Series 6 Episode 1: Becoming data-offensive - meeting the demands of redress and remediation

In the first episode of a new series, host Tessa Norman is joined by David Kenmir, PwC Partner in Financial Services Risk and Regulation, and Amrita Sawhney, a Director in PwC’s Technology, Data and Analytics team, to take an in-depth look at the evolving redress and remediation landscape in the UK.

Our expert guests discuss the changing regulatory focus on redress and remediation, spotlighting the impact of the FCA’s ongoing motor finance discretionary commission review, and heightened expectations set by the Consumer Duty. Our guests also share perspectives on the increasing data demands of the regulator and how firms can better utilise their data by shifting from a ‘data-defensive’ to a more proactive ‘data-offensive’ approach. Finally, we exchange views on what a good remediation programme looks like, and the opportunities to harness technology to drive efficiency and effectiveness in this process.

Listen on: iTunes  Spotify

Transcript

Tessa Norman: Hello, and welcome to the latest episode of Risk and Regulation Rundown, the regular podcast where we share our views and insights on the latest hot topics in financial services, risk and regulation. My name's Tessa Norman. I'm your regular host, and today we're going to be talking about redress and remediation. This is a topic which has received renewed attention in recent months, partly due to the FCA's ongoing review of Motor Finance Discretionary Commission. But there's also a much broader picture, and we're going to dive into that today. Firms are operating in a challenging environment, where they're seeing higher complaint volumes, and that can put operations under pressure. They're also operating in a complex and fast changing risk environment, where it can be increasingly challenging to predict the next risk. Plus, with the recently introduced consumer duty, and other changes in regulatory approach, the FCA is evolving its approach and seeking to move to a more preventative model, and that has some important implications for firms. I'm delighted to be joined today by two guests who are very well-placed to help us navigate all those issues. David Kenmir, a PwC partner in financial services, risk and regulation, and Amrita Sawhney, who's a director in our Technology, Data and Analytics Team. Welcome, both to the podcast.

David Kenmir: Thank you.

Tessa: David, can you kick us of by setting the scene in terms of how you're seeing the remediation landscape change and evolve, and what are some of the biggest issues that firms are grappling with at the moment?

David: Remediation and redress has been part of the regulatory landscape for years. If I go back to my time at the Financial Services Authority, we were talking about interest rate swaps, PPI, those sorts of things. I think, though, it's got greater profile in current years, because of Motor Finance, and also because there have been public disclosures by listed companies who are dealing with other forms of redress. For example, some firms remediating issues to do with fees for management of investment portfolios and so on. And I think that's coupled with greater activity from social media, the media, politicians and influencers, CMC activity, and that's generating the higher complaints volumes. And the most recent issues I'm working on relate to borrowers that got themselves in financial difficulty, in effect, the way firms handle arrears, and then also Motor Finance Discretionary Commissions. And then, as you alluded to, we've got the regulator, the Financial Conduct Authority, pursuing a different regulatory approach with consumer duty as its flagship initiative, and it's said as part of its broader regulatory strategy it's going to publish a consultation paper later in the year on how it wants firms to redress issues when they find them.

Tessa: Absolutely, and you mentioned the FCA's ongoing review of Motor Finance. Can you talk to us a bit more about how that's impacting firms and how you see that playing out?

David: I could probably do the whole podcast on that. I'll try and do this quickly and we've got some material on our website for those that want to go into it in more detail. Look, this has been a longstanding issue. Historically, it's been dealt with between firms and the Financial Ombudsman Service, and firms and the court system, and most of the time, 70%, 80%, 90% are the figures you hear quoted, the industry has won, either at the FOS or in court. But back in January, the FOS published two decisions, one against Barclays and one against Lloyds through brands that they own, where they required them to repay a difference in interest rates, which they say was to do with the way that discretionary commission arrangements were not disclosed in the sale process. That led to the FCA commissioning a series of Section 166 reviews, which are being done by one firm, just investigating what has gone on. And, as I understand it, that is a combination of data collection, but also analysing the way that firms supervise their distribution networks. Now, the FCA's said that it's going to consult on a way forward by no later than the end of September. So, the people we speak to in the market are waiting with bated breath to try and work out what is going to happen. In the meantime, Martin Lewis through his website, has created a template which customers can download to, basically, make complaints to motor finance providers, not only relating to discretionary commission, but also relating to other aspects to do with the sale of motor vehicle finance. So, affordability, quality of the car, and those sorts of things and, apparently, according to his website, 1.2 million customers have downloaded that template and, obviously that has generated significant volumes of activity in firms. There's lots of uncertainty on the way forward, nobody knows what the FCA's going to do. It has said, 'They're unlikely to find nothing.' I think everybody's interpreting that as being, 'There will be some form of remediation programme,' or perhaps I should say, 'Most people.' Some people think the FCA will lose in court, or the Ombudsman will lose in court, and therefore, nothing will happen. So, we're very much in wait-and-see, and firms are really doing two things. They're dealing with the volumes of incoming traffic, and they're also thinking through, 'How would they remediate if they have to in due course?'

