At the end of July, the Financial Conduct Authority (FCA) set out its plans for implementing Consumer Duty requirements – and amended the timetable. The result is that firms have been given a little more breathing space to introduce the requirements for new business from the end of July 2023. But they have now been told that they must have a plan in place by the end of October this year. The clock is definitely ticking.
In setting out its latest proposals, the FCA highlighted four areas in which it expected firms to deliver good outcomes for consumers: on products and services; price and value; consumer understanding; and consumer support.
The challenges are wide-ranging but, when it comes to understanding consumers and providing them with support, there is an implicit requirement for firms to have a much better understanding of the characteristics and vulnerability of customers. In fact, vulnerability is mentioned more than 100 times in the Consumer Duty regulations.
In the headline summary of its announcement at the end of July, the FCA set out the challenge clearly:
“Our rules require firms to consider the needs, characteristics and objectives of their customers – including those with characteristics of vulnerability – and how they behave, at every stage of the customer journey.”
A tougher regime
In some ways, Consumer Duty builds on the FCA’s long-established treating customers fairly agenda. But the new regime takes those requirements much further. Firms will have to monitor the application of Consumer Duty across the full distribution chain as well as their own organisation, effectively policing their partners as well as themselves, and report any non-compliance to the FCA.
As long ago as 2015, the FCA set out some useful practical tips for dealing with customers in its Consumer Vulnerability Occasional paper. This was mostly incorporated into training and reinforcing the right kind of behaviours in frontline staff. But it will not be enough to meet the new requirements because:
- The way in which the original guidance was interpreted essentially made it a subjective assessment of individual customers, rather than encouraging objectivity and consistency in how vulnerability is assessed.
- It implied the mistaken idea that vulnerability is binary, reinforcing the view that individual customers are either vulnerable or not. But the extent to which people are vulnerable extends across a range.
- It encouraged the identification of vulnerability, while Consumer Duty corrects this to distinguishes between the characteristics of consumers and the circumstances that make them vulnerable.
- Consumer Duty reinforces the need to record customer characteristics for ongoing monitoring and reporting to the board.
What’s needed now
The Consumer Duty remit requires firms to focus on the outcome of their interactions with customers. Understanding vulnerability, however, requires attention on the input from consumers, on how firms collect the right sort of information about them and use this to minimise the potential for a poor outcome. One does not substitute for the other; instead, they work together.
All aspects of Consumer Duty – fair value, product design, understanding outcomes and ongoing support – rely on a good understanding of consumer characteristics, helping to identify vulnerable customers. Hence, good data on consumer characteristics and the circumstances in which firms interact with customers is essential to comply with the Consumer Duty rules.
What do firms need to do now? What are the essential components of a successful plan that they can sign off in less than three months’ time? In our view, it will need to include:
- An objective method of assessing and recording consumer characteristics to provide a consistent reliable data, not only for managing vulnerable customers but also as a building block for complying with Consumer Duty.
- Robust systems for recording how customer characteristics may change over time and how vulnerability is a consequence of different interactions with firms. And at all times, firms will have to ensure they comply with general data protection regulation (GDPR).
- The ability to recommend appropriate actions to manage instances of vulnerability in a consistent manner across firms and maintain records that provide evidence of actions and interactions with consumers.
- A commitment to management information that will ensure firms meet the standards set out in Consumer Duty and recent ‘Dear CEO’ letters. This will require good data that is objective, consistent, and recorded digitally, so it can be accessed, collated and reported economically. For many firms, management information remains flawed – it is too subjective, inconsistent, lacks sufficient detail and is often inaccessible.
Many firms are finding that a lack of consistency in collecting and using information is causing fresh problems. MARS, the MorganAsh Resilience System, brings an objective methodology to managing vulnerability and provides a building block for implementing Consumer Duty regulations.