overseas

This page considers overseas consumer credit reporting regimes, including profiles of major credit reporting enterprises.

It covers -

• the global giants
• European regimes

     the global giants

In North America the three dominant groups are Experian (formerly part of TRW and now controlled by UK retailer GUS), Equifax and TransUnion (under the control of the Pritzker family, better known for the Hyatt hotel chain). In 2001 it is estimated that Experian's North American revenue was over US$1 billion and TransUnion had around US$200 million. Equifax reported revenue in 2003 of US$1.2 billion, with income of US$200 million. They are trailed by Innovis and a plethora of minor competitors.

Experian originated as a data processing unit of US high technology conglomerate TRW. It was acquired by GUS (the UK retailer with interests that include Burberry) in 1996 and absorbed the CCN data services arm of what was then Greater Universal Stores. A perspective is offered in Davis Dyer's celebratory TRW: Pioneering Technology and Innovation, 1900-1996 (Boston: Harvard Business School Press 1998).

Experian claims to maintain credit information on 205 million consumers and 14 million businesses in the US, to process 1.4 million consumer transactions per day and to have classified "more than one seventh of the world's population into demographic groups for target marketing".

Equifax - which charmingly claims that it "enlightens, enables and empowers consumers to manage and protect their financial health with services offered online" - traces its origins to the Retail Credit Company established in Atlanta in 1899. It became Equifax in 1913. A view of a UK acquisition is provided by The Growth of Credit Information: A History of UAPT-Infolink plc (Oxford: Blackwell 1992) by C. McNeil Greig.

TransUnion - described as "world's leading business intelligence providers" - dates from the 1968 reconstruction of Union Tank Car Company, a railcar leasing business that acquired the Credit Bureau of Cook County (CBCC) in 1969 and automated its operations. At the time of acquisition the CBCC used 3.6 million card files.

Innovis Data Solutions has leveraged a relationship from 2001 with mortgage insurance groups Fannie Mae and Freddie Mac, which requie affiliates to report borrowers' payment histories. Although it currently doesn't sell consumers' credit histories to financial institutions and potential employers, it has gained attention in the development of mailing lists for current/potential providers of credit to those borrowers and for its role in underpinning junk mail from non-finacial institutions. Its New Movers service for example provides a monthly list of people who have reported a change of address. The Innovis FailSafe database supplies names of consumers who are late or who have been late on debt payments.

Innovis traces its history to US credit reporting businesses active in the 1930s and 1950s, which exchanged information from 1970 onwards through ACB Services under the umbrella of Associated Credit Bureaus (ACB).  ACB Services was renamed Consumers Credit Associates (CCA) in 1989, renamed Innovis Data Solutions in 1997 after acquisition by First Data Corporation and subsequently sold to CBC Companies in 1999. CBC is an information services group that encompasses rocessing consumer loan and mortgage processing, apartment rental applications and personnel evaluation. 

     European regimes

A perspective on the US, Australian and New Zealand regimes is provided by examination of arrangements in Europe.

As noted earlier in this profile, the EU Directives provide umbrella coverage (particularly for cross-border data collection and transfer) but there is variation between national regimes because most credit services have traditionally had a national base.

Sweden features US-style credit bureaus with comprehensive registries of white and black data. In the case of UC AB, the dominant player, that includes a range of financial data (including business activity information, tax information and information from property registers), demographic information and credit reporting information. Swedish law specifies that data can only be released for particular purposes, with the individual receiving a copy of the report and information about who received that report, but aggregate data is being used extensively in generic prediction systems. Registry data is available to financial institutions, retailers, government agencies, real estate services (eg regarding leasing of apartments) and utility providers. Inclusion of black data is dependent on government recognition of the debt. Unpaid debts remain in the register for as long as the creditor attempts recovery; if the creditor abandons recovery the data is held for ten years. (When a debt is recovered the data remains in the register until the end of the current year plus three extra years).

The Danish regime centres on a single registry - operated by RKI Kredit Information A/S - that integrates data from financial institutions, utility operators and retailers with government data from the Danish Official Gazette (including bankruptcy notices and court ordered sales). The registry is one of the most restricted in Europe. In accord with the Danish Data Protection Act information in the registry is deleted after five years or when the individual clears the debt. Data subjects are formally alerted by the registry operator when information is added; that alert enables the subject to initiate appeal proceedings or clear the debt and thereby expunge the data.

The UK industry is similar to that in the UK, overlaid by the EU Directives and UK financial services legislation. There is no public registry and the market is dominated by the three commercial bureaus: Equifax, Experian (UK-owned) and TransUnion. Data in their registries is drawn from financial institutions (in particular the banks, the dominant credit card providers), retailers, utility providers. It is also drawn from a small range of public sources, notably the electoral roll (eg for verification of identity and tracking of data subjects). The registries offer positive and negative information, distributed on a reciprocal basis. It is estimated that negative and positive information in the two largest registries covers over 80% of the adult population.

Eire has a contrasting regime, centred on a registry maintained by the Irish Credit Bureau (ICB), controlled by some 30 financial institutions (primarily banks and building societies). The ICB was formed in 1965 by the Irish Finance Houses Association and draws on data provided by its members, including the outstanding balance on home, car and other loans, arrears and repayment histories. Consistent with the weakness of Eire's privacy legislation, the registry maintains data for five years after the conclusion of each financial agreement. The 1984 Data Protection Act specifies that data must only be maintained regarding those data subjects who agree to inclusion but, as in Australia, such protection appears of dubious value since most credit agreements feature a consent provision (no agreement means no credit). Data subjects can obtain a copy of their personal credit information from the registry, include a statement where data is incomplete or "irrelevant", obtain the correction of faulty data and in particular circumstances flag that data is irrelevant for the purpose for which they are kept. Registry members are required when requested by a data subject to provide information about any credit reference agency involved in assessment of a loan application. That provision covers ICB members only and thus excludes 'fringe' entities.

Germany has a mixed public-private sector regime. The dominant player is the Schutzgemeinschaft für allgemeine Kreditsicherung (Schufa), a non-profit entity owned by banks and retailers. Its databases, which date from before 1927, cover an estimated 55 million people. Schufa's information is black and white, with consent of the data subject required for release of positive data. German law identifies the right of data subjects to be notified of listing and to correct and restrict/delete incorrect data. Organisations providing negative information can only access the same type of data. Access charges reflect the reciprocity model, with pricing dependent on the data provided and requested. The major public registry - established in 1934 - is operated by the Bundesbank.

Across the boder in Austria the KSV private credit reference and debt collection bureau, tracing its origins to 1870, is owned by financial institutions. It serves as a non-profit clearinghouse for the exchange of negative and positive credit information between banking, finance, insurance and leasing enterprises. (Utilities and retail enterprises participate only in exchange of negative information.) Data is held in the register for three years if the debt has been recovered, with maximum retention of 30 years for unrecovered debts. KSV has been expanding into Central and Eastern Europe.

The Belgian regime is similar to that of Germany, with a public registry operated by the National Bank of Belgium (NBB) since 1987 and a private registry operated by the Union Professionnelle du Credit (UPC) - the national association of consumer credit companies. Finance providers are required to check the public registry prior to granting of credit, with data subjects being informed of any negative entry. The UPC registry, dating from the 1930s, involves over 60 financial institutions of UPC. It encompasses an estimated 96% of the consumer credit sector, 78% of professional/SME leasing and 90% of the housing credit sector. Belgian law prohibits use of the registries for any purposes beyond assessment of creditworthiness, credit management and authentication of financial instruments. Negative data is maintained for between one and ten years.

The Bureau Krediet Registratie (BKR), dating from 1965, is the dominant player in the Netherlands, covering around 6.5 million people. It draws on data provided by financial institutions and utility operators. Demographic data is collected only for identification purposes. The registry emphasises positive data, including the nature of lending or other transaction and the start and end dates. Data on mortgage borrowing is currently restricted to instalments due for more than 120 days. Data regarding unpaid debts is retained for an unlimited period; data on debts that have been settled is retained for five years (in contrast to the Danish regime) to facilitate identification of individuals who systematically delay payment. Data subjects can access their records for a small fee and identify discrepancies.

In France the Banque de France operates a national public registry of negative data, reflecting traditional concerns about financial secrecy and low uptake of consumer lending throughout much of the past century.

Italy has two private sector credit bureaus: CRIF and Consorzio per la tutela del credito (CTC). CRIF, the dominant player, is a for-profit entity that collects positive and negative data for all types of loans - primarily those by banks. In principle there is no minimum threshold, unlike some of the northern European regimes. Its databases reportedly cover 21 million Italians, encompassing demographic information, tax and asset information and loan details. CTC is a non-profit entity, owned by credit providers (particular car finance) and operating a negative registry that reportedly covers 90% of the Italian market. Its members have unrestricted access to the registry.

Spain has a mixed regime. A public central registry is managed by the Bank of Spain. The registry operates on a positive basis, with mandatory data contribution by financial institutions. It has a high threshold, excluding most consumer credit loans and arguably serving as a tool for central monitoring of the stability of lending bodies. The dominant private sector player since 1994 is a joint venture of Equifax and the national federation of finance companies (ASNEF). Data is provided by financial institutions and some utility companies.

In Portugal the dominant credit bureau is a joint venture between Equifax and the national association of credit providers (ASFAC); the national Banking Secrecy Act prohibits the sharing of data by financial and non-financial enterprises and the registry - which features positive and negative data - thus currently does not receive information direct from retailers or utility providers. As with Spain, the Bank of Portugal operates a registry oriented towards supervision of lending institutions.




   next page  (Australia and New Zealand)