Brokers’ Responsibility in Safeguarding Borrowers’ Privacy
We all know that, in the dynamic world of mortgage broking, trust and privacy are paramount. But are we doing all that is in our power to safeguard the privacy of our clients and that trust that they put in our hands day in, day out?
Right now, you’re busy trying to close as many finance deals as you can before we tick over into 2024, and reacting quickly can have dramatic consequences.
As we brace for upcoming privacy reforms, understanding the practical implications of these looming changes is essential.
The Incoming Privacy Reforms
What privacy reforms? Good question!
The Office of the Australian Information Commissioner (OAIC) has welcomed reforms that strengthen Australia's privacy framework. The reforms aim to provide individuals with new privacy rights and enhance enforcement powers for the OAIC.
Here are some real-world scenarios of mistakes brokers can make very easily that highlight the importance of these reforms and offer practical tips on how to avoid them.
Scenario 1: Tax File Numbers (TFNs)
You’re on your phone replying to emails on the go and you forward an email from your client to a lender, with the information the lender was after in the body of the email. But the email had attachments containing your client’s TFN information.
What the Law says
The TFN Rule, issued under Section 17 of the Privacy Act, governs the collection, storage, use, disclosure, security, and disposal of individuals' TFN information. It's legally binding, and breaching it is a breach of both the Privacy Act and the Taxation Administration Act 1953.
Impact on Brokers
If a loan application contains TFNs, it can slow down the assessment process. The file may be returned to the admin team for TFN redaction, delaying approval for the client.
Utilise the redact tool available in Mercury Nexus to remove TFNs from PDF attachments to ensure smooth loan processing.
Scenario 2: Provision of Information to Third Parties
You’re juggling several loan applications at once and you’re going on leave soon, so you need to get this all tied up by the end of the week. You’re doing your best to ensure nothing gets missed so you briefly eye-scan the documents that come through for an application for missed information.
Protecting Client Sensitive Personal Information
Brokers should be cautious not to share client sensitive personal information with lenders when discussing scenarios. Without a signed privacy declaration, lenders should not receive personal identifying information.
When ordering valuations, valuers should only receive the information necessary to complete their valuations. Lenders are reporting privacy incidents to Aggregators when valuers receive documents such as client identification or other personal identifying information.
Only provide information necessary for the transaction, ensuring that lenders and valuers receive only what's essential, safeguarding client privacy.
Scenario 3: Audits of Loan Files
Credit Checks and Privacy Consent
Credit checks should be conducted after the client has signed a Privacy Consent, ensuring they are aware of the process and have given their consent.
Handling Personal Identifying Information
Brokers must provide explanations when holding personal identifying information of individuals not directly involved in the loan transaction. This includes instances where multiple individuals initially inquired about the loan but proceed with only one party.
Always obtain a Privacy Consent before conducting credit checks and ensure transparent communication regarding the handling of personal information for all involved parties.
Privacy in the mortgage broking industry is not just a legal requirement but a fundamental aspect of building trust with your clients.
As privacy reforms loom on the horizon, it's crucial for you to stay informed and adapt to these changes. Remember, privacy isn't just about compliance; it's about preserving the trust your clients place in you.
Implement these key takeaways to navigate the evolving privacy landscape successfully and continue to provide top-notch service to your clients. Stay vigilant, stay compliant, and, most importantly, stay committed to safeguarding your clients' privacy.