Case:

Brief Facts:

• The Plaintiff, Suriati Mohd Yusof (“Suriati”) was at the material time the Director and shareholder of Keranji Beach Resort Sdn Bhd (“the Resort”) situated in Pulau Perhentian, Terengganu.
  
  
• The Defendant, CTOS Data Systems Sdn Bhd (“CTOS”) is a company incorporated under the Credit Reporting Agencies Act 2010 (“2010 Act”) tasked with collating credit reports from various sources including the Central Bank and other agencies for purposes of dissemination to subscribers.
  
  
• Suriati discovered sometime in May 2019 that as a result of a negative report from CTOS her loan application for a car was rejected.
  
  
• Upon further inquiry Suriati found out that the data collated by CTOS and kept by CTOS was inaccurate and false, giving her a negative credit rating.
  
  
• One of the information kept by CTOS which was inaccurate was related to a sum of money owed by Suriati to a company called WEBE (formerly known as Packet One Network SB) which Suriati denied owing.
  
  
• Apart from the inaccurate information, Suriati contends that CTOS had given her a low credit score leading to loss of confidence from financial institutions. Suriati found out that the credit score was based on inaccurate criteria which was not updated.
  
  
• Both the inaccurate information as well as the wrong credit score had resulted in Suriati being considered not creditworthy leading to personal and business losses.
  
  
• CTOS in their defence contended that all information given was with the consent of Suriati. Further CTOS contends that any information given by CTOS was with a disclaimer that any information given by CTOS was subject to verification by the parties applying for the report. CTOS’s role was merely to collate the information and it was not the duty of CTOS to verify its accuracy.

THE DECISION OF HIGH COURT (HC)

• CTOS’s main role is to collect, record, hold, and store the information received. In this particular case CTOS had a right to disseminate the credit information to the Small Medium Enterprise Development Bank Malaysia Sdn Bhd.
  
  
• Section 29 of the Credit Reporting Agencies Act 2010 clearly imposes a duty upon CTOS to verify the credit information received both for the purpose of using or processing the credit information.
  
  
• The HC states that the CTOS’s contention that the recipient of the information has a duty to independently verify the credit information is unfounded and unsubstantiated.
  
  
• In this case Suriati led evidence that CTOS was alerted that the information against her was inaccurate. The Court held that the evidence showed CTOS had ignored the communication from Suriati.
  
  
• In the HC’s view, the least CTOS could have done was to either suspend the information awaiting verification or notify the subscribers or applicants that the information was being verified.
  
  
• There is no provision in the 2010 Act empowering CTOS to formulate a credit score or empowering CTOS to create its own criteria or percentage to formulate a credit score.
  
  
• Based on the evidence adduced in this case the HC finds that the CTOS had breached the duty of care owed to Suriati and had overstepped the functions it was registered for.
  
  
• For the losses suffered the HC allowed Suriati’s claim and awarded a sum of RM200,000.00 as general damages. The HC also awarded a cost of RM50,000.00 to Suriati.