We have a bumper regulatory update this month, as we report on a number of significant initiatives to do with the collection of regulatory fees and the funding of the Financial Services Compensation Scheme, redress for bad pension transfers and a new industry-wide code of conduct.

Andrew Bailey, the FCA's chief executive, recently delivered a speech at the Investment Association annual dinner. In it, he focused on the jobs that the investment management industry does, the regulatory and public policy considerations that relate to it and the main issues faced by market participants and regulators alike. He thought that public policy makers faced significant challenges from the following.

• Consumers' behaviour, primarily the behavioural effects of low retirement savings returns, a decrease in the ownership of assets and a widespread move away from traditional life insurance products.
• Brexit. Here he talked about the need to keep financial markets 'open' and have a regulatory system that makes various people co-operate closely and tell each other things.
• An Asset Management Market Study, the recommendations of which include changes to fund governance, a greater for the public to see what is happening at firms and more sensible incentives. Firms have made good progress with their changes, but some problems remain.
• Innovation - the FCA's word for advances in IT. The FCA has established a start-up unit for investment managers and other units have supported innovation as well. The idea is to make competition effective.

The statement about MiFID II's inducements and research reforms

People in the industry are worried that the introduction of the European Union's second Markets in Financial Instruments Directive could cut them off from valuable research from outside the EU. As a result, the European Commission and the US Securities and Exchange Commission have both released statements outlining ways in which firms can continue to access such research while remaining compliant with MiFID II and other international regulations.

The FCA has welcomed this move to enable firms to continue to access valuable research from outside of the EU, while maintaining the high levels of investor protection demanded by the international regulatory regime.

Annual reports

The FCA has responded to the annual reports of five statutory panels which comment about its priorities and future areas of focus. The panels raised a number of cross-sectoral issues.

• Brexit. The need to maintain regulatory stability during this process, as far as feasibly possible, is an issue. In its response, the FCA said that it wanted to keep talking to the panels and the wider market as Brexit progresses.
• Vulnerable customers. Both the Financial Services Consumer Panel and the FCA Practitioner Panel has said that the FCA ought to do more to identify issues affecting vulnerable customers, including financial exclusion. The regulator said that it wanted to understanding those issues better.
• The responsibility of firms and their duty of care. The FCA has discussed the benefits and drawbacks of introducing a duty of care with each panel and intends to publish a consultative paper on the subject alongside a 'handbook review.' This will happen once the nature of Brexit and the future relationship between the UK and the EU becomes clearer.
• Cost effectiveness and value for money. The panels talked about thte burden of regulation and the risk of 'regulatory overload.' The FCA believes that its move to a sector-based approach will lead firms to spend less time and money on compliance and make its relationship with them more effective.
• Cyber resilience, financial crime and technology. All panels raised concerns in these areas and thought that the FCA ought to co-operate more closely with market participants to detect and prevent attacks and breaches. The FCA is already taking steps in this direction.

The panels also raised issues relating to their areas of expertise. The Financial Services Consumer Panel mentioned the following.

• The need for the FCA to be more proactive in forcing firms to compensate people over Payment Protection Insurance (PPI), particularly when using its powers under s404 Financial Services and Market Act 2000 in relation to redress schemes. The regulator will continue to monitor the progress of such schemes and take action if it believes that standards have fallen.
• Accessibility and the use of jargon in the FCA register. The FCA is trying to improve the way in which it communicates with people in general and, as part of this, wants to "simplify and remove access barriers."
• The panel thought that the regulator was not doing enough to protect customers from various things when it came to credit, especially in the case of unarranged overdrafts.

The FCA Smaller Business Practitioner Panel also raised concerns about the consumer credit market.

• It wants the regulator to complete all outstanding applications for authorisation, which it has committed to do by the end of this year.
• It wants it to investigating the effect of differing charging models for remuneration in the car finance industry.
• It wants it to tackle systemic risk in the Direct Debit Guarantee Scheme.

Guidelines to govern redress for bad DB pension transfers

Having consultated interested parties earlier this year, the FCA has come up with a "redress methodology" for unsuitable defined benefit (DB) pension transfers in some 'finalised' guidelnes. In doing so, it has made some recalculations to take recent changes to market conditions, consumer behaviour and its own expectations into account.

Having paid attention to practitioners' comments, the FCA has made the following changes to its guidelines.

• It has revised and published its assumptions about inflation rates in the light of changes to the Bank of England’s data.
• It has emoved the "lifestyling element" from the pre-retirement discount rate.
• It is allowing firms to use actual pension charges, up to a maximum of 0.75%, to calculate future charges.
• Wherever firms have "applied adviser charges," or are assuming that they will continue, it is making some allowance for them, on top of fund charges;
• It has allowed for commencement lump sums paid in addition to, not just alongside, annual income.
• When there is an actual loss, the firm in question may now use marital status and known pension commencement lump sum payment percentages in its calculation.
• If it knows it, the firm can now use the actual age of the spouse in its considerations.
• The FCA has amended the methodology by which a firm should value any enhancements it has received alongside the transfer value.

The FCA also said the following.

•  Where appropriate, firms may also use "the revised calculation" in cases relating to opt-outs, non-joiners and FSAVCs.
•  The calculation, in each case, will be valid for three months from the date of issue.
•  It is clearer than it was in its attitude towards State Earnings Related Pension Scheme (SERPS) cases.

Funding the FSCS

As part of its continuing review of the funding of, and protection provided by, the Financial Services Compensation Scheme, the FCA has released a detailed paper that contains feedback from a consultative paper called CP16/42, plus 'final rules' and further proposals for consultation.

The proposals and final rules outlined in this paper are intended to look at the following.

• How to persuade firms to harm customers less by refraining from doing things that are not covered by their professional indemnity insurance (PII).
• How to to reduce the burden on the FSCS with alternatives to capital and PII.
• The fact that people see the levy as unpredictable and volatile.
• The idea of increasing compensation rates to keep up with changes in the pension market.

In the light of responses to CP16/42 the FCA has published its final rules to govern the operation and scope of the FSCS, with the following consequences.

• It has extended the scheme's coverage to certain aspects of fund management and introduced for certain debt management activities and structured deposit intermediation.
• Lloyd’s of London will now contribute to the retail pool on which the fund can draw if certain funding classes "breach their affordability thresholds," in the FCA's parlance.
• The FCA has imposed more reporting requirements, which could pave the way for future levies to be based on risks.
• It has also changed payment terms. Because of this, it will ask some firms to pay a percentage of the levy on account, thereby removing the option of payments by direct debit.

Proposals for consultation include the following.

• There ought to be changes to funding classes and contribution levels, including the merging of the two classes of Life and Pensions and Investment Intermediation. This, the regulator thinks, might require 'providers' to contribute 25% of compensation costs attributed to the intermediation class and might invovle the reclassification of Pure Protection Intermediation as General Insurance Distribution.
• The FSCS compensation limit should increase for certain claims to accommodate changes in the market.
• The claims limit for the intermediation of long-term care insurance should come into line with the limit for other forms of pure protection.

The FCA is also canvassing opinion about its proposal to require certain types of Personal Investment Firms (PIFs) to establish trust funds or purchase surety bonds to cover the cost of any claims to help reduce the burden that the FCSC places on other firms. The regulator is also keen to receive views about its idea of preventing PIFs from purchasing PII, with exclusions for insolvency.

An Industry Code of Conduct

Although the FCA thinks that it has a clear set of 'conduct' rules for regulated activities, it also expects regulated firms to do various things when they are undertaking unregulated activities and it is less clear about this. It has now published a consultative paper on the subject. In it, it lays out the approach it wants to take to 'supervising' and enforcing the Senior Managers and Certification Regime (SM&CR) for authorised firms’ non-authorised activities. This contains plans to 'formally recognise' industry codes of conduct that it likes, without making those codes copulsory. The paper also proposes to extending the application of the FCA’s 'principle for business' 5 to all unregulated activities. This orders firms to "observe proper standards of market conduct." The regulator hopes that this will encourage firms to follow "enhanced conduct standards," even if these not binding or regulated. Its ultimate aim is to make it easier for itself to take action against serious misconduct.

