Two pieces of legislation deal with Council rates:

  • The Local Government (Rating) Act 2002, obliges property owners to pay their rates.  It also enables the council to recover unpaid rates from the bank as mortgagee if the property owner is in default.
  • The Property Law Act 2007, also obliges the borrower in a mortgage to pay rates for the property.

A council can notify a bank, as mortgagee, that a property owner has not paid his or her rates, and demand that the bank pay them instead. The bank must pay the arrears. Typically, it will recover the money from the customer by debiting the amount to his or her account. It is standard practice for the terms and conditions of property loans to include a reference to a bank's right to recover money owed by customers. 

Common complaints

Customer did not authorise the debit

Some customers complain that their bank acted unlawfully by taking money from their account because they did not authorise the withdrawal. In such cases, we will review correspondence between the council and bank, and between the bank and customer. We will also check whether the terms and conditions of the customer’s account allowed the bank to debit the account in such circumstances. If the terms and conditions contain such a provision, and if the bank paid the rates arrears in response to a council demand, we cannot take the complaint further.

Bank failed to notify the customer

Customers complain that their bank failed to notify them of its intention to debit their account. It is standard practice for a bank to try to contact a customer to advise that it has received a rates notice from a council, and also to explain the consequences of a rates demand being served on the bank. We review communications to check that the bank gave adequate notice. If we find the bank failed to give adequate notice, we may consider compensation for inconvenience.

Customer in a dispute with council

Customers complain that their bank should not pay rates arrears or debit their account because they are in a dispute with their council. Banks are not required to become involved in such disputes, and are entitled to rely on a council’s notice that rates are in arrears. The courts are the place for ratepayer challenges. 

It is standard practice for a bank to try contact a customer to advise that it has received a rates notice from a council and explain the consequences of the demand before debiting your account.

deskladyFlower2

Privacy & confidentiality

Banks have a legal duty to protect the confidentiality of existing and former customers. Banks also have obligations under the Privacy Act 1993, which contains 12 privacy principles about personal information. In the banking sector, these principles govern:

  • banks’ collection and storage of customer information
  • customers’ rights to access and correct information about themselves
  • the disclosure of personal information.

We can consider complaints about breaches of privacy and duty of confidence. Sometimes we refer a privacy complaint to the Office of the Privacy Commissioner if we consider it would be better dealt with by that office. An example would be if a customer sought compensation that exceeded our limit. 

Concepts similar, but not the same

A duty of confidence and the legal obligation to protect privacy are similar, but not the same. The former applies to information about individuals and businesses, the latter to information about individuals only (and that includes bank staff). If a complaint requires us to look into the behaviour of a staff member, we can ask the bank to tell us what systems or process changes it has put in place to correct a problem, but we cannot seek information about any disciplinary or other action the bank may have taken against that individual.

Disclosing confidential information

There are four broad situations in which a bank can lawfully disclose confidential information:

  • When the law compels it to: Banks sometimes have to give evidence about a customer’s affairs in court. Banks can also be required to give information to the Inland Revenue Department (under the Tax Administration Act 1994), to the Ministry of Social Development (under the Social Security Act 1964) and to a company liquidator (under the Companies Act 1993). Banks are also required to report suspicious transactions to Police (under the Financial Transactions Reporting Act 1996 and Anti-Money Laundering and Countering Financing of Terrorism Act 2009).  
  • When it has a public duty to: This applies when there is a danger to the state or when the wider public needs protection against crime. A bank needs to balance the public interest with respecting a customer’s right to privacy when it considers providing information about that person to a third party.
  • When a bank must disclose information to protect its interests: This applies when a bank takes legal action against a customer (such as to recover a debt), or defends an action from a customer and needs to provide information about the customer’s affairs.
  • When a customer agrees: A bank can disclose customer information if the customer agrees. A bank must ensure the information is correct and within the scope of the customer’s consent. A customer may, for example, agree to the bank’s disclosure of information about one account only. If the bank releases information about other accounts, it has breached its duty of confidence.

When a bank breaches confidentiality or privacy

If we consider a complaint about breach of confidence or privacy to be valid (whether accidental or deliberate), we assess whether this has resulted in a direct financial loss to the customer and, if so, award compensation. We also look at whether the customer has suffered distress, embarrassment or inconvenience. We must be satisfied any distress, embarrassment or inconvenience warrants a compensation payment. Sometimes customers submit substantial claims for minor frustration or inconvenience. We are unlikely to award compensation for minor mistakes that have little or no harmful effects company liquidator (under the Companies Act 1993). Banks are also required to report suspicious transactions to Police (under the Financial Transactions Reporting Act 1996 and Anti-Money Laundering and Countering Financing of Terrorism Act 2009). 

