggered inclusion in a transitional period. The Authority respectfully disagrees with the comment as BASA and its members, as well as the Ombud for Banking Services actively participated in the consultation process both before and after publication of the then FSB’s TCF Complaints Management Discussion Document published in October 2014. The provisions in the Standard are substantially based on the proposals put forward in that Discussion Document.
2. BASA Section 8(6)(c) RECOMMENDATION
3. We propose that this sub-section should refer to advertising and marketing. Disagree. The term advertising is defined and used throughout the Standard.
4. BASA Section 8(6)(f) 1. The reference to “administrative processing of payments” is very wide and the meaning of the clause is not clear, it could have payment system implications. RECOMMENDATION
5. We suggest that clarity be provided – does the drafter mean service levels relating to payments from or due to customers? It is unclear why there would be payment system implications. The standard does not prescribe the response to a complaint, but simply relates to complaint categorisation for record keeping and reporting purposes. Response to recommendation:

Consultation Report: Conduct Standard for Banks Page 70 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses COMMENT

1. We require clarity on the meaning of “changes” and “switches”. If it is intended to refer to changes in financial products or financial services and/or switching between financial products and/or financial services, then this must be so specified.
2. “Switches” has a specific meaning within the National Payments System which would not make sense if applied in this context. Although “switches” is not defined per the Clearing Rules, it is understood to refer to the routing of off-use payment transactions through specific Payment System Operators, in the payments industry. “Changes” in financial products or financial services and/or “switching” between financial products and/or financial services must be made clear so that there is no confusion. Kindly provide clarity. The wording states “processing of payments to or by the financial customer”. Responses to comment:
3. The intention is that customer complaints regarding both scenarios mentioned in the comments should be accommodated in the framework.
4. Section 8(7)(g) has been amended to clarify that the section is applicable with regards to complaints relating to changes or switches between financial products and financial services.
5. Information Governance (Pty)Ltd Mark Heyink Paragraph 8(11) It is my experience that in dealing with some of the banks, commitments to make payments and to ensure that during the settlement negotiations the client is not harassed, are often honoured only in the breach. Noted. This provision seeks to prevent such conduct.
6. BASA Section 8(12) COMMENT
7. We submit that due cognisance must be taken of any escalation procedures and timelines as will be prescribed by the statutory Ombud (per the FSR Act) in future.
8. Suggest that a watching brief be held to insert any future statutory Ombud (per the FSR Act) rules and timelines around the complaints appeal and escalation procedures. Noted. There is no requirement in the Standard that would be contrary to such developments.

Consultation Report: Conduct Standard for Banks Page 71 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 100. POPIA (Pty) Ltd Peter Hill Section 8(16) Insert text “, its information officer” A bank must establish and maintain appropriate processes and procedures for reporting of the Information in subsection (15) to its governing body, its information officer and appropriate key persons. See response to item 6 above. 101. POPIA (Pty) Ltd Peter Hill Section 8(17) Insert text A bank must ensure that its processing operations are documented in accordance with section 17 of the Protection of Personal Information Act and its complaint processes and procedures are transparent. visible and accessible through channels that are appropriate to the bank and its financial customers. See response to item 6 above. 102. POPIA (Pty) Ltd Peter Hill Section 8(20) Add (e) (e) inform its information officer of the receipt of a complaint; See response to item 6 above. 103. BASA Section 8(20)(b) COMMENT

1. It is important to note that “addressing” does not mean “resolution”. Noted.
2. Information Governance (Pty)Ltd Mark Heyink Paragraph 8(21) My experience is that complainants are often kept in the dark. It would appear that in some instances this is a tactic of attrition, wearing a client down where there is a gross imbalance in power between the client and the bank. The client has been denied access to funds that may be lawfully the clients if the investigation indicates this, and in certain instances where the bank has failed (wittingly or unwittingly) to take into account all of the relevant issues, including its contractual obligations to the client. The problem is that at this stage the client has no remedy and the Conduct Standard does not address any remedy in the The requirement is intended to ensure that clients are kept abreast of developments relating to the complaint. If a bank does not comply with this requirement regulatory action can be taken.

Consultation Report: Conduct Standard for Banks Page 72 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses short term. Even in the long term, what are the client’s remedies where a bank has acted delinquently? If the only remedy is litigation then the client is in a very unfair position. 105. BASA Section 22(b) 1. The requirement that a bank must disclosure to customers at point of sale the relevant Ombud services to customers and complainants may have undesired consequences and conflicts with existing laws: 1.1. It has generally been accepted that internal complaints management solutions should first be exhausted before customers approach or be referred to an Ombud. 1.2. FAIS is an example of a current law which require customers to first exhaust internal remedies before they refer a complaint to the FAIS Ombud. 1.3. There will be influx in complaints to the Ombud, which will require adequate operational capability in the office of the Ombud to manage these complaints, which complaint may or may not be warranted and this could become administratively burdensome on the office and cause undue delay on the determination of complaints. RECOMMENDATION

1. We submit that the current practice where customers are only referred to the relevant Ombud when a complaint is rejected, is to remain as-is. Disclosure of the referral process to the relevant Ombud and the appropriate time for the customer to do so, should be made available on, for example, Digital Channels on a continuous basis.
2. We suggest that “periodic” be deleted.
3. It is unclear of what the undesired consequences would be to inform a financial customer of the contact details of the relevant Ombudsman.
4. The facts of each complaint and the rules of the relevant ombud determine whether internal resolution should first be exhausted. The customer should not be prohibited in this regard.
5. The proposed FAIS General Code requirements regarding complaints management are now aligned to this requirement and the concern falls away.
6. The bank communication should be clear as to where internal resolution is first required before the ombud should be approached.

Consultation Report: Conduct Standard for Banks Page 73 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 106. BASA Section 22(c) 1. The proposed implementation date of the Draft Standard is 1 October 2019 and this Draft Standard is not practical or achievable by then for the following reasons: 1.1. Currently, the industry has voluntary and statutory Ombuds who adjudicate of complaints. At present banks make reference to the current Ombuds in disclosure documents. 1.2. However, this landscape will change once the Ombud provisions in the FSR Act become effective and introduce a statutory Ombud. 1.3. Given the changing landscape, it would be impractical for banks to make changes to disclosures now – which have significant cost implications given the requirement to provide this information at branches. 1.4. The requirement will have ongoing cost implications as documents in branches will need to be constantly checked for version control, updated and distributed, etc. RECOMMENDATION

1. We suggest that a transitional period of at least one year be provided from date that the office of the statutory Ombud per the FSR Act becomes effective, to implement this change, as all current documentation which contain references to the Ombud will need to be reviewed and updated. Comment not fully understood as the FSR Act does not change the identity or existence of the current ombuds. The Authority strongly disagree with the proposal to allow for a 12-month period during which no details of the relevant ombud needs to be disclosed to customers. This would not be in the interest of customers.
2. POPIA (Pty) Ltd Peter Hill Section 8(23) Insert text “ , Information Regulator” A bank must have appropriate processes and procedures in place to ensure compliance with any prescribed requirements for reporting complaints information to the See response to item 6 above.

Consultation Report: Conduct Standard for Banks Page 74 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses Authority, Information Regulator or to the public as may be required by the Authority or Information regulator. 108. FAIS Ombudsman Section 9. Refusal, withdrawal or closure of financial products or financial services by the bank • The process and procedure pertaining to refusal, withdrawal, of the financial services or products must be specific with detailed process and procedures to assist a financial customer. A period of 30 days is recommended. • The reasons for refusal, withdrawal termination or closure should also be provided to the customer within 30 days. • We recommend that section 2 of the Code of Conduct be applied with regard to the reasonableness of the time period in which a bank reverts to a customer regarding the refusal, withdrawal, termination or closure of a financial service or product. • Section 3(1)(d) of the Code requires that the financial service be conducted timeously and in accordance with the reasonable requests and instructions of the client. • We believe that the proposed requirements are sufficiently principle￾based allowing flexibility when supervising the Standard and that the principle-based requirement would cover the comment raised. • The Authority disagrees with the recommendation, generally we do not want to be prescriptive with regards to timelines. • As mentioned above, clause 3(2) of the Standard already incorporates the wording of clause 2 of the FAIS General Code of Conduct to a large extent. • A requirement has been added in line with the requirements of section 3(1)(d) of the FAIS General Code. 109. BASA Clause 9 – requirement to provide prior notice and reasons when terminating, withdrawing or closing an account We submit that any new conduct standard should not be misaligned to existing laws and accordingly: a) As agreed during the FSRA drafting process it is important to ensure that the FSCA Conduct Standard is not inconsistent with the principles which are articulated in sections 228 and 229 of the FSR Act which provide, amongst others, that a person may request reasons for decisions taken; As explained previously, sections 228 and 229 of the FSR Act does not apply to decisions made by financial institutions, except decisions relating to debarments (see the definition of “decision” as per section 218 of the FSR Act). These sections therefore do not apply to a bank making a decision with regards to a financial customer. The rationale for the reference to

Consultation Report: Conduct Standard for Banks Page 75 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses b) Is not inconsistent with the principles in Section 62(1)(a) of the NCA which provides that consumer must be notified in writing of the dominant reason for refusing to enter into a credit agreement with that consumer; With regard to Clause 9(3) and the requirement to provide reasonable notice prior to closing an account and the provision of reasons when closing an account: (i) We understand that it is a principle of our common law that the bank-client relationship can be terminated by agreement, or unilaterally by either the client or the bank, However, the bank must allow the customer a reasonable period of notice. What proper or reasonable notice entails will depend on the circumstances of the case and the nature of the product or service being terminated. The courts have confirmed the following “A bank has no obligation to give reasons for terminating this relationship. Its motives for terminating such are generally irrelevant (there may be an exception where there is an abuse of rights).” It has been argued academically that an absence of reasons may be indicative of an absence of bona fides, or even the abuse of rights. We accordingly submit that, notwithstanding the provision of reasons, a bank must retain full discretion regarding any decision taken to refuse, close, withdraw or terminate an account. (ii) Note also that FICA provides that an institution must exit a customer relationship if it cannot perform proper customer due diligence (S21E) but, FICA does not section 228 and 229 is therefore unclear and misplaced. The requirement does not prescribe the basis upon which a bank may decide to refuse, close, withdraw or terminate an account. It simply requires that reasons for such a decision must be provided. The basis for the comment is therefore flawed. In addition, we note your comment relating to “courts having confirmed” that a bank has no obligation to give reasons for terminating the relationship and that its motives for terminating such are generally irrelevant. It is precisely for this reason that we are proposing a requirement that reasons must be provided as it is not in the interest of financial customers to terminate a relationship without reasons. We therefore do not agree with the assertion that a bank should be able to decide to refuse, close, withdraw or terminate an account without reasons. Section 9(4) makes provision for exceptions to the requirement to provide reasons to customers, such as being compelled by law or where there is a reasonable suspicion of illegal purposes. The Standard therefore will not compromise a bank’s obligation to avoid “tipping off”. With regards to the practical

Consultation Report: Conduct Standard for Banks Page 76 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses overtly allow or disallow for the provision of reasons when exiting customer relationships – it rather states at Section 42 that and accountable institution must provide for the manner in which S21E will be met. (iii) On a practical level, it would be extremely difficult to consistently implement the suggested notice or reasons provisions where the bank has taken a well-informed, well governed decision to exit client relationships because it does not have the appetite for certain clients which it believes are abusing its platforms for illicit purposes etc. and is then forced to keep the accounts open and provide reasons etc while such customers continue to abuse our platforms – this could not only compromise our regulatory obligations but also impact important (international) commercial relationships with e.g. correspondent banks and business partners. (iv) We also draw your attention to the “tipping off” provisions in Section 53 of FICA: in instances where a financial institution may exit a customer for desirability reasons - including due to suspicious activity on his account – we cannot advise the customer of that fact because we would then commit an offence of tipping off. We have provided suggested rewording of Clause 9. issues you raise, it is unclear why it would be unpractical to simply provide a customer with reasons why a product is being terminated. It must be noted that the requirement in clauses 9(2) is phrased in such a way that the bank must provide “reasonable” prior notice. The requirements were specifically phrased in this way to provide some flexibility. In circumstances where there is a significant abuse of the bank’s platform resulting in significant risk to the bank, “reasonable notice” before termination could be much shorter than in a “normal termination” scenario. 110. BASA Section 9(1) 1. General comment: the provisions of Clause 9 have been referenced in previous industry consultations to bank accounts only (rather than being applicable to all financial products). We agree that this clause should be limited to bank accounts.

1. It is not the intention of the Authority to limit application of section 9 to banks accounts only.

Consultation Report: Conduct Standard for Banks Page 77 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 2. The phrase in clause 9(1), namely “taking into consideration relevant international standards and best practices, and subject to other applicable regulatory requirements”, appear on face value, to be very wide and open to judgement and interpretation. Varied financial institutions may consider different international standards and best practice and may apply same inconsistently. 3. However, we agree that it is and will always be important for banks (and other financial institutions) to ensure that its processes in this regard are rational and well informed by, as a minimum, consideration of relevant international standards (to the extent available), best practices and other applicable regulatory requirements, i.e. FICA related and sections 228 and 229 of the FSR Act, 2017. RECOMMENDATION

1. We submit that in its supervisory approach, the Authority should take cognisance of the well considered risk-based approach that each bank will have adopted in relation to these matters.
2. We suggest that it may be inappropriate to compel SA banks to follow international standards which are inappropriate and not aligned with the SA environment and customer profiles.
3. The supervisory approach of the Authority will take into account the risk-based approach of a bank.
4. Referencing to a “relevant international standard” has been removed.
5. POPIA (Pty) Ltd Peter Hill Section 9(1) Insert text ”subject to the Protection of Personal Information Act and taking into consideration relevant international standards and best practices, and subject to the Protection of Personal Information Act and other applicable regulatory requirements. See response to item 6 above.

Consultation Report: Conduct Standard for Banks Page 78 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 112. BASA Section 9(2) and 9(3) COMMENT RE CLAUSE 9(2)

1. We submit that any new conduct standard should not be misaligned to existing laws and accordingly: 1.1. As was agreed during the FSRA drafting process it is important to ensure that the FSCA conduct standard is not inconsistent with the principles which are articulated in sections 228 and 229 of the FSR Act which provide, amongst others, that a person may request reasons for decisions taken; 1.2. Is not inconsistent with the principles in Section 62(1)(a) of the NCA which provides that consumer must be notified in writing of the dominant reason for refusing to enter into a credit agreement with that consumer;
2. With regard to Clause 9(3) and the requirement to provide reasonable notice prior to closing an account and the provision of reasons when closing an account: a. We understand that it is a principle of our common law that the bank-client relationship can be terminated by agreement, or unilaterally by either the client or the bank, However, the bank must allow the customer a reasonable period of notice. What proper or reasonable notice entails will depend on the circumstances of the case and the nature of the product or service being terminated. The courts have confirmed the following “A bank has no obligation to give reasons for terminating this relationship. Its motives for terminating such are generally irrelevant (there may be an exception where there is an abuse of rights).” It has been argued academically that an absence of
3. See response to item 109 above.
4. The drafting proposal for section 9(3) is not accepted. It is not reasonable to expect a customer to know that they are entitled to request reasons and only be provided with same if requested it.
5. It is uncertain what the purpose of the addition of proposed section 9(6) would be as it would obviate the rationale for the inclusion of the section by in effect allowing a bank to “contract out” of compliance with section 9.

Consultation Report: Conduct Standard for Banks Page 79 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses reasons may be indicative of an absence of bona fides, or even the abuse of rights. We accordingly submit that, notwithstanding the provision of reasons, that a bank must retain full discretion regarding any decision taken to refuse, close, withdraw or terminate an account. b. Note also that FICA provides that an institution must exit a customer relationship if it cannot perform proper customer due diligence (S21E) but, FICA does not overtly allow or disallow for the provision of reasons when exiting customer relationships – it rather states at Section 42 that and accountable institution must provide for the manner in which S21E will be met. c. On a practical level, it would be extremely difficult consistently implement the notice or reasons provisions where the bank has taken a well-informed, well governed decision to exit client relationships because it does not have the appetite for certain clients which it believes are abusing its platforms for illicit purposes etc and is then forced to keep the accounts open and provide reasons etc while such customers continue to abuse our platforms – this could not only compromise our regulatory obligations but also impact important (international)commercial relationships with e.g. correspondent banks and business partners. We also draw your attention to the “tipping off” provisions in Section 53 of FICA: in instances where a financial institution may exit a customer for desirability reasons - including due to suspicious activity on his account – we

Consultation Report: Conduct Standard for Banks Page 80 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses cannot advise the customer of that fact because we would then commit an offence of tipping off. RECOMMENDATION

1. We suggest that Clause 9(3) be rephrased as follows: Subject to subsection (4), a bank must, when it takes any of the actions referred to in subsection (1); (a) on request of the financial retail customer, advise that financial retail customer of the dominant reason for the refusal, withdrawal, termination or closure. We suggest the addition of a Clause 9(6) which states as follows: Despite anything to the contrary in this clause 9 – the termination of the contractual agreement between a bank and a financial customer, shall be governed by the terms of the contractual agreement between them and the law applicable to contract; and (b) nothing in this clause 9 shall entitle the financial customer to any additional right or remedy as a result of such termination, that he/she would not have in terms of the provisions of the customer agreement and the law applicable to such agreement.
2. BASA Section 9(4) 1. Regarding sub-clause (b): we suggest that the Regulator should provide certainty around what their regulatory expectations are in this regard: • As an example, do we have certainty of whether or not we are compelled to do so in terms of the NCA, FIC and CoFI when enacted?
3. It is inappropriate to use the NCA and FIC as a comparison measure. Each of those Acts has different objectives, as do subordinate legislation made by the FSCA. The objectives of the FSCA include consumer protection and this requirement must be read in that context. With

Consultation Report: Conduct Standard for Banks Page 81 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses 2. Regarding sub-clause (c): we suggest that the Regulator should provide certainty around what their regulatory expectations are in this regard: • Is this obligation only referring to the FIC and financial crime? • Or does it also extend to responsible lending (unaffordable/irresponsible credit extension)? • Would this obligation apply when we refuse to provide a complex financial product to an illiterate financial customer (where we are compelled by law – future CoFI - to refuse on grounds of unsuitability, client falls outside the target market)? • In most of these instances, we will actually inform the customers why his/her application was declined or why a specific financial product was not suitable to meet his needs – in accordance with our prescribed duties and responsibilities in this regard. 3. We request that clarity be provided on these questions. regards to alignment with the COFI Bill, please see our responses above relating to that. 2. The expectation of the Authority is that the circumstances mentioned in either (a) or (b) must be present, and in addition (c) must always be applicable, when not providing the reasonable prior notice or reasons referred to in subsection (2) and (3). 114. BASA Section 9(5) 1. We note the proposed requirement, however, we submit that it may not be possible to include all possible reasons in such a contract i.e. FICA related and tipping off. The omission of a reason, whether unforeseen or not, cannot be construed as preventing a bank from making an informed decision to terminate or withdraw from the contractual arrangement. 2. We suggest that this clause be revisited, taking cognisance that the circumstances under which a The Authority finds it concerning that the list of possible reasons for unilateral termination is so long that it could not be provided for in contracts. The intention is not to provide an exhaustive description of all practical scenarios, but to at least provide the broad circumstances.

Consultation Report: Conduct Standard for Banks Page 82 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses contractual agreement may be terminated or withdrawn cannot be stated exhaustively in same. RECOMMENDATION: We suggest that the clause be redrafted as follows: (5) Contractual agreements with financial customers must make provision for the termination of the contractual agreement by the bank. 115. POPIA (Pty) Ltd Peter Hill Section 9(6) Add (6) (6) Destroy personal information about financial customers in its possession or under its control that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully. The recommendation is not accepted as creating an obligation to destroy information may generate other risks. 116. FAIS Ombudsman Section 10. Termination, closure or switching of financial products or financial services by the financial customer • The same recommendations as above are recommended herein. • We recommend that the above section of the Code be referred to with regard to the termination, closure or switching of financial products or services. Noted, however the wording provided in clause 10 serves a specific purpose, and therefore the FAIS wording will not suffice. Please note that the requirements in the FAIS Act will remain in force and be applicable in respect of the rendering of financial services by a bank in addition to the requirements of the Standard. 117. BASA Section 10(1) 1. It is noted that this subsection provides for portability of products however, not all financial products may be capable of being ported. For example, due to the nature of a credit agreement, it cannot be ported. RECOMMENDATION

1. It is proposed that subsection be redrafted as follows: “A bank may not where applicable - impose unreasonable barriers where a retail financial customer requests the It is submitted that where a financial product is not transferable due to the nature of the product the requirement would not be applicable as it requires that unreasonable barriers should not be imposed, not that there should not be any barrier where same is reasonable in the circumstances.

