UK: FCA Letter to Authorised Credit Brokers

The FCA stated in the letter that they are concerned that many firms do not understand their regulatory requirements. A lack of regulatory awareness could be partially as a result of the large number of firms that are authorised to carry out credit brokering activities that are not primarily financial services companies, but are instead goods /services companies who introduce their customers to third party lenders in order to finance a purchase.

We recommend that all authorised credit brokers should have in place a comprehensive (but practical) compliance manual that details the key regulatory obligations and how these rules apply to the business model of the firm. Furthermore, firms should have a training programme for staff on the regulatory framework that apply to the firm, in particular, staff who interact with consumers regarding credit products.

Furthermore, the FCA note in the letter that some firms did not understand what permissions they need to obtain from the FCA. Whilst the FCA does not elaborate on this point, in our experience, some firms have applied for permission whilst not being clear on whether they need limited or full permission to carry out their activities. Another example is where firms have expanded their credit activities since apply for permission and now operate outside limitations placed on their licence.

The FCA observed that some firms have poor oversight of staff and/or ARs’ activities which leaves sales practices unchecked, which potentially increases the risk of mis-selling, fraud or other poor consumer outcomes.

In this regard, it is important that firms have procedures in order to monitor compliance of staff with the firm’s compliance policies / procedures and how the firm reviews appropriate data information (e.g., sales data, complaints data, cancelation numbers etc) in order to identify potential compliance issues. In our experience, even where firms do take appropriate and proportionate steps to monitor compliance and oversee the activities of staff and agents, there can often be shortfalls in how these procedures are documented that can lead to challenges arising when needing to demonstrate compliance to the FCA.

In the last couple of years, we have noticed an increase in the number of firms in the market offering “regulatory umbrella” services to merchants who wish to provide their customers with an option to pay for goods/services on credit provided by third party lenders (e.g., firms like Klarna). Such firms appoint the merchants as “appointed representatives” enabling them to provide credit brokering activities. Firms operating in this space should review their policies and procedures to ensure that they have proper oversight of their ARs and any issues identified are quickly escalated (and documented) and appropriate action is taken to avoid customer detriment. The FCA state within the letter that they are carrying out work with a number of firms to look at the credit brokers of Third Party Finance Providers (“TPFPs”) as part of the FCA’s approach to supervision.

The FCA noted the increased risk of harm to customers by domestic premises suppliers where the sale of goods or services is made in the customer’s home, especially when such customers are vulnerable.

How firms deal with potentially vulnerable customers has been a long standing objective of the FCA and previously the OFT – so there can be little surprise that the FCA have included treatment of vulnerable customer as a risk. Such risk is particular heightened when sales staff visit the customers home – as customer could feel under increased pressure to purchase the product and it can be more challenging to oversee the conduct of sales staff. Accordingly, the FCA have identified firms that sell good / services in customers’ homes (so-called “domestic premises suppliers” or “DPS”) as potentially presenting a high risk of consumer harm. Given the increased risk posed by domestic premises suppliers, we recommend that such firms should have specific policies and training tailored towards the specific mis-selling risks that this sales method presents. This should involve more prescriptive guidance for staff involved in this activity and an increased level of compliance monitoring. Firms should consider whether additional steps could be introduced to the sales process to mitigate the risk of mis-selling, for example, proactively contacting the customer (by phone) following selling finance products in the customer’s home in order to check that they would like to continue with financing arrangement and / or requiring staff to play a pre-recorded message containing key information to the consumer. The FCA also notes that many domestic premises suppliers’ remuneration model is 100% commission or sales bonuses – which could lead to staff pushing financing options in order to maximise sales. The FCA state in the letter that they intend to explore DPS firms further to identify whether adequate controls are in place to mitigate such risks.

All firms, whether or not they sell products / services in customers’ homes, should ensure that they have in place appropriate written policies and procedures for dealing with vulnerable customers that meet the applicable regulatory expectations.

The FCA stated within the letter that key risks included misleading or inaccurate financial promotions and firms not explaining the level of service provided, or other factors likely to influence a customer’s decision. The FCA also identified that firms who are responsible for providing product information could cause harm if they do not provide adequate or relevant information to allow consumers to make informed choices about finance products or taking reasonable steps to ensure recommended products are not unsuitable

It goes without saying that firms need to ensure that financial promotions comply with the rules set out in CONC 3 and all financial promotions are fair, clear and not misleading. However, firms should go beyond simply applying a tick based approach to compliance with the FCA / CCA rules, but instead should be also taking a more holistic approach to reviewing advertising and online customer journeys to ensure that a customer has the necessary information to make an informed decision – without solely relying on customers reading the small print. The FCA state in the letter that they are concerned that customers are making uninformed decisions, for example, signing up to poor value deals.

Customers should be clear that they are dealing with a credit broker and not the lender and should also be made aware of what services the credit broker is providing. For example, the FCA identify in the letter factors that may impact on a customer’s decision (and therefore may need to be brought to the customer’s attention), including, whether the broker has arrangements to refer customers onto specific lenders or the firm gets commission from an introduction to the lender.

Whilst firms often test their online / telephone customer journeys “off-line” with feedback groups before going launching a new process in order to gage customer satisfaction – this process can also be helpful in assessing whether the participants are receiving and considering the key information regarding the credit product or whether the information is not being presented in a way that facilitates the customer taking it on-board. Documenting the results of the test and any changes made to address negative results can be helpful when demonstrating compliance to the FCA. In our experience of developing credit products with our clients, it is possible to have a positive customer experience which keeps friction to a minimum – whilst ensuring that customers are treated fairly and complying with the applicable regulatory requirements.

Operational resilience has been a major focus of regulators in recent times across all financial services sectors. We recommend that all credit brokers should take steps to identify and document the risks that there business face from technology (including cyber-attacks) and how these risks are being mitigated. For some firms, the risk of customer determinate as a result of a technology failure / cyber-attack will be greater than for other firms and therefore such firms can expect greater scrutiny on their risk management in this area. Firms should ensure that operational resilience is embedded in the firms risk management framework and that they can demonstrate to the FCA that it has taken proportionate steps to mitigate such risks. We expect increased level of enforcement action in the coming years in regards to failure in operation reliance both from a prudential and a conduct perspective, not only action against firms but also enforcement action against senior managers could be on the cards.

We expect that most regulated credit brokers have already considered at some level most of the risks set out in the FCA’s letter. That said, firms should take the opportunity to review their risk management frameworks and related policies and procedures to identify whether any improvements could be made in these areas. Firms can expected increased scrutiny on these issues with potential enforcement action taken against firms with significant weaknesses. Therefore, it important that firms clearly document the steps it takes to mitigate the risks identified in the FCA’s letter.