FCA asks banks to address account access concerns

What does this mean?

The publication follows the FCA’s initial review of account closures last year, amid concerns that customers’ payment accounts may have been closed due to political beliefs or lawfully expressed views. The regulator shared its initial findings in a September 2023 report, based on data gathered from 34 banks, building societies and payment firms. The FCA committed to follow-up work to validate the data and investigate specific issues, including the decline rates of BBAs, how firms apply ‘reputational risk’ and financial crime considerations in account access decisions, and experiences of customers in vulnerable circumstances.

Following further assessment, the FCA has reaffirmed its conclusion from the 2023 report that it has not observed evidence of political views leading to account denial, suspension, or termination. However, it notes significant limitations in firms’ data and ability to identify and monitor these cases, and so decided against conducting a broader analysis of a wider set of payment account providers. 

Instead, the FCA has asked appropriate SMF holders at payment account providers to sign an attestation confirming their confidence that they have not denied, suspended or terminated payment accounts because of customers’ political beliefs or views lawfully expressed and that their systems and controls enable them to be confident in that statement.

The FCA also sets out a range of issues which it expects firms to address. 

Basic Bank Accounts

The FCA found several BBA providers were poor at making customers aware of the availability of BBAs, including when terminating customers’ payment accounts for reputational risk reasons. In addition, the FCA finds that some BBA providers did not make clear the types of identification that could be used to open the account for customers without standard forms of ID.

The FCA expects BBA providers to highlight the availability of BBAs more clearly, and make it easier for prospective eligible customers to apply for a BBA. It also calls for firms to do more  to make sure customers understand the acceptable forms of non-standard ID. 

Reputational risk

The FCA found little consistency in how firms defined and used ‘reputational risk’ as a criterion to deny or close payment accounts. In some cases, firms did not clearly evidence the rationale behind decisions, nor have established internal guidance for when reputational risk may be a determining factor in onboarding/offboarding. The regulator highlighted instances where firms’ poorly controlled use of reputational risk could mean they are not acting in good faith, as required under the Consumer Duty.  

The FCA expects firms to have a clear and consistent definition and approach to reputational risk to ensure decisions to deny or close accounts are based on rational and well-considered grounds. Firms should have appropriate monitoring in place to understand how reputational risk is used, and be able to identify when intervention is needed if internal approaches are not applied consistently.

Data

The regulator notes that the detail, type and retention of data on account access was limited or unclear and varied significantly across firms.

The FCA expects firms to collect and record data in account access decisions in a manner that provides firms - and the FCA - with evidence that they are delivering good customer outcomes, in line with their Consumer Duty obligations. This includes recording decision-making processes and policies, as well as the reasons for denying, suspending or terminating a payment account. This data should inform appropriate management information (MI), enabling robust governance and oversight of account access decisions and outcomes. 

Vulnerable customers

The FCA found that some customers in vulnerable circumstances are experiencing worse outcomes regarding account access. It reiterates its expectations of the support firms should provide to meet vulnerable customers’ needs. In particular, the FCA highlights issues with firms making assumptions or generalisations about customers’ needs. The FCA also published a research report on the experiences of financially excluded consumers. 

Financial crime controls

The regulator outlines where some firms’ approaches to implementation of financial crime controls creates difficulties for consumers. For example, non-profit and charity organisations reported difficulties in meeting certain financial crime due diligence requirements and information requests. 

The FCA reiterates its expectations that firms should act proportionately to the risks they identify, and should not apply a generic approach to risk management. The FCA recently published the outcome of its review into the treatment of Politically Exposed Persons (PEPs). This highlights a number of areas where the regulator expects firms to improve, for example, on the clarity and detail of communication with PEPs, and staff training.

What do firms need to do?

The FCA found that some firms’ approaches require improvement to meet the higher standards of the Consumer Duty. It expects firms to review their customer journeys for onboarding and offboarding, and relevant policies and procedures, through the lens of the Duty.

Firms must have policies which ensure decisions to deny or terminate accounts are made on a consistent and properly considered basis, and are clearly documented. Attributes for offboarding triggers should be clear, with appropriate oversight of decisions. Firms should take steps to ensure policies are followed in practice, including reviewing staff training and record keeping.

With regard to onboarding, firms should review customer due diligence policies and processes, especially those in relation to identification and verification requirements, to assess whether a proportionate approach is applied to different entity types, reflecting the financial crime risks they pose to the firm.

Firms should consider the deficiencies identified by the FCA in evidencing and monitoring account access decisions. They need to record adequate and accurate data, which is used to inform appropriate MI and monitoring of customer outcomes.

Improvements to data, monitoring and governance will be required by some firms in order to provide the attestation required by the FCA.

Further, firms should pay particular regard to meeting the needs of customers in vulnerable circumstances, including potential testing of customer communications on BBAs. Firms should be able to demonstrate that customers in vulnerable circumstances are experiencing outcomes as good as those for other customers, and take immediate action if this is not the case.

Next steps

The FCA expects payment account providers - including those not part of the review - to take note of the FCA’s expectations and make any necessary improvements. 

The regulator expects firms to be able to evidence how matters highlighted in the report have been addressed, or will be addressed in a reasonable timeframe. This will form part of ongoing FCA supervision over the next several months.

The FCA has asked appropriate SMF holders to sign an attestation confirming their confidence that they have not denied, suspended or terminated payment accounts because of customers’ political beliefs or views lawfully expressed, and that their systems and controls enable them to be confident of that statement.