Rwanda Diagnostic Review of Consumer Protection and Financial Literacy Volume II: Technical Annex - Comparison with Good Practices , November 2013 Currency and Equivalent Units (As of November 2013) Currency Unit = Rwandan Franc (RWF) US$ 1 = 673.96 RWF Government Fiscal Year January 1- December 31 ACRONYMS AND ABBREVIATIONS ADR Alternative Dispute Resolution AMIR Association of Microfinance Institutions in Rwanda APR Annual Percentage Rate ASSAR Rwanda Insurers Association ATM Automated Teller Machine BNR National Bank of Rwanda CCP Competition and Consumer Protection CPFL Consumer Protection and Financial Literacy CRB Credit Reference Bureau (CRB) EIR Effective Interest Rate FSDP II Financial Sector Development Strategy for Rwanda FinCap Financial Capability Survey MFI Microfinance Institution MINECOFIN Ministry of Finance and Economic Planning POS Point of Sale RBA Rwanda Bankers Association RCA Rwanda Cooperative Agency SACCOSavings and Credit Cooperative Organization VSLAs Village Savings and Loans Associations DISCLAIMER _________________________________________________________________________________________________________________________________________________________________________ This Diagnostic Review is a product of the staff of the International Bank for Reconstruction and Development/the World Bank. The findings, interpretation and conclusions expressed herein do not necessarily reflect the views of the executive directors of the World Bank or the governments they represent ii ACKNOWLEDGMENTS A World Bank team visited Kigali, Rwanda, during July 10–19, 2013, to conduct a Diagnostic Review on Consumer Protection and Financial Literacy (CPFL). The diagnostic consisted of banking and microfinance modules and a desk review on insurance. The review was undertaken in response to a request for World Bank (WB) technical assistance in the field of financial consumer protection made by the National Bank of Rwanda (BNR) in November 2012. The team was led by Leyla Castillo (Financial Sector Specialist, FFIMS), and included Rosamund Grady (Sr. Financial Sector Specialist, FFIMS), David Grace (Consultant, Microfinance Expert), and Karen Den-Toll (Consultant, Insurance and Pensions Expert). Gunhild Berg (Financial Sector Specialist, AFTFE) provided valuable inputs and guidance to the team. Sebnem Sener (Project Officer, FFIDR) and Adetola Adenuga (Financial Analyst, FFIMS) provided inputs and support during the preparation of the present report.. The mission held meetings with representatives of relevant stakeholders, including the National Bank of Rwanda (BNR), Ministry of Finance and Economic Development (MINECOFIN), Ministry of Trade and Industry (MINICOM), Office of the Ombudsman, Rwanda Cooperative Agency (RCA) and other government entities and public agencies, market players, industry associations, consumer associations and professional bodies. The mission would like to thank the authorities for their support and collaboration. The team benefited from the overall guidance of Douglas Pearce (Practice Manager, FFIDR). Peer review comments were received from Angela Prigozhina (Country Sector Coordinator, ECSPF), Craig Thorburn (Lead Insurance Specialist, FCMNB) and Yoko Doi (Sr. Financial Sector Specialist, AFTFE). The team would like to express its appreciation to the Rwandan authorities for their cooperation and collaboration during the preparation of the review. The project team would also like to thank all those who so generously contributed to the final report. The review was prepared as part of the SECO funded Consumer Protection and Financial Literacy program of the World Bank, and received complementary funding from the World Bank Africa Region Vice Presidency. The review of the banking and microfinance sectors was based on information and data collected during the mission and publicly available data. The review of the insurance sector was conducted through a desk review using data provided by BNR through data requests and questionnaires, and the analysis is therefore constrained by it. ii Rwanda: Diagnostic Review of Consumer Protection and Financial Literacy Volume II: Technical Annex – Comparison with Good Practices Contents Page Preface ......................................................................................................................................... v I. Banking Sector: Comparison with Good Practices ................................................. 1 Section A: Consumer Protection Institutions ........................................................................ 1 Section B. Disclosure and Sales Practices ............................................................................. 15 Section C. Customer Account Handling and Maintenance ................................................ 29 Section D. Privacy and Data Protection ................................................................................ 50 Section E Dispute Resolution Mechanisms .......................................................................... 58 Section F. Guarantee Schemes and Insolvency ................................................................... 65 Section G. Consumer Empowerment .................................................................................... 68 Section H. Competition and Consumer Protection ............................................................. 74 II. MICROFINANCE SECTOR: COMPARISON WITH GOOD PRACTICES .................................. 76 Section A. Consumer Protection Institutions....................................................................... 76 Section B. Disclosure and Sales Practices ............................................................................. 81 Section C. Customer Account Handling and Maintenance ................................................ 88 Section D. Privacy and Data Protection ................................................................................ 93 Section E. Dispute Resolution Mechanism .......................................................................... 96 Section F Consumer Empowerment ...................................................................................... 98 III. INSURANCE: COMPARISON WITH GOOD PRACTICES..................................................... 102 Section A. Consumer Protection Institutions..................................................................... 105 Section B. Disclosure & Sales Practices .............................................................................. 113 Section C. Customer Account Handling and Maintenance .............................................. 122 Section D. Privacy & data protection ................................................................................... 123 Section E. Dispute Resolution Mechanisms ....................................................................... 124 Section F. Guarantee Schemes and Insolvency ................................................................. 126 Section G. Consumer Empowerment .................................................................................. 127 ANNEX I: FINANCIAL SECTOR OVERVIEW .............................................................................129 ANNEX II: LEGAL FRAMEWORK BANKING, MICROFINANCE AND INSURANCE SECTORS ......132 ANNEX III: INSTITUTIONAL ARRANGEMENTS .......................................................................135 iii Tables Table 1. Financial Soundness Indicators for the Insurance Sector .......................................... 103 Table 2. Total Bank Assets ........................................................................................................ 129 Table 3. Bank Market Concentration........................................................................................ 129 Table 4. Selected Indicators for the Microfinance Sector ......................................................... 130 iv Preface The CPFL Review is part of the World Bank Program on Consumer Protection and Financial Literacy, which seeks to identify key measures for strengthening financial consumer protection to help build consumer trust in the financial sector and expand the confidence of households to wisely use financial services. CPFL Reviews against Good Practices have been conducted by the World Bank in both middle- and low- income countries. These include Armenia, Azerbaijan, Bosnia and Herzegovina, Bulgaria, Croatia, the Czech Republic, Kazakhstan, Kosovo, Latvia, Lithuania, Malawi, Mongolia, Mozambique, Nicaragua, Pakistan, Romania, the Russian Federation, South Africa, Slovakia, Tajikistan, Tanzania, Ukraine and Zambia. The main objective of the review is to assess the legal, regulatory and institutional frameworks for financial consumer protection in a country, with reference to international practices. The review addresses the following issues: (1) legal, regulatory and institutional frameworks, (2) transparency and disclosure of information, (3) retail business practices of financial institutions, (4) complaints and dispute resolution mechanisms, and (5) consumer awareness and education regarding the use of financial services and consumers’ rights and responsibilities and provide prioritized recommendations in these areas. The review is based on compliance with the principles set forth in Good Practices for Financial Consumer Protection1 developed by the World Bank using international benchmarks, such as the principles released by the Basel Committee, IOSCO and IAIS and the OECD recommendations for financial education and awareness on pensions, insurance and credit products. Good Practices incorporates provisions of directives, laws, regulations and codes of business practices from the European Union, United States, Australia, Canada, France, Ireland, Malaysia, Mexico, New Zealand, Peru and South Africa. The CPFL Review includes a detailed assessment of each relevant financial segment compared to the Good Practices (Volume II), and a report summarizing the key findings for the assessment and prioritized recommendations (Volume I). 1 http://responsiblefinance.worldbank.org/~/media/GIAWB/FL/Documents/Misc/Good-practices-for-financial-consumer-protection.pdf v I. Banking Sector: Comparison with Good Practices Section A: Consumer Protection Institutions Good Practice A.1. Consumer Protection Regime Good Practice The law should provide clear consumer protection rules regarding banking products and services, and all institutional arrangements should be in place to ensure the thorough, objective, timely and fair implementation and enforcement of all such rules. a. Specific statutory provisions should create an effective regime for the protection of consumers of any banking products or services. b. A general consumer agency, a financial supervisory agency or a specialized financial consumer agency should be responsible for implementing, overseeing and enforcing consumer protection regarding banking products and services and for collecting and analyzing data (including inquiries, complaints and disputes). c. The designated agency should be funded adequately to enable it to carry out its mandates efficiently and effectively. d. The work of the designated agency should be carried out with transparency, accountability and integrity. e. There should be co-ordination and co-operation between the various institutions mandated to implement, oversee and enforce consumer protection and financial system regulation and supervision. f. The law should also provide for, or at least not prohibit, a role for the private sector, including voluntary consumer organizations and self-regulatory organizations, when it comes to consumer protection regarding banking products and services. Description The overall institutional framework for financial consumer protection in Rwanda is somewhat confusing because BNR’s responsibilities overlap with those of the Ministry of Trade and Industry under the Competition and Consumer Protection Law 2012 (CCP Law) and the proposed new Competition and Consumer Protection Regulatory Body. There is no coordination between these bodies. Furthermore, BNR does not specifically allocate resources to the supervision of the limited consumer protection laws that apply and there is, accordingly, no separation of supervision of prudential and consumer protection laws. It is also not clear that the BNR has specialized expertise on consumer protection matters. Finally, there is no obvious role for the private sector. 1 Paragraph (a) There are consumer protection provisions that apply to the banking sector in Rwanda, but they do not provide a comprehensive consumer protection regime (for example, there are no requirements for disclosures in contracts for bank services or for a comprehensive, third-party dispute-resolution schemes), and there are institutional overlaps (for example, there is an overlap between the BNR and the new Competition and Consumer Protection Regulator). In summary, the principal laws, regulations and guidelines relevant to consumer protection in the banking sector are as follows2: (1) Banking Law, 2008: The act sets out conditions for licensing of banks, prudential rules applicable to banks, disciplinary action against banks and disciplinary measures against banks. It further provides for BNR’s supervisory powers and the establishment of a Deposit Guarantee Fund (however the relevant law has not been passed). The act does not, however, provide specific consumer protection measures for the protection of bank customers. (2) Disclosure of Interest Charges and Fees Regulation, 2011: This regulation requires banks to publish minimum and maximum rates in newspapers, on the web and in a booklet available to customers and to always display this information “outstandingly at the entrance of their premises and any other place of business.” Such publications are always required to be done in the three official languages.3 Notices of changes are also required to be given in 15 days to the BNR and the public.4 This regulation also makes clear that interest rates and fees and charges may be freely set.5 While the above provisions are worthwhile, the team observed various breaches of the regulation in bank branches and notes that the regulation does not make any provision for disclosures of interest charges and fees in a contract for bank services. Frequent complaints were also made to the mission team about the opaqueness of these matters. (3) Customer Service Delivery Directive, 2012: This Directive applies to “financial institutions”. However, this term is not defined in the directive and the definition in the Banking Act does not include banks.6 However, discussions with BNR suggest that the intent is that the directive should also apply to banks. Financial institutions are required to implement Guiding Principles and Benchmarks set out in an Appendix to the Directive. The appendix requires policies and procedures and sets benchmarks for customer service delivery, complaint handling in institutions, dispute resolution external to the institution and measuring and monitoring customer satisfaction. There is also guidance for the working environment and the security of institutional premises7. (4) CCP Law: The law applies to suppliers of goods and services and to “consumers” (defined as “a person who acquires a commodity or a service for personal or a family use for non-commercial purposes”)8. The CCP Act’s provisions are expressed in sufficiently general terms to apply to products and services provided by the financial sector (including the banking sector). While the bulk of the consumer protection provisions seem to be designed to protect consumers who purchase goods, there are a number of provisions that would be applicable to consumers of financial services. The main provisions in this category include articles relating to the following (in summary): 2 Furthermore details can be found throughout this report on the specific Good Practices’ section. 2  The obligation to inform a consumer before a sale contract is signed of the characteristics of the relevant services (or goods) and the conditions of the contract9;  Provisions in a contract that prejudice a consumer. Prejudice is defined as “whenever there is no tangible fairness in the agreements between the rights and obligations of parties to the contract,” and numerous examples are provided of terms which come within that Description10;  Acts by a seller that may prejudice the interests of a consumer and the provision of information that may be considered deceiving or misleading11;  Comparative advertising12; and  Guarantees13. Consumers do not have clear rights following a breach of the CCP Law. Article 50 also makes clear that a consumer may take action for damages in a civil court to recover losses incurred because of a breach of the law. A registered consumer protection association may also take action on behalf of a person seeking damages. However, no guidance is provided to a court as to the orders they might make in relation to the relevant contracts (other than awarding damages), and the CCP Law does not state the effect of provisions of the “prejudicial terms” referred to in Article 34. For example, it might provide that the relevant terms are void, i.e., that they cannot be relied on by the seller of the services (such as a financial institution). Furthermore, the CCP Law does not provide any sort of complaint resolution mechanism for consumers. (5) Credit Information Law 2010: This law applies to credit bureaus and their subscribers and data providers. It provides BNR with supervisory and regulatory authority with respect to the credit information system and contains detailed provisions with respect to licensing, the permissible activities of credit bureaus, the rights and obligations of mandatory and voluntary participants, consumers’ rights of access and correction and confidentiality of customer information.14 (6) Electronic Funds Transfer and Electronic Money Law 2010 : This law deals with legal recognition of electronic documents and signatures, the liability of network operators and certification authorities, digital signatures and electronic contracts and acceptance of electronic filing. (7) Electronic Funds Transfer and Electronic Money Regulation 2010: This regulation is designed to protect users of electronic payments systems.15 It contains rules concerning the processing of funds transfers, the irrevocability of payment orders and erroneous or unauthorized transactions, liability in cases of system or equipment malfunction, customer obligations pertaining to security devices and obligations in relation to standard terms and conditions. (8) Negotiable Instruments Law 2009: This law applies to checks and other negotiable instruments and contains detailed provisions applicable to checks including in relation to the issue and 3 Article 3. 4 Article 4. 5 Article 5. 6 Article 1. 7 The issues associated with compliance with the Customer Service Directive are discussed in detail in the context of Good Practice E.1 and E.2. 8 Article 2. 9 Article 33. 10 Article 34. 11 Article 37. 12 Article 39. 13 Article 44. 14 See especially Chapter IV “Credit Bureau” (Articles 10 – 15); Chapter VIII “Confidentiality” (Article 27) and Chapter IX “Customers Rights” (Articles 28 – 31). 15 Article 1. 3 dishonor of checks and liability on these instruments. (9) Law of Mortgages 2009: This law applies to the registration of mortgages over land and covers mortgages of matrimonial property, rights and obligations of mortgagors, changes to variable interest rates, defaults and the seizure and sale of mortgaged land.16 (10) Law on Security Interests in Movable Property 2009: This law governs security interests in movable property and covers principles relating to enforcement of security interests, kinds of movables subject to security interests, priorities and enforcement of security interests.17 Paragraph (b) There are multiple agencies with responsibilities for different aspects of financial consumer protection and the data referred to in this Good Practices is not maintained. The two main agencies with responsibility for consumer protection matters relevant to the finance sector are the BNR under the Central Bank Law and the Minister of Trade and Industry under the CCP Law (to be replaced by the Competition and Consumer Protection Regulator). Furthermore, the Office of the Ombudsman and the Registrar General of Mortgages have responsibility for certain issues that come within the sphere of “consumer protection”. The BNR’s responsibility comes indirectly from its functions in relation to stability and competitiveness in the finance sector and its obligation to support the government’s economic policies. The relevant aspects of BNR’s mission are stated as follows in the Central Bank Law (emphasis added): “The main missions of the Bank shall be: 2° to enhance and maintain a stable and competitive financial system without any exclusion; 3° to support Government’s general economic policies, without prejudice to the two missions referred to in Paragraphs 1° and 2° above.”18 Although the BNR does not have a clear mandate in relation to consumer protection, it is considered that the above functions are sufficient to support BNR’s supervision of the limited consumer protection laws to come within its mandate. Relevant laws, regulations and directives include the consumer protection aspects of the:  Deposit Guarantee Fund being established under the Banking Law;  Disclosure of Interest Charges and Fees Regulation, 2011;  Customer Service Delivery Directive, 2012;  Credit Information Law, 2010; and  Electronic Funds Transfer and Electronic Money Regulation, 2010. However, it is not clear that the BNR has sufficient resources or expertise to supervise consumer protection laws. A particular concern is that BNR does not specifically allocate resources to supervision of the limited consumer protection laws that apply. There is accordingly no separation of supervision of prudential and consumer protection law. Additionally, it is not clear that the BNR has specialized expertise on consumer protection matters. In contrast, the CCP Law specifically states that it has the purpose of “…encouraging competition in the economy by prohibiting practices that undermine the normal and fair course of competition practices in commercial matters. It also aims at ensuring consumer’s interests promotion and protection.”19 16 See in particular Article 3: Right to mortgage; Article 5: Matrimonial home; Article 10: Variation of an interest rate; Article 11: Right of a mortgagor (to restitution); Article 12: Transfer of mortgage; Article 13: Obligations of mortgagor; Article 14: Remedies of mortgagee in the case of default; and Article 15: Notices before any decision on a mortgaged property. 17 See in particular Articles 15–20 in Chapter V Enforcement of Security Interests. 18 Article 5. 19 Article 1. 4 The CCP Law contains consumer protection provisions that apply to all types of “services,” including financial services, and is currently administered through the Ministry of Trade and Industry. However, it is understood that there is a draft bill that will introduce a new CCP regulator, as provided for under Article 5 of the CCP Law. Leaving aside the issue of overlapping jurisdiction, there is a concern that the new CCP regulator will not have the resources and skills to deal with the complexities of the financial services and products apparently covered by the CCP Law. Another institution relevant in this context is the Office of the Ombudsman, which has certain powers in relation to the dispute resolution in relation to matters of injustice concerning the private sector (which could arguably include the banking sector). The functions of the Office of the Ombudsman do not specifically relate to financial services but relevantly include dealing with “injustice” in private institutions and complaints from individuals about private institutions. Article 3 provides in this context: The responsibilities of the Office of the Ombudsman are as follows: 1. to act as a link between the citizen and public and private institutions; 2. to prevent and fight against injustice, corruption and other related offences in public and private administration; 3. to receive and examine, in the context mentioned above, complaints from individuals and independent associations relating to acts of civil servants, state organs, and private institutions and to mobilize such civil servants and institutions in order to find solutions to such complaints if it finds they are well founded. A recent law has recently been approved in Parliament defining the administrative structure of the Ombudsman. However, the law is silent on the role of the ombudsman with regard to financial consumer protection issues. There have been discussions to establish a new assistant Ombudsman in the Office of the Ombudsman who would have responsibility for a new 5-officer unit to mediate disputes relating to all types of financial services. The initiative was originally proposed by BNR who has been conducting training sessions for relevant Ombudsman officers. With the enactment of the new law, the institutional framework for financial consumer protection remains unclear and needs to be clarified. Finally, it is to be noted that the Registrar General of Mortgages supervises compliance with the Mortgages Law and the Movable Securities Law. As mentioned in the context of paragraph 2, these laws contain certain consumer protection provisions, the most relevant being those relating to debtors’ rights on a default and the seizure and sale of property. Paragraph (c) Given the limited scope of the resources that currently exist to supervise the enforcement of laws related to consumer protection, it would seem that there are not currently sufficient funds for this purpose, or indeed for new laws. Paragraph (d) Although the different regulators appear to act with integrity and make public the results of their work in different ways, there is no apparent focus on the aspects of their work that relate to financial consumer protection. For instance:  Although BNR publishes annual reports, there is no evidence of a particular focus on assessing compliance with the limited consumer protection provisions that do exist. These reports present the bank’s governance framework and highlight the context of global and national economic environment in which the bank delivers its mandate. There is also a Description of the 5 main objectives achieved and the financial statements of the reported period. Statistical information related to the four macroeconomic sectors are also included to the annual reports.20 Importantly, the annual report includes information on the banking sector issues such as performance of the sector, access to finance (e.g., SME financing and gender issues), the new credit bureau and relevant regulatory changes. However, not all annual reports are published on the BNR website (at the time of writing the BNR had only published the 2012, 2008 and 2003 reports) and there is no evidence of a particular focus on assessing compliance with the limited consumer protection provisions that do exist, and only four on-site visits were reported as conducted in the 2012 Annual Report (as compared to a target of 10).21 Additionally, there is no evidence of other compliance activities that might be conducted in respect to consumer protection legislation such as mystery shopping, the establishment of a call center for consumers, surveys or focus groups.  Although the Ministry of Trade and Investment Annual Report highlights activities relating to its competition and consumer protection function, there appears to be limited activity related to the financial sector. For example, the only relevant reference in the 2012 Annual Report is to two investigations of anti-competitive practices in the banking and insurance sectors.22  The team did not find any report from the Office of the Registrar General relating to consumer issues concerning mortgages of land and movable property.23  Subject to very rare exceptions, the Office of the Ombudsman does not at present deal with financial services disputes; so there is nothing of significance to report in this context. Paragraph (e) There are no formal arrangements for coordination and cooperation between the relevant regulators in relation to consumer protection matters. Relevant regulators for the purposes of this Good Practice include the following:  BNR;  Ministry of Trade and Industry and the proposed Competition and Consumer Protection Regulator;  Office of the Ombudsman;  Registrar of Mortgages. Paragraph (f) With one exception, there are no express provisions for or prohibition on the private sector having a role in consumer protection matters. The exception is that the CCP Law expressly provides that a registered consumer protection association may bring an action for damages under the CCP Law consumer protection provisions on behalf of a consumer or an aggrieved person.24 Overview of Consumer Protection Regime Although there has been an impressive array of financial sector laws passed by the Parliament of Rwanda over the last five years, the laws relevant to consumer protection in the financial sector are very limited and in some cases are overlapping. Examples include: 20 http://www.bnr.rw/index.php?id=310. 21 Page 10. 22 Section 2.3 of Annual Report at http://www.minicom.gov.rw/IMG/pdf/MINICOM_Annual_Report_2011-2012_final_V190612.pdf. 23 http://org.rdb.rw/. 24 Article 50. 6  There are no requirements for disclosures in contracts for bank services. For example, there is no requirement that contracts include a listing of all applicable interest rates and fees and charges and all other terms and no requirement that consumers be given a copy of their contract with sufficient time to read it before they sign it. There is also no requirement that consumers be given a summary of the key features of their contracts or periodic statements of account.  There are no controls over fees that might limit competition or financial inclusion or otherwise be unfair. For example, a consumer’s ability to switch banks is likely to be hampered by the widespread practice of charging a prepayment fee of 5 percent of the unpaid balance if a customer wants to pay out a loan contract early and of charging fees of between 5,000 and 10,000 RWF to close a savings or a current account.  There is no requirement for a total cost of credit interest rate to be provided to consumers so that they can easily compare products. Such a rate includes the nominal interest rate and all mandatory fees and charges and can be a very useful tool to enhance comparability of fixed-rate loan products.  The Office of the Ombudsman does not have clear power to make decisions on customer disputes that bind the financial institution concerned. This is a concern because of the proposal that a new Assistant Ombudsman be appointed to provide a third-party dispute resolution service for the entire retail financial sector.  There are no controls over debt collection practices in Rwanda and no requirement for debt collectors to be licensed. This gap is relevant because Collections Africa has recently started operating in Rwanda.  Consumers do not have to be warned of the consequences of giving mortgages or security over movable property. The concern here is that the new laws on mortgages and movable property allow a defaulting debtor’s secured property to be sold within 60 days of the default notice for mortgages over land (such as the matrimonial home) or 30 days for a security over movable property (such as a car or livestock).  There is not a clear personal bankruptcy law in Rwanda that could be relied on to protect debtors who are in no position to pay their debts. There is an Insolvency Law, but the mission team was told there is some doubt as to whether it applies to consumers whose debts are for personal purposes.  There are no comprehensive data protection laws in Rwanda, such as exist in many other countries. Kenya is an example of a country that is introducing such laws. A failure to have such laws may inhibit Rwanda’s ability to engage in trans-border data flows and is of a concern given banking transactions are increasingly electronic.  There are overlapping provisions in the CCP Law and in the legislation supervised by BNR. For example, there are BNR regulations concerning the disclosure of interest rates and fees and charges and the CCP Law also requires information to be given to consumers, which would include bank customers. These gaps and overlaps are a particular concern for Rwanda given the ambitious financial inclusion targets outlined in FSDP II and the Maya Declaration, and the rapid development of new banking services and distribution channels (such as agent banking, mobile money transfer services and mobile banking). These developments suggest the need for enhanced consumer protection measures and a comprehensive legal and regulatory regime. 7 Recommendation (See Good Practice B for details) Consideration should be given to providing that the Competition and Consumer Protection Law 2012 does not apply to financial services, to make it clear that BNR has primary responsibility for supervision of laws and regulations applicable to consumer protection in the finance sector. The objective is to have an authoritative financial services consumer protection regulator for all financial sectors. This would achieve consistency of interpretation, minimize the risk of gaps in regulatory coverage and avoid any real or perceived conflict of interest for the supervisor. Another option would be to establish a market conduct regulator for the financial sector but that may not be considered practicable in the Rwandan context. Consideration should also be given to enacting provisions that provide a comprehensive regime for transparency and fairness in consumer contracts and related business practices. This might be done in a separate Financial Services Law or in regulations made under sector-specific existing laws (such as the Banking Law). Such a law could include provisions dealing with contractual disclosures, anti- competitive fees, warnings about the effect of mortgages, unfair terms and disclosure of a total cost of credit interest rates. If these recommendations are accepted, BNR would need to be appropriately resourced to supervise any new consumer protection regulatory regime and encouraged to collect, analyze and make public relevant compliance data to publicize its related regulatory activities and to take a broad approach to different surveillance activities. For example, surveillance may occur through on-site visits, mystery shopping, reviews of advertising materials, surveys and focus groups and establishment of a call center for consumers to call about alleged breaches of the law by banks. However, there is no suggestion here that the BNR should settle customer disputes. Such matters should be referred to the bank concerned or the Office of the Ombudsman, depending on the nature of the compliant. BNR may also want to consider the establishment of a Consumer Advisory Panel to advise it on the complex issues relevant to the financial sector. A transitional period of at least 12 months should be provided before the new regime comes into effect. This is because it will require new forms of contract and significant changes to systems, processes and training programs, with all the attendant costs. There should also be time for a public awareness campaign to fully inform consumers about the changes. Furthermore, it is recommended that consideration be given to clarifying the powers of the Office of the Ombudsman in respect to financial services. In particular, it is proposed that the Ombudsman have clear power to make binding decisions on financial services disputes.25 Related to this, the Office of Ombudsman needs to build capacity and staff dealing with financial sector issues should receive adequate training. Over time, consideration may be given to the enactment of new legislation regulating debt collectors, implementing best practices on data protection and providing clear personal bankruptcy laws.26 If the above recommendations are accepted then there would be a need for consequential changes to the CCP Law and certain BNR legislation. In particular, the CCP Act would need to be amended so that it is clear relevant consumer protection provisions do not apply to financial services. Relevant aspects of the Disclosure of Interest and Fees and Charges Regulation 2011 and the Customer Service Delivery Directive, 2012 need to be repealed. 25 See Good Practice E.2 for details. 26 See Good Practice C.8 for details. 8 Good Practice A.2. Code of Conduct for Banks Good Practice There should be a principles-based code of conduct for banks that is devised by all banks or the banking association in consultation with the financial supervisory agency and consumer associations, if possible. Monitored by a statutory agency or an effective self-regulatory agency, this code should be formally adhered to by all sector-specific institutions. a. If a principles-based code of conduct exists, it should be publicized and disseminated to the general public. b. The principles-based code should be augmented by voluntary codes of conduct for banks on such matters as facilitating the easy switching of consumers’ current accounts and establishing a common terminology in the banking industry for the Description of banks’ charges, services and products. c. Every such voluntary code should likewise be publicized and disseminated. Description Rwanda does not have a code of conduct governing the relationship between banks and their customers. There are no plans now to develop such a code. The Bankers’ Association (RBA) is however in the process of developing a code that will govern the relationship between the RBA and its members. This position in relation to banks is in contrast to the advice received from the Rwanda Insurers Association (ASAR) that they are planning to develop an Insurance Code of Practice that will apply to insurers and their customers. Banking associations in numerous economies (including developing economies) have developed a code of conduct for banks that is focused on the relationship between individual and small business customers and their banks. Examples include:  South Africa: Code of Banking Practice27;  Zambia: Code of Banking Practice28;  Kenya: The Consumer Guide to Banking in Kenya: Code of Ethics and Banking Practice29;  Australia: Code of Banking Practice30; and  United Kingdom: Code of Banking Practice31 Recommendation Consideration should be given to encouraging the RBA to develop a customer focused CBP to improve industry standards in relation to issues such as customer-focused concerns and that binds the banks under the terms of their customer contracts. Relevant issues covered by such a code could include transparency as to terms and conditions, making it easier to switch banks and dispute resolution. It is further recommended that such a code be developed in consultation with the BNR, which should require that there be included in the code provisions for annual reports as to compliance with the code and a monitoring mechanism. Monitoring could be by the BNR or by a new committee with representatives on it from consumer associations, industry and possibly government or regulators. 27 http://www.banking.org.za/index.php/consumer-centre/code-of-banking-practice. 28 http://www.boz.zm/%28S%28zzgu4f455nkddy450cqtiknt%29%29/GeneralContent.aspx?site=24. 29 http://www.kba.co.ke/images/stories/KBA%20Consumer%20Guide%20to%20Banking%20in%20Kenya.pdf 30 http://www.bankers.asn.au/Industry-Standards/ABAs-Code-of-Banking-Practice 31 http://www.bankingcode.org.uk/pdfdocs/BANKING%20CODE.pdf 9 Good Practice A.3. Appropriate Allocation between Prudential Supervision and Consumer Protection Good Practice Whether prudential supervision of banks and consumer protection regarding banking products and services are the responsibility of one organization or two institutions, the allocation of resources to these functions should be adequate to enable their effective implementation. Description The banking sector is primarily regulated by the National Bank of Rwanda (BNR) when it comes to consumer protection issues. However, BNR does not specifically allocate resources to supervision of the limited consumer protection laws that apply. There is accordingly no separation of supervision of prudential and consumer protection laws and it is not clear that the BNR has specialist expertise on consumer protection matters. Placing consumer protection in the same department as prudential supervision creates potential conflicts with the traditional and long-standing prudential supervisory roles tending to dominate the allocation of resources and priorities. A further consideration is the different skills and expertise and approaches to enforcement needed for the two functions. A further consideration supporting the need for separation of consumer protection and prudential functions is the different approaches taken to enforcement. For example, surveillance of consumer protection laws may occur through mystery shopping, reviews of advertising materials, surveys and focus groups and the establishment of a call center for consumers to call about alleged breaches of the law by banks. These approaches would be in addition to the traditional off-site and on-site inspections that also take place to assess compliance with prudential requirements. However, there is no suggestion here that the BNR should settle customer disputes. Such matters should be referred to the bank concerned or the Office of the Ombudsman, depending on the nature of the compliant. Recommendation Regulation and supervision of financial consumer protection laws should be properly resourced and separated from the prudential function to avoid conflicts between supervising financial institutions and their customers. A practicable way to achieve this would be to have a new unit responsible for consumer protection with a separate reporting line directly to the vice governor. Another option would be to have a completely separate Financial Services Market Conduct Regulator but that is not likely to be practical in the present context. 10 Good Practice A.4. Other Institutional Arrangements Good Practice The judicial system should ensure that the ultimate resolution of any dispute regarding a consumer protection matter in respect of a banking product or service is affordable, timely and professionally delivered. a. The judicial system should ensure that the ultimate resolution of any dispute regarding a consumer protection matter in respect of a banking product or service is affordable, timely and professionally delivered. b. The media and consumer associations should play an active role in promoting banking consumer protection. Description The judicial system is not likely to be a realistic resource for consumers of financial services, and the media and the one consumer association play only limited roles in promoting consumer protection in financial services. Paragraph (a) The evidence that the judicial system is not a realistic resource for consumers of financial services is plenty and varied. It includes the lack of a low cost, speedy small claims court, financial literacy gaps, the costs and complex processes involved in bringing claims to the Rwanda Commercial Court and the lack of awareness of consumer issues within the legal profession. The lack of training within the legal profession means, for example, that issues such as prejudicial provisions in contracts32 or a lack of agreement about the fees that may be charged are not raised in court proceedings. Paragraph (b) The media does not appear to have sufficient understanding of financial sector consumer issues to make them an issue. There are, however, occasional media stories on relevant issues: http://www.newtimes.co.rw/news/index.php?i=15324&a=65851. The BNR is encouraging reporting on issues relevant to the supervision and regulation of banks and other financial institutions. This is apparent from the recently announced awards for excellence in reporting on the economy, which includes financial institution issues.33 The Association for the Defense of Consumer Rights Rwanda (ADECOR), which appears to be the main consumer association in Kigali, has specific micro finance and micro insurance issues as essential elements of its strategic focus but has limited resources to implement its strategy. This is notwithstanding the start-up financial support provided by the Ministry of Trade and Investment34. ADECOR advised the mission team they have only two permanent and four volunteer staff and were constantly seeking to raise funds. It is also not clear that they have deep expertise in the financial sector. 