FCA Compliance Focus in 2023
Priority 1. Joined up data
The Financial Conduct Authority (FCA) keeps saying it is a data-led regulator. It certainly receives huge volumes of data from the firms it regulates and other sources such as regulators worldwide, individual investors, employees, and whistleblowers.
The FCA expects governance to play a strong role in ensuring firms submit high-quality data. They have been getting much better at looking across the data they receive to spot trends, patterns and potential harms. You will not know if the FCA looks at your data, but you should assume they are.
This means that almost as important as ensuring you are sending accurate, timely and reliable data; you also need to ensure that you are identifying themes and trends from the data you are reporting and notifying the FCA where there are material changes.
These changes might be due to simple things such as market movements causing a drop in the value or custody assets, or because of your Consumer Duty implementation, you see a reduction in complaints.
Priority 2. Consumer duty
This is probably the top of every retail firm's agenda for 2023. Don't underestimate how much work consumer duty will take to implement. Many firms realise they should have done much more on product governance when they implemented MiFID II. But there are three more outcomes that are far less well-defined in terms of how you can meet them.
Firms will spend time early in 2023 defining how they will meet those outcomes so they can spend the remaining time in the year implementing solutions.
Priority 3. Financial promotions
The first major deadline for the new financial promotions rules has passed on 1 December. The bulk of those new rules come in February 2023. So early 2023 will be spent making the necessary changes to risk warnings and developing personalised risk warnings.
The FCA has an increasingly experienced and established financial promotions function dedicated to looking at websites, marketing, and social media. FCA claims they look at approximately 100,000 websites every day. They have their dedicated enforcement personnel enabling FCA to take swift action if they see marketing that does not comply.
If you are marketing investments, you need to ensure that your marketing is meeting FCA standards and be able to prove who signed off your marketing if you are not FCA regulated as they are looking, and you should expect FCA to contact you.
Priority 4. Cost of living
A major focus of the FCA's Annual Public Meeting was the Cost of Living, with the FCA committing to doing all it can to help people affected by the crisis.
Insurance firms have been put on notice through a Dear CEO letter that they cannot be charged more than new customers, and consumer duty underlines that expectation. The FCA has been clear that Credit firms and Lenders are doing all they can to help customers who have difficulty making repayments.
The Buy Now Pay Later sector has also been warned that their contracts must be clear and fair, and their financial promotions meet FCA requirements. With this backdrop plus the Treasury's focus on bringing Buy Now Pay Later into regulation, the risks of scams and financial crime are only growing during the cost of living crisis.
This brings fraud and financial crime back up the FCA's agenda. The FCA is doubling down on scams. Remember that the FCA is still under enormous pressure to do more and to act faster to stop bad actors. As a result, they are firm in ensuring that firms meet their standards.
Furthermore, they are putting short response timeframes on requests for information they believe you should already have, which in turn puts pressure on you to hold that information in a readily accessible format.
Priority 5. Frictions in the sales process
The FCA has highlighted frictions in the sales process for execution-only mortgages. It will continue this theme as firms implement Consumer Duty by extending it to post-sales.
Firms are expected to look at where customers are having difficulty or abandon online processes or don't start other processes, such as making a phone call to cancel a policy. This will be a hot topic for many firms during 2023, but it will help you better understand our customers and how to enhance their experience.
Priority 6. Fraud
The risk of fraud rose during the lockdown and covid 19. However, it hasn't been reduced as a risk partly due to the cost of living crisis and partly because new customers are entering the financial services market.
FCA staff were given specialist fraud training and hired several fraud specialists following the London Capital and Finance report. This means the FCA is now looking at the risk of fraud in terms of firms having inadequate systems and controls and risk management frameworks.
They are also aware that some firms are still not fully aware of threats of cyber-attacks which could potentially lead to consumer data being compromised.
These are all areas where your people are your best defence, so investing in them and their knowledge and awareness about fraud and cyber attacks will keep your first line focussed on fraud. You also need to ensure that your risk and control frameworks have been reviewed and updated to reflect the current operating environment.
Priority 7. Systems & controls to mitigate financial crime
The FCA is finally consulting on its proposals for a new core investment advice regime. This aims to provide access to investment advice for mass market consumers who have straightforward financial needs which are broader than simplified advice such as stocks and shares ISAs.
During 2023, we will see the FCA developing that regime with a policy statement due later in the year. If your firm provides investment advice, you should look at your target market and consider whether any mass market investors are within or potentially could fall within the scope.
If they do, then you may wish to engage with the FCA consultation and be ready to adjust your sales processes to incorporate that potential client base.
Priority 8. Individual accountability
We are becoming more used to adhering to SMCR and all the processes that come with it. As we move into 2023, the FCA will enforce the SMCR more strictly as the honeymoon period is now well and truly over.
You can expect to see more investigations from the FCA, more final notices, and more challenging questions. These questions include whether you can prove you are checking your staff's compliance with the conduct rules. If so, why did you not report any breaches in your annual return in September/October?
Priority 9. Financial resilience
In 2022, the FCA set its first deadline of 31 March, when firms had to identify their important business services and map out the processes that enable those services to function.
During 2023, it is important to look at how much disruption those important business services could tolerate and test their ability to endure that disruption to set their impact tolerances. This should lead to the production of lessons learned, which should be fed back through to the next test and the ongoing development of a communications plan.
All of this should be done under the oversight of governing body, be that our Board, Partners, Executive Management Committee, or ourselves (if you are a sole trader).
Priority 10. Big Tech
The Bank of England and the FCA have been looking at using Artificial Intelligence within the regulatory framework. They're interested in where there could be regulatory benefits and risks and have been looking at potential solutions.
They are also concerned about the potential dominance of big players in the technology sector as they start providing their services to the financial services sector. But recognise the tension that technology also provides innovation and, with it, potential benefits.
The FCA is currently focused on the role of Big Tech in payments, deposits, insurance and consumer credit markets. They have also been looking at the role of third parties in cloud infrastructures. If you're active in these markets, you may wish to engage with the FCA on their work.
Want to learn more about FCA Compliance?
If you'd like to stay up to date with FCA best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech, and RegTech news, subscribe to Skillcast Compliance Bulletin.
To help you navigate the compliance landscape, we have collated searchable glossaries of key terms and definitions across complex topics, including Equality, Financial Crime, GDPR and SMCR. We also regularly report key learnings from recent FCA fines.
You can follow our ongoing YouGov research into compliance issues, attitudes and risk perceptions in the UK workplace through our Compliance Insights blogs.
And if you're looking for a compliance training solution, why not visit our FCA Compliance Course Library.
Last but not least, we have 100+ free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, handouts, posters, training presentations and even e-learning modules!
If you've any questions or concerns about compliance or e-learning, please get in touch.
We're happy to help!