Posted: 23rd July 2013
Busy with daily workloads, we tend to disregard enforcement publications that appear unrelated to our day to day role. Whilst there are often lateral lessons from regulatory fines, the recent Sesame fine is of particular relevance to firms beyond networks. In fact, it provides insight into the regulator’s expectations regarding governance and measurement of culture under the new conduct regime for all firms.
The Financial Conduct Authority (FCA)’s view is clear: firms must have effective measures to test whether outcomes for customers are fair. If you were looking at your firm’s culture and controls today, how comfortable would you be with their effectiveness in testing and achieving fair customer outcomes?
Facts of the fine
426 customers were advised to invest over £6.1m into Key Data products between 2005 and 2009. The resulting fine was: £6,031,200.
Under 5% of the fine relates to Principle 9: Customers: Relationship of Trust i.e. failure of the firm to take reasonable care to ensure the suitability of its advice and discretionary decisions for customers entitled to rely upon its judgment
The remainder of the fine relates to Principle 3: Management and Controls – failure of the firm to take reasonable care to organise and control its affairs responsibly and effectively with adequate risk management systems.
The size of fine is also worth noting. It is almost equal to the total invested by customers and represents over 30 times the value of gross commission generated from the sales.
Previous warnings
In the same way that cooperative and proactive firms can reduce fines, those who sit on known problems can only expect the fine to increase. The scale of penalty in this case was linked to the accumulation of previous warnings:
FSA supervisory visits in 2005, 2007, 2009 and 2011
Skilled person review in 2010
Sesame Group Risk & Group Internal Audit review in 2012
Where firms have known issues it is important to ensure timely and robust action. Procrastination and inaction will only make the matter worse.
Ineffective controls and oversight
Identifying problems is one thing; creating a structured plan of action which is followed through to completion is quite another. Ensuring that internal controls are sufficiently robust – offering meaningful and independent challenge to the status quo – is a dilemma that all firms face to some extent.
In this case, Sesame operated a number of controls to oversee its 1,040 AR firms/1,637 advisers:
T&C Scheme/framework
Product research & recommended product list
Risk based file sampling/checking
Management Information (MI) such as product risk matrix based on analysis of sales data and from 2007
TCF dashboard including business split
Desk based file checking results
Sesame also produced and distributed a fact sheet highlighting key risks inherent in these products.
It is telling that Sesame still failed to detect and prevent the mis-selling of Key Data products despite the existence and application of the above controls. Again, we see how effectiveness and quality of customer outcome must be the driving force in internal controls.
Capturing product MI at the right level
The risks posed by Key Data could not properly be detected by Sesame’s management information (MI). The MI captured sale of products at a wrapper level, in this case SIPP, ISA and so on. It failed to record underlying funds or asset classes, such as UCIS and Key Data.
MI continues to be a challenge with many firms unable to provide a single customer view linking disparate legacy systems. Identification of fundamental business risks is challenging and often constrained by the existing IT architecture. However, Huntswood has seen the benefits amongst our clients of aligning MI to the business model and, crucially, fair customer outcomes. It is possible and, when achieved, it puts your firm in good stead for the future.
TCF culture – internal communications
The notice had much to say on TCF culture. Most significant was the reference to language used by employees in internal emails on customer files. This might seem alarming, but internal emails chains are often included in files provided to the regulator during their investigations.
As the regulator and industry looks for evidence and measures of culture (good or bad), email messages and internal communications are a simple indication of your firm’s culture. The fact that internal communications are cited in this fine is an immediately applicable lesson for us all.
Key Data overview
Broadly speaking, the Key Data products invested in a portfolio of U.S. life assurance policies with an amount retained in cash to cover the premiums due on the policies held. When the underlying insured deceased the sum assured was paid into the fund. The underlying asset class fundamentally differed to the typical funds available to the average retail investor. While there was no stock-market risk, there were inherent risks that were discreet to this type of investment, including: actuarial, liquidity and single specialist asset class.
SIGN UP FOR REGULAR INSIGHT
Keeping up-to-date with the latest industry topics and regulatory issues can be quite time-consuming!
Thankfully, our regulatory experts are here to help you stay on top of it all. Fill in the short form below to receive a monthly round-up of our insight, news and analysis.