Some banks sell policies provided by their own insurance divisions, and other banks sell policies supplied by separate companies. We can consider all complaints about the selling process by banks, regardless of whether banks sold an internally or externally provided policy.

We can also consider complaints about the way a claim has been assessed, or the fact it has been declined, but only if the bank itself has provided the policy. If the complaint is about a claim on another company’s policy, we cannot consider the complaint, but will help you find who can.

Our approach

Bank officers have a duty to take care when giving customers information and advice about financial and insurance products. The exact nature and extent of that duty will depend on each case. We can look at whether they met that obligation.

For instance, one bank might simply give a customer information about a policy, but no advice or recommendation. In that situation, we would look at whether the customer received information that was clear and also sufficient to enable the customer to make an informed decision about whether the policy was the right choice.   

In other situations, a bank might assess a customer’s insurance needs and then give advice and a recommendation. In that situation, we would look at whether the bank took adequate steps to ensure the recommended policy suited the customer’s needs.   

We sometimes get complaints from people who say the policy is not what they believe they bought when the time comes to make a claim: 

  • A bank led a complainant to believe a policy was compulsory, and having learned it was not, the complainant wanted reimbursement of all premiums. 
  • A bank failed to advise that a policy would not provide cover for the event claimed for, despite being aware of the complainant’s circumstances. 
  • A bank failed to provide a copy of a policy, so the complainant could not check whether it met his or her needs. 

We also sometimes get complaints about the failure to disclose information, such as:

  • A bank did not record all the details of a complainant’s health on a policy application form, and a claim was subsequently declined for either a failure to provide important information or supplying incorrect information.
  • A complainant told a bank about a health condition and the bank said it was so minor there was no need to put it on the application. 
  • A bank declined a complainant’s claim because of a pre-existing condition – despite advising that the policy would cover all health matters. 

In looking at a complaint about the sales process, we consider:

  • the information the bank had about the customer’s insurance requirements
  • the information or advice the bank gave to the customer about the insurance policy
  • whether the customer was eligible for the policy (some travel insurance policies, for example, don’t cover those over a certain age)
  • whether any policy exclusions or limitations made the policy unsuitable for the customer (such as a pre-existing medical condition)
  • what written disclosure was made to the customer about the policy.

 To help us make a decision, we will often look at:

  • the application form, bank diary notes about the sale (including any records of a needs analysis and any customer notes) and phone recordings
  • what the bank officer and complainant remember about the sale
  • the bank’s policies on insurance products and any sales scripts bank staff use when selling policies
  • relevant law, codes of practice and regulatory guidelines.

If we find the sales process was flawed, we may recommend the bank pay the customer’s claim, or some proportion of it. In other situations, we may recommend the bank reimburse the premiums, and/or pay compensation for the inconvenience arising from the sales process. 

Switching policies

Advisers need to take special care when recommending a customer take out a different policy because of the risk the customer may lose some of the cover offered by the existing policy. We use a Financial Markets Authority guide when looking at complaints in this area. The guide says advisers comparing a customer’s existing policy with a replacement must:

  • be familiar with the terms of the existing product
  • make a clear, reasonable and balanced comparison
  • point out the disadvantages as well as the advantages of switching policies.

 A bank should make clear the limited scope of the service it is providing if it is not giving advice or making a recommendation about a different policy. It should point out that no comparison has been made, and it should explain the risks of changing policies and the nature of these risks, which may include:

  • reduced cover (for example, a change to the date from which pre-existing medical conditions will be excluded)
  • fees for cancelling a policy
  • a specific period of reduced cover (for example, redundancy cover will not be available for the first three months). 

Specific policies

Critical care cover

Also known as trauma cover, this is often an option added to life insurance policies. It usually offers a lump sum payment on diagnosis of a terminal illness that will soon end in death. It can also include very specific conditions, such as loss of a limb, certain cancers and certain types of heart disease.

It is commonly believed – including by some bank officers – that critical care cover is a cheap alternative to disability cover. However, it is often so narrowly defined that it excludes most types of disability. Nor is it a substitute for a loan protection or income protection policy. There are clear differences, which banks should explain to customers.

Loan protection policies

Also called mortgage protection policies or loan repayment policies, they offer loan repayments when a borrower cannot meet his or her commitments because of temporary disability or redundancy. Or they repay the loan in full in case of permanent disability or death. Loan protection policies pay out to the lender rather than to the insured (or his or her estate), as happens with life insurance policies.

Loan protection policies are sometimes confused with lender’s insurance. The latter protects the bank (for example, if there is a shortfall after a mortgagee sale), not the borrower, even though the borrower pays the premiums – which is why some borrowers assume the policy is in place for their protection. It is not. If the insurer pays out on a claim, it has the right to recover the money from the borrower. Complaints about loan protection policies sometimes stem from this confusion. We check whether the bank properly explained that the premium paid was for the bank’s lender’s insurance.