Consultation Report: Conduct Standard for Banks Page 83 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses termination, closure or transfer to another bank, of a financial product or financial service.” 118. BASA Section 10(4) COMMENT

1. We require clarity around what would be regarded as a “dormant financial service”?
2. We are currently looking at all the variants of “dormancy” in the banking industry.
3. In previous industry consultations, reference was made to a “dormant account”. We agree that dormancy is most relevant in relation to bank accounts. As an example: an insurance product or CIS product would not be regarded as becoming “dormant”. COMMENT AFTER MEETING WITH FSCA ON 4 JULY 2019 The regulator was informed that there is work underway in the banking sector to determine how various banks treat account dormancy and closure and that the sector is not yet aligned with standard operating proceures in this regard. The regulator informed BASA and members that they do not expect a uniform approach across the sector but rather that each bank must have policies or procedures in place to address dormancy and closing of accounts. It will then boil down to a subjective test to see if each bank’s policies or procedures are adequate and reasonable.
4. Proposal accepted that dormancy be restricted to financial products and would not apply to financial services.
5. As the standard is applicable to banks it is unclear in which circumstances the bank would hold/have a “dormant” insurance or CIS product on its balance sheet on behalf of a financial customer.
6. Rather than a “subjective test”, the supervisors will apply the supervisory framework when assessing compliance with the requirements of the Standard, taking into consideration the relevant circumstances of each bank.
7. POPIA (Pty) Ltd Peter Hill Retention periods Add “Retention Periods for personal information processed by banks” POPIA 14(2) A responsible party that has used a record of personal information of a data subject to make a decision about the data subject, must— retain the record for such See response to item 6 above.

Consultation Report: Conduct Standard for Banks Page 84 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses period as may be required or prescribed by law or a code of conduct 120. POPIA (Pty) Ltd Peter Hill New Add “Banks to notify the Authority” POPIA 58(1) Information processing as contemplated in section 57(1) must be notified as such by the responsible party to the Regulator. Include in Conduct Standard: “Information processing as contemplated in section 57(1) of the Protection of Personal Information Act must be notified as such by the bank to the Authority. See response to item 6 above. 121. POPIA (Pty) Ltd Peter Hill New Add “Banks to notify the Authority” POPIA 58(2) Responsible parties may not carry out information processing that has been notified to the Regulator in terms of subsection (1) until the Regulator has completed its investigation or until they have received notice that a more detailed investigation will not be conducted. Include in the Conduct Standard “Banks may not carry out information processing that has been notified to the Authority in terms of subsection (1) until the Authority has completed its investigation or until they have received notice that a more detailed investigation will not be conducted. See response to item 6 above. 122. POPIA (Pty) Ltd Peter Hill New Add “Banks to notify the Authority” (3) In the case of the notification of information processing to which section 57(1) of the Protection of Personal See response to item 6 above.

Consultation Report: Conduct Standard for Banks Page 85 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses Information is applicable, the Authority must inform the bank in writing within four weeks of the notification as to whether or not it will conduct a more detailed investigation. (4) In the event that the Authority decides to conduct a more detailed investigation, it must indicate the period within which it plans to conduct this investigation, which period must not exceed 13 weeks. (5) On conclusion of the more detailed investigation referred to in subsection (4) the Authority must issue a statement concerning the lawfulness of the information processing. (6) A statement by the Authority in terms of subsection (5), to the extent that the information processing is not lawful, is deemed to be an enforcement notice served in terms of section 95 of the Protection of Personal Information Act. (7) A bank that has suspended its processing as required by subsection (2), and which has not received the Authority’s decision within the time limits specified in subsections (3) and (4), may presume a decision in its favour and continue with its processing. 123. POPIA (Pty) Ltd Peter Hill New Add “Failure to notify processing subject to prior authorisation” If [section 58(1) or (2) – the inserted sections above] is contravened, the bank is guilty of an offence and liable to a See response to item 6 above.

Consultation Report: Conduct Standard for Banks Page 86 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses penalty as set out in section 107 of the Protection of Personal information Act. 124. POPIA (Pty) Ltd Peter Hill New Add “Conditions for the lawful processing of financial customer information” (in terms of section 60(2) of the Protection of personal Information Act) (2) A code of conduct must— (a) incorporate all the conditions for the lawful processing of personal information or set out obligations that provide a functional equivalent of all the obligations set out in those conditions; and (b) prescribe how the conditions for the lawful processing of personal information are to be applied, or are to be complied with, given the particular features of the sector or sectors of society in which the relevant responsible parties are operating. See response to item 6 above. 125. POPIA (Pty) Ltd Peter Hill New Add “Prescribed procedures for making and dealing with complaints” (in terms of section 60(3) of the Protection of Personal Information Act) [(1) A code of conduct may prescribe procedures for making and dealing with complaints alleging a breach of the code, but no such provision may limit or restrict any provision of Chapter 10 of the Protection of the Personal Information Act.] (2) If The conduct standard sets out procedures for making and dealing with complaints, the Authority must be satisfied that— See response to item 6 above.

Consultation Report: Conduct Standard for Banks Page 87 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses (a) the procedures meet the— (i) prescribed standards; and (ii) guidelines issued by the Authority in terms of section 65, relating to the making of and dealing with complaints; (b) the code provides for the Authority appointment of an independent adjudicator to whom complaints may be made; (c) the code provides that, in exercising his or her powers and performing his or her functions, under the code, the Authority an adjudicator for the code must have due regard to the matters listed in section 44 of the Protection of Personal Information Act; (d) the code requires the Authority to prepare and submit a report, in a form satisfactory to the Regulator, to the Regulator within five months of the end of a financial year of the Regulator on the operation of the code during that financial year; and (e) the code requires the report prepared for each year to specify the number and nature of complaints made to an adjudicator under the code during the relevant financial year. 126. POPIA (Pty) Ltd Peter Hill Note Add “Appropriate Measures” (in terms of section 60(4) of the Protection of personal Information Act) A code of conduct must also— (a) specify appropriate measures— (i) for information matching programmes if such programmes are used within a specific sector; or (ii) for protecting the legitimate interests of data subjects insofar as automated decision making, as referred to in See response to item 6 above.

Consultation Report: Conduct Standard for Banks Page 88 of 133 SECTION A - COMMENTS ON THE DRAFT CONDUCT STANDARD No Respondents Section of the standard Issue/Comment/Recommendation Responses section 71 of the Protection of Personal Information Act, is concerned; (b) provide for the review of the code by the Regulator; and (c) provide for the expiry of the code. 127. POPIA (Pty) Ltd Peter Hill Note Add “Submitting a complaint to the Information Regulator” (3) A bank or financial customer who is aggrieved by a determination, including any declaration, order or direction that is included in the determination, made by the Authority after having investigated a complaint relating to the protection of personal information under an approved code of conduct, may submit a complaint in terms of section 74(2) of the Protection of Personal Information Act with the Regulator against the determination upon payment of a prescribed fee. (4) The Authority’s determination continues to have effect unless and until the Regulator makes a determination under Chapter 10 relating to the complaint or unless the Regulator determines otherwise See response to item 6 above. SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses

1. Question 1 Do you support the implementation of the draft Conduct Standard? Please provide reasons for your answer. Adrian Harris, CEO, Charter Yes; I support its implementation. It will entrench a culture of transparency, accountability and fair treatment of customers in the banking sector, especially when it comes to clients losing their Noted.

Consultation Report: Conduct Standard for Banks Page 89 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses hard-earned savings through card fraud, excessive credit etc 2. Question 1 Do you support the implementation of the draft Conduct Standard? Please provide reasons for your answer. BASA We support a Draft Conduct Standard for Banks in principle in future, but we are not able to render full support for this specific document for implementation by 01 October 2019, for the following reasons:

1. General The banking Industry would like to state at the outset that we are committed to ensuring that a culture of treating customers fairly and doing the right thing is embedded within the day-to-day business decisions and operations of a bank. 1.1. Timing of the Draft Standard However, it is also important that new conduct laws and standards provide regulatory certainty and that consistent regulatory proposals, definitions and scope of application – which are not materially misaligned - are used and published in any related conduct papers. • It is therefore important that the timing of such papers should take cognisance of consultations which are already underway in the form of written commentary, regulatory work￾streams and that comments submitted in these processes receive due attention and consideration first, prior to any new papers being issued which cover same or similar topics. • The practical implications of implementing any new Conduct Standard is 1.1 The Authority acknowledges that there are various developments taking place with regards to Conduct oversight of the financial sector however it is not necessary for all these initiatives to be concluded before the Standard can become effective. The work undertaken on the Retail Banking Diagnostic for example will further refine the principles proposed in the Standard and is not contradictory. COFI Bill developments are led by the National Treasury, supported by the FSCA and the final implementation of the Bill is still a few years away. There is no reason for the Authority to wait several years before imposing regulatory requirements on the conduct of banks and initiating supervisory oversight over

Consultation Report: Conduct Standard for Banks Page 90 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses significant and therefore conduct laws and standards need to be aligned. 1.2. The scope of application of the Conduct Standard applies wider than “deposits” as defined in the Banks Act: The statement of need and problem statement in the FSCA policy paper (which accompanies the Draft Standard) positions why a conduct standard for banks is necessary and refers to banking assets funded by depositors (amongst others) and to the previous Jali Commission of enquiry and the more recent World Bank retail diagnostic into banks provision of transactional and fixed deposits. It is therefore our submission that the Draft Standard should only be implemented in relation to deposits as defined in the Banks Act (long￾term, short-term, and structured deposits) and should not apply to all financial products as defined in the FSR Act (such as pension funds, securities, CIS and insurance products, etc.). 1.3. The proposed implementation date of 01 October 2019 is not feasible: The document proposes a number of requirements such as disclosures in advertising, revisiting terms and conditions for unfairness, requirement on governing bodies to implement certain policies, requirement on certain key persons to sign-off on new financial product and financial services. Whilst banks have certainly adherence to such requirements. 1.2 The comment is noted however the Authority has no intention to limit the application of its mandate as provided for in the FSR Act or wait for several years before starting to supervise the conduct of banks. This Standard is the first step in starting to regulate the conduct of banks and will be amend as the conduct framework develops, if required however the aim was for the Standard to be as principles based as appropriate. 1.3 The revised Standard makes provision for staggered implementation dates, taking into account the requirements that needs to be implemented.