32 Article 34 of the Competition and Consumer Protection Law. 33 http://allafrica.com/stories/201306120075.html. 34 The 2011–2012 Annual Report of the Ministry of Trade and Investment stated in relation to the two consumer rights organisations in Rwanda that they are “supported financially to advocate for the rights of consumers and to be effective consumer rights watchdogs . Their secretariats are both operational” (pages 14 and 15). 11 Notwithstanding these limitations, ADECOR has included in its 2012–2017 strategic plan the following focus on transparency, competition and contractual issues in the micro-finance and insurance sectors. The plan provides the following: “5.2.1.b. Microfinance and Insurance sector As Rwanda promotes cooperatives and use of micro-finance institutions such as SACCO (saving and credit cooperatives) at sector level across the whole country to curb poverty, financial and insurance sector will have huge impact on the lives of many consumers as they seek financial and insurance support for their poverty reduction initiatives. The recommended focus for ADECOR is in the following areas: • Transparency in formulation and management of contracts thus involving and not imposing/manipulating free competition in loans interest setting—discourage CARTEL system within microfinance and insurance sectors • Loan and credit contractual issues”. The other consumer association reported by the Ministry of Trade and Investment as existing in Rwanda is the Consumer Human Rights Organization of Rwanda (CHROR). The mission team was not able to meet this organization. The ADECOR 2012–2017 strategic plan describes ADECOR as “the first and only legally accepted consumers’ rights organization in Rwanda” (para. 2.2). Recommendation Given the issues involved with access to judicial relief for individual consumers of financial services, there is support for the proposal to establish an independent external dispute resolution scheme. Furthermore, details of this proposal are in the response to Good Practice E.2. Consideration could also be given to providing independent financial support for the work of ADECOR to the extent that it is relevant to the consumer protection issues identified in this report (for example in relation to transparency and clarity of contract issues). 12 Good Practice A.5. Licensing Good Practice All banking institutions that provide financial services to consumers should be subject to a licensing and regulatory regime to ensure their financial safety and soundness and effective delivery of financial services. Description All banks in Rwanda are required to be licensed and to meet strong prudential standards apparently designed to meet their safety and soundness. The licensing requirements arise under article 4 of the Banking Law which provides that: No person or entity may engage in banking activity within the territory of the Republic of Rwanda without being licensed by the Central Bank. No person or entity may, without being licensed as a bank, claim the status of bank or banker or use in any language, in its corporate name, trade name, signage or advertising the terms “bank,” “banker,” or any other term evoking any banking operation. The Banking Law further makes provision for wide ranging prudential requirements, including in relation to the following:  Minimum capital35;  Shareholders36;  Corporate governance37;  Risk management, oversight and financial analysis 38;  Large exposures39;  Transactions with related parties40; and  Accounts and audits. Furthermore, provisions in relation to the safety and soundness of banks are contained in various regulations on specific issues. They include the following:  Regulation on Licensing Conditions of Banks 2008: These regulations contain detailed requirements relating to matters such as the minimum paid-up cash capital requirement for an applicant (5 billion RWF for a commercial bank)41, the detailed information required of an applicant for a license and the licensing process42, a requirement to pay license fees43 and to display a bank license44;  Regulation on Capital Adequacy Requirements (CAR) 2009 requires a bank to maintain unimpaired capital of 5 billion RWF45 and maintain a total capital of 15 percent of its total weighted assets of which 10 percent is core capital46; BNR is also provided with wide ranging powers to take action in relation to banks that are considered to be undercapitalized47; 35 Articles 12-17. 36 Articles 18-26. 37 Articles 27-34. 38 Articles 35. 39 Article 36. 40 Articles 37-41. 41 Article 2. 42 Articles 6-12. 43 Article 13. 44 Article 14. 45 Article 3. 46 Article 4. 13  Regulation on Corporate Governance of Banks 2008 applies to the duties, responsibilities and code of conduct for shareholders, directors, chief executive officers and management of a bank;  Regulation on Credit Classification and Provisioning 2011 deals with, amongst other things, the responsibilities of the Board of Directors for establishing a credit policy and an assetreview system48, when a credit facility will be considered to be non-performing49, the obligation to report to BNR quarterly on non-performing loans50, required credit classification criteria51, provisioning and write-off requirements52 taking into account collateral in provisioning53. There are wide ranging provisions in the 2008 Banking Law in relation to the consequences of breaching the Law and its related regulations (but not guidelines or directives). Article 65 states in this regard: “In case a bank violates or fails to comply with provisions of this Law or implementing regulations thereto, it shall be liable, depending upon the seriousness of the violations, to the following disciplinary measures: 1° written warning; 2° written reprimand; 3° suspension of all assistance from the Central Bank; 4° prohibition from conducting certain operations, or other limitations on the exercise of banking; 5° withdrawal of the designation of accredited intermediary; 6° withdrawal of accreditation.” Article 65 is supported by much more detailed provisions that follow. BNR has other far-reaching disciplinary powers. For example, the BNR may also seek disciplinary action against managers54, determine pecuniary sanctions against a bank55, require a bank to comply with instructions to safeguard the interests of depositors and other creditors56, require a bank to prepare a recovery plan57, appoint a special commissioner to a bank (in the nature of a temporary administrator)58 and even force the liquidation of a bank59. Recommendation There is no recommendation for change for the purposes of this Good Practice. 47 Articles 13-17. 48 Article 3. 49 Article 4. 50 Article 5. 51 Articles 7-12. 52 Articles 14-17. 53 Articles 22 and 23. 54 Article 68. 55 Article 69 and see also Regulation on Pecuniary Sanctions applicable to banks 2011. 56 Article 71. 57 Article 72. 58 Article 73. 59 Article 95. 14 Section B. Disclosure and Sales Practices Good Practice B.1. Information on Customers Good Practice a. When making a recommendation to a consumer, a bank should gather, file and record sufficient information from the consumer to enable the bank to render an appropriate product or service to that consumer. b. The extent of information the bank gathers regarding a consumer should: (i) be commensurate with the nature and complexity of the product or service either being proposed to or sought by the consumer; and (ii) enable the bank to provide a professional service to the consumer in accordance with that consumer’s capacity. Description There are no explicit requirements relating to the keeping of customer records concerning recommendations. Paragraph (a) Although customer records are likely to be kept in practice, there are no record-keeping obligations of the type contemplated in the legislation we have reviewed. There is, however, a requirement for the board of a bank to have a policy for the “maintenance of appropriate credit and documentation files.” Article 3(a) of the Regulation on Credit Classification and Provisioning 2011 requires the board of a bank to prescribe “a credit policy specifying the criteria and procedures in the evaluation, processing, approval, documentation, and disbursement of credits. Such policy should include the procedures for loan administration and recovery, the recording of transactions and maintenance of appropriate credit and document files…”. (emphasis added) Although the abovementioned provisions contain helpful inferences as to the type of information that should be collected and recorded by a bank, it would be preferable if the requirements were made explicit. Paragraph (b) There are no requirements of the type contemplated in this Good Practice. Recommendation Consideration should be given to requiring banks to keep written records of the type described above on the recommendations and advice that they provide to customers, who should be given a right of access to such records. This recommendation is in addition to the recommendation made in relation to Good Practice C.3. 15 Good Practice B.2. Affordability Good Practice a. When a bank makes a recommendation regarding a product or service to a consumer, the product or service it offers to that consumer should be in line with the need of the consumer. b. The consumer should be given a range of options to choose from to meet his or her requirements. c. Sufficient information on the product or service should be provided to the consumer to enable him or her to select the most suitable and affordable product or service. d. When offering a new credit product or service significantly increasing the amount of debt assumed by the consumer, the consumer’s creditworthiness should be properly assessed. Description There are no explicit requirements relating to assessments of product suitability or the disclosure of information needed to assess affordability, other than limited requirements relating to the publication of interest rates and fees. Paragraph (a) The CCP Law requires consumers to be given information that reflects the needs expressed by the consumer (or which are reasonably foreseeable). This in turn infers that a bank should ascertain the needs of its customers and the likely use of the services provided by the bank (for example, the likely use of loan proceeds). Article 33 of the CCP Law provides in this regard the following: “No later than the time of the conclusion of a sale contract, the seller must provide the consumer with correct and necessary information on the characteristics of the product or service and conditions of contract considering the need for information expressed by the consumer and given the reported use by the consumer or reasonably foreseeable use.” Paragraph (b) There are no requirements for customers to be given options for product or service choices. Paragraph (c) There are only very limited requirements to give customers information that will enable them to select the most suitable or affordable product choice. Such requirements might include, for example, disclosing all applicable fees in customer contracts and a requirement to disclose a “comparison rate” that reflects the applicable interest rates and all mandatory fees and charges. There are requirements to disclose interest rates and fees but they do not extend to information that must be in contracts. The Regulation on the Publication of Tariff of Interest Rates and Fees Charged requires banks to publish minimum and maximum rates and fees in newspapers, on the web and in a booklet available to customers and to always display this information “outstandingly at the entrance of their premises and any other place of business.” The publication is always required to be done in three official languages60. There is also no requirement to provide to customers with any information that would disclose the total 60 Article 3. 16 cost of credit. In particular, there is no requirement for banks to publish a total cost of credit interest rate (Comparison Rate). Such rates show as a single rate the applicable interest rate and mandatory fees (such as a loan application fee) and charges (such as for a credit- life insurance premium). They are calculated based on a prescribed formula and, for disclosure purposes, can be calculated in relation to fixed-term credit for specified loan amounts and terms of credit. Total cost of credit interest rates can be a useful means of helping consumers compare products and encourage competition. This is on the basis that a requirement to disclose a nominal interest rate by itself, or even an effective interest rate that takes into account compounding, is not adequate disclosure because it does not give consumers enough information to be able to assess product affordability and suitability or to comparison shop.61 Paragraph (d) There is no overarching responsible lending law of the type described, although banks are apparently required to obtain a credit report and undertake other credit assessment measures before providing credit. However, consumers do not have any rights under these provisions and there are no clear penalties for a breach of the credit assessment provisions. Banks are “mandatory participants” under the Credit Information Law and accordingly they may be required by the Central Bank to obtain a credit report on a prospective borrower when assessing an application for credit.62 During the diagnostic mission, the team was told that such a requirement had been imposed on banks. However, the mission team was not able to ascertain the legislation or regulation under which BNR specifically imposed this requirement. Furthermore, the required criteria for credit classification under the Credit Regulation suggest the credit worthiness of the borrower needs to be checked if a loan is to be classified as being of a “Normal Risk (Pass) Classification.” Article 9(1) of the Regulation specifies the following subjective criteria which needs to be satisfied for this purpose: “ (a) where the financial condition of the borrower is sound; (b) where there is adequate documentation to support the granting of credit, such as current financial statements, cash flows, credit checks and evaluation report on collateral held; and (c) if the account is supported by collateral, the collateral shall be unimpaired.” Finally, the Risk Management Regulation contains detailed provisions relating to the management of Credit Risk. The relevant program provides the following:  “The development and implementation of effective loan granting, document preparation and collection procedures”; and  “Each bank must set up a clearly defined evaluation method to efficiently and prudently make an independent and objective evaluation of loan applications . . . Good analysis must allow the appropriate evaluation of the financial viability of the borrower, his willingness to repay his debt and, where necessary the adequacy and liquidity of the main or secondary collateral.”63 61 CGAP Designing Disclosure Regimes for Responsible Financial Inclusion, 2012. 62 Article 22 and definition of “mandatory participants” in Article 2 . 63 Article 4.1.6 (a). 17 Recommendation Consideration should be given to introducing requirements to ensure product suitability. In particular, there should be training and qualification requirements for staff or third party agents who advise on banking products and services and requirements to ensure that sufficient information about the customers’ needs is gathered to ensure that appropriate products and services are provided. Responsible lending laws could be introduced to minimize the risk of over-indebtedness. At a minimum, banks and their intermediaries could be required to collect and verify information to assess a customer’s ability to repay a loan without substantial hardship and to assess whether the loan meets the customer’s requirements and needs. This assessment could be done through the collection and verification of information before the facility is provided. A failure to undertake the required assessment could result in a breach of the relevant law and possibly re-opening of the credit contract by a court. These requirements would apply in addition to the abovementioned current provisions relating to the assessment of credit worthiness. It is also recommended that requirements for the disclosure of a Total Cost of Credit Rate that reflects the applicable interest rate and mandatory fees be introduced. Disclosure of such a rate should enable borrowers to assess the total cost of credit and compare products and would encourage competition. In particular, the following requirements might be introduced:  Include the Total Cost of Credit Rate in fixed-rate loan contracts and in the Key Facts statement recommended below.  Disclose the applicable Total Cost of Credit Rate in advertisements that refer to an interest rate on a fixed rate loan.  Provide consumers with a schedule of total cost of credit rates based on specified loan amounts and terms.  Require any information as to a total cost of credit rate to be accompanied by prescribed warnings as to its limitations. Consideration should also be given to requiring that there be disclosure in credit contracts of the sum of all applicable interest charges and mandatory fees over the term of the contracts. Such a disclosure could be made on the basis that the interest rate will be the rate as at the date of the contract, there will be no changes to fees and charges and the borrower will repay the debt as required by the contract. There should also be an explicit requirement to clearly disclose all fees and charges in a customer contract. These requirements could be included in the proposed new financial consumer protection legislation (or regulations). 18 Good Practice B.3. Cooling-off Period Good Practice a. For financial products or services with a long-term savings component, a bank should provide the consumer a cooling-off period of a reasonable number of days (at least 3–5 business days) immediately following the signing of any agreement between the bank and the consumer. b. On his or her written notice to the bank during the cooling-off period, the consumer should be permitted to cancel or treat the agreement as null and void without penalty to the consumer of any kind. Description There is no cooling-off requirement under Rwanda law applicable to banking products. Recommendation Consideration should be given to the introduction of a provision of the type proposed. It is, however, recognized that there may be a need for some qualification to an automatic right of cooling off. For example, there could be a right to retain reasonable administrative fees relating to the cancellation of the contract or for the application for the facility. Furthermore, it may be that the right should not apply when there has been a drawdown of a credit facility, and a bank should be able to recover any loss arising from an early withdrawal of a fixed-rate term deposit which loss arises because of a difference in interest rates. This would be in addition to any reasonable administrative fees associated with closure of the term deposit. 22 Good Practice B.4. Bundling and Tying Clauses Good Practice a. As much as possible, banks should avoid bundling services and products and the use of tying clauses in contracts that restrict the choice of consumers. b. In particular, whenever a borrower is obliged by a bank to purchase any product, including an insurance policy, as a pre-condition for receiving a loan from the bank, the borrower should be free to choose the provider of the product and this information should be made known to the borrower. Description Bundling practices are in their infancy in Rwanda and there are no requirements of specific relevance to this good practice. For insurance sales by banks the picture is varied so far:  A few commercial banks do not presently act as insurance agents, although there were suggestions they might do so in the future. Secured property insurance is required by one of these banks but the customers are free to choose their own insurance. They do not receive any commissions from an insurer.  Another commercial bank requires credit life as well as secured property insurance and receive 15 percent commission from the insurers to which the customers are referred to (there is a list given to the customers).  A microfinance bank (UOB) is agent for a micro insurance company that provides the microcredit life insurance policy required of group lending customers: see http://opportunity.net/rwanda/media-center for some details. Recommendation It is recommended that a clear prohibition practices be introduced on insurance forcing practices, coupled with disclosure and rebate provisions. Such a prohibition should apply to a requirement to acquire an insurance policy from a particular insurer and to a requirement to pay for such service, in either case as a condition of providing a banking service (such as a loan). Furthermore, where there is a tied insurance contract, banks should be required to give a proportionate refund of the applicable premium if the consumer pays out a loan early. We further recommend a requirement for transparent disclosure of insurance premiums and of any commission paid to a bank or any other person because of the writing of the insurance policy. There should also be separate disclosure of the extent to which the insurance premium is financed by the loan. 23 Good Practice B.5. Preservation of Rights Good Practice (i) Except where permitted by applicable legislation, in any communication or agreement with a consumer, a bank should not exclude, restrict or seek to exclude or restrict: (ii) any duty to act with skill, care and diligence toward the consumer in connection with the provision by the bank of any financial service or product; or (iii) any liability arising from the bank’s failure to exercise its duty to act with skill, care and diligence in the provision of any financial service or product to the consumer. Description There are no rules specifically relating to the use of limitations of the type described in Rwanda, other than in the EFT Regulation and a general provision in the CCP Law relating to prejudicial terms. Article 27 of the EFT Regulation makes it clear that the rights conferred on consumers under the EFT Regulation cannot be limited by regulation: “No agreement in writing between a customer and a bank or other payment service provider may contain any provision that constitutes a waiver of any right conferred or cause of action created by this Regulation.” A further qualification to the first paragraph above is that the CCP Law contains provisions relating to “prejudicial” terms and makes clear in Article 50 that there is a right to damages. Article 37 provides in this context: “Any act contrary to practices in commercial matters by which a seller may prejudice the interests of the consumer or other sellers is prohibited. In all business transactions in connection with the supply of goods or services to consumers, with promotion pricing in any means of supply or use of goods or services, it is prohibited for a seller to provide a consumer with information that is, in all the circumstances, deceiving or misleading.” Although the examples given in Article 37 of the prejudicial terms to which the article applies do not include one which would preserve statutory rights as contemplated by this Good Practice, the general terms of the article may have that effect. However, the position is ambiguous and, significantly, there is no statement of the effect that such a clause is of no effect, i.e., void. Recommendation In the interests of certainty it is recommended that Rwandan law include an express provision to the effect that any term of a contract by which a bank seeks to avoid or modify the effect of the relevant laws (such as the new financial consumer protection law) or to be indemnified for any liability they have under such a law is void. However, it should be clear that such a result does not affect the validity of the rest of the contract. 24 Good Practice B.6. Regulatory Status Disclosure Good Practice In all of its advertising, whether by print, television, radio or otherwise, a bank should disclose the fact that it is a regulated entity and the name and contact details of the regulator. Description Although a licensed bank is required to display its license at its head office, with a copy at each branch, there is no requirement that advertisements contain information about its regulated status. The Licensing Conditions of Banks provides in this regard that: “A license granted shall, at all times, be displayed in a conspicuous place at the head office of the concerned bank, and copies of it shall be similarly displayed at each of its branch offices.64” Recommendation Consideration should be given to introducing a requirement that banks disclose their name and license number in advertisements (at a minimum). Good Practice B.7. Terms and Conditions Good Practice a. Before a consumer opens a deposit, current (checking) or loan account at a bank, the bank should make available to the consumer a written copy of its general terms and conditions, as well as all terms and conditions that apply to the account to be opened. Collectively, these Terms and Conditions should include: (i) disclosure of details of the bank’s general charges; (ii) a summary of the bank’s complaints procedures; (iii) a statement regarding the existence of the office of banking ombudsman or equivalent institution and basic information relating to its process and procedures; (iv) information about any compensation scheme that the bank is a member of; (v) an outline of the action and remedies that the bank may take in the event of a default by the consumer; (vi) the principles-based code of conduct, if any, referred to in A.2 above; (vii) information on the methods of computing interest rates paid by or charged to the consumer, any relevant non-interest charges or fees related to the product offered to the consumer; (viii) any service charges to be paid by the consumer, restrictions, if any, on account transfers by the consumer, and the procedures for closing an account; and (ix) clear rules on the reporting procedures that the consumer should follow in the case of unauthorized transactions, in general, and stolen cards, in particular, as well as the bank’s liability in such cases facilitates the reading of every word. b. The Terms and Conditions should be written in plain language and in a font size and spacing that facilitates the reader’s comprehension. 64 Article 14 of Licensing Conditions of Banks Regulation 2008. 25 Description Apart from limited provisions of general application in the CCP Law and the specific provisions of the EFT Law, there are no legislative provisions requiring contractual disclosures to be given directly to the consumer. The Disclosure of Interest Charges and Fees Regulation 2011 contain provisions relating to disclosure of interest charges and fees, but there is no obligation to include this information in contractual disclosures. This regulation requires banks to publish minimum and maximum rates and in newspapers, on the web, in a booklet available to customers, and to always display this information “outstandingly at the entrance of their premises and any other place of business.” The publication is always required to be done in three official languages. 65 Notices of changes are also required to be given in 15 days to the BNR and the public.66 This regulation also makes clear that interest rates and fees and charges may be freely set.67 However, the Regulation does not make any provision for disclosures of interest charges and fees in a contract for bank services. Furthermore, although the CCP Law requires consumers to be given information which reflects the needs expressed by the consumer (or which are reasonably foreseeable); there are no requirements to provide the specific information contemplated by Good Practice B.7 (a). Article 33 of the CCP Law provides in this regard: “No later than the time of the conclusion of a sale contract, the seller must provide the consumer with correct and necessary information on the characteristics of the product or service and conditions of contract considering the need for information expressed by the consumer and given the reported use by the consumer or reasonably foreseeable use.” Article 16 of the Electronic Funds Transfer and Electronic Transactions Regulation 2010 (EFT Regulation) is the only legislative instrument reviewed by the mission team that makes specific provisions for contractual disclosures. The EFT Regulation is designed to protect users of electronic payments systems68 and requires any payment service provider (including a bank) providing any kind of electronic fund transfer service to have “standard terms and conditions” that are communicated to BNR and also disclosed to a customer “before or at the time the electronic fund transfer is carried out.”69 The standard terms and conditions are also required to be made available in Kinyarwanda and either French or English “in branches that provide electronic fund transfer services.” However, the required content of the standard terms and conditions focuses on the electronic nature of the relevant transaction. Article 16 requires standard terms and conditions to include information about the following, in summary:  The customer’s liability for unauthorized transactions and duty to report loss, misuse, theft or unauthorized use of an access code or card;  A contact number the customer can use to give notice of unauthorized transfers;  The customer’s right to stop payments;  Information relating to lodgment of complaints; and  The customer’s right to receive relevant documents in relation to electronic fund transfers. Apart from the obligation to include a contact number to advise of unauthorized transactions and to advise about complaints procedures (both of which are helpful), the EFT Regulation does not specifically cover any of the items specified in this Good Practice. For example, there is no requirement 65 Article 3. 66 Article 4. 67 Article 5. 68 Article 1. 69 Article 16. 26 to disclose the fees and charges that apply. Paragraph (b) The limited disclosure provisions in the laws of Rwanda do not contain any requirements as to the form, font size and spacing referred to in Good Practice B.7 (b), with the exception of the requirements in the EFT Regulation. The EFT Regulation appropriately requires that: “The standard terms and conditions shall be in writing in Kinyarwanda and either one of French or English, in clear, readily understandable and user-friendly manner.70 Recommendation Ideally, there would be a comprehensive contractual disclosure regime applied to financial services (including banking services and whether electronic or not). For banking services, this should include, at a minimum, the following: the amount borrowed, the applicable interest rate and total interest charges, the applicable default rate of interest, details of all fees and charges, whether interest rates are fixed or variable, the method of calculating interest charges (flat or on a declining basis); any applicable insurance premiums and commissions; details of any security given and a requirement to give reasonable notice of changes (e.g., 20 days). This is the minimum information that should be given to customers if they are to be able to make an informed decision about the service and are fully aware of their rights and responsibilities. Contract documents could also be made comprehensible through summaries of key information, clear language and format and explanations from bank staff in appropriate cases. This might be achieved by implementing the following specific recommendations:  A Key Facts Statement should be provided on the first page of every contract summarizing the key terms (see Good Practice B.8).  Contracts should be both intelligible and legible. Contract documents should be plainly expressed, in a minimum at 10-point font size and provided to a customer in the official language most relevant to the customer (Kinyarwanda, French or English).  Contract documents should be explained to customers who would not otherwise understand them. If a customer is clearly not able to read and understand contract or security disclosure documents they should be required to be explained to him or her by the institution concerned. This might be required if, for example, if the customer is illiterate or blind.  Customers should be given time to consider documents. Customers should also be given a reasonable time (say at least one day) to consider the information provided to them before the contract is signed. Similarly, banks should explain the effect of giving any security (including a mortgage or a guarantee) and the implications of default. Recommendations in relation to the EFT Regulation are in Good Practice C.7. 70 Article 16. 27 Good Practice B.8. Key Facts Statement Good Practice a. A bank should have a summary statement, such as a Key Facts Statement, for each of its accounts, types of loans or other products or services and provide these to its customers and potential customers. b. The summary statement should be written in plain language and summarize in a page or two the key terms and conditions of the specific banking product or service. c. Prior to a consumer opening any account at, or signing any loan agreement with, the bank, the consumer should have delivered a signed statement to the bank to the effect that he or she has duly received read and understood the relevant summary statement from the bank. d. Summary statements throughout the banking sector should be written in such a way as to allow consumers the possibility of easily comparing products that are being offered by a range of banks. Description There are no requirements for bank customers in Rwanda to be given a summary statement as to the key terms and conditions of the relevant banking product or service. Recommendation As mentioned in Good Practice B.7, a Key Facts Statement should be provided on the first page of every contract summarizing the key terms. For example, in a loan contract, this would include the amount borrowed, the term, the interest rate, the applicable Comparison Rate (see Good Practice B.2), whether the rate is fixed or variable, all fees and charges, the amount and frequency of repayments and the total amount payable under the contract, including both the amount of any principal borrowed and the total cost of all interest charges and fees and charges. Good Practice B.9. Advertising and Sales Materials Good Practice a. Banks should ensure that their advertising and sales materials and procedures do not mislead customers. b. All advertising and sales materials of banks should be easily readable and understandable by the general public. c. Banks should be legally responsible for all statements made in their advertising and sales materials (i.e., be subject to the penalties under the law for making any false or misleading statements). Description There is a general prohibition on deceiving or misleading information in business transactions that is helpful in this context and specific prohibitions relating to the use of the word “bank” and associated terms and relating to comparative advertising. 28 Paragraph (a) The general prohibition on deceiving or misleading information arises from Article 37 of the CCP Law relating to “prejudicial” terms. Article 50 then is to the effect that a right to damages may arise from such clauses. Article 37 provides in this context: “Any act contrary to practices in commercial matters by which a seller may prejudice the interests of the consumer or other sellers is prohibited. In all business transactions in connection with the supply of goods or services to consumers, with promotion pricing in any means of supply or use of goods or services, it is prohibited for a seller to provide a consumer with information that is, in all the circumstances, deceiving or misleading.” Although the examples given in Article 37 of the prejudicial terms to which the article applies do not include one that preserves statutory rights as contemplated by this Good Practice, the general terms of the article may have that effect. However, the position is ambiguous and, significantly, there is no statement of the effect that such a clause is of no effect, i.e., void. Other provisions that indirectly relate to advertising include the following:  The licensing requirements under article 4 of the Banking Law provide that: “No person or entity may, without being licensed as a bank, claim the status of bank or banker, or use in any language, in its corporate name, trade name, signage or advertising, the terms “bank,” “banker,” or any other term evoking any banking operation.”; and  Article of the CCP Law sets out standards for comparative advertising relating to a competitors products or services (which would include banking services). The advertising must not be misleading, must be for goods or services meeting the same needs or intended for the same purpose and must objectively compare one or more features of the relevant goods or services. To clear any doubt, we note that Article 37 of the CCP Law, which relates to the display of prices, seems only to apply to the prices of goods, i.e., not of services such as banking services. Furthermore, Article 38, which relates to prohibited advertising, only applies to advertising which “that may encourage risky behavior dangerous for health or safety of persons”. Paragraph (b) There is no requirement to this effect. Paragraph (c) There is no provision to this effect, although bank liability for their advertisements may follow as a matter of general law. Recommendation If the recommendation for a new law on consumer protection is accepted, provisions on a general prohibition on misleading and deceptive conduct and false and misleading statements in relation to the sale, distribution and management of financial services products and services should be included. Such provisions could include a requirement that advertisements that refer to an interest rate should make it clear that fees and charges apply, include any qualifications to the advertisement in a size that is proportionate to the rest of the text and must not be false or misleading in any respect. They would apply in place of the application of the abovementioned provisions in the CCP Law. 29 Good Practice B.10. Third-Party Guarantees Good Practice A bank should not advertise either an actual or future deposit or interest rate payable on a deposit as being guaranteed or partially guaranteed unless there is a legally enforceable agreement between the bank and a third party who or which has provided such a guarantee. In the event such an agreement exists, the advertisement should state as follows: (i) the extent of the guarantee; (ii) the name and contact details of the party providing the guarantee; and (iii) in the event the party providing the guarantee is in any way connected to the bank, the precise nature of that relationship. Description There is a general prohibition on practices that are misleading or deceiving and provisions giving rights under guarantees, but there is not a specific requirement in Rwanda for disclaimers to be included in advertisements that refer to deposit rates being fully or partially guaranteed. Article 37 of the CCP Law contains the abovementioned general prohibition in the following terms: Any act contrary to practices in commercial matters by which a seller may prejudice the interests of the consumer or other sellers is prohibited. In all business transactions in connection with the supply of goods or services to consumers, with promotion pricing in any means of supply or use of goods or services, it is prohibited for a seller to provide a consumer with information that is, in any the circumstances, deceiving or misleading. The CCP Law contains further provisions about the disclosures that must be made in respect of guarantees in the guarantee itself as well as in associated advertising, and these provisions apply to guarantees about interest rates. Article 47 provides as follows: “A guarantee must be legally binding on the offeror under the conditions laid down in the guarantee statement and the associated advertising. The guarantee shall: 1° state that the consumer has legal rights and make clear that those rights are not affected by the guarantee; and 2° set out in plain intelligible language the contents of the guarantee and the essential particulars necessary for making claims under the guarantee, notably the duration, the name and address of the guarantor. On request by the consumer, the guarantee may be made available in a medium other than in writing. Recommendation As mentioned in Good Practice B.9, the recommendation for a new law on consumer protection is accepted, and a new provision is proposed to the effect that there be a general prohibition on misleading and deceptive conduct and false and misleading statements in relation to the sale, distribution and management of financial services products and services. Furthermore, if there is a practice in Rwanda of referring to guarantees of applicable interest rates (for both debit and credit facilities), then it would be helpful to also require disclosure of the information referred to in Good Practice B.10. 30 Good Practice B.11. Professional Competence Good Practice a. In order to avoid any misrepresentation of fact to a consumer, any bank staff member who deals directly with consumers, or who prepares bank advertisements (or other materials of the bank for external distribution), or who markets any service or product of the bank should be familiar with the legislative, regulatory and code of conduct guidance requirements relevant to his or her work, as well as with the details of any product or service of the bank which he or she sells or promotes. b. Regulators and associations of banks should collaborate to establish and administer minimum competency requirements for any bank staff member who: (i) deals directly with consumers, (ii) prepares any Key Facts Statement or any advertisement for the bank, or (iii) markets the bank’s services and products. Description There are no specific requirements of the type described relating to professional competence of bank staff. Paragraph (a) The mission team was told by the banks that there are training programs conducted on a regular basis in relation to the products and services that the banks provide and, at least to some extent, in relation to regulatory requirements. However, there are limited requirements currently in relation to the matters mentioned in this Good Practice, which will become more relevant if the recommendations made by the mission team are accepted. Then it will become even more important that staff understand its duties and obligations and customer rights under relevant laws. Paragraph (b) As far as the mission team is aware, no such collaboration exists. Recommendation It is considered that, at a minimum, it should be a banking License condition that the banks in question must ensure that their staff, third party agents and authorized representatives are adequately trained and have the skills, experience and professional qualifications necessary to ensure that they can competently carry out their functions. This would include, for example, a requirement that those staff and others who provide financial product advice have all the competencies and qualifications required to ensure that they perform the services that they are authorized to provide to an acceptable standard. Furthermore, as mentioned in Good Practice B.3, consideration should be given to introducing express requirements to ensure product suitability. In particular, there should be training and qualification requirements for staff or third-party agents who advise on banking products and services and requirements to ensure that sufficient information about the customer’s needs is gathered to ensure that appropriate products and services are provided. 