RCD.0001.0047.0002

) Greater

Greater Bank Limited ABN 88 087 651 956 AFSL and ACL 237476

Early submission addressing questions from the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry

16 February 2018

Greater Bank Limited 103 Tudor Street, Hamilton NSW 2303 PO Box 173, Hamilton NSW2303 t: 1300 651 400 I f: 02 4921 91121DX7863 Newcastle I www.greater.com.au RCD.0001.0047.0003

Greater Bank Limited

Part A Introduction 4 1 Request 4 2 Review Period 4 3 Responses 4 4 Contact details 4 5 Glossary 4 Part B Response to Royal Commission Questions 5 Question 1 5 Question 2 7 Question 3(a) 8 Question 3(b) 8 Question 3(c) 8 Question 3(d) 8 Question 3(e)(i) 9 Question 3(e)(ii) 10 Question 4 12 Question 4(a) 13 Question 4(b) 13 Question 4(c) 14 Part C About Greater Bank 16 1 Our history 16 2 Proudly customer owned 16 3 Our culture and values 18 4 Our business 20

4.1 Overview 20

4.2 Products and services 20

4.3 No Personal Financial Product Advice 20

4.4 Low risk Financial Products 21

4.5 Distribution channels 21

4.6 No mortgage brokers or aggregators 21

4.7 No Authorised Representatives or Credit Representatives 21

4.8 Alliance partners 21

4.9 Our credit policy 22

Page 2 of 41 RCD.0001.0047.0004

Greater Bank Limited

5 Subsidiaries 22

5.1 Greater Charitable Foundation Pty Ltd 22

5.2 Greater Investment Services Pty Ltd 22

5.3 Greater Property Holdings Number 1 Pty Ltd 23 6 Our complaints handling and disputes resolution history 23 Schedule 1 Question 1 25 Schedule 2 Question 2 35 Schedule 3 Glossary 39 Schedule 4 Associated Entities 41

Page 3 of 41 RCD.0001.0047.0005

Greater Bank Limited

By letter dated 8 January 2018 from Mr Simon Daley, Solicitor Assisting the Royal Commission, Greater Bank was invited to make an early written submission to the Royal Commission addressing a number of questions that were attached to Mr Daley's letter (Royal Commission Questions). Greater Bank welcomes the opportunity to provide this early submission.

The Royal Commission Questions relate to the period from 1 January 2008 to the date of this submission ( 16 February 2018). We refer to this period below as the "Review Period".

Greater Bank has provided responses to the Royal Commission Questions in Part B of this submission. To provide some context to the responses in Part B, we have set out in Part C general background information about Greater Bank, including information about Greater Bank's mutual ownership structure, business, culture and values. We have also provided an overview of Greater Bank's complaints and internal and external dispute resolution history over the Review Period. As requested, the responses by Greater Bank are provided for itself and also for 1 its Associated Entities . Greater Bank has made substantial changes to its systems, policies, processes and procedures over the Review Period. Unless otherwise indicated, any descriptions of Greater Bank's systems, policies, processes or procedures in this submission are of the systems, policies, processes and procedures in place as at the date of this submission (16 February 2018). Likewise, unless otherwise indicated, descriptions of Greater Bank's business, including its products and services, are as at the date of this submission (16 February 2018).

The officers of Greater Bank from whom further information may be obtained in relation to this submission are:

Scott Morgan Gregory Nyman Chief Executive Officer Head of Legal and Company Secretary Greater Bank Limited Greater Bank Limited a: 103 Tudor Street, Hamilton NSW 2303 a: 103 Tudor Street, Hamilton NSW 2303 p: p: e: e:

Some of the terms used in this submission are explained in the Glossary in Schedule 3.

1 Greater Bank's "Associated Entities" during the Review Period are listed in Schedule 4.

Page 4 of 41 RCD.0001.0047.0006

Greater Bank Limited

Excluding cases of theft from the entity itself, or from an associated entity, has the entity identified any misconduct by the entity (including by its directors, officers or employees, or by anyone otherwise acting on its behalf) which occurred at any time since 1 January 2008? If so, what is the nature, extent and effect of that misconduct?

Response We have not identified any systemic misconduct, or other systemic conduct or behaviour that we consider to have fallen below community standards and expectations. In particular, we have not identified any instances of poor conduct or behaviour that resulted in financial loss or detriment to large numbers/ groups of customers. We have included more detail than you may have been expecting in Part C to explain why this is the case. The reasons relate generally to our structure and business objectives; our culture and values; and our straight forward business model. As noted in Part C: 1. As a customer owned mutual bank, we exist solely to serve and meet the needs of our customers, and do not have the conflicting priority of seeking to maximise returns for a separate group of shareholders. 2. Our customer owned status and mutual values underpin a strong customer-centric culture. Our culture in turn underpins our attitudes and how we conduct ourselves. Customer satisfaction is genuinely the key driver of our business. If a customer is not satisfied, we do everything we reasonably can to rectify the situation as quickly as possible. 3. We offer straight forward retail banking products in a straight forward way. We believe our straight forward approach to retail banking differentiates us from many of our competitors. Keeping things straight forward and uncomplicated for our customers, and focusing on customer service, is at the core of our strategy. We believe it gives us a competitive advantage. 4. We do not provide financial planning, wealth or investment advisory services or other Personal Financial Product Advice of any kind. We do not therefore face many of the advice-related problems that have been the focus of regulators, the media and others over recent years2. 5. Our scale, structure and straight forward business model means that, although we are large enough to meet the retail banking needs of our customers, it is easier for us to monitor and supervise our employees than it may be for larger, more complicated organisations. 6. Our credit policy is conservative. Greater Bank has historically taken, and continues to take, a conservative approach to lending standards (even

2 For example, refer to ASIC Report 474: Culture, conduct and conflicts of interest in vertically integrated businesses in the funds-management industry; ASIC Report 499: Financial advice: Fees for no service; ASIC Report 515: Financial advice: Review of how large institutions oversee their advisers; ASIC Report 516: Review of mortgage broker remuneration; and ASIC Report 562: Financial advice: Vertically integrated institutions and conflicts of interest.

Page 5 of 41 RCD.0001.0047.0007

Greater Bank Limited

relative to our mutual peers) to ensure customers are well placed to meet their repayment obligations and achieve their objectives. We also genuinely work with customers who, for whatever reason, have difficulty meeting their obligations to help them get back on track. This approach is reflected in our loss history, which is well below industry averages. 7. We do not use mortgage brokers or aggregators or have Authorised Representatives or Credit Representatives, and, as we do not provide Personal Financial Product Advice, we do not face many of the inherent conflicts of interest that exist in larger, vertically integrated organisations. 3 The rationale for this is our desire to have direct relationships with our customers so that we can ensure customer satisfaction. As noted, we genuinely focus on customer experience and outcomes.

That is not to say though that we are immune from "conduct risk" 4. We are not. We identified instances over the Review Period where, in the circumstances, we could have done things better or differently that would have resulted in improved customer experiences or outcomes. We have provided descriptions in Schedule 1 that are indicative of the nature, extent and effect of the matters we identified. We appreciate the types of matters we have identified may not be material to the Royal Commission, as they are isolated and sporadic incidents mostly involving human error or mistakes that impacted one or only a small number of customers. Most had no impact on customers or resulted only in inconvenience. Very few resulted in financial loss. Importantly, it is central to our business ethos that where a customer suffers loss as a result of an error or mistake we make, restitution is offered and the customer is fully compensated. We are accountable to our customers as the owners of the business, and so it only serves us well to be honest, transparent and fair when dealing with our customers, including when things go wrong.

3 Refer, for example, to ASIC Report 562: Financial advice: Vertically integrated institutions and conflicts of interest. 4 ASIC describes "conduct risk" as "the risk of inappropriate, unethical or unlawful behaviour on the part of an organisation's management or employees" (ASIC Report 474: Culture, conduct and conflicts of interest in vertically integrated businesses in the funds-management industry, p 8), and has noted such "conduct can be caused by deliberate actions or may be inadvertent, because of inadequacies in an organisation's practices, frameworks or education programs" (Speech by Greg Medcraft, ASIC Chairman, The human factor: Is conduct risk on your radar? 25 July 2017, p 2).

Page 6 of 41 RCD.0001.0047.0008

Greater Bank Limited

Has the entity identified any conduct, practice, behaviour or business activity it has engaged in (including by its directors, officers or employees, or by anyone otherwise acting on its behalf) since 1 January 2008, which it considers has fallen below community standards and expectations? If so, what is the nature, extent and effect of that conduct, practice, behaviour or activity?

Response The term "community standards and expectations" is not defined in the Terms of Reference. Greater Bank believes the community expects us, as a customer owned mutual bank: to act with honesty and integrity and in accordance with our mutual values; to be accountable; to provide straight forward products and services; to provide those products and services efficiently, honestly and fairly, and in a manner that is compliant with all laws and industry standards (including the spirit of those laws and standards, and not just in a "tick the box" manner); to maintain high levels of customer service; and to treat all those we deal with fairly and equitably. Greater Bank believes our Greater Bank Values of: Accountability, Excellence, Collaboration, Customer Focus, and Courage, together with the 10 promises we make and other requirements under the Customer Owned Banking Code of Practice, are well aligned with what the community expects of us. 5 The response we have provided to Question 1 also applies to Question 2. We have not identified during our discovery process any systemic conduct, practices, or behaviours, or any business activities, that we believe fall below what the community expects of us. Again, there are instances where we could have done things better or differently that would have resulted in improved customer outcomes or experiences. We have provided descriptions in Schedule 2 that are indicative of the nature, extent and effect of the matters we identified. They are again isolated incidents mostly involving human error or mistakes.