Tessa: Thanks, David, and I think there are lots of interesting themes there, and as you mentioned up front, it is an interesting example of how technology, and social media, and consumer champions, are really changing the landscape and can drive very high volumes, which firms are having to respond to at quite short notice. With that as one of a number of live examples in the market, can you tell us a bit more about how the FCA's expectations are changing? Particularly, thinking about the FCA's desire to move more to a preventative harm model, and how firms need to respond to that.

David: Yes, well, at the heart of consumer duty is a focus on outcome-based monitoring of what has been delivered to customers, and the prevention of foreseeable harm, and the FCA hopes that good implementation of consumer duty across the industry will lead to fewer issues needing to be remediated in due course. And it's interesting that that concept has been picked up in the Labour Party's financial services manifesto, which is worth a read for anybody who's interested in this sector. And in the detail of the consumer duty, the rules, the FCA said, 'If a firm identifies a systemic issue in the delivery of its customer support which prevented customers from utilising a product or service as anticipated, it should act in good faith and consider whether remedial action would be appropriate.' This might include, for example, providing redress commensurate to the benefit that was difficult to utilise, it might be compensation for poor customer service, or whatever. I think there's also an interesting, even bigger picture, issue related to the consumer duty angle, which is that the FCA's suggested that it might scrap rules because, in some ways, detailed rules can be a barrier to the delivery of good customer outcomes. We might actually see not only that emphasis on monitoring outcomes, proactivity in remediation where needed, but actually, the removal of prescriptive rules on the grounds that they can, somehow, cut across the intention of a consumer duty.

Tessa: And I think another gradual change that we've seen from the regulator is more and more focused on data. So, we're tending to see more frequent and more detailed data requests from the regulator. They've talked about becoming a more data-led regulator. Amrita, it'd be great to get your thoughts on that, in terms of, 'What does that mean for firms?' Particularly thinking in the context of remediation issues.

Amrita Sawhney: Yes, there are a number of challenges that firms face in this area. A lot of times, when regulators have come to them for more data or different data, there's a real scrambling that goes along behind the scenes. The core reason for this is because a lot of firms have a very fragmented data landscape and they're still in this data-defensive mode and that side of their journey. There's a lack of ownership of certain types of data, so you don't know who to go to to answer the request that the regulator has sent. Or there's also, even if you have got the data and you've collected it, there are often a lot of data quality issues that come into place as well. So, you're not entirely confident about the data that you're about to handover to the regulator. The things that firms can do to ready themselves for these kinds of efforts are, having that clear data governance in place. So, data ownership, data lineage, understanding what your data quality controls are, and that allows you to have a clean and clear way of accessing your data. And then additionally, having documentation that is a link between the business decisions that you have made, and the data that exists in your library of data, allows you to then not only provide the data, but then substantiate what you've done and how you've done it. And that is something that the regulator's quite clear on.

David: There are some particular data challenges that are associated with discretionary commission. The FCA's look-back period is to 2007. Now, if you've got a GDPR-compliant data destruction policy which says, 'You destroy your records after,' let's say, 'Six years, seven years.' Actually, you don't have the data. And then, the other related problem is the motor finance market is complicated, it covers new cars, second-hand cars, there are multiple different types of lenders, there are multiple different types of distributors, and we understand, based on our conversations with firms and some of the things the FCA's said, that it's proving difficult to create the dataset that the FCA wanted. Simply because, a lot of the data they've asked for is held, we assume, in the distributors rather than the lenders. So, creating that package of information the FCA needs to be a data-led regulator is actually complex for the regulator itself and, no doubt, it's got some data scientists somewhere trying to churn through what's been collected to draw conclusions.