31 Section C. Customer Account Handling and Maintenance Good Practice C.1. Statements Good Practice a. Unless a bank receives a customer’s prior signed authorization to the contrary, the bank should issue and provide the customer free of charge a monthly statement of every account the bank operates for the customer. b. Each such statement should (i) set out all transactions concerning the account during the period covered by the statement and (ii) provide details of the interest rate(s) applied to the account during the period covered by the statement. c. Each credit card statement should set out the minimum payment required and the total interest cost that will accrue, if the cardholder makes only the required minimum payment. d. Each mortgage or other loan account statement should clearly indicate the amount paid during the period covered by the statement, the total outstanding amount still owing, the allocation of payment to the principal and interest and, if applicable, the up-to-date accrual of taxes paid. e. A bank should notify a customer of long periods of inactivity of any account of the customer and provide a reasonable final notice in writing to the customer if the funds are to be treated as unclaimed money. f. When a customer signs up for paperless statements, such statements should be in an easy-to- read and readily understandable format. Description The current regulatory framework does not require banks to give customers regular statements of accounts or updated account information on request, although it is understood that, as a matter of practice, some banks make such statements available. This information enables customers to check for the accuracy of balances and debits and credits and generally facilitates management of their accounts. This is particularly important for long-term and revolving credit facilities (such as overdrafts and credit card contracts) and variable rate contracts. 29 Recommendation At a minimum, there should be a requirement for regular periodic statements of account to be provided to the holders of both debit and credit products. We suggest that the relevant period be at least monthly in the case of a line-of-credit facility (such as a credit card or an overdraft) and otherwise six monthly (such as for a home loan). Such statements should provide details of the following matters in the applicable period:  The opening and closing balances;  All transactions in the applicable period (including, for example, any credit provided);  Any amounts currently overdue and when each such amount became due;  Any amount currently payable and the date it became due;  Separate itemization of any fees and charges debited in the period;  Clear specification of any interest debited or credited in the relevant period;  Any withdrawal from a transaction account;  The applicable interest rate in the relevant period; and  The amount of any interest charge or payment debited or credited to the account. Statements could be required to be sent electronically or by post or given in person. If these avenues are not reasonably practicable, statements should at least be available to the customer on request. Exceptions to the new requirement should be allowed for as appropriate. For example, there might be exceptions for fixed rate contracts, for loans that have been written off and for facilities where there have not been any debits or credits in the relevant period. It is also recommended that customers be given advance notice if an account is to be closed and if moneys are to be treated as unclaimed money. 30 Good Practice C.2. Notification of Changes in Interest Rates and Non-interest Charges Good Practice a. A customer of a bank should be notified in writing by the bank of any change in the following: (i) The interest rate to be paid or charged on any account of the customer as soon as possible; and (ii) A non-interest charge on any account of the customer a reasonable period in advance of the effective date of the change. b. If the revised terms are not acceptable to the customer, he or she should have the right to exit the contract without penalty, provided such right is exercised within a reasonable period. c. The bank should inform the customer of the foregoing right whenever a notice of change under paragraph a. is made by the bank. Description The only obligations to inform a customer directly about a change to interest rates and charges are in the EFT Regulation and the Law of Mortgages. However, these provisions do not apply universally. Furthermore, there are a number of penalties imposed on customers who exit their contracts early, regardless of the reason. Paragraph (a) The EFT Regulation has broad ranging provisions relating to notice of changes. It relevantly requires that a payment service provider (which would include a bank) can only impose or increase a charge, increase the customer’s liability for losses or adjust the transaction limits on a card if they notify BNR and if the customer receives prior written notice (but there is no minimum notice requirement).71 However, advance notice is not required if the change is called for because of a security issue. Notice of other changes can be given in periodic statements, in a notice on an ATM, POS or other electronic terminal or at a branch. It is a minimum requirement that a customer be notified subsequently of such changes. Again, however, there is no time limit specified. The Law of Mortgages requires advance notice be given of a change in a variable interest rate but does not require a minimum notice period or the form of the notice. The relevant provision provides the following: “A mortgagee shall not alter the rate of a loan interest without giving notice of such variation to the mortgagor. Such variation shall comply with the provisions of the mortgage contract”72 Although banks subject to the Interest Rates and Fees Regulation are required to inform BNR and “the public” of “any change made to the rates and fees,” there are a number of limitations on this requirement. First, the notice must be given “in fifteen days” but it is not clear that advance notice must be given.73 Secondly, notice must be given in accordance with Article 3 of the Regulation, which does not require individual notice to customers. Instead, notices are required to be given in bank branches, on websites, through making a brochure available and through a local newspaper with a wide distribution. 71 Article 18. 72 Article 10. 73 Article 4. 31 Paragraph (b) Contrary to this Good Practice, it is common for banks to charge a fee to a customer for breaking a contract. These fees are likely to operate as a disincentive to customers switching banks and may be considered to be anti-competitive. For example,  If a current or savings account fee is closed, a fee of between 5,000 RWF and 10,000 RWF is charged. Furthermore, is a customer does not formally close the account, but stops using it, any monthly service fee will keep being debited for a period. For example, service fees may continue to be charged until the available funds are used up, after which any subsequent service fees may eventually be written off except to the extent they have been offset by a subsequent deposit.  If a loan account balance is prepaid, banks will commonly charge a prepayment fee of 5 percent of the outstanding balance, regardless of whether the loan is a fixed or variable rate loan. This is a disincentive to paying out a loan early (and switching banks) and does not sit well with the provisions in the Law on Mortgages that provide for mortgagors to repay loans and recover their properties. 74 Paragraph (c) No such warning is given. Recommendation Without limiting the requirements of the EFT Regulation it is recommended, at a minimum, that a customer be given notice of changes in interest charges, repayments and fees and charges as follows:  Notice of a change in interest rates should be given before the change takes effect, either personally or by newspaper notice. In the latter case, the notice should be also be given in the next statement of account.  There should be at least 20 days advance, personalized notice of a change in the amount of a repayment (but if it is a reduction, it could be notified in the next statement of account); and  There should be 20 days advance, personalized notice of a change in the amount of a fee, or a new fee should also be given. Consideration should be given to prohibiting prepayment fees, subject to certain exceptions. Such a prohibition would cover fees on early repayment of installments and early repayment of the entire outstanding balance. However, there should be an exception for reasonable administrative costs relating to the prepayment and, for fixed rate facilities, a charge to take account of differences between the interest rate payable under the facility and that prevailing at the time of the prepayment. Account closure fees could be required to reflect the true cost of the closure. This would mean that these fees would only be able to be charged to the extent they reflect the reasonable administrative costs of closing the account. 74 Article 23. 32 Good Practice C.3. Customer Records Good Practice a. A bank should maintain up-to-date records in respect of each customer of the bank that contain the following: (i) a copy of all documents required to identify the customer and provide the customer’s profile; (ii) the customer’s address, telephone number and all other customer contact details; (iii) any information or document in connection with the customer that has been prepared in compliance with any statute, regulation or code of conduct; (iv) details of all products and services provided by the bank to the customer; (v) a copy of correspondence from the customer to the bank and vice-versa and details of any other information provided to the customer in relation to any product or service offered or provided to the customer; (vi) all documents and applications of the bank completed, signed and submitted to the bank by the customer; (vii) a copy of all original documents submitted by the customer in support of an application by the customer for the provision of a product or service by the bank; and (viii) any other relevant information concerning the customer. b. A law or regulation should provide the minimum permissible period for retaining all such records and, throughout this period, the customer should be provided ready access to all such records free of charge or for a reasonable fee. Description Although there are requirements concerning the keeping of records about credit and other documentation files, complaints, electronic funds transfer transactions, there are no overarching requirements relating to the keeping of customer records in general. Paragraph (a) Although customer records are likely to be kept in practice, there are no record-keeping obligations of the general type contemplated in the legislation we have reviewed. There are, however, the following specific requirements:  The board of a bank must have a policy for the “maintenance of appropriate credit and documentation files.” In this regard, Article 3(a) of the Regulation on Credit Classification and Provisioning 2011 requires a board of a bank to prescribe: “a credit policy specifying the criteria and procedures in the evaluation, processing, approval, documentation, and disbursement of credits. Such policy should include the procedures for loan administration and recovery, the recording of transactions and maintenance of appropriate credit and document files.  The Customer Service Directive requires banks to have systems for recording complaints.75  The EFT Regulation requires a regulated financial institution to ensure “their electronic fund 75 Section 2. 33 transfers generate sufficient records to enable a transaction to be traced checked and where any error has occurred, to be identified and corrected”76 and to also keep records of complaints77.  The Law on the Prevention and Penalizing Money Laundering and Terrorism Financing 2008 (AML Law) requires customer identification data to be kept for 10 years, national and international transaction information to be kept for 10 years and account books and business correspondence to be kept for a period of at least 10 years after the end of the business relationship.78 Although the abovementioned provisions contain helpful requirements for certain types of information that should be collected and recorded by a bank, it would be preferable if the requirements were of a more general nature, as contemplated by this Good Practice. Paragraph (b) The mission team is not aware of any requirement relating to the period for which bank records must be kept other than the provisions in the AML Law. Recommendation It is recommended that consideration be given to expanding the record-keeping obligations of a bank so as to explicitly require retention of the following customer records (as well as those currently provided for as described above):  Contact details of the customer and of any security provider;  Details of all products and services provided to the customer;  All account information relevant to each such service (i.e., not just customer transaction information but details of all debits and credits, interest rates and fees and charges should also be retained);  Full details of any collateral provided for a loan;  All communications related to the account; and  A copy of any disclosures made to the customer or any security provider (including a copy of the terms and conditions of the account). Consideration should also be given to requiring records to be kept for a minimum period after termination of the business relationship with the customer. It is also recommended that customers be given a right of access to their personal information held by a bank. This could be provided for in the proposed data protection laws (see Good Practice D.2). 76 Article 25. 77 Article 24. 78 Article 17. 34 Good Practice C.4. Paper and Electronic Checks Good Practice a. The law and code of conduct should provide for clear rules on the issuance and clearing of paper checks that include, among other things, rules on: (i) checks drawn on an account that has insufficient funds; (ii) the consequences of issuing a check without sufficient funds; (iii) the duration within which funds of a cleared check should be credited into the customer’s account; (iv) the procedures on countermanding or stopping payment on a check by a customer; (v) charges by a bank on the issuance and clearance of checks; (vi) liability of the parties in the case of check fraud; and (vii) error resolution. b. A customer should be told of the consequences of issuing a paper check without sufficient funds at the time the customer opens a checking account. c. A bank should provide the customer with clear, easily accessible and understandable information regarding electronic checks, as well as the cost of using them. d. In respect to electronic or credit card checks, a bank should inform each customer in particular of the following: (i) how the use of a credit card check differs from the use of a credit card; (ii) of the interest rate that applies and whether this differs from the rate charged for credit card purchases; (iii) when interest is charged and whether there is an interest-free period, and if so, for how long; (iv) whether additional fees or charges apply and, if so, on what basis and to what extent; and (v) whether the protection afforded to the customer making a purchase using a credit card check differs from the protection afforded when using a credit card and, if so, what the specific differences are. e. Credit card checks should not be sent to a consumer without the consumer’s prior written consent. f. There should be clear rules on procedures for dealing with authentication, error resolution and cases of fraud. 35 Description The Law Governing Negotiable Instruments (which includes regulations about checks) contains extensive rules relating to the liability of the parties regarding checks and their issuance, clearing and dishonor of checks and the stopping of payments. Paragraph (a) The Negotiable Instruments Law contains rules on some, but not all, of the issues covered by paragraph (a):  Dishonors: These rules require notice of a dishonor to be given by a specified person within one working day to the drawer or the endorser at their customary place of address or place of residence.79 Delay in giving notice may be excused if it was not caused by the default of the relevant person, if the need to give notice is waived or if the drawer or endorser cannot be found. 80  Liability: The liability of a drawer and an endorser of checks is set out in Articles 76 and 77, in particular, of the drawer of the check. “The drawer of a negotiable instrument: 1° promises that, on due presentment, it shall be accepted and paid according to its value; 2° promises that if it is dishonored, he / she will compensate the holder or any endorser who ordered its payment; 3° promises also that he/she cannot oppose payment to be made to bearer in due course.”  Duration: A check will remain valid for 60 days from its date of issuance.81  Fraud: There are various provisions that expressly or by implication deal with the effects of fraud. For example, an instrument will not be a negotiable instrument unless it is written and signed by the drawer or the person who promises to pay82; there are specified rules relating to when the bearer will be considered to be a holder who has received a negotiable instrument, complete and regular on its face83; and, importantly, it is clear that bearer of a negotiable instrument shall be deemed to have a defective instrument wherein the receipt and acceptance thereof is characterized by fraud, duress or based on other unlawful means or wherein the instrument is based on breach of trust.84 Advice as to error resolution in matters relating to checks would be dealt with under the compliant resolution processes provided for in the Customer Service Directive. However, as mentioned in Good Practice E.1., it is not clear that this Directive is binding or that the banks interviewed comply with it. A further concern is that BNR does not appear to have the resources to monitor compliance. Furthermore, as mentioned above (see especially Good Practice B.7), there are no legislative provisions requiring disclosure of fees and charges in bank contracts in Rwanda. Paragraph (b) The mission team was not given sufficient examples of current account terms and conditions to ascertain whether customers are told of the consequences of issuing a bounced check when they open such an account. 79 Articles 61–67. 80 Articles 68 and 69. 81 Article 113. 82 Article 8 (1). 83 Article 38. 84 Article 35. 36 Paragraphs (c) – (f) As far as the mission team is aware, electronic or credit card checks are not available in Rwanda currently (especially as credit cards have only been introduced in the last few years). Accordingly, the Good Practices discussed in paragraphs (c) to (f) are not applicable in Rwanda at this stage. Recommendation Although the Negotiable Instruments Law is a comprehensive piece of legislation in many respects, it is not likely to be understood by users of checking accounts should have explained to them (in plain language) the implications of issuing checks and their liability as drawers or endorsers of checks. The issues that might be covered could include, at a minimum:  the time generally taken for clearing a check and how a check may be specially cleared;  the effect of crossing a check, the meaning of “not negotiable” and “account payee only” and the significance of deleting “or bearer” when any of these expressions appear on a check;  how and when a check may be stopped;  how a check may be made out so as to reduce the risk of unauthorized alteration; and  the consequences of the dishonor of a check for any reason (for example, because of insufficient funds or because it is post-dated or stale). Ideally, BNR would work with the commercial banks to prepare a simply expressed brochure that explains these matters. Alternatively, they could be covered in a customer-focused Code of Banking Practice (see Good Practice A.2). Consideration should also be given to implementing the above Good Practices in relation to credit card checks, if their use becomes common in the market. However, this would not be a priority at this stage given the very limited availability of credit cards. If the recommendations in Good Practice A.2 were implemented, this would also be helpful for the purposes of this Good Practice. 37 Good Practice C.5. Credit Cards Good Practice a. There should be legal rules on the issuance of credit cards and related customer-disclosure requirements. b. Banks, as credit card issuers, should ensure that personalized disclosure requirements are made in all credit card offers, including the fees and charges (including finance charges), credit limit, penalty interest rates and method of calculating the minimum monthly payment c. Banks should not be permitted to impose charges or fees on pre-approved credit cards that have not been accepted by the customer. d. Consumers should be given personalized minimum payment warnings on each monthly statement and the total interest costs that will accrue if the cardholder makes only the requested minimum payment. e. Among other things, the legal rules should also (i) restrict or impose conditions on the issuance and marketing of credit cards to young adults who have no independent means of income; (ii) require reasonable notice of changes in fees and interest rates increase; (iii) prevent the application of new higher penalty interest rates to the entire existing balance, including past purchases made at a lower interest rate; (iv) limit fees that can be imposed, such as those charged when consumers exceed their credit limits; (v) prohibit a practice called double-cycle billing, by which card issuers charge interest over two billing cycles rather than one; (vi) prevent credit card issuers from allocating monthly payments in ways that maximize interest charges to consumers; and (vii) limit up-front fees charged on sub-prime credit cards issued to individuals with bad credit. f. There should be clear rules on error resolution, reporting of unauthorized transactions and of stolen cards, with the ensuing liability of the customer being made clear to the customer prior to his or her acceptance of the credit card. g. Banks and issuers should conduct consumer awareness programs on the misuse of credit cards, credit card over- indebtedness and prevention of fraud. Description Apart from limited provisions of general application in the CCP Law and the specific provisions of the EFT Law discussed in Good Practice B.7, there are no legislative provisions relevant to credit cards in Rwanda. Although this is not a significant concern at this stage, it will become one when the market matures and credit cards become more common. Paragraphs (a) – (b) There are no requirements specifically relating to the issuance of credit cards and related customer- disclosure requirements. Although the disclosure requirements of the EFT Regulation would apply to credit cards, they are focused on the electronic nature of transactions and do not expressly refer to requirements relating to mandatory notices of fees (see discussion of Article 16 in Good Practice B.7). There is, however, an obligation to give notice of the introduction of a fee or a change to a fee (see 37 discussion of Article 18 in Good Practice C.7). Paragraph (c) The only requirements relating to the disclosure of fees and charges are discussed in Good Practice B.7. Paragraph (d) As described in Good Practice C.1, the current regulatory framework does not require banks to give customers regular statements of account or updated account information on request, although, as a matter of practice, some banks make such statements available. Paragraph (e) There are not any requirements in Rwanda of the type described. Paragraph (f) The EFT Regulation requires that a bank or other payment service provider must establish “formalized procedures” for the lodgment of complaints and “appropriate procedures” for the investigation and resolution of the complaint and set out the means and procedures to lodge a complaint under standard terms and conditions. These provisions, which would apply to electronic credit card transactions, would seem to meet the requirements of this Good Practice, but the mission team was not able to ascertain the extent of compliance given the limited terms and conditions provided to the team. See also Good Practice E for a more detailed discussion concerning the internal and external complaint resolution schemes. Paragraph (g) The mission team is not aware of credit card specific programs presently conducted in Rwanda. Recommendation As mentioned in relation to Good Practice B.7, there would be a comprehensive contractual disclosure regime applied to financial services (including banking services, whether electronic or not). For credit cards, this should include, at a minimum, the credit card limit, the applicable interest rate and the fact that it is variable, the applicable default-rate interest rates that are fixed or variable, the method of calculating interest charges (taking into account any interest fee period), any applicable insurance premiums and commissions and details of any security given and a requirement to give reasonable notice of changes (e.g., 20 days). This is the minimum information that should be given to customers so they will be able to make an informed decision about the services and to be fully aware of their rights and responsibilities. There should also be a requirement to give consumers, at least annually, a clear and prominent warning about the need to safeguard cards and related security devices (such as PINs). Furthermore, as mentioned in relation to Good Practice C.1, there should be a requirement for regular periodic statements of account to be provided to the holders of credit card accounts. Such statements should be provided at least monthly in the case of a line of credit facility (such as a credit card or an overdraft) and should include the minimum payment due, the total interest costs that will accrue if only the minimum payment is made and also disclose the time period it will take to pay off the balance if only the minimum payment is made. Consideration should also be given to prohibiting sending customers’ unsolicited credit cards and invitations to increase credit limits. Finally, it is proposed that the responsible lending laws recommended in Good Practice B.2 should also apply to credit cards. This point is made to clear any doubt—the proposed laws should apply to all credit facilities. 38 Good Practice C.6. Internet Banking and Mobile Phone Banking85 Good Practice a. The provision of Internet banking and mobile phone banking (m-banking) should be supported by a sound legal and regulatory framework. b. Regulators should ensure that banks or financial service providers providing Internet and m- banking have in place a security program that ensures (i) data privacy, confidentiality and data integrity; (ii) authentication, identification of counterparties and access control; (iii) non-repudiation of transactions; (iv) a business continuity plan; and (v) the provision of sufficient notice when services are not available. c. Banks should also implement an oversight program to monitor third-party control conditions and performance, especially when agents are used for carrying out m-banking. d. A customer should be informed by the bank whether fees or charges apply for Internet or m- banking and, if so, on what basis and how much. e. There should be clear rules on the procedures for error resolution and fraud. f. Authorities should encourage banks and service providers to undertake measures to increase consumer awareness regarding Internet and m-banking transactions. Description The combination of the relatively new Payments Law, the EFT Transactions Law and the EFT Regulation make up a comprehensive regime relating to electronic funds transfers and electronic money transactions and would appear to apply to relevant aspects of Internet banking and mobile banking covered by this Good Practice. Paragraph (a) Payments Law This law confirms the power of BNR with respect to payments systems, and the issue and use of payment instruments and makes provision for the clearing and settlement of payments and financial collateral arrangements. EFT Transactions Law This law deals with legal recognition of electronic documents and signatures, the retention of electronic messages, the liability of network operators and certification authorities, digital signatures and electronic contracts and acceptance of electronic filing and issuance of documents. The EFT Regulation The EFT Regulation is designed to protect users of electronic payments systems. Article 1 emphasizes its broad scope of application in this context: 85 “Internet banking” is defined as banking services that customers may access via the Internet . The access to the Internet could be through a computer, mobile phone (“mobile phone banking”) or any other suitable device. Payment services that are only initiated via the Internet using a mobile phone (e.g., by a mobile banking application using an app on a smart phone) are not considered to be mobile payments; instead they are categorized as Internet payments. This interpretation is consistent with the view of the Committee on Payment and Settlement Systems (CPSS) of the Bank for International Settlements (BIS), who is the relevant standard setting body on payment and settlement systems. However, for practical reasons and due to the importance of mobile money in the country, Good Practice C.6 is intended here as also covering mobile payments and, to some extent, e-money. 39 “This regulation sets forth the rules governing the enforcement, as well as rights and/or obligations in the provision, of fund transfers executed, either totally or partially, by electronic or other automated means. This Regulation shall establish rules to protect natural persons being the users of payment instruments and facilities employing electronic devices or facilities to execute money transactions. Electronic funds transfers and electronic money transactions include those carried out through or by means of, or a combination of the following: a) Point-of-sale (POS) terminals; b) Automated teller machines (ATM); c) TV, Internet and other communication channels; d)Telephonic instruments, including mobile phones; e) Stored value, credit and debit cards “. “Electronic money” is defined as: “electronic money‟ means monetary value as represented by a claim on the issuer which is: i. stored on an electronic device ii. issued on receipt of funds of an amount not less in value than the monetary value issued; iii. accepted as means of payment by undertakings other than the issuer.”86 The EFT Regulation goes on to set out comprehensive provisions concerning:  Execution of payment orders and when they are deemed to be received and are irrevocable87;  Erroneous and unauthorized transfers88;  Notification of loss, theft or unauthorized use and of errors89;  The liability of a payment system provider in cases of system or equipment malfunction90;  Security of deposits made at electronic terminals91;  Liability for unauthorized transactions92;  The information that must be in the terms and conditions93;  Notification of changes to the terms and conditions and other changes94;  Complaint resolution procedures, a customer’s right of appeal to senior management or BNR and the obligation of a payment systems provider to keep records95;  The obligation of a payment systems provider to make adjustments to an incorrectly credited or debited account and to provide information to a customer96; and  The maintenance of an audit trail of transactions97. 86 Article 2. 87 Articles 3–6. 88 Articles 7 and 8. 89 Articles 9 and 12. 90 Article 10. 91 Article 11. 92 Articles 12–14. 93 Articles 17 and 18. 94 Articles 18 and 19. 95 Articles 20, 23 and 24. 96 Articles 21 and 22. 40 Paragraph (b) There are a number of provisions in the laws of Rwanda that in effect require a security program relevant to Internet and mobile banking. For example,  Article 26 of the EFT Regulation contains strict rules relating to the confidentiality of electronic funds transfer (EFT) information and the related systems. Good Practice D.1 has details of this article.  The EFT Regulation contains rules concerning the execution of payment orders and when they are deemed to be received and are irrevocable.98  The Risk Management Regulation contains detailed provisions relating to board policies, processes and procedures, and monitoring systems required to deal with “Operational Risk Management.” This term is defined to include “the failure of information technology systems . . At this time, operational risk represents a threat for banks in Rwanda because of technological innovation and developments in communications and information systems.”99 The Risk Management Regulation then goes on to provide that “[a] real operational risk management program shall include: supervision by the Board of Directors, policies and procedures, risk measurement, information management systems and internal controls and audit,” with each of these matters then specified in a great deal more detail. In this context, there is express reference to the fact that technology can have a negative impact on bank services concerning matters such as electronic funds transfer, automatic cash dispensers, home banking and on-line banking.100  The EFT Regulation also contains rules on the liability of a payment system provider in cases of system or equipment malfunction101. Paragraph (c) The oversight of third-party systems seems to be mandated by the BNR requirements referred to in paragraph (b) above concerning operational risk management. Paragraph (d) In summary, there is not an express provision requiring all applicable fees to be set out in a contract for a banking service, but the EFT Regulation relevantly requires that a payment service provider (which would include a bank) can only impose or increase a charge, increase the customer’s liability for losses or adjust the transaction limits on a card if such a provider notifies BNR and if the customer receives prior written notice (but there is no minimum notice requirement).102 However, advance notice is not required if the change is necessitated by a security issue. See Good Practice C.2 for a more detailed discussion re disclosures of fees. Paragraph (e) The EFT Regulation requires that a bank or other payment service provider must establish “formalized procedures” for the lodgment of complaints and “appropriate procedures” for the investigation and resolution of the complaint and set out the means and procedures to lodge a complaint in the standard terms and conditions. These provisions would seem to meet the requirements of this Good Practice, but the mission team was not able to ascertain the extent of compliance in the time available and given the limited terms and conditions provided to the team. See also Good Practice E for a more detailed discussion concerning the internal and external complaint resolution schemes. 97 Article 25. 98 Articles 3–6. 99 Article 4.4.1. 100 Article 4.4.5. 101 Article 10. 102 Article 18. 41 Paragraph (f) The mission team is not aware of any specific encouragement being given by BNR in relation to consumer awareness programs. Recommendation It is recommended that the EFT Regulation be reviewed in light of the recommendations in Good Practice B.7 concerning disclosures, in Good Practice C.2 concerning notice of fees and interest charges and in Good Practice E concerning internal and external dispute resolution systems. It is especially important that there be consistency between the requirements of the EFT Regulation and any new laws or regulations relating to consumer protection in the financial sector. It is further recommended that BNR work with commercial banks to prepare a simply expressed brochure relating to electronic fund transfers and remittances that explains matters such as the procedures in cases of errors and frauds, customers’ duties to safeguard the security of their access code and card and liability for unauthorized transactions. Alternatively, these matters could be covered in a customer-focused Code of Banking Practice (see Good Practice A.2). 42 Good Practice C.7. Electronic Fund Transfers and Remittances Good Practice a. There should be clear rules on the rights, liabilities and responsibilities of the parties involved in any electronic fund transfer. b. Banks should provide information to consumers on prices and service features of electronic fund transfers and remittances in easily accessible and understandable forms As far as possible, this information should include: (i) the total price (e.g. fees for the sender and the receiver, foreign exchange rates and other costs); (ii) the time it will take the funds to reach the receiver; (iii) the locations of the access points for sender and receiver; and (iv) the terms and conditions of electronic fund transfer services that apply to the customer. c. To ensure transparency, it should be made clear to the sender if the price or other aspects of the service vary according to different circumstances, and the bank should disclose this information without imposing any requirements on the consumer. d. A bank that sends or receives an electronic fund transfer or remittance should document all essential information regarding the transfer and make this available to the customer who sends or receives the transfer or remittance without charge and on demand. e. There should be clear, publicly available and easily applicable procedures in cases of errors and frauds in respect of electronic fund transfers and remittances f. A customer should be informed of the terms and condition of the use of credit/debit cards outside the country including the foreign transaction fees and foreign exchange rates that may be applicable. Description The EFT Regulation covers most of the provisions of this Good Practice. Paragraph (a) The EFT Regulation described in Good Practice E.6 covers the rights, liabilities and responsibilities of the parties involved in any electronic fund transfer. Paragraph (b) There are only limited provisions in the EFT Regulation that relate specifically to giving notice of the service characteristics and fees related to electronic transactions. See the discussion of Article 16 in Good Practice B.7. Paragraph (c) There are no requirements in the EFT Regulation or elsewhere mandating advice be given to a sender of electronic funds if the price or other aspects of the service vary according to circumstances. 48 Paragraph (d) The EFT Regulation contains record-keeping obligations. A regulated financial institution to ensure “their electronic fund transfers generate sufficient records to enable a transaction to be traced checked and where any error has occurred, to be identified and corrected”103 and to keep records of complaints.104 Paragraph (e) As far as the mission team is aware, there are no public records of procedures in cases of errors and frauds in respect to electronic fund transfers and remittances. Paragraph (f) There are no specific provisions concerning the disclosures that must be made in relation to the use of credit and debit cards internationally. Recommendation It is recommended that the EFT Regulation be reviewed in light of the recommendations in Good Practice B.7 concerning disclosures, in Good Practice C.2 concerning notice of fees and interest charges and in Good Practice E concerning internal and external dispute resolution systems. It is especially important that there be consistency between the requirements of the EFT Regulation and any new laws or regulations relating to consumer protection in the financial sector. It is further recommended that BNR work with the commercial banks to prepare a simply expressed brochure relating to electronic fund transfers and remittances that explains the procedures in cases of errors and frauds and customers’ duties in respect to security of their access code and card and liability for unauthorized transactions. Alternatively, they could be covered in a customer focused Code of Banking Practice (see Good Practice A.2). 103 Article 25. 104 Article 24. 49 Good Practice C.8. Debt Recovery Good Practice a. A bank, agent of a bank and any third party should be prohibited from employing any abusive debt collection practice against any customer of the bank, including the use of any false statement, any unfair practice or the giving of false credit information to others. b. The type of debt that can be collected on behalf of a bank, the person who can collect any such debt and the manner in which that debt can be collected should be indicated to the customer of the bank when the credit agreement giving rise to the debt is entered into between the bank and the customer. c. A debt collector should not contact any third party about a bank customer’s debt without informing that party of the debt collector’s right to do so; and the type of information that the debt collector is seeking. d. Where sale or transfer of debt without borrower consent is allowed by law, the borrower should be: (i) notified of the sale or transfer within a reasonable number of days; (ii) informed that the borrower remains obligated on the debt; and (iii) provided with information as to where to make payment, as well as the purchaser’s or transferee’s contact information. Description Apart from limited rules relating to the realization of secured debts, there are no specific rules relating to debt collection practices in Rwanda. Debt collectors are not required to be licensed or registered and their activities are not supervised in any way. Furthermore, the ability of the only collection company to access the CRB database is of significant concern because it is not apparent this is permitted by the Credit Information Law or is good practice, given the confidentiality of credit reports. There are detailed restrictions in the Credit Information Law on the purposes for which credit reports can be used, and it is not clear that this practice is within those provisions.105 Paragraph (a) The laws of Rwanda do not contain restrictions on debt collectors of the type contemplated by this Good Practice. Collections Africa is currently the only debt collector operating in Rwanda and is a subsidiary of CRB Africa (CRB), with whom it shares premises. The mission team was told that Collections Africa is permitted to access credit information held by CRB databases to verify information about debtors provided by clients of Collections Africa. Arguably, debt collectors such as Collections Africa should be supervised given the sensitivity of the information they handle and the commission incentives they have to take strong measures to collect debts. Furthermore, considerations in support of this view are that given the rapid expansion in the availability of retail banking services in Rwanda and the low levels of financial literacy, there is a high risk of debtors not understanding their rights in relation to the collection of debts and of them being abused. 105 Article 14. 