5 Refer to Part C for details.

Page 7 of 41 RCD.0001.0047.0009

Greater Bank Limited

Is the identified conduct, practice, behaviour or activity the subject of another inquiry or investigation, or a criminal or civil proceeding?

Response No. Greater Bank does, however, currently have nine matters pending before the Credit and Investments Ombudsman (CIO). These matters range in age from one month to approximately a year. Other than these CIO matters, and recovery matters (of which there are currently eight), and also employment related matters (of which there is currently one), Greater Bank is not involved in any other inquiry or investigation, or a criminal or civil proceeding, of any kind.

Does the entity attribute any of the identified conduct, practice, behaviour or activity to the particular culture or governance practices of the entity? If so, describe that culture or governance practice.

Response No.

Does the entity attribute any of the identified conduct, practice, behaviour or activity to some broader cultural or governance practices in the industry or sector of the industry in which the entity operates? If so, describe those cultural or governance practices.

Response No.

Does the entity consider that the identified conduct, practice, behaviour or activity results from other practices (including risk management, recruitment or remuneration practices)? If so, describe those practices.

Response Other than the matter identified in Item 15 in Schedule 1 (which concerns our AML/CTF framework - refer to Item 15 in Schedule 1 for details) (Item 15), we do not believe the matters described in Schedules 1 and 2 resulted from other practices. Other than Item 15, the matters identified were isolated incidents involving human error or mistakes. They represent operational risk management and compliance incidents that arise and need to be managed and addressed in any financial institution of our size or larger. Greater Bank has a comprehensive and robust Enterprise Risk Management Framework in place that enables us to develop and implement appropriate

Page 8 of 41 RCD.0001.0047.0010

Greater Bank Limited strategies, policies, procedures and controls to manage all of the different types of material risks we face. This includes policies and procedures to: identify material compliance risks; design and implement appropriate compliance controls; monitor and assess compliance; identify, report and address instances of non-compliance; and initiate corrective actions and breach consequence management where necessary to mitigate the risk of reoccurrence. While the primary objective of our compliance framework is of course to ensure compliance with our obligations, instances of non-compliance do occur, and when they do our compliance framework enables us to identify and appropriately deal with them. The matters described in Schedules 1 and 2 were recorded and managed as risk incidents in accordance with our Enterprise Risk Management Framework, of which our compliance framework forms part, and we believe they were appropriately addressed. As noted in Part C, our "Blueprint for Change" strategic plan is focused on continuing to transform our business to meet the changing expectations of our stakeholders, including consumers/ customers, regulators and the community, and ensuring our ongoing success. Our strategic objectives, which are central to our "Blueprint for Change", include: strengthening our business capabilities; improving organisational efficiency; and proactively managing regulatory change and risk. We have made substantial improvements to our systems, frameworks, policies, processes, procedures, capabilities and competencies since our "Blueprint for Change" was developed and commenced in 2015. These changes will continue as we make the transition from our current "Blueprint for Change" strategic plan to the next phase (2018 - 2021 ). As part of the continuous improvement of our systems, frameworks, policies, processes, procedures, capabilities and competencies over the Review Period, many internal and external reviews of different parts of our business have been undertaken. The majority of these reviews have resulted in recommendations about improvements that could be made. Where weaknesses are identified, programmes of work are initiated to make the required improvements.

What steps has the entity taken to remedy the consequences for consumers or other businesses of the identified conduct, practice, behaviour or activity?

Response Refer to Column 3 in Schedules 1 and 2. More generally, Greater Bank does not have a policy that prescribes how we assess or respond to incidents of a particular nature or value. Each matter is considered and dealt with on its individual merits on a case by case basis in accordance with our Enterprise Risk Management Framework and complaints handling and dispute resolution process. All complaints received are recorded and managed in accordance with our complaints handling and dispute resolution process. Refer to Section 6 in Part C for a brief description of that process. Put simply, our general approach is that where customers suffer loss as a result of an error or mistake we make, we apologise, restitution is offered and the customer is fully compensated. As noted

Page 9 of 41 RCD.0001.0047.0011

Greater Bank Limited above, we are accountable to our customers as the owners of the business, and so it only serves us well to be honest, transparent and fair when dealing with our customers, including when things go wrong. Our approach to complaints handling is reflected in the small number of matters that required referral to our internal and external dispute resolution schemes over the Review Period. 6 Greater Bank does not rely, however, only on customer complaints to identify mistakes or errors, or poor conduct. Greater Bank has in place a comprehensive and robust Enterprise Risk Management Framework. As noted in our response to Question 3(d) above, Greater Bank's Enterprise Risk Management Framework enables us to develop and implement appropriate strategies, policies, procedures and controls to manage all of the different types of material risks we face. This includes policies and procedures to: identify material compliance risks; design and implement appropriate compliance controls, monitor and assess compliance; identify, report and address instances of non-compliance, and initiate corrective actions and breach consequence management where necessary to mitigate the risk of reoccurrence. We strive to continually improve our business practices. This includes our risk management and compliance frameworks.

What steps has the entity taken to prevent recurrence of conduct, practice, behaviour or activity of the kind identified?

Response Refer to Column 4 in Schedules 1 and 2. More generally, where a risk incident, including a compliance breach, is identified, it is reported and managed in accordance with our risk incident and breach reporting and management process. Whenever an incident is identified its potential impact and whether or not it is a regulatory breach is assessed. The assessed magnitude of the impact determines, for consequence management purposes, the level and speed of escalation, the resources allocated to the investigation, and the response, including corrective/ improvement actions taken to prevent future occurrences. Identified risk incidents/ breaches are recorded in our ProtechtERM System, which is a full featured, ISO 31000 compliant Enterprise Governance, Risk and Compliance management system. The ProtechtERM System facilitates, among other things: risk management assessment and monitoring; controls assessment and monitoring; compliance management; key risk indicator reporting and management; incident, breach and event reporting and management; audit management; action management; analytics and reporting; and workflow management. Periodically trend analysis is undertaken of risk incidents and breaches to identify any potential systemic issues and for consequence management purposes.

6 Refer to Part C for details.

Page 10 of 41 RCD.0001.0047.0012

Greater Bank Limited

The modes of communication of the consequences of a specific breach or type of breach and the way in which employees are counselled and additional training and education is provided depends on the nature and assessed impact of the breach. Common modes of communication include circulation of the incident report (which includes root cause analysis and agreed incident responses/ corrective actions); face-to-face or email communications with the employees directly concerned/ affected; posts to the staff intranet; communications through management channels or Risk & Compliance Co­ ordinators; and broadcast communications to employees.

Page 11 of 41 RCD.0001.0047.0013

Greater Bank Limited

For an entity that is, or has a connection (other than an incidental connection) to, an RSE licensee of a registrable superannuation entity (as defined in the Superannuation Industry (Supervision) Act 1993 (Cth)):

Response For different periods during the Review Period, Greater Bank had a connection to the RSE Licensees of two registrable superannuation funds: namely, the Greater Staff Superannuation Fund and the CUBS Superannuation Fund (Greater Rollover and Allocated Pension Fund). Background information for the Greater Staff Superannuation Fund and the CUBS Superannuation Fund (Greater Rollover and Allocated Pension Fund) is provided below. Background Greater Staff Superannuation Fund The Greater Staff Superannuation Fund was established in 1989 and was a staff superannuation fund open to Greater Bank employees. On 1 December 2012, the assets of the Greater Staff Superannuation Fund were transferred to AMP Superannuation Limited in accordance with the requirements of the Superannuation Industry (Supervision) Act 1993 (Cth). The Greater Staff Superannuation Fund was then wound . For the period from the commencement of the Review Period up to 1 December 2012, being the date on which the assets and liabilities of the Greater Staff Superannuation Fund were transferred to AMP Superannuation Limited, the Trustee and RSE Licensee of the Greater Staff Superannuation Fund was Greater Staff Super Pty Limited ABN 54 065 099 783. Greater Staff Super Pty Limited was a related entity of Greater Bank. Greater Staff Super Pty Limited was deregistered on 14 May 2014. CUBS Superannuation Fund The Greater Rollover and Allocated Pension Fund was established in 1987. In 2011 the Greater Rollover and Allocated Pension Fund became a "segment" of the CUBS Superannuation Fund ABN 90 120 177 925. The Greater Rollover and Allocated Pension Fund is currently a "closed segment" of the CUBS Superannuation Fund (and not a separate fund) that includes rollover and pension accounts. The Greater Rollover and Allocated Pension Fund is closed to new members. The Trustee and RSE Licensee of the CUBS Superannuation Fund is Equity Trustees Superannuation Limited ABN 50 055 641 757. The promotor of and provider of administration services for the CUBS Superannuation Fund is Mainstream Superannuation Services Pty Ltd ABN 83 082 989 142. Neither Equity Trustees Superannuation Limited nor Mainstream Superannuation Services Pty Ltd are related entities of Greater Bank. Greater Bank's only continuing connection to the CUBS Superannuation Fund is a requirement for it to pay administration costs in relation to the Greater Rollover and Allocated Pension Fund segment of the fund.

