The Competition and Markets Authority (CMA) issues NatWest Group, Danske Bank and Nationwide Building Society letters of concern regarding multiple breaches of its Retail Banking Market Investigation Order 2017.
The UK competition regulator has published letters of concern regarding various breaches of its Retail Banking Market Investigation Order 2017, which all occurred between 2017 and 2022.
The Order is the CMA’s effort to increase competition and customer engagement within the retail banking industry and encourage the development of new services.
Among its various initiatives, the regulation seeks to make it easier for business and personal customers to compare different providers, including prices and the quality of the service.
The Order includes measures to streamline the process of switching current accounts and improve current switching services.
This is in addition to measures targeting SME Banking. The Order requires banks to offer a price quote and eligibility indicator tool, offering SMEs the same comparison capabilities as personal banking customers.
Banks are required to agree and adopt a core set of standards around business current accounts and how SMEs are able to open them; immobilising monopolies in retail banking among incumbent banks.
Breaches of the Retail Banking Order
- NatWest
The Bank breached part eight of the Order when it failed to display the correct annual percentage rate (APR) in an SME lending product between 2017 and 2022.
As outlined by part eight of article 32 of the Order, any information regarding APRs in SME loans must be ‘available to third parties (such as price comparison websites)’, and ‘accurate, comprehensive, and up to date’.
In a letter issued to NatWest today, the CMA made clear that Ulster Bank, the group’s bank offering its SME lending product, had not displayed any information regarding the APR for some of the five year period,
In addition to this breach, the bank had also incorrectly displayed the interest rate, a component of the APR, instead of the full APR.
“NatWest’s failure to provide the correct APR to price comparison websites and other third parties for its Ulster Bank Variable Rate Loan may have led to SMEs choosing a more expensive loan than they otherwise would have done,” the CMA’s letter read.
NatWest has recognised that, although most of the 1,018 SMEs who took out a loan with Ulster bank during this time were existing customers interacting directly with the bank, new-to-banks SMEs were likely to have retrieved information about the loan through a third party.
The bank identified 97 instances where SMEs could have been presented with the wrong APR because they used a third-party site that was provided with inaccurate information.
It notified the CMA of this breach on 29 July 2022.
- Danske Bank
The regulator found the Danish banking corporation to be in breach of part two of the Order when it failed on 45 occasions to ensure the accuracy of information regarding its business current account products.
Part two of the Order requires the UK’s largest banks to present ‘accurate, comprehensive and up to date product and service information’ and that this information is to be made continuously available through open banking APIs.
The bank failed in this regard when it presented inaccurate charges and fees to customers on 42 occasions.
This failure lasted between for four years between January 2018 and 26 July 2022.
It breached the order on three other occasions when information regarding the benefits and features of its business current accounts were misrepresented, taking place between October 2018 and 26 July 2022
The CMA’s letter to Danske Bank read: “The failure to make accurate, comprehensive and up to date product and service information continuously available through Open Banking APIs may result in consumers taking decisions that they would not have taken if they had access to the correct information.”
It continued: “For example, a business expecting to be charged on a ‘per transaction’ basis for submitting Direct Debit files to BACS may have been surprised to find it had been charged on a monthly basis.”
Danske notified the CMA of the breaches on 13 July 2022.
- Nationwide
The UK was also found to be in breach of part two of the Order when it committed a similar offence by not publishing accurate information on 10 occasions.
All 10 instances occurred between 10 March 2017 and 7 October 2022.
In one breach, recorded between 3 June 2020 and 26 February 2021, the bank’s transaction fee rate for non-sterling cash withdrawals and debit card payments in foreign currency were inaccurate quotes at 2.75 per cent rather than the correct 2.99 per cent.
This violation is related to the bank’s FlexAccount, FlexDirect and FlexBasic personal current account products.
On another occasion between 1 February 2022 and 17 May 2022, the in-credit interest rate for the bank’s FexOne product was incorrectly quoted at 0.1 per cent when it was actually 0.25 per cent.
Another offence between 29 January 2020 and 26 February 2021 displayed the non-UK ATM fee for all of the above-mentioned products as £1 rather than zero.
As it was a similar offence, the CMA also cited the same response it gave Danske Bank, by saying that inaccurate data may result in “consumers taking decisions that they would not have taken if they had access to the correct information.”
The CMA was notified of the breaches by the bank on 27 May 2022 and 14 October 2022.
Next steps
In all three of its letters, the regulator said that it “does not consider it appropriate to take further formal enforcement action in relation to these breaches at present,” but adds that NatWest, Danske Bank and Nationwide’s future compliances will be monitored closely.
NatWest is to give financial remediation to all 97 instances where SMEs were shown incorrect information and will be in contact with the 929 existing customers impacted to explain the breach.
It is also reviewing and restructuring its lending processes with third-party providers while engaging business teams in the relevant training sessions.
Danske Bank has also reacted proactively. It is creating and implementing a data management tool, amending its product governance framework and changing its management procedures.
It is also subjecting all of its business current account product data uploaded to its open banking APIs to a four-eye review; among other safeguards.
Likewise, Nationwide is currently reviewing its product change management checklist processes among many of its other reforms.
These include developing a viewing utility for personal current account product information APIs and introducing monthly reviews of product information with the open data API to ensure their accuracy and alignment.
