How much regulation does it take to get all advisers treating customers fairly? A regulatory update from compliance consultantTony Catt

Whilst most adviser businesses already operate on a putting clients first basis, compliance consultant, Tony Catt, talks us through current relevant regulatory changes and how they are likely to impact advisers

It would seem that most of the latter half of 2017 was spent trying to translate acronyms – MiFID II, SM&CR, IDD, GDPR. All of these represent regulations that are going to hit the UK in 2018 or 2019. Although, due to their complexity, actual adoption of them may be delayed.

Markets in Financial Instruments Directive II

At the time of writing, the only one of these that has come into force has been MiFID II on 3^rd January.

This brings European advisers in line with advisers in the UK as far as the receipt of commission on business. UK advisers went through most of this pain with RDR of course.

In the UK, MiFID II has had more of an effect on fund managers, who need to report much more detail to the regulators than previously. This involves greater detail regarding the underlying costs of fund managers, including research and other costs, which have previously simply been bundled up. it is thought that this greater transparency will promote greater choice for clients. It may also drive down the costs as fund managers can no longer hide them.

A 10% drop

What will affect advisers and fund managers more is the requirement that clients are advised when a fund drops by 10% in value. This would appear to be a good early warning and keep the clients informed regarding possibly losses, but this could be quite a problem to manage.

Some considerations are:

• Most advisers would not be happy for the fund managers to have direct contact with their clients.
• Most advisers use platforms, which leads to a further layer in the advice structure. The onus is on the fund managers to advise of 10% drops, but the fund managers will be reliant on the platforms for client information.
• There may be some confusion whether the message would come from the fund manager or the platform. The onus is on the fund manager.
• Most funds are held as part of a portfolio. What is the effect of a single fund within the portfolio experiencing a 10% drop?
• What would be the reaction of clients? Panic? No reaction?
• What about clients with different attitudes to investment risk? They will receive the same message, but treating all customers the same is not the same as treating them all fairly.
• Does the message about a 10% drop go out with an explanation? Is the drop considered to be short-term? Cyclical? Is it a problem?
• How is the 10% calculated? From the buying price? From a fixed point in time? Compared to an index?
• If a fund drops by 9.9% is that any less of a problem, except that it would not need to be reported to clients?

This would appear to be a well-meaning piece of legislation that is likely to generate a lot of work without necessarily being as positive for clients as would have been intended.

The cost of reviews

Another aspect of MiFID II is the requirement for advisers to be more open about the costs of reviews. Previously, advisers have informed clients of upfront costs – adviser fees and often made rather vague reference to ongoing adviser fees to cover reviews. In the future, clients will need to be made aware of the costs of reviews before they happen and also what will happen at the review. This may well be a pinch point for some advisers who have not been open enough about this in the past.

The FCA has been keen for advisers to detail fees in real money rather than percentages. 1% sounds like a small number, but 1% of a larger number eg. £250,000 means £2,500 – which may not seem to be good value if it’s a straightforward review.

Record keeping

Another interesting thing to come out of MiFID II is the requirement that advisers record instructions and discussions with clients. Originally, this was intended to be recording telephone conversations and possibly videoing interviews. Both of these would involve considerable expense for advisers having to buy new systems to enable the collection and storage of these records.

This requirement was eventually watered down to advisers simply needing to take and keep notes of contacts with clients. This makes sense and would be good practice anyway. Surely, all advisers take notes when clients contact them? I was going through this with an adviser recently and was incredulous when she told me that she does not take notes. She relies on her memory! Wow! Having dealt with the adviser for a while, and experienced her confused arrangements, I am definitely recommending that she starts taking notes! Indeed, not taking notes may well put her business at risk as she will have no defence in the future if there is any dispute about a discussion.

General Data Protection Regulation

The EU’s General Data Protection Regulation (GDPR) is the result of four years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used.

Currently, the UK relies on the Data Protection Act 1998, which was enacted following the 1995 EU Data Protection Directive, but this will be superseded by the new legislation. It introduces tougher