Page 12 of 41 RCD.0001.0047.0014

Greater Bank Limited

During each of the past ten years (according to whatever annual reporting periods the entity has employed in the ordinary course of its operations) to what uses and in what amounts has the entity applied members' funds other than the investment of those funds, the administration of the superannuation fund and the payment of member benefits?

Response Greater Staff Superannuation Fund For the period from the commencement of the Review Period up to 1 December 2012, being the date on which the assets of the Greater Staff Superannuation Fund were transferred to AMP Superannuation Limited, members' funds in the Greater Staff Superannuation Fund were only applied for the purposes of investing such funds, the administration of the superannuation fund, and the payment of member benefits. CUBS Superannuation Fund Greater Bank believes, based on the financial information available to it, that during the Review Period members' funds in the Greater Rollover and Allocated Pension Fund segment of the CUBS Superannuation Fund have only been applied for the purposes of investing such funds and the payment of member benefits. As noted, Greater Bank's only continuing connection to the CUBS Superannuation Fund is a requirement for it to pay administration costs in relation to the Greater Rollover and Allocated Pension Fund segment of the fund. Administration costs for the Greater Rollover and Allocated Pension Fund segment of the CUBS Superannuation Fund that are paid by Greater Bank are not passed on to fund members. Greater Bank has been advised by the current administrator of the CUBS Superannuation Fund that there are currently no other administration costs incurred by/ levied on the Greater Rollover and Allocated Pension Fund segment of the fund (other than direct fee for service type costs incurred by individual members). Given Greater Bank's limited involvement with the fund, Greater Bank is unable to independently confirm this. Greater Bank does not have access to financial information for other segments of the CUBS Superannuation Fund, other than the aggregated information included in the annual financial reports for the fund.

In respect of each kind of those other applications of members' funds, why was that application in the best interests of members?

Response Greater Staff Superannuation Fund Not applicable.

Page 13 of 41 RCD.0001.0047.0015

Greater Bank Limited

CUBS Superannuation Fund So far as the Greater Rollover and Allocated Pension Fund segment of the CUBS Superannuation Fund is concerned and to the extent that Greater Bank is aware - not applicable. Refer to the response to Question 4(a).

Question 4(c) What are the cost centres that make up costs attributed to administration in each of those years?

Response Greater Staff Superannuation Fund

The ticks("~" ) below identify the financial years in which expenses were debited to the identified cost centres. "Nil" means no expenses were debited to the identified cost centres during a particular financial year. As noted, on 1 December 2012, the assets of the Greater Staff Superannuation Fund were transferred to AMP Superannuation Limited.

Administration Expenses Financial Year

Cost Centres 07/08 08/09 09/10 10/11 11 /12 12/13*

Administration Levy ./ ./ ./ ./ ./ ./

Advisor Fee - Novotax ./ ./ ./ ./ ./ ./

Administration Fee - ./ ./ ./ ./ ./ Nil Novotax

Advisor Fee - Morgans ./ ./ ./ ./ ./ ./

Options Fees and ./ ./ ./ ./ Nil Nil Commissions

Floating Rate Note - Nil Nil ./ ./ ./ ./ Amortisation of Premium

Audit Fees ./ ./ ./ ./ ./ ./

Bank Clearing Fees Nil Nil Nil ./ Nil Nil

Bank Transaction Fees ./ Nil ./ ./ ./ ./

Consultants Fees ./ ./ ./ ./ ./ ./

GSS Group Life Insurance ./ ./ ./ ./ ./ ./

GSS Trustee Liability ./ ./ ./ ./ ./ ./ Insurance

Page 14 of 41 RCD.0001.0047.0016

Greater Bank Limited

ASIC Levy ./ ./ ./ ./ ./ Nil

APRA Special Levy Nil Nil Nil ./ ./ Nil

APRA Levy ./ ./ ./ ./ ./ ./

Overheads ./ ./ ./ ./ ./ ./

Deductable Conferences Nil Nil Nil ./ Nil Nil

Subscriptions not subject ./ ./ ./ ./ ./ ./ to FBT

Super Contributions ./ ./ Nil Nil Nil Nil Surcharge

Deductable Training Nil Nil ./ Nil Nil Nil

* On 1 December 2012, the assets of the Greater Staff Superannuation Fund were transferred to AMP Superannuation Limited and the fund was subsequently wound up.

CUBS Superannuation Fund The administration expenses for the Greater Rollover and Allocated Pension Fund segment of the CUBS Superannuation Fund paid by Greater Bank are not passed on to fund members. Refer to the response to Question 4(a).

Page 15 of 41 RCD.0001.0047.0017

Greater Bank Limited

During the early 20th century, Newcastle was suffering from the effects of high unemployment and economic depression. were only offering high interest, short term loans, so home ownership was out of reach for many. The community response was to establish the first co-operative Starr-Bowkett societies, based on core values of mutuality, co-operation and self-help, to provide interest-free or low interest loans to their members. In 1924, Mr F.W. Lean and Mr K.A. Mathieson Snr formed the Newcastle and Hunter River Public Service Starr-Bowkett Building Co-operative Society Limited. This was the start of what was to become the Greater Bank Group. Members bought shares in, and made regular contributions to, the society, and a lottery system determined when members received their loan. When all members had drawn and repaid their loans, the society would be wound up and any surplus funds distributed among members. With Government regulation, some of these popular societies evolved into permanent building societies. In 1945, The Greater Newcastle Co-operative Permanent Building and Investment Society Limited began. The Society has changed its name over the years and is now known as Greater Bank Limited. Our name today reflects the suite of products and services we offer to our customers, and our reach beyond Newcastle. Greater Bank has developed from a single office run by Mr F.W. Lean (whose only assistant was his wife), to a staff of just under 800 in its Head Office and 59 branches throughout and South-East .

Greater Bank remains a mutual and is proudly customer owned. Greater Bank is owned by its customers under a "one member, one vote" principle, and does not have separate shareholders. Greater Bank exists for the sole purpose of serving its customers and the communities in which it operates, and does not face conflicting priorities between looking after our customers while seeking to maximise returns to a separate group of shareholders. In May 2016, the Parliamentary Joint Committee on Corporations and Financial Services (PJC) strongly criticised the lending practices and culture of certain listed banks. In a report on the impairment of loans, the PJC said: "The committee considers that the banks' compulsion to deliver ever-increasing returns to shareholders has become the overriding driver of behaviour and culture in the banks". 7 The Financial System Inquiry (FSI) found that: "To build confidence and trust in the financial system, firms need to take steps to create a culture that focuses on consumer interests." 8 The FSI specifically recommended that the interests of financial firms should be aligned with those of consumers. 9 The customer owned model achieves this alignment, and this is

7 Parliamentary Joint Committee on Corporations and Financial Services - Report: Impairment of Customer Loans, May 2016, p xiii. 8 Financial System Inquiry Final Report, November2014, p 195. 9 Financial System Inquiry Final Report, November 2014, Recommendation 24, p 217.

Page 16 of 41 RCD.0001.0047.0018

Greater Bank Limited reflected in the mutual sector's market-leading customer satisfaction ratings, highly competitive pricing and customer and community focus. Greater Bank has consistently maintained market-leading customer satisfaction of over 90% as reported through the independent customer satisfaction research conducted by Roy Morgan Research. Greater Bank has won the following Roy Morgan Customer Satisfaction Awards over the last 5 years: • Roy Morgan Customer Satisfaction Bank of the Year 2017 • Roy Morgan Customer Satisfaction Bank of the Year 2016 • Roy Morgan Customer Satisfaction / Credit Union of the Year2015 • Roy Morgan Customer Satisfaction Building Society/ Credit Union of the Year2014 • Roy Morgan Customer Satisfaction Building Society/ Credit Union of the Year 2013. In addition, we monitor our net promoter score (NPS), which is significantly higher than those reported by the major banks, and is currently sitting at +67. This is based on a representative sample of our customer base. Greater Bank has also invested in technology, systems and processes that enable us to monitor customer sentiment down to an individual branch employee level. This not only gives us a very granular view of customer satisfaction that enables us to closely monitor customer experience, it also enables us to set goals and design incentives around these important performance indicators. Greater Bank employees understand that the key stakeholder is the customer and the fundamental objective is serving the customer. We educate our employees about the customer owned model to ensure they understand the core proposition: that each customer is an equal owner of the business and the business only exists to serve its customers. This message is delivered through induction programmes, ongoing training and is directly reinforced by senior management. These programmes include sessions about the history, culture and values of Greater Bank. We also educate our employees about the promises Greater Bank makes as a customer owned bank and subscriber to the Customer Owned Banking Code of Practice (COBCOP). Our customer owned structure and the promises made in the COBCOP underpin everything we do. The COBCOP promises are reflected in Greater Bank's Code of Conduct, which sets out six key principles to guide behaviour and day to day decision making. The six key principles are: 1. Professional Conduct 2. Honesty and Integrity 3. Privacy and Confidentiality 4. Management of Conflicts of Interest 5. Compliance with the Code of Conduct, Legislation and Policies 6. A Respectful and Safe Workplace.

Page 17 of 41 RCD.0001.0047.0019

Greater Bank Limited

Greater Bank's Code of Conduct is supported by numerous policies, management statements, programmes and procedures that form part of Greater Bank's Enterprise Risk Management Framework. Greater Bank has a robust and effective Enterprise Risk Management Framework that is appropriate for the nature and scale of its business. In its report on the 2017 comprehensive risk management framework review for Greater Bank conducted in accordance with APRA Prudential Standard CPS 220: Risk Management, the external reviewer commented: "Risk management is heavily embedded in both Greater Bank practice and culture.

The Bank has adopted the Three Lines of Defence risk governance model, and has deployed the model very effectively. Risk managers are embedded within the various business units, thereby realising the dictum that the business units - the first line of defence according to the model - "own" the inherent risks. The embedded risk managers work closely with the risk management function on a daily basis, providing a consistent and seamless approach to risk throughout the organisation. The internal audit function is small but active, and is amply supported by external auditors. The overall culture shows a heightened awareness of the implications of risk to the Bank's business, and a willingness to work within risk policy guidelines, rather than a tolerance for negligence or indifference to such matters." 10 All employees receive ongoing training on the COBCOP and the Greater Bank Code of Conduct and Greater Bank's broader risk management and compliance obligations. Employees are encouraged and incentivised to report all breaches of the law, the COBCOP and internal policies, and to openly discuss errors and mistakes.

Greater Bank has a strong customer-centric culture underpinned by our business ethos as a customer owned mutual bank. As discussed above, the sole purpose for which Greater Bank exists is to serve our customers and the communities in which we operate. We always strive to act fairly and equitably and "do the right thing" by our customers and communities. Our customer owned status of course does not mean that Greater Bank is immune from the cultural and misconduct problems that have been the focus of regulators, the media and others over recent years, and that have led to the Royal Commission. Greater Bank understands this and is not complacent. In 2015 Greater Bank developed a strategic plan (our "Blueprint for Change") to transform the organisation to meet the changing expectations of our stakeholders, including consumers/ customers, regulators and the community, and ensure our ongoing success. Our "Blueprint for Change", which is multi­ faceted, includes a strong focus on customers, culture and values, and led to the development and adoption of new "Vision" and "Mission" statements and Greater Bank Values.

10 The Risk Board, Comprehensive Review, 28 November 2017, p 5.

Page 18 of 41 RCD.0001.0047.0020

Greater Bank Limited

Our Vision is: "To Be The Customer Empowered Bank". Our Mission is: "To deliver banking solutions that genuinely help our customers and communities for generations to come". This statement describes the core purpose of our business and the foundation of our ongoing success. We place our customers and communities at the centre of everything we do. Our Greater Bank Values are: Accountability, Excellence, Collaboration, Customer Focus, and Courage.

1 • Employeei who Lead & Live the behovicxn of Accounlobiity: • t •Understand who! ls expected al !hem n !hat- role Ac c 0 un t a I I . Take owneMp ol lheir ocllons. behovloun and the resulting ovlcomes b Y,;, • MeoiUle lher own pe

Employees who lead & Uvt the behovlous of Excellence. •lake pride In their wort. dNoys 1!riv1ng lo dalvtt lo Iha bMI of their abilles • ~ dl!fllOltttrolt o professional approach lo thet WOii<. colaogues and customen Ex C e 11 en C e ~~ •Operate wilh the hl~t ltvek of integrity and hold lhtmwlv111 to a high slandord of performance ~ • Acliv&ti develop thlW ll:ll!s. ~00'Med9e and capoblttle\

• ~ Employees who Ltod & Uva the behovlous of Coloboralion: • Watt mh and ttvough alhen lo adieve lhe desired ovlcame1 C0 11 ab ora tion ,;, :~.::==-==~==.:~== =-wk~•

Employees v.tio lead & Live !he behoviol.n of CU!lomer Focvs: •Contribule lo. enMing tho! every ~eater Bon~ customer hos a gieat. seamless e>penence • Consider Ille impact of their declSIOOS ond achons CU S t 0 me r F0 CU S ,:I • Seek lo lind sduhons Iha! wt enhance the experience of our cuslomen

Employees who Ltod & Live the behoviooo al Courage: • Choleoge the slaM quo and lool: for bel!et woyi lo deliver on lheit respomibitie1 C0 ur a g e ~~ •Ale honMt In their convnvnicotlons ond hove the tough converrohons when needed ~ • Ale proodlvt In pullilg fOIWOrd their Ideas and e•ploring these with relevant people ' Greater Bank is committed to fostering these five Greater Bank Values in all business activities and dealings. Greater Bank employees are trained on how to "Lead and Live" the Greater Bank Values. Our values help us identify what is important and are reflected in how we interact with each other and our customers. They give us a common sense of purpose and set the standards for our behaviour and decision making. They help us face the many challenges and choices in our everyday roles with confidence and consistency. Greater Bank expects all employees to conduct themselves in accordance with our Greater Bank Values. Greater Bank is currently rolling out the next phase of our "culture and values" programme, which includes "Leading and Living Greater Values" workshops for all employees. The workshops explore further and embed our understanding of the Greater Bank Values, and the critical role they play in: defining and shaping our organisational culture; creating a customer-empowered and sustainable business; ensuring we remain a good corporate citizen; and defining our expectations of 'how' people do their jobs (paired with the 'what' of their goals).

Page 19 of 41 RCD.0001.0047.0021

Greater Bank Limited

4.1 Overview Greater Bank is an Authorised Deposit-taking Institution and holds an AFSL and ACL. It has just under 800 employees. It operates from a single Head Office in Newcastle, New South Wales, and has 57 retail branches across New South Wales and two in South-East Queensland. Greater Bank is a retail mutual bank. It operates a straight forward business model primarily focused on providing customers with straight forward retail banking solutions in a straight forward way. Its core business is the provision of Consumer Credit Products, Basic Deposit Products, and General Insurance Products, to consumers/ retail clients. 4.2 Products and services Consumer Credit Products - Greater Bank provides a range of home loan and personal loan products, and a single credit card product, to consumers. Greater Bank's Consumer Credit Products are competitively priced. Greater Bank is the credit provider for these products. Other credit products - Greater Bank provides a number of competitively priced business and commercial loan and other credit products. Greater Bank is also the credit provider for these products. Basic Deposit Products (and associated payment services) - Greater Bank provides a range of competitively priced everyday transaction and savings (including term deposit) accounts and associated payment services. All of Greater Bank's deposit products are Basic Deposit Products. General Insurance Products - Greater Bank has an intermediary arrangement in place with one of 's largest general insurers. Greater Bank distributes a range of General Insurance Products, including motor vehicle, home building, home contents, landlord, travel, and Consumer Credit Insurance, under this arrangement. Greater Bank does not provide insurance broking services. Referral arrangements - Greater Bank also has a number of referral arrangements in place with other unrelated financial service providers that enable customers to procure other services from those service providers, including Personal Financial Product Advice, other credit products, merchant services, commercial insurance, foreign cash, travel money cards, and overseas funds transfer services. 4.3 No Personal Financial Product Advice Greater Bank does not provide financial planning, wealth or investment advisory services or other Personal Financial Product Advice of any kind. As noted, Greater Bank has referral arrangements in place with unrelated financial service providers for customers who require these services. The advice provided by Greater Bank in relation to the Financial Products it offers is limited to factual information and General Financial Product Advice concerning those products, including the features of the products. Greater Bank does provide credit assistance in relation to the credit products it offers.

Page 20 of 41 RCD.0001.0047.0022

Greater Bank Limited

4.4 Low risk Financial Products All of the Financial Products Greater Bank provides are considered "low" risk from a regulatory perspective. They are all categorised as Tier 2 products for the purpose of the training requirements/ standards in ASIC Regulatory Guide 146: Licensing: Training of financial product advisers (RG 146). ASIC notes in RG 146 that: "Tier 2 products are generally simpler and better understood than 11 Tier 1 products and, therefore, are subject to lighter training standards" . The Basic Deposit Products and General Insurance Products (including Consumer Credit Insurance) Greater Bank provides are also excluded, as "basic banking and general insurance products", from the FOFA conflicted remuneration prohibition 12. Greater Bank does not issue, or provide other Financial Services in relation to, investment products (other than the Basic Deposit Products referred to above)13, life insurance products or sickness and accident insurance products (other than Consumer Credit Insurance that includes cover for death, injury or sickness and accident, and travel insurance that includes cover for injury or sickness and accident). 4.5 Distribution channels Greater Bank's distribution channels are all proprietary, and consist of our 14 branch network, a small mobile lending team , and our online (website and internet banking) and mobile app channels. We also operate a contact centre located at our Newcastle Head Office. Greater Bank has also on rare occasions, usually as part of a promotional campaign, accepted leads from comparison websites. 4.6 No mortgage brokers or aggregators Greater Bank has not during the Review Period used mortgage brokers or aggregators. The rationale for this is our desire to have direct relationships with our customers so that we can ensure customer satisfaction. We genuinely focus on customer experience and outcomes. 4. 7 No Authorised Representatives or Credit Representatives Greater Bank has no Authorised Representatives or Credit Representatives. All of Greater Bank's Representatives are officers or employees of Greater Bank. 4.8 Alliance partners We noted above that Greater Bank has a number of intermediary and referral arrangements with other unrelated financial service providers that enable customers to procure other services from those service providers. The financial service providers selected by Greater Bank as alliance partners are chosen because they offer competitively priced market-leading products and services in

11 ASIC Regulatory Guide 146: Licensing: Training of financial product advisers, para RG 146.38. 12 Reg 7.7A12H of the Corporations Regulations and ASIC Regulatory Guide 246: Conflicted and other banned remuneration, para RG 246.163. 13 Greater Bank no longer provides Financial Services in relation to the superannuation funds referred to in the response to Question 4. Refer to the response to Question 4 for details. 14 Greater Bank currently has 6 mobile lenders operating in the , Newcastle, Shoalhaven and lllawarra regions. All of Greater Bank's mobile lenders are employees of Greater Bank.

Page 21 of 41 RCD.0001.0047.0023

Greater Bank Limited their particular sector. Customer satisfaction with, and any complaints by our customers concerning, alliance partners are closely monitored. 4.9 Our credit policy 15 Greater Bank has a loan/ credit portfolio of $5.119 billion , of which $4.891 billion (95.5%) constitutes residential mortgage loans. The balance is comprised of credit cards, personal loans and business and commercial loans. Customer owned financial institutions have relatively conservative lending standards. This is noted by Moody's which states that the "delinquency performance of mutual home loans has been consistently lower than that of the major banks, which testifies to the more conservative underwriting practices of mutual institutions." 16 Similarly, KPMG noted that a fall in provisions in 2016 reflected the "high quality of the mutuals loan portfolios." 17 Greater Bank has historically taken, and continues to take, a conservative approach to lending standards, to ensure our customers are well placed to meet their repayment obligations and achieve their objectives. The quality of our loan/ credit portfolio is reflected in our arrears and recoveries experience (for example, as at 31 December 2017, Greater Bank had only 18 home loans 90+ days in arrears). Our conservative approach to lending is also reflected in the fact that as at 31 December 2017 interest only loans made up only 11.9% 18 of all residential mortgage loans.

Greater Bank currently has three wholly owned subsidiaries: Greater Charitable Foundation Pty Ltd, Greater Investment Services Pty Ltd and Greater Property Holdings Number 1 Pty Ltd. 5.1 Greater Charitable Foundation Pty Ltd Greater Charitable Foundation Pty Ltd is the trustee of the Greater Charitable Foundation (GCF). It does not provide financial products or services. Greater Bank has a proud tradition of supporting charities and community organisations across our area of operations. This support was formalised in 2011 with the establishment of GCF with an initial allocation of $1 million. Since that time, GCF has provided more than $7 million in funding to 25 charitable organisations throughout New South Wales and South-East Queensland. 5.2 Greater Investment Services Pty Ltd Greater Investment Services Pty Ltd (GIS) holds its own AFSL. All Financial Services provided by GIS during the Review Period have related to its role as "Trust Manager" of a number of special purpose securitisation vehicles. The other parties associated with these vehicles are "professional investors" (as defined in section 9 of the Corporations Act). GIS does not provide products or services to consumers/ retail clients.

15 This figure is as at 31 December 2017. 16 Moody's Mutual Outlook 2017, p 9. 17 KPMG Mutuals Industry Review 2016, p 7. 18 The percentage is 10.5% if Line of Credit facilities are excluded.

Page 22 of 41 RCD.0001.0047.0024

Greater Bank Limited

GIS does not have its own employees and is subject to the same enterprise risk management, compliance and business policies, management statements and procedures as Greater Bank. 5.3 Greater Property Holdings Number 1 Pty Ltd Greater Property Holdings Number 1 Pty Ltd was established to hold real property assets of Greater Bank. It has never provided products or services to the public and is currently dormant. 6 Our complaints handling and disputes resolution history Greater Bank has in place complaints handling and internal and external dispute resolution arrangements that meet applicable legislative and industry standards. Greater Bank has a central IT based contact management system (known as HEAT) for recording and managing customer and non-customer feedback (both positive and negative), complaints and disputes. Over the 10 year Review Period approx. 64, 700 HEAT entries were recorded. The table below provides a high level overview of Greater Bank's complaints and internal and external dispute resolution history over the Review Period. To provide some context, Greater Bank has just under 260,000 customers, has 59 branches and just under 800 employees, processes approx. 161 million transactions, including 2.27 million branch transactions, per year, and has a loan/ credit portfolio of $5.119 billion19.

Total number of customer and non- Approx. 20,400, or 31.5% of all HEAT customer complaint records over the 10 records year Review Period

Total number of Internal Dispute 335, or 1.6% of all complaint records Resolution (IDR) records over the 10 year Review Period

Total number of External Dispute 95, or 0.5% of all complaint records Resolution (EDR) records over the 10 year Review Period

Total number of EDR matters that went to One full determination over the 10 year Review Period

Greater Bank considers a complaint to be: an expression of dissatisfaction made to Greater Bank related to our products or services (including decisions or actions), or the complaint process itself, where a response or resolution is expected. Greater Bank records and treats customer and non-customer contact that falls within this definition as a complaint, even if it is resolved in the first instance (e.g. at the time the customer presents to a branch or during the first call to our contact centre), which is the case the vast majority of the time. Where a complaint cannot be resolved to the complainant's satisfaction immediately, it is referred to the relevant business unit, and if still not resolved, to our Internal

19 This figure is as at 31 December 2017.

Page 23 of 41 RCD.0001.0047.0025

Greater Bank Limited

Disputes Resolution Committee. This process occurs within strict time frames, is very simple from the complainant's perspective, and the complainant is kept informed at every step. As indicated in the table above, of the complaints recorded over the 10 year Review Period, only 335 (1.6%) required referral to our Internal Disputes Resolution Committee. If the decision of our Internal Disputes Resolution Committee is not satisfactory to the complainant, the complainant is advised they can refer the matter to the CIO free of charge (Greater Bank pays all fees) for external review and determination. During the 10 year Review Period 95 matters were referred to the CIO. Of those all but one were either withdrawn by the complainant after consultation with the CIO or resolved during the CIO's initial/ expedited review and assessment process. Only one matter over the 10 year Review Period proceeded to a full determination. The small number of matters that required referral to our internal and external dispute resolution schemes over the Review Period reflects our strong customer-centric culture and values as a customer owned mutual bank, and the fairness and reasonableness (both key principles of our complaints handling and internal and external dispute resolution arrangements) of our approach to complaints handling and dispute resolution. As noted above, we always strive to "do the right thing" by our customers and communities. We exist for no other reason.

Page 24 of 41 RCD.0001 .0047 .0026

Greater Bank Limited Schedule 1 Question 1

This Schedule should be read and considered with our response to Question 1 in Part B. As noted in Part B, we have not identified any systemic misconduct, or other systemic conduct or behaviour that we consider to have fallen below community standards and expectations. In particular, we have not identified any instances of poor conduct or behaviour that resulted in financial loss or detriment to large numbers/ groups of customers. We appreciate the types of matters we have identified may not be material to the Royal Commission, as they are isolated incidents mostly involving human error or mistakes that impacted one or only a small number of customers. Most had no impact on customers, or resulted in inconvenience only. Very few resulted in financial loss. Where financial loss did occur, the matter was promptly rectified and, where appropriate, compensation was provided. The matters described below were recorded and managed as risk incidents in accordance with our Enterprise Risk Management Framework, and we believe they were appropriately addressed.

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence

1 Errors in disclosure documents - We identified The matters identified were recorded and As stated, the matters identified were isolated a small number of instances where minor managed as risk incidents in accordance with incidents involving human error. No systemic errors were made in, or information our Enterprise Risk Management Framework. issues were identified. The matters identified inadvertently omitted from, disclosure The errors and omissions were promptly were recorded and managed as risk incidents documents (e.g. fee schedules, loan rectified. All disclosure documents undergo in accordance with our Enterprise Risk schedules, interest rate schedules, and key periodic review. Management Framework. Employees fact sheets). For example, we identified a small involved are generally counselled, and, number of instances where interest rates or where required, further training is provided. fees were misstated, or a fee omitted. The The adequacy of controls and training is also matters identified were isolated incidents reviewed. All disclosure documents undergo involving human error. These matters did not periodic review. result in customer loss. The majority of these matters were identified by internal reviews a short time after the documents were issued, and the errors and omissions were promptly rectified.

2 Delays in updating disclosure documents - We The matters identified were recorded and As stated, the matters identified were isolated identified a small number of instances where managed as risk incidents in accordance with incidents involving human error and/or non- there were short delays in updating disclosure our Enterprise Risk Management Framework. compliance with policies and procedures. No

Page 25 of 41 RCD.0001 .0047 .0027

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence documents after a business change (e.g. fee The required changes were promptly made to systemic issues were identified. The matters schedules, loan schedules, interest rate the documents. All disclosure documents identified were recorded and managed as risk schedules, and key fact sheets). The matters undergo periodic review. incidents in accordance with our Enterprise identified were isolated incidents involving Risk Management Framework. Employees human error and/or non-compliance with involved are generally counselled, and, established policies and procedures. These where required, further training is provided. matters did not result in customer loss. These The adequacy of controls and training is also matters were identified by internal reviews, reviewed. All disclosure documents undergo usually only a short time after the business periodic review. change occurred, and the required changes were promptly made to the documents.

3 Disclosure documents not provided within The matters identified were recorded and As stated, the matters identified were isolated required timeframe - We identified a small managed as risk incidents in accordance with incidents involving human error and/or non- number of instances where disclosure our Enterprise Risk Management Framework. compliance with policies and procedures. The documents (e.g. deposit terms and conditions, In the majority of these cases, the required matters identified were recorded and credit card key fact sheets, and transaction disclosure documents were provided, managed as risk incidents in accordance with statements) were not provided by the required although not within the required time frame. our Enterprise Risk Management Framework. time. In the majority of cases that concerned All disclosure documents for products issued Employees involved are generally deposit terms and conditions, the reason was by Greater Bank (other than loan contracts counselled, and, where required, further that the transaction was completed over the and loan schedules) are available on or via training is provided. The adequacy of controls telephone for an existing customer. In the our website. and training is also reviewed. cases that concerned credit card key fact sheets, the reason was that the credit card was provided with a home loan and, although a home loan key fact sheet was provided, the credit card key fact sheet was inadvertently overlooked. The matters identified were isolated incidents involving human error and/or non-compliance with established policies and procedures. These matters were identified by internal reviews and did not result in customer

Page 26 of 41 RCD.0001 .0047 .0028

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence loss.

4 Privacy acknowledgements - We identified a The matters identified were recorded and As stated, the matters identified were isolated small number of instances where records were managed as risk incidents in accordance with incidents involving human error and/or non- not kept of privacy notifications provided orally our Enterprise Risk Management Framework. compliance with policies and procedures. No before the commencement of customer In these cases the issue was the absence of systemic issues were identified. The matters identification procedures or the ordering of a the record of the privacy notification being identified were recorded and managed as risk credit report. The vast majority of these cases provided. Lenders are required to follow a incidents in accordance with our Enterprise concerned loan applications originated over scrip when explaining the loan application Risk Management Framework. Employees the telephone. Loans are not approved and process to customers, which includes (among involved are generally counselled, and, funded unless a record of the required privacy other things) required privacy notifications. where required, further training is provided. notification being provided is on the file. The Privacy notifications are also included in our The adequacy of controls and training is also cases identified, however, involved loan privacy policy and financial services guide, reviewed. The importance of strict adherence applications that were declined at an early which are available on our website. General to privacy policies and procedures, and the stage, usually while still in the branch. These notifications are also included in our terms consequences of non-compliance, is matters were isolated incidents involving and conditions. regularly reinforced to all employees through human error and/or non-compliance with staff communications and training. established policies and procedures. They were identified by internal reviews and did not result in customer loss.

5 Wilful privacy breaches - We identified a small The matters identified were recorded and As stated, the matters identified were isolated number of instances where employees wilfully managed as risk incidents in accordance with incidents involving non-compliance with accessed, used and/or disclosed personal or our Enterprise Risk Management Framework. policies and procedures. No systemic issues other information about an individual without Where complaints are received, they are were identified. The matters identified were the consent of the individual or a legitimate handled in accordance with our complaints recorded and managed as risk incidents in business purpose. For example, there were a handling and dispute resolution process. accordance with our Enterprise Risk small number of instances where an employee Management Framework. Employees Matters of this type are treated very seriously, accessed and viewed records of a family involved faced disciplinary action, including, as such practices are inconsistent with our member or friend without the consent of the in a number of cases, termination of their Code of Conduct and privacy policy and person concerned. The matters identified were employment. The adequacy of controls and procedures. Each incident is investigated. isolated incidents, but involved breaches of training is also reviewed. The importance of

Page 27 of 41 RCD.0001 .0047 .0029

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence policies and procedures, and applicable The resolution of these matters is generally strict adherence to privacy policies and regulations. A small number of these matters customer led, in that we set out to determine procedures, and the consequences of non- resulted in embarrassment and/or what the customer needs from us to remedy compliance, is regularly reinforced to all inconvenience to the individuals concerned. the situation, and then do those things. employees through staff communications and Remedial steps taken can range from an training. apology, to providing emotional or other support, to, where appropriate, compensation. Individuals who suffered economic loss or emotional distress or other harm were appropriately compensated.

6 Inadvertent privacy breaches - We identified a The matters identified were recorded and As stated, the matters identified were isolated small number of instances where personal or managed as risk incidents in accordance with incidents involving human error. No systemic other information about an individual was our Enterprise Risk Management Framework. issues were identified. The matters identified mistakenly disclosed to a third party without Where complaints are received, they are were recorded and managed as risk incidents the consent of the individual. For example, by handled in accordance with our complaints in accordance with our Enterprise Risk way of a mis-addressed letter or email, or as a handling and dispute resolution process. Management Framework. Employees result of a change of address for one account involved are generally counselled, and, Matters of this type are treated very seriously. being incorrectly applied to other accounts. where required, further training is provided. In Their resolution is generally customer led, in The matters identified were isolated incidents some cases employees faced other that we set out to determine what the involving human error. A small number of disciplinary action. The adequacy of controls customer needs from us to remedy the these matters resulted in embarrassment and training is also reviewed. The importance situation, and then do those things. Remedial and/or inconvenience to the person concerned. of strict adherence to privacy policies and steps taken can range from an apology, to Two matters caused the individuals affected to procedures, and the consequences of non- providing emotional or other support become concerned about their safety, and one compliance, is regularly reinforced to all (including in one case where there were of these was the subject of a privacy complaint employees through staff communications and safety concerns, arranging for the individual to the Office of the Australian Information training. to relocate), to, where appropriate, providing Commissioner, but was resolved immediately compensation. Individuals who suffered without the intervention of officers from the economic loss or emotional distress or other Commission. harm were appropriately compensated.

Page 28 of 41 RCD.0001 .0047 .0030

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence

7 Lodgement of documents and reports with The matters identified were recorded and As stated, the matters identified were isolated regulators - We identified a small number of managed as risk incidents in accordance with incidents involving human error. No systemic instances where documents or reports required our Enterprise Risk Management Framework. issues were identified. The matters identified to be lodged with ASIC, APRA or another The remedial steps taken depend on the were recorded and managed as risk incidents regulator contained errors or were lodged after nature, and the actual or likely impact, of the in accordance with our Enterprise Risk the due date for lodgement. The matters incident. Where matters of this type are Management Framework. Employees identified were isolated incidents involving identified, the errors are corrected/ involved are generally counselled, and, human error. These matters were identified by documents are re-lodged as a matter of where required, further training is provided. internal reviews and did not result in customer urgency. The adequacy of controls and training is also loss or inconvenience. reviewed.

8 Statement in television advertisement - We This matter was recorded and managed as a This matter was a single isolated incident. No identified a single matter where ASIC queried a risk incident in accordance with our systemic issues, or other similar matters, statement in a television advertisement Enterprise Risk Management Framework. were identified. As stated, the matter was promoting "the lowest variable package rate of recorded and managed as a risk incident in A response was provided to ASIC, which any bank, building society or credit union in accordance with our Enterprise Risk outlined the bases for the headline claim, and Australia" based on reviews and other Management Framework. The importance of conceded the headline claim and disclaimer information published on leading product compliance reviews for all advertising were inconsistent. Although our review comparison websites. The advertisement ran material was reiterated to relevant confirmed the accuracy of the headline claim, between 1 July 2014 and 10 August 2014. employees. we advised ASIC we would change the Information in the disclaimer, however, referred headline claim to "one of the lowest variable to the rate as being "one of the lowest variable package rates of any bank, building society package rates of any bank, building society or or credit union in Australia". ASIC credit union in Australia". ASIC was concerned subsequently confirmed receipt of the the inconsistency between the headline claim response and indicated it did not intend to and the disclaimer indicated the headline claim take further action. may be inaccurate, and, if this were so, may mislead consumers.

9 Protection of vulnerable customers - We The matters identified were recorded and As stated, the matters identified were identified a small number of instances where managed as risk incidents in accordance with recorded and managed as risk incidents in customers claimed employees did not do our Enterprise Risk Management Framework. accordance with our Enterprise Risk

Page 29 of 41 RCD.0001 .0047.0031

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence enough in the particular circumstances to Where complaints are received, they are Management Framework. Employees protect them from unauthorised transactions, handled in accordance with our complaints involved are generally counselled, and, after being made aware the customer had a handling and dispute resolution process. where required, further training is provided. particular vulnerability to such transactions. The facts of these types of matters are All but one of these cases was resolved by Common examples are suspected elder abuse closely reviewed and lessons learned our complaints handling or internal dispute and customers transferring money into joint communicated to employees. The adequacy resolution process or during the CIO's initial accounts held with former partners. of controls and training is also reviewed. review and assessment phase of the external These matters pose particular challenges for dispute resolution process. One matter The nature and extent of other corrective/ Greater Bank and our employees as they proceeded to a full determination by the CIO. improvement actions taken to prevent future require employees to weigh up, usually very occurrences depend on the nature, and the quickly with the customer standing in front of actual or likely impact, of the incident, them or on the phone, the risks of intervening including the frequency of previous incidents in the customer's personal affairs, when the of a similar nature. customer has legal capacity to provide instructions and has done so, and the risks of not doing so. The quality of our employees and their training means they get the balance right almost all of the time. In a small number of cases the CIO has found Greater Bank should have taken additional steps in the circumstances to have protected the customer after having been made aware of a particular vulnerability.