Common scams targeting bank customers

You always need to be on your guard when it comes to banking and money matters. That doesn’t mean being suspicious or paranoid. Rather, it means exercising care and maintaining a healthy scepticism towards individuals or companies when you’re online. We recommend you take the following precautions:

How to bank safely

  • Find out something about the company or individual you are dealing with. Do an internet search, look for reviews, ask for a physical address you can check, and look up the company on the Companies Register.
  • Check Consumer Protection’s scam alert website.
  • Check with someone independent and trustworthy before you commit to anything.
  • Do not give out account details unless the business is established and trusted.
  • Never accept money into your account for subsequent transfer to others.
  • Never give out your PIN or internet banking password.
  • Check your accounts regularly to ensure money is going to the right places.
  • Report any likely scams to your bank.
  • When emailing people about making a payment, confirm the payment details using another form of communication (such as by phone). You may not be communicating with the person you imagine, because fraudsters hack into email accounts and assume the account holder’s identity. A quick phone call can foil such deception.
  • Contact your bank immediately if you suspect you have been scammed. It may be able to reverse a payment (but that’s unlikely if you’ve authorised the payment and it has gone through).

If you find you've become the victim of a scam and you complain to us, our job is to determine whether your bank is liable for the loss.

Phishing scams

Scammers try to trick customers into giving out personal information such as bank account numbers, passwords and credit card numbers. This is called a phishing scam. Typically, customers receive an email from what looks like their bank. It will say they need to confirm some personal details, usually their internet banking username and password. It will contain a link to a website that looks like the bank’s but is fake. Customers who enter these details will soon find scammers have accessed their accounts and cleared out their money.

Be extremely wary of emails that appear to be from your bank and that ask you to confirm your personal details. Banks will never ask you for your password in emails. Don’t click on links within any email if you have the slightest suspicion about its authenticity. Simply delete the email. If you need to go to your bank’s website, type the address into your browser.

If you enter your internet banking password and other details into a fake website, it’s likely you will be liable for any losses because you disclosed this crucial information.

Fraudsters may also make phishing phone calls pretending to be your bank, telephone company, government department or a computer company. They may ask you to turn on your computer and download software that gives them access to everything on your computer. A fraudster who has gained access to your computer may be able to steal money from your bank accounts. Be very cautious about unsolicited phone calls, no matter how plausible the caller sounds. 

Sending money to scammers

Scammers can also trick bank customers into sending money to them. How they do this varies. A common way is to ask customers to send a processing fee in order to receive an inheritance or the proceeds of an investment. Another is for someone met on an online dating site to seek financial help. Losses from such scams can run into tens of thousands of dollars.

Always be careful if someone you don’t know or have met only online asks for money. It can seldom be recovered. Your bank is very unlikely to be liable for losses you suffer if you give it instructions to send money to someone, it follows those instructions and you later find out that the individual was a scammer.

Money mules

Another scam is to ask a bank customer – the mule  – to accept and forward on money stolen from another victim’s bank account. Scammers convince people there is a legitimate reason for the transfer, such as paying a fee associated with a job application or helping someone with whom they have an online relationship.

A bank may reverse a payment from a mule’s account if the money is found to have been stolen. This, in turn, can cause the mule’s account to be overdrawn if there isn’t enough money in the account. The bank will ask the mule to repay the overdrawn sum.

In such cases, we consider whether the bank’s terms and conditions allow it to reverse a payment from a mule’s account. We also assess whether the bank had sufficient information to conclude the money was stolen before it reversed the payment. If so, the customer will be held liable for the loss.     

PIN scams

These aim to get customers to disclose their PIN. Scammers have usually already stolen a customer’s wallet, but to use any credit or debit cards they need the PIN.

Scammers use different techniques to get intended victims to disclose their PIN. Scammers may, for example, say they are from the bank and have noticed suspicious transactions that indicate a card has been stolen. They will suggest cancelling the card, but doing that, they add, will require the customer to verify his or her PIN in order to authorise the cancellation. The giveaway here is that banks never ask for a customer's PIN.

Another technique is to contact a customer and say he or she has won a prize. The customer is asked to make up a four-digit number for identification purposes when collecting the prize. The scammer may be making the call from an ATM and will tap in the number. If not the PIN, the scanner will say that number has been taken, and to pick another. Subconsciously or otherwise, many customers will eventually give out their PIN.

By disclosing your PIN to anyone, you are breaching the terms and conditions of your account or card and you will generally be liable for fraudulent transactions. You won’t be liable for fraudulent transactions if you have taken reasonable care of your card and PIN. 

Financial abuse of the elderly

Financial abuse can take the form of:

  • misusing or stealing from the bank accounts of those in their care
  • pressuring a person to sign a legal document, such as a guarantee or mortgage
  • using a power of attorney in a way that is not in the interests of the person who granted it.

Pressure from family member or caregiver

Elderly people may face pressure from family members for financial support. For example, an adult child may pressure a parent to guarantee a loan or become a co-borrower on a loan using the parent’s house as security. 

If someone is pressuring you to sign a bank document, or is accessing your accounts without your permission, contact your local bank branch. Staff will give you advice on how best to protect yourself and your banking affairs. In so doing, bank staff will also be alert to any unusual activity in your accounts.

Suspicions of financial abuse

If you suspect an elderly friend or relative is the subject of financial abuse, you may like to raise the subject diplomatically with that person. Some tentative questions can either allay or confirm your suspicions. You may wish to raise your concerns with a trusted family member. The Office for Seniors runs a free helpline (0800 32 668 65) that gives callers information about elder abuse and also connects them to support services.

Other types of financial abuse

Like all customers, older people can also be approached by individuals running financial scams. Fraudsters can make contact in person, by phone, email, or through the internet. 

More information

The following organisations also deal with matters affecting the elderly: