Dear CEO/Director,
Firms authorised or registered under the Payment Services Regulations 2017 (“PSRs”)
and the Electronic Money Regulations 2011 (“EMRs”) such as Payment Institutions (“PIs”),
Electronic Money Institutions (“EMIs”) and Registered Account Information Service Providers
(“RAISPs)” to help them implement and embed the Consumer Duty effectively.
For many firms, meeting the Duty will require a significant shift in culture and behaviour. FCA
recognises that the implementation of the Duty comes at a challenging time. However, the FCA
believes that embedding the Duty effectively will help payments firms continue to build trust
amongst consumers in using the expanding range of products and services and enable the
sector to continue to grow in a way that delivers consistently good outcomes for customers.
This letter sets out:
- A reminder of the implementation timeline, key elements of the Duty and how it applies
to payments firms - FCA expectations on how payments firms should embed the Duty, including examples of
good and poor practice - Feedback from FCA recent review of firms’ implementation plans
- FCA’s approach to supervising the Duty in the payments portfolio and planned next steps.
FCA expects the Consumer Duty to be a top priority for firms personally. They want good outcomes for customers to be at the heart of firms’ strategies and business objectives, and leaders have a key role to play here. FCA expects firms’ Boards and senior management to embed interests of customers into the culture and purpose of the firm.
FCA expects firms to consider and discuss this letter with their fellow directors and board,
including the Consumer Duty Champion (or equivalent) and agree what further action the firm plan to take to ensure that it meets the requirements and expectations the FCA have set out. - Timeline for introducing the Duty
In July 2022 the FCA published final rules and guidance for firms and set out the following timeline for firms to implement the Duty: - By the end of October 2022 firms’ boards or management bodies should have agreed
their plans for implementing the Duty - By the end of April 2023 manufacturers should have completed all reviews necessary to
meet the outcome rules and shared necessary information with their distributors - The Duty comes into force on 31 July 2023 for new and existing products or services
that are open to sale or renewal - On 31 July 2024, the Duty comes into force for closed products or services.
How the Duty applies to payments firms (you) - Annex 1 – How the Duty applies to payments firms
The Duty will require firms to act to deliver good outcomes for customers (including those in
vulnerable circumstances). This reflects the positive and proactive expectation the FCA (“we”) have of firm conduct, and our desire for firms to think more about consumer outcomes and place
consumers’ interests at the heart of their activities.
The payments portfolio includes firms with a broad range of business models performing a
number of activities that impact almost all consumers. Firms’ target markets range from large
corporates to individuals, including diaspora communities and vulnerable consumers, some of
which are otherwise unable to access financial services. We expect the focus on acting to
deliver good outcomes to be at the centre of payments firms strategy and business objectives.
Where an authorised or registered firm, for example a money remitter or electronic money
issuer, provides payment services through an agent or, in the case of an electronic money
issuer, distributes or redeems electronic money through an agent or distributor, the authorised
or registered firm is responsible for ensuring that the third party complies with the Duty.
Annex 2 – Key things for firms to consider
We have summarised below a number of key things we expect payments portfolio firms to
consider in order to deliver consistently good consumer outcomes under the Duty. We have
also included some illustrative examples for you to consider. These are not comprehensive but
provide an indication of how the Duty may apply to certain business models in the portfolio.
- Products and services – are designed to meet the needs, characteristics and objectives
of a specified target market.
We expect firms to be able to demonstrate that they are:
- satisfying themselves that their products and services are designed to meet the needs
of consumers in their target markets and perform as expected; - assessing whether their products and services have features which could cause harm to
groups of customers with characteristics of vulnerability, and what action they are
taking to mitigate this risk of harm; - considering the potential impact of any plans to cross-sell more to customers; we have
seen cross-selling where the promoted products were appropriate for the original target
market, but not necessarily appropriate for all of a wider group of customers, creating a
risk that the latter purchase products which do not meet their needs; - sharing all necessary information with other firms in the distribution chain, and
receiving all necessary information themselves, to enable all firms in the chain to
ensure they comply with the Duty; - checking that their distribution strategies are being followed and that products and
services are being correctly distributed to the target market; and - using data and management information to monitor whether products and services
continue to meet the needs of customers and contribute to good consumer outcomes.
This includes regularly reviewing this data and taking any necessary mitigating actions.
Example: A firm develops an e-money products aimed at a specific group of customers, but
the product ends up also being sold to consumers outside the original target market. The firm
identifies this and: - assesses the products, and confirms that they were appropriate for the broader cohort
of customers; and then - amends its risk controls to ensures they were suitable for consumers who were actually
buying the product, rather than just to the original target market.
Selling your products and services to consumers outside your original target markets may not,
as in this example, necessarily lead to consumer harm, but you should consider the
implications, and if you find that your products are being widely used by consumers outside
the original target market you may need to amend your target market, distribution strategy,
and / or risk controls.
Strong Customer Authentication – The Duty includes a requirement for firms to ensure that the
design of the product or service meets the needs, characteristics and objectives of customers
in the identified target market. In line with the Duty, we expect payment service providers to
develop strong customer authentication solutions that work for all groups of consumers, and
we encourage firms to consider the impact of strong customer authentication solutions on
different groups of customers, in particular those with protected characteristics, as part of the
design process. This means that firms may need to provide several different methods of
authentication to their customers. This includes methods that don’t rely on mobile phones, to
cater to customers who don’t have/want to use a mobile phone or need to make payments in
areas without mobile phone reception.