10 Errors in customer communications - We The matters identified were recorded and As stated, the matters identified were isolated identified a small number of instances where managed as risk incidents in accordance with incidents involving human error. No systemic errors were made in written communications our Enterprise Risk Management Framework. issues were identified. The matters identified with customers. For example, there have been The remedial steps taken depend on the were recorded and managed as risk incidents a small number of instances where interest nature, and the actual or likely impact, of the in accordance with our Enterprise Risk rates or fees were misstated, or a fee omitted. error. Where there has been, or is a risk of, Management Framework. Employees The matters identified were isolated incidents material impact on customers, the errors are involved are generally counselled, and, involvino human error. These matters did not where required, further trainino is provided.

Page 30 of 41 RCD.0001.0047 .0032

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence result in customer loss but in some cases promptly rectified. The adequacy of controls and training is also customers may have been inconvenienced. reviewed. The majority of these matters were identified by internal reviews a short time after the communications were issued.

11 Information on website/ social media - We The matters identified were recorded and As stated, the matters identified were isolated identified a small number of instances where managed as risk incidents in accordance with incidents involving human error. No systemic errors were made in information made our Enterprise Risk Management Framework. issues were identified. The matters identified available on our website or via social media. The remedial steps taken depend on the were recorded and managed as risk incidents For example, there have been a small number nature, and the actual or likely impact, of the in accordance with our Enterprise Risk of instances where interest rates or fees were error. The errors were promptly rectified/ Management Framework. Employees misstated, or a fee omitted, or a link to a information promptly updated. involved are generally counselled, and, disclosure document was not working for a where required, further training is provided. short period of time. We have also identified The adequacy of controls and training is also instances where there were delays in updating reviewed. information on our website (e.g. interest rates) after a business change. The matters identified were isolated incidents involving human error. These matters did not result in customer loss. The majority of these matters were identified by internal reviews a short time after the information was posted.

12 Errors in transaction confirmations - We The matters identified were recorded and As stated, the matters identified were isolated identified a small number of instances where managed as risk incidents in accordance with incidents involving human error. No systemic errors were made in statements or other our Enterprise Risk Management Framework. issues were identified. The matters identified transaction confirmations provided to The remedial steps taken depend on the were recorded and managed as risk incidents customers. For example, there have been a nature, and the actual or likely impact, of the in accordance with our Enterprise Risk small number of instances where opening error. Where there has been, or is a risk of, Management Framework. Employees balances in statements were incorrect or material impact on customers, the errors are involved are generally counselled, and, transactions omitted. The majority of these corrected. The errors are normally corrected where required, further training is provided.

Page 31 of 41 RCD.0001 .0047 .0033

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence incidents occurred during the course of the in the next statement. In some cases The adequacy of controls and training is also conversion of one product into to another (e.g. customers are notified of the error and steps reviewed. the discharge of a line of credit and conversion taken to correct it by letter or email. of the account into a standard transaction account). We have also identified a small number of instances where there were delays in the issuing of statements, including by loading them into customers' internet banking accounts, resulting in them not being issued by the required time. The matters identified were isolated incidents involving human error. These matters did not result in customer loss but in some cases customers may have been inconvenienced. The majority of these matters were identified by internal reviews a short time after the statements were issued.

13 Errors in advertising material - We identified a The matters identified were recorded and As stated, the matters identified were isolated small number of instances where errors were managed as risk incidents in accordance with incidents involving human error. No systemic made in advertising material. For example, our Enterprise Risk Management Framework. issues were identified. The matters identified there have been a small number of instances The remedial steps taken depend on the were recorded and managed as risk incidents where interest rates or fees were misstated. nature, and the actual or likely impact, of the in accordance with our Enterprise Risk The matters identified were isolated incidents error. Where there has been, or is a risk of, Management Framework. Employees involving human error. These matters did not material impact on customers, the errors are involved are generally counselled, and, result in customer loss. The majority of these promptly rectified. where required, further training is provided. matters were identified by internal reviews a The adequacy of controls and training is also short time after the material was issued. reviewed.

14 Decline letters and credit reports - We The matters identified were recorded and As stated, the matters identified were isolated identified a small number of instances where managed as risk incidents in accordance with incidents involving human error and/or non- loan files did not contain evidence that letters our Enterprise Risk Management Framework. compliance with policies and procedures. No notifying credit applicants that their In many cases, the required letters were sent/ systemic issues were identified. The matters

Page 32 of 41 RCD.0001 .0047 .0034

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence applications were declined as a result of a re-sent immediately on the issue being identified were recorded and managed as risk credit report were sent within the required time. identified. In a small number of cases, the incidents in accordance with our Enterprise In these cases applicants were notified orally, letters were not sent/ resent as a substantial Risk Management Framework. Employees but there was no evidence on the file period of time had passed since the applicant involved are generally counselled, and, confirming the required letter was sent within had been advised of the outcome of their where required, further training is provided. the required time. The matters identified were application. The adequacy of controls and training is also isolated incidents involving human error and/or reviewed. non-compliance with policies and procedures. These matters did not result in customer loss.

15 Business systems and frameworks - As part of The matters identified were recorded and All business systems and frameworks are the continuous improvement of our systems, managed as risk incidents in accordance with subject to periodic internal and external frameworks, policies, processes, procedures, our Enterprise Risk Management Framework. reviews. capabilities and competencies over the Review Where weaknesses in our business systems Period, many internal and external reviews of or frameworks are identified, programmes of different parts of our business were work are initiated to make the required undertaken. The majority of these reviews improvements. As noted, we worked in resulted in recommendations about consultation with AUSTRAC when improvements that could be made, and some addressing issues identified by the 2014 identified weaknesses that required attention. reviews. Where weaknesses were identified, As noted in Part C, our "Blueprint for Change" programmes of work were initiated to make the strategic plan is focused on continuing to required improvements. One area of focus has transform our business to meet the changing been further developing and improving our expectations of our stakeholders, including AMUCTF framework. Internal and external consumers/ customers, regulators and the reviews in 2014 identified a number of aspects community, and ensuring our ongoing of our AMUCTF framework that required success. It is trite to say that there have been improvement, which were reported by Greater significant changes in the environment in Bank to APRA and AUSTRAC and which we operate, including regulatory subsequently remediated over an 18 month change, technological change and changes period in consultation with AUSTRAC. We are in the expectations of our stakeholders, over continually looking at ways to improve our the 10 years of the Review Period. Our

Page 33 of 41 RCD.0001 .0047 .0035

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence AMUCTF framework. strategic objectives, which are central to our "Blueprint for Change", include: strengthening our business capabilities; improving organisational efficiency; and proactively managing regulatory change and risk. We have made substantial improvements to our systems, frameworks, policies, processes, procedures, capabilities and competencies since our "Blueprint for Change" was developed and commenced in 2015. These changes will continue as we make the transition from our current "Blueprint for Change" strategic plan to the next phase (2018 - 2021).

Page 34 of 41 RCD.0001 .0047 .0036

Greater Bank Limited Schedule 2 Question 2

This Schedule should be read and considered with our response to Question 2 in Part B. As noted in Part B, we have not identified any systemic misconduct, or other systemic conduct or behaviour that we consider to have fallen below community standards and expectations. In particular, we have not identified any instances of poor conduct or behaviour that resulted in financial loss or detriment to large numbers/ groups of customers. We appreciate the types of matters we have identified may not be material to the Royal Commission, as they are isolated incidents mostly involving human error or mistakes that impacted one or only a small number of customers. Most had no impact on customers, or resulted in inconvenience only. Very few resulted in financial loss. Where financial loss did occur, the matter was promptly rectified and, where appropriate, compensation was provided. The matters described below were recorded and managed as risk incidents in accordance with our Enterprise Risk Management Framework, and we believe they were appropriately addressed.

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence

1 Operational errors and mistakes - We identified The matters identified were recorded and As stated, the matters identified were isolated numerous instances where errors and managed as risk incidents in accordance with incidents involving human error and mistakes were made, including in the our Enterprise Risk Management Framework. mistakes. No systemic issues were identified. processing of transactions. The matters All errors and mistakes that are identified are The matters identified were recorded and identified were all isolated incidents. No promptly rectified, including, where managed as risk incidents in accordance with systemic issues were identified. Some of the necessary, by making correcting adjustments our Enterprise Risk Management Framework. identified matters were the result of procedures to affected accounts. Other remedial steps Employees involved are generally not being followed, however the vast majority taken depend on the nature, and the actual or counselled, and, where required, further were human errors and mistakes. The majority likely impact, of the error. training is provided. The adequacy of controls of these matters were identified by internal and training is also reviewed. So far as interest calculation and fee errors controls, including validation or reconciliation are concerned, when the error is in our The nature and extent of other corrective/ processes. Some matters were, however, favour, restitution is made. When the error is improvement actions taken to prevent future brought to our attention by customers. in the customers' favour, however, our occurrences depend on the nature, and the Examples of the types of errors and mistakes normal practice is to waive recovery of actual or likely impact, of the error, including identified include matters where instructions overpaid interest or a fee that has not been the frequency of previous errors of a similar were misinterpreted, mis-keying errors, "flag" charged. When adjustments are made to nature. setting errors, and coding errors when making correct errors, affected customers are system changes. Examples of the notified. consequences of such errors and mistakes include system outages, delays in processing Where complaints are received, they are

Page 35 of 41 RCD.0001 .0047 .0037

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence transactions, transactions processed from or to handled in accordance with our complaints incorrect accounts, incorrect interest, handling and dispute resolution process. repayment, rebate, and/or balance calculations, and the charging of incorrect fees. We also identified a small number of instances where account operating instructions were recorded incorrectly or were not strictly adhered to. Examples of the consequences of these errors include the processing of a transaction on the instructions of one account holder or attorney when the authority/ signature of others was also required, unauthorised persons being permitted to transact on accounts, and updating of passbooks presented by a carer or family member without the express consent of account holder. The majority of errors had no customer impact, as they were promptly identified and rectified. Some errors, such as those that resulted in delayed payments, inconvenienced customers but no loss was suffered. In a small number of cases, errors did have a small adverse financial impact on customers, for example, where a system error resulted in incorrect interest calculations or a fee being incorrectly charged.

2 Hardship applications - A small number of Where a decision in relation to a hardship All of our policies and procedures, including decisions made over the Review Period in application is not accepted by a customer, those relating to hardship process, are respect of hardship applications were disputed and we cannot subsequently reach periodically reviewed and, where required

Page 36 of 41 RCD.0001 .0047 .0038

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence by customers. Where this occurs the matters agreement with the customer on suitable (e.g. as a result of changes in regulations), are handled in accordance with our complaints alternate arrangements, the matter is handled updated. handling and dispute resolution process. In a in accordance with our complaints handling Where we identify that arrears small number of cases the applications were and dispute resolution process. correspondence has been issued in error, the referred to the CIO. In one case, the CIO Where we identify that arrears matter is recorded and managed as a risk reviewed our hardship policy and procedures correspondence has been issued in error, the incident in accordance with our Enterprise and recommended a minor change to our matter is recorded and managed as a risk Risk Management Framework. Employees policy. Our policy at the time referred to incident in accordance with our Enterprise involved are generally counselled, and, "financial hardship" as, regardless of how the Risk Management Framework. An apology is where required, further training is provided. hardship arose, the result was the borrower normally provided. The adequacy of controls and training is also was not reasonably able to meet repayment reviewed. obligations. The CIO considered the word "financial" to be limiting and recommended it be removed. The CIO recommendation was promptly implemented. We also identified a small number of instances in relation to hardship applications where a "flag" that automatically prevents further arrears correspondence being issued while the application is being considered was not applied, potentially resulting in further arrears correspondence being issued. The matters identified were isolated incidents involving human error.

3 Misunderstanding product features - We The matters identified were recorded and All disclosure documents are regularly identified a small number of instances where managed as risk incidents in accordance with reviewed. customers have indicated they were not aware our Enterprise Risk Management Framework. As stated, we have developed other means of, or did not understand, a particular feature of Product features, including the manner in of alerting customers to various product a product, such as, for example, how interest which interest is earned and calculated on features, including product pages on our was calculated on their savings account. our savings accounts, are set out clearly in website, calculators, email/ mail alerts, and

Page 37 of 41 RCD.0001 .0047 .0039

Greater Bank Limited

Ref Nature, extent and effect of conduct Steps taken to remedy the conduct Steps taken to prevent reoccurrence our terms and conditions. To support our refining the descriptions of key product customers' understanding of those terms and features in sales scripts used by employees. conditions, we have developed other means of alerting customers to various product features, including product pages on our website, calculators, email/ mail alerts, and refining the descriptions of key product features in sales scripts used by employees. In a small number of cases customers have been offered a gratuitous payment or other benefits to improve their customer experience.

4 Employees exceeding authority - We identified The matters identified were recorded and As stated, the matters identified were isolated a small number of incidents where employees managed as risk incidents in accordance with incidents involving non-compliance with have provided product information to our Enterprise Risk Management Framework. policies and procedures. No systemic issues customers concerning General Insurance were identified. The matters identified were Matters of this type are treated seriously, as Products distributed under an intermediary recorded and managed as risk incidents in such practices are inconsistent with our sales arrangement with an unrelated insurer before accordance with our Enterprise Risk policies and procedures. they had completed the required training in Management Framework. Employees relation to those products. The matters involved are generally counselled, and, identified were isolated incidents involving non- where required, further training is provided. compliance with policies and procedures. The adequacy of controls and training is also These matters did not result in customer loss reviewed. The importance of strict adherence or inconvenience. to sales policies and procedures, and the consequences of non-compliance, is regularly reinforced to all employees through staff communications and training.

Page 38 of 41 RCD.0001.0047.0040

Greater Bank Limited Schedule 3 Glossary

Tenn Meaning

ACL Australian Credit Licence.

AFSL Australian Financial Services Licence.

AMUCTF Anti-Money Laundering and Counter-Terrorism Finan cing .

Associated Entity has the meaning given in section SOAAA of the Corporations Act.

Authorised Deposit-taking has the meaning given in the Banking Act. Institution

Authorised Representative the meaning given in Chapter 7 of the Corporations Act.

Banking Act the Banking Act 1959 (Cth).

Basic Deposit Product the meaning given in the Corporations Act.

CIO the Credit and Investments Ombudsman.

COBCOP the Customer Owned Banking Code of Practice.

Consumer Credit Insurance the meaning given in the Corporations Act.

Consumer Credit Legislation the National Consumer Credit Protection Act 2009 (Cth) and the regulations to that Act, and includes the National Credit Code .

Consumer Credit Product a credit product to which the Consumer Credit Legislation applies.

Corporations Act the Corporations Act 2001 (Cth) and the regulations to that Act.

Credit Representative the meaning given in the Consumer Credit Legislation.

Employee an employee of Greater Bank.

Financial Product the meaning given in the Corporations Act.

Financial Product Advice the meaning given in the Corporations Act.

Financial Service the meaning given in the Corporations Act.

GCF Greater Charitable Foundation Pty Ltd ACN 146 962 067 as trustee for the Greater Charitable Foundation ABN 77 387 937 839.

General Financial Product the meaning given in the Corporations Act. Advice

General Insurance Product the meaning given in the Corporations Act.

Page 39 of 41 RCD.0001.0047.0041

Greater Bank Limited

GIS Greater Investment Services Pty Ltd ACN 050 287 324 AFSL 260358.

GPHN1 Greater Property Holdings Number 1 Pty Ltd ACN 145 848 620.

Greater Bank Greater Bank Limited ACN 087 651 956 AFSL and ACL 237476.

Greater Bank Group Greater Bank and its Subsidiaries.

Personal Financial Product the meaning given in the Corporations Act. Advice

Representative the meaning given in Chapter 7 of the Corporations Act.

Review Period the period from 1 January 2008 to the date of this submission, being 16 February 2018.

Royal Commission the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry.

RSE Licensee the meaning given in the Superannuation Industry (Supervision) Act 1993 (Cth) and the regulations to that Act.

Subsidiaries in respect of Greater Bank, means GIS, GCF and GPHN1.

Terms of Reference means the Terms of Reference for the Royal Commission.

Page 40 of 41 RCD.0001.0047.0042

Greater Bank Limited Schedule 4 Associated Entities

As at the date of this submission (16 February 2018), Greater Bank's Associated Entities20 are Greater Charitable Foundation Pty Limited ACN 146 962 067, Greater Charitable Foundation ABN 77 387 937 839, Greater Investment Services Pty Ltd ABN 78 050 287 324, and Greater Property Holdings Number 1 Pty Ltd ABN 53 145 848 620. The table below provides details of other Associated Entities of Greater Bank at different periods during the Review Period.

Ref Associated Entity Notes

1. Greater Co-operative Association Co-operative mutual. Wound up in 2011. Ltd

2. Greater Newcastle Developments Trustee of the Parkwood Unit Trust and the Pty Ltd Ashtonfield Unit Trust. Deregistered on 8 October 2014.

3. Greater Staff Superannuation Fund Staff Superannuation Fund. Wound up in 2013.

4. Greater Staff Super Pty Limited Trustee of the Greater Staff Superannuation Fund. Deregistered on 14 May 2014.

5. Hunter Mutual Co-operative and Co-operative mutual. Wound up in 2013. Starr Bowkett No 14

6. I ntracare Pty Ltd Did not trade during the Review Period. Deregistered on 4 March 2008.

7. Parkwood Unit Trust Special purpose vehicle for land development. Wound up in 2014.

8. Ashtonfield Unit Trust Special purpose vehicle for land development. Wound up in 2014.

20 Greater Bank also has interests in a number of securitisation trusts. Each securitisation trust has an external professional trustee and security trustee. The securitisation trust trustees and the trusts themselves have not been treated as "Associated Entities" of Greater Bank for the purpose of this submission.

Page 41 of 41