skip to content

Refine results

Search by

Search by Algolia
Law Handbook banner image

Banks and Banking

In Australia, the banking system is well-developed and very complex. This is a short summary of some aspects of the law relevant to consumers.

Banks, credit unions and other financial institutions are authorised to carry on business as deposit-takers under section 9 of the Banking Act 1959 (Cth). Authorised deposit taking institutions are known as ADIs throughout the legislation.

Banks act as deposit takers (savings or transaction accounts) or as lenders providing services to either individual consumers or businesses. Banks also may offer ancillary services such as safe deposit for valuable items, and may also act as brokers for insurance or financial planning.

Credit unions, mutual banks and building societies are owned by their members, and are not run for profit. Publicly listed banks are owned by shareholders and run for profit.

Consumers borrowing money from lenders including banks are covered by the provisions of the National Consumer Credit Protection Act 2009 (Cth) (the NCCPA) and the National Credit Code, which is Schedule 2 to the NCCPA.

Most but not all Australian banks are subscribers to the Code of Banking Practice, which can be accessed from the Australian Banking Association website. A new version of the Code commenced on 1 July 2019. Earlier versions of the Code can also be accessed from the Australian Banking Association website.

Credit unions, building societies and mutual banks may subscribe to the Customer Owned Banking Code of Practice.

Both Codes of Practice set standards of good industry practice for banks (both ADIs and customer owned) in relation to their customers and are incorporated into the contract between the bank and the customer. Compliance with each Code is monitored by independent committees for each Code.

Supervision of banks and other ADIs

The conduct of banks, credit unions and building societies is supervised by the Australian Securities and Investments Commission and the Australian Prudential Regulation Authority. The Reserve Bank of Australia also has a role in encouraging and promoting sound banking practices, so that banks and other ADIs maintain stability in the financial system.

Banker Customer Relationship

The legal relationship between a customer and the bank is based on contract and is generally classified as a debtor-creditor relationship.

This means that when a bank or other type of ADI accepts money from a customer it does so as a borrower on terms that may be implied. The money is then ‘owned’ by the bank to use as it pleases and the customer has the right to ask for (demand) the money back.

Deposits in Australian ADIs are guaranteed up to $250,000 per deposit per ADI by the Federal Government, which ensures that if a bank collapses, customer’s deposits are protected.

A bank can impose additional terms and conditions on deposits depending on the type of account. For example a customer is usually required to give notice if withdrawing funds from a term deposit before maturity. As a general rule, the terms and conditions on deposits cannot be varied unilaterally by either party.

Another aspect of the banker-customer relationship is one of agent and principal when paying and collecting cheques, and bailment when accepting valuables for safekeeping in a safe deposit box.

Supervision of transactions

Large cash transactions are monitored by banks and other ADIs to protect against money laundering and other crimes under the Financial Transaction Reports Act 1988 (Cth) and the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth). Overseas transactions of more than $10,000 must be reported for monitoring by the Australian Transaction Report and Analysis Centre (AUSTRAC). There are also procedures that banks and other ADIs must follow if a transaction seems suspicious.

Other duties owed by banks

A bank has a limited duty to question a transaction by a customer to prevent harm to a customer’s interests, even if there is sufficient money available to pay the customer’s request and the request is validly made by the customer.

The scope of the duty is not clear, and must be balanced with the potential liability of the bank or other ADI for any losses by the customer if the transaction did not proceed as requested.

Where a bank has actual notice of the perpetration of a fraud, the bank may be liable for losses suffered by a customer who is the victim. For example, if a customer acts imprudently and transfers money to known fraudsters offering non-existent investments, and the bank does not intervene despite actual notice, the bank could be asked to compensate the customer less any contributory liability on behalf of the customer.

Banks also have a duty to people who are not customers, for example beneficiaries of trust accounts.

In the case of a bank or other ADI (lender) selling property as a mortgagee in possession following default on repayments on a mortgage, the mortgagee has a duty to act in good faith and not recklessly disregard the interests of the mortgagor (borrower or customer). The duty to act in good faith includes obtaining a fair price or market value (at the time of sale) for the property.

Joint accounts

Accounts opened in the name of two or more people may present problems. In the absence of any direction by both account holders to the contrary, the bank or credit union owes the debt to all account holders jointly. This means that each account holder needs to sign in order to withdraw money or write cheques, which may be inconvenient but also protects all account holders.

Joint accounts are also subject to a presumption of survivorship, meaning that when one holder dies, the surviving holders are entitled to the balance of the account. This presumption can be rebutted by any evidence of contrary intention.


Increasingly, Australians are conducting banking business electronically via the internet which can be done at any time without having to go into a branch. The ease and convenience of contactless credit cards, shopping over the internet or phone or obtaining cash from an ATM has contributed to this popularity.

The ePayments Code regulates this method of banking, and applies to transactions that are initiated using electronic equipment, and not intended to be authenticated by manually comparing a signature. Examples include:

  • ATM transactions
  • EFTPOS (Electronic Funds Transfer at Point of Sale) purchases
  • Purchasing of goods by credit card, either online or by phone
  • Mobile phone or internet banking (including direct debits)
  • Transactions using stored value facilities, such as prepaid phone cards or other types of cards that allow a consumer to add value.

Unauthorised transactions

One of the primary purposes of the ePayments Code is to determine who is liable in the event of an unauthorised transaction. Depending what has happened, a holder may be able to claim the amount of the transaction back from the bank or credit union.

