Consumer and Retail Finance – February 2019

Credit Cards Print publication


Latest from the FCA, including culture and governance, and payment services sector; other sector news.Walker Morris risk series stamp

Financial Conduct Authority (FCA)

Amongst the flurry of high-cost credit activity towards the end of December 2018, the FCA also published final guidance on the fairness of variation terms in financial services consumer contracts under the Consumer Rights Act 2015. The final guidance has not changed substantially from the draft version which was consulted on from May to September 2018. Watch out for our separate upcoming briefing on this topic.

The FCA explains on a recently updated webpage that it has received a large number of responses to its July 2018 discussion paper on introducing a potential new duty of care for financial services firms. It says that all respondents recognise that the prospect of any potential new duty, in whatever form, could mean a significant change to financial services conduct and regulation. Next steps will be announced in spring 2019. The House of Commons Treasury Select Committee is currently conducting an inquiry into consumers’ access to financial services. In its written evidence, the Money Advice Service says it believes that a duty of care could help strike a better balance between firm and consumer responsibilities and help deliver extra protection and better treatment to vulnerable consumers.

FCA Chief Executive Andrew Bailey recently gave a speech on the importance of diversity. He talked about how culture and governance of firms is a priority. The FCA wants firms and individuals to create and maintain healthy cultures where people do the right thing and take responsibility for consumer outcomes, thereby reducing the potential for harm. Mr Bailey explained that diversity is a core part of how the FCA looks at the culture in a firm, and said that diversity and inclusion are central to how the FCA acts, both as an employer and a regulator. They matter because they result in better judgments and better decision-making.

On a related note, the FCA published a new webpage on psychological safety, a topic it has been exploring as part of its ongoing work to transform culture in financial services to reduce harm to consumers and markets. The FCA says that, while the traditional focus has been on encouraging employees to ‘speak up’, it has overwhelmingly been hearing that there should be more of a focus on ‘listening up’, as the response of an organisation when employees do speak up is key to determining whether it is safe to do so again, and to cultivating a broader ‘safe’ environment.

The FCA published a video in which senior leaders from four financial services firms talk about their experiences of adopting the Senior Managers and Certification Regime (SM&CR), which will be extended to all FCA solo-regulated firms in December 2019. They talk about how the SM&CR has helped improve culture and governance in their organisations and give advice to firms adopting the SM&CR in 2019. See the press release.

The FCA’s final ‘Approach to Enforcement’ document is due to be published in spring 2019. See the updated webpage for details.

The FCA published a series of short video guides for firms on payment services. They cover: an overview of the FCA’s payments department; a typical FCA payments authorisation process; an insight into how the department interacts with firms; and an insight into new regulatory developments and what firms should look out for in 2019. The four key themes on the department’s radar are: culture and governance; operational resilience and cyber security; financial fraud (particularly payments fraud); and innovation.

In its latest Regulation round-up, the FCA reminds providers of online payment accounts that, under the Revised Payment Services Directive (PSD2), they must by 14 September 2019 provide access to third party providers in line with the regulatory technical standard (RTS) on strong customer authentication and common and secure communication developed by the European Banking Authority (EBA). An EBA working group on application programming interfaces under PSD2 will meet every four to six weeks to discuss issues that emerge as the industry prepares for the RTS application date. See this link for details. Firms must make available both technical specifications regarding their interface, and testing facilities by 14 March 2019. They can seek an exemption from the contingency mechanism requirements and should aim to submit completed exemption requests by 14 June 2019. See the FCA’s website for details.

On 1 February 2019, the FCA published a policy statement confirming the general standards and communication rules for the payment services and e-money sectors following a consultation issued in August 2018. Firms will be required to comply with the new rules from 1 August 2019. See the press release.

On 15 February 2019, the FCA published the complete set of information on current account services, comprising: mandatory data showing how long it takes each firm to open a current account for new customers, and how long it takes them to replace customers’ debit cards; and voluntary data on the services provided to vulnerable consumers. See the press release. On the same day, and as part of the same package, the Competition and Markets Authority published the latest set of banking customer satisfaction results. Since August 2018, banks have been required to publish information on how likely people would be to recommend their bank (as well its online and mobile banking, branch and overdraft services) to friends, relatives or other businesses. The results are updated every six months. See the press release.

On 7 February 2019, the FCA published an insight piece ‘The mortgage market today – FCA analysis of an evolving sector’. It says that FCA proprietary data paints a picture of a market in flux. In summary: the proportion of borrowers who will be aged 66 or above when their mortgages mature is on the rise; the average age of first-time buyers has changed very little; the median mortgage term is increasing; lending to the self-employed is increasing, but is at a significantly lower level than pre-crisis; rates of remortgaging are on the rise, but remain below pre-crisis levels; and the proportion of lending at 90%+ loan-to-value has recently increased.

As firms continue with their Brexit preparations, the FCA published a new webpage explaining what it expects firms and other regulated persons to do now. Users of credit ratings for regulatory purposes will need to take steps to ensure that they are operationally ready to use credit ratings issued or endorsed by FCA-registered credit ratings agencies after exit day. On 26 February 2019, the FCA also updated its webpage ‘Preparing your firm for Brexit’.

The FCA and the Prudential Regulation Authority recently jointly consulted on the proposed management expenses levy limit for the Financial Services Compensation Scheme (FSCS) of £79.6 million for 2019/20. Final rules will be in place by 1 April 2019. The FSCS recently published its plan and budget for 2019/20. See the press release.

And finally, the FCA published an updated Memorandum of Understanding between it and the UK Information Commissioner’s Office (ICO), which establishes a framework for cooperation, coordination and information sharing. In its Regulation round-up, the FCA reminds firms that, while the ICO regulates firms’ compliance with the General Data Protection Regulation (GDPR), this is also something that the FCA will consider under its own rules. As part of their SYSC obligations, firms should establish, maintain and improve appropriate technology and cyber resilience systems and controls.

Other sector news

A recent Court of Appeal decision has clarified that limitation for the purposes of a claim to recover monies due under a consumer credit agreement starts to run from when a default notice (satisfying section 87(1) of the Consumer Credit Act 1974) is served on the borrower, and not from the date on which the borrower breached the agreement by failing to make payment [1].

The latest edition of ‘ombudsman news’, the publication from the Financial Ombudsman Service, focuses on ‘dealing with debt’. Among other things, it highlights how businesses’ lack of empathy or flexibility can create additional problems for people who are struggling, and potentially in vulnerable circumstances.

The Creditworthiness Assessment Bill, a Bill to require certain matters to be taken into account when assessing a borrower’s creditworthiness, is not now expected to have its second reading debate in the House of Commons until 15 March 2019.

During a recent evidence session with the House of Commons Treasury Select Committee, the Chair of the Payment Systems Regulator (PSR) said that the whole system of access to cash needs to be looked at afresh. He said that there is a need to guarantee access to free-to-use ATMs, but with changes to the way people are using cash and contactless payments affecting the economics of the cash distribution industry, there needs to be a debate this year about whether access to cash should be a universal service, rather than a commercial one. See the press release. On the same day, consumer organisation Which? launched a new campaign to ensure that everyone continues to have access to cash and called on the government to appoint a regulator that will help protect the UK’s cash infrastructure.

As part of its market review into the supply of card-acquiring services, the PSR has been consulting on its proposed pass-through analysis, examining how the level of fees that merchants pay for card-acquiring services have responded to changes in interchange fees and scheme fees.

The PSR has also been consulting recently on a draft specific direction requiring Visa Europe to review and adopt appropriate incident communication strategy and response plans, following a June 2018 outage incident which highlighted issues with Visa’s communications.

On 12 February 2019, the European Parliament and Council reached political agreement on the European Commission’s proposal to facilitate cross-border access to financial information by law enforcement authorities. The new measures will complement the anti-money laundering framework already in place. See the Commission’s press release.

The following day, the Commission adopted a new list of 23 third countries with strategic deficiencies in their anti-money laundering and counter-terrorist financing frameworks. Banks and other entities covered by EU anti-money laundering rules will be required to apply increased checks on financial operations involving customers and financial institutions from these high-risk third countries. See the press release.

The Joint Money Laundering Steering Group recently reported that it has embarked on a comprehensive workplan for 2019, which includes matters arising from the expected implementation of the Fifth Money Laundering Directive by January 2020. In addition, new guidance will cover areas such as virtual currency exchanges, digital identities, and payment initiation services.

HM Treasury has published an updated version of its advisory notice on money laundering and terrorist financing controls in higher risk jurisdictions.

UK Finance announced that the Dedicated Card and Payment Crime Unit, a finance industry-sponsored police unit established in 2002, prevented an estimated £94.5 million of fraud in 2018, the highest annual total to date.

Independent membership association Innovate Finance reported that UK FinTech investment reached record levels, with a rise of 18% to US$3.3 billion in 2018. On 14 February 2019, the Financial Stability Board published a report which assesses FinTech developments and the potential financial stability implications. On the plus side, it says that technological innovation holds great promise for the provision of financial services, with the potential to increase market access, the range of product offerings, and convenience while also lowering costs to clients. See the press release.

The Global Financial Markets Association published a set of voluntary financial data handling principles for banks and non-banks, based on GDPR and the NIST cybersecurity framework in the US.

And finally, on 15 February 2019, HM Treasury published updated guidance on banking, insurance and other financial services if there is no Brexit deal, for UK residents and businesses, people living in the European Economic Area, and financial services institutions.


[1] Doyle v PRA Group (UK) Ltd, [2019] EWCA Civ 12