Zali Steggall (Warringah, Independent) Share this | Hansard source

by leave—I move amendments (1) and (2), as circulated in my name, together:

(1) Schedule 1, item 1, page 28 (before line 4), before the paragraph beginning "When undertaking such internal dispute resolution" in section 58BZB, insert:

When undertaking such internal dispute resolution about a complaint, the entity must give a statement, relevant to the complaint, about whether it has complied with its obligations.

(2) Schedule 1, item 1, page 29 (after line 16), after section 58BZD, insert:

58BZDA Giving a statement of compliance — civil penalty provision

(1) A regulated entity contravenes this subsection if the entity:

(a) is undertaking internal dispute resolution in dealing with a person's complaint of a kind described in paragraph 58BZD(1)(a) or (b); and

(b) does not give the person a statement of compliance in accordance with subsection (2).

Note: This subsection only applies to the entity when the SPF rules prescribe matters for paragraphs (2)(b), (d) and (e) that are relevant to the complaint.

(2) For the purposes of paragraph (1)(b), the statement of compliance must:

(a) include a statement by the regulated entity about whether, based on information reasonably available to the entity at the time of making the statement, it has complied with its obligations under the SPF provisions that are relevant to the complaint; and

(b) contain the kinds of information prescribed by the SPF rules that are relevant to the complaint; and

(c) not contain the kinds of information (if any) prescribed by the SPF rules that are relevant to the complaint; and

(d) be in writing and signed by a person who is an authorised representative of the entity of a kind prescribed by the SPF rules; and

(e) be given in accordance with the timeframes, and in the manner and form, prescribed by the SPF rules.

(3) Subsection (1) is a civil penalty provision.

Note: This means subsection (1) is a civil penalty provision of an SPF principle for the purposes of section 58FJ (about civil penalties).

(4) A statement of compliance given by the entity under this section is admissible, in any proceeding that:

(a) relates to the complaint; and

(b) is under or relates to an SPF EDR scheme;

as prima facie evidence of the entity's position, at the time of making the statement, on the matters in the statement.

(5) Nothing in this section limits or affects the admissibility in a proceeding of any other statement or evidence.

As many have discussed in relation to this legislation, there is a David and Goliath battle when it comes to victims and banks, financial institutions and the large telcos and social media platforms, which are all too often part of scams reaching consumers. Under the current proposed legislation, to bring forward a claim for compensation, a victim will need to gather information from companies—the banks and the telcos—to establish whether or not the companies have complied with the code. That is simply not realistic. I've raised this with the minister. Understanding that David and Goliath battle is important. The information is not readily available, and there is no requirement for the companies to hand it over willingly. I think it's fair to assume that getting to that information, with the scale of these organisations, would just be impossible for the victims of scams. It's a David and Goliath battle.

My amendments go some way to bringing power back to consumers by at least reversing the onus of proof when it comes to accessing dispute resolution. They require the companies and the banks, financial institutions and telcos involved in a scam, as a party to the scam, to provide the victims with a statement of compliance with the Scams Prevention Framework to then access that internal dispute resolution. Associated with that needs to be what that Scams Prevention Framework ultimately looks like, I appreciate, and I have some questions in that respect.

What this means is that it's not just for the victim to have to establish the case from scratch that they are entitled to dispute resolution and thus compensation. There is a reversal of onus, which is important. It strengthens the integrity of the framework and will ensure that vulnerable customers will be able to have a better chance of access at dispute resolution and, ultimately, compensation from the regulated entities.

These amendments improve the internal dispute resolution process to require businesses to provide this statement of certification that they have complied with their obligation under the bill, and there will be a civil penalty provision that carries with this, and these certificates will be admissible in later proceedings. I ask the minister to make sure, though, that the explanatory memorandum includes details relating to the specificity requirements that will be placed in the rules, to ensure customers have enough details to satisfy their compliance with their obligations. It might be by providing details that at a specific time the customer confirmed the name of the account to receive the funds through a confirmation of payee mechanism. Another example might be a social media platform providing specific details of when they became aware of the scam activity and what steps they took to respond. It's important that everyone involved in this matrix takes some responsibility.

We've had discussions around whether it should be, for example, an automatic presumption of compensation against the financial institutions. I accept that there are often three elements to scams. We have the victim, who has unwittingly consented to authorising a payment. We have financial institutions that have access to who that payment is ultimately going to, so they bear a responsibility in introducing friction and in ensuring people are generally aware of what they are authorising. Then we have the telcos. I accept this. The telcos are a major player, especially when I look at social media and Facebook and Meta entities, in assisting in delivering scams to the victims. They are facilitating that, so they also bear that responsibility. But, of course, getting behind the wall of information in those kinds of organisations is simply impossible for victims.

I do thank the government, I understand, for accepting that this reversal of onus is necessary, when it comes to that compilation of information and that certificate of compliance, so that access to dispute resolution can operate. I think it's important, though, for the government to continue being vigilant, to make sure fair compensation is occurring. I urge all consumers and victims out there to absolutely report scams. They profit and thrive with secrecy, with shame or anxiety about reporting. So reporting and exposing scams is the most important thing that people can do.

See this speech in context