50 Paragraph (b) Although bank customers are required to consent to the giving of their information to a credit bureau such as CRB, there is no obligation to give the customer specified information about how their debts may be collected before the relevant contract is made. Article 26 provides that subscribers (such as banks) “are required to secure the consent of credit applicants, and guarantors, before providing to, or requesting from, credit bureaus information or report on the credit history of clients and guarantors.” Paragraph (c) There are no requirements about the information that must be given to a third party from whom the debt collector is seeking information. Paragraph (d) The sale of bank debts without borrower consent does not appear to be restricted in any way, and there is no requirement for any information to be given to the borrower. Recommendation Ideally, debt collectors in Rwanda would be required to be licensed and to comply with specified business conduct rules. Such rules could include prohibitions relating to harassment of debtors (for example, in relation to the number and timing of calls on the debtor and physical abuse), misleading debtors (for example, as to whether property is secured) and a prohibition on claiming a fee from the debtor for the debt collector and on entering a private residence uninvited. There should also be strict requirements to keep debtor information confidential. Debt collectors should also be required to give debtors their license details, details of the relevant lender and of the debt and the amount overdue. The rules on harassment of debtors could also apply to credit providers. At a minimum, if the above recommendation is not accepted, it is proposed that there be introduced a prohibition on the harassment of debtors along with restrictions on the disclosure and use of credit sensitive information by debt collectors. Collections Africa’s practice of accessing CRB’s credit information data base should in any event be reviewed as soon as possible. In particular, there should be an assessment of whether it is permitted under the Credit Information Law. In this regard, it is noted that there is a provision in the Credit Information Law for CRB to itself engage in debtor-tracking services with respect to debts lawfully granted106. However, there is not an express provision allowing a licensed credit bureau to disclose information to a third party for that purpose (even to a subsidiary). It is also suggested that there be a review of Collections Africa’s practices in relation to seeking information about a debtor’s whereabouts from third parties such as neighbors and employers. Consideration could also be given to including in the new consumer protection law or regulation a provision to the effect that, when rights to a debt are sold, the borrower has no obligation to make repayments to the assignee unless they are informed in writing of who they should make the payment to and how. Otherwise, any payment made in accordance with the conditions of the contract should operate as a release of the obligation to make the payment. 106 Article 10 (20). 51 Good Practice C.9. Foreclosure of mortgaged or charged property Good Practice a. In the event that a bank exercises its right to foreclose on a property that serves as collateral for a loan, the bank should inform the consumer in writing in advance of the procedures involved, the process to be employed by the bank to foreclose on the property as collateral and the consequences thereof to the consumer. b. At the same time, the bank should inform the consumer of the legal remedies and options available to him or her in respect of the foreclosure process. c. If applicable, the bank should draw the consumer’s attention to the fact that the bank has a legal right to recover the balance of the debt due in the event the proceeds from the sale of the foreclosed property are not sufficient to fully discharge the outstanding amount. d. In the event the mortgage contract or charge agreement permits the bank to enforce the contract without court assistance, the bank should ensure that it employs professional and legal means to enforce the contract, including regarding the sale of the property. Description Paragraph (a) A mortgagor must give notice of a default before enforcing a mortgage over land and inform of the amount outstanding and how legal remedies may be exercised. Article 15 of the Law of Mortgages (which relates to land) provides: “Notice before any decision on a mortgaged property. Where the mortgagor fails to honor his/her commitments to pay as provided for in the mortgage contract, the mortgagee shall serve a notice to remind the mortgagor of such a default with a copy to the Registrar General. The notice referred to in paragraph one of this Article shall indicate the amount of outstanding payments and how the mortgagee can exercise legal remedies to secure payment from the mortgaged property.” A further concern in this context is that the new laws on mortgages and movable collateral make provision for secured property to be seized and sold on default within a very short time frame (60 days in the case of a mortgage over land and 30 days for security given over movable property). This is a concern given that there is no need for the mortgagee to take any action through the courts before selling the property (a debtor who is dissatisfied with the sales process, the selling price or the drafting of the mortgage may, however, refer the matter to the competent courts107). While the business efficacy of the new requirements is recognized, there is residual concern about whether consumers understand the implications of giving security over property and the consequences of default. This concern exists even though it is understood banks will seek to assist debtors in financial difficulty through entering into new repayment arrangements. 107 Articles 19 and 24 of the Law on Mortgages. 52 Paragraph (b) Mortgagees are required to give a defaulting mortgagor of land notice of how they can exercise legal remedies under Article 15 of the Law of Mortgages (see paragraph (a)). Paragraph (c) There is not a specific requirement in either the Law on Mortgages or the Movable Collateral Law requiring the mortgagee to inform a defaulting debtor of the banks’ right to recover an outstanding balance. Paragraph (d) The mission team’s main concern in relation to debt collection practices is that debt collectors are unlicensed in Rwanda and there is a concern about Collections Africa’s ability to access the files of CRB (see Good Practice C.8). Recommendation It is recommended that, at a minimum, there be included on the front page of any mortgage document a clear warning in a statutorily prescribed format of the effect of a default on the relevant loan. The warning should appear for a residential property mortgage as a clear statement in large print to the effect that a default means that debtors could lose their homes within 60 days of the notice of default. A similar statement of the effect of giving a guarantee should also be provided. Good Practice C.10. Bankruptcy of Individuals Good Practice A bank should inform its individual customers in a timely manner and in writing on what basis the bank will seek to render a customer bankrupt, the steps it will take in this respect and the consequences of any individual’s bankruptcy. a. Every individual customer should be given adequate notice and information by his or her bank to enable the customer to avoid bankruptcy. b. Either directly or through its association of banks, every bank should make counseling services available to customers who are bankrupt or likely to become bankrupt. c. The law should enable an individual to: (i) declare his or her intention to present a debtor’s petition for a declaration of bankruptcy; (ii) propose a debt agreement; (iii) propose a personal bankruptcy agreement; or (iv) enter into voluntary bankruptcy. d. Any institution acting as the bankruptcy office or trustee responsible for the administration and regulation of the personal bankruptcy system should provide adequate information to consumers on their options to deal with their own debt and rehabilitation process in the event of bankruptcy. 53 Description Rwanda has an insolvency law that relates to the insolvency of companies and traders but does not have laws relating to personal insolvency. The Law Relating to the Settling of Commercial Recovery and Settling of Issues Arising from Insolvency 2009 (Insolvency Law) has a commercial purpose stated as follows: “This Law governs all commercial recovery proceedings and the settling of issues arising from insolvency whether related to a trader or a company.”108 This view of the commercial focus of the Insolvency Law is reinforced by Article 3(3), which states that one of the objectives of the law is to “design contracts and plan of action relating to modalities of revival of the debtor’s commercial activities”. Even for corporate insolvencies, Rwanda has a low ranking in Doing Business 2013: “Speed, low costs and continuation of viable businesses characterize the top-performing economies. How efficient are insolvency proceedings in Rwanda? According to data collected by Doing Business, resolving insolvency takes 3.0 years on average and costs 50 percent of the debtor’s estate, with the most likely outcome being that the company will be sold as piecemeal sale. The average recovery rate is 3.1 cents on the dollar. Globally, Rwanda stands at 167 in the ranking of 185 economies on the ease of resolving insolvency.109” The regional average for Sub- Saharan Africa for insolvency Laws is 128 of 185 economies. Recommendation The Rwanda Development Board should be encouraged to continue with its current review of the Insolvency Law and, in particular, to consider the introduction of laws relating to personal insolvency that reflect Good Practice C.10. 108 Article 1. 109 Page 92 54 Section D. Privacy and Data Protection Good Practice D.1. Confidentiality and Security of Customers’ Information Good Practice a. The banking transactions of any bank customer should be kept confidential by his or her bank. b. The law should require a bank to ensure that it protects the confidentiality and security of the personal data of its customers against any anticipated threats or hazards to the security or integrity of such information, as well as against unauthorized access. Description With the exception of specific laws relating to disclosure of credit records and information relating to electronic funds’ transfers, there are no data protection laws in Rwanda such as exist in many other countries. Kenya is an example of a country in East Africa that is introducing data protection laws. A failure to have such laws may:  inhibit the building of trust in Rwanda’s financial sector and hence inhibit financial inclusion;  restrict Rwanda’s ability to engage in trans-border data flows (for example, its ability to send data internationally for processing purposes); and  is especially of concern given banking transactions are increasingly electronic and all the attendant risks of security breaches in electronic money and mobile and Internet banking systems. Paragraph (a) There is no general rule requiring banks to keep customer information confidential. However, there are specific rules relating to the confidentiality of credit reports and of information relating to EFTs (see paragraph (b) below). Furthermore, there are restrictions on the publication of individual customer information by BNR itself. Article 62 of the Banking Act provides in this regard that: "The Central Bank shall be authorized to publish, in whole or in part, consolidated information provided to it by banks. However, this publication may in no case refer to the financial situation of a specific bank or individual customer, unless the Central Bank is communicating information to banks and financial institutions regarding credit operations and payment incidents.” Paragraph (b) Although there is not a general confidentiality requirement of the type described in this Good Practice, there are rules applicable to electronic funds transfer information and related systems and to credit reports and detailed requirements in the Risk Management Regulations that relate to operational risk. In particular, Article 26 of the EFT Regulation contains strict rules relating to the confidentiality of electronic funds transfer (EFT) information and the related systems. These rules apply to financial institutions, including banks. Article 26 starts with the following statement: “An institution shall ensure that all information relating to an electronic fund transfer of its customer shall not be disclosed unless permitted by the National Bank of Rwanda regulations.” Article 26 then proceeds to set out specific rules providing (in summary) that: 50  Only an authorized officer or agent can have access through an electronic terminal to “information relating to electronic fund transfer, the affairs or an account of the customer”;  No electronic terminal should be able to provide information relating to an EFT, the affairs or an account of a customer unless the correct customer’s access code or card is used or the EFT is operated by an authorized officer or agent;  An institution can only provide information about an EFT, the affairs or an account of a customer in very limited circumstances (for example, if required by law or with the consent of the customer). The Credit Information Law also contains laws concerning a subscriber’s duties in respect to confidentiality, which would apply to banks. Article 23 (4) provides in this regard that a subscriber must be required to “4° not to sell, transfer or otherwise use the information obtained from a credit bureau for purposes other than those specified;”. The Credit Information Law also contains requirements relating to the security of its systems. Article 11(2) provides that a credit bureau must ensure “it uses hardware and software that meet security standards required by the Central Bank when setting up and using the information systems that fits its database;” and Article 11(7) requires that a credit bureau ensure “it follows operating procedures and data integrity and safety requirements which the Central Bank may adopt from time to time in reference to international best practices”. The detailed operational risk requirements of the Risk Management Regulation may also be relevant in this context. The Risk Management Regulation contains detailed provisions relating to board policies, processes and procedures and monitoring systems required to deal with “Operational Risk Management”. An example given of relevant operational risks covered by the Regulation is “control of customer accounts”. 110 However, the Risk Management Regulation does not give customers any particular rights and, other than this reference, does not refer to the security of customer data. Recommendation Consideration could be given over time to developing a comprehensive data protection law for the purposes of the financial sector (and perhaps more generally). Such a law would cover, in broad terms, the following:  the types of personal data that may be collected and the disclosures that need to be made to customers at the time of collection;  the permitted uses and disclosures of personal data both generally and in respect of especially sensitive personal data (for example, relating to religious and political beliefs, gender and health);  disclosures to government authorities, police and courts and the use of personal information by such authorities;  the circumstances in which customer information may be used for marketing purposes;  a requirement to ensure data is accurate, complete and up-to-date;  data security;  customer rights of access to and correction of their personal records;  an obligation to publish an institution’s policy in relation to the privacy of customer data; and  the circumstances in which trans-border data flows are permitted (for example, for international data processing). The OECD Guidelines on the Protection of Privacy and Trans border Flows of Personal Data are international standards for the development of comprehensive data protection laws and might provide useful guidelines for this purpose. 110 Article 4.4.5. 51 Good Practice D.2. Sharing Customer’s Information Good Practice a. A bank should inform its customer in writing: (i) of any third-party dealing for which the bank is obliged to share information regarding any account of the customer, such as any legal enquiry by a credit bureau; and (ii) as to how it will use and share the customer’s personal information. b. Without the customer’s prior written consent, a bank should not sell or share account or personal information regarding a customer of the bank to or with any party not affiliated with the bank for the purpose of telemarketing or direct mail marketing. c. The law should allow a customer of a bank to stop or ―opt out‖ of the sharing by the bank of certain information regarding the customer and, prior to any such sharing of information for the first time, every bank should be required to inform each of its customers in writing of his or her rights in this respect. d. The law should prohibit the disclosure by a third party of any banking-specific information regarding a customer of a bank. Description As mentioned in Good Practice D.1, there is no general rule requiring banks to keep customer information confidential. However, there are specific rules relating to the confidentiality of credit reports and of information relating to electronic fund transfers (see Good Practice D.1). Furthermore, there are restrictions on the publication of individual customer information by BNR itself. Article 62 of the Banking Act provides in this regard the following: "The Central Bank shall be authorized to publish, in whole or in part, consolidated information provided to it by banks. However, this publication may in no case refer to the financial situation of a specific bank or individual customer, unless the Central Bank is communicating information to banks and financial institutions regarding credit operations and payment incidents.” Paragraph (a) There is no such requirement. Paragraph (b) There is no such requirement. Paragraph (c) There is no such requirement. Paragraph (d) There is no such requirement. Recommendation See the recommendations in Good Practice D.1. 52 Good Practice D.3. Permitted Disclosures Good Practice The law should provide for: (i) the specific rules and procedures concerning the release to any government authority of the records of any customer of a bank; (ii) rules on what the government authority may and may not do with any such records; (iii) the exceptions, if any, that apply to these rules and procedures; and (iv) the penalties for the bank and any government authority for any breach of these rules and procedures. Description There are no rules of which the mission team is aware that specifically provide for the release of customer records to government authorities and the basis on which such records may be used and disclosed by government authorities. Recommendation The data protection law proposed in Good Practice D.1 should set out the rules and procedures in relation to the release of customer records to government agencies. 53 Good Practice D.4. Credit Reporting Good Practice Credit reporting should be subject to appropriate oversight, with sufficient enforcement authority. a. The credit reporting system should have accurate, timely and sufficient data. The system should also maintain rigorous standards of security and reliability. b. The overall legal and regulatory framework for the credit reporting system should be: (i) clear, predictable, non-discriminatory, proportionate and supportive of consumer rights; and (ii) supported by effective judicial or extrajudicial dispute resolution mechanisms. c. In facilitating cross-border transfer of credit data, the credit reporting system should provide appropriate levels of protection. d. Proportionate and supportive consumer rights should include the right of the consumer (i) to consent to information-sharing based upon the knowledge of the institution’s information-sharing practices; (ii) to access his or her credit report free of charge (at least once a year), subject to proper identification; (iii) to know about adverse action in credit decisions or less-than-optimal conditions/prices due to credit report information; (iv) to be informed about all inquiries within a period of time, such as six months; (v) to correct factually incorrect information or to have it deleted and to mark (flag) information that is in dispute; (vi) to reasonable retention periods of credit history, for instance two years for positive information and 5-7 years for negative information; and (vii) to have information kept confidential and with sufficient security measures in place to prevent unauthorized access, misuse of data, or loss or destruction of data. e. The credit registries, regulators and associations of banks should undertake campaigns to inform and educate the public on the rights of consumers in the above respects, as well as the consequences of a negative personal credit history. 54 Description Rwanda has a new law regulating credit bureaus and one licensed credit bureau that meets most of the requirements of this Good Practice. However, there is a need for greater consumer awareness of rights under this law, as well as recourse to an effective dispute resolution system. Paragraph (a) Rwanda has a new law regulating credit bureaus and one licensed credit bureau. The credit reference industry in Rwanda is supervised by BNR and subject to the extensive provisions of the Credit Information System Law 2010 (Credit Information Law). The only private credit bureau currently licensed in Rwanda is the Credit Reference Bureau (CRB) Africa. The Credit Information Law is comprehensive with the usual consumer protections that one would expect. In particular, consumers have access and correction rights and there are detailed provisions relating to customer confidentiality and the use of credit bureau reports. Banks are “mandatory participants” under the Credit Information Law and accordingly they may be required by the Central Bank to obtain a credit report on a prospective borrower when assessing an application for credit.111 During the diagnostic mission, the team was told that such a requirement has been imposed. However, the mission team was not able to ascertain the legislation or regulation under which BNR specifically imposed this requirement, although the requirement seems to be implied under the terms of the Credit Provisioning Regulation and the Risk Management Regulation (see Good Practice B.2). Paragraph (b) The Credit Information Law contains requirements relating to the security of its systems. Article 11(2) provides in this regard that a credit bureau must ensure “it uses hardware and software that meet security standards required by the Central Bank when setting up and using the information systems that fits its database.” Article 11(7) requires that a credit bureau ensure “it follows operating procedures and data integrity and safety requirements which the Central Bank may adopt from time to time in reference to international best practices.” These standards seem appropriate, but the mission team was not provided with the relevant detailed BNR requirements. Paragraph (c) The Credit Information Law does appear to be clear, predictable, non-discriminatory, proportionate and supportive of consumer rights, but it is not clear that it is supported by appropriate judicial and extra- judicial dispute resolution mechanisms. For details of the available dispute resolution mechanisms see Good Practices A.4, E.1 and E.2 Paragraph (d) There are protective provisions concerning cross-border data flows, which must be approved by the BNR but the basis on which approval can be given is opaque. The Credit Information Law provides that: “The Central Bank shall have the authority to approve the sharing of customer information beyond the borders of Rwanda, specifically with respect to other member States of the East African Community, subject to the terms and conditions of a Memorandum of Understanding 111 Article 22 and definition of “mandatory participants” in Article 2 . 55 between the Central Bank and the other credit bureau licensing authority of the other country or the East African Community.”112 However, the mission team was not given a copy of the abovementioned Memorandum of Understanding (MoU), which ideally should have been reviewed. In considering the appropriateness of the MoU, BNR may wish to consider Part III of the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. 113 Paragraph (e) The Credit Information Law covers many aspects of this Good Practice. Relevant provisions include the following:  Consent: A subscriber is required to obtain the consent of the applicant or guarantor before obtaining a credit bureau report and to inform them of their right of access (however, there is no requirement to inform the consumer of the credit bureau institution’s information-sharing practices).114  Access: Customers have a right of access to their credit bureau report and all related information, which must be provided within three working days and be free of charge when there has been a rejected application for credit, once every six months where the customer has made a request for correction and otherwise once a year.115 In other circumstances, the credit bureau can determine the fee payable.  Adverse credit decisions: If a person is denied credit because of an adverse credit report, the applicant or guarantor must be notified and advised of their right to view the credit bureau report and any related information.116  Investigations: Investigation on disputed information must be conducted within 20 working days and relevant files must either be corrected or the file flagged, with advice being provided to the data provider of the dispute. If the file is not corrected within this period, the dispute must be referred to the BNR.117  Retention of information: Somewhat lengthy periods are provided for retention of customer information. The period is not more than seven years from the date of the last transaction for customer information. 118  Confidentiality: The Credit Information Law contains laws concerning a subscriber’s duties in respect of confidentiality, which would apply to banks. Article 23 (4) provides in this regard that a subscriber must be required to: “not to sell, transfer or otherwise use the information obtained from a credit bureau for purposes other than those specified”. Paragraph (f) It is not clear that consumers understand their rights under the Credit Information Law. This is because of our understanding that there has not been a widespread campaign by CRB about their activities and the protections in the CRB Act. 112 Article 4, 113 http://www.oecd.org/internet/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborderflowsofpersonaldata.htm#part3. 114 Articles 23(3) and 25. 115 Article 28. 116 Article 24. 117 Article 29. 118 Article 13. 56 Recommendation CRB should be asked to conduct a public awareness campaign about CRB’s activities. This is because of the significance to consumers of the services provided by the Credit Bureau and the need to inform consumers about their right. The campaign should inform consumers about the features of the credit reporting and credit scoring services provided by CRB and on the rights of consumers under the Credit Information Law (for example, in relation to access and correction rights in relation to their credit records). Consideration might be given to requiring that fees charged by a credit bureau be reasonably determined. This suggestion arises from a concern about the reasonableness of the fees charged to individuals if they request a correction to information maintained about them on CRB’s database but the information is shown to be correct. The fee is RWF 50,000 if the customer is a bank customer and RWF 10,000 if the customer is an MFI customer. 57 Section E Dispute Resolution Mechanisms Good Practice E.1. Internal Complaints Procedure Good Practice Every bank should have in place a written complaints procedure and a designated contact point for the proper handling of any complaint from a customer, with a summary of this procedure forming part of the bank’s Terms and Conditions referred to in B.7 above and an indication in the same Terms and Conditions of how a consumer can easily obtain the complete statement of the procedure. a. Within a short period of time following the date a bank receives a complaint, it should: (i) acknowledge in writing to the customer/complainant the fact of its receipt of the complaint; and (ii) provide the complainant with the name of one or more individuals appointed by the bank to deal with the complaint until either the complaint is resolved or cannot be processed further within the bank. b. The bank should provide the complainant with a regular written update on the progress of the investigation of the complaint at reasonable intervals of time. c. Within a few business days of its completion of the investigation of the complaint, the bank should inform the customer/complainant in writing of the outcome of the investigation and, where applicable, explain the terms of any offer or settlement being made to the customer/complainant. d. The bank should also inform the customer/complainant of the availability of the services of a financial ombuds service or other form of alternative dispute resolution. e. When a bank receives a verbal complaint, it should offer the customer/complainant the opportunity to have the complaint treated by the bank as a written complaint in accordance with the above. A bank should not require, however, that a complaint be in writing. f. A bank should maintain an up-to-date record of all complaints it has received and the action it has taken in dealing with them. g. The record should contain the details of the complainant, the nature of the complaint, a copy of the bank's response(s), a copy of all other relevant correspondence or records, the action taken to resolve the complaint and whether resolution was achieved and, if so, on what basis. h. The bank should make these records available for review by the banking supervisor or regulator when requested. 58 Description Although all banks met by the mission team have internal complaints resolution systems, the extent to which they meet the requirements of the Customer Service Directive and the EFT Regulation described below is not clear, and there appears to be minimal supervision by BNR. A further concern is that the Customer Service Directive appears to be intended to provide guidance for financial institutions, rather than binding requirements. The BNR Directive on Customer Service Delivery in Financial Institutions 2012 (Customer Service Directive) requires regulated entities (which include banks) have an internal complaints handling system that 1) covers the definition and terms of complaint handling within the nine guiding principles set out in International Organization for Standardization Quality Management, Customer Satisfaction, Guidelines for Complaints Handling in Organizations (ISO 1002) and 2) “Covers mechanisms of effective complaint-handling within the institution, the complaint management system, handling processes and procedures.” Specified performance standards and benchmarks are described as follows:  Complaints received per working day—a redress within 15 days;  Contested proposed dispositions by customers—a redress within 15 days;  Proposed dispositions by customers—within 15 days of receipt; Responsive mechanism for complaints and problem resolution for their customers—a well- maintained feedback mechanism or system;  Complaint follow up forms;  A suggestion box in the FI hall—the presence of a suggestion box in every institutional hall and mechanism and reporting and handling of any issues posted;  Complaint register; and  A systems application to record and report systems to customers. Quarterly reports of complaints received and action taken must also be provided to BNR, with averages of quarterly derived data for analysis.119 The EFT Regulation also has detailed requirements for the investigation and resolution procedures required to be maintained by financial institutions (including banks).120 Paragraph (a) The banks met by the mission team seemed to comply with these requirements to varying degrees, although it was not clear that the relevant procedures met the detailed requirements of ISO 1002121 . However, it does not appear to be the practice to include a summary of the procedure in the terms and conditions or advice as to how a customer can obtain a complete copy of the procedure. However, many banks have Customer Service Officers and suggestion boxes in their branches, contact details on their websites and, in some cases, a call center. The EFT Regulation also requires that a bank or other payment service provider must establish “formalized procedures” for the lodgment of complaints and “appropriate procedures” for the investigation and resolution of the complaint and set out the means and procedures to lodge a complaint in the standard terms and conditions.122 These provisions would seem to meet the requirements of this Good Practice but the mission team was not able to ascertain the extent of 119 Section 2 of the Customer Service Directive. 120 Articles 20 ––25. 121 The mission team was not able to obtain a copy of ISO 1002. However, it is understood that it contains very detailed principles relating to a visibility, accessibility, responsiveness, objectivity, charges, confidentiality, and customer focused approach, accountability, continual improvement, resources, collection and analysis and evaluation of complaints. 122 Article 20. 59 compliance in the time available and given the limited terms and conditions provided to the team. Paragraph (b) The Customer Service Directive relevantly requires there to be a “well maintained feedback mechanism/system” and that complaints be resolved or referred within 15 days. ISO 1002 may also cover this issue. The mission team did not have access to ISO 1002 so cannot confirm whether there is also a requirement to comply with this Good Practice in ISO 1002. However, discussions with banks suggest that there is not widespread compliance with this Good Practice. The EFT Regulation requires that an institution acknowledge receipt of a complaint within five days of the compliant being lodged and take a maximum of 15 days to resolve it.123 Paragraph (c) As for paragraph (b). Paragraph (d) As for paragraph (b), so far as the Customer Service Directive is concerned. The EFT Regulation requires an institution to “promptly” inform the customer of the outcome of the investigation and give reasons for the outcome. 124 Paragraph (e) There is no overarching third-party dispute resolution scheme in Rwanda. Dissatisfied customers may be referred to BNR, which currently receives complaints at the rate of about 10 per month. The Customer Service Directive and the EFT Regulation make express provision in this regard (the EFT Regulation also notes that the customer must be told about their right of appeal to senior management).125 However, BNR does not consider it has clear jurisdiction or the resources to deal with complaints and will either refer the customer back to its bank or to the Prime Minister’s Office. Paragraph (f) The mission team did not see any clear evidence of compliance with this requirement. Paragraph (g) The Customer Service Directive requires the maintenance of a system to record and report systems from customers and it is understood this system is also covered by ISO 1002. Discussions with banks suggest that records of complaints are kept to at least some degree, but not necessarily in any great level of detail. The EFT Regulation also contains strict requirements for institutions to keep records of complaints and for how they are resolved.126 This is to be done with a view to making aggregate data available to BNR or another authorized body. Paragraph (h) The mission team did not see any clear evidence of compliance with this requirement. Paragraph (i) Complaints records are made available for BNR to review during on-site inspections. 123 Article 20. 124 Article 20. 125 See respectively Articles 29 and 23. 126 Article 24 60 Recommendation It is proposed that financial institutions should be required to comply with the strict requirements of ISO 1002 and the EFT Regulation and, in particular, to make details of their internal complaints procedures widely available to their customers, to describe how to make a compliant in their contract documents and to maintain and provide to BNR detailed statistics about the number, type and origin of customer complaints and the time taken to respond to them. It is recommended that these requirements be formalized in a law or regulations and the existing directive repealed. BNR should also strictly monitor and enforce compliance with the abovementioned requirements. This might be done by officers in the proposed new Financial Consumer Protection unit in the BNR. Banks should be required to comply with these requirements as a licensing condition. The above recommendations are made against the background of the proposal that the Office of the Ombudsman take on new responsibilities to deal with complaints about financial services (see Good Practice E.2). It is particularly important, in this context, that financial institutions have comprehensive procedures for considering complaints internally that are closely supervised by BNR. Otherwise, the Office of the Ombudsman is likely to be inundated. Good Practice E.2. Formal Dispute Settlement Mechanisms Good Practice a. A system should be in place that allows customers of a bank to seek affordable and efficient recourse to a third-party banking ombudsman or equivalent institution, in the event the complaint of one or more of customers is not resolved in accordance with the procedures outlined in E.1 above. b. The existence of the banking ombudsman or equivalent institution and basic information relating to the process and procedures should be made known in every bank’s Terms and Conditions referred to in B.7 above. c. Upon the request of any customer of a bank, the bank should make available to the customer the details of the banking ombudsman or equivalent institution, and its applicable processes and procedures, including the binding nature of decisions and the mechanisms to ensure the enforcement of decisions.. d. The banking ombudsman or equivalent institution should be appropriately resourced and discharge its function impartially. e. The decision of the banking ombudsman or equivalent institution should be binding upon the bank against which the complaint has been lodged. 61 Description Rwanda does not have a clear affordable and efficient system under which customers of financial services (including banking services) have recourse to a third party for complaint resolution. However, there is currently a law being considered by Parliament that would establish a new Assistant Ombudsman in the Office of the Ombudsman. The intent is that the Assistant Ombudsman should be responsible for mediating financial services disputes. At the time of writing, details of the new law were not available, but it is understood that the Ombudsman would not have powers to make decisions that are binding on financial institutions. It is anticipated that the unit will have five officers. This approach is being proposed even though the functions of the Office of the Ombudsman do not at present specifically relate to financial services. Instead, the mission team understands the Office of the Ombudsman will rely on powers to deal with “injustice” in private institutions and to examine complaints from individuals about private institutions. These powers have rarely been exercised, but this is likely to change under the new arrangements. Article 3 of the proposed law provides in this context the following: The responsibilities of the Office of the Ombudsman are as follows: 1° to act as a link between the citizen and public and private institutions; 2° to prevent and fight against injustice, corruption and other related offences in public and private administration; 3° to receive and examine, in the context mentioned above, complaints from individuals and independent associations relating to acts of civil servants, state organs and private institutions and to mobilize such civil servants and institutions in order to find solutions to such complaints if it finds they are well founded;” This proposal has been developed with the agreement of the BNR, which has been conducting training for the officers proposed to be working in the Unit. Other mechanisms in Rwanda relevant to disputes concerning banking services are:  The Customer Service Directive discussed in Good Practice E.1 requires that regulated entities (which include banks) have an external dispute resolution system. The system must meet the standards set out in ISO 1003 Quality Management—Customer Satisfaction—Guidelines for Dispute Resolution Systems External to Organizations (ISO 1003). It must also require disputes to be resolved or referred in 15 days and to meet performance requirements relating to complaints forms, a dispute handling register, a clear policy or code of conduct, methods and procedures on dispute resolution and a complaint referral system. However, the mission team is not aware of any such external dispute resolution system existing in Rwanda.  The EFT Regulation requires complaints procedures to contain information about the right of a customer. The customer is to be advised of these appeal rights. 127  The Credit Information Systems Law contains provisions concerning customer complaints about information contained in a credit bureau’s database.128 If the credit bureau does not complete its investigation of the complaint within the specified timelines, the complaint must be referred to BNR. However, the Act does not specify the processes to be followed by BNR in dealing with the complaint.  The Ministry of Trade and Industry very occasionally deals with consumer complaints concerning financial services under its administration of the CCP Law.  Consumers may bring cases to the Commercial Court. This occurs when there is provision for simplified procedures to be applied at the preliminary hearing stage. 127 Article 23. 128 Article 29. 62 resolution scheme include, in summary, clearly Important features of an effective third-party dispute defined powers and terms of reference, independence, ideally no cost to consumers, accessibility and a requirement that all financial institutions be a member of the scheme. Such a scheme can benefit financial institutions (because they build trust in the institutions) and regulators (because they can Recommendation It is recommended that the proposed new arrangements for the Office of the Ombudsman be reviewed to ensure that the Ombudsman has appropriate powers and that the scheme is otherwise designed to meet international best standards for Financial Ombudsmen schemes. In particular it is proposed that:  the Ombudsman have clear and specific powers (as well as the resources) to provide a dispute resolution service in relation to financial services and also to make decisions which are binding on the financial institution concerned (but not on the customer). The new service should be designed to ensure that it is a clear, affordable and transparent third-party dispute resolution system. Guidance in this regard may be obtained from the World Bank’s recent publication on Resolving Disputes between Consumers and Financial Businesses: Fundamentals for a Financial Ombudsman.129 It is also recommended that resources be provided to ensure that staff in the Office of the Ombudsman has the skills, capacity and industry knowledge to deal with disputes on the wide range of complex banking products and services that they will be required to handle. If this recommendation is accepted, then the following consequential changes would seem to be required as follows:  The BNR Directive on Customer Service Delivery in Financial Institutions 2012 should be repealed to the extent that it is inconsistent with the new arrangements concerning the Office of the Ombudsman.  It is also suggested that abovementioned reference to the BNR in the Credit Information Systems Law should be changed to the Office of the Ombudsman when the new arrangements come into effect. 