Banks don’t have to offer customers a loan protection policy when arranging a loan, but it is a good idea for borrowers to think about insurance cover when taking out a loan.

Sometimes, when a customer’s borrowing amount is increased, the existing loan will be repaid and a new loan made at the higher amount. In the process, loan protection insurance on the old loan can sometimes be automatically cancelled – a fact missed by customers and sometimes not pointed out by banks. Banks should advise customers of this and check what insurance they may want.

When a customer borrows more money, the cover may continue for the original loan, but not for the extra lending. It is good practice for banks, if they have sold the original policy, to check whether the customer requires insurance cover for all the lending. 

A standard loan protection policy may not be of much value to part-time workers or the self-employed. Part-timers may not qualify for disability or redundancy cover, and the self-employed cannot get redundancy cover and may not be covered for loss of contracts.

Buying insurance over the phone

Telemarketing of insurance policies is becoming more common. Legally, an insurance contract doesn’t have to be in writing, so acceptance of an offer of insurance over the phone is binding. However, banks should make sure customers are sent a copy of the policy, and are advised to read it, because the full terms and conditions of the policy won’t have been disclosed in the phone call.

Bank officers have a duty to take care when giving customers information and advice about financial and insurance products, the nature and extent of that duty will depend on each case.

Square guy

Privacy & confidentiality

Banks have a legal duty to protect the confidentiality of existing and former customers. Banks also have obligations under the Privacy Act 1993, which contains 12 privacy principles about personal information. In the banking sector, these principles govern:

  • banks’ collection and storage of customer information
  • customers’ rights to access and correct information about themselves
  • the disclosure of personal information.

We can consider complaints about breaches of privacy and duty of confidence. Sometimes we refer a privacy complaint to the Office of the Privacy Commissioner if we consider it would be better dealt with by that office. An example would be if a customer sought compensation that exceeded our limit. 

Concepts similar, but not the same

A duty of confidence and the legal obligation to protect privacy are similar, but not the same. The former applies to information about individuals and businesses, the latter to information about individuals only (and that includes bank staff). If a complaint requires us to look into the behaviour of a staff member, we can ask the bank to tell us what systems or process changes it has put in place to correct a problem, but we cannot seek information about any disciplinary or other action the bank may have taken against that individual.

Disclosing confidential information

There are four broad situations in which a bank can lawfully disclose confidential information:

  • When the law compels it to: Banks sometimes have to give evidence about a customer’s affairs in court. Banks can also be required to give information to the Inland Revenue Department (under the Tax Administration Act 1994), to the Ministry of Social Development (under the Social Security Act 1964) and to a company liquidator (under the Companies Act 1993). Banks are also required to report suspicious transactions to Police (under the Financial Transactions Reporting Act 1996 and Anti-Money Laundering and Countering Financing of Terrorism Act 2009).  
  • When it has a public duty to: This applies when there is a danger to the state or when the wider public needs protection against crime. A bank needs to balance the public interest with respecting a customer’s right to privacy when it considers providing information about that person to a third party.
  • When a bank must disclose information to protect its interests: This applies when a bank takes legal action against a customer (such as to recover a debt), or defends an action from a customer and needs to provide information about the customer’s affairs.
  • When a customer agrees: A bank can disclose customer information if the customer agrees. A bank must ensure the information is correct and within the scope of the customer’s consent. A customer may, for example, agree to the bank’s disclosure of information about one account only. If the bank releases information about other accounts, it has breached its duty of confidence.

When a bank breaches confidentiality or privacy

If we consider a complaint about breach of confidence or privacy to be valid (whether accidental or deliberate), we assess whether this has resulted in a direct financial loss to the customer and, if so, award compensation. We also look at whether the customer has suffered distress, embarrassment or inconvenience. We must be satisfied any distress, embarrassment or inconvenience warrants a compensation payment. Sometimes customers submit substantial claims for minor frustration or inconvenience. We are unlikely to award compensation for minor mistakes that have little or no harmful effects company liquidator (under the Companies Act 1993). Banks are also required to report suspicious transactions to Police (under the Financial Transactions Reporting Act 1996 and Anti-Money Laundering and Countering Financing of Terrorism Act 2009). 

Common scams targeting bank customers

You always need to be on your guard when it comes to banking and money matters. That doesn’t mean being suspicious or paranoid. Rather, it means exercising care and maintaining a healthy scepticism towards individuals or companies when you’re online. We recommend you take the following precautions:

How to bank safely

  • Find out something about the company or individual you are dealing with. Do an internet search, look for reviews, ask for a physical address you can check, and look up the company on the Companies Register.
  • Check Consumer Protection’s scam alert website.
  • Check with someone independent and trustworthy before you commit to anything.
  • Do not give out account details unless the business is established and trusted.
  • Never accept money into your account for subsequent transfer to others.
  • Never give out your PIN or internet banking password.
  • Check your accounts regularly to ensure money is going to the right places.
  • Report any likely scams to your bank.
  • When emailing people about making a payment, confirm the payment details using another form of communication (such as by phone). You may not be communicating with the person you imagine, because fraudsters hack into email accounts and assume the account holder’s identity. A quick phone call can foil such deception.
  • Contact your bank immediately if you suspect you have been scammed. It may be able to reverse a payment (but that’s unlikely if you’ve authorised the payment and it has gone through).

