Schedule A (Regulation 3)
Form CB1 - Application to be registered as a credit bureau
Form CB2 - Resolution by applicant to apply to be registered as a credit bureau
Resolution of the Members/Directors/Trustees/Partners of ______________ (the entity) ______________ Registration number (if applicable) taken at ______________ on ______________ date ______________ of ______________ month ______________ yearRESOLVED THAT—1.The entity ____________________________ applies to the Central Bank for registration as a credit bureau.2.____________________________ (full name of person) be and is hereby authorised by the entity, to sign all such documentation and take all such steps as may be necessary to give effect to the above mentioned decision.3.The entity understands that it will be liable for any action by any broker or agent who acts on behalf of the entity.FULL NAME(S): ____________________________SIGNED: ____________________________ (Properly mandated representative of the applicant)Date ____________________________FULL NAME(S): ____________________________SIGNED: ____________________________ (Properly mandated representative of the applicant)Date ____________________________One member/director/trustee/partner to sign who is not nominated as the competent person;Two members/directors/trustees/partners to sign if the competent person is not a member/director/trustee/partner of the company.Form CB3 - Strategic and operational competence report to be completed by the applicant credit bureau and certified by an independent auditor
The Central Bank of Lesotho
Form CB3 - Strategic and operational competence report
Part A – Applicant's details
Name of applicant ____________________________Company registration number ____________________________Name of person that completed this Form ____________________________E-Mail ____________________________Contact telephone number ____________________________Date of submission ____________________________Part B – Strategic competence
1.Business planPlease confirm—(1)the existence of business plans;(2)lower-level supporting procedures;(3)remediation plans to address known deficiencies, for purposes of operating a credit bureau to serve the Lesotho market, and(4)provide a brief high level summary of the contents of such business plan;(5)The business plan should specifically refer to the strategy to collect, host and report credit information on—(a)all persons that are the recipients of credit in Lesotho; and(b)all natural persons that are Lesotho citizens, or juristic persons registered in Lesotho that are recipients of credit in any other country.2.Organizational overviewPlease indicate—(1)existing personnel holding key positions within the applicants' organisation as well as(2)the overall organizational structure.More Specifically:(a)Resource strategy & planningi.Indicate sufficiency of resources (IT, administration or call centre) to manage data to be received and administration requests;ii.If no or inadequate resource available, indicate plan to acquire additional resource;iii.Indicate qualifications/ experience of administration or call centre staff to manage consumer, data supplier and other requests.3.Site overviewPlease describe the applicant's building and site facilities for purposes of demonstrating its conduciveness to business operations.4.Business integrityThe object is to establish the integrity of the juristic person applying for membership as well as the integrity of the natural persons exercising management and control of the juristic person.More specificallyprovide background reports on—(a)persons who exercise management and control of the applicant, including a certification that—(i)such persons are "fit and proper" persons of good standing, and do not have any criminal records;(ii)have not been subject to insolvency proceedings; and(iii)have a good standing with the relevant government taxation authorities;(b)the juristic person /company applying for membership; including confirmation of record of registration of company; and that the company has a good standing with the relevant government taxation authorities.5.Corporate finance: Sources of financeFor purposes of financial due diligence, please indicate sources of finance relating to the applicant.More specifically—(a)confirm that the applicant has sufficient financial resources to operate a credit bureau to service the Lesotho market; and(b)confirm that the applicant has adequate liability insurance.Part C – Operational assessment
1.Information Systems (IT)Assessing the current applicant's computer processing environment to ensure that the key information technology areas are addressed by controls implemented by the applicant. In this regard, please indicate implementation of controls specifically covering the following areas—(a)Information Systems Operations including technological capacity;(b)Information Security around critical servers and firewalls;(c)Change Control over application and operating systems, databases, networks and hardware; and(d)Resource and Continuity Planning, including a description of the current procedures and plans in place to acquire and train resources, and indicate whether continuity planning is in place to ensure the applicants' business and IT operations are a going concern.More Specifically:(a)Information systems operations:(i)High level indication of systems;(ii)High level indication of operational process;(b)Information security—(i)Protection of data collected (couriers, FTP, e-mail etc.);(ii)Protection of data on CD's, cartridges, disks, e-mail etc. at bureau site (e.g. fireproof cabinets, physical media filing and cataloguing, encryption, access security etc.);(iii)Protection of data on the database against unauthorized access, removal or amendment (e.g. password control, firewalls, intrusion detection etc.);(iv)High level indication of physical security (premises, computer room etc)(c)Change control (over application and operating systems, databases, networks and hardware); indication of change control process followed when making changes to the above data;(d)Business continuity procedures(i)Indication of disaster recovery process(ii)Indication of disaster recovery site(iii)High level indication of business continuity plan.2.Credit information integrity and accuracyMore Specifically:(i)High level indication of key measures of matching credit information to consumers;(ii)High level indication of credit information quality process followed prior to loading data to the database;(iii)Indication of measures to remove credit information from display at the expiration of the prescribed data display period.3.Processing credit information for purposes specified in lawMore specifically:High level indication of key measures to ensure that credit information will only be reported or released for purposes prescribed in the Act.Part D – Declaration
I confirm that:(a)I am duly authorised to sign this report;(b)this report is to the best of my knowledge and belief accurate and complete;(c)appropriate methods have been implemented to ensure that the information in this report is accurate.______________________________Name of Duly Authorised Officer of Applicant Credit Bureau______________________________Signature of Duly Authorised Officer of Applicant Credit BureauForm CB4 - Quarterly Synoptic Report
Schedule B (Regulation 3(1)(f))
Fees
1.Application feeThe prescribed application fee in terms of section 14(l)(a) of the Act is 20 000 Maloti—(a)payable by each applicant upon application for registration as a credit bureau;(b)must be paid to the Central Bank upon submission of the application for registration or within 20 business days from receipt of notice from the Central Bank for payment of the application fee for applications already submitted; and(c)must be paid by cheque made out to the Central Bank or by electronic transfer to the bank account of the Central Bank.2.Initial registration feeThe prescribed initial registration fee in terms of section 14(1)(b) of the Act is 10,000 Maloti—(a)payable by each registrant upon initial registration as a credit bureau;(b)must be paid to the Central Bank upon registration of the applicant as a credit bureau or within 20 business days from receipt of notice from the Central Bank for payment of the initial registration fee for an applicant already registered; and(c)must be paid by cheque made out to the Central Bank or by electronic transfer to the bank account of the Central Bank.3.Annual registration renewal feeThe prescribed annual registration renewal fee in terms of section 14(1)(c) of the Act is 5,000 Maloti—(a)payable by each registrant annually for purposes of renewing registration as a credit bureau;(b)must be paid to the Central Bank upon renewal of registration or within 20 business days from receipt of notice from the Central Bank for payment of the annual registration fee for registration already renewed; and(c)must be paid by cheque made out to the Central Bank or by electronic transfer to the bank account of the Central Bank.Guidelines (Regulation 8(1))
Guideline CB1
Guidelines for Annual Compliance Reporting
Guideline and Explanatory Notes for the Certification of Annual Compliance Report
Guide for Independent Auditors of Credit Bureau
Summary
Guideline in respect of the certification of annual compliance report
This document constitutes guidelines issued by the Central Bank of Lesotho, in terms of Regulations issued in terms of the Credit Reporting Act, 2011.This guideline is intended for independent auditors of the registered credit bureaus who by regulation are required to submit an annual compliance report which is certified by their independent auditors. This document provides guidance and explanatory notes pertaining to the certification of an annual compliance report, which must be submitted to the Central Bank of Lesotho on an annual basis.1.Definitions"Act" - Credit Reporting Act, 2011"CBL" - Central Bank of Lesotho"Credit record" - Any consumer record with one or more account, payment profile entry, adverse record judgment, or default. With the exclusion of any enquiries."Credit report" - (direct to consumer) Report issued to consumer with or without charge which contains credit information."Data supplier" - Any party who supplies credit information to a credit bureau, irrespective of whether there is a written contractual relationship between the party and the credit bureau. Examples: credit providers, service providers, judgement information providers, information on-sellers etc."Deemed valid dispute" - Where a change or correction on a credit record is required due to the prescribed investigation period that has lapsed."Dispute" - Where investigation is required and feedback is expected."ID fraud" - Identity fraud is a synonym for unlawful identity change. It indicates an unlawful and intentional misrepresentation by using the identity of another person or of a non-existing person as a target or principal tool. Identity fraud can occur without identity theft, as in the case where the fraudster has been given someone's identity information for other reasons but uses it to commit fraud, or when the person whose identity is being used is colluding with the person who is committing the fraud."Information" - Credit information as defined in the Credit Reporting Act, 2011."Juristic person" - Includes a partnership, association or other body of persons, corporate or unincorporated, or a trust if (a) there are three or more individual trustees; or (b) the trustee is itself a juristic person."Regulations" - Credit Bureau Regulations in terms of the Credit Reporting Act, 2011."Service provider" - An entity that provides services to consumers or other entities. Such as a medical practitioner, a telecommunication service provider etc."The Act" - The Credit Reporting Act, 2011."Valid dispute" - Where a change or