Credit agencies & scoring agencies
Business credit agencies, often simply called credit agencies, play a major role in commercial transactions. Wherever business partners grant loans or other financial default risks are to be feared, the work of a credit agency is indispensable.
Checking the so-called creditworthiness before a possible loan is by now common in business life not only at banks and credit institutions, but also in many other economic sectors.
What is a credit agency?
Business credit agencies are allowed to collect certain data and, under certain circumstances and conditions, may provide this data to individual business partners on request.
Credit agencies are basically private companies that collect information on creditworthiness and pass it on to requesting parties for a fee. A self-disclosure for private individuals about the stored business information is possible free of charge once a year with most credit agencies. The transfer of credit information typically occurs via an automated process, but can also be done in writing or by phone.
An example of a typical consumer credit agency is SCHUFA, which stores credit information on private individuals and is allowed to provide it on request. The Schufa Holding AG is probably the best-known credit agency in Germany. In addition, there are so-called business or trade credit agencies. These institutes primarily work with information on solvency, creditworthiness or economic activity of commercially active persons and companies, but an increasing amount of data on private individuals is also being collected.
In addition to these two basic forms of credit agencies, there are also so-called industry-specific warning services such as tenant warning files or credit agencies for other specialized market segments. A credit agency can only operate on the basis of certain legal grounds. The essential legal basis for the work of credit agencies and warning files is the Bundesdatenschutzgesetz.
Legal basis of credit agencies
The credit agency operates on the basis of the Bundesdatenschutzgesetz. Section 29 of the BDSG explicitly regulates under which conditions a credit agency may collect, transmit to third parties and process personal data at all.
Business credit agencies collect millions of data items annually. The data and business information collected by a credit agency include, in particular, identification data, positive data, negative data and so-called score values to determine the creditworthiness of an individual or a company. Identification data are essential for the clear assignment of a queried person. Name, date of birth and current and former addresses are included. Identification data are intended to reliably prevent confusion of persons and names in the millions of data items from the outset.
Negative data and positive data?
What is negative data?
Negative data or negative characteristics are information about negative payment experiences in the past. However, by law only such negative data on payment behavior may be processed and collected that allow clear conclusions about a person's unwillingness to pay or inability to pay.
According to the legal provisions of the Bundesdatenschutzgesetz as amended on 1 April 2010, transmission of negative data to a credit agency is only permitted if a due performance has not been rendered despite maturity or if transmission of the data is necessary to protect the legitimate interests of a third party.
Transmission of data to a credit agency is also appropriate if a provisionally enforceable judgment concerning a claim exists, or a corresponding title under the Code of Civil Procedure. In the case of a court-established insolvency or an express acknowledgement of debt by the debtor, transmission of data to the credit agency is also permitted.
What role do positive data play?
Positive data do not describe negative payment experiences from the past, but are still relevant for creditworthiness. With positive data, the credit agency can also make a statement about a person's willingness to pay. In addition, positive data contain information about contractual behavior such as termination, fulfillment or application for a business relationship, information on ongoing loans, credit card agreements or current checking account links.
Positive data related to banking transactions may be transmitted to a credit agency under the legal provisions of the Bundesdatenschutzgesetz (BDSG) if the protected interests of a data subject in excluding the data transfer do not outweigh and it is not an account operated on a credit balance basis.
The so-called SCHUFA clause or other consent clauses that used to be demanded from consumers when concluding contracts are thus no longer necessary. Other relevant positive data, such as the conclusion of a mobile phone contract, may, as before, only be passed on to a credit agency if the person concerned has expressly consented beforehand.
The score value - the relevant measure for assessing creditworthiness
Not all credit agencies work with score values. A score value is a statistically based predictive value about the future risk of a payment default. Exactly how the various credit agencies determine their score values is ultimately known only internally to the agency. Based on a forecast, the credit agency determines a score value that is relevant solely for the customer. Usually the score value is given as a percentage.
Credit agencies obtain data partly from public registers and partly from other companies. Credit-relevant information is transmitted by the contractual partners of the credit agencies. These include, for example, telecommunications companies, banks, energy suppliers, insurance companies, debt collection companies, but also mail-order retailers. These so-called submissions must, however, be legally permissible, because only then may data be used by credit agencies and, for example, be used to calculate a score value.
A credit agency also obtains sensitive personal data from public registers, debtor registers or insolvency registers. Credit agencies are allowed to receive extracts from public debtor registers, and they are also permitted to take and store data from public media, newspapers or the internet. In principle, a credit agency may only pass on data if a valid consent of the data subject exists.
Disclosure and data deletion
Credit agencies are obliged to provide information and to delete data.
The most frequent inquiries to credit agencies relate to the creditworthiness or solvency of specific persons. Here the requesting companies have a legitimate interest in obtaining information. Other reasons or mere curiosity do not entitle one to request creditworthiness information. For example, insurance companies are generally not allowed to collect credit agency data when concluding a contract.
For employers, asking about the creditworthiness of employees is not permitted; according to a decision of the Federal Labor Court, a creditworthiness inquiry may only be considered if an employee holds a position that requires a high degree of trustworthiness and reliability in financial matters. A financial advisor or a bank cashier would fall under this rule, but not a simple supermarket cashier.
If the legal requirements for a credit agency inquiry are met, the consent of the person concerned is not required. However, the requesting institution has the duty to use the collected data for the purpose of a credit agency inquiry. If data are stored without the knowledge of a person, the credit agency is legally obliged to inform the person concerned about the type of data and their initial transmission. Notification is usually made by a mailed form letter with the heading Benachrichtigung nach dem Bundesdatenschutzgesetz (BDSG).
Exceptions to the notification obligation are permissible if the person concerned has otherwise become aware of the storage or transfer of data. This would be the case, for example, with a signed SCHUFA clause in a contract. If a consumer is unsure which data a particular credit agency stores about them, they can also contact the credit agency directly with this concern. The credit agency has an obligation to provide information under the Bundesdatenschutzgesetz (BDSG); the data may therefore not be withheld.
Viewing your own data at the credit agency
Affected persons are entitled to a free self-disclosure once a year. For each further disclosure or self-disclosure, the credit agency may charge a fee. If it turns out that a credit agency has stored incorrect data, the person concerned can request their deletion; no additional costs may be charged for this. With appropriate evidence, a consumer always has the right to have data corrected, deleted or blocked.
If three years have passed since an entry in a debtor register, a credit agency must delete all data concerning the person. This deletion obligation also results from the provisions of the Bundesdatenschutzgesetz (BDSG). In the case of a personal insolvency, the data must be deleted after a period of three years from the granting of the so-called discharge of residual debt (Restschuldbefreiung).
Credit agencies in the German-speaking region
In addition to the well-known credit agencies such as SCHUFA or Bürgel, there are various credit agencies operating in the German-speaking region, some of which also offer different services.
Examples of credit agencies operating in Germany are the Verband der Vereine Creditreform e.V., Bürgel Wirtschaftsinformationen, Arvato Infoscore, Deltavista, Creditreform Boniversum GmbH and others. Due to the legal situation, credit agencies usually restrict themselves to a single country. Therefore, Austria and Switzerland have their own credit agencies and scoring agencies.