Four years on and following the FCA’s latest figures showing a rise in the number of adults with characteristics of vulnerability between March and October 2020, what has happened to address the issue?
Time and time again, banking and financial services tell us, ‘We know who our vulnerable customers are’.
Banking and financial services must start sharing data where they know vulnerability existsThe reality is that they are likely to have been made aware by a small number of vulnerable customers. And even then, there is a lack of awareness of the extent to which that person is vulnerable.
Those particular customers will be dealing with multiple other organisations, across different sectors, to whom they may have not revealed their vulnerable circumstances. It is not a one-sector problem. A person who is vulnerable in one area, is vulnerable across the spectrum.
The only way to truly address the issue effectively is through data sharing. Banking and financial services must start sharing data where they know vulnerability exists, in the same way data on credit, fraud and affordability are shared. And they must start carrying out vulnerability checks in the same way they carry out credit, fraud and affordability checks.
The sheer volume of webinars and discussions now taking place on this topic demonstrates an awareness of the need to share data on vulnerability. There is a clear consensus that it is the right thing to do. And there are solutions to enable it to happen easily despite the complex legacy systems that some banks are burdened with, but it is still not happening in this sector.
Sadly, vulnerability is not an issue knocking at the door as the highest priority, nor showing as an immediate emergency. That is not to say that organisations are not taking any action at all.
In fact, many banking and financial services have taken a deep dive into affordability and overindebtedness to be proactive in identifying vulnerable customers.
While this can provide an indication of where vulnerability might exist, the crucial point here is that not everyone in debt is necessarily vulnerable. Nor are all vulnerable people necessarily in debt.
Thus too many vulnerable customers are slipping through the net. As such, what we are seeing is ‘action’ that works around the edges rather than addresses the issue. They are ‘quick fixes’ and do not go far enough.
So what are the reasons for a lack of movement on data sharing?
Banks and financial services are facing major operational challenges themselves. Sharing data on vulnerability is falling behind other business objectives. The FCA has provided extensive guidance on the subject.
However, the industry, it seems, is waiting for the regulators to be absolutely prescriptive about what it should do. This is not possible on a subject like vulnerability. It is far too complex. There are far too many eventualities, combinations and scenarios. We are unlikely to ever see a concrete set of rules on a subject like vulnerability.
Data protection is also appearing as a barrier to processing data on vulnerability. We are seeing organisations tie themselves up with General Data Protection Regulation for fear of breaching it. As a result, they are not helping the people that need help as much as they could be. Done right, it does not need to be the case. There are points within GDPR that allow the processing of this data.
If banks and financial service companies can access a data-sharing scheme with ease, like the Vulnerability Registration Service, which gives them the ability to instantly identify customers within their own database with all kinds of vulnerabilities, then why are they not doing it?
Take for example the risk of coercion. Banks and financial services companies are very unlikely to get many victims proactively identifying themselves as suffering from financial abuse.
However, if these victims have been identified across other organisations from other sectors, then banks and financial service companies have an opportunity and an obligation to use that information.
A cross-sector challenge
Vulnerability is not just being driven by the FCA. There is equal pressure in utilities and insurance, as well as in the public sector. It is an issue for any organisation that deals with consumers. But everyone is working in silos.
Areas of government are recognising the problem of working in silos and trying to move on it. There is traction on the issue from the collections industry as they are dealing with the most severe situations. The utilities sector is also one step ahead with talks on data sharing progressing in this area.
But within banking and financial services, the issue is being tackled from the edges rather than the centre. Data sharing needs to be moved high up on board agendas. The impetus is there. The consensus is there. The tools to make it happen easily are there. So what are they waiting for?
Helen Lord is director of the Vulnerability Registration Service (VRS)