129 http://www.networkfso.org/Resolving-disputes-between-consumers-and-financial-businesses_Fundamentals-for-a-financial-ombudsman_The-World- Bank_January2012.pdf.. 63 Good Practice E.3. Publication of Information on Consumer Complaints Good Practice Statistics and data of customer complaints, including those related to a breach of any code of conduct of the banking industry should be periodically compiled and published by the ombudsman, financial supervisory authority or consumer protection agency. a. Regulatory agencies should publish statistics and data and analyses related to their activities in respect of consumer protection regarding banking products and services so as, among other things, to reduce the sources of systemic consumer complaints and disputes. b. Banking industry associations should also analyze the complaint statistics and data and propose measures to avoid the recurrence of systemic consumer complaints. Description Paragraph (a) No such statistics are currently published bythe Office of the Ombudsman, the BNR or the Ministry of Trade and Industry (which is responsible for the CCP Law). Paragraph (b) The BNR does not publish such statistics. Paragraph (c) The Rwanda Bankers’ Association (RBA) does not publish such statistics. To the contrary, the RBA advised that its focus is on representing the interests of its members, rather than their customers. Recommendation It is recommended that both the Office of the Ombudsman (once it starts resolving financial services disputes) and the BNR publish statistics of the type described in this Good Practice. 64 Section F. Guarantee Schemes and Insolvency Good Practice F.1. Depositor Protection Good Practice The law should ensure that the regulator or supervisor can take necessary measures to protect depositors when a bank is unable to meet its obligations including the return of deposits. a. If there is a law on deposit insurance, it should state clearly: (i) the insurer; (ii) the classes of those depositors who are insured; (iii) the extent of insurance coverage; (iv) the holder of all funds for payout purposes; (v) the contributor(s) to this fund; (vi) each event that will trigger a payout from this fund to any class of those insured; (vii) the mechanisms to ensure timely payout to depositors who are insured. b. On an on-going basis, the deposit insurer should directly or through insured banks or the association of insured commercial banks, if any, promote public awareness of the deposit insurance system, as well as how the system works, including its benefits and limitations. c. Public awareness should, among other things, educate the public on the financial instruments and institutions covered by deposit insurance, the coverage and limits of deposit insurance and the reimbursement process. d. The deposit insurer should work closely with member banks and other safety-net participants to ensure consistency in the information provided to consumers and to maximize public awareness on an ongoing basis. e. The deposit insurer should receive or conduct a regular evaluation of the effectiveness of its public awareness program or activities. 65 Description The Banking Law makes general provision for a Deposit Guarantee Fund and the mission team was told that a draft law has been prepared containing the operational details of the Fund. In the meantime, BNR has extensive powers to deal with insolvent financial institutions. The Banking Law makes general provision for the fund as follows: “Article 63: Guarantee fund There is hereby established a deposit guarantee fund designed to indemnify depositors in the event of liquidation of a bank. A particular law shall determine the organization and functioning of the funds. Article 64: Membership to the fund Membership to the deposit guarantee fund shall be mandatory for all accredited banks.” The establishment of a deposit guarantee regime is also a key element of the Consumer Protection regime outlined in FSDP II. Paragraph 223 provides in this regard that the third element of the proposed regime is “compensation in the event of the failure of an institution. To provide this protection, deposit insurance will be introduced for banks, MFIs and SACCOs, and an investor compensation fund will be introduced for capital markets intermediaries.” Paragraph (a) The wide-ranging provisions in relation to the safety and soundness of banks are described in Good Practice A.5. Paragraph (b) The new law will need to be reviewed for compliance with this Good Practice when the law is made available. Paragraphs (c), (d) and (e) There is no such public awareness campaign at present. Paragraph (f) No such programs are conducted at present. Recommendation Details of the proposed deposit insurance scheme will need to be carefully reviewed for compliance with paragraphs (a) and (b) of this Good Practice once details of the scheme become available. Recommendation about the specific content of Deposit Insurance Law will be completed when the law is made available. There should also be a carefully designed, ongoing public awareness campaign about the scope and limitations of the Deposit Insurance Law when it comes into effect, and the BNA should monitor the information provided by banks to ensure that it is accurate and consistent. 66 Good Practice F.2. Insolvency Good Practice a. Depositors should enjoy higher priority than other unsecured creditors in the liquidation process of a bank. b. The law dealing with the insolvency of banks should provide for expeditious, cost effective and equitable provisions to enable the maximum timely refund of deposits to depositors. Description The higher priority provided for depositors under the Banking Law does not clearly define who are “preferred creditors” and assumes that the Deposit Insurance Fund has been established. Paragraph (a) Article 92 of the Banking Law provides for the following order of priority in the event of a bank liquidation: “1° preferred creditors in order of priority; 2° subscriptions to the Deposit Insurance Fund; 3° mortgage-secured creditors; 4° deposits for sums exceeding the insured deposit amount; 5° other creditors.” The difficulty is that it is not clear who the “preferred creditors in order of priority” are. This term is not defined in the Banking Act. Furthermore, paragraphs 2° and 4° above presumably have no effect in the absence of an operational Deposit Insurance Fund. There are, however, various other provisions in the Banking Act designed to protect the interests of depositors, although they do not meet the requirements of this Good Practice. They include as follows:  A requirement that “Members of the board of directors and the management of a bank shall comply with the instructions issued by the Central Bank for the purpose of safeguarding the interests of depositors and other creditors”.130;  BNR may also require the appointment of a Special Commissioner with extensive powers to manage and possibly re-structure a bank if, amongst other things, it considers that “8° the bank’s situation may jeopardize interests of its depositors”. 131(Article 73);  BNR can also force the liquidation of a Rwandan bank or of a branch of a foreign bank if it considers that it is in the interests of depositors and other creditors to do so.132 Paragraph (b) There are not any specific provisions dealing with the process for refunding deposits to depositors in the Banking Law provisions dealing with insolvent banks. Recommendation Compliance with this good practice should be further assessed when the new Deposit Insurance law is made available. Regardless of the passage of the new law, the provisions of the Banking Law dealing with the priority of depositors on the insolvency of a bank should be revised so that it is clear depositors have the first priority and that their deposits are refunded as expeditiously as possible. 130 Article 71. 131 Article 73 (8). 132 Article 95. 67 Section G. Consumer Empowerment Good Practice G.1. Broadly based Financial Capability Program Good Practice A broadly based program of financial education and information should be developed to increase the financial capability of the population. a. A range of organizations, including those of the government, state agencies and non- government organizations, should be involved in developing and implementing the financial capability program. b. The government should appoint an institution such as the central bank or a financial regulator to lead and coordinate the development and implementation of the national financial capability program. Description There are well-developed plans for a broadly based financial capability program of the type contemplated but it is not yet in place. The need for such a program is urgent. Paragraph (a) Ongoing initiatives on financial education demonstrate the government’s commitment to improve financial literacy and expand access to financial services. The government’s interest in, and commitment to, financial awareness is ably demonstrated by the draft National Financial Education Strategy developed by MINECOFIN (NFES)133, BNR’s Financial Awareness Strategy, the Maya Declaration, the FSDP II focus on this topic and the quarterly access forums that are held in each district for all financial institutions and local businesses. The objective of the NFES is stated as: “NFES is to improve the financial capabilities of Rwandans so that they can make appropriate financial decisions, including what financial services they use, depending on their context or enabling environment.”.134 However, further efforts are needed to educate clients regarding their rights as financial consumers. It is, however, appreciated that the fragmented recourse system and weak regulatory environment makes it difficult to educate consumers on their rights and responsibilities. It is hoped that the position will be clearer if the recommendations in this report are accepted. 133 The draft made available to the Mission Team is dated May 2013. 134 Page 8. 68 The need to develop appropriate financial education programs is all the more urgent because of the government’s ambitious financial inclusion objectives and the rapid development of new (and in some cases complex) banking services and distribution channels (such as agent banking, mobile money transfer services and mobile banking). This comment is made against the background of the FSDP II objective of increasing financial inclusion to 80 percent by 2017 (the five years covered by this strategy) and to 80 percent by 2017.135 This objective is also set out in the Maya Declaration commitment made by the National Bank of Rwanda on 21 September 2011.136 Paragraph (b) The NFES contains a reasonably detailed implementation strategy that will be led by MINECOFIN. They will include consist of representatives from the government (including BNR), the private sector donors, NGOs, MFIs, SACCOs and co-operatives and banks and other financial institutions. BNR has also developed its own National Financial Awareness Strategy as its contribution to the NFES in development by MINECOFIN. BNR notes the importance of financial awareness for the government’s financial inclusion objectives with the following statement: “Many commercial banks are coming in Rwanda with more sophisticated, products, and financial services including the usage of new technologies of information and communication. Yet, there is a sizeable evidence to show that members of the public have not taken full advantage of the financial services and, further still, consumer welfare of those who have taken advantage of those services is compromised owing to lack of awareness of how financial services operate, lack of understanding of financial information, non-disclosure of financial services providers and in some cases undesirable practices by market players.”137 BNR’s Vision is “To ensure that all citizens of Rwanda have the ability to understand basic information about financial products and services for them to be able to apply this understanding to make informed choices about their finance.” The objectives of the strategy are as follows (in summary): To develop a framework of advice, information and education services; Ensure people are aware of what is on offer and how to access it and ask for assistance; To focus on the most vulnerable (rural women, youth and the elderly); Develop the capacity of existing organizations such as consumer organizations; Adapt and test appropriate tools and products; Develop the knowledge, skills and competencies of frontline staff at BNR to deliver Financial Awareness; and Involve all stakeholders.138 Paragraph (c) The NFES will be led by MINECOFIN but with the close involvement of BNR and the other organizations noted above. 135 Page viii of FSDP II draft September 10, 2012. 136 Paragraph 1. 137 Pages 1–2. 138 Page 5. 68 Recommendation The NFES and BNR’s National Financial Awareness Strategy are to be encouraged because there remains an ongoing need to educate financial sector consumers. Such programs should go beyond product and budgeting training to include information on their rights and related procedures: to receive contractual information on products before committing to them and to have their contracts and the related products explained to them by bank staff; to obtain statements on their accounts; in relation to unauthorized EFTs and other mobile money and mobile banking transactions; to close accounts and switch banks; when a default occurs and the implications for any collateral which has been given; to access internal and external dispute resolution schemes and the courts; to access and correct credit reports and related information held by a credit bureau; and to receive fair treatment and to be treated with respect. Education programs should also cover consumers’ responsibilities. For example, such responsibilities arise in relation to repayment of loans, security of access codes and electronic payment instruments and in relation to giving accurate information in relation to their financial positions when applying for loans. Banks should also be encouraged to put in place programs to educate clients on financial services topics. Most of the education is product-oriented relating to how to prepare for taking a loan, benefits of savings and understanding the financial system. AMIR has a program specifically oriented at educating youth in schools on basic financial services issues and then linking schools to local VSLAs. Support should also be provided to credible and independent research or consumer advocacy groups that can help consumers compare offering and prices. The FSDP II proposal for professional training for technical staff and insurance intermediaries should be implemented.139 139 Page 33. 69 Good Practice G.2. Using a Range of Initiatives and Channels, including the Mass Media Good Practice a. A range of initiatives should be undertaken by the relevant ministry or institution to improve people's financial capability regarding banking products and services. b. The mass media should be encouraged by the relevant ministry or institution to provide financial education, information and guidance to the public regarding banking products and services. c. The government should provide appropriate incentives and encourage collaboration between governmental agencies, banking regulators, the banking industry and consumer associations in the provision of financial education, information and guidance regarding banking products and services. Description Although the abovementioned financial capability strategies are still in draft form, it certainly seems to be the intent that they will involve a range of initiatives and channels. For example, the NFES contemplates use of the mass media as an education tool140 and the BNR envisages using print, radio and TV as well as digital services. 141 As noted in Good Practice G.1, both strategies also propose to involve a wide range of stakeholders. Recommendation We do not have any recommendations to add to those made in Good Practice G.1. Good Practice G.3. Unbiased Information for Consumers Good Practice a. Regulators and consumer associations should provide, via the internet and printed publications, independent information on the key features, benefits and risks –and where practicable the costs– of the main types of banking products and services. b. The relevant authority or institution should encourage efforts to enable consumers to better understand the products and services being offered to consumers by banking institutions, such as providing comparative price information and undertaking educational campaigns. c. The relevant authority or institution should adopt policies that encourage non-governmental organizations to provide consumer awareness programs to the public regarding banking products and services. Description The mission team did not see any evidence of these Good Practices, although the strategies being developed would seem to encourage their initiation. Recommendation We do not have any recommendations to add to those made in Good Practice G.1. 140 Page 48. 141 Page 13. 70 Good Practice G.4. Consulting Consumers and the Financial Services Industry Good Practice a. The relevant authority or institution should consult consumers, banking associations and banking institutions to help them develop financial literacy programs that meet banking consumers' needs and expectations. b. The relevant authority or institution should also undertake consumer testing with a view to ensuring that proposed initiatives have their intended outcomes. Description The mission team did not see any evidence of these Good Practices, although the strategies being developed would seem to encourage their initiation. Recommendation We do not have any recommendations to add to those made in Good Practice G.1. Good Practice G.5. Measuring the Impact of Financial Capability Initiatives Good Practice a. The financial literacy of consumers should be measured, amongst other things, by broadly- based household surveys and mystery shopping trips that are repeated from time to time. b. The effectiveness of key financial literacy initiatives should be evaluated by the relevant authorities or institutions from time to time. Description The NFES has a core part of its strategies the conduct of national monitoring and evaluation of the levels of financial literacy and the BNR Financial Awareness Strategy makes provision for a baseline survey and “dipstick surveys.” The NFES provides in this regard the following: The M&E unit described above will conduct the monitoring of the NFES through its semi-annual survey of FE programs. The survey will provide policy-makers and other stakeholders with information on the level of FE activity in the country and enable them to ascertain whether the activity, in terms of numbers of people reached and funds spent are aligned with the priorities of the NFES. At the very least the unit will gather the following information: 1. Location 2. Target segment 3. Organization(s) implementing 4. Delivery Channel 5. Content 6. Duration 7. Expected results (number of people reached, number of trainers trained, etc) 71 8. Actual results 9. Funding amount for the program The evaluation of the NFES will be conducted through follow up FinScope and FinCap surveys, which will allow researchers to measure the extent to which the Rwandan population has changed its level of financial service use and experienced a change in its financial capabilities. The last FinScope survey was completed in mid-2012 and the last FinCap survey was completed at the end of 2012. The data from these surveys will serve as baseline data against which progress toward the NFES objective and the goal of GoR’s national financial inclusion agenda can be measured. The next surveys will be in 2015, three years from the time of the baseline surveys.142 The BNR Financial Awareness Strategy also provides for a baseline survey to be conducted before the Rwandan Financial Literacy Strategy: “Prior to the elaboration of the Rwandan Financial Literacy Strategy, a baseline survey for financial literacy should be conducted and come up with key indicators of financial literacy and how to measure the impact based on the indicators.” BNR also proposes the conduct of “dipstick surveys to understand the needs of consumers from time to time to enable redesigning of the financial awareness approaches.”143 Recommendation Although the NFES and BNR’s National Financial Awareness Strategy are to be encouraged, care should be taken to ensure there is consistency between the two strategies in relation to baseline surveys and measuring impact. 142 Page 71. 143 Page 8. 72 Section H. Competition and Consumer Protection Good Practice H.1. Regulatory Policy and Competition Policy Good Practice Regulators and competition authorities should be required to consult one another for the purpose of ensuring the establishment, application and enforcement of consistent policies regarding the regulation of financial services. Description Although both the Ministry of Trade and Industry (MINICOM) and BNR have functions relating to competition in the banking sector, the mission team is not aware of any formal consultation channels. MINICOM currently administers the new CCP Law, which states it has the following purposes: This Law aims at encouraging competition in the economy by prohibiting practices that undermine the normal and fair course of competition practices in commercial matters. It also aims at ensuring consumer’s interests promotion and protection. The CCP Law applies to any economic activity (subject to certain exceptions) and to suppliers of goods and services and to “consumers” (defined as “a person who acquires a commodity or a service for personal or a family use for non-commercial purposes”).144 The CCP Act provisions are expressed in sufficiently general terms to apply to products and services provided by the financial sector (including the banking sector). It contains broad provisions prohibiting a wide range of specific anti-competitive practices described in Article 7 as well as “[a]ny form of agreements, decisions and concerted practices which have as their object the undermining, prevention, restrictions or distortion of competition.” The BNR’s responsibility in relation to competition comes from its functions in relation to stability and competitiveness in the finance sector. The relevant aspects of BNR’s mission are stated as follows in the Central Bank Law (emphasis added): The main missions of the Bank shall be: ... 2° to enhance and maintain a stable and competitive financial system without any exclusion; 3° to support government’s general economic policies, without prejudice to the two missions referred to in Paragraphs 1° and 2° above.145 (emphasis added) However, the banking legislation reviewed by the mission team does not contain specific provisions dealing with anti-competitive conduct in the banking sector. Recommendation Consideration might be given to formalizing consultations between MINICOM and BNR in relation to competition issues involving the banking sector. 144 Articles 2, 3 and 4. 145 Article 5. 74 Good Practice H.2. Review of Competition Good Practice Given the significance of retail banking to the economy as a whole and to the welfare of consumers, competition authorities should: (i) monitor competition in retail banking; (ii) conduct, and publish for general consumption, periodic assessments of competition in retail banking (such as the range of interest rates across banks for specific products); and (iii) make recommendations publicly available on enhancing competition in retail banking. Description Although MINICOM occasionally investigates anti-competitive practices in the banking and insurance industries, it is not apparent that this is done in a systematic way 146, and there is no evidence of publications publicly available on enhancing competition in retail banking. This position is a concern because the mission team observed some evidence of anti-competitive practices. For example, as noted in Good Practice C.2, it is common for banks to charge a fee to a customer for breaking a contract. These fees are likely to operate as a disincentive to customers switching banks and may be considered to be anti-competitive. Recommendation Consideration should be given to implementing procedures to follow this Good Practice. This might best be done by MINICOM in consultation with BNR. Good Practice H.3. Impact of Competition Policy on Consumer Protection Good Practice The competition authority and the regulator should evaluate the impact of competition policies on consumer welfare, especially regarding any limitations on customer choice and collusion regarding interest and other charges and fees. Description No such evaluation takes place at present. Recommendation It is recommended that consideration be given to conducting such an evaluation to the extent resources permit. 146 For example, the only relevant reference in the 2012 Annual Report is to two investigations of anti-competitive practices in the banking and insurance sectors. 75 II. MICROFINANCE SECTOR: COMPARISON WITH GOOD PRACTICES Section A. Consumer Protection Institutions Good Practice A.1. Consumer Protection Regime Good Practice a. The law should provide clear consumer protection rules in the area of non-bank credit institutions, and there should be adequate institutional arrangements to ensure the thorough, objective, timely and fair implementation and enforcement of all such rules, as well as of sanctions that effectively deter violations of these rules. b. There should be specific statutory provisions, which create an effective regime for the protection of consumers of non-bank credit institutions. c. There should be a government authority responsible for implementing, overseeing and enforcing consumer protection in the area of non-bank credit institutions. d. The supervisory authority for non-bank credit institutions should have a register which lists the names of non-bank credit institutions. e. There should be coordination and cooperation among the various institutions mandated to implement, oversee and enforce consumer protection and financial sector regulation and supervision. f. The law should provide for, or at least not prohibit, a role for the private sector, including voluntary consumer associations and self-regulatory organizations, in respect of consumer protection in the area of non-bank credit institutions. Description None of the six (seven for SACCOs) different laws, regulations, directives or guidelines governing MFIs/SACCOs require the disclosure of interest rates in a clear manner or establish a method or body for consumer redress, data privacy or the provision of terms and conditions to consumers. As such, the MFIs/SACCOs have a consumer protection regime that has more gaps than in the banking sector. This is especially concerning given the observable poor practices among some MFIs. Section (a) Microfinance Law 2008: Articles 4-7 describe the four tiers of MFIs and Articles 8–9 requires the licensing of such institutions. The tiers of MFIs also correspond to which organization can accept deposits. Article 29 requires the signing of a contract for all loans. Article 35 requires MFIs to transmit financial information to BNR but does not require disclosure of information to members/customers. Microfinance Regulations 2009: Articles 17–20 require usage and reporting to the credit bureau. Loans under RWF 200,000 are exempt but not in practice. Non-compliance carries a RWF 100,000 fine per Article 78(4). 76 Article 21 forbids an MFI from giving a loan to a person that has defaulted on loan to any financial institution in Rwanda. No time line is attached and as such is for a person’s life. Non-compliance carries a RWF 100,000 fine. Article 25 requires an analysis of a borrower’s capacity to repay. Article 61 forbids an MFI from making any new loans once its NPLs are 10 percent. Competition and Consumer Protection Law 2012: See the section on banking. In addition, Article 2 indicates the law covers goods and services for personal, domestic or household use. As such, B2B commerce microenterprise lending may not be covered. Cooperative Societies Act 2007: Article 46 of the Cooperative Act does provides for a member’s rights in a cooperative and these include access to information on the financial condition of the cooperatives, reports on the annual accounts and minutes of the annual general meeting. However, it is absent with regard to financial consumer protection. Directive on Customer Service Delivery in Financial Institutions 2012. Areas related to customer service, complaint handling, dispute resolution, measuring and monitoring and work environment require quarterly reporting on the implementation of guiding principles. The directive is primarily related to customer delivery. We are unaware of any MFIs/SACCOs that are reporting to BNR on the metrics as required. Section (b) Although Article 4 of the Microfinance Law provides for MFIs to be licensed by the BNR; the law is silent on whom, if anyone, is the responsible regulator for consumer protection issues for MFIs. This situation is further complicated for SACCOs because they are also supervised by the Rwanda Cooperative Agency, which oversees its governance aspects. The introduction of the Competition and Consumer Protection Regulatory Body as required in Article 5 of the CPP Law further confuses the jurisdictional boundaries for oversight of market conduct activities for MFIs and SACCOs. Section (c) Article 27 of the Cooperative Societies Act calls for the Rwanda Cooperative Agency to keep a registry of cooperatives and Article 9 of the Microfinance Act also requires the BNR to keep a list of licensed MFIs/SACCOs. Section (d) For MFIs, the BNR is the clear prudential supervisor. Consumer protection reviews and exams are not being completed by BNR because there is no clear framework that applies to MFIs. For SACCOs, there is some coordination with RCA for supervision, but there is also a fair amount of duplication of onsite visits and reviews of activities between BNR and RCA. Neither RCA nor BNR conducts consumer protection reviews in SACCOs. The one regulation in the financial sector that does address interest rates (i.e., Tariff of Interest Rates and Fees Charged by Banks 2011) does not apply to MFIs/SACCOs. Section (e) There is no single law regarding financial consumer protection. There is nothing in the Microfinance Law 2008 or Regulations 2009 that encourages or prohibits voluntary consumer associations. One such organization, ADECOR does exist, but it struggles for funding. To date, it has had only a limited focus on financial consumer protection issues. Recommendation Strong consideration should be given to developing a comprehensive financial consumer protection law or regulation that incorporates all financial services providers (banks, insurance and pensions) as well as MFIs and SACCOs. Even more so than in the banking sector, the MFIs and SACCOs have overlapping legislation (i.e., the Cooperative Societies Act, Microfinance Act, Competition and Consumer Protection Act), supervisors (i.e., BNR, RCA and the potential Competition and Consumer Protection Regulatory Body). 77 Good Practice A.2. Code of Conduct for Non-Bank Credit Institutions Good Practice There should be a principles-based code of conduct for non-bank credit institutions that is devised in consultation with the non-bank credit industry and with relevant consumer associations, and that is monitored by a statutory agency or an effective self-regulatory agency. a. If a principles-based code of conduct exists, it should be publicized and disseminated to the general public. b. The principles-based code should be augmented by voluntary codes on matters specific to the industry (credit unions, credit cooperatives, other non-bank credit institutions). c. Every such voluntary code should likewise be publicized and disseminated. Description Section (a) At the time of the diagnostic, there was no MFI or SACCO code of conduct in place related to financial consumer protection or market conduct. The Association of Microfinance in Rwanda (AMIR) conducted training for its members in 2011 and is in the process of developing a code of conduct for its members. (After the assessment period, SMART Campaign and AMIR conducted a joint consumer protection training for the sector in August 2013.) Section (b): NA Section (c) There are four Rwandan MFIs that have endorsed the SMART campaign. This is the lowest level of involvement and suggests awareness and agreement with MFI sector-produced client protection principles. There are no MFIs, SACCOs or banks in Rwanda that have been assessed or certified by the SMART campaign. Within the SACCO sector, there are seven cooperative principles that define the structure and code of conduct across all types of cooperatives—not just financial cooperatives. These principles vaguely touch on consumer protection with the concept of member education, training and information. There principles are widely communicated among cooperatives. Section (d): NA Recommendation Consideration should be given to incorporating consumer protection into the culture of MFIs/SACCOs through required trainings and a professional code of conduct. The code of conduct should also be incorporated into any banking schools or MFI/SACCO sector trainings. 78 Good Practice A.3. Other Institutional Arrangements Good Practice a. Whether non-bank credit institutions are supervised by a financial supervisory agency, the allocation of resources between financial supervision and consumer protection should be adequate to enable their effective implementation. b. The judicial system should ensure that the ultimate resolution of any dispute regarding a consumer protection matter with a non-bank credit institution is affordable, timely and professionally delivered. c. The supervisory authority for non-bank credit institutions should encourage media and consumer associations to play an active role in promoting consumer protection regarding non- bank credit institutions. Description Section (a) Article 70 of the Microfinance Regulation 2009 provides for the supervision of MFIs/SACCOs by an apex federation or BNR. In practice, the BNR supervises all MFIs and SACCOs because their past experience with oversight by industry run apex bodies was not favorable. Article 33 of the Microfinance Regulations requires periodic reports by MFIs/SACCOs to the BNR and this information is entirely focused on prudential returns as opposed to market-conduct information. BNR does look at how rates and fees are being charged and calculated during onsite visits. BNR supervisory staff compares MFI/SACCO practices to internal policies during onsite examination. Neither BNR nor RCA supervisory staff have received consumer protection training nor is such information included in their on- or offsite inspection manuals. Section (b) There is a confusing and unclear system for the resolution of financial consumer complaints and recourse for MFI/SACCO clients. The Rwanda Cooperative Agency claims to have a role in resolving disputes between SACCOs and their members. However, nothing in the 2008 Law “Establishing Rwanda Cooperative Agency (RCA) and Determining its Responsibilities, Organization and Function or in” nor does the 2007 Law “Providing for the Establishment, Organization and Functioning of Cooperative Organization in Rwanda” provide this power or duty to RCA. Despite it not being within the mandate of the Rwanda Cooperative Agency, they are handling 5-7 member complaints per month. The most frequent complaint (while not necessarily consumer protection related) is that SACCOs are not giving loans. BNR also receives 10 complaints on average per month, but it does not track the type of complaints. Few MFIs or SACCOs have a formal internal process for receiving, responding to and analyzing consumer complaints despite the current directive on Customer Service Delivery. Only two of the six MFI/SACCOs that the team met had heard of the directive and BNR reports few institutions are providing the required quarterly reports. None of the MFIs or SACCOs visited had a formal written procedure for handling complaints. All of the institutions had an informal internal escalation procedure for complaints, but none of them offered their clients/members additional external avenues for lodging a dispute with BNR, RCA or the Ombudsman. None of the MFIs or SACCOs visited (nor the BNR or RCA) had a systematic process for tracking, categorizing, analyzing or reporting disputes. This is required by the Directive on Customer Service Delivery, but the team found little awareness of this Directive in institutions, and few quarterly reports are being filed by any financial institution related to the directive according to BNR. This directive is 79 scattered in orientation covering customer service, consumer protection and workplace practices. It has unrealistic benchmarks for many of the measures (e.g., maximum wait times of three minutes in lobbies, maximum call times of two minutes for dealing with customer by phone), and other measures are micromanaging /burdensome to track and measure (e.g., status of washrooms and staff disposition). Section(c) While media and consumer associations are not discouraged from working on financial consumer protection, there did not appear to be any ongoing outreach to these organizations by BNR. The consumer rights group, Adecore, has done a campaign called “My Money, My Rights” and they’ have identified microfinance as one of its three core areas of concentration over the next five years. Recommendation Consider consolidating dispute resolution in the financial sector to a well-trained, appropriately staffed and sufficiently empowered unit of the national Ombudsman. This includes making the Ombudsman’s rulings binding and ensuing that RCA and BNR relinquish these dispute resolution roles. As indicated above, consideration should be given to withdrawing the Directive on Customer Service Delivery and replacing it. Good Practice A.4. Licensing of Non-Bank Credit Institutions Good Practice All financial institutions that extend any type of credit to households should be registered with a financial supervisory authority. Description Article 27 of the Cooperative Societies Act calls for the Rwanda Cooperative Agency to keep a registry of cooperatives, and Article 9 of the Microfinance Act also requires the BNR to keep a list of licensed MFIs/SACCOs. Article 4 of the Microfinance Act of 2008 describes 4 categories of MFIs and requires that the first category, which is informal lenders, only have to register with their local administrative entities, provide a list of members and its rules for operating. The remaining three categories of MFIs must be licensed by the BNR. Recommendation Not Applicable. There is already a legislative requirement for MFIs/SACCOs to register with BNR, and it is not being followed for all formal sector lenders. Registration is not happening systematically for category one MFIs that are informal, and practical implementation has many challenges because most of these tontines are small groups of 10–20 people that save and borrow for a cycle and then self-liquidate. 80 Section B. Disclosure and Sales Practices Good Practice B.1. Information on Customers Good Practice a. When making a recommendation to a consumer, a non-bank credit institution should gather, file and record sufficient information from the consumer to enable the institution to render an appropriate product or service to that consumer. b. The extent of information the non-bank credit institution gathers regarding a consumer should: (i) be commensurate with the nature and complexity of the product or service either being proposed to or sought by the consumer; and (ii) enable the institution to provide a professional service to the consumer in accordance with that consumer’s capacity. Description Section (a) Although there is an active and functioning credit bureau and use of it is required by all MFIs/SACCOs > RWF 20 million in deposits per Article 17 of the Microfinance Regulations, in practice there appear to be few MFIs that have modified their loan processes to consider information received from the credit bureau. Section (b) Based on a review of a limited set of MFI/SACCO loan applications, there appears to be appropriate information requested on the applications. The practical challenges for MFIs/SACCOs are that most of their customers are not salary earners and verification of income and expenses is difficult. Recommendation Consideration should be given to training MFIs/SACCOs on how to use data received from the credit bureau. In addition, modifying information provided from the credit bureau to lenders to include a credit rating score could aid in the uptake and usage of the information. This would help with the ultimate goal of not over indebting consumers and improving underwriting. 81 Good Practice B.2. Affordability Good Practice a. When a non-bank credit institution makes a recommendation regarding a product or service to a consumer, the product or service it offers to that consumer should be in line with the need of the consumer. b. Sufficient information on the product or service should be provided to the consumer to enable him or her to select the most suitable and affordable product or service. c. When a non-bank credit institution offers a new credit product or service that significantly increases the amount of debt assumed by the consumer, the consumer’s credit worthiness should be properly assessed. Description Section (a) The dominance of social and/or member-owner orientated institutions in the microfinance sector provides a level of direct client feedback to institutions. Only a few of the large MFIs visited and none of the SACCOs utilized a debt-servicing ratio to aid with assessing affordability of the loan by the borrower. In addition, while all of the institutions reported information to the credit bureau, none could describe how the data received from the bureau influences their credit decisions. Article 25 of the Microfinance Regulations requires MFIs/SACCOs to evaluate a borrower’s capacity to repay. Section (b) There are no legal or regulatory requirements for MFIs/SACCOs to provide any pre-contractual information to savers or borrowers. The Guideline on Customer Service in Financial Institutions does reference the importance of affordability of products and services, but it is unclear how institutions are to implement and report on this aspect of the Guideline. Section (c) Article 69 of the Microfinance Regulations details the requirements for an MFI’s credit policies. This section does not require an institution to conduct a new analysis for increasing loan values. Likewise, while Article 58 of these regulations requires credit files to be updated when loans are refinanced, it does not require fresh analysis of a loan when amounts are increased. Recommendation Consideration should be given to aiding MFIs/SACCOs in their understanding of how to use information received from the credit bureau. Serious consideration should be given to requiring pre-contractual information to be provided to borrowers or savers in a key facts statement via a language or medium that can be understood and prior to applications being received. 82 Good Practice B.3. Cooling-off Period Good Practice a. For financial products or services with a long-term savings component, or those subject to high-pressure sales contracts, (unless explicitly waived by the consumer in writing), a non- bank credit institution should provide the consumer a cooling-off period of a reasonable number of days (at least 3-5 business days) immediately following the signing of an agreement between the institution and the consumer. b. On his or her written notice to the non-bank credit institution during the cooling- off period, the consumer should be permitted to cancel or treat the agreement as null and void without penalty to the consumer of any kind. Description Sections (a) and (b) The MFIs and SACCOs visited did not have a formal cooling-off period, and it was a new concept for many of them. Instead, the institutions indicated that there were reasonable practices in place to work with their customers in such situations. As questions were posed regarding how long they would allow such modifications, it became less clear how they would handle such situations. Recommendation Consideration should be given to instituting formal policies within MFIs/SACCOs that allow for a cooling-off period. 