The regulator's perspective on robo-advice

Bob Ferguson, the head of the Strategy and Competition Division at the FCA, recently delivered a speech on robo-advice. He thought it was good for the industry, for consumers and for regulation because it could boost competition and narrow the 'advice gap' by providing access to currently unserved and underserved customers. He recalled that the FCA had spotted a couple of emerging themes two years ago. It found that initiatives that harness a combination of humans and automation seems to be the 'modem of choice' for bobo business models and that consumers were not searching for ‘financial advice’ online, focusing instead on particular products. Firms need to offering things explicitly from the so as not to confuse consumers or mislead them about the types of service they are buying.

What are the key risks for firms as they develop robo-advice models? Ferguson outlined his views.

• Although other countries have begun to develop them and their regulators have responded with different approaches, it is not necessarity right for the UK to plump for a model that works abroad. Therefore, the FCA needs to design a regime that works from the perspectives of both regulators and consumers.
• Although robo-advice models offer firms the potential to  manage large and widely distributed salesforces well, the risks of mis-selling remain in place and can trip up any model that is poorly designed and not suitably governed.

 
Although the robo-advice market is still taking shape, the FCA has said that its main focus will be on results or 'outcomes,' as it is with traditional advice, so the industry can expect it to become more critical, particularly when in the process of authorising things.

The FCA’s future approach to consumers

In the FCA’s mission document for this year, it promised to publish a range of things to outline its expectations. The first of these documents, entitled The Future Approach to Consumers, sets out its 'initial' views about "what good looks like for retail customers" and sets out how it will diagnose and remedy actual and potential harm. Its approach has been significantly influenced by the results of its 2017 Financial Lives Survey. The main points are as follows.

• The document repeatedly makes it clear that the FCA has finite resources and needs to make a point of protecting those consumers who need it most, rather than all consumers. This is a significant departure from previous thinking.
• The FCA says that its approach "will be based on what we about how consumers really behave, rather than theory." This is a nod to a sharper focus on results and principles rather than just the rules, and shows the importance of evidence of customer bias and behaviour.
• The paper also says that consumers should take reasonable responsibility for their choices and decisions (Principal Four of the Principles of Good Regulation). This seeems to be an important shift for the FCA and is something that Andrew Bailey has repeatedly mentioned throughout the mission process;
• ‘Choice Architecture’ i.e. the way information is framed, is a key theme in the paper. The FCA will expect firms to think about how this affects consumers’ ability to make good decisions.
• It is noted that 7.7 million adults in the UK are over-indebted and that debt is a clear priority for the FCA.
• Although the paper says that technology might be good, it expresses an underlying concern that it will not benefit or support all customers and that some may be left behind.
• Vulnerability is another of the themes, with much made of the fact that although many consumers may be vulnerable to various things, this should not exclude them from having the same options and level of access to services as everyone else.

Effective MAR compliance is a state of mind!

The FCA’s Director of Market Oversight, Julia Hoggett, recently delivered a speech on the EU's Market Abuse Regulation (MAR) and wider market abuse regime, in which she explained the FCA’s developing approach and how it expects the industry to approach its obligations in this area.

Ms Hoggett began her speech with the assertion that MAR compliance is a state of mind. To be effective, she thought, the fight against market abuse must rest on more than a set of rules. Market participants must have the right mindset to be constantly vigilant, identify potential instances of market abuse and take the appropriate steps.

She also emphasised the need for oversight and compliance to evolve continually in response to changing market conditions. She thought that firms should consider the market holistically; the regulator’s own oversight practices have certainly evolved significantly over recent years.

The FCA is always trying to conduct better surveillance, but wants firms to detect and offset market abuse as well. Both the regulator and market participants must foster a culture of collaboration to ensure that the markets are as cleanly as possible.

