Clik here to view.
One can bet this is still going on...
01/183 ASIC concludes ANZ Bank review
Thursday 31 May 2001
The Australian Securities and Investments Commission (ASIC) today announced that it has concluded its enquiry into allegations of inappropriate sales practices within ANZ Bank's Personal Financial Services division.
ASIC will continue to monitor ongoing compliance with the remedial measures implemented by ANZ as a result of its enquiry.
ASIC's National Director, Financial Services Regulation, Ian Johnston said that ASIC had been concerned about aspects of ANZ's compliance systems, particularly whether or not consumers had suffered loss.
'While ANZ and PricewaterhouseCoopers have not detected any measurable loss to consumers, ASIC will continue to call on the Bank to compensate any account-holders who have lost money through abuse of the Salesforce system', Mr Johnston said.
'At the time of ASIC's enquiry, ANZ commenced an extensive review of its compliance procedures and systems. As a result of the issues highlighted by ASIC, and following detailed input from ASIC, ANZ is now working to a deadline to implement qualitative improvements to its systems over the next six months. It will report regularly to ASIC during that process', he said.
Mr Johnston added that ANZ had demonstrated a commitment to remedy the deficiencies within its Salesforce system from the outset and had cooperated fully with all of ASIC's requests.
'They are to be congratulated on their willingness to accept fault and to move quickly to solve this problem which was of concern to both ASIC and, more importantly, ANZ customers', Mr Johnston said.
The Bank has instituted a comprehensive review of its internal compliance systems and procedures, to prevent a repetition of misbehaviour, after ASIC's enquiry revealed instances of inappropriate conduct by certain ANZ staff (in breach of the Code of General Banking Practice) and the potential for further misconduct to occur.
ASIC announced on 20 December 2000 that ANZ had appointed Pricewaterhouse-Coopers as an external consultant to review and report to ASIC and ANZ on the Salesforce system.
As a result of the enquiry and PricewaterhouseCoopers' review, it appeared that:
- Isolated instances of misconduct had occurred within the Personal Financial Services division. The Bank had undertaken its own investigations and disciplinary measures had followed.
- Although compliance systems and procedural deficiencies within the Bank revealed the potential for further gaming conduct which could cause loss to customers through increased fees or charges, no systemic, serious or on-going instances of such behaviour causing financial loss to customers have yet been detected.
- Some staff had misinterpreted the Salesforce system to focus more on sales rather than customer service, with the result that gaming could occur in volume or transaction-driven sales activities.
- Systemic deficiencies in resources, communication, supervision and record-keeping had encouraged the development of a culture within parts of the Bank which suggested that sales activities were the primary objective of staff and the most important determinant of performance-based rewards.
- Three transactions types were identified as requiring particularly close attention,
- deposit accounts opened without customer consent;
- accounts being opened and closed to gain rewards through churning; and
- internet banking registrations being established without customer consent.
On 8 November 2000, ASIC announced it had commenced the enquiry, following publication in the Australian Financial Review of a staff memorandum from ANZ's Mr Larry Crawford alleging fraud, product-pushing and gaming by sales staff in connection with ANZ's Salesforce incentive-based remuneration system.
ASIC will continue to monitor compliance at ANZ Bank.
ANZ builds up 'cypher cloud' strategy
By Liz Tay on Nov 27, 2012 12:05PM
Decommissions Salesforce instances to satisfy global regulators.
ANZ will move certain businesses off a Salesforce customer relationship management (CRM) system under a group-wide cloud computing policy established late last year. The policy was developed in the wake of a September 2011 review by Australian banking regulator APRA but shaped by the more stringent requirements of the Monetary Authority of Singapore (MAS).
“We work towards the MAS standards in Singapore,” ANZ chief information officer Anne Weatherston said, describing the challenge operating in 32 geographies. “They’ve come out and said absolutely, categorically no cloud. APRA is not quite as prescriptive yet as MAS, but the APRA view is that we [Australia] will follow their lead.” Weatherston said ANZ’s Australian life insurance business currently used a Salesforce CRM, although no customer data was stored in the cloud. She described the cloud CRM as “a fantastic product” that she had inherited when she joined ANZ as its CIO three years ago.
ANZ’s Australian competitors, including the Commonwealth Bank and Bank of Queensland, have spoken publicly about adopting a Salesforce CRM in recent months. “I think Salesforce could be quite useful in our Australian businesses but we want to do things globally consistently,” Weatherston said. “You’re only as strong as your weakest link … MAS do look at that. I think the MAS view is no Salesforce, even without [storing] data [in the cloud].”
According to ANZ‘s chief technology officer Patrick Maes, the group would not exclude public or hybrid cloud solutions “where that makes sense”. Maes described ANZ’s target environment as a “cypher cloud”, for which any customer data would be encrypted and depersonalised before moving to public cloud environments. He noted that the group continued to use Salesforce to manage investor relationships – where no customer data was involved.
“In our policy, we say very clearly that we don’t master customer data in the public cloud or in a hybrid cloud,” Maes explained. “Going forward, we will probably end up in a hybrid approach … to overcome all the legislation and regulations in terms of privacy and location of data, we’ve come up with a cypher cloud proposition. “We’re basically saying it’s possible to have customer data in a public cloud capability, but that customer data is depersonalised and encrypted on the cloud provider’s side, so we never can compromise customer data.”
Economies of scale
Speaking to iTnews on the sidelines of the Gartner Symposium this month, Weatherston and Maes explained that ANZ would still enjoy economies of scale through its private cloud. ANZ has virtualised 40 percent of its infrastructure in the past year, and expects to have 80 percent of its systems in a private cloud environment by 2014. ANZ’s private cloud currently supports 2000 virtual desktops for ANZ Wealth, with the group’s entire 60,000-desktop fleet to be converted to virtual desktops by 2014.
"The economies of scale that you get in a public cloud, you can get into a private cloud … and in the long-term, depending on your size, it’s easier,” Maes said, noting that public cloud users were still saddled with inspections and disaster recovery requirements. “Don’t forget for most regulators, a public cloud contract is a material outsourcing contract. You as a bank are still responsible for the cloud provider.”