Consultation Report: Conduct Standard for Banks Page 91 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses been adhering to the TCF requirements, the Conduct Standard requires additional scrutiny and alignment within the various business units. The implementation date is not feasible practically given: • That the practical impact of these Proposals is significant. As an example, all contract terms and conditions will need to be reviewed, redrafted and reposted on varied platforms and in new contractual disclosure packs. • More importantly, the provisions in this Standard are - in many instances - materially misaligned to CoFI in respect of the aforesaid topics, including misalignment of definitions. As an example: CoFI requires “senior management” and the “governing body” to sign off on new product and services. This document requires “key persons” to do so and a “key person” is not defined, although we understand from our meeting with the FSCA on 4 July 2019 that business may identify the most relevant purpose for this role which will then also carry over for the CoFI requirements. 3. Question 1 Do you support the implementation of the draft Conduct Standard? Please provide reasons for your answer. FAIS Ombudsman Yes, as it will provide uniformity in the banking sector. Noted 4. Question 1 Information Governance (Pty)Ltd Mark Heyink-Director YES Noted.

Consultation Report: Conduct Standard for Banks Page 92 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses Do you support the implementation of the draft Conduct Standard? Please provide reasons for your answer. Some of the banks (I have not dealt with all of the banks) have been extremely cavalier in their approach to their obligations relating to information security, interactions with clients and transparency. Their behaviour has been characterised by exploitation of their unfettered control over clients accounts and a lack of integrity and transparency in dealing with their lawful obligations and contractual responsibilities. The Banking Ombud has publicly stated that it is not equipped to deal with certain of the electronic banking issues that arise. As electronic banking is the norm rather than the exception this is a sad indictment on the Ombud’s capability and fitness for purpose in this context. But it does suit the banks, who have established this “industry body”, very well. 5. Question 1 Do you support the implementation of the draft Conduct Standard? Please provide reasons for your answer. POPIA (Pty) Ltd Peter Hill Yes, a Conduct Standard is required to guide banks implement the measures required to protect the rights of their financial customers and to assist financial customers excerise their rights, including their constitutional right to privacy. Noted. However, see response under item 6 in the table above relating to the POPI Act. 6. Question 1 Do you support the implementation of the draft Conduct Standard? Please provide reasons for your answer. State Bank of India Yes. The conduct standard is important to ensure uniformity in the banking industry as well as to drive the fair treatment of consumers Noted.

Consultation Report: Conduct Standard for Banks Page 93 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses 7. Question 2 Will the requirements of the draft Conduct Standard lead to: a) a reduction in consumer choice; b) higher prices due to less competition; c) the creation of barriers for new entrants and service providers; d) facilitation of anti-competitive behaviour or emergence of monopolies; and e) market segmentation? Adrian Harris, CEO, Charter a) The draft Conduct Standard will NOT lead to a reduction in consumer choice because the customers will make better, informed decisions on the products and/or services which they want. Moreso, they will be knowing that they will be fairly treated in all their dealings with financial institutions. b) It can be argued that SA banking sector is a monopoly largely controlled by the big 4 banks.Historically increased costs in response to new legislation and new banking codes.Increased competition in the form of low cost banks like Capitec,African Bank and the advance of digital banks lie Tyme and Zero may reduce the risk of higher prices.Therefore an increase in competition, may result in prices going down or remaining.In this regard the Conduct Standard will NOT lead to higher price. c) The introduction of the Conduct Standard will increase the create barriers for new entrants and service providers as a result of the increased cost and complexity of compliance in general.However the capital requirements for the formation of banks in SA remains the major obstacle. d) See B above. d) However, it will lead to greater market segmentation as the need for and risk of non compliance with the Conduct Standard is Noted.

Consultation Report: Conduct Standard for Banks Page 94 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses greater in certain segments of the economy.Further segmentation has become necessary with the advent of Fintech Models which are necessary for banks to stay competitive. I believe this will also lead to the devlepment of apps that ensure the fair treatment of customers. 8. Question 2 Will the requirements of the draft Conduct Standard lead to: a) a reduction in consumer choice; b) higher prices due to less competition; c) the creation of barriers for new entrants and service providers; d) facilitation of anti-competitive behaviour or emergence of monopolies; and market segmentation? BASA 2.1 Regarding (b) & (c): • For existing larger banks, the Conduct Standard implementation cost would be lower than for new banks being set up. • While we note that the Conduct Standards only applies to banks, as a general observation around barriers to entry, we note the following: • For smaller type of financial service providers and new players like Fintech companies, the cost to comply with the Conduct Standards may be high and may make new competitors re￾consider entering the market and for existing smaller players to exit. • A future big cost driver will be increased head count that is required to comply with the required governance and this does not favour small market players. 2.2. Regarding (d): Noted.

Consultation Report: Conduct Standard for Banks Page 95 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses • The Standard in its current form is not highly prescriptive insofar as it relates to product design – as an example it does not articulate what the specific features of a particular product should be or how the product should be priced for specific markets. • We however remain of the view as submitted in our CoFI commentary, that competitive forces amongst financial sector participants should ultimately drive delivery of appropriate products for different segments of the market. We strongly recommend that the regulator places obligations on the financial sector to deliver products which ensure that all segments of the market (low, middle and premium income) will be solved for – with appropriately designed and priced products - but without prescribing the “how”. 2.3. Regarding (e): • It is unclear whether “market segmentation” refers to the normal market analysis and segmentation of a market into specific attributes of a customer group (eg. age, income levels, geographical location, etc.) or whether it refers to dividing markets within the ambit of Section 4 (1)(b)(ii) of the Competition Act 89 of 1998?

Consultation Report: Conduct Standard for Banks Page 96 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses o If it refers to the former, it is our view that, as data availability and analysis techniques and technology evolve over time there will be significant increases in market segmentation to ensure that the financial products and financial services offered by banks are appropriate for the changing needs of financial customers/customer groups. • If the banks decide to exit a market due to it being unprofitable due to the cost of compliance this could unintentionally impact certain customer groups/markets. 9. Question 2 Will the requirements of the draft Conduct Standard lead to: e) a reduction in consumer choice; f) higher prices due to less competition; g) the creation of barriers for new entrants and service providers; h) facilitation of anti-competitive behaviour or emergence of monopolies; and i) market segmentation? Information Governance (Pty)Ltd Mark Heyink-Director NO Banks have a common law obligation (supported by statute) to ensure that where technology is used it is appropriate and secure. The cost of secure technologies employed by the banks (technology has contributed handsomely to banks’ profits over the years) should be borne by the bank. (a) Consumer should, in dealing with banks, be provided with a choice of safe interactions with banks and to the extent that there is any risk on the consumer, banks should be transparent in ensuring that consumers are cognisant of these risks. Noted.

Consultation Report: Conduct Standard for Banks Page 97 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses (b) Acting fairly to clients, ensuring their safetly and educating them in novel banking services and products should not lead to less competition. If a bank cannot do this its status as a bank should be questioned. (c) Technology is removing barriers to banking (some may say at an alarming pace) and this requires regulation. Banking demands security and it would not be unfair to state that in a number of instances some of the banks using the technology are similar to providers of motor vehicles years ago who did not provide safety belts. (d) I can only see that transparency and greater consumer-centric approaches, coupled with the adoption of modern technology, will open the markets (as appears to be happening currently) and not create monopololies. (e) I am not qualified to answer this question. 10. Question 2 Will the requirements of the draft Conduct Standard lead to: a) a reduction in consumer choice; b) higher prices due to less competition; c) the creation of barriers for new entrants and service providers; POPIA (Pty) Ltd Peter Hill a) No, and it increases protection of their rights b) No, all entities are required to protect human rights the same way c) No d) No, it enables financial consumers to exercise their rights as individuals with minimal resources e) Yes, banks that respect human rights, the SA Constitution and value our democracy and those that doesn’t! Noted.

Consultation Report: Conduct Standard for Banks Page 98 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses d) facilitation of anti-competitive behaviour or emergence of monopolies; and e) market segmentation? 11. Question 2 Will the requirements of the draft Conduct Standard lead to: a) a reduction in consumer choice; b) higher prices due to less competition; c) the creation of barriers for new entrants and service providers; d) facilitation of anti-competitive behaviour or emergence of monopolies; and e) market segmentation? State Bank of India a) No b) No c) No d) No e) Possibly Noted. 12. Question 3 Will the Conduct Standard impose additional compliance costs on the business? If yes, please provide details including the expected costs. Adrian Harris, CEO, Charter Yes: the Conduct Standard will impose additional compliance costs on the business. Additional regulations ultimately result in higher compliance costs for many financial institutions including; i. Training ii. Systems Costs iii. Audit and Compliance Costs The non-compliance costs may include expenses associated with: i. business disruption ii. productivity losses iii. fines iv. penalties and The Authority ackowldege that there may be additional cost to be incurred in order for the bank to comply with the Standard, however we believe these measures are flexible and principle based enough to esure that the requirements are adaptable to the complexity and size of the organisation. Banks have indicated during engagements that they already have broader policies in place and will not be starting from scratch,

Consultation Report: Conduct Standard for Banks Page 99 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses v. settlement costs. these broader policies will however need adjustment. The Standard does make provision for transitional periods. We do believe these measures of cost needs to be viewed in light of the bigger interest of the customer. 13. Question 3 Will the Conduct Standard impose additional compliance costs on the business? If yes, please provide details including the expected costs. BASA 3. Yes, however, it is difficult to quantify these costs at this point in time. We envisage that the following are some of the compliance-related activities that will need to be undertaken in order for a bank to comply with the Draft Standard: • A review of all financial products and financial services will have to be conducted to ensure that processes; people; systems are aligned to the Conduct Standards. • Any changes required to products and services to comply with the Conduct Standard will most probably require amendments to Terms and Conditions and Disclosures, subsequently requiring reconstructing with customers and changes to sales processes across the respective distribution channels. • There may be additional supervisory/oversight role-players required. • Existing governance and approval committees/structures will be impacted with increased focus and accountability to ensure adherence to the Conduct Standard and Noted.

Consultation Report: Conduct Standard for Banks Page 100 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses additional approval requirements may impact on delivery timelines due to enhances governance processes. • There will also be costs of training for all employees who would require specific knowledge of the details in the Conduct Standard in carrying out their functions of product design and delivery, e.g. upskilling of complaints management staff and key persons and senior managers and governing bodies. • System enhancements for Complaints Management will be required to enable functionalities that support recording, classifying, routing, escalating and resolving of complaints to support monitoring, analysis and reporting. 14. Question 3 Will the Conduct Standard impose additional compliance costs on the business? If yes, please provide details including the expected costs. Information Governance (Pty)Ltd Mark Heyink-Director The Conduct Standard will not impose any costs to the banks adopting it that they should not already be spending. There is already an obligation of banks to provide safe banking, to treat customers fairly and to do so transparently. The problem is that in some instances the banks are failing to do this, possibly with a view to short-term profit rather than the long term consideration of the reputation of the banking industry and responsibility to clients. Noted. 15. Question 3 Will the Conduct Standard impose additional compliance costs on the business? If yes, please provide details including the expected costs. POPIA (Pty) Ltd Peter Hill Where financial institutions have not properly protected the personal information of financial customers or where banks choose to process more personal information than is necessary, they will incur costs to rectify past Noted.