An unauthorised transaction is one that is not authorised by the holder. This may happen where a person’s card is able to be used after it has been reported stolen, or the security of a pass code (such as a PIN) is breached. It is therefore very important to report the theft of a card or other device quickly to prevent unauthorised use.

Protecting a pass code is very important, and holders need to ensure that their code is kept secure, and not easy to guess. If the unauthorised transaction occurred as a result of the voluntary disclosure of a pass code, the holder is not entitled to a refund.

If the unauthorised transaction occurred as a result of a failure of a system or electronic network required to complete a transaction, the holder may be entitled to recover any resulting loss including consequential loss.

Mistaken internet payments

The ePayments Code also deals with mistaken internet payments, which happens when funds are sent to the wrong person. This may happen if the holder enters the incorrect account details, or is given incorrect information by the intended recipient.

If a person reports a mistaken payment, the bank or credit union must investigate and if possible request the return of the funds from the unintended recipient’s account. There are strict time limits for reporting a mistaken payment, and therefore it is very important to report the error straight away to increase the chances of return.

If a report is made within 10 days, and the bank or credit union is satisfied about the mistake, assuming there are sufficient funds in the recipient’s account, the funds will be returned.

If the report is made after 10 days, but before 7 months, the funds may be frozen in the recipient’s account to allow the recipient to establish an entitlement to the funds.

If a person receives money into their account unexpectedly, the recipient is not entitled to use the money. Once the mistake is discovered, the holder is entitled to recover the money through the bank or credit union.

The electronic transfer of money can be particularly vulnerable to error or scams. It is essential to ensure that all details are correct prior to transfer particularly where large sums are involved.


The rise of electronic banking has seen the demise of the use of cheques and currently cheques are a very small proportion of non-cash transactions in Australia.

In Australia, the use of cheques is governed by both the Cheques Act 1986 (Cth) and common law. A cheque is an unconditional order by the customer to the bank to pay a third party. Generally cheques pass through a clearing house, although they can be paid on demand at the customer’s bank.

The bank is contractually bound to pay the money, assuming that certain pre-conditions are met, including:

  • sufficient money in the holder’s account to meet the amount of the cheque
  • whether the cheque is properly filled out.

The customer must ensure a cheque is unambiguous, and if the cheque can easily be altered to increase its value, the bank may debit the account and the loss falls onto the customer.

To an extent, cheques can be protected by crossing with two parallel lines and the words ‘not negotiable’. If a cheque is stolen, crossing the cheque will stop it from being presented at a bank and being immediately exchanged for cash. Instead, a crossed cheque must go through a clearing house to be paid to the person to whom it was written out. Further provisions regarding the crossing of cheques can be found in Part III, Division 3 of the Act.

Cheques can be countermanded (stopped) [s 90], and go stale if not presented after 15 months [ss 3 and 89].

Cheques present an opportunity for forgery of the signature of the customer. At common law the bank bears the responsibility for a forged cheque, unless the account holder has been careless or has failed to advise the bank as soon as becoming aware of the forgery.

Bank cheques are cheques drawn on a bank by itself. It is very unusual for a bank to dishonour its own cheque, but there may be reasons such as forgery or it has been reported as lost or stolen. A person can ask for a bank cheque to be stopped as long as it has not been presented for payment.

Direct Debits

Direct debits from a bank account are useful for paying regular fixed amounts, such as housing, utilities or other recurring payments. A direct debit is an authority given by an account holder to a third party to take money from a nominated account or credit card account.

Account holders can also schedule regular fixed amounts to be paid to a provider from their bank account. This process is controlled by the account holder and can be cancelled or amended at any time.

Some financial institutions may charge a fee to process a direct debit.

Cancelling a direct debit

The Code of Banking Practice states:

21.1. We [the bank] will take and promptly process your:

  • instruction to cancel a direct debit request relevant to a banking service we provide to you; and
  • complaint that a direct debit was unauthorised or otherwise irregular.

21.2. We will not direct or suggest that you should first raise any such request or complaint directly with the debit user (but we may suggest that you also contact the debit user).

A similar provision exists in the Customer Owned Code of Banking Practice, which applies if the account is held with a credit union or mutual bank.

The ability to cancel a direct debit is an important safeguard to allow a person to control spending and avoid additional fees for overdrawn accounts. However, if the direct debit is for essential spending, care should be taken to ensure that there is an alternative way to make payment.

If a person is having difficulty with managing bills and debt generally, there is free help available financial counselling services such as the National Debt Helpline on 1800 007 007.

Credit cards

A regular payment using a credit card account is called a ‘recurring payment’ and there is a different process for cancelling this type of payment. Depending on the terms of the credit card, a person may be able to cancel payment directly with the bank, but a person may also be required to contact the merchant to withdraw the authority. The bank should also be informed of the withdrawal of the authority. If future payments are deducted from the card, the person should ask the bank to chargeback the payments.

Complaints and disputes

Raising a problem with the bank or credit union as soon as possible increases the chance of the problem being resolved satisfactorily. If the problem does not get resolved directly with the provider, account holders have a number of options. For further information seeComplaints against banking, financial services, insurance companies and super funds.

    Banks and Banking  :  Last Revised: Mon Jul 1st 2019
    The content of the Law Handbook is made available as a public service for information purposes only and should not be relied upon as a substitute for legal advice. See Disclaimer for details. For free and confidential legal advice in South Australia call 1300 366 424.