correction on a credit record is required after investigation.Where a definition, within these guidelines does not coincide with that of the Act, in all instances the definition in the Act will supersede and take precedence over any definition provided within these guidelines.2.IntroductionThis guideline applies to independent auditors of credit bureaus who have registered with the CBL. The guidance and explanatory notes have been compiled by the CBL to provide assistance to those responsible for certifying the Annual Compliance Report.This document provides guidelines on the annual compliance report that must be certified by an independent auditor for submission to the CBL.3.General3.1.Submission timeThe annual compliance report must be submitted by the credit bureau to the CBL by the 15th March each year for the period 1 January to 31 December of the previous year.3.2.Submission procedure and addressThe signed annual compliance report must be submitted in duplicate, with only one being signed as the original, together with an electronic version of the completed return. The signed copy and duplicate must be sent to:The Central Bank of LesothoCnr Moshoeshoe & Airport RoadsMaseru 100LesothoE-mail: ____________________If applicable, a nil return may be submitted in accordance with the above guidelines and procedures.4.Company details| Name of registered entity: | registered name. |
| CBL Registration Number: | unique registration number that is allocated to each credit bureau at registration by the CBL. |
| Name of contact: | is the person who completed/compiled the compliance report. |
| Telephone and e-mail contact: | telephone and e-mail contact details of the person who completed/compiled the annual compliance report. |
| Year covered in return: | the starting and ending dates pertaining to the relevant reporting period. |
Guideline CB2
Guideline and explanatory notes for quarterly synoptic reporting
Definitions;For the purposes of regulation 12 of these regulations requiring the submission of a quarterly synoptic report by a registered credit bureau, the following words, and phrases shall bear the meanings as set out below:"accounts in good standing" means accounts that are current or 1 to 2 months in arrears;"accounts with impaired record" means accounts that are 3 or more months in arrears, or accounts that have adverse listings, judgments, sequestration order, liquidation order, rehabilitation order, or administration orders;"a consumer in good standing" means a consumer who may be a natural or a juristic person with all accounts in good standing;"a consumer with an impaired records" means a consumer who may be a natural or juristic person, with one or more accounts with an impaired record."consumer" shall mean a natural or juristic person, who is the recipient of a credit product."credit product" shall mean a mortgage; vehicle and asset finance; unsecured credit loans; credit facilities; and telecommunications services billed in arrears."credit facility" shall mean the extension of credit as defined in the Act, and where the credit provider defers the obligation to pay for any part of the goods or services or any part of an amount extended; or bills periodically for any part of goods or services or any part of an amount extended; and a charge, fee or interest is payable to the credit provider in respect of an amount deferred or billed periodically and not paid within the time provided in the agreement."juristic person" means a juristic person as defined in the Act with annual turnover less than five million maloti."mortgage" shall mean a pledge of immovable property that serves as security for a mortgage agreement."outstanding book debt per credit product" shall mean the total outstanding principal debt per credit product."unsecured credit loan" shall mean the payment of a monetary amount, within the definition of the phrase "extension of credit" in the Act, and the deferment of the repayment of such monetary amount, which debt is not supported by any pledge, or other right in property or suretyship or any other form of security."vehicle and asset finance" shall mean the extension of credit for purposes of facilitating the purchase of a vehicle or other asset.Credit Information Reporting Standards
Standards for the filing, maintenance, retention, display and reporting of credit information
1.Display periods for credit informationCredit information as per the following Table may be displayed and used for the purposes of credit assessment for a maximum period as indicated:| Categories of credit information | Description | Period for which information must be retained from date of commencement of the event |
|---|
| 1. Details and results of disputes/requests lodged by consumers | Number and nature of complaints lodged and whether complaint was rejected.No information may be displayed on complaints that were upheld. | 18 months |
| 2. Enquiries | Number of enquiries made on a consumer's record, including the name of the entity / person who made the enquiry and a contact person if available | 2 years |
| 3. Payment Profile | Factual information pertaining to the Payment profile of the consumer | 5 years |
| 4. Adverse Information consumer behaviour | Qualitative information on consumer behaviour | 1 years |
| 5. Adverse Information enforcement action | Classification related to enforcement action by a credit provider | 2 years |
| 5. Civil court judgments | Civil court judgments for debt including default judgments | The earlier of 5 years or until the judgment is rescinded by a court. |
| 7. Administration Orders | As per the court order | The earlier of 10 years or until order is rescinded by a court |
| 8. Sequestrations | As per the court order | The earlier of 10 years or until rehabilitation order is granted |
| 9. Liquidations | As per the court order | Unlimited period |
| 10. Rehabilitation Orders | As per the court order | 5 years |