Consultation Report: Conduct Standard for Banks Page 101 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses underspending. Avoiding an increase in financial costs cannot be at the cost of human rights and threaten our democracy. 16. Question 3 Will the Conduct Standard impose additional compliance costs on the business? If yes, please provide details including the expected costs. State Bank of India No, we do not anticipate the Conduct Standard will impose additional compliance costs. The risk management function indicated in the Standard is already imposed and implemented on Banks in terms of other legislation like the Banks Act and the Financial Intelligence Centre Act. The Banks would only need to amend or enhance the current compliance risk management framework. Noted. 17. Question 4 How do you anticipate the draft Conduct Standard will affect the operational cost of the business? Adrian Harris, CEO, Charter By i. Transactional Costs ii. Productivity iii. Credit rules-reduced lending volumes Noted. It is, however, not clear how the Standard will effect credit-rules. 18. Question 4 How do you anticipate the draft Conduct Standard will affect the operational cost of the business? BASA See our examples above. The compliance cost is as yet unclear, however impact is to be expected in relation to costs to be incurred for staff training, awareness, staff upskilling, possible recruitment costs and costs that may be incurred to build/revise additional processes required. Costs to revisit documents and to build system enhancements (complaints categorisation) are also worth noting. Noted. 19. Question 4 How do you anticipate the draft Conduct Standard will affect the operational cost of the business? Information Governance (Pty)Ltd Mark Heyink-Director For the reasons set out above I do not believe that the Conduct Standard will affect the operational cost of the business unless the banks are not complying with their current statutory, contractual and moral obligations. Noted.

Consultation Report: Conduct Standard for Banks Page 102 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses 20. Question 4 How do you anticipate the draft Conduct Standard will affect the operational cost of the business? POPIA (Pty) Ltd Peter Hill A reduction of excessive processing of personal data, redundancy and retention periods will reduce processing costs and result in better housekeeping by the banks. Noted. 21. Question 4 How do you anticipate the draft Conduct Standard will affect the operational cost of the business? State Bank of India Yes, we do anticipate that there will be a slight increase in operational costs of the business. Noted. 22. Question 5 If an increase in operational cost is exspected, who will bear the cost and why? Adrian Harris, CEO, Charter I believe both the customer and the banker should bear the cost. The reason being that the success of the Conduct Standard hinges on the cooperation, engagement and collaborative efforts between banks and depositors (clients). Noted. 23. Question 5 If an increase in operational cost is expected, who will bear the cost and why? BASA The total costs of providing a product or service are taken into consideration when the value proposition of the product or service is considered, thus the customer could bear the cost of the increased operational costs. Noted. 24. Question 5 If an increase in operational cost is expected, who will bear the cost and why? Information Governance (Pty)Ltd Mark Heyink-Director For the reasons set out above, the conduct that is detailed in the Conduct Standard is a cost of doing business. Noted. 25. Question 5 If an increase in operational cost is expected, who will bear the cost and why? POPIA (Pty) Ltd Peter Hill Banks, because they have not properly protected personal information for many years, process excessive amounts of personal information at the expense of their customers. Noted. 26. Question 5 If an increase in operational cost is expected, who will bear the cost and why? State Bank of India The Bank would have to bear the cost as it is required to comply with its obligations. The costs may be passed onto the consumers gradually. Noted.

Consultation Report: Conduct Standard for Banks Page 103 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses 27. Question 6 Do you anticipate that business models may need to change as a result of the draft Conduct Standard? If yes, please provide details including the expected costs. Adrian Harris, CEO, Charter Yes. Business models will have to change. For example to improve transparency and accountability, a Fair Treatment of Customers oversight council should be introduced. This will help to create collective accountability for identifying roles and responding to emerging threats to the fair treatment of customers. Noted. 28. Question 6 Do you anticipate that business models may need to change as a result of the draft Conduct Standard? If yes, please provide details including the expected costs. BASA The answers vary amongst the member banks and we suggest that the regulator may want to pose this question to individual banks. Noted. 29. Question 6 Do you anticipate that business models may need to change as a result of the draft Conduct Standard? If yes, please provide details including the expected costs. Information Governance (Pty)Ltd Mark Heyink-Director Within the electronic banking space business models are constantly and rapidly evolving. The benefits of technology should allow economies of scale and new products and services that are more cost effective and benefial to customers. Noted. 30. Question 6 Do you anticipate that business models may need to change as a result of the draft Conduct Standard? If yes, please provide details including the expected costs. POPIA (Pty) Ltd Peter Hill Yes, the rights of financial customers will have to take centre stage. Whether it is 1 customer or 10 million customers, each one has to be respected. Noted. 31. Question 6 Do you anticipate that business models may need to change as a result of the draft Conduct Standard? If yes, please State Bank of India State Bank of India provides very limited products in South Africa. We do not anticipate that the business model needs to be changed entirely but a few enhancements might be required. Noted.

Consultation Report: Conduct Standard for Banks Page 104 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses provide details including the expected costs. 32. Question 7 How will different customer groups be impacted by the requirements of the draft Conduct Standard? Adrian Harris, CEO, Charter a) Depositors will receive better and quality financial products and/or services through transparency in the disclosure of information including costs of service b) Shareholders and depositors will see/ enjoy a decrease in the abuse of depositors’ funds through Non-Performing Insider Loans (NPILs). c) Victims of unfair treatment by banks will receive compensation. This means that banks will be held accountable for their actions, e.g. when depositors lose their hard￾earned savings without compensation or when clients become over indebted as a result of easy extension of credit. This is especially important when considering the needs of emerging market and 1st time customers of banks. d) Home loan customers will have the benefit of foresight on a long terms transaction with the banks. Noted. 33. Question 7 How will different customer groups be impacted by the requirements of the draft Conduct Standard? BASA We predict an overall positive impact on the customers of banks, however some customer groups may be affected if product lines are revisited and deemed to be no longer feasible to offer due to costs associated therewith. Noted. 34. Question 7 Information Governance (Pty)Ltd Mark Heyink-Director It would appear to me that all of the different customers groups will benefit. Without Noted.

Consultation Report: Conduct Standard for Banks Page 105 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses How will different customer groups be impacted by the requirements of the draft Conduct Standard? understanding the details of how banks will adopt the Conduct Standard in their businesses, it is not really possible to say what the differering impacts will be. 35. Question 7 How will different customer groups be impacted by the requirements of the draft Conduct Standard? State Bank of India The positive impact will be felt by the customer groups who are not familiar with the financial services industry. The impact of the standard will also ensure that customers are educated as to their rights in this area. Noted. 36. Question 8 Will the risk of increased prices to consumer be mitigated by greater transparency and competition? Adrian Harris, CEO, Charter Yes; since banks will be made to account for their actions. If there is no fair treatment of customers, penalties and fines would be paid by the financial institutions. Adequate disclosure of information by financial institutions will boost competition. When competition is high, banks will resort to providing better (quality) products and/services. For example very little information is provided by banks on insurance products which are often embedded in credit linked transactions without a proper communication on need and costs. Transparency will force greater disclosure and negotiation. Noted. 37. Question 8 Will the risk of increased prices to consumer be mitigated by greater transparency and competition? BASA 1. Some members say yes, provided: (i) Banks are permitted to continue to compete with each other (rather than product design & price being prescribed), competitive forces in the industry should promote a healthy sector in terms of product offering and competition. Noted.

Consultation Report: Conduct Standard for Banks Page 106 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses (ii) Transparency in terms of clear and enhanced disclosure will also be helpful to the customer. 2. Other members are unable to answer this question at this time as they need to do their own analysis. 38. Question 8 Will the risk of increased prices to consumer be mitigated by greater transparency and competition? Information Governance (Pty)Ltd Mark Heyink-Director I believe it will. Noted. 39. Question 8 Will the risk of increased prices to consumer be mitigated by greater transparency and competition? POPIA (Pty) Ltd Peter Hill The “increased prices to consumer” ignores the actual costs consumers currently bear due to the lack of regulations regarding the processing of personal information. Noted. 40. Question 8 Will the risk of increased prices to consumer be mitigated by greater transparency and competition? State Bank of India I think the potential increase in price will benefit the consumer in the long run and will force Banks to price their products competitively to attract new consumers and to maintain existing ones. Noted. 41. Question 9 Are transitional arrangements necessary to implement the Standard? If yes, what transitional arrangements do you propose and for which section of the draft Conduct Standard? Adrian Harris, CEO, Charter Yes: transitional arrangements are necessary to implement the Standard. The Financial Sector Conduct Authority should “stress tests” the introduction of the Conduct Standard with banks. Banks have been subject to multiple layers of regulatory and compliance changes in recent years which added substantial complexity and costs .Basle,NCR,POPI, FIC (FAIS) etc.. There are also overlapping requirements between each of the above. The increased legislative demands have placed an increased burden on bank costs Transitional arrangements have been incorporated in the Standard and it must be noted that the Prudential Authority was consulted in the process of drafting the Standard.

Consultation Report: Conduct Standard for Banks Page 107 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses and performance undermining the capital strength of financial institutions. 42. Question 9 Are transitional arrangements necessary to implement the Standard? If yes, what transitional arrangements do you propose and for which section of the draft Conduct Standard? BASA Our first preference is that the Conduct Standard not be promulgated at this stage – it is mis-timed and premature, given all the other work underway as mentioned before. Alternatively, we would request that the Conduct Standard have a transitional period of 12-18 months depending on the granularity of the particular section: • For example, for proper implementation of section 8 detailing Complaints Management, system enhancements will be required therefore a longer period (18 months) to implement will be required. In large banks with complex/decentralised structures time will also be required to ensure and allow for standardised and consistent operationalisation of the standard across many business units. • Unfair terms and conditions – will require review of all current contracts and changes thereto. • Governance related clauses: It is anticipated that existing governance structures, committee mandates, policies and frameworks will require review. This will subsequently require the internal commentary, ratification and approval processes to be followed which impact across committees that have pre-determined Noted. See response above relating to the timing of the Standard. With regards to transitional provisions, the revised Standard provides for transitional provisions of 8 months where a governance framework and suporting processess needs to be implemented and 12 months for changes to systems which are foreseen.