- Price and value – Products and services provide fair value with a reasonable relationship
between the price consumers pay and the benefit they receive.
We want all consumers to receive fair value. Value is about more than just price, and we expect
firms to assess their products and services in the round to ensure there is a reasonable
relationship between the price paid for a product or service and the overall benefit a consumer
receives from it. For payment portfolio firms this includes:
- taking into account any regular charges or fees and any contingent fees or charges
when assessing whether a product provides fair value. If a firm charges an e-money
redemption fee, it must ensure that these charges are proportionate and commensurate
with the costs actually incurred by the firm. You should keep these fee structures under
review, especially as costs to your business change; - considering whether vulnerable customers are adversely impacted by their charging
structures. For example, if there is a minimum charge for topping up an e-money
account then certain groups who make frequent low value top-ups may pay more than
those who make higher value less frequent ones. Firms should consider whether the fee
structure is appropriate to the consumer groups using their products; and - firms selling products via agents or distributors will need to consider the charges they
are levying on consumers as part of the assessment of fair value. Further, a firm which
distributes products to retail customers is responsible for ensuring the fair value
obligations in relation to distribution are met in respect of any product it distributes to a
retail customer.
- Consumer understanding – Firms’ communications should enable consumers to make
informed decisions about financial products and services.
We expect your firm to provide its customers with the information they need, at the right time,
presented in a way they can easily understand. Your firms’ communications should adequately
consider any potential for customer confusion inherent in its business model and provide
adequate signposting and explanations to mitigate this risk. These considerations should
include but not be limited to:
- clarity over fees and charges – ensuring that consumers are given the information they
need, at the right times, and presented in a way they can understand; - where appropriate, highlighting the differences between the protections that apply to
customers using different products and services. For example, highlighting that PIs and
EMIs are not banks, and that funds are protected by safeguarding arrangements rather
than by the Financial Services Compensation Scheme. We wrote to EMIs in May 2021
about this and we expect firms to and ensure that their communications remain
appropriate; - firms offering regulated products alongside unregulated ones should make it clear to
consumers which products are regulated, and which are not, and clearly set out the
consumer protections relating to each product; - where firms provide their products and services through agents and distributors, they
should make clear to consumers the split of responsibilities between themselves and the
intermediaries and who does what in those arrangements. Principal firms should be
considering their agents’ and distributors’ communications relating to the firm’s
regulated services to the same extent and standards as their own; and - firms should avoid using technical and complex language that is difficult for customers to
understand. For example, when open banking firms ask for consumers to give explicit
consent for the access and use of their payment accounts data, or when firms are
explaining the nature of the services provided. This will support customers in
understanding the implications of providing such consent and making informed decisions.
- Consumer Support – Firms provide support that meets consumers’ needs throughout the
life of the product or service.
We do not prescribe which channels firms must offer, but from the perspective of the Duty
firms must ensure that the channels of support they do offer meet the needs of their
customers. We expect firms to provide support that meets consumers’ needs through the full
lifecycle of the product or service, for payment portfolio firms this includes:
- providing appropriate support channels. For example, some firms operating purely online
may not offer other channels for consumers to contact them if they are experiencing
difficulties, such as being unable to access mobile and internet services, or if need to
speak to a member of staff directly to report fraud on their account. In some instances,
this approach may not always be sufficient, and we expect firms to ensure their contact
channels meet their customers’ needs; - firms should make it clear to consumers how and where they can access support and
make a complaint if they wish to do so; and - in cases where products are no longer suitable, firms should support customers in moving
to a more suitable product or make it easy for them to exit.
Account freezing and fraud reports
We continue to see poor financial crime controls in some payments and e-money firms. This
can lead to a higher risk of both the firm and its customers being targeted by criminals. One
specific access issue which we would highlight as needing careful consideration by firms under
the cross-cutting rules and consumer support outcome, is the freezing of individual customer
accounts. This is typically done because of financial crime suspicions that have been triggered
and need to be investigated. That is reasonable in principle, but in practice some firms freeze a
disproportionate number of accounts, for too long, and without adequate explanation. We
remind firms of the requirements set out in regulation 71 Payment Services Regulations 2017
relating to stopping or blocking payment instruments, and the guidance at paragraphs 8.170
to 8.172 of our Approach Document. Firms should consider their processes relating to freezing
of accounts, for example how to make such freezing: - less frequent (e.g. through better upfront onboarding and Know Your Customer controls
and more accurate and intelligent transaction monitoring); - less protracted (e.g. through better, swifter investigation of suspicions);
- better communicated (to the extent possible within the constraints of avoiding tip off);
and - better supported (especially for customers put into acute financial difficulties by the
freeze).
We also see a need under the Duty (in particular the Customer Support outcome) for firms to
consider their handling of alleged cases of fraud, especially Authorised Push Payment fraud,
and of complaints about such. Whilst we appreciate that the facts of these can be hard to
establish, firms should ensure that their treatment of customers who feel themselves to be
victims and are distressed is not unduly harsh or unsupportive.