The new Consumer Duty (the Duty) is the Financial Conduct Authority’s (FCA) package of measures, which sets out higher and more defined standards to protect financial service consumers in retail financial markets. The Duty requires firms to evidence that they are delivering on the overarching Cross-cutting rules and Four Customer Outcomes (Outcomes). At a high level, the Cross-cutting rules set out good customer outcomes that are expected to be delivered, while the Outcomes provide the regulators expectations across the firm’s customer relationships.
The Duty will likely require firms to review their business models and customer distribution channels to identify points at which they interact with retail customers. This will enable firms to put customer outcomes at the centre of their business.
From our current work with clients and engagement with the FCA, we understand that a firm’s anti-financial crime program is one of the key areas where there is potential to cause consumer harm. Therefore, it should be included within a firm’s preparation plan to comply with the Duty. To help avoid causing foreseeable harm, firms should ensure the effectiveness of their anti-financial crime program controls that are embedded within the customer journey, at on boarding and during the ongoing relationship.
The FCA has set out key dates for implementation of plans, reviews and program changes that firms should be working towards to ensure compliance with the Duty. In this article, we shall explore some implications for anti-financial crime programs that firms should consider as they progress through the key milestones.
Anti-Financial Crime Program Implications
Firms should keep their obligations under both Outcomes and Cross-cutting rules at the front of their mind when interacting with customers. We have identified four key areas within anti-financial crime programs where the underlying policy and procedure typically impacts customers and has the potential to cause undue harm. It is these touch points that firms will need to examine to ensure they are compliant with the Duty.
Consumer duty measures should be captured and monitored as part of firms’ anti-financial crime program governance and oversight. This would typically include continually considering consumer outcomes, for example, in the context of customer communication, outsourcing and program management.
Firms need to exercise judgement and adopt a reasonable and proportionate approach to monitoring customer communications and act where issues are identified. They should have appropriate governance processes in place to oversee communications sent as part of their anti-financial crime due diligence activity, and they should consider keeping a record of any relevant actions taken.
If part of the anti-financial crime program activity is outsourced to a third party including intragroup, the firm remains responsible for ensuring the outsourced service meets the Duty. Therefore, firms should have systems and controls in place to monitor customer outcomes even where there is a dependency on a third-party service provider to provide assurance that it is meeting its regulatory obligations.
- Know Your Customer (KYC)
KYC processes should be designed in a way that meets the firm’s anti financial crime obligations but without compromising the needs of customers, including those with protected characteristics (ethnicity, age, gender) and characteristics of vulnerability (health issues, life events, capability). Firms should review their standards and enhanced due diligence processes to ensure they do not unduly prevent any one group, from accessing the firms’ services.
For example, firms could consider how customers respond to requests for information and the reasons the right documentation is not returned/obtained in practice. This might indicate that the firm’s request does not reflect the customers’ circumstances, or the communication has not been understood. Practically there can be a difficult balancing act for firms between meeting anti-financial crime regulatory obligations and customer needs. However, informative data enables firms to take a more targeted approach to assessing their control environment and identifying unintended consequences, such as consumer harm. Then, firms are better placed to explore alternative options to meet their regulatory obligations in a way that accounts for their customers circumstances e.g., seeking alternative forms of identification and verification or communication.
- Sanctions Screening
Firms should review their sanctions programs, policies, and rules to ensure they can implement sanction legislation efficiently without unduly negatively impacting the customer. For example, by reviewing sanctions screening tools to ensure the criteria for detecting and stopping outgoing payments which may be in violation of sanctions are justifiable. Firms should have reasonable service level agreements in place to review sanctions alerts and ensure the investigation does not unreasonably impact the customer. This includes having appropriate resources available to review and escalate such alerts.
There are various steps a firm can take to evidence they are meeting anti-financial crime regulatory obligations whilst minimising consumer harm. For example:
- Firms should complete transaction monitoring rule effectiveness testing to minimise high false positive rates and transactions that require manual intervention which can delay customer’s payments.
- Investigating a potential fraud case can impact on the customers' available funds or access to their account. Staff should be trained to support customers, including those in financial difficulties. Firms should take particular care when communicating with customers in vulnerable circumstances, considering their needs.
- Firms should review their suspicious activity reporting (SAR) processes, for example, to assess whether they are taking a reasonable amount of time to complete the end-to-end review from initial alert to requesting a Defense Against Money Laundering (DAML). Holding funds for a prolonged period can cause an unjustifiable negative impact on the customer.
There are many actions a firm can take to prepare for and ensure ongoing compliance with the Duty as shown in the tips we have set out above. For more information, get in touch with our Deloitte Forensics team:
Del Nadarajah – Partner
Sarah Jordan – Director
 The Outcomes provide more detailed expectations across the key elements of the firm-consumer relationship including products and services, price and value, consumer understanding and consumer support.