Consultation Report: Conduct Standard for Banks Page 108 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses dates and often only held on a quarterly or a bi￾annual basis. • Delegations of authority and related mandates will need to be tabled, approved and implemented. • Additionally, the issue of who will be held accountable (key person or senior manager) is not yet settled between CoFI and this Standard. Such persons, once identified will need to be duly mandated and contracted with. For these reasons, it is our view that an 18- month transitional period is to be provided to ensure sufficient time to affect all governance related changes across the bank. 43. Question 9 Are transitional arrangements necessary to implement the Standard? If yes, what transitional arrangements do you propose and for which section of the draft Conduct Standard? Information Governance (Pty)Ltd Mark Heyink-Director NO There appears to be nothing in the Conduct Standard that is novel or that banks should not already be doing in dealing with clients. The Conduct Standard provides a common sense approach to treating customers fairly, ensuring that transactions are secure and creating the transparency that modern banking demand. Noted. 44. Question 9 Are transitional arrangements necessary to implement the Standard? If yes, what transitional arrangements do you propose and for which section of the draft Conduct Standard? POPIA (Pty) Ltd Peter Hill No. Noted.

Consultation Report: Conduct Standard for Banks Page 109 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses 45. Question 9 Are transitional arrangements necessary to implement the Standard? If yes, what transitional arrangements do you propose and for which section of the draft Conduct Standard? State Bank of India No, I do not believe that transitional arrangements are necessary to implement the Standard. Noted. 46. Question 10 Do you find the format of the Conduct Standard user-friendly and simple to understand? If no, please provide suggestions for improvement. Adrian Harris, CEO, Charter Yes: the format of the Conduct Standard is user￾friendly and simple to understand. Noted. 47. Question 10 Do you find the format of the Conduct Standard user-friendly and simple to understand? If no, please provide suggestions for improvement. BASA Mostly Yes. Noted. 48. Question 10 Do you find the format of the Conduct Standard user-friendly and simple to understand? If no, please provide suggestions for improvement. FAIS Ombudsman No, it should avoid technical jargon and vague terminology. Noted. It is not clear which specific areas of the Standard is problematic in this regard. 49. Question 10 Do you find the format of the Conduct Standard user-friendly and simple to understand? If no, please provide suggestions for improvement. Information Governance (Pty)Ltd Mark Heyink-Director YES Noted. 50. Question 10 Do you find the format of the Conduct Standard user-friendly and simple to POPIA (Pty) Ltd Peter Hill The format might have to change to meet the requirements of the Protection of Personal Information Act. The Authority should provide more details regarding the measures banks must Noted. However, see response under item 6 in the table above relating to the POPI Act.

Consultation Report: Conduct Standard for Banks Page 110 of 133 SECTION B - QUESTIONS RELATING TO THE ANTICIPATED IMPACT OF THE CONDUCT STANDARD No Question Respondents Issue/Comment/Recommendation Responses understand? If no, please provide suggestions for improvement. take when processing personal information of their financial customers. 51. Question 10 Do you find the format of the Conduct Standard user-friendly and simple to understand? If no, please provide suggestions for improvement. State Bank of India Yes, the format is easy to read and simple to understand. Noted. SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response

1. Adrian Harris, CEO, Charter Definition of the term “ FAIR” treatment The definition of the term” fair” treatment is subjective. There should be a proper and objective definition of the term “fair”. The intention is for the requirements to be principles based and proportionate. Fairness will depend on the context of specific practices and situations. As such, it is difficult to provide an all-encompassing definition
2. Adrian Harris, CEO, Charter Executive remuneration, compensation and incentive practices. Executive salaries should be linked to performance and risk exposure and make bonuses contingent on long term sustainable outcomes. Noted. However, this is beyond the scope of this Standard.
3. Adrian Harris, CEO, Charter Unethical practices e.g. the abuse of associate companies and/or related parties to enable banks to venture into- non-banking activities and channelling depositors’ funds to non-regulated entities e.g. asset management or investment companies. These are not unregulated activities.

Consultation Report: Conduct Standard for Banks Page 111 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response Application of strict fit-and-proper rules for directors and controlling shareholders 4. Adrian Harris, CEO, Charter Overindulgence of inside loans e.g. shareholders and senior management abusing their positions using depositors’ funds for personal gains as insider loans without collateral security. Periodic board evaluations should be conducted to safeguard integrity and transparency within the financial sector. Implementation of stricter related party lending regulation These are not unregulated activities. 5. Adrian Harris, CEO, Charter Corporate governance malpractices/ poor corporate governance Consistent and regular monitoring of risk management systems. We believe that clause 3 of the Standard is wide enough to address this concern. 6. Adrian Harris, CEO, Charter Conflict of interest Critical analysis of gaps in regulatory framework and regulation. Adequate supervision and enforcement of regulatory framework and regulations. In terms of the requirement of the FSR Act, the FSCA has an obligation to regularly review the perimeter and scope of the financial sector regulation and take steps to mitigate risks identified to the achievement of its objective or the effective performance of its functions. 7. BASA The Conduct Standard should apply to “deposits” only: We note the FSCA observations in page 3 of 5 in the “statement of need – policy context and problem definition”. The statement positions why a conduct standard for banks is necessary and refers to banking assets funded by depositors (amongst others) and also to the previous Jali Commission of enquiry and the See comment under item 17 and 18 of Section A of this report.

Consultation Report: Conduct Standard for Banks Page 112 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response more recent World Bank retail diagnostic into banks provision of transactional and fixed deposits. Given that the Conduct of Financial Institutions Act will regulate all financial products holistically in future, and to align to the above FSCA statement of need, we submit that the scope of application of this Conduct Standard should be limited to a “deposit” as defined in sub-clause (e) of the Financial Sector Regulation Act 9 of 2017 which refers to a deposit as defined in the Banks Act. Deposits will include long-term deposits, short-term deposits and structured deposits as in the current FAIS regulatory landscape. We suggest that the definition of “financial product” be amended, and we made a suggestion accordingly. 8. BASA The Conduct Standard needs to more specifically address how non-retail customers will be regulated pending finalisation of CoFI and the Financial Markets Act review: Clause 2.1 should clearly state which sections of the Draft Standard apply to particular customer types: The FSCA statement supporting the draft conduct standard notes on Pages 3 onward, that the varied clauses in the Standard which will either apply to retail financial customers only or which will apply to all financial customers. • As an example, the document states: “the application of the draft conduct standard is not limited to retail customers only although the application of section 5 of the draft standard is limited to this segment….” See comment under item 13 of Section A of this report.

Consultation Report: Conduct Standard for Banks Page 113 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response Clause 2(1) of the Draft Standard however is more generically drafted and it notes that the Standard is applicable to banks when they provide financial products and financial services. The rest of Clause 2 refers merely to the provision of such financial products and financial services to “financial customers”. The draft Standards should define all customer types (not just a “retail customer”) and should make clear which Standard applies to each customer type. At present this is merely noted in the statement supporting the draft Standard and is not recorded in the Standard itself. We submit that it may be more feasible for the Conduct Standard for banks to apply to retail customers only, in view of the discussions and work currently underway to position wholesale business within the CoFI framework. Having said that some of our member banks are currently capable of absorbing the Conduct Standard requirements within their wholesale business areas. We indicated in specific clauses where it will be challenging to apply the principles to wholesale business. 1.2.2. No Definition for “financial customer”: A “financial customer” is not defined in the Standard but a “retail financial customer” is defined and we suggested a definition to address this. 1.2.3. The definition for a “retail financial customer” is misaligned to CoFI: We note that the definition of a “retail financial customer” is materially misaligned to the proposed

Consultation Report: Conduct Standard for Banks Page 114 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response definition for a “retail financial customer” in the CoFI Bill in that this Standard omits juristic customers where their asset value or annual turnover is less than that as stated in the NCA. (The Draft Standards refers only to the CPA and not the NCA thresholds). We would suggest that the definition for a “retail financial customer” in this Draft Conduct Standard should align to the proposed definition in the CoFI Bill. 1.2.4. The Draft Standard should take cognisance of CoFI and FMA reviews in relation to the definition of retail and non-retail customers: It is recommended that the Draft Standard should await the outcome of review exercises which are underway which should make clear how banks are regulated when providing financial products and financial services to non-retail customers. In particular, it is important to ensure that the exclusion of market infrastructure have been applied to all impacted definitions. Non-retail clients should have the ability to opt out of Standards which apply mainly to retail clients. We re-enclose our detailed commentary in this regard – submitted under CoFI - as Annexure A hereto. As recommended in CoFI Bill commentary we would suggest that the drafters consider including three separate definitions in relation to the following: i. Combined retail and financial customer as suggested in our detailed comments ii. Non-retail financial customer

Consultation Report: Conduct Standard for Banks Page 115 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response 9. BASA Will persons providing administrative, clerical and execution-only services be regarded as providing “financial services”: It is not clear if every intervention that any employee of the Bank has with a client will be regulated under the Conduct Standard in future: • The FSR Act provides for the regulation of financial institutions when they provide financial products and financial services to certain customers as defined. • “Financial services” are not defined in this Standard, therefore it is not clear if every single intervention with a customer – irrespective of whether or not it amounts to merely providing factual information to clients without using judgement or whether or not it amounts to mere assistance and response to basic queries – will be regulated by this Conduct Standard in future? • Definitions for “sales in execution” as noted in CoFI are not contained in this standard or COFI. The inclusion of the definition will assist to clarify the application of the Standard to a provider when providing a financial product in this manner. We recommend that clarity be provided around the scope of what will fall to be regulated in future by this Conduct Standard. We resubmit our comments in relation hereto as submitted under CoFI as Annexure B. • Noted. • “Financial service” is defined in the Financial Sector Regulation Act, 2017 with the full reference contained therein. As per the preamble of clause 1, any term defined in the Financial Sector Regulation Act, 2017 has the meaning assigned in that Act. • Refer to response under item 14 below. 10. BASA Material provisions and definitions are misaligned to the CoFI Bill It is not appropriate to align the definitions between this Standard and COFI in all respects as the COFI Bill is

Consultation Report: Conduct Standard for Banks Page 116 of 133 SECTION C

• GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response We note that in many instances, definitions in this Draft Standard, as compared to the CoFI Bill are materially misaligned. Some examples are noted below: (i) Key Person oversight and sign -off Clause 4(4)(f) provides that the oversight arrangements must provide for relevant key person approval, including relevant key person confirmation that a financial product or a financial service adequately meets required outcomes for the fair treatment of financial customers, prior to advertising or providing such financial product of service. The CoFI Bill however places a similar obligation on “senior management”. We recommend that a “key person” should not be required to sign -off on a new product or financial service. Instead a senior manager – who is an appropriately positioned senior operational manager with oversight over the product and service, should be required to provide sign -off. We further recommend that a definition for “senior management” should be inserted into the Draft Standard, however with the necessary revisions thereto as we suggested in our CoFI Bill commentary. We are however encouraged by comments made by the FSCA at a BASA meeting on 4 July 2019 which indicate that the regulator will be comfortable with a suitable person as identified by business to take on the Role of a Key Person. intended to apply to all types of financial institutions and this Standard has limited application. The Standard has however been updated, where possible, for consistency. (i) Refer to the response in item 46 in table A above. (ii) Refer to the response in item 1 3 in table A above. (iii) Refer to the response in item 50 in table A above. (iv) The Authority acknowledges that there are various developments taking place with regards to Conduct oversight of the financial sector however it is not necessary for all these initiatives to be concluded before this Standard can become effective. The work undertaken on the Retail Banking Diagnostic for example will further refine the principles proposed in this Standard and is not contradictory. COFI Bill developments are led by the National Treasury, supported by the FSCA and the final implementation of the Bill is still a few years away. There is no reason for the Authority to wait several years before imposing regulatory requirements on the conduct of banks and initiating supervisory oversight over adherence to such requirements. (v) With regards to transitional provisions, the revised Standard provides for transitional provisions of 8 months where a governance framework and suporting processess needs to be implemented and 12 months changes to systems are foreseen.

