• John Burns, Non-Executive Director at Cornerstone FS plc


• 26.07.2023 11:00 am
#payments #emoney

Consumer Duty is a set of rules and guidance authored by the Financial Conduct Authority (FCA) for existing and new products and services in the financial services sector. The new rules are due to come into force on 31 July 2023. The main objective of the Duty, in the agency’s own words, is to “set higher and clearer standards of consumer protection across financial services and require firms to put their customers’ needs first”. Thus, Consumer Duty applies to products and services provided to both consumer and business clients. 

This article will review Consumer Duty and analyse its impact on payment services and e-money firms, as we are getting closer to the due date. 

Improving governance

While the Consumer Duty will apply to all firms supervised by the FCA, the regulator’s stated view that there is a governance issue with the payments sector means that for our industry, the governance around implementation of the duty is likely to be a major area of focus. The FCA is very much of the opinion that firms in our sector tend not to do enough with governance as well as risk management, and are unable – or unwilling – to take a step back to assess what proper governance should look like. Also, because payments and e-money firms are not covered by the Financial Services Compensation Scheme, firm failures are likely to cause losses to customers, which is something the regulator is desperate to avoid. 

One example that arguably illustrates how serious the FCA is with this issue is the recent evolution of its resourcing of payment supervision. When I was working at the agency’s predecessor, the Financial Services Authority (FSA), between 2008 and 2013, payment supervision merely involved two people. Whereas now, the FCA has a department of over 50 people. And crucially, this department is called ‘Payments Markets Intervention,’ a name which I think sends a message all by itself. 

Back in November, at a Payments Forum organised by Compliancy Services (now Cosegic), where I am still a Senior Advisor, an FCA spokesperson stated that “if you’re a payments firm and you appear on our radar for anything at all, you’re likely to be subject to a holistic review” – meaning assessing governance, safeguarding, financial controls, amongst other issues. 

In other words, payment services providers should operate on the basis that the FCA may enquire at any time about the controls they have set up. And that’s the other main part of the message in my opinion: it’s not enough to operate good governance, firms must provide evidence they are doing it correctly. 

“Good outcome”

At the heart of Consumer Duty is the introduction of a new Consumer Principle, which commands payment services and e-money firms “to act to deliver good outcomes for retail customers.” To put it simply, the FCA wants to see these companies deliver a higher standard of customer care and protection, and to implement tools and means that, in turn, enable their customers to make effective decisions in their best interests. This requires an understanding of what a “good outcome” would be for customers.

Not only that, but as mentioned earlier, the Duty also requires firms to provide evidence of good outcomes. This requires firms to “show their workings” and to be able to explain what the good outcomes are, why they are appropriate and how the firm’s arrangements ensure that they are achieved. This means they are expected to offer products and services suitable for customers; provide clear information; adapt and be flexible to the specific needs and requirements of their customers; and offer genuinely helpful customer support, which is easily accessible.

Furthermore, Consumer Duty will introduce a yearly review of existing products and services – at minimum – as well as of any new product and service. A good outcome for customers when it comes to payments services is arguably money arriving where customers intended it to. However, this begs the question: should payment services providers look further than that?

Tackling fraud

Most likely, Consumer Duty will be especially impactful in terms of tackling fraud. Firms are expected to have controls in place and to be able to demonstrate they have gone through the process of implementing measures to mitigate the risk. 

Let’s take the example of authorised push payment (APP) fraud – a scam where the customer is tricked by the fraudster into making a transfer to an account posing as a legitimate payee but ultimately fraudulent. APP can be accomplished via various methods, including phishing. While the Payment Systems Regulator is taking the lead in addressing this, the FCA is also taking a keen interest.

In the case of an incident, the FCA will ask the firm how their Consumer Duty obligations applied to said incident, and whether they could have foreseen the scenario. For instance, in addition to the ‘Payments Market Intervention’ department, the FCA made it clear that they have a Consumer Duty Intervention team ready from 31 July, which will be looking at any significant occurrence that is to the detriment of consumers. As a result, with Consumer Duty, the FCA will look at an APP case or any fraud incident through the perspectives of customer protection and fraud resilience. 

One final point worth mentioning is fraudsters are always thinking ahead. If things become difficult for them with traditional banks, they are likely to turn their attention to e-money firms and other payment services providers to set up recipient accounts for their fraudulent activities. Therefore, these companies should be careful and take precautions, particularly with customer onboarding. Fraudsters are always so much quicker at adapting and identifying areas of weakness than the consumers or businesses that they are defrauding, particularly when it comes to utilising technology. It is very important that all firms understand this and take steps to address the risk.