This week, we’re delving deeper into the realm of fair credit reporting and stepping beyond the confines of EveryData (previously known as CreditAdvice), to cast a spotlight on the industry’s broader dynamics. The narrative of Caribbean Credit Bureau Ltd.’s establishment in the early 1990s in Barbados, followed by its subsequent regional spread, showcases the significant growth trajectory driven by the escalating demands of the financial sector. Through this journey, we’ve seen the birth of new entities, including Caribbean Credit Bureau (Aruba), and witnessed the transformation of Credit Advice into EveryData in 2019. An early player, CreditInfo Ltd., which came into existence in 1991, prides itself on adhering to the older legislative frameworks of Barbados.
However, it starkly overlooks the inclusion of imperative, contemporary legislation such as the Barbados Data Protection Act 2019 and the Fair Credit Reporting Act 2021, highlighting a crucial gap in regulatory acknowledgment and compliance within the sector. This oversight highlights the pressing need for the credit industry to adopt clear and widely publicised regulatory frameworks, particularly considering the surprising role of the Central Bank in regulating credit bureaus as stipulated by the Fair Credit Reporting Act.
In seeking a basic understanding of how the Central Bank regulates credit bureaus and oversees their operations, I was surprised by the lack of detailed information on their website, except references to the Act itself. This absence of clear and published guidance raises questions about how the Central Bank monitors these crucial financial entities to maintain fairness and accuracy in credit reporting in Barbados.
Unclear and publicly inaccessible guidelines for managing credit bureaus lead to widespread issues. Inconsistencies in how businesses handle credit information could result in inaccuracies in credit reports and potential legal complications. This lack of transparency makes us question their reliability and raises the chances of errors on our credit reports. Furthermore, correcting these mistakes becomes an even greater challenge due to the lack of a publicly accessible resource for identifying these bureaus.
The absence of clear guidelines for the operation of credit bureaus spells trouble both for the industry and consumers. On the industry side, this ambiguity fosters inconsistent practices in how credit information is collected, stored, and reported, leading to potential disparities in credit reports. Such inconsistency not only risks legal and regulatory non-compliance, attracting penalties and reputational damage, but also breeds operational inefficiencies. Without uniform procedures, credit bureaus face higher costs and increased chances of errors in credit reporting.
For consumers, the repercussions are direct and personal. The lack of transparency and standardisation erodes trust in the credit reporting process, heightening the risk of inaccuracies in credit reports. This can have tangible effects on a person’s ability to secure credit, employment, or housing.
The oversight of credit bureaus by the Central Bank of Barbados, rather than the Financial Services Commission (FSC), was unexpected for many, including myself. The FSC is the usual regulator for non-banking financial entities, a group that naturally includes credit bureaus. It’s perplexing that the Central Bank has taken on this responsibility, especially considering that credit unions, which resemble banks more closely, are under the purview of the FSC. The primary objective of the Central Bank is to maintain monetary stability and the overall health of the banking sector, not to engage in consumer protection or the intricacies of credit reporting. With the FSC’s direct involvement and partnership with credit bureau affiliates, such as credit unions and insurance companies, it begs the question of whether the Central Bank is indeed the most appropriate entity for this regulatory function.
Without a dedicated regulatory body finely tuned to oversee the credit advice and reporting sector, there’s a tangible risk that companies like EveryData could transition into data brokers. Originating from a foundation in credit advice, EveryData’s name itself suggests an expanding scope, possibly indicating a move towards collecting and analysing a broader spectrum of information beyond merely financial data.
Data brokers, born from the transformation of credit advice firms, amass and monetise personal information, ranging from basic demographics to intricate behaviour patterns. This evolution into data brokerage amplifies privacy concerns, vastly expanding surveillance on individuals without transparent disclosure. The lack of transparency leaves consumers in the dark regarding what data is collected, who buys it, and for what purposes, fostering a sense of vulnerability over personal data control.
The transition from credit advisory services to data brokerage not only risks the integrity of personal data, leading to potential discrimination and security breaches, but also poses a significant threat to individual credit scores and employment opportunities through data inaccuracies. Furthermore, the comprehensive profiling conducted by data brokers opens the door to discriminatory practices and manipulation of consumer choices, severely limiting individuals’ control over their own data amid murky consent procedures and cumbersome opt-out mechanisms.
This possible shift by Credit Bureaus underscores a critical need for robust and aligned consumer protection laws that not only protect our rights but also ensure the accuracy and transparency of data handling practices.
Steven Williams is the executive director of Sunisle Technology Solutions and the principal consultant at Data Privacy and Management Advisory Services. He is a former IT advisor to the Government’s Law Review Commission, focusing on the draft Cybercrime bill. He holds an MBA from the University of Durham and is certified as a chief information security officer by the EC Council and as a data protection officer by the Professional Evaluation and Certification Board (PECB). Steven can be reached at: Mobile: 246-233-0090 Email: steven@dataprivacy.bb
