Risk functions need to integrate consumer duty requirements into their frameworks and day-to-day routines. Ryan Knapton, ERM implementation project manager at Protecht explores how this can be achieved.
The upcoming Consumer Duty comes into force in less than 90 days, and The Financial Conduct Authority (FCA) is turning up the pressure. In a speech delivered last week, the FCA said that firms that ignore the new rules or who pose the most risk will face “swift action”.
Rather than the traditional, prescriptive tick-box approach to compliance, the Consumer Duty applies a more proactive, consumer-centric model, focused on outcomes to protect the customer from bad conduct, uphold the integrity of the UK financial system, and promote effective competition.
Specifically, those outcomes are defined as the essential components of the relationship between businesses and customers, comprising how firms develop, market, and provide products and services, as well as significant touchpoints throughout the customer’s journey.
So, what swift action should risk managers at financial organisations be doing to prepare for the upcoming 31 July deadline?
First, let’s take a look at the new Consumer Duty regulation. All financial companies have a responsibility to sell their goods and services in a transparent and accountable way.
”Risk functions need to integrate consumer duty requirements into their frameworks and day-to-day routines.”
From the early 1990s to 2010, millions of British people were mis-sold PPI policies after taking out loans and credit cards. This scandal exposed the fundamentally dishonest behaviour that was designed to extract money from consumers for reasons against their interests.
Although those organisations eventually paid the price, it was a stark reminder of corporate malpractice on a grand scale. This led to the FCA introducing a range of reforms aimed at improving consumer protection and increasing transparency in the financial services sector.
The Consumer Duty initiative is part of this broader conduct-based reform program and aims to ensure that firms prioritise the interests of their customers and provide them with products and services that meet their needs.
Under the Consumer Duty, the FCA expects firms to have “customer outcomes as a key lens for risk and internal audit.” This means that risk functions need to integrate consumer duty requirements into their frameworks and day-to-day routines.
What challenges does this pose to financial services organisations and how can they best prepare to comply?
How risk managers can navigate the new Consumer Duty
The critical success factors of the new Consumer Duty are defined as Communications, Products and Services, Customer Service, and Price and Value.
In practice, this means companies must begin by defining key risk indicators, such as mis-selling, for each stage, with metrics showing the customer outcomes.
A good place to start is ensuring your organisation has a product governance risk management process, with committees overseeing the creation of products, which can identify root causes of bad conduct from the outset.
If you don’t have one then begin by setting one up, involving all your people, from board-level champions, to product managers, to branch and call centre staff at the coalface.
”Without a robust risk oversight, you could cause customer harm and this is something that the FCA will not look kindly upon.”
Next, organisations should perform a risk assessment on each product and establish a regular review cycle. For high-risk products, such as derivatives, you might want to review twice a year; for more vanilla retail accounts, it might be every three years.
Once this review framework is in place, you can build up a view of product inventory, processes, and assessments in an integrated, centralised product management system.
This will allow businesses and risk managers to monitor how internal and external events might impact customer outcomes and to effectively manage risk.For example, the number of customer complaints per month might be a useful metric: when a set number is reached, a flag is raised and a process review initiated.
It’s worth bearing in mind that without a robust risk oversight, you could cause customer harm and this is something that the FCA will not look kindly upon. The fact remains - companies that are supported by risk teams have a responsibility to check and challenge the business with consideration for customers at the heart of everything.
The four pillars of Consumer Duty
The critical success factors that risk managers should consider to establish good customer outcomes are:
- Communications: Use clear and concise language, tested via market research and quality controlled by organisations, such as the Plain English Campaign.
- Products and Services: Identify what each is designed to deliver, deploy a solution to automatically track, monitor and analyse performance, with red flags to enable a proactive response.
- Customer Service: Make sure it is easy and user-friendly to communicate with your customers and measure engagement across multiple channels. Is your chatbot a help or a hindrance?
- Price and Value: Perform a fair value assessment against the competition, highlighting tangible benefits compared to other products.
Building operational resilience
The four pillars of Consumer Duty are closely linked to operational resilience, and being able to withstand and recover from operational disruptions, such as cyber-attacks, natural disasters, or system failures, while maintaining continuity of service to customers.
To ensure operational resilience, financial firms must assess their risks and put in place measures to mitigate them, such as identifying critical business functions, developing contingency plans, and testing their resilience through scenario-based exercises.
This ensures businesses can protect their customers better, and maintain their trust, which is essential for fostering long-term relationships and meeting the objectives of the Consumer Duty.
Next steps and deadlines
By now, all firms should have reviewed their existing products and services.
The next deadline for risk managers to be aware of is 31 July, which is the implementation deadline for new and existing products or services that are open to sale or renewal.
By this date, new firms, as well as regulated firms, will need to comply with the overarching principle of the Consumer Duty, which stipulates that consumers should receive communications they can understand, products and services that meet their needs and offer fair value, and get the customer support they need when they need it.
”It’s important to show you have a process and a methodology, if you can do this then you’ll be well prepared for the Consumer Duty and its obligations.”
An effective way to achieve the above, from establishing automated reviews to monitoring performance to flagging issues to enabling operational resilience, is by implementing a reliable, flexible and compliant enterprise risk management (ERM) software platform.
With minimal oversight, an ERM platform will do all the heavy lifting, and offer it up in an intuitive dashboard with analytics at your fingertips.
This will also enable the collection of incident and complaint data that relates to individual product trends in one single repository for total visibility. It’s also important to show you have a process and a methodology, if you can do this then you’ll be well prepared for the Consumer Duty and its obligations.
No comments yet