Consultation Report: Conduct Standard for Banks Page 117 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response We re-enclose our commentary submitted under CoFI in relation to the roles and responsibilities of key persons, senior management and governing bodies. See Annexure C annexed hereto. (ii) Definition of “retail financial customer” As mentioned previously, the definition of “retail financial customer” is materially misaligned to the draft definition of a “retail financial customer” in CoFI. We recommend that the definitions should be aligned. (iii) The governing body should have the ability to delegate certain operational level tasks We note that the governing body is tasked with varied operational level tasks. As an example: • Clause 4(8) requires that the “approval of a new or varied financial product or financial service by the governing body must be accompanied by a confirmation that the provision of the financial product or financial service, distribution method, advertising approach and materials, and disclosure documents are consistent with the objectives set out in section 3.” We recommend that a senior manager and not the governing body should be tasked to provide sign-off on these operational matters or should have the ability to delegate such tasks, whilst remaining ultimately accountable for a culture of treating customers fairly.

Consultation Report: Conduct Standard for Banks Page 118 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response See Annexure C being our comments submitted under CoFI in relation hereto. (iv) Timing of the Conduct Standard It is important that new conduct laws and standards should provide legal certainty and that consistent regulatory proposals, definitions and scope of application – which are not materially misaligned - are published in any related conduct papers. • It is therefore important that the timing of such papers should take cognisance of consultations which are already underway in the form of written commentary and regulatory work-streams and that comments submitted in these processes receive due attention and consideration first, prior to any new papers being issued which cover same or similar topics. • We submit that given the extent of misalignment between the CoFI Bill and the Draft Conduct Standard – (as an example in relation to definitions and varied proposed standards) – that the Draft Conduct Standards for Banks is premature for implementation by the proposed effective date. • We submit that the regulator should first review the commentary submitted on the CoFI Bill and address key issues of concern

Consultation Report: Conduct Standard for Banks Page 119 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response in that consultation process. Similarly, we request that the regulator consider commentary already received in the Retail Banking Diagnostic work-stream process. • Once these consultative processes have concluded, the draft conduct Standards for Banks should be revisted/re-drafted to align to what has been finalised in the CoFI Bill and/or the Retail Banking Diagnostic workstream. • The practical implications of implementing any new Conduct Standard is significant and therefore conduct laws and standards need to be aligned. (v) The proposed implementation date of 01 October 2019 is not feasible: The document proposes a number of requirements such as the requirement on governing bodies to implement certain policies, requirement on certain key persons to sign-off and system enhancements to complaints systems. The proposed implementation date is not feasible given: • That the practical impact of these Proposals is significant. Policies will have to be reveiwed and drafted and then sent for Board Approval. This is a time-consuming exercise as the internal governance processes need to be followed first which

Consultation Report: Conduct Standard for Banks Page 120 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response includes wide consultation accross the different business areas prior to the policy being submitted to the Board for approval. A lead time of at least 12 months is required. • Systems will need to be amended and enhanced subject to user acceptance testing prior to going live, terms and conditions may have to be amended and translated by specialist language service providers, employees may need to be retrained, performance agreements will have to be reviewed, amended and re￾agreed, etc. A lead time of at least 18 months is required. • More importantly, the provisions in this Standard are - in many instances - materially misaligned to CoFI in respect of the aforesaid topics, including misalignment of definitions and unintended FICA consequences. • Banks cannot be placed in a position where they need to designate certain accountable persons and responsibilities now, knowing that the regulatory landscape is not yet finalised or aligned. More specifically, there remains a lack of clarity as to the extent to which the credit industry falls within this Standard and whether registered credit

Consultation Report: Conduct Standard for Banks Page 121 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response providers will have duplicate obligations under two different Regulators. We therefore request a transitional period of between 12 and 18 months subject to the granularity of the changes required. 11. BASA Clause 1: Definitions Definition of Financial Products and Financial Services Definitions to be expanded to cater for Value Added products/services/loyalty/rewards etc. Please note that the FSR Act defines financial services and financial products and it would therefore not be appropriate to provide for different definitions for those terms in a Standard made under the FSR Act. 12. BASA Propose definition of “advice” It may be helpful to define “advice”. Disagree. Firstly, although the FSR Act refers to advice as a financial service it does not define advice and it would therefore be inppropriate to define advice in a conduct standard made under the FSR Act. Secondly, advice is already defined in the FAIS Act. 13. BASA New proposed definitions, in the event that the suggested changes in the definition of financial product is not acceptable – insert definition for “deposit”, “long-term deposit” and “short term deposit” and “Tier 1 financial products” COMMENT

1. Given the policy context and problem definition noted in comment 5 below, this Conduct Standard should apply only to deposits (not all financial products). RECOMMENDATION
2. We suggest that the drafter insert a definition for: “deposit”, long-term deposit” and “short term deposit” and “structured deposit” and a “Tier 1 See comment under item 18 of Section A of this Consultation report.

Consultation Report: Conduct Standard for Banks Page 122 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response financial product” as defined in the FAIS Act and in FAIS Board Notice 194 of 2017. 3. We recommend that the following definitions be inserted: “Deposit“ shall mean a deposit as defined in Section 1(1) of the Banks Act and includes a long-term deposit, a short-term deposit, and a structured deposit.” “long-term deposit” means a deposit as defined in section 1(1) of the Banks Act, including a foreign currency deposit, with a term exceeding 12 months but excluding a structured deposit; “short-term deposit” means a deposit as defined in section 1(1) of the Banks Act, including a foreign currency deposit, with a term not exceeding 12 months but excluding a structured deposit; “structured deposit” means a - (a) combination of a short-term deposit or a long-term deposit and another Tier 1 financial product; or (b) a short-term deposit or long-term deposit where the return or value is dependent on the performance of or is derived from the return or value of one or more underlying financial product, asset, rate or index, on a measure of economic value or on a default event; “Tier 1 financial products” means the financial products listed in column A of Table 1 in Annexure Three of FAIS Board Notice 194 of 2017. 14. BASA No definition for execution of sales or for a “representative” as contemplated in FAIS. Also no definition for “financial service”. The terms “execution of sales” is not used in the Standard and can therefore not be defined.

Consultation Report: Conduct Standard for Banks Page 123 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response COMMENT

1. It is not clear if every intervention that any employee of the bank has with a client will be regulated under the Conduct Standard in future: 1.1. The FSR Act provides for the regulation of financial institutions when they provide financial products and financial services to certain customers as defined. 1.2. Financial services are not defined in this Standard, therefore it is not clear if every single intervention with a customer – irrespective of whether or not it amounts to merely providing factual information to clients without using judgement or whether or not it amounts to mere assistance and response to basic queries – will be regulated by this Conduct Standard in future?
2. Definitions for “sales in execution” as noted in CoFI are not repeated in this standard.
3. Definitions for FAIS representatives are excluded from this Standard albeit that this standard refers to “representatives” {see as an example Clause 2(3)e)}
4. The FAIS definition acknowledges that no financial service is seen to be provided if the individual who engages with the customer offers factual information, assists with general and routine queries and administration. RECOMMENDATION The current FAIS exclusion is intended to exclude a person from being a “representative” and having to comply with all the requirements in the FAIS Act applicable to representatives (specifically competency requirements). Representative in the Standard is used in a very specific context and the Standard does not impose any direct requirements on representatives. It is therefore unclear why persons providing factual information and assistance with administrative and general enquiries should be excluded from the term representative in the Standard, specifically considering the context in which the term is used in the Standard. The grammatical meaning of the word “representative” must therefore be applied in the Standard. As no direct requirements are placed on representatives in terms of the Standard, we do not see this as having any adverse effect. Financial products and financial services are not defined in the Standard as it is defined in the FSR Act. Please refer to the preamble in clause 1.

Consultation Report: Conduct Standard for Banks Page 124 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response

1. We request that clarity be provided around the scope of what will fall to be regulated in future by this Conduct Standard.
2. We recommend that when reviewing the scope of application of this Standard, that same should align to the FSR Act – which makes clear that financial products and financial services (the latter offered by “representatives”) are regulated under the Conduct Standards. The current FAIS exclusions – which applies when only factual information and assistance with administrative and general enquiries is provided – should be repeated in this Standard.
3. BASA New proposed definitions – add “Query” COMMENT
4. We submit that a definition for “Query” should be included in the Draft Conduct Standard, similar as contained in the Policyholder Protection Rules under the Long-Term and Short-Term Insurance Acts? RECOMMENDATION
5. We submit that a definition for “query” be included in the Draft Standard as follows: “query” means a request to the bank or the bank’s service provider by or on behalf of a person, for information regarding the bank’s financial products, financial services or related processes, or to carry out a transaction or action in relation to any such financial products or financial services; The word “query” is used once in the Standard, namely in defining a “complaint”. The grammatical meaning of the word “query” must therefore be applied in the Standard.
6. BASA Timing of the Standard pending CoFI consultations and FSCA retail banking diagnostic work-streams Disagree. See repsonse to item 10 above.