83 Good Practice B.4. Bundling and Tying Clauses Good Practice a. As much as possible, non-bank credit institutions should avoid the use of tying clauses in contracts that restrict the choice of consumers. b. In particular, whenever a borrower is required by a non-bank credit institution to purchase any product, including an insurance policy, as a pre-condition for receiving a loan, the borrower should be free to choose the provider of the product and this information should be made known to the borrower. c. Also, whenever a non-bank credit institution contracts with a merchant as a distribution channel for its credit contracts, no exclusionary dealings should be permitted. Description Section (a) Among the seven large MFIs/SACCOs interviewed as well as their association and BNR, the practice of requiring credit life insurance is common among lenders. Only one entity, which was the most rural of those visited, required that its members use the SACCO’s pre-contracted vendor for life insurance. However, this instance of tying the SACCO was an exception in that it did not receive any commission from the insurance company with which it had an exclusive arrangement. It was seen to be more of a practical reality in this remote area because there were no offices of life insurance companies. Section (b) In many other MFIs/SACCOs, and especially with the largest MFI that has an insurance company as part of its group of companies, borrowers are presented with only one choice. While borrowers can chose another vendor or bring with them another policy, multiple choices are not presented. MFIs and SACCOs require credit life insurance for loans above a certain threshold. The requirement is disclosed to consumers, but commissions that the MFIs/SACCOs receive are not disclosed, and some institutions have a sole-source relationship with an issuance company. Section (c) There were no instances identified of MFIs utilizing outside distribution channels (i.e., agent banking) for the provision of credit. Recommendation Consideration should be given to instituting a consumer protection framework that prohibits exclusive tying, and requires consumer to be informed of their ability to select other vendors prior to choosing an MFIs/SACCOs preferred vendor. 84 Good Practice B.5. Key Facts Statement Good Practice a. Non-bank credit institutions should have a Key Facts Statement for each type of account, loan or other products or services. b. The Key Facts Statement should be written in plain language, summarizing in a page or two the key terms and conditions of the specific financial product or service, and allowing consumers the possibility of easily comparing products offered by different institutions. Description The standardized loan agreement utilized by most Umurenge SACCOs contains a key facts box in Kiriwandan. The form is in triplicate and borrowers receive a copy. The other MFIs visited did not have a key facts statement in their loan agreements, but all of the loan agreements that were obtained and reviewed were in Kiriwandan (which is the most commonly spoken and read language), and members received a copy. All of the agreements did disclose the rates, duration of the loans, and a statement allowing the organization to seize savings or collateral pledged against the loan. In some instances, the managers of SACCOs gather members to read the loans agreement and terms to illiterate members and take questions before they sign for their loans. This practice is commendable, but checking for such understanding should also occur before members complete loan applications. Importantly, there are no legal or regulatory requirements for MFIs/SACCOs to provide information in a key facts statement or in a language that is understood by the customer. Recommendation Consideration should be given to requiring MFIs/SACCOs via law or regulation to provide pre- contractual information to borrowers and savers in a language and method they can understand (e.g., verbally for illiterate customers). 85 Good Practice B.6. Advertising and Sales Materials Good Practice a. Non-bank credit institutions should ensure that their advertising and sales materials and procedures do not mislead customers. b. All advertising and sales materials should be easily readable and understandable by the general public. c. Non-bank credit institutions should be legally responsible for all statements made in advertising and sales materials (i.e. be subject to the penalties under the law for making any false or misleading statements). Description With the exception of the newly passed generic law on Competition and Consumer Protection (which is primarily aimed at physical goods and not services) there is no requirement for non-bank MFIs or SACCOs to disclose their rates or fees. Regulation No 14/2011 on the Publication of Tariff on Interest Rates and Fees indicates such a requirement only applies to “banks.”Neither the Microfinance Law, Microfinance Regulation nor the law “Providing for the Establishment, Organization and Functioning of Cooperative Organization in Rwanda” (known as the Cooperative Act) require MFIs or SACCOs to disclose fees, rates, penalties and/or changes to their clients or members accounts. Article 46 of the Cooperative Act does provide for a member’s rights in a cooperative, and these rights include information on the financial condition of the cooperatives, reports on the annual accounts and minutes of the annual general meeting. However, it is silent with regard to financial consumer protection. The current lack of clarity and transparency in MFIs and to a lesser extent SACCO may be limiting the uptake of their services. Unlike some banks that post their fees and charges on their websites and in lobbies as required, we did not encounter any MFIs or SACCOs that use such practices. That said, the loan contracts that were reviewed in SACCOs were succinct, included a key information box (albeit small) and had the principal information disclosed in Kiriwandan. In addition, in some of the institutions visited, once the loans were approved and before members signed for the loan the manager met with multiple members at once to read and disclose the terms and conditions for members who were not literate. It was unclear if this same level of disclosure occurred pre-contractually and before the loan went to the credit committee for review. AMIR and the Private Sector Federation indicated support in our meetings for a new Financial Consumer Protection Regulation. Recommendation Consideration should be given to adopting a consumer protection framework for MFIs that established minimum requirements of transparency and authenticity in any communication to the public. 86 Good Practice B.7. General Practices Good Practice Specific rules on disclosure and sales practices should be included in the non-bank credit institutions’ code of conduct and monitored by the relevant supervisory authority. Description As indicated above, there is no voluntary code of conduct for the MFI/SACCO sector or legal and regulatory requirements for such at the time of the assessment. Recommendation Consideration should be given to adopting a consumer protection framework for MFIs that establishes minimum requirements of transparency and authenticity in any communication to the public. Good Practice B.8. Disclosure of Financial Situation Good Practice a. The relevant supervisory authority should publish annual public reports on the development, health, strength and penetration of the non-bank credit institutions, either as a special report or as part of the disclosure and accountability requirements under the law that governs these. b. Non-bank credit institutions should be required to disclose their financial information to enable the general public to form an opinion regarding the financial viability of the institution. Description Financial information is required to be made available to all SACCO members annually per Article46 of the Cooperative Societies Act. In addition, per Article 7 of the Law Governing the Central Bank of Rwanda 2007, the BNR publishes semi-annual information on the health of the MFI/SACCO sector in its monetary policy and financial stability statements. The government does not require institutions nor does it provide institutional-level financial information to the public on customers of MFIs/SACCOs. In addition, there are 26 MFIs/SACCOs that have reported to the mix market. MFIs/SACCOs do not have deposit insurance (nor do banks at this juncture). Many depositors have lost money in the past in SACCOs that failed, and not all of the Umurenge SACCOs are sustainable. Recommendation Consideration should be given to requiring non-SACCO MFIs to also publish their financial information within the market they serve and post it within their banking lobbies. Consideration should be given to covering MFIs/SACCOs in the new deposit insurance system that is being discussed. The International Association of Deposit Insurers Core Principle for Effective Deposit Insurance Systems should be consulted to ensure that the preconditions for deposit insurance are met and that the design meets the framework of the core principles. 87 Section C. Customer Account Handling and Maintenance Good Practice C.1. Statements Good Practice a. Unless a non-bank credit institution receives a customer’s prior signed authorization to the contrary, the non-bank credit institution should issue, and provide the customer with, a monthly statement regarding every account the non-bank credit institution operates for the customer. b. Each such statement should: (i) set out all transactions concerning the account during the period covered by the statement; and (ii) provide details of the interest rate(s) applied to the account during the period covered by the statement. c. Each credit card statement should set out the minimum payment required and the total interest cost that will accrue, if the cardholder makes only the required minimum payment.. d. Each mortgage or other loan account statement should clearly indicate the amount paid during the period covered by the statement, the total outstanding amount still owing, the allocation of payment to the principal and interest and, if applicable, the up-to-date accrual of taxes paid. e. A non-bank credit institution should notify a customer of long periods of inactivity of any account of the customer and provide reasonable final notice in writing to the customer if the funds are to be transferred to the government. f. When a customer signs up for paperless statements, such statements should be in an easy-to- read and readily understandable format. Description There is no requirement for MFIs/SACCOs to provide their customers or members with statements of their accounts. Many MFIs and SACCOs still utilize passbooks that are updated for each transaction and kept by the member. This provides consumers with up-to-date information, but such systems are susceptible to loss and theft. MFIs/SACCOs are not currently offering credit cards. There are no requirements and weak systems for tracking dormant accounts and notifying customers of their periods of inactivity. However, account maintenance fees were much less prevalent in MFIs/SACCOs than in banks. When account maintenance fees were in place in MFIs/SACCOs their average fees were RWF 200–500 per month – i.e., less than half of the fees of banks. Recommendation Consideration should be given to requiring MFIs/SACCOs to make statements available on a periodic basis (i.e., at least every six months) to their customers. Given the weak postal system, especially in rural areas, the focus should be on making the data available electronically or in hardcopy in branches. While the current practice of providing passbooks accomplishes this goal, there is no requirement to do so. 88 Good Practice C.2. Notification of Changes in Interest Rates and Non-Interest Charges Good Practice a. A customer of a non-bank credit institution should be notified in writing by the non-bank credit institution of any change in: (i) the interest rate to be paid or charged on any account of the customer as soon as possible; and (ii) a non-interest charge on any account of the customer a reasonable period in advance of the effective date of the change. b. If the revised terms are not acceptable to the customer, he or she should have the right to exit the contract without penalty, provided such right is exercised within a reasonable period. c. The non-bank credit institution should inform the customer of the foregoing right whenever a notice of change under paragraph a. is made by the institution. Description The Regulation of Tariff of Interest Rates and Fees Applied By Bank does not cover MFIs/SACCOs. Nor are there requirements within the law or regulations for MFIs that require them to inform customers in advance of any changes. Recommendation Consideration should be given to requiring MFIs/SACCOs to notify customers in advance of implementing interest rate changes that affect a person’s credit facility. 89 Good Practice C.3. Customer Records Good Practice a. A non-bank credit institution should maintain up-to-date records in respect of each customer of the non-bank credit institution that contain the following: (i) a copy of all documents required to identify the customer and provide the customer’s profile; (ii) the customer’s address, telephone number and all other customer contact details; (iii) any information or document in connection with the customer that has been prepared in compliance with any statute, regulation or code of conduct; (iv) details of all products and services provided by the non-bank credit institution to the customer; (v) a copy of all correspondence from the customer to the non-bank credit institution and vice-versa and details of any other information provided to the customer in relation to any product or service offered or provided to the customer; (vi) all documents and applications of the non-bank credit institution completed, signed and submitted to the non-bank credit institution by the customer; (vii) a copy of all original documents submitted by the customer in support of an application by the customer for the provision of a product or service by the non-bank credit institution; and (viii) any other relevant information concerning the customer. b. A law or regulation should provide the minimum permissible period for retaining all such records and, throughout this period, the customer should be provided ready free access to all such records. Description Article 20 of the Microfinance Regulations requires category 3 and 4 MFIs/SACCOs to keep a credit file for each debtor or group. The only requirements for the contents of the credit file are tracking consultations and credit histories. In practice, MFIs/SACCOs do keep records on their customers’ savings and credit files. These records include information on residence, contact information, transaction history and credit history. This information is captured in the loan agreements and the member’s records. Article 20 of the Microfinance Regulations also requires category 3 and 4 MFIs/SACCOs to retain the credit file for 5 years after the last payment or write-off of the loans. There are no similar requirements for deposits accounts. In more rural SACCOs, records were paper-based, and while in a secure area, they are not stored in fireproof cabinets. Larger institutions utilized IT systems that are backed up and stored off-site. Recommendation Consideration should be given to amending Article 20 of the Microfinance Regulations to include the other types of information identified in Good Practice C.3 and coverage of customer’s savings accounts and credit files. Care should be taken to codifying the existing practices without instituting costly system changes. Where practices are lacking, they should be improved—especially in the area of securing paper-based records and electronic records that aren’t backed up frequently or securely stored off-site. 90 Good Practice C.4. Credit Cards Good Practice a. There should be clear rules on the issuance of credit cards and related customer disclosure requirements. b. Non-bank credit institutions, as credit card issuers, should ensure that personalized disclosure requirements are made in all credit card offers, including fees and charges (including finance charges), credit limit, penalty interest rates and method of calculating the minimum monthly payment. c. Non-bank credit institutions should not be permitted to impose charges or fees on pre-approved credit cards that have not been accepted by the customer. d. Consumers should be given personalized minimum payment warnings on each monthly statement and the total interest costs that will accrue if the cardholder makes only the requested minimum payment. e. Among other things, the rules should also: (i) restrict or impose conditions on the issuance and marketing of credit cards to young adults (below age of 21) who have no independent means of income; (ii) require reasonable notice of changes in fees and interest rates increase; (iii) prevent the application of new higher penalty interest rates to the entire existing balance, including past purchases made at a lower interest rate; (iv) limit fees that can be imposed, such as those charged when consumers exceed their credit limits; (v) prohibit a practice called ―double-cycle billing‖ by which card issuers charge interest over two billing cycles rather than one; (vi) prevent credit card issuers from allocating monthly payments in ways that maximize interest charges to consumers; and (vii) limit up-front fees charged on sub-prime credit cards issued to individuals with bad credit. f. There should be clear rules on error resolution, reporting of unauthorized transactions and of stolen cards, with the ensuing liability of the customer being made clear to the customer prior to his or her acceptance of the credit card. g. Non-bank credit institutions and issuers should conduct consumer awareness programs on the misuse of credit cards, credit card over-indebtedness and prevention of fraud. Description The largest MFIs and several large SACCOs were visited as part of the assessment and none of them were offering credit cards. The EFT Law does provide some limited consumer protections, which would be applicable to MFIs/SACCOs should they offer such a product. Recommendation See the section on banking for potential reforms. 91 Good Practice C.5. Debt Recovery Good Practice a. All non-bank credit institutions, agents of a non-bank credit institutions and third parties should be prohibited from employing any abusive debt collection practice against any customer of the non-bank credit institution, including the use of any false statement, any unfair practice or the giving of false credit information to others. b. The type of debt that can be collected on behalf of a non-bank credit institution, the person who can collect any such debt and the manner in which that debt can be collected should be indicated to the customer of the non-bank credit institution when the credit agreement giving rise to the debt is entered into between the non-bank credit institution and the customer. c. A debt collector should not contact any third party about a non-bank credit institution customer’s debt without informing that party of the debt collector’s right to do so; and (ii) the type of information that the debt collector is seeking. d. Where sale or transfer of debt without borrower consent is allowed by law, the borrower should be: (i) notified of the sale or transfer within a reasonable number of days; (ii) informed that the borrower remains obligated on the debt; and (iii) provided with information as to where to make payment, as well as the purchaser’s or transferee’s contact information. Description There are no laws or regulations directly covering debt collection practices among MFIs/SACCOs. While not directly related to collection practices, Article 21 of the Microfinance Regulations forbids a MFI from ever lending to a person or group that has not paid back a loan. Collection practices by MFIs and SACCOs generally appear to be ethical but varied in terms of avenues available to them We are unaware of any MFIs or SACCOs using the new collections agency and the most aggressive practices were among a commercially oriented MFI bank. The team was unable to discern internal social pressure practices among group lending participants. The National Recovery Committee set up to recover loans following the failure of 9 MFIs/SACCOs in 2006 has not met since February 2013 as a new Minister of Justice has not reconstituted it. Some of the 30 district-level recovery committees are still operating but their usage is limited to MFIs and SACCOs. The recovery committee’s actions are non-binding, and where they cannot recover through moral suasion by the local police and vice-executive secretary (who chairs each district committee) matters are taken to courts. Because of limited IT capabilities and the nature of lending in rural areas, Umurenge SACCOs are not registering collateral with RDB or utilizing RDB’s expedited process to recover collateral. Recommendation Consideration should be given to amending the Microfinance Regulations (or other regulatory instrument) to establish minimum standards for debt collection. The presence of Article 21 forbidding any future credit to a person or group that has previously defaulted should be revised because these extraordinarily harsh requirements may have unintended consequences for individuals and communities. 92 Section D. Privacy and Data Protection Good Practice D.1. Confidentiality and Security of Customers’ Information Good Practice a. The financial transactions of any customer of a non-bank credit institution should be kept confidential by the institution. b. The law should require non-bank credit institutions to ensure that they protect the confidentiality and security of personal data of their customers against any anticipated threats or hazards to the security or integrity of such information, and against unauthorized access. Description Instances of improper sharing of consumers’ data in MFIs or SACCOs were not identified, but few protections exist. The current practices with the new credit reference bureau revealed potential for data breaches because some MFIs/SACCOs are sharing ID and passwords to access CRB Africa’s system. This practice would affect traceability, and breaches to the system could generate serious identify theft problems or manipulation of confidential data. There is no broad-reaching data privacy protection law today to protect the sharing of consumers’ loan or savings information outside of the credit bureau or electronic money transactions. Recommendation Consideration should be given to enacting a broad-reaching data privacy protection law that protects the sharing of consumers’ financial information. Consideration should be given the privacy provisions of the EFT Law and Credit Information System Law of 2010. The OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data should be consulted. The BNR/GoR may wish to consider seeking technical assistance in the development of such a law. 93 Good Practice D2. Credit Reporting Good Practice Credit reporting should be subject to appropriate oversight, with sufficient enforcement authority. a. The credit reporting system should have accurate, timely and sufficient data. The system should also maintain rigorous standards of security and reliability. b. The overall legal and regulatory framework for the credit reporting system should be: (i) clear, predictable, non-discriminatory, proportionate and supportive of consumer rights; and (ii) supported by effective judicial or extrajudicial dispute resolution mechanisms. c. Proportionate and supportive consumer rights should include the right of the consumer (i) to consent to information-sharing based upon the knowledge of the institution’s information-sharing practices; (ii) to access his or her credit report free of charge (at least once a year), subject to proper identification; (iii) to know about adverse action in credit decisions or less-than-optimal conditions/prices due to credit report information; (iv) to be informed about all inquiries within a period of time, such as six months; (v) to correct factually incorrect information or to have it deleted and to mark (flag) information that is in dispute; (vi) to reasonable retention periods of credit history; and (vii) to have information kept confidential and with sufficient security measures in place to prevent unauthorized access, misuse of data, or loss or destruction of data. d. The credit registers, regulator and associations of non-bank credit institutions should undertake campaigns to inform and educate the public on the rights of consumers in the above respects, as well as the consequences of a negative personal credit history. Description A single private sector credit reference bureau operates with positive and negative information. The credit reference bureau is receiving monthly data from all major financial institutions, all MFIs, 237 SACCOs, utility companies and the two largest mobile operators—such deep coverage in a short period of time is commendable. The Law on Credit Information System was passed in 2010,and all bureaus are required to be licensed and supervised by the BNR. Within its first three years of operation, the credit bureau has grown to cover 16 percent of the adult population. Article 17 of the Microfinance Regulations 2009 requires all MFIs with greater than RWF 20 million in deposits to be part of the credit reference bureau. As of July 2013 there were 237 SACCOs of the 479 that have been trained on how to access and report data to the credit bureau. Articles 27–31 of the Credit Information System Law provides for the confidentiality of information and the rights of consumers in line with Good Practice D.2(f)(i-vii) above. In addition, while not part of this assessment the credit bureau appears to adhere to the first five “General Principles for Credit Reporting” from the World Bank. The credit reference bureau is not operating cross-border per the sixth general principle. 94 Despite all of these positive signs for reporting to the credit bureau within the MFI/SACCO sector, in practice, none of the MFIs/SACCOs were able to describe to the team how the institutions use information from the credit bureau in making credit decisions. This may be in part because the credit bureau does not have a rating system. The largest retail bank, which also has an active microcredit portfolio, expressed concerns about the inefficient and manual process of uploading payment data to the credit bureau. Recommendation Consideration should be given to improving the data interfaces between the credit bureau and its members to facilitate usage of the information. Development of a rating system from the credit bureau and training on usage of the information received from the credit bureau may aid MFIs/SACCOs in the usage of the data in credit decisions. This will aid with the broader purpose of the credit bureau helping to reduce indebtedness and underwriting practices. 95 Section E. Dispute Resolution Mechanism Good Practice E.1. Internal Complaints Procedure Good Practice Complaint resolution procedures should be included in the non-bank credit institutions’ code of conduct and monitored by the supervisory authority. Description Few MFIs or SACCOs have a formal internal process for receiving, responding to and analyzing consumer complaints despite the current directive on Customer Service Delivery. Only two of the six MFI/SACCOs that the team met had heard of the directive, and BNR reports few institutions are providing the required quarterly reports. There was only one MFI that had in place a process to review and analyze customer complaints in a systematic manner. Recommendation Consideration should be given to including an internal complaints process within the sector’s code of conduct that is being promoted by AMIR. 96 Good Practice E.2. Formal Dispute Settlement Mechanisms Good Practice a. A system should be in place that allows consumers to seek affordable and efficient third-party recourse, such as an ombudsman, in the event the complaint with the non-bank credit institution is not resolved to the consumer’s satisfaction in accordance with internal procedures. b. The role of an ombudsman or equivalent institution in dealing with consumer disputes should be made known to the public. c. The ombudsman or equivalent institution should be impartial and act independently from the appointing authority, the industry and the parties to the dispute. d. The decisions of the ombudsman or equivalent institution should be binding upon non-bank credit institutions. The mechanisms to ensure the enforcement of these decisions should be established and publicized. Description None of the MFIs or SACCOs visited had a formal written procedure for handling complaints. All of the institutions had an informal internal escalation procedure for complaints, but none of them offered their clients or members an additional external avenue for lodging a dispute with BNR, RCA or the Ombudsman. There is a confusing and unclear system for the resolution of financial consumer complaints and recourse for MFI/SACCO clients. The Rwanda Cooperative Agency claims to have a role in resolving disputes between SACCOs and their members. However, nothing in the 2008 Law “Establishing Rwanda Cooperative Agency (RCA) and Determining its Responsibilities, Organization and Function” nor does the 2007 Law “Providing for the Establishment, Organization and Functioning of Cooperative Organization in Rwanda” give this power or duty to RCA. Despite it not being within the mandate of the Rwanda Cooperative Agency, they are handling 5–7 member complaints per month. The most frequent complaint (while not necessarily consumer-protection related) is that SACCOs are not giving loans. BNR also receives approximately 10 complaints per month, but it does not have a formal process for analyzing and tracking complaints. None of the MFIs or SACCOs (nor does BNR or RCA) visited had a systematic process for tracking, categorizing, analyzing and reporting on disputes. This is required by the Directive on Customer Service Delivery, but the team found only two of the six MFI/SACCOs had heard of the Customer Service Delivery Directive, and BNR reports few institutions are providing the required quarterly reports. This directive is scattered in orientation covering customer service, consumer protection and workplace practices. It has unrealistic benchmarks for many of the measures (e.g., maximum wait times of three minutes in lobbies, maximum call times of two minutes for dealing with customer by phone), and other measures are micromanaging and burdensome to track and measure (e.g., status of washrooms and staff disposition). The remit of the National Ombudsman’’s duties includes the authority to resolve disputes related to “injustices.” Under this broad mandate, the BNR is developing a proposal with the National Ombudsman’s office to expand its expertise to handle financial disputes. Recommendation Consider consolidating dispute resolution for the financial sector in a well-trained, appropriately staffed and sufficiently empowered unit of the national Ombudsman. This includes making the rulings of the Ombudsman’s office binding and ensuing that RCA and BNR relinquish their dispute resolution roles. 97 Section F Consumer Empowerment Good Practice F.1. Broadly based Financial Capability Program Good Practice a. A broadly based program of financial education and information should be developed to increase the financial capability of the population. b. A range of organizations–including government, state agencies and non-governmental organizations–should be involved in developing and implementing the financial capability program. c. The government should appoint an institution such as the central bank or a financial regulator to lead and coordinate the development and implementation of the national financial capability program. Description In May 2013, the government of Rwanda, with technical assistance from Access to Finance Rwanda (AFR), developed its National Financial Education Strategy for Rwanda (NFES). The lead government agency for coordinating the implementation of the strategy is MINECOFIN. Within MINECOFIN there will be a Financial Education Steering Committee and a Financial Education Working Group. The NFES includes a broad base set of public and private stakeholders and was developed with insights from the 2012 FinScope study and 2012 Financial Capability Survey. Recommendation The NFES should be implemented by the government and its private sector partners. 98 Good Practice F.2. Using a Range of Initiatives and Channels, including the Mass Media Good Practice a. A range of initiatives should be undertaken by the relevant authority to improve the financial capability of the population, and especially from low-income communities. b. The mass media should be encouraged by the relevant authority to provide financial education, information and guidance to the public, including on non-bank credit institutions and the products and services they offer. c. The government should provide appropriate incentives and encourage collaboration between governmental agencies, the supervisory authority for non-bank credit institutions, the associations of non-bank credit institutions and consumer associations in the provision of financial education, information and guidance to consumers. d. A range of initiatives should be undertaken by the relevant authority to improve the financial capability of the population, and especially from low-income communities. e. The mass media should be encouraged by the relevant authority to provide financial education, information and guidance to the public, including on non-bank credit institutions and the products and services they offer. f. The government should provide appropriate incentives and encourage collaboration between governmental agencies, the supervisory authority for non-bank credit institutions, the associations of non-bank credit institutions and consumer associations in the provision of financial education, information and guidance to consumers. Description All MFIs and SACCOs are invited to participate in the financial education and inclusion forums that meet quarterly in each of the 30 districts in the country. These forums are focused on institutions and government agencies operating in the districts and do not include consumers. Based on the team’s meetings with one of the main newspapers and the primary consumer group, there appears to be limited coordination of activities between BNR and consumer groups and media regarding financial education. Despite the limited coordination, both ADECOR and the media indicated plans in 2013 for further exploration of financial sector issues. Although ADECOR has a staff of just four, it receives technical support from and is a member of Consumer’s International. Recommendation The government of Rwanda should consider supporting those consumer groups that are credible and balanced. Regular communication with the media, while not inhibiting its freedom, on financial sector issues and consumer rights can aid journalists’ education so they can cover issues in a balanced and fair manner. 99 Good Practice F.3. Unbiased Information for Consumers Good Practice a. Consumers, especially the most vulnerable, should have access to sufficient resources to enable them to understand financial products and services available to them. b. Supervisory authorities and consumer associations should provide, via the internet and printed publications, independent information on the key features, benefits and risks – and, where practicable, the costs – of the main types of financial products and services, including those offered by non-bank credit institutions. c. The relevant authority should adopt policies that encourage non-government organizations to provide consumer awareness programs to the public regarding financial products and services, including those offered by non-bank credit institutions. Description For its age and depth, the Rwandan microfinance market is a well-studied market. Despite a plethora of sector-based studies, the team is unaware of any services or utility that communicates unbiased information to low-income or other consumers. ADECOR has considered such offerings and has conducted periodic mystery shopping activities, but it lacks the resources and expertise to provide a consistent and useful comparison of marketplace offerings. Recommendation NGOs, media and the government of Rwanda should consider supporting public or private sector avenues that can serve as a clearinghouse of information on financial services options and costs. 100 Good Practice F.4. Consulting Consumers and the Financial Services Industry Good Practice The relevant authority should consult consumer associations and associations of non-bank credit institutions to help the authority develop financial capability programs that meet the needs and expectations of financial consumers, especially those served by non-bank credit institutions. Description In the development of the NFES, the following resources were consulted:  Strategy documents from Rwandan government ministries aimed at strengthening economic development and financial inclusion, national financial education strategies from other countries and other reference documents;  In-depth interviews and workshops with key stakeholders in financial education such as government officials, financial institutions, NGOs and other financial education implementation partners, as part of a scoping mission;  National surveys conducted in Rwanda such as the Financial Capability Survey in 2012 (FinCap survey) and FinScope 2012;  Focus group discussions with Rwandan youth to identify what it means to be financially capable in their local communities as part of the Financial Capability Index (FCI); and  Financial Education Strategy Working Group of select stakeholders representing the interests of their respective sectors or industries, including government, NGOs, MFIs/SACCOs/cooperatives, banks, other financial service providers and other private sector entities. Recommendation Not applicable. Good Practice F.5. Measuring the Impact of Financial Literacy Initiatives Good Practice a. Policymakers, industry and consumer advocates should understand the financial capability of various market segments, particularly those most vulnerable to abuse. b. The financial capability of consumers should be measured, amongst other things, by broadly based household surveys that are repeated from time to time. c. The effectiveness of key financial capability initiatives should be evaluated by the relevant authority from time to time. Description In 2012, a national FinScope Survey was conducted as follow-up to the 2009 FinScope, and a national Financial Capability survey was conducted. In 2013, a more detailed ethnographic study of consumers ’ financial behavior was conducted with the March 2013 Financial Diaries project. Recommendation Consideration should be given to following up on these excellent sources of data tri-annually as a way of measuring the efficacy of financial capability programs. 101 III. INSURANCE: COMPARISON WITH GOOD PRACTICES147 Despite having doubled from 2006–2011, insurance penetration in Rwanda was just 2.3 percent148 in 2011 and is low even compared to many of its regional peers in East Africa. By comparison, Kenya’s insurance penetration is 2.76 percent (the highest in the region), and Tanzania is at 2.2 percent, while Uganda trails its East Africa peers at 0.6 percent as of 2011.149 Under Vision 2020, the government of Rwanda’s goal is to increase insurance penetration to 7 percent. The reasons for a low insurance penetration seem varied, including the fact that 45 percent of the population still lives in poverty. Other reasons also include what some cite to be a shortage of skilled financial sector staff, low levels of awareness of insurance in the community and low levels of marketing by insurers150. Others cite the 18 percent VAT on insurance premiums for the slower growth, a charge that does not apply elsewhere in the East African Community. Rwanda has been busy implementing insurance reforms in the recent past. In 2007, supervision transferred from the National Insurance Commission to the Central Bank of Rwanda (BNR). In 2008, the new insurance law was passed that required insurers to separate their short- and long-term businesses into different companies and increased capital requirements tenfold to RWF 1 billon. Growth in the insurance sector has been led by health insurance and in particular its crucial role in the government’s universal healthcare policy. The mutuelles de santé, a national community based health insurance scheme, has meant that nearly 98 percent151 of the population has some form of health insurance (90.6 percent of the population was enrolled, and another 7 percent are covered by civil service, military or private insurance152). For relatively small sums, basic healthcare is being made available to most. For the poorest members of the population, donor funding is used to subsidize the cost of premiums. There are also an increasing number of compulsory insurances in Rwanda. These include insurance for civil servants, construction worker, and third party motor insurance. In some industries, professional indemnity insurance is mandatory (such as insurance brokers), and in 2012, a bylaw was passed that made it compulsory for all commercial buildings to be insured for fire 153. The finance sector has also driven growth by requiring insurance on assets purchased with loans154. 147 The assessment of the insurance sector is based on a desk review. 148 Insurance penetration is measured by Gross Written Premium as a percentage of GDP. 149 Minister of Finance & Economic Planning to FANAF summit 23 February 2012. 150 “Insurance Sector Stable Despite Low Penetration Rate” http://www.newtimes.co.rw/news/views/article_print.php?i=14901&a=50079&icon=Print 151 Donald G. McNeil, “Rwanda’s Health Care Success Story.”, New York Times, February 4, 2013. 152 Paul E. Farmer, “Reduced Premature Mortality in Rwanda: Lessons from Success,”, accepted 26 November 2012, published in the BMJ. 153 “Rwanda: Insurance Industry Grows by 36 percent”, All Africa, 26 March 2013, http://allafrica.com/stories/201303260163.html 154 Edward Ojulu, “Luring New Investors,” Rwanda Focus, April 24, 2013. 