New approach means companies must do more than simply comply with the rules
The Central Bank of Ireland has published a 'Guide to Consumer Protection Risk Assessment' which represents a landmark evolution and ramp-up in its approach to ensuring consumers of financial services are protected.
This will apply to all financial services firms in Ireland including banks, insurance companies, investment firms and payment institutions.
For some time, the Central Bank has said compliance with regulatory codes represents just a "minimum standard" and that the firms it regulates need to go well beyond this base and deliver meaningful outcomes for their consumers.
The Consumer Protection Risk Assessment outlined in the guide clearly demonstrates the Central Bank's strong intent to ensure unfair customer outcomes are prevented and that firms are not simply "ticking the compliance box".
Clearly, the Central Bank believes there is a strong need for financial services firms to hold themselves accountable to a higher bar than mere compliance with codes. It calls out the need for firms to undertake more meaningful and holistic self-reviews of the consumer outcomes being achieved.
This need is underlined by the recent examples of "significant and systemic issues" such as payment protection insurance (PPI) mis-selling, and the current examination of tracker mortgages, as referenced which are simply not being dealt with by traditional means.
The Central Bank notes that failures such as these have highlighted the crucial role a firm's culture plays in ensuring fair outcomes for consumers. Moreover, what is of particular interest is that it has clearly declared its intention to start reviewing whether a firm has a truly consumer-focused culture.
This means financial services firms can expect to be reviewed by the Central Bank, including interviewing boards and management teams, regarding how they are ensuring behaviours and everyday practices are "getting it right" for consumers.
The guide also calls out that such reviews will be "intrusive in nature" and will likely be a difficult process for any organisation that focuses on profit maximisation at the expense of fair consumer outcomes.
Examples in the guide of how this will be assessed also cut straight to the point and include such questions as:
n How does the tone from the top drive the right outcomes for consumers and encourage a culture where issues can be disclosed and acted upon?
n Have performance management and promotion of staff strategies reflected how they are (or are not) contributing towards fair customer outcomes?
n Who within management is clearly accountable for culture and behaviours related to consumer protection?
All the above is further underlined by a clear expectation regarding the robust way in which financial services firms are expected to be managed (the governance and control of consumer protection risk). It appears evident, that being unaware, or purely reactive, to such risks will not be sufficient.
The guide also calls out a clear expectation that the products and services a firm sells will be well managed in a consumer-centric manner. Again, these topics are covered under the scope of the new Consumer Protection Risk Assessments.
By moving to a more holistic approach which focuses on identifying the true risks that create unfair consumer outcomes, rather than simply achieving compliance, it is hoped business practices within financial services firms will improve. If this can be achieved, the well documented systemic issues of the past will be put behind us by creating cultures and governance systems that proactively address business practices which are likely to create unfair consumer detriment.
Feilim Harvey is a partner in financial services at PwC