Consultation Report: Conduct Standard for Banks Page 125 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response COMMENT

1. The Banking Industry would like to state at the outset that we are committed to ensuring that a culture of treating customers fairly and doing the right thing is embedded within the day-to-day business decisions and operations of a bank.
2. However, it is also important that new conduct laws and standards provide regulatory certainty and that consistent regulatory proposals, definitions and scope of application – which are not materially misaligned - are published in any related conduct papers.
3. It is therefore important that the timing of such papers should take cognisance of consultations which are already underway in the form of written commentary, regulatory work-streams and that comments submitted in these processes receive due attention and consideration first, prior to any new papers being issued which cover same or similar topics. RECOMMENDATION
4. We submit that given the extent of overlap between the CoFI Bill and the Draft Conduct Standard – as an example in relation to definitions and varied proposed standards – that the Draft Conduct Standards for Banks is premature.
5. We submit that the regulator should first review the commentary submitted on the CoFI Bill and address key issues of concern in that consultation

Consultation Report: Conduct Standard for Banks Page 126 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response process. Similarly, to consider commentary received in the Retail Banking Diagnostic work-stream process. 3. Once these consultative processes have concluded, the draft conduct Standards for Banks should be revisted/re-drafted to align to what has been finalised in the CoFI Bill and/or the Retail Banking Diagnostic workstream. 4. The practical implications of implementing any new Conduct Standard is significant and therefore conduct laws and standards need to be aligned. 17. BASA Scope of application of the Standard COMMENT

1. The statement of need and problem statement in the FSCA policy paper (which accompanies the Draft Standard) positions why a conduct standard for banks is necessary and refers to banking assets funded by depositors (amongst others) and to the previous Jali Commission of enquiry and the more recent World Bank retail diagnostic into banks provision of transactional and fixed deposits. RECOMMENDATION
2. It is therefore our submission that the Draft Standard should only apply to deposits as defined in the Banks Act (long-term, short-term, and structured deposits) and should not apply to all financial products as defined in the FSR Act (such as pension funds, securities, CIS and insurance products, etc. Disagree. See reponse to item 17 of table A above.
3. BASA Application to Retail customers only COMMENT Disagree. See repsonse to item 13 of table A above.

Consultation Report: Conduct Standard for Banks Page 127 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response We are aware that there is still work to be done to carve out the “wholesale banking” ambit. • Application of the Conduct Standard to business units within Banks that operate in the non￾retail banking space requires clarification, specifically in relation to financial products and services not currently included under the ambit of the CoFI Bill. • Will the current Financial Markets review impact this Conduct Standard? • Also reference comments on the CoFI Bill - Reference Cover Letter to BASA, Section 1: General Comments, paragraph 14. Re-enclosed as Annexure A. RECOMMENDATION We suggest that the Standard states clearly that it only applies to Retail customers. 19. BASA Complaints management COMMENT

1. We note the following statement in par 4 of the supporting statement: “Some specific areas in the draft Conduct Standard, such as Complaints Management, contain more detailed requirements as general cross-sector consultations have previously taken place as part of the roll out of the Treating Customers Fairly regime by the former Financial Services Board (FSB).”
2. However, the banking industry has not been included in that exercise - only the Insurers.
3. We suggest that the Standard deals with the high level principles whilst the banking industry agree the detail in various work streams etc. Disagree. See reponse to item 87 of table A above.

Consultation Report: Conduct Standard for Banks Page 128 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response 4. Please refer to our comments in clause 8 above. 20. BASA Governance and Oversight Arrangements (Section 4(8)) COMMENT • The Governance Body should be satisfied that the requirements under the Conduct Standard have been operationalised adequately in the Bank’s Conduct Risk framework and supporting policies and that it exercises oversight, to the adherence by the bank of the framework, as per section 3(8) of the Conduct Standard. • The framework and policies are to set the roles and responsibilities for Conduct Risk and should allow for delegation of authority from Board to relevant persons. • “Decision makers” must not be prescribed in the Conduct Standard but should be decided by the Board of Directors and internally governed within the banks. • Comments supplied to BASA in relation to the CoFI Bill also to be considered – Reference Cover Letter to BASA, Section 1: General Comments paragraphs 9, 10& 12. Disagree. See repsonse to item 13 of table A above. 21. BASA Measurement of Fair Customer Treatment & Good Culture COMMENT • There will always be strong detractors who will advocate that the Bank has not treated them fairly. There should be an objective standard which is set by We note your recommendation but we respectfully submit that it would not be appropriate for the FSCA to establish such a Board. As correctly stated, the BSB is a private, non-regulatory, membership-based organisation. It is therefore an industry intiative and we submit that the same approach should rather be

Consultation Report: Conduct Standard for Banks Page 129 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response the FSCA which will independently evaluate if the Bank has treated a customer fairly and restoring trust will benefit the industry as a whole; as such, industry-wide dialogue and best practices sharing are important elements in the journey toward a stronger and healthier banking sector. • The banking industry in major markets should consider mechanisms of collaboration (for example, through industry standards organisations) to develop cross-industry comparisons regarding their progress on culture and conduct. • Even though culture is unique to each institution, collaboration and comparisons can benefit the industry by providing banks with a view, considered by some to be more honest than that collected in-house, into their own culture relative to those of peers. Further, such benchmarking results can provide banks with an objective basis for introspection and constructive challenge, guarding against overconfidence in their own approaches. o The Banking Standards Board (BSB) in the UK provides a good example of this industry-wide collaboration. Established in 2015, the BSB is a private, non-regulatory, membership-based organisation open to any bank in the UK. o The BSB has provided UK banks with an open forum to share and aggregate best practices on conduct and culture. o One of the cornerstone pieces of work achieved and published annually is the BSB Annual adopted in South Africa, i.e. the industry needs to take the porposal forward. The FSCA should not drive such an initiative and will rather focus on excercising its mandate which includes supervising the conduct of banks. In addition, it must also be noted that TCF is a financial sector wide initiative and not only focussed on banking.

Consultation Report: Conduct Standard for Banks Page 130 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response Review, which assess current and year over-year changes in behavior, competence, and culture in UK banking, and identifies key best practices from member banks. o Though only its second report, the 2017 Annual Review received over 36,000 responses of input across 25 UK banks, which highlights the keen interest and active participation on the part of UK banks in critically evaluating their own firm’s practices and collaborating with and supporting other banks in identifying changes in conduct and culture. o We recommend that the Authority establishes a Board or prescribes the rules for such a board that will support all the banks in the Journey of embedding market conduct culture and the board will report to the FSCA , adhoc or prescribed, on how far the banks are on the journey and what they need from the FSCA. 22. BASA Effective Date of Conduct Standard COMMENT We request that these standards do not apply retrospectively and that a transitional period for implementation allows for all the required governance and risk management structures to be set-up to support compliance with this Conduct Standard from that point in time onwards, specifically in relation to where changes will have to be made to product and service terms and conditions and disclosure documentation and IT systems. Training programmes are also relevant. The Standard does not propose retrospective application. The submission with regards to lead time required will be considered.

Consultation Report: Conduct Standard for Banks Page 131 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response 23. FAIS Ombudsman Impact of Conduct Standard on consumers It is recommended that the impact that the Banking Conduct Standard would have on the cosmumer is considered in the document. Comment unclear. The aim of the Standard is to protect financial customers. 24. FAIS Ombudsman Order of superiority The Conduct Standard should indicate which document would take precedence in the case of a conflict between the Conduct Standard, the General Code of Conduct of FSP’s and the Policy Holder Protection Rules. There is no conflict between the Standard, the FAIS General Code of Conduct and the Policyholder Protection Rules as far as we are concerned and therefore such a clause is not necessary. The respective pieces of legislation must be applied concurrently. 25. FAIS Ombudsman Behaviour of banks The purpose of this Conduct Standard on the behaviour of banks should also be clearly stipulated in this document. Comment unclear. The Statement of Need sets out the purpose of the Standard. 26. FAIS Ombudsman Retail banking diagnostic 2018 The outcomes of the Retail Banking Diagnostic and the finding thereof should be incorporated into this document. Various recommendations from the Retail Banking Diagnostic has been incorporated in the Standard to some extent. Further work is underway in cooperation with for example, industry workstream, to further refine and inform the future banking supervision framework. 27. Information Governance (Pty)Ltd Mark Heyink-Director My comment is based on my experience in dealing with banks on a day to day basis, in my personal banking, assisting a large number of clients in their dealings with some of the banks relating to Internet Banking Frauds, a reasonable depth of knowledge in being qualified as a Certified Information Systems Security Professional and in that capacity having dealt with banking systems, often on behalf of banks. Noted.

Consultation Report: Conduct Standard for Banks Page 132 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response While experiences vary from bank to bank, it is clear that some of the banks are inclined to take an arrogant and even bullying attitude towards their customers. They exploit their power in what I regard as not only an uinequittable and unfair manner, but also an unlawful manner. The truth is that this attitude is informed by a clear strategy that these banks are “untouchable” and that the only remedy for clients is litigation, which is outside of the reach of the vast majority of their clients. I have documented these actions and the failures of the Ombud in submissions made to the Financial Sector Conduct Authority. It will be necessary that I supplement these submissions by documenting the further adverse treatment of clients since those submissions were made. I request that those submissions are taken into account in considering the finalisation of the draft Conduct Standard. I know that my comments will be unpopular with certain banks, but I emphasise that my experience is that there is significant distress amongst people that I deal with and the “man in the street” is generally concerned at the “bullying” that they or persons that they know experience in dealing with banks. This is detrimental to the banking industry in South Africa. 28. POPIA (Pty) Ltd Peter Hill One or two codes The COFI Bill development currently underway is, to a large degree, trying to achieve this.

Consultation Report: Conduct Standard for Banks Page 133 of 133 SECTION C - GENERAL COMMENTS No Respondents Comment/Recommendation FSCA Response A single code that protects the rights of financial customers is preferable for the customer as there will be a single framework for exercising their rights. 29. Thato Keikelame I read all the sections of the draft. I feel that an important outcome that has been not covered has to do with ICT Implementation, which may also partially cross-relate with TCF3 in terms of information security. Yes a code of conduct for human interaction is paramount, but with banking primarily done through the utilization of ICT this "information gap" should be addressed at regulatory level. Regulations of ATMs should be something covered, if indeed we are truly about protecting customers. Please note that the Standard applies to face-to-face banking as well as banking conducted through electronic means. If there are specific gaps that you are concerned about we would welcome your inputs in this regard. With regards to ATM’s, we would also first need to understand exactly what the conduct risks are in the context of ATM’s before we are able to make proposals on how to address these risks. Once again, your inputs in this regard would be welcomed.