102 Rwanda has 12 insurance companies, of which two are government-owned health insurers, and a mix of life and non-life insurers. The health insurance sector is dominated (96 percent market share) by the two largest insurers, which originated from statutory bodies created to provide health insurance to public sector workers and members of the military. Private insurers are starting to move into health insurance. Of the remaining insurers, the three largest are SONARWA (35 percent), SORAS (31 percent) whose majority shareholder is the government and CORAR (18 percent). Due to the 2009 amendments to the law that require the separation of short- and long-term business, many insurers are related (for example, both SONARWA and SORAS have life and non-life companies). The total assets of the Rwandan insurance sector as at end December 2012 reached FRW 214 billion compared to FRW 157 billion at the end December 2011 indicating a growth of 36 percent. The gross premiums increased by 67 percent from FRW 46 billion by end December 2011 to FRW 77 billion at end December 2012155. Motor insurance in Rwanda is loss-making due to the high cost of claims. Table 1 illustrates the financial soundness measures of insurers since 2010. Table 1. Financial Soundness Indicators for the Insurance Sector (in RFW billion)156 2010 2011 2012 Dec June Dec Mar June Total assets 128.211 147.513 157.528 169.242 180.632 Total capital 85.028 100.862 104.381 112.044 115.184 Total gross premiums 49.738 42.826 46.288 32.634 46.354 Underwriting profit 7.063 12.875 6.756 11.381 16.843 Total net profit 15.687 20.076 12.564 14.632 19.820 Claims ratio (%) 44 17 41 45 43 Combined ratio (%) 81 65 79 61 63 Current ratio (%) 178 180 190 218 298 Return on Equity (%) 17 20 13 13 17 Return on Assets (ROA) (%) 11 14 9 9 11 A number of initiatives are being engaged in to strengthen and expand Rwanda’s life and pension sectors, including the development of mortality (life) tables, the development of capital markets and tax reforms. The development of mortality tables is expected to improve the ability of life companies to offer annuities, increase private take-up of annuities and improve the accuracy of pricing in the life sector. There is currently a very low demand for annuities, in part due to the slow development of the pensions sector but also because of the unavailability of assets that are appropriate to match annuity liabilities. Amendments to the taxation regime will also ensure that more favorable treatment can be given for life investment products, which currently may subject to double taxation. The distribution of insurance in Rwanda is primarily through brokers and insurer agents. All brokers and agents need to be licensed with BNR, and there are currently 9 insurance brokers, 158 agents and 8 adjusters in Rwanda. The sector is expanding rapidly, up from 5, 102 and 4 respectively in 2012. Anecdotally, it appears that some financial institutions also distribute insurance, while others (including some banks) do not distribute insurance. Rwanda’s first micro-insurance product was offered in June 2011 by Urwego Opportunity Bank, a registered microfinance institution. Urwego worked in conjunction with two insurers 155 February 2013 Monetary Policy and Insurance sector Financial Stability Statement from NBR. 156 February 2013 Monetary Policy and Financial Stability Statement from BNR. 103 and a broker to provide life cover, funeral expenses and fire cover for business equipment to microfinance borrowers. New microinsurance products continue to be offered and, in October 2012, index insurance began to be offered to farmers in Rwanda for protection of crops against weather- related events. Rwanda’s Financial Sector Development Program II has identified microinsurance as an important element in providing access to finance. However, the promotion of microinsurance requires change to the regulatory structure because the currently high capital requirement of RWF 1 billion for insurers. Options are being explored, such as a regulatory “second tier” for microinsurance, which may have lower capital, corporate governance, reporting requirements and a broader range of distribution channels. It is noted that, in October 2012, the International Association of Insurance Supervisors issued an Application Paper on Regulation and Supervision supporting Inclusive Insurance Markets, which examines the balance between adjusting standards to reflect the different nature, scale and complexity of risks to encourage inclusion and essential regulatory protections and is likely to be of benefit in this endeavor. 104 Section A. Consumer Protection Institutions Good Practice A.1. Consumer Protection Regime Good Practice a. The law should provide for clear rules on consumer protection in all matters of insurance and there should be adequate institutional arrangements for implementation and enforcement of consumer protection rules. b. There should be specific provisions in the law, which create an effective regime for the protection of retail consumers of insurance. c. The rules should prioritize a role for the private sector, including voluntary consumer organizations and self-regulatory organizations. Description The Ministry of Trade and Industry (MINICOM) spearheads the plan to achieve the Government of Rwanda’s Vision 2020 economic reform agenda to make Rwanda a middle-income economy. Acting through the Department of Trade, it has consumer protection and the enhancement of competition as part of its mandate. MINICOM’s mission is as follows: To facilitate Rwanda’s economic transformation through enabling a competitive private sector integrated into regional and global markets, while ensuring a level playing field and the protection of consumers. MINICOM has five strategic objectives, one of which is “[t]o create a business environment conducive to growth and the protection of consumers.” Consumer Protection Laws The primary consumer protection law for insurance is Regulation No 12/2009 of 13/10/2009 on Market Conduct Requirements for insurers and insurance intermediaries (the Market Conduct Regulations). This provides a number of important general and specific protections for consumers, including the following with regard to insurers and intermediaries:  Establishing that the principle of utmost good faith is the foundation of the business of insurance, and is the dominant principle regulating the conduct of all insurers and intermediaries (Article 2); 105  Directors, management and staff are to o put service to policyholders above self and always endeavor to employ the most effective and efficient ways to do business (Article 2); o at all times act with integrity (including fair dealing, truthfulness and objectivity), act honestly, an in a straightforward manner and avoid misleading and deceptive acts or misrepresentations (Article 3); o act with due skill, care and diligence (Article 4); and o avoid conflicts of interest or, if conflicts arise, ensure fair treatment to all policyholders or prospective customers by disclosure or other means. They must remain impartial and not place their interests above those of policyholders or prospective customers (Article 6). On November 12, 2012, the Competition and Consumer Protection Law (CCP Law) came into effect. One of the key gaps that had been identified by MINICOM in the encouragement of trade generally was the lack of a competition and consumer protection policy, which led to anticompetitive practices157. Progress in improving this area is slow, despite regular announcements, promotion and inspections. A key provision of the CCP Law is Article 37, which prohibits a seller of goods or services from providing consumers with information that is, in all the circumstances, deceiving or misleading. Two key areas that may benefit from enhancement in the insurance sector are clarification of liability of agents of the insurer (including when distribution of products is conducted through financial institutions such as banks) and the implementation of specific insurance contracts laws see below). Institutional Arrangements Insurers must be licensed by the Central Bank (BNR) in order to operate in Rwanda. Microinsurance Currently, microinsurance falls within the general insurance prudential and consumer protection regime, although microfinance institutions may, under Article 19 of Law No 40/2008 Establishing the Organization of Microfinance Activities (the Microfinance Law), conduct “microinsurance operations.” It is not clear whether this extends to the underwriting of microinsurance products or whether only operational activities such as the collection of premiums and facilitation of product issue is included. The first microinsurance product was offered in June 2011 by the Urwego Development Bank, which collaborated with Micro Ensure, a large microfinance broker, the Rwandan insurer SORAS and South African insurer Hollard to offer an enhanced credit protection product to microfinance borrowers. The risk was underwritten by Hollard and Micro Ensure.158The product was life insurance that was required for all Community Banking Group businesses and covered death (including spouse and up to four children), loss of business due to natural disaster and disability. The microinsurance product essentially removed or lessened the burden of the cross-guarantee. Other microinsurance products have emerged in Rwanda, including index crop insurance, in 2012. Consideration is being given in Rwanda to adjusting regulatory requirements for microinsurance to encourage financial inclusion, because there are relatively high capital requirements for insurance of RFW1 billion. 157 Rwanda Trade Policy, June 2010. 158 http://jeffreyandkristinleeinrwanda.blogspot.com.au/2011/06/micro-insurance-launched-finally.html 106 Consumer Protection Supervision Efforts to improve consumer protection for insurance generally remain in their early stages but are expected to improve with the establishment of the National Inspectorate and Competition Authority (NICA). NICA will operate under MINICOM, and its role will include the following: 1. Advise the government on initiating the development of trade policy, competition and consumer protection and product quality; 2. Carry out the safety and quality inspection of product design, production process, product, services and determination of their conformity with specific legal requirements at the point of production, distribution, sale, entry in Rwanda and metrology inspections; 3. Monitor the application of trade laws, standards and principles protecting consumers; 4. Establish cooperation with regional and international institutions with similar mandate; 5. Establish, implement and maintain the quality management system in accordance with relevant regional or international standards; 6. Monitor and protect against prohibited practices that undermine the normal course of competition in business activities; and 7. Educate and encourage consumers to know their rights. Enforcement The BNR may issue directives prohibiting any “unsafe, unfair and unsound insurance practices” against an insurer and its senior officials (Article 27 Reg No 5/2009). The CCP regulator may issue fines between 5–10 percent of revenue to businesses that breach the CCP Law. Consumer Protection groups The Ministry of Trade and Industry has also supported the creation of two viable consumer associations that advocate for the rights of consumers, ADECOR (based in Kigali) and the Consumer Human Rights Organization of Rwanda (based in Rubavu). Consumer Associations have standing under the CCP Law to request the regulatory body to commence an investigation into anti-competitive conduct, following which a consultation and consideration of the request must take place. Registered consumer protection organizations may also, under Article 50, commence civil proceedings in respect of a breach of consumer protection law, either at the request of a consumer or if damages are claimed. Insurance Industry Association There is an insurance association in Rwanda, the Association Des Assureurs Du Rwanda (ASSAR). Despite its small staff numbers, ASSAR has prioritized a number of crucial areas, including the development of a Code of Conduct for insurers and the examination of an insurance training institute to attempt to address the gap in specialist knowledge and experience within the industry. 107 Recommendation Although it may be otherwise covered in general law, it is recommended that the BNR ensures that it is clear in the law that insurance companies are liable for the conduct of their agents, concerning the sales and marketing process, the ongoing management of customer service and in respect to claims. It is recommended that the BNR give consideration to the International Association of Insurance Supervisors Application Paper on Regulation and Supervision supporting Inclusive Insurance Markets to practically apply the Insurance Core Principles in a manner that balances the need to protect policyholders, enhance financial stability, and promote financial inclusion. Also, it may be of benefit to clarify the meaning of what is permitted under the Description of “microinsurance operations” in Article 19 of the Microfinance Law. Good Practice A.2. Contracts Good Practice There should be a specialized insurance contracts section in the general insurance or contracts law, or ideally a separate Insurance Contracts Act. This should specify the information exchange and disclosure requirements specific to the insurance sector, the basic rights and obligations of the insurer and the retail policyholder and allow for any asymmetries of negotiating power or access to information. Description The current Insurance Contract rules are governed by the Decree –Law nº20/75 of 20 June 1975 and has been modified and completed by the law no 01/2002 of 19/01/2002. A specific law on Insurance Contracts was in draft at the time of writing. Specific terms relating to insurance contracts can provide essential elements of consumer protection in the insurance area, such as the following:  clarification on when insurance cover commences;  the duty of disclosure and requirements to notify consumers of their duty of disclosure, as well as specific provisions addressing the impact on contracts of insurance and claims if the duty of disclosure is not complied with;  the timing for providing the policy document to the consumer (for example, within two weeks of cover commencing);  procedures to be followed on denial of claims, such as the provision of written reasons by the insurer;  timing for settlement of claims, and interest for late payment of claims;  notification requirements of policy renewals and expirations;  cooling off periods in respect to certain non-compulsory types of insurance;  issues arising from underinsurance, over insurance or double insurance;  restrictions on varying contract terms;  procedures for cancelling insurance;  clarification that any ambiguity in the terms of an insurance contract will be interpreted in the interests of the consumer;  crucial disclosures in the contract document, such as an upfront summary of contract terms and the clear disclosure of commissions and important exclusions; and  the presentation of the insurance contract (such as type size and ease of understanding). 108 While some areas may be covered in existing laws (such as utmost good faith and some provisions on the duty of disclosure), Rwanda’s insurance regime will most likely benefit from a focused set of rules relating to insurance contracts that can assist in the building of consumer confidence and ensuring consistent and transparent insurer conduct. Recommendation Since the draft Insurance Contracts Law was not reviewed, it is not possible to comment on the benefits of the initiative. It is recommended that the list above be considered for inclusion and implemented where appropriate for the state of development of the insurance sector. In order to help build consumer confidence in the insurance sector, it is recommended that BNR and the insurance industry consider how to most effectively make consumers aware of the new laws. Good Practice A.3. Codes of Conduct for Insurers Good Practice a. There should be a principles-based code of conduct for insurers that is devised in consultation with the insurance industry and with relevant consumer associations, and that is monitored and enforced by a statutory agency or an effective self-regulatory agency. b. If a principles-based code of conduct exists, insurers should publicize and disseminate it to the general public through appropriate means. c. The principles-based code should be augmented by voluntary codes for insurers on such matters specific to insurance products or channels. d. Every such voluntary code should likewise be publicized and disseminated. Description The regulations include mandatory codes for insurance agents, brokers and loss adjusters (Article 13 Market Conduct Regulations). However, there is currently no Code of Conduct for insurers. Recommendation It is recommended that the BNR lead or encourage and facilitate the development and implementation of an insurers’ Code of Conduct, which would cover such key areas as customer service, disclosure, claims handling and complaints handling, in conjunction with the insurance industry. This could be overseen by ASSAR, perhaps with reporting to BNR on insurer compliance. The Code would need to be made available to customers, such as on the insurer’s website or provided with new policy documentation. It is also recommended that other entities involved in the insurance value chain, such as MFIs and possibly SACCOs, ultimately be covered by such a Code of practice to ensure consistent approaches and enhanced consumer protection. 109 Good Practice A.4. Other Institutional Arrangements Good Practice a. Prudential supervision and consumer protection can be placed in separate agencies or lodged in a single institution, but allocation of resources between prudential supervision and consumer protection should be adequate to enable the effective implementation of consumer protection rules. b. The judicial system should provide credibility to the enforcement of the rules on financial consumer protection. c. The media and consumer associations should play an active role in promoting consumer protection in the area of insurance. Description BNR Missions The main missions of the BNR are specified in Article 5 of the Central Bank Law, as follows: 1° to ensure and maintain price stability; 2° to enhance and maintain a stable and competitive financial system without any exclusion; 3° to support the government’s general economic policies without prejudice to the two missions referred to in Paragraphs 1° and 2° above. For the Bank to achieve its mission specified in Article 5, under Article 6 it is required to perform the following duties: 1° to define and implement the monetary policy; 2° to organize, supervise and regulate the foreign exchange market; 3° to supervise and regulate the activities of financial institutions notably banks, micro finance institutions, insurance companies, social security institutions, collective placement companies and pension funds institutions;… 8° to carry out any other task that this Law or any another Law may assign to it. Supervision Training and Manuals The Financial Sector Development Program II identifies the need for BNR staff to receive additional training to ensure supervisors are sufficiently able to carry out their duties. Apart from regional education programs, the BNR will be developing a core-training curriculum that will be supplemented by self-study modules and target specialized training. In addition to training, BNR will implement a risk-based supervision framework by 2014. Tools of supervision are to include targeted examinations and meeting with banks’ internal auditors to supplement full-scope inspections. Supervision The BNR oversees both prudential and consumer protection for insurance. Its duties and missions are established in Law No 55/2007 of 30/11/2007 Governing the Central Bank of Rwanda (the Central Bank Law). 110 The CCP Law contains consumer protection provisions that apply to all types of “services,” which would include financial services. Relevant provisions in the CCP Law include those relating to information to be given to consumers, advertising and prejudicial provisions that do not have any “tangible fairness”.159 Accordingly, the overall institutional framework for financial consumer protection in Rwanda in the insurance sectors is, like banking and microfinance, fragmented because of a lack of clearly defined roles and responsibilities among different institutions and unclear enforcement capacity. The BNR’s consumer protection responsibilities overlap with those of the Ministry of Trade and Industry under the CCP Law and of the new Competition and Consumer Protection Regulatory Body. Although BNR regulates insurance, it does not specifically allocate resources to supervision of the limited consumer protection laws that apply. There is accordingly no separation of supervision of prudential and consumer protection laws and it is not clear that the BNR has specialized expertise on consumer protection matters The relatively new insurance sector is supervised by BNR with only 12 staff members but with active steps being taken to build both capacity and resources. Supervision occurs through the Non-Bank Financial Institutions’ (NBFI) Division of BNR, which is responsible for supervision of all insurance and pension financial institutions and for other types of non-bank financial institutions. BNR has only been supervising insurance since 2007 when supervision responsibilities were transferred from the Insurance Commission. Supervision is paid for through a levy on regulated entities (currently 12 percent of Gross Written Premiums, although until recently it was a flat fee). Judicial System Consumers may commence legal action for breaches of the CCP Law (Article 50), as may also do registered consumer protection bodies. Media and Consumer Association The media does cover financial services consumer protection issues in Rwanda. Recommendation Institutional Clarity and Separation Consideration should be given to providing that the CCP Law does not apply to financial services to make it clear that BNR has primary responsibility for supervision of laws and regulations applicable to consumer protection in the financial sector. In doing so, any specific protections that appear in the CCP Law but do not otherwise appear in the insurance law could be replicated in the insurance law. Ideally, perhaps when the market has further developed, there should be an authoritative financial services consumer protection regulator for all financial sectors, including insurance. This would achieve consistency of interpretation, minimize the risk of gaps in regulatory coverage and avoid any real or perceived conflict of interest for the supervisor. Likewise, the roles of BNR, Ombudsman and the forthcoming Competition and Consumer Protection Regulatory Body and RCA (for SACCOs) should be clarified as concerning consumer protection rule making, enforcement and dispute resolution in the financial sector. Regulation and supervision of insurance consumer protection laws should be properly resourced, and consideration should eventually be given, based on the development and maturation of the market and its supervision, to its separation from the prudential function to avoid conflicts between supervising financial institutions and their customers. A practical way to achieve this would be to have a new unit 159 Articles 33, 34 and 39. 111 responsible for consumer protection with a separate reporting line directly to the Vice Governor. Another option would be to have a completely separate Financial Services Market Conduct Regulator but that is not likely to be practical in the present context. Media Engagement Strategy It is recommended that BNR consider whether it should implement or enhance its media strategy to ensure that it promotes the positive work, done currently in the financial services sector, to educate consumers about how to engage with financial services providers, and also to raise awareness of specific issues of concern that may arise in the consumer protection arena from time to time. A media strategy of this nature could develop over time to include messages that align with the increasing sophistication and engagement of consumers with insurance in Rwanda. Good Practice A.5. Bundling and Tying Clauses Good Practice Whenever an insurer contracts with a merchant or credit grantor (including banks and leasing companies) as a distribution channel for its contracts, no bundling (including enforcing adhesion to what is legally a single contract), tying or other exclusionary dealings should take place without the consumer being advised and able to opt out. Description There is no specific prohibition in the insurance laws regarding bundling or tying. However, the CCP Law contains certain provisions that could be interpreted as prohibiting such conduct:  Article 6 prohibits “[a]ny form of agreements, decisions and concerted practices which have as their object the undermining, prevention, restrictions or distortion of competition.”  Article 7, which prohibits “agreements . . . designed to . . . restrict the terms and conditions of sale or supply or purchase between persons engaged in the sale of purchased goods or services.”  Article 11, which prevents entities from activities or behavior that limits access to markets or otherwise unduly restrains competition or has adverse effects on trade or the economy in general. This is deemed to include:  11(5): “selling goods or services on condition that the consumer purchases separate goods or services unrelated to a contract or forcing a consumer to accept a condition unrelated to the object of a contract.”  11(8): “engaging in any business activity that results in the exploitation of its customers or suppliers so as to frustrate the benefits expected from the market” Under Article 14, organizations can seek authorization to enter into arrangements such as the above, even if anti-competitive, provided that there is a public benefit that outweighs any anti-competitive effect. Recommendation It is recommended that the BNR consider whether this issue is a significant concern in Rwanda and, if so, whether the existing rules are sufficient to address it. If not, consideration should be given to developing responses to possible abuses arising from bundling, such as in Codes of Conduct or specific rules relating to credit providers and the distribution of credit insurance products. 112 Section B. Disclosure & Sales Practices Good Practice B.1. Sales Practices Good Practice a. Insurers should be held responsible for product-related information provided to consumers by their agents (i.e. those intermediaries acting for the insurer). b. Consumers should be informed whether the intermediary selling them an insurance contract (known as a policy) is acting for them or for the insurer (i.e. in the latter case the intermediary has an agency agreement with the insurer). c. If the intermediary is a broker (i.e. acting on behalf of the consumer) then the consumer should be advised at the time of initial contact with the intermediary if a commission will be paid to the intermediary by the underwriting insurer. The consumer should have the right to require disclosure of the commission and other costs paid to an intermediary for long-term savings contracts. The consumer should always be advised of the amount of any commission and other expenses paid on any single premium investment contract. d. An intermediary should be prohibited from identically filling brokering and agency roles for a given general class of insurance (i.e. life and disability, health, general insurance, credit insurance). e. When a bank is the intermediary, the sales process should ensure that the consumer understands at all times that he or she is not purchasing a bank product or a product guaranteed by the bank. f. Sanctions, including meaningful fines and, in the case of intermediaries, loss of license, should apply for breach of any of the above provisions. Description In general, it appears that further work can be done by the BNR to understand the participation of various parties in the insurance market, including MFIs, SACCOs, banks and traditional intermediaries. A greater understanding of such participants would enable focus on appropriate rules, whether formal or informal, for such parties and enhance consumer protection initiatives. a) Liability for Agents’ Conduct Insurers must have risk management policies and systems in place, including for the management of distribution risk where they can impact upon the insurer’s solvency (Article 19 Intermediaries Licensing Regulations). This presumably is to deal with risks such as aggressive marketing, inaccurate marketing and marketing directed towards people who would be poor underwriting risks. 113 However, even though broader agency rules may apply, there are no provisions in Rwanda’s law that specifically make an insurer liable for the conduct of its agents in the distribution of insurance. This would cover all aspects of an agent’s role, including the provision of pre and post-sale information on the insurance, advice regarding appropriate products, ongoing servicing of policies and assistance in respect of claims. b) Status of Intermediary The Intermediary Licensing Regulations and the Market Conduct Regulations require that any broker or agent must make disclosures about their status (that is, whether they are independent or associated with any insurance companies and whether they are authorized to conclude insurance contracts (Articles 16 and 7, respectively)). There is no requirement for the time at or the form in which this information is to be provided. Under the Brokers Code of Conduct, the broker must also take appropriate steps to see that the consumer understands the broker’s role and on whose behalf the broker is acting (Article 1(b)). c) Broker Commissions Although there is no explicit provision requiring that insurance brokers disclose commissions, insurance brokers must avoid conflicts of interest or if conflicts arise, ensure fair treatment to all policyholders or prospective customers by disclosure or other means (Article 6 Market Conduct Regulations). d) Broker/Agent BNR has advised that a person cannot operate as a broker and an agent at the same time. e) Bank Intermediaries There are currently no requirements in Rwanda that ensure banks that distribute insurance do not give the impression that the insurance is backed or issued by the bank. f) Sanctions Article 24 of the Intermediaries Regulations confers on BNR a broad range of enforcement powers to address breaches of the law, including temporary suspensions, the imposition of additional capital requirements, prohibitions against selling new or certain products, requiring training or refresher courses or “any other directives the Central Bank may deem appropriate.” Article 14 of the Market Conduct Regulations also empowers the imposition of sanctions by BNR for breaches of those provisions. Recommendation It is recommended that consideration be given about whether it is clear to all parties that an insurer is liable for the conduct of its agents and, if not, that clarity is offered on this issue in a manner that is enforceable and well understood. It is recommended that the requirements in Article 16 on the status of intermediaries be clarified by the addition of a requirement that the information be provided at the start of the relationship or at least prior to any advice or recommendation being acted upon and consideration be given to the information to be provided in writing and/or any other means tailored to the particular needs of the consumer. It is recommended that brokers be required to disclose their commissions (both in dollar terms and also non-financial commissions such as rewards, operational and marketing support or office space) at the same time that any product is recommended to the consumer. It is also recommended that the amount of commission be prominently disclosed in the insurance contract, preferably with an upfront summary of the terms of the policy. When insurance is distributed by banks, it is recommended that banks be required to make their roles clear and to make it clear to consumers that the products are not issued or guaranteed by the bank. 114 Good Practice B.2. Advertising and Sales Materials Good Practice a. Insurers should ensure their advertising and sales materials and procedures do not mislead customers. Regulatory limits should be placed on investment returns used in life insurance value projections. b. Insurers should be legally responsible for all statements made in marketing and sales materials they produce related to their products. c. All marketing and sales materials should be easily readable and understandable by the general public. Description Article 7 of the Market Conduct Regulations requires that insurers and intermediaries pay “due regard” to the information needs of customers. The insurer must provide a brochure about each product that clearly states the scope of benefits, charges, estimated returns and the extent of insurance cover and that explicitly explains the warranties, exceptions and conditions of the cover. The insurer and intermediary must ensure that the consumer receives all “material information” in respect to the cover to enable the consumer to make a balanced and informed decision regarding the most suitable product in their best interest. There is, however,  no requirement that the brochure contain specific information on the risks of the insurance (such as the risk of under-insurance in home insurance, or of non-disclosure generally ) and  no specific requirement that the brochure and all other information for the purchasing decision be provided prior to the purchasing decision being made by the consumer. The insurer and insurance intermediaries must also take reasonable care to ensure that the information provided to customers be accurate in all material respects, not misleading and is easily understandable (Article 7 Market Conduct Regulations). Article 9 of the Market Conduct Regulations deals with advertisements by insurers and insurance intermediaries. It prohibits the conduct, facilitation, acceptance or publication of unfair or misleading advertisements and the announcement of false information. The provision clarifies that unfair or misleading advertisements include those that fail to clearly identify the product as insurance, make claims beyond the reasonable expectation of performance, describe benefits that do not match the policy provisions, and make unfair or incomplete comparisons to products or disparages competitors. The Code of Conduct for insurance brokers imposes additional requirements, including that brokers must ensure that statements made are not misleading; they must not limit advertisements to policies of one insurer without fully explaining the reasons, and the advertisements cannot be positioned to take advantage of the lack of experience or knowledge of consumers (Article 9). Article 17 further obliges intermediaries to provide accurate information regarding the policy to the consumer before the policy is signed, although there does not appear to be a specific requirements to provide the brochure prepared by the insurer. Comparing Articles 7 and 9 of the Market Conduct Regulations, it is not clear that there is an absolute prohibition on misleading and deceptive conduct in respect of an insurer’s materials or statements generally (such as brochures and advice) other than items that would qualify as “advertising” or “announcements.” It is also unclear what rights the consumer has for the breach of these provisions, although BNR may impose sanctions under Article 14. 115 Recommendation Research on Insurance Value Chain It is recommended that the BNR conduct research to understand the current and emerging roles of various parties in the insurance value chain, including MFIs, SACCOs, banks and traditional intermediaries such as agents and brokers. With this additional level of detail, consideration could then be given to whether existing rules are sufficient for consumer protection or whether additional initiatives are needed, whether formal or informal in nature. Promotion and Sales of Insurance Although insurers and intermediaries are required to take all necessary steps to ensure that brochures and other materials provided to the consumer under Article 7 of the Market Conduct Regulations are accurate and not misleading, it is not clear whether brochures and other materials provided to the consumer under Article 7 are included in the definition of “advertising” and “announcements” under Article 9, and thus subject to the absolute rule that they not be misleading. The obligation to present accurate and complete information should be absolute for all materials presented to the consumer by the insurer and intermediary, and it is recommended that an amendment be introduced that would make any misleading and deceptive conduct on the part of insurers and intermediaries and breach and thus actionable. Some relief for breaches can be given where, for example, statements of future expectations are based upon reasonable expectations. In addition, it is recommended that the consumer should have clear recourse in the event that the information does not comply, including for damages. It is also recommended that additional specific disclosure be considered for brochures, such as risk disclosure, the requirement that unusual exclusions or other terms be given prominence, the amount of any deductibles and information about internal and external dispute resolution schemes. Ideally, information about basic consumer insurance products should be presented in a standardized format to enable comparison across insurers. It is further recommended that the requirements in Article 7 make it clear that the brochure and any information outlined needs to be provided to the consumer prior to their purchasing decision, that the consumer acknowledges its receipt, and that they have read and understood it. Benefit could also be gained by focusing on the level of consumer understanding of the insurance relationship and by facilitating requirements that will maximize the likelihood that consumers understand the basics concerning their insurance purchase, including what the product is that they are acquiring, who the insurer is, how to make a claim or access other benefits under the contract and what their obligations are as policy holders. Life Insurance Investment Products In respect to life investment products, although there is a general requirement that claims cannot be made beyond the reasonable expectation of performance, there is the risk that this may be broadly interpreted. It is recommended that, to ensure that consumers are not misled about the potential investment returns for life investment products, more specific regulatory guidance be provided. This would include a requirement that the insurer take into account the type of assets, the terms of the contract and ensure that there is a clear statement that past investment performance is no indicator of future performance. 116 Good Practice B.3. Understanding Customers’ Needs Good Practice The sales intermediary or officer should be required to obtain sufficient information about the consumer to ensure an appropriate product is offered. Formal fact finds should be specified for long-term savings and investment products and they should be retained and be available for inspection for a reasonable number of years. Description Article 8 of the Market Conduct Regulations requires that insurers and intermediaries seek from their prospective customers the necessary information to make an appropriate assessment of the customer’s insurance need before giving advice or concluding a contract. The mandatory Brokers Code of Conduct provides more specifics, and requires that the broker  understand the type of customer he is dealing with and the extent of the customer’s awareness of risk and insurance (Article 1(d)) and  ensure, as far as possible, that the policy proposed is suitable to the consumer’s needs and resources (Article 1(g)). Although insurers and brokers must  have in place risk management policies and internal control systems (Article 19 Insurance Licensing Regulations; Article 19 Intermediary Licensing Regulations) and  have a system to monitor the quality of advice given by their staff (Article 4 Market Conduct Regulations), both of which would arguably include an obligation to record and retain a copy of the customers’ needs, but there is no specific requirement in this regard. Provision of Advice In providing advice, insurers or intermediaries must provide all material information about the coverage to enable the consumer to make a balanced and informed decision regarding the most suitable insurance coverage in their best interest (Article 7 Market Conduct Regulations). Prospective customers must be fully informed about their duty of disclosure, including the consequences of non-disclosure (Article 8). Insurance brokers must provide advice objectively and independently and ensure, as far as possible, that the policy proposed is suitable to the needs and resources of the potential customer (Articles 2(d) and 1(f) Code). They must promptly identify and explain the degree of choice in the products on offer, explain the reasons for their recommendations and where available offer comparisons of price, cover or service (Article (e) and (f)). Furthermore, the broker must explain the coverage in order to ensure that the consumer understands it, bring to their attention any warranties or unusual terms, and explain how to cancel coverage. Recommendation It is recommended that BNR consider the benefits of structures that ensure insurance advisers obtain information about their client and ensure that suitable products are sold to them, and over time introducing regulatory or code provisions to enhance the suitability of advice and products. This could potentially be achieved through a written fact find, or through other more appropriate means based on the consumer’s levels of literacy and the maturity of the intermediary market. A fact find would, for instance, record the customer’s situation, needs and objectives and could be retained for a set period, and a copy provided to the consumer with a copy of the advice given. It is also recommended that BNR consider whether insurance agents should meet the higher standard of conduct when understanding their client and giving advice as brokers are required to comply with. It is further recommended that consideration be given to implementing requirements for intermediaries to take steps to understand that the consumer understands the advice and the product that they are acquiring. 117 Good Practice B.4. Cooling-off Period Good Practice There should be a reasonable cooling-off period associated with any traditional investment or long- term life savings contract, after the policy information is delivered, to deal with possible high pressure selling and mis-selling. Description There is no cooling-off period for insurance. Recommendation It is recommended that consideration be given to what reasonable cooling-off periods would be for non-mandatory classes of insurance, and in particular long-term savings contracts. Good Practice B.5. Key Facts Statement Good Practice A Key Facts Statement should be attached to all sales and contractual documents, disclosing the key factors of the insurance product or service in large print. DESCRIPTION Insurers must issue brochures for each of their insurance products that clearly state the scope of benefits, the extent of insurance coverage, charges and estimated returns, and explicitly explain the warranties, exceptions and conditions of the coverage (Article 7 Market Conduct Regulations). Customers must also be informed about their duty of disclosure, although there is no specific requirement that this information appear in writing, such as on the proposal form. There are no specific requirements regarding the presentation of the material, such as type size. There is a general obligation for insurers and intermediaries to provide all material information about the coverage to the consumer to enable them to make a balanced and informed decision (Article 7 Market Conduct Regulations). Before an insurance contract is signed, insurance brokers and agents are required to provide accurate information about the purpose of the policy, what is and is not covered, risk selection requirements, the application, terminology used in the contract, how the policy will be issued, the estimated price and any other information relating to the contract (Article 17 Intermediaries Regulations). Recommendation It is recommended that information about the insured’s duty of disclosure, including the consequences of failing to meet the duty, and the times at and until which the duty applies, be required to be provided in writing to the consumer in clear language prior to their signing any application or proposal form. Ideally, a summary form of disclosure about the key terms of the insurance contract should be included on the front page of the policy document. See also recommendations above under section B.2 118 Good Practice B.6. Professional Competence Good Practice a. Sales personnel and intermediaries selling and advising on insurance contracts should have sufficient qualifications, depending on the complexities of the products they sell. b. Educational requirements for intermediaries selling long-term savings and investment insurance products should be specified, or at least approved, by the regulator or supervisor. Description Article 4 of the Market Conduct Regulations requires that insurers and insurance intermediaries ensure that  they act with due skill, care and diligence;  their staff members are competent, suitable and have been given adequate training; and  a system is in place to monitor the quality of advice. An insurance broker can only provide advice on insurance matters in which he or she is knowledgeable and refer a consumer to another specialist for advice when needed (Article 2(a) Code of Conduct). Article 10 of the Brokers’ Code contains specific requirements in relation to training. In addition to other requirements in the law, the Code also mandates that staff is aware of all applicable legal and regulatory requirements, including the Code, and that they comply with those requirements. The Financial Sector Development Plan II contains a proposal to introduce an internationally-recognized standard of education for insurance intermediaries or insurer technical staff (the Certificate of Proficiency or similar) with a substantial lead-time to enable members of the industry to meet the standard. The insurance industry association, ASSAR, is currently developing a proposal for a training institute for the insurance industry and intermediaries. Recommendation It is recommended that Rwanda continue with the proposals contained in the Financial Sector Development Plan II. Education and experience requirements should apply both at the time of licensing or appointment by the insurer (in the case of agents), and there should also be ongoing educational requirements such as a minimum number of hours per year spent in updating or increasing relevant education. There is an ongoing need to provide training to staff and intermediaries in the insurance industry. Such training should be extensive to build appropriate skills within the industry and, from a consumer protection perspective, should cover products (including features and suitability), the underwriting process, claims handling and assessment and training on consumer protection issues. Given the real need to increase experience within the industry, any industry training institute should be encouraged and, if possible, assisted to meet the internationally recognized standards consistent with the proposals in FSDPII. It is further recommended that BNR staff receive specific training to enable them to understand how the process of advice in the insurance context works and also potential consumer issues arising from the advice field. 