Improving culture in financial services remains a priority for the FCA. The difficulty is that each firm's culture is different and there is no one size fits all model nor does the regulator prescribe what any regulated firm's culture should be. However, the FCA understands that firms' culture shapes the conduct outcomes for both consumers and markets.
The FCA assesses the drivers of culture including by looking at a firms' leadership, purpose, governance and approach to managing and rewarding its employees. When the Senior Managers and Certification Regime (SMCR) is rolled out to solo regulated firms in December, most employees in such firms will be subject to the five conduct rules that represent the minimum standards of behaviour expected by the FCA. These rules provide that such employees must: (i) act with integrity; (ii) act with due care, skill and diligence; (iii) be open and cooperative with the FCA, the PRA and other regulators; (iv) pay due regard to the interests of customers and treat them fairly; and (v) observe proper standards of market conduct. It is therefore expected that direct personal accountability for culture and customer outcomes will more formalised and increase within firms.
Whilst the FCA accepts that culture is not always easy to measure, it does believe that it is manageable. Two years ago in an FCA speech the regulator spoke about managing culture through four types of lever.
The first lever is a clearly communicated sense of purpose and approach with firms clearly communicating to its employees the 'what', 'how' and 'why'. The second lever deals with the 'tone from the top', what staff see and hear from senior management. The third lever is the formal governance processes and structures, the policies and systems that specify expected behaviours and decisions.
From a conduct culture point of view, this looks for a well thought through conduct risk framework: is there a clear exposition of conduct risks, the systems and controls for mitigating them and risk indicators for monitoring them? Finally, the fourth lever deals with people related practices, including incentives and capabilities. Does a firm's pay structure reward misconduct? Is the pressure to turn a profit driving employees to act against consumers' interests?
In the pipeline
Despite the introduction of the SMCR for banks, insurers and significant investment firms in 2018, the absence of any FCA enforcement action taken against individuals so far in 2019 has been stark. The most noticeable action take to date has been against a chief executive of a major bank who was fined and censured for seeking to unmask a whistle-blower. However, it has been reported recently in the press that David Blunt, head of Conduct Specialists at the FCA, has stated at an industry conference that:
“There is indeed a pipeline of individuals under investigation, because we've seen circumstances to suggest that they may have engaged in serious misconduct. That's the threshold for starting an investigation. And there are individuals who're going through the process of disciplinary action after an investigation has concluded. As to what that action looks like, there is actually quite a wide variety of behaviour that has led individuals to be subject to investigation – but the key common factor is that the conduct we've seen appears to be serious misconduct. Once we've crossed that threshold, we are committed to investigate.”
Recent misconduct investigations
In terms of the FCA final notices so far published this year there are some themes linked to the levers mentioned above. For example FCA enforcement action against The Prudential Assurance Company Limited (Prudential) and Standard Life Assurance Limited fine highlight concerns related to policies and systems that specify expected behaviours and decisions and people related practices, including incentives and capabilities.
Briefly, the FCA fined Prudential for its failures relating to non-advised annuities sales. Prudential's non-advised annuity business focused on selling annuities directly to existing Prudential pension holders. Firms are required to explain to customers that they may get a better rate if they shop around on the open market and Prudential was aware that many customers could get a higher income in retirement by shopping around on the open market.
However, Prudential failed to ensure that customers were consistently informed that they might get a better deal if they shopped around and failed to take reasonable care to organise and control its affairs in breach of its obligation to ensure the fair treatment of customers.
Prudential also failed to ensure that documentation used by call handlers was appropriate and failed to monitor calls with customers properly. Prior to 2013, the risks created by a lack of appropriate systems and controls were increased by sales-linked incentives for call handlers and their managers which meant that call handlers might put their own financial interests ahead of ensuring fair customer outcomes. Call handlers were incentivised by the possibility of earning an additional 37% on top of their base salary and winning prizes such as spa breaks or weekend holidays.
The FCA enforcement action against SLAL also related to failures concerning non-advised sales annuities. SLAL failed to put in place adequate controls to monitor the quality of the calls between its call handlers and non-advised customers. At the same time, SLAL offered its front-line staff large financial incentives to sell annuities, which encouraged them to place their own financial interests ahead of their customers. This gave rise to a significant risk that SLAL's call handlers would fail to provide customers with the information they needed to choose an annuity appropriate to their circumstances.
The Carphone Warehouse
Another example concerning people related practices (capabilities) would be the FCA fine of The Carphone Warehouse. The FCA fined The Carphone Warehouse on the basis that it had failed to give its sales consultants the right training to give suitable advice to customers purchasing Geek Squad (a mobile phone insurance and technical support product). In particular, sales consultants were not trained adequately to assess a customer's needs to determine whether Geek Squad was suitable.
The above examples also highlight where failings in these areas not only impact retail customer outcomes, but can also cause issues and detriment with the more vulnerable. Many of the customers impacted by the examples above are likely to have been less sophisticated, financially capable, and resilient. These types of customers receiving poor outcomes is precisely what the FCA does not want to see.
From a retail customer standpoint, firms should be critically assessing their businesses and where customer “harm” could be caused. In doing so, they should be particularly mindful of their business model and culture:
Business model - harm can be caused by firms taking risks to make money, and also the business model or product line itself having an intrinsic high level of potential harm. Firms should be looking at these, and taking action where appropriate.
Culture – firms focus on compliance, but having a culture led by fairness is likely to be healthier. Going forward into SMCR, firms should be looking to evidence the reasonable steps that they have taken to make thought-through and sustainable decisions. In summary, firms should be challenging themselves on whether they “should” take a course of action, as well as whether they “can” do so.
First published on Thomson Reuters Regulatory Intelligence on October 25, 2019.