Deloitte has been helping clients assess the quality of their Single Customer View (SCV) files since the regulations were first introduced in 2009. These regulations received a major revamp in December 2016 requiring most firms to revisit their solutions.
A recent interview between Deloitte and the Financial Services Compensation Scheme (FSCS) highlights the successes and challenges that have been faced as a result of these changes. In this article we provide a summary of the current state of analysis from the FSCS; current advances, including their online testing tool; and what the future focus is for the FSCS and for Single Customer View.
How often should a firm expect to be tested for file compliance?
A question we are often asked by clients is how likely they are to be subject to an official review by the FSCS. We asked the FSCS to explain their approach to selecting deposit takers for review.
FSCS: Our shared goal with the PRA is to assess all deposit takers within a three-year cycle. This will take time to achieve, in particular given the number of re-tests that have to be performed, although we have doubled our testing capacity since 2017. We also focus our attention on the segments of the industry that are most vulnerable, with the focus more recently being on credit unions.
What does it mean if you get a Red rating from an FSCS review?
Over time we have seen a steady improvement in the quality of the files we have been asked to analyse. We asked the FSCS how they measured file quality and in particular how they determined a files' RAG status.
FSCS: We’ve worked with the PRA to devise a framework for the RAG rating. We have seen an improvement in quality, however our own assessment criteria has changed. A Red rating on a file was usually associated with a file that we deemed unusable to achieve payment within the seven day window. However, overtime we have refined how we define "unusable" and it is now a much more forgiving real world measure that considers aspects such as the relative rather than absolute error rates, and whether the file was provided on time. Our statistics show that back in 2016, 73% of files were deemed unusable; the proportion of files flagged as Red has dropped significantly since then but the areas where most concerns arise are file formatting, balance calculations, FX, handling of joint accounts and correct eligibility flags.
How can new matters arise between test and retest?
When we conduct repeat client visits as part of an annual internal audit plan, we see new matters arising on customer and account records that existed in the previous year but were not identified. This tends to be as a result of new tests created within our test suite or because of an update to existing ones (see Fig 1).
These matters have been identified from retests over a year gap, however some clients reported that the FSCS retests over a few months could also throw up new matters which they found unbalancing. We asked the FSCS if they could explain why this was occurring with their testing approach.
FSCS: We do not seek to withhold any results and this would only be arising if tests could not be run for file or data quality reasons initially, which was resolved in time for retesting.
Why does the FSCS not share its definition of good with the industry?
We have questioned why the test definitions are not shared with the industry to help promote compliance and certainty among the community. We put it to the FSCS that this would be a helpful thing to do.
FSCS: There are three main reasons why we’re not comfortable publishing our test criteria:
1. Those that met our criteria may stop investing in data quality, effectively placing a ceiling on data quality which would not be ideal
2. A number of the tests are not absolute, in that they merely indicate a matter to investigate, such as tests using keywords.
3. The tests can get updated rapidly in response to matters identified at a particular deposit taker. There is a risk that a published set of tests would not be accepted by the industry as being a dynamic set of tests that evolve over time without consultation.
So for now, we have no plans on publishing our testing criteria.
How does the new online testing tool from the FSCS work?
We recently worked with a client who had used the FSCS online testing tool; finding it a valuable addition to their compliance efforts. We asked the FSCS what their plans were for making this service more widely available and what that might mean for depositor takers compliance assessment.
FSCS: Our online testing tool is still very much a work in progress but is a key element of achieving our three-year cycle time to test the whole industry. Right now and for the foreseeable future it will be an invitation only service, as it is only semi-automated requiring manual intervention to confirm the data and to load results back into the portal.
The service though is being expanded and enhanced in a number of ways:
1. Its capacity is being increased to support 20 tests a quarter by the end of 2019 and more thereafter;
2. More automation is being added to improve turn-around times. In an ideal world, we would have a ‘supportive, fully automated, self-verification process’ within three years; although the PRA are yet to be convinced that the more traditional manual testing approach can be retired;
3. More tests are being added, although the expectation is that the tests in the online tool will only comprise of those that identify definite errors. We then asked what happened to firms that accepted the invitation but had issues with their files?
Firms are invited to use the tool and statistics about the test results are shared with the PRA. We take a supportive stance and whilst we expect firms to remediate issues, we also discuss the matter with PRA supervisors and typically agree to extended timeframes before informing a firm that they are going to be subject to the normal full review.
Can the industry expect future changes to the regulations?
We have noted that a number of overseas banks have subsidiarised their UK operations, or UK banks have subsidiarised their overseas branches to meet current regulatory expectations and to address Brexit concerns. This has forced them to confront the subtle but real differences of the Deposit Guarantee Schemes Directive (DGSD) implementation across Europe. We have generally found that institutions have under-estimated the changes needed in these scenarios. We asked the FSCS if they were aware of or were lobbying for any changes in the regulations that would impact UK firms.
FSCS: We are neither lobbying for changes nor aware of any impending changes from the PRA. However, there is ongoing general thinking about how the payment of compensation by cheque can be replaced with a more modern and faster approach. Like most of the industry however, there remains debate about how the existing Continuity of Access rules might be approached.
So what does this all mean?
A key take away is that the regulatory focus on this topic is here to stay but the testing regime is going to increase in scope, specifically in frequency of testing as the FSCS achieve their goal of a three-year cycle. However, with the development of the FSCS online testing tool, the effort involved in responding to the FSCS requests should become less of a burden.
Rightly firms remain focused on compliance in this area and we are seeing demand for our services continuing to grow on three fronts; a more regularised approach by building FSCS compliance reviews into Internal Audit or compliance verification programmes; urgent requests for pre-verification in response to receiving the verification request from the PRA; and helping clients who are splitting their businesses through subsidiarisation.
In our view the industry is getting better at protecting depositors, but we are surprised by some of the fundamental or recurring errors we are encountering which is reflected in the FSCS' own observations.
That said, the industry seems to have a much better grasp of their systems and data to address concerns, which can only bode well for the industries ongoing compliance.