If you find you've become the victim of a scam and you complain to us, our job is to determine whether your bank is liable for the loss.

Phishing scams

Scammers try to trick customers into giving out personal information such as bank account numbers, passwords and credit card numbers. This is called a phishing scam. Typically, customers receive an email from what looks like their bank. It will say they need to confirm some personal details, usually their internet banking username and password. It will contain a link to a website that looks like the bank’s but is fake. Customers who enter these details will soon find scammers have accessed their accounts and cleared out their money.

Be extremely wary of emails that appear to be from your bank and that ask you to confirm your personal details. Banks will never ask you for your password in emails. Don’t click on links within any email if you have the slightest suspicion about its authenticity. Simply delete the email. If you need to go to your bank’s website, type the address into your browser.

If you enter your internet banking password and other details into a fake website, it’s likely you will be liable for any losses because you disclosed this crucial information.

Fraudsters may also make phishing phone calls pretending to be your bank, telephone company, government department or a computer company. They may ask you to turn on your computer and download software that gives them access to everything on your computer. A fraudster who has gained access to your computer may be able to steal money from your bank accounts. Be very cautious about unsolicited phone calls, no matter how plausible the caller sounds. 

Sending money to scammers

Scammers can also trick bank customers into sending money to them. How they do this varies. A common way is to ask customers to send a processing fee in order to receive an inheritance or the proceeds of an investment. Another is for someone met on an online dating site to seek financial help. Losses from such scams can run into tens of thousands of dollars.

Always be careful if someone you don’t know or have met only online asks for money. It can seldom be recovered. Your bank is very unlikely to be liable for losses you suffer if you give it instructions to send money to someone, it follows those instructions and you later find out that the individual was a scammer.

Money mules

Another scam is to ask a bank customer – the mule  – to accept and forward on money stolen from another victim’s bank account. Scammers convince people there is a legitimate reason for the transfer, such as paying a fee associated with a job application or helping someone with whom they have an online relationship.

A bank may reverse a payment from a mule’s account if the money is found to have been stolen. This, in turn, can cause the mule’s account to be overdrawn if there isn’t enough money in the account. The bank will ask the mule to repay the overdrawn sum.

In such cases, we consider whether the bank’s terms and conditions allow it to reverse a payment from a mule’s account. We also assess whether the bank had sufficient information to conclude the money was stolen before it reversed the payment. If so, the customer will be held liable for the loss.     

PIN scams

These aim to get customers to disclose their PIN. Scammers have usually already stolen a customer’s wallet, but to use any credit or debit cards they need the PIN.

Scammers use different techniques to get intended victims to disclose their PIN. Scammers may, for example, say they are from the bank and have noticed suspicious transactions that indicate a card has been stolen. They will suggest cancelling the card, but doing that, they add, will require the customer to verify his or her PIN in order to authorise the cancellation. The giveaway here is that banks never ask for a customer's PIN.

Another technique is to contact a customer and say he or she has won a prize. The customer is asked to make up a four-digit number for identification purposes when collecting the prize. The scammer may be making the call from an ATM and will tap in the number. If not the PIN, the scanner will say that number has been taken, and to pick another. Subconsciously or otherwise, many customers will eventually give out their PIN.

By disclosing your PIN to anyone, you are breaching the terms and conditions of your account or card and you will generally be liable for fraudulent transactions. You won’t be liable for fraudulent transactions if you have taken reasonable care of your card and PIN. 

Financial abuse of the elderly

Financial abuse can take the form of:

  • misusing or stealing from the bank accounts of those in their care
  • pressuring a person to sign a legal document, such as a guarantee or mortgage
  • using a power of attorney in a way that is not in the interests of the person who granted it.

Pressure from family member or caregiver

Elderly people may face pressure from family members for financial support. For example, an adult child may pressure a parent to guarantee a loan or become a co-borrower on a loan using the parent’s house as security. 

If someone is pressuring you to sign a bank document, or is accessing your accounts without your permission, contact your local bank branch. Staff will give you advice on how best to protect yourself and your banking affairs. In so doing, bank staff will also be alert to any unusual activity in your accounts.

Suspicions of financial abuse

If you suspect an elderly friend or relative is the subject of financial abuse, you may like to raise the subject diplomatically with that person. Some tentative questions can either allay or confirm your suspicions. You may wish to raise your concerns with a trusted family member. The Office for Seniors runs a free helpline (0800 32 668 65) that gives callers information about elder abuse and also connects them to support services.

Other types of financial abuse

Like all customers, older people can also be approached by individuals running financial scams. Fraudsters can make contact in person, by phone, email, or through the internet. 

More information

The following organisations also deal with matters affecting the elderly: