Norwegian Financial Supervisory Authority flags interest miscalculations affecting 3,204 cases and other debt collection weaknesses at Oflow AS

The Norwegian Financial Supervisory Authority published an on-site inspection report on debt collection firm Oflow AS after reviewing its risk assessments, internal controls, collection processes, client money reconciliations and compliance with the ICT Regulation. The inspection identified deficiencies in claim consolidation, the clarity of demand letters and fee presentation, interest calculation and disclosure, and the handling of court fees as client funds, and it reiterated the firm’s duty to incident-report to the supervisor. The review found errors in merging multiple claims from the same creditor against the same debtor across two case-handling systems, leading to remediation that included consolidating cases, crediting fees and restarting processes, and a change to send payment demands only once per day. Demand letters were found to present fees ambiguously, including inconsistent terminology for standard compensation claimed for business receivables under section 3a of the Interest on Overdue Payments Act, which the firm relabelled as an “EU-fee” from 25 September 2025. Interest-related issues included a system failure to update the statutory default interest rate from 12.50% to 12.25% from 1 July 2025, affecting 3,204 cases, where the supervisor considered that debtors who paid in full after being overcharged, including 347 cases with full settlement, should have collection fees refunded. Payment demands from one system also omitted the applicable interest rate, referring only to “current default interest” contrary to the content requirements in the Debt Collection Act, and a separate misunderstanding led to systematic miscalculation of the interest period, which has been corrected. The inspection also identified instances where court fees were paid into the firm’s operating account before the firm paid the state invoice, even though such amounts should be treated as client funds and held on a client account. Finanstilsynet expects strengthened controls, including better testing of interest rate changes before letters are issued, and stressed that incident reporting under section 9 of the ICT Regulation must be made without undue delay even if other affected parties report the same event. The firm was asked to provide a copy of the inspection report to its auditor.