Tessa: Yes, absolutely, and are those broader challenges for the regulator as well, as they move towards becoming a more data-led regulator?

Amrita: Yes, absolutely, and this goes back to what David was saying. One, they're asking for a lot of data. Two, that a lot of firms aren't getting very clear directives on exactly what the parameters of the data that they need are. For the regulator to become more data-led, for them to be able to do their analysis in a way that is helping them become data-offensive, they need to be very clear so that what they're getting is apples for apples. Rather than, every firm sending in something slightly different, having to explain it to the regulator, and then the regulator going away and having to do something that is very unique for every, different firm, rather than being able to look at things in a holistic view across the industry, to really see what those trends are across the industry. And I think that's really important and, going back to what David said, the regulator also needs to be very conscious of the different asks of firms as well. So, like you said, David, GDPR, six years. But, also, further to that, the classification of data that they maintain and how do they access that and how can they share that information, etc? And all of those different barriers to getting the information to the regulators, the regulator really needs to be clear and very prescriptive about what they're actually looking for, for them to get the best out of what firms are providing.

David: I think the FCA, to some extent, is setting itself up for failure a little bit, and I'll share a story from my time at the FSA to explain what I mean. So, back in, probably, the mid-nineties there was 'a scandal' because the FSA had missed something, and when we looked into the detail what we found is that we'd had a letter which was sent in to one bit of the FCA and responded to and didn't get escalated. So, funnily enough, we could find it when we looked for it but those of us on the executive committee and the board didn't know it had landed at the point in time when it was sent to the regulator. So, you have the classic problem of finding the wood for the trees in large volumes of data in different formats. Now, as I happened, several years after the letter was sent, there was a problem in the firm that it related to, and a third party said, 'Well, if the FSA had acted on that letter back, three years ago, the scandal would never have happened. Now, clearly, that may or may not be true. It almost doesn't matter whether it is true or not, because your reputation is damaged at the time. I remember my then-chairman saying to me, 'The worst type of data the regulator can have is data it doesn't know what to do with.' And, I think one of the real challenges they face is, if they collect so much stuff, unless they've got really smart data and scientists, they can use artificial intelligence, or whatever, to properly identify trends, they'll actually regret collecting some of the stuff that they're currently getting, because they'll be judged in the same way we were, with the benefit of hindsight in several years’ time.

Tessa: Yes, absolutely, and I think if the ultimate aim in what the regulator's trying to achieve is to prevent more harm before it materialises, and, of course, under consumer duty firms are required to meet a higher standard in terms of that prevention of foreseeable harm, monitoring of outcomes as well. What are you seeing, Amrita, in terms of how firms use that data? Particularly, if they're having to collect and provide more to the FCA. Can they better use that data themselves as well, to try and prevent more harm before it materialises?

Amrita: Yes, absolutely, and this goes back to what I was saying about a data-defensive organisation where the majority of these firms are looking at lagging indicators rather than looking proactively going forward. For instance, you will only look at how many customers are past their due date, that are unable to make their payments, or any of those kinds of things rather than looking at those drivers and saying, 'How can I predict if someone is going to end up in financial distress? Have I, for example, had a number of phone calls from them with a very similar sentiment across these different phone calls, implying that they might be in a position where they will not be able to pay me back?' So, rather than looking at the classic indicators of, 'This person is 30 days past due, 60 days past due, 90 days past due,' 'What are you doing to foresee that and being offensive, and identifying these customers, coming up with ways to support them and prevent that harm for their own, financial situation?' And 'How do you move to that?' Well, there are a number of different initiatives in the industry. There's a huge move towards AI, and being able to look at sentiment analysis, and being able to predict what's going to happen, rather than just react to what has already happened. And I think that a lot of firms might be reticent to move to that already, or they might still be doing a lot of 'Day 2' activity for consumer duty or some of these other reg changes. That's definitely where the market should be heading if they're going to, not only listen to the letter of the law, but work towards the spirit of the law as well.

Tessa: Yes, absolutely, and it will be really interesting to see how that picture evolves.

David: It's interesting that we're doing this podcast shortly before the deadline for the first board report on consumer duty, and a lot of my conversations with clients, and my colleagues' conversations with clients, has focused around, 'What on earth should be in that report?' Because the FCA is not being prescriptive. So, what firms are having to do, picking up on what Amrita said, is work out what data sources they're going to use, work out how they're going to package it up and put it in that annual report. And I suspect that as the embedding of consumer duty continues, the use of data will become more precise and more prescient, hopefully, and you'll see that flow through the evolution of consumer duty annual board reports as we go along.

