From a holistic standpoint, key cross-sector priorities only serve to reinforce the regulator’s focus on the quality of governance and culture in firms in its 2019-20 business plan.
As well as the extension of the Senior Managers and Certification Regime to all authorised firms, there are also interesting references to the “purpose” of financial services firms and around the concept of customer “harm”:
- Firms should therefore be reflecting and asking themselves critical questions on what their “purpose” is, what customer needs they serve, how they fulfil these and also how they monitor them.
- They should also think about where consumer “harm” could be more likely or risky in their organisations and be able to articulate how they both understand and manage this when asked. Particular areas of relevance include product governance, outsourcing, and business model impacts on customer behaviour.
More broadly, operational resilience is a key theme of the Financial Conduct Authority's 2019-20 business p;an. This includes outsourcing, use of third parties, change management, cyber security and resilience.
It is very interesting that 17 per cent of the incidents firms report were caused by an IT failure at a third party supplier – the second highest root cause of disruption (the highest being IT and new system deployments/upgrades).
Fair existing customer treatment is also called out – e.g. whether existing customers could be getting “penalised” for their loyalty. This issue presents itself across different areas – from insurance policies to savings accounts.
It is also particularly relevant in the context of vulnerable customers and customer resilience.
Going forward, the FCA notes “longer term” priorities include innovation, data and changing customer demographics.
While these are all very relevant areas, there is always a risk of how well focused reviews in these areas will be. So future clarity around the scope and outcomes of these reviews is very important, as is understanding customers that could be more vulnerable and changing practices as needed.
Brexit, Mifid and duty of care
Unsurprisingly the business plan notes that firms, consumers and the markets have weathered a considerable period of Brexit-related uncertainty.
With UK politicians still unable to reach a consensus on what terms the UK should leave the EU, the FCA notes that Brexit will “no doubt continue to place considerable demands on us”.
To that end the FCA has identified total funding for EU withdrawal to be around £22m for 2019-20, although this may change depending on what form Brexit takes.
This is £8m down from the reported £30m stated in the Business Plan for 2018-19. The reduction may be down to the work the regulator has already done in getting the handbook ready for a no-deal scenario, but £22m suggests that there is still plenty to do this year.
On Mifid II, the FCA mentions in a number of places in the business plan that it continues to examine how firms have implemented the regulatory requirements.
In particular, Mifid II is mentioned as a sector priority for wholesale financial markets (including more work on conflicts of interest) and for the investment management sector the regulator warns that its review of Mifid II implementation “will assess how asset managers oversee the design of their products, identify their target market and monitor their products and distribution activities”.