New Bank of Tanzania Regulations on Financial Consumer Protection.

In this article, we provide an overview of the new Bank of Tanzania (Financial Consumer Protection) Regulations 2019 (the Regulations) which were published in Government Notice No. 884 on 22 November 2019.

In summary the Regulations:

1. Introduce a variety of protections for consumers in terms of how financial service providers offer, market and deal with complaints related to the financial services that they offer to consumers; and
2. Set out the powers that the Bank of Tanzania has in terms of enforcing non-compliance with the Regulations.

Key definitions under the Regulations

• Financial education means imparting financial knowledge, skills and influencing financial behaviour of consumers to enable them to manage their personal financial matters and make informed decisions
• Financial consumer protection means laws, institutions, practices and policies to safeguard consumer rights, enable consumers to make informed financial decisions and ensure fairness in the provision of products and services by financial service providers
• Financial service provider means an institution licensed, regulated and supervised by the Bank of Tanzania
• Senior management for the purpose of Regulation 6 includes the chief executive officer, head of function, any other senior officer reporting to the chief executive officer and any other person other than members of the Board of Directors who participates in making decisions that affect the whole or substantial part of the business of the financial service provider

Governance by Financial Service Providers

Regulation 4 provides for a general provision that every financial service provider shall have in place a structure of governance that will ensure the effective implementation of consumer protection in accordance with the provisions of the Regulations.

Furthermore, Regulation 5 imposes responsibilities on the board of directors of the financial service provider (to include the overseeing of the implementation of a compliant financial consumer protection policy, ensuring that senior management has adequate processes in place for providing information necessary for the monitoring of these initiatives and to employ or appoint staff with sufficient knowledge in this regard. Regulation 6 also sets out the responsibilities of the senior management which are similarly wide ranging and include monitoring the compliance of the financial service provider in all aspects of its operations and identifying any financial products offered by the financial service provider that are a particular risk from a consumer protection compliance perspective.

In addition, the Regulations place an obligation on a financial service provider to adopt policies that are consistent with its own size and risk profile, which simultaneously allows it to discharge its obligations under the Regulations. Attached to this at Regulation 7(2) is the requirement that the financial service provider put in place adequate information management systems for measuring, monitoring, controlling and reporting any consumer protection issues.

Regulation 8 requires that appropriate financial consumer protection policies are in place and that these policies would include:

• the roles and responsibilities for consumer protection at all levels
• compliance risk management practices for consumer protection that facilitates the identification, measurements, monitoring and control of risks
• information sharing of consumer protection among functional units including complaint statistics, fraud reports and legal claims
• disclosure in respect of accountability, transparency, complaint handling process and other redress channels
• review of financial products or services to identify, monitor and control consumer protection risks
• adequate control mechanisms to safeguard consumers’ assets against incidences of fraud, misappropriation and misuse
• procedures that aim to protect consumers’ deposits and other assets against internal and external fraud or misuse regarding consumers’ accounts
• periodic audit for control systems to ascertain consumer protections adequacy and effectiveness to guard against breaches
• regular update systems to guide against possible security lapses and
• periodic internal risk assessment to identify and assess data security risks on systems and appropriate control to restrict and monitor access to the database containing the consumers’ information

It is required that a financial service provider annually reviews its consumer protection policies and submits to the Bank of Tanzania the revised policies (indicating all changes) not later than thirty days after the Board of Directors approved the new policy. Regulation 9 also requires that every financial service provider reports consumer protection matters to the Bank of Tanzania in the form and at the time prescribed by the Bank of Tanzania.