Tessa: Given where we are now, and as you've said, we're not quite at the deadline yet for the first, annual board report under consumer duty. So, whilst firms have made important progress on this, I think that the way that they're approaching outcomes monitoring is still something of an evolving picture. Whilst the ultimate aim, for both firms and the regulator, is to prevent all foreseeable harm, unfortunately, sometimes, things can, and still will, go wrong. So, where there are those instances of harm, what's your view on, 'How do firms put that right in a way that's proactive, and does the right thing for the customer, and meets the regulator's expectations, but also, which maximises efficiencies for the firm as well?' What does a good remediation programme look like?

David: Well, look, my flippant answer is, 'The best remediation programme is one that you don't have to do in the first place.' But let's assume that you do have to do something. I think it comes down to five things. The first one is coming up with a reliable population of customers who've been impacted by the harm. Which always comes back to, 'What are the golden sources of data? What analytics do you do to work out which customers are impacted and create that population?' The second thing related to that is, 'What is your communication strategy and how do you vary that communication strategy for different customer cohorts?' So if you've got a large population of retail customers, some will be vulnerable, some won't be. Some will have live products, some won't. Some will be vulnerable, some won't. There will be deceased customers that you know about, there will be deceased customers that you don't know about. What you need is a reliable, multi-channel communication strategy that works for each of those customer cohorts, and that will typically be a mixture of email, call centre, portal, chatbots, whatever it might be. You then need a robust control framework to actually execute the programme. You need reliable MI to actually make sure you're delivering the right outcomes you want through the process. And then, you need a strong governance model to actually make sure that everything works properly and is properly overseen, and your accountable SMFs do what they should do to discharge their reasonable steps. You also need a plan for the tail. Every remediation programme I've ever done, you get no more than 70%, 80% of customers at best actually engage with you. Which means that, when you come to the end of your remediation programme, you've actually got 20% of customers who never came back to you. You need a mechanism that, if people do come back to you at a later date, you can control that. And then, finally, increasingly, the FCA is putting a skilled person over the top of the remediation programme, so you have to be able to document all that in a way that's going to keep the skilled person pleased, and also, stands up to scrutiny from your auditors. So, they're complicated programmes to run, but they have a rhythm and a structure which is repeatable, and reasonably easy to control.

Tessa: And thinking about some of those technology and data evolutions that you've talked about, Amrita, how do you see that changing what remediation programmes look like? Thinking a bit further ahead, what do the programmes of the future look like?

Amrita: Well, I think, where we are today is also leap years ahead of where we were when something like PPI took place. Where a lot of it was paper based, there was a lot of call centre contact. Now, there is a lot more tooling being used, not only consumers or customers can log on to see their own information, etc. But, also, for the firms themselves to be able to manage and handle it. There are not so many ways that a firm can have, either, incorrect communication going out to a customer, or the incorrect amount going out, going out to wrong people, etc. There are a lot more controls that are in place within remediation programmes, and that's because most remediation programmes are very tooling-centric, and very tooling heavy. So, having, not only, just one CRM platform that a lot of remediation programmes use, and they can capture all of the information across all of these multiple channels that David's talked about. So, you have a single point of contact, and you've got that golden source of all the information related to that remediation. And that, also, is very much a heart of what we're seeing going forward. As well as laying over new technology onto it, in terms of AI, machine learning, being able to remove some of the more cumbersome, repetitive areas and making that more technology driven, rather than prone to human error, and I think that's a big change that we're seeing. Also, being able to say, all the different points of contact with the customer can be maintained in one place. If a customer has called me up, I can see what letter they've been sent, I can see that they've called up before, I can see that they've logged on to a portal, or whatever, to understand what their journey has been to this phone call as well, is really important.

Tessa: Brilliant, thank you both so much. It's been a fascinating discussion and, particularly hearing and thinking about regulatory expectations, consumer expectations and the use of technology is changing and evolving. Thank you both so much for your insights. And to our listeners, I really hope you've enjoyed this conversation, and thank you very much for listening. If you'd like to hear more from us about the topics we've talked about today, as well as a range of other risk and regulatory issues, please look out for our regular publications on our website, which we'll link to in the show notes of this episode, and we'll be back next month with our next episode.

Follow us