119 Good Practice B.7. Regulatory Status Disclosure Good Practice a. In all of its advertising, whether by print, television, radio or otherwise, an insurer should disclose: (i) that it is regulated, and (ii) the name and address of the regulator. b. All insurance intermediaries should be licensed and proof of licensing should be readily available to the general public, including through the internet. Description a. Article 9 of the Insurer Licensing Regulations requires that the license be continuously displayed in a conspicuous place at the broker’s head office and all branch offices. A list of all licensed insurers is published on the BNR’s website. However, there is no requirement to publish the insurer’s regulated status or their address in public documents such as marketing materials. b. Insurance brokers, agents and loss adjusters must all be licensed under the Intermediaries Licensing Regulations. Article 7 requires that the license be continuously displayed in a conspicuous place at the broker’s head office and all branch offices. A list of all licensed intermediaries is published on BNR’s website. Recommendation A requirement should be implemented for an insurer to publish details of their license in all marketing materials. 120 Good Practice B.8. Disclosure of Financial Situation Good Practice a. The regulator or supervisor should publish annual public reports on the development, health, strength and penetration of the insurance sector either as a special report or as part of the disclosure and accountability requirements under the law governing it. b. Insurers should be required to disclose their financial information to enable the general public to form an opinion with regards to the financial viability of the institution. c. If credible claims paying ability ratings are not available, the regulator or supervisor should periodically publish sufficient information on each insurer for an informed commentator or intermediary to form a view of the insurer’s relative financial strength. Description BNR is empowered by the Insurer Licensing Regulations to publish reports containing statistical data as well as economic and financial studies and can require insurers or any other person to provide it with statistics and information needed for the analysis (Article 68 Insurer Licensing Regulations). Insurers must maintain accounting records that are sufficient to enable its financial position to be determined at any time with reasonable accuracy (Article 24 Insurer Licensing Regulations). Insurers must submit various financial reporting to the Central Bank, including Margin of Solvency Reports, Quarterly Financial Statements, and prudential reports such as valuations of technical provisions, and compliance with investment restrictions, loans and exposures (Article 26 Insurer Licensing Regulations). Insurers must submit audited financial statements to the Central Bank by April 30 each year. After the Central Bank has reviewed insurers’ financial statements, they are required to publish their audited financial statements in a newspaper and on their websites (Article 25 Insurer Licensing Regulations). The Financial Sector Development Program II recognizes the need for increased information on the insurance industry to be published, both on websites and in regular publications. There needs to be more comprehensive data, which should be separated between the life and non-life sectors and is expected to include balance sheet information, income/expense data and key ratios. Very few companies in Rwanda are rated by credit agencies, and no insurers operating in Rwanda are currently rated, making publication by the Central Bank of accessible financial strength data on insurers a priority. Recommendation It is recommended that BNR regularly publish an overview of the financial strength of the insurance industry, with key information that would include market share in key segments, solvency margins and regulatory capital. It is also recommended that BNR conduct an education campaign regarding the importance of an insurer’s financial strength. 121 Section C. Customer Account Handling and Maintenance Good Practice C.1. Customer Account Handling Good Practice a. Customers should receive periodic statements of the value of their policy in the case of insurance savings and investment contracts. For traditional savings contracts, this should be provided at least yearly, however more frequent statements should be produced for investment- linked contracts. b. Customers should have a means to dispute the accuracy of the transactions recorded in the statement within a stipulated period. c. Insurers should be required to disclose the cash value of a traditional savings or investment contract upon demand and within a reasonable time. In addition, a table showing projected cash values should be provided at the time of delivery of the initial contract and at the time of any subsequent adjustments. d. Customers should be provided with renewal notices a reasonable number of days before the renewal date for non-life policies. If an insurer does not wish to renew a contract it should also provide a reasonable notice period. e. Claims should not be deniable or adjustable if non-disclosure is discovered at the time of the claim but is immaterial to the proximate cause of the claim. In such cases, the claim may be adjusted for any premium shortfall or inability to recover reinsurance. f. Insurers should have the right to cancel a policy at any time (other than after a claim has occurred – see above) if material non-disclosure can be established. Description There was insufficient information available to assess this Good Practice. Recommendation There was insufficient information available to assess this Good Practice. 122 Section D. Privacy & data protection Good Practice D.1. Confidentiality and Security of Customers’ Information Good Practice Customers have a right to expect that their financial transactions are kept confidential. Insurers should protect the confidentiality and security of personal data, against any anticipated threats, or hazards to the security or integrity of such information, and against unauthorized access. Description Article 22 of Rwanda’s Constitution provides for the right to privacy. The insurance laws provide some general protection for confidentiality, as follows:  Under Article 5 of the Market Conduct Regulations, insurers and insurance intermediaries must maintain the confidentiality of information obtained from policyholders or prospective customers. The use of that information is restricted to the normal course of negotiating, maintaining or renewing an insurance contract, unless either o the policyholder or prospective customer’s consent is obtained or o the information must be disclosed by law or by a Court.  Under the Market Conduct Regulations, the mandatory Codes of Practice for Insurance Brokers, Agents and Loss Adjusters contain requirements that recipients of information received in professional confidence can only be revealed to others who are entitled to that information. It is not clear who is regarded as being “entitled” to the information, such as whether this extends beyond the insurer to government authorities; and  Under the Corporate Governance Regulations, Article 44 establishes that confidentiality of relations and dealings between the insurer and policyholders is paramount, and directors, officers and staff members must take precaution to protect it. However, there are no specific data protection laws in Rwanda under the oversight of a dedicated agency. Recommendation In some cases, personal information in relation to insurance may be obtained from a person other than the policyholder or prospective customer. For example, an insured or prospective insured may provide information in the proposal or during the underwriting process. The insurer may also give confidential information to third parties, such as medical professionals. It is recommended that consideration be given to expanding the application of the confidentiality provisions to such third parties. In addition, it is recommended that specific data protection laws be introduced in Rwanda to ensure that personal data receives consistent and specific protection across all financial services sectors. 123 Section E. Dispute Resolution Mechanisms Good Practice E.1. Internal Dispute Settlement Good Practice a. Insurers should provide an internal avenue for claim and dispute resolution to policyholders. b. Insurers should designate employees to handle retail policyholder complaints. c. Insurers should inform their customers of the internal procedures on dispute resolution. d. The regulator or supervisor should investigate whether insurers comply with their internal procedures regarding consumer protection. Description Article 10 of the Market Conduct Regulations requires insurers to have an internal dispute resolution process that addresses policyholders’ complaints in a timely and fair manner. Insurers must communicate the processes and procedures to policyholders. Other potential complainants are not mentioned. Brokers must also comply with certain basic requirements for complaints handling. Complaints must be accepted by phone or in writing, must be dealt with at a suitably senior level and the broker must have a system for recording and monitoring them (Article 7 Broker Code of Conduct). The BNR Directive on Customer Service Delivery also contains certain benchmarks that are required to be met by insurers and brokers in relation to complaints handling, including a requirement to address complaints within 15 days. Recommendation Access to the insurer’s dispute resolution mechanism should be extended to any person with an interest under a policy, including beneficiaries. Provisions should be implemented that require insurers and brokers to inform consumers about the existence of the internal dispute resolution scheme as well as processes for accessing it, both in marketing materials about each product (including written materials and on the company’s website) and at the time a complaint is made. Requirements should be implemented that specify in detail the timeframes within which response should be provided and requirements for the insurer or broker to report on their scheme and monitor trends in complaints handling. 124 Good Practice E.2. Formal Dispute Settlement Mechanisms Good Practice a. A system should be in place that allows consumers to seek affordable and efficient third-party recourse, which could be an ombudsman or tribunal, in the event the complaint with the insurer cannot be resolved to the consumer’s satisfaction in accordance with internal procedures. b. The role of an ombudsman or equivalent institution vis-à-vis consumer disputes should be made known to the public. c. The ombudsman or equivalent institution should be impartial and act independently from the appointing authority and the industry. d. The decisions of the ombudsman or equivalent institution should be binding upon the insurers. The mechanisms to ensure the enforcement of these decisions should be established and publicized. Description Rwanda has an ombudsman who, among other functions, is able to receive and investigate complaints from individuals or independent associations about injustices suffered at the hands of private institutions and promotes mediation before making decisions under law. Complaints can be made in person, by phone, in writing, using an online form or in outreach programs in various parts of the country. From 2010–2011, there were nine insurance-related cases out of a total of 3,644 cases, being the smallest complaints category160. It is difficult to know whether this low number is as a result of poor awareness, low insurance penetration or low needs to make complaints (although the latter is the least likely). Under the Financial Sector Development Program II, a special financial sector unit is being introduced in the Ombudsman’s office, and at the time of writing, a law was before Parliament to introduce a Deputy Ombudsman role for this purpose. Insurance intermediaries must have professional indemnity insurance policies as required by BNR (Article 18 Intermediaries Licensing Regulations). Recommendation It is recommended that the proposed new arrangements be reviewed to ensure that appropriate powers are conferred upon the Ombudsman’s office to handle insurance complaints of all types (and not just complaints related to claims). Decisions of the Ombudsman should be binding on the insurance company, broker, or other distributor (as relevant) but not on the consumer. The new service should be promoted among consumers, and insurance companies should be required to notify consumers of its existence and the procedure for making a complaint both in general product information and also when a complaint cannot be resolved under the insurer’s internal dispute resolution system. 160 Source: 2010-11 Annual report, Office of the Ombudsman. 125 Section F. Guarantee Schemes and Insolvency Good Practice F.1. Guarantee Schemes and Insolvency Good Practice a. With the exception of schemes covering mandatory insurance (and possibly long-term insurance), insolvency guarantee schemes are not to be encouraged for insurance because of the opaque nature of the industry and the scope for moral hazard. Strong governance and prudential supervision are better alternatives. b. Nominal defendant arrangements should be in place for mandatory insurances such as motor third party liability insurance to cover situations where there is no insured guilty party. c. Assets covering life insurance mathematical reserves and investment contract policy liabilities should be segregated or at the very least earmarked, and long-term policyholders should have preferential access to such assets in the event of a winding-up. Description There was insufficient information available to assess this Good Practice. Recommendation There was insufficient information available to assess this Good Practice. 126 Section G. Consumer Empowerment Good Practice G.1. Broadly based Financial Capability Program Good Practice a. A broadly based program of financial education and information should be developed to increase the financial capability of the population. b. A range of organizations–including government, state agencies and non-governmental organizations–should be involved in developing and implementing the financial capability program. c. The government should appoint an institution such as the central bank or a financial regulator to lead and coordinate the development and implementation of the national financial capability program. Description Under Vision 2020, the goal is to increase financial inclusion to 80 percent by 2017, and to 90 percent by 2020. Rwanda is, through the work of the Ministry of Finance and Economic Planning, the BNR, and Access to Finance Rwanda, currently developing a National Financial Education Strategy. The strategy targets key groups in Rwanda’s population, including crucial sectors of the population such as children, youth, elders, and women and outlines multiple delivery channels for each. There are also KPIs that have been established to measure success under the regular FinCap survey. It has also been identified that financial education is required to increase the currently small available pool of qualified financial services workers, as recruiting staff even with basic financial skills is currently a challenge. This has the flow-on effect of enabling customer service staff to assist with the education of financial consumers. In terms of insurance, it appears that there is a high level of awareness of the national health insurance scheme, with the FinCap survey indicating that the level of awareness of insurance is nearly as high as awareness of savings products161. However, a separate survey162 noted that 20.4 percent of surveyed Rwandans had not heard of insurance and 29.6 percent did not know how to use it; 22.1 percent said they could not afford it. Recommendation It is recommended that the government of Rwanda continue to invest resources in its financial literacy initiatives. 161 14 percent of respondents stated they were not aware of insurance, compared to 17 percent for savings accounts. 162 FinScope Rwanda 2012. 127 Good Practice G.2. Unbiased Information for Consumers Good Practice a. Consumers, especially the most vulnerable, should have access to sufficient resources to enable them to understand financial products and services available to them. b. Financial regulators should provide, via the internet and printed publications, independent information on the key features, benefits and risks—and where practicable the costs–of the main types of financial products and services. c. Non-governmental organizations should be encouraged to provide consumer awareness programs to the public regarding financial products and services. Description See above information regarding the National Financial Education Strategy. Recommendation As above. Good Practice G.3. Measuring the Impact of Financial Capability Initiatives Good Practice a. Policymakers, industry and advocates should understand the financial capability of various market segments, particularly those most vulnerable to abuse. b. The financial capability of consumers should be measured through a broad-based household survey that is repeated from time to time. c. The effectiveness of key financial capability initiatives should be evaluated. Description In the draft National Financial Education Strategy, the government of Rwanda has clearly outlined a strategy for increasing financial services literacy across key sectors of the population including children, youth, elders, women, as well as urban and rural populations and financial services staff members. A set of KPIs have been identified to measure the effectiveness of the initiatives, which will be assessed using results from each FinCap survey. Recommendation The proposed plans currently in place should be implemented in Rwanda with continuing measures as to their impact and effectiveness in accordance with the set KPIs. 128 ANNEX I: FINANCIAL SECTOR OVERVIEW Since the adoption of the first Financial Sector Development Plan in 2008, a much greater range of financial service delivery options has become available in the Rwandan financial sector, including through money transfer and mobile and Internet banking products available to consumers. Furthermore, there is a much greater choice in available banks and service locations. In particular, in this period:  110 new bank service locations have opened, an increase of almost 60 percent.  Two new commercial banks have entered the market (Kenya Bank and Equity Bank).  A new electronic payment and settlement system has been introduced.  Automated teller machines (ATMs) offering local interoperability and international network access have been introduced.  A new agency network is in place to support MMT services, and the mission team was told a number of banks are considering using such networks for branchless banking (the mission team was told by BNR there are around 4,000 such agents at the time of writing).  Mobile money transfer (MTN) services have become widely available. MTN Money and Tigo Cash are currently available, and Airtel is in the course of obtaining the relevant license from BNR. The core MMT product is money transfer between mobile phone subscribers, based around a network of cash-in/cash-out agents. In the future, it is envisaged that MMT operators, as well as banks, will be able to offer interest bearing e-money deposit services.  Mobile and internet banking services are also widely available. These developments have taken place against a background of the FSDP II objective of increasing financial inclusion to 80 percent by 2017 (the five years covered by this strategy) and to 90 percent by 2020. Banking Sector Overview The banking sector in Rwanda consists of 10 commercial banks (one of which is a Development Bank), three microfinance banks and one co-operative bank. The sector is rapidly expanding, as indicated by the number of banks that have been recently licensed and the rapid growth in bank assets (there has been around a 150 percent increase since 2007). The banking market is highly concentrated with the Bank of Kigali, BPR and BCR holding nearly 60 percent of assets. Mortgage and commercial loan segments concentrate the lending portfolio. Table 2. Total Bank Assets (in RF) Dec-07 Dec-08 Dec-09 Dec-10 Dec-11 Banks 430,648,691 573,123,114 652,626,124 878,935,924 1,084,192,044 % increase from previous - 33.08 13.87 34.68 23.35 year Source: National Bank of Rwanda, July 2013 Table 3. Bank Market Concentration Share of Market Bank Main Shareholders (% of Total Assets) Bank of Kigali 32 Government Banque Populaire de Rwanda 16 RABO Bank Banque Commerciale de Rwanda 11 I & M Bank Ecobank Transnational ECOBANK Rwanda 10 Incorporated (ETI) Compagnie Générale de Banque (COGEBANQUE) 9 GATERA Egide Source. National Bank of Rwanda, July 2013 129 Overview of Microfinance Sector Despite Rwanda phenomenal growth in financial access and increased usage of finance services between 2008 and 2012, recent information from the Financial Diaries project suggests that consumers are still underutilizing formal channels because of concerns about the quality and trust of banks and MFIs. Some of these specific concerns are around the lack of privacy in the loan assessment process, fees, penalties for savings accounts and account closings being unclear or not transparent. MFIs and SACCOs163 make up an important part of the financial system serving 1.8 million or 26 percent of economically active population. As of June 2013, there were 12 limited company MFIs, 63 employer or community-based SACCOs and 416 district-level SACCOs referred to as Umurenge SACCOs. In addition, there are three commercial microfinance banks registered under the Banking Act and one cooperative bank that was previously the Army SACCO, which together serve approximately 154,000 individuals. By comparison, the largest non-bank limited company MFI has 117,000 clients and RWF 3.6 billion in assets. The informal sector comprises 760,000 users of Village Savings and Loans Associations, tontines, friends and families, local business providing lines of credit and a small but unmeasured shadow banking system. Shadow banking is a criminal offence under Article 642 of the Penal Code punishable by two to five years in jail. As such, loan sharking is limited and undetectable even in many rural areas. The most dynamic part of the MFI sector continues to be the Umurenge SACCOs, which were started in 2009 and now serve 72 percent (1.3million) of the clients in the combined MFI, existing SACCO and Umurenge SACCO industry. In the last 24 months, these 416 SACCOs have grown their assets 134 percent to RWF 46 billion. As lending among them has grown, so have income and non-performing loans. Non-performing loans now stand at 7.3 percent (below the overall NPLs for all MFIs at 10 percent). Most important for these institutions and their 1.3 million members and their RWF 31.6 billion in deposits, 304 of the SACCOs are now financially viable without government subsidies. The remaining 112 are scheduled to stop receiving subsidies in at the end of 2013. Importantly as a group, the Umurenge SACCOs have 26.3 percent capital to non-risk weighted assets. Table 4. Selected Indicators for the Microfinance Sector Indicator June 2013 Six Month Growth Total Assets 122 20.8% Total Liquid Assets 47.6 43.8% Gross Loans 64 7.9% Total Deposits 69 26.6% NPL Ratio 8.9 NA Capital Adequacy Ratio 31.51 NA Source: BNR, Microfinance Supervision Department 163 For regulatory and licensing purposes, all SACCOs are technically classified as type 2 or type 3 MFIs. Throughout this document, we refer to both of them separately because of their different business practices and the additional regulatory and legal framework that SACCOs under the RCA and Cooperative Act.. 130 Any new consumer protection requirement imposed on MFIs/SACCOs must weigh the benefits against the compliance and reporting burdens and costs for small institutions serving low-income populations. As described below, there are very few required consumer protection requirements in place today for MFIs/SACCOs and this absence is being exploited by some MFIs with regard to how interest rates are calculated and disclosed (i.e., on a monthly or flat basis instead of on an annual declining balance as is customary of banks). There is clear and necessary room for improvement and these improvements should be implemented to help bolster confidence in the MFIs/SACCOs through greater protection of savers and borrowers. 131 ANNEX II: LEGAL FRAMEWORK BANKING, MICROFINANCE AND INSURANCE SECTORS The principal laws currently relevant to CPFL issues arising from the provision of financial services by the commercial banking sector in Rwanda include the following (in summary): Name of Law / Regulation/ Application Topic Covered Directive LAWS Ombudsman Law 2003 Public and private sector. Establishes the Office of the Ombudsman and its related functions and powers. Central Bank of Rwanda Banking sector. Established BNR and its related functions and powers. Law, 2007 Banking Law 2008 Enterprises that customarily receive This important Act sets out conditions for licensing of banks, funds from the public and grants loans prudential rules applicable to banks, disciplinary action for its account but not including against banks and disciplinary measures against banks. It microfinance organizations, savings and further provides for BNR’s supervisory powers and the credit co-operatives and savings establishment of a Deposit Guarantee Fund (however, the collection organizations (see definition of relevant law has not been passed). The Act does not, “bank” in Article 1 and Article 2) however, provide for any consumer protection measures for the protection of bank customers. Microfinance Law 2008 MFIs and SACCOs. Articles 4–7 describe the four tiers of MFIs and Articles 8–9 require the licensing of such institutions. The tiers of MFIs also correspond to which organization can accept deposits. Article 29 requires the signing of a contract for all loans. Mortgages Law 2009 This law applies to mortgages of This law deals with the registration of mortgages, mortgages immovable property. of matrimonial property, rights and obligations of mortgagors, changes to variable interest rates, defaults and the seizure and sale of mortgaged property. Law on Security Interests in This law governs security interests in This law covers principles relating to enforcement of security Movable Property 2009 movable property. interests, kinds of movables subject to security interests, priorities and enforcement of security interests. Negotiable Instruments Checks and other negotiable instruments. This law contains detailed provisions applicable to checks Law 2009 including in relation to the issue and dishonor of checks and liability on these instruments. Credit Information System Banks and MFIs. This law provides BNR with supervisory and regulatory Law 2010 authority with respect to the credit information system and contains detailed provisions with respect to licensing, the permissible activities of credit bureaus, the rights and obligations of mandatory and voluntary participants, consumers’ rights of access and correction and confidentiality of customer information. Article 27 ensures confidentiality and Articles 28–31 provide for consumer’s rights. Payments System Law 2010 Operators of payment systems and This law confirms the power of BNR with respect to (Payments Law) issuers of payment instruments. payments systems and the issue and use of payment However, the licensing requirements do instruments and makes provision for the clearing and not apply to licensed banks or settlement of payments and financial collateral arrangements. microfinance institutions. Electronic Messages, This law deals with legal recognition of electronic documents Electronic Signatures and and signatures, the liability of network operators and Electronic Transactions certification authorities, digital signatures and electronic Law 2010 contracts and the acceptance of electronic filing and issuance of documents. Competition and Consumer “Any economic activity carried out or The CCP Law has the purpose of “encouraging competition Protection Law, 2012 having an effect within Rwanda.” Goods in the economy by prohibiting practices that undermine the and services are for personal, domestic normal and fair course of competition practices in household use. May not apply to B2B commercial matters. It also aims at ensuring consumer’s commerce. interests promotion and protection” (Article 1). The CCP Law’s provisions are expressed in sufficiently general terms 132 to apply to products and services provided by the financial sector (including the banking sector). While the bulk of the consumer protection provisions seem to be designed to protect consumers who purchase goods, there are a number, which would be applicable to consumers of financial services, including in relation to disclosures, prejudicial provisions, comparative advertising and deceiving or misleading acts.164 Article 35 requires displaying prices but relates to packaging or using a notice board for commodities. Cooperative Societies Act Cooperatives Provides rights to members regarding knowing the status of 2007 the SACCO. Article 46 of the Cooperative Act does provide for a member’s rights to receive annual accounts. Deposit Insurance Fund – in Article 64 of the Banking Act indicates Protection of depositors. DRAFT membership will be mandatory for all accredited banks. BNR staff indicated it will also apply to MFIs/SACCOs Organization of Insurance Insurance Business (Law No 52/2008) REGULATIONS Licensing Conditions Commercial banks, development banks This regulation covers licensing requirements for regulated Regulation, 2008 and microfinance banks institutions, including in relation to the licensing application process, minimum capital, ownership structure, license fees and other matters. Credit Classification and Banks This regulation sets out requirements in relation to the Provisioning Regulation classification and management of non-performing credit 2011 facilities. Regulation on the Banks Only–Not Applicable to MFIs. This regulation requires banks to publish minimum and Publication of Tariff of maximum rates and fees in newspapers, on the web, in a Interest Rates and Fees booklet available to customers and to always display this Charged by Banks 2011 information “outstandingly at the entrance of their premises (Disclosure of Interest Rates and any other place of business.” The publication is always and Fees Regulation 2011) required to be done in three official languages (Article 3). Notices of changes are also required to be given in 15 days to the BNR and the public (Article 4). This regulation also makes clear that interest rates and fees and charges may be freely set (Article 5). Pecuniary Sanctions Banks This regulation sets out pecuniary sanctions for a bank that applicable to Banks, 2011 violates BNR regulations, instructions and decisions (Article 1). However, it does not specify that the regulations apply to a violation of a Directive or a Guideline. Oversight of Payments A participant, an operator or the This regulation provides BNR with extensive powers of System Regulation 2010 settlement agent of a payment system and oversight over payments systems. a payment service provider Bank Reporting Banks This regulation covers periodic reporting requirements. Requirements Regulation 2012 Bank Risk Management Banks This regulation and the attached guidelines cover risk- Regulation 2012 management requirements, including in relation to credit risk management. Electronic Funds Transfers Banks and other payment system This regulation is designed to protect users of electronic and Electronic Money providers and the senders and recipients payments systems (Article 1). It contains rules concerning Regulation 2010 (EFT of relevant electronic message the processing of funds transfers, the irrevocability of Regulation) payments orders and erroneous or unauthorized transactions, liability in cases of system or equipment malfunction, 164 Articles 33, 34, 37 and 39. 133 customer obligations regarding security devices and obligations in relation to standard terms and conditions. Licensing Criteria for Operators of payments and securities This regulation sets out BNR’s requirements for the Operating Payments and settlement systems operators of payments and settlement systems, including in Settlements Systems relation to license applications and fees, access regimes and Regulation 2010 withdrawal and suspension of licenses. Microfinance Regulation MFIs and SACCOs Articles 17–20 require usage and reporting to the credit 2009 bureau. Loans under RWF 200,000 are exempt, but not in practice. Non-compliance carries a RWF 100,000 fine per Article 78(4). Article 21 forbids an MFI from giving a loan to a person that has defaulted on a loan at any financial institution in Rwanda. No time line is attached and as such is for a person’s life. Non-compliance carries a RWF 100,000 fine. Article 25 requires an analysis of a borrower’s capacity to repay. Article 61 forbids an MFI from making any new loans once its NPLs are at 10 percent. Regulation No 12/2009 of Insurance sector Market Conduct requirements for insurers and insurance 13/10/2009 (Market intermediaries. Conduct Law) Regulation No 5/2009 of Insurance sector Licensing requirements and other requirements for carrying 29/7/2009 (Insurer out insurance business. Licensing Law) Regulation No 6/2009 of Insurance Intermediaries Licensing requirements and other requirements for insurance 29/7/2009 (the Intermediary intermediaries. Licensing Law) Regulation No 7/2009 Insurance sector Corporate governance requirements for insurance business. (Corporate Governance Law) DIRECTIVES Agent Banking Guideline A financial institution licensed under the Topics covered include the permissible activities of agents, 2012 Banking Law or the Microfinance Law approval processes for agents, the key role and responsibilities of financial institutions, non-exclusivity requirements and the powers of BNR in relation to agents. Customer Service Delivery “Financial institutions.” However, this Financial institutions are required to implement guiding Directive, 2012 term is not defined in the Directive and principles and benchmarks set out in an appendix to the the definition in the Banking Act does directive. not include banks (see article 1). However discussions with the bank The Appendix requires policies and procedures, and sets suggest that the intent is that the directive benchmarks for customer service delivery, complaint should also apply to banks. handling in institutions, dispute resolution external to the institution and measuring and monitoring customer Financial institution would then include satisfaction. There is also guidance for the working banks, MFIs, insurance companies and environment and the security of institutional premises. brokers, pension schemes and Forex bureaus. Areas related to customer service, complaint handling, dispute resolution, measuring and monitoring, work environment. Requires quarterly reporting on the implementation of guiding principles. Movable Collateral Banks This directive relates to provisioning for mortgages over Directive, 2012 movable property. 134 ANNEX III: INSTITUTIONAL ARRANGEMENTS The banking sector is primarily regulated by the National Bank of Rwanda (BNR) in relation to CPFL issues. However, they do not have specialist CPFL expertise and do not separate CPFL and prudential supervision. There is also potential for overlap with other regulators on CPFL matters. In particular, there is some overlap with the responsibilities of the Ministry of Trade and Industry under the Competition and Consumer Protection Law 2012 and with the functions proposed to be given to the new Competition and Consumer Protection Regulatory Body and those proposed for the new Assistant Ombudsman for financial services. The mission team understands that the laws relating to the latter two bodies are close to being passed by Parliament. Non-bank MFIs and SACCOs are licensed and prudentially supervised by the National Bank of Rwanda; the Rwanda Cooperative Agency, a division of the Ministry of Trade and Industry, is responsible for the registration, training and promotion of SACCOs. The Ministry of Trade and Industry is also responsible for developing a Competition and Consumer Protection Regulator Body that could apply to MFIs and SACCOs. This Competition and Consumer Protection Regulator Body is not yet established and indicated a desire to leave consumer protection oversight to sector regulatory bodies such as BNR for banking, MFIs and insurance. While still a proposal, it is likely that the national Ombudsman will developed a new unit by December staffed with five people plus a Deputy Ombudsman. This new unit is a proposal from BNR (and is part of FSDP II) and will handle financial consumer protection issues for MFIs as well as banks, insurance and pensions. The relevant existing and proposed institutional arrangements are as follows: Regulator Relevant Law Functions National Bank of Central Bank of Rwanda Law Article 5 of the BNTR Law provides that: Rwanda (BNR) 2007 (Central Bank Law) The main missions of the Bank shall be: Banks are also regulated by BNR under a range of 1° to ensure and maintain price stability; specific laws including those 2° to enhance and maintain a stable and competitive financial outlined below under Laws system without any exclusion; and and Regulations applicable to CPFL Issues in the Banking 3° to support Government’s general economic policies, without Sector. prejudice to the two missions referred to in Paragraphs 1° and 2° above. Ministry of Trade Competition and Consumer The Ministry of Trade and Investment administers the CCP, which has and Investment Protection Law 2012 (CCP the purpose of “encouraging competition in the economy by prohibiting Law) practices that undermine the normal and fair course of competition practices in commercial matters. It also aims at ensuring consumer’s interests promotion and protection” (Article 1). The CCP Act’s provisions are expressed in sufficiently general terms to apply to products and services provided by the financial sector (including the banking sector). While the bulk of the consumer protection provisions seem to be designed to protect consumers who purchase goods, there are a number that would be applicable to consumers of financial services. The main provisions in this category include articles relating to (in summary):  The obligation to inform a consumer before a sale contract is one of the characteristics of the relevant service (or goods) and the conditions of the contract (Article 33);  Provisions in a contract that prejudice a consumer. “Prejudice is defined as “whenever there is no tangible fairness in the agreements between the rights and obligations of parties to the contract” and numerous examples are provided of terms which 135 come within that Description (Article 34);  Acts by a seller that may prejudice the interests of a consumer and the provision of information which may be considered deceiving or misleading (Article 37);  Comparative advertising (Article 39); and  Guarantees (Article 44); Article 50 also makes clear that a consumer may take action for damages in a civil court to recover losses incurred as a result of a breach of the law. A registered consumer protection association may also take action on behalf of a person seeking damages. However, no guidance is provided to a court as to the orders they might make in relation to the relevant contract (other than awarding damages), and the CCP Law does not give itself state the effect of provisions of the “prejudicial terms” referred to in Article 34. For example, it might provide that the relevant terms are void i.e. that they cannot be relied on by the seller of the service (such as a financial institution). Furthermore, the CCP Law does not provide any sort of complaint resolution mechanism for consumers. [Proposed] Article 5 of the CCP Law provides that: Competition and Consumer “A law establishes a Competition and Consumer Protection Regulatory Protection Body.” Regulatory Body However, there is nothing in the CCP law to define the functions or powers of such a body; we understand that legislation is being considered by Parliament that will fill that gap. At the time of writing, the mission team had not been provided with a copy of the draft law. The Office of the Law establishing the The functions of the Office of the Ombudsman do not specifically relate Ombudsman Organization and Functioning to financial services but relevantly include dealing with “injustice” in of the Office of the private institutions and complaints from individuals about private Ombudsman 2003 institutions. Article 3 provides in this context: (Ombudsman Law) The responsibilities of the Office of the Ombudsman are as follows: 1° to act as a link between the citizen and public and private institutions; 2° to prevent and fight against injustice, corruption and other related offences in public and private administration; 3° to receive and examine, in the context mentioned above, complaints from individuals and independent associations relating to acts of civil servants, state organs, and private institutions and to mobilize such civil servants and institutions in order to find solutions to such complaints if it finds they are well founded; “(emphasis added) . There is also now a draft law being considered by Parliament that would establish a new Assistant Ombudsman in the Office of the Ombudsman who would have responsibility for a new five-officer unit to mediate disputes relating to all types of financial services. The initiative was originally proposed by BNR, which has been conducting training sessions for relevant Ombudsman officers. 136