Regulatory fees and levies in 2018/19

The FCA is consulting interested parties about a number of changes it wants to make to the way it raises fees and levies next year.

• Insurers' tariff data. The EU implemented 'Solvency II' in 2016, obliging the FCA to amend the FEES Manual rules to do with tariff data. Last year it decided to reuse the 2016/17 tariff data for calculating 2017/18 fees. Now, the FCA is proposing to use some revised tariffs put forward by the Prudential Regulation Authority, but maintain the current weighting between liabilities and premiums.
• The Financial Ombudsman Service (FOS) Compulsory Jurisdiction (CJ) levy. The regulator proposes to use the same revised tariff data used to calculate FCA periodic fees, but "remove the differentiation between relevant business." For the Voluntary Jurisdiction levy the proposal is, again, to use the FCA period fees tariff data but "maintain the differentiation between relevant business."
• The Financial Penalty Scheme (FPS). The FCA conducted a technical review of the scheme, which outlined the way in which it "applies retained penalties as rebates" within certain fee-blocks. The regulator now is proposing to add more fee-blocks to this scheme.
• The definition of 'income' for consumer hire agreements. The FCA is asking the industry whether it thinks that inconsistencies exist between the way in which it defines 'income' for consumer hire agreements and the way it does so for unsecured loans. If anyone in the industry supports a new definition, or presents clear evidence of inconsistencies, the FCA may consult interested parties about new rules for 2019/20.
• Mandatory online invoicing. The FCA is also asking people whether it ought to move to an online invoicing system, which it thinks would be more efficient than the present one, along with something it calls "fee collection processing." It is thinking of charging firms that want to continue receiving paper invoices an administration fee.
• The Money Advice Service (MAS) debt advice levy. The FCA is asking interested parties about its plans to change the way in which this levy is collected from firms involved in lending activities. Relevant firms have provisionally been contributing though the Consumer Credit levy. The FCA wants the levy to be collected through a new consumer credit fee-block (CC3), with the tariff base being calculated with reference to the value of lending. This, it hopes, will remove the Debt Advice Levy for A1 firms and remove the need for the Consumer Credit Levy.

Cyber-resilience and 'supplier risk'

In a recent speech, Nausicaa Delfas, the FCA’s Chief Operating Officer, highlighted the key considerations for firms in managing their cyber resilience, particularly the risks posed by suppliers or so-called third parties.

Cyber-resilience is one the top priorities for governments and regulators around the world. If it is weak, it could frustrate the FCA’s objectives and lead to consumers being harmed through:

• the disruption of markets;
• personal data being lost, stolen or compromised; and
• denial of access to core banking services.

The FCA (like this publication) does not believe that cyber resilience is purely an issue for IT departments. Firms should, instead, tackle it through a combination of people, processes and technology. Much like culture, it needs to 'business-led' and "driven from the top." Ms Delfas outlined the following questions that boards and senior managers should ask of their minions when trying to determine whether their firms are acceptably 'cyber-secure' and that controls are meeting their expectations.

• Are you aware of the value of the company’s critical information and data assets?
• Are you regularly kept informed of the cyber threats to the business and critical data assets?
• Do you have a documented risk appetite for cyber risks and is this reflected in day-to-day decision-making?
• Have you reviewed your firm’s attitude to 'sweating' assets in the context of cyber-resilience?
• Do you have the necessary systems in place to detect, and effectively respond to, a cyber-breach?

The issue of cyber-resilience in supply chains (or the controls that surround them) was also raised, with Nausicaa Dalfas citing examples of data losses have occurred as a result of weaknesses within the supply chain. The regulator is especially worried about the use of cloud-based computing, but knows that any part of the supply chain can be open to attack. Ultimately, Dalfas argued, firms ought to focus on:

• working towards a culture in which cyber security is at the forefront of all activities;
• ensure that processes are robust enough and will enable them to recover from (and respond to) attacks effectively; and
• doing the basic things they need to do to be 'secure.'