Continuing 'Music' Lessons from FCA Enforcement – Even When There Isn’t

I continue my review of FCA enforcement cases to draw practical lessons about risk management.  See my previous posts here and here.  One example of a music note is a ‘rest’, which tells you not play your instrument.  I have come across a similar one in terms of FCA enforcement.  This is about an FCA announcement that explains a breach of FCA rules where no enforcement action in terms of a fine is mentioned.  

The case relates to charges of mortgages arrears by the Yorkshire Building Society.   The FSA handbook only allows charging cost-reflective arrears fees (MCOB 12.4R).  However, arrears is defined in the FSA glossary as missing more than two payments.    

The FCA press release (here) does not provide a lot of details about the case.  It suggests that the issue was discovered after the FCA raised concerns.  It is usually not an ideal starting point when a regulatory breach is discovered in the course of a supervisory visit.  The Yorkshire Building Society found that “some of its customers in arrears may have been charged fees incorrectly”.  So in this case, we cannot learn what the actual breach was.  Was it that the building society charged arrears too early? Were the charges “excessive”, i.e. with respect to costs?  I don’t know but we can still learn from this silence.  

The FCA press release says that the building society “will voluntary refund all administration fees for mortgage arrears since January 2009”, which means that “borrowers who were charged correctly will also receive a refund”.  The amounts involved are not trivial: £8.4m to be refunded to nearly 34 thousand customers.  Just to put this in context for the business, this represents about 5% of the societies' profits in 2013.  This would probably underestimate the total cost which will include running an operation to reach out former customers and make the refunds as agreed with the FCA.  

The FCA handbook includes a section on enforcement, which sets out the considerations that the FCA will take into account to decide whether to take action for a financial penalty or public censure.  There are two considerations for the FCA: the seriousness of the breach and the response of the regulated firm.  You read about the specific considerations in the enforcement notices as part of the decision process to set the fine.  They usually include a reference to the co-operation of the firm in the investigation of the breach.  The considerations also include “any remedial steps the person has taken in respect of the breach” and “the likelihood that the same type of breach will recur if no action is taken”.  

The lesson is rather simple.  We focus on risk management as the tools of reducing the likelihood or impact of events.  However, the unpredictable can happen and then proactive risk management is about working with the regulators to address the issue in a way that minimises legal costs and reputational costs.  Compensating customer is the ultimate form of redress.  It suggests that delivering extensive compensation (here to all customers on mortgage arrears since 2009) and, I guess, quickly can have an effect.  

The FCA has shown that it is willing to read the Handbook in the round and not take enforcement action when, in its judgement, it’s in consumers' interest.  

Solvency 2 Training

Solvency 2 implementation is approaching fast.  I am running a training course in early April organised by Euromoney.   Over three days, I will provide a solid overview of Solvency 2.

Further details about the course, including an overview and dates, can be found here.

More ‘Music’ Lessons from FCA Enforcement

I mentioned in my previous post (here) about the contrast between the inability to learn music from the noise that a grand piano would make if dropped down a staircase and the ability to learn lessons about risk management from FCA enforcement actions.   On this occasion, I am reviewing the FCA enforcement notice against ‘JLT Speciality Limited’ (JTLSL) from December 2013 (here – all references are to this document).  

JTLSL provides insurance broking, risk management and claims management.   The enforcement case concerns failures of its anti-bribery and corruption arrangements.  This is a specialised area of the FCA Handbook.  However, the lessons are quite wide and applicable to other areas of financial regulation.

The ‘relevant period’ of the breach appears relatively long: from Feb 2009 to May 2012.   The resulting fine was £1.9m. 

Interestingly, while the FCA has been emphasis outcomes as a driver of regulatory intervention (‘The FCA approach to advancing its objectives’, July 2013), in this case the FCA seems less keen on it.  The FCA acknowledges that there is no evidence that the company had permitted any illicit payment or inducement to any overseas introducer.   

As it is usually the case, there were policies and other high-level statements setting out the company’s expectations in terms of how the risk of bribery and corruption should be managed.  At different times, it appears that the shortcomings were related to the:   

(a)   lack of practical requirements to enable the appropriate activities to take place; this includes the lack of requirement on employees to take steps to establish whether the introducer was connected to the client (para 4.22); and the lack of ‘any’ guidance to enable employees to operate the high-level anti-bribery and corruption procedures in place (paras 4.11 and 4.12);

(b)    failure to follow the company policy requirements;  the FCA refers to the failure to gather the required information to assess the risk (para 4.36) and to follow up the actions required in the policy, typically, an enhanced sign-off if certain conditions were evidenced (paras 4.37 and 4.38).

These are important lessons to anyone working in the implementation of regulatory requirements.  

A slightly different, and equally interesting, remark in the enforcement notice is about the challenges of gap analyses, in particular where FCA rules and legislation (Bribery Act, 2010) cover the same area.  Typically, financial services regulators impose more onerous and comprehensive requirements than general legislation so the choice of benchmark is vital.  This means that the extent to which gaps may be identified and the reassurance provided by a gap analysis would depend heavily on the benchmark selected. 

I mentioned earlier that this enforcement case relates to a period of over 36 months. During this time supervisors visited the company three times to assess systems and controls in relation to bribery and corruption.  JTLSL also accepted a voluntary variation of permission such that it ‘was unable to enter into a new relationship with third parties without prior approval from an independent skilled person’.  

Not surprisingly, the FCA recognises the costs incurred by JTLSL, in terms of financial costs, opportunity costs and management time. 

I am therefore left with a simple question: why wasn’t this fixed in a timely manner to avoid enforcement action?  I don’t really know.  I have read and discussed the importance of the ‘tone from the top’ on regulatory issues which sets out priorities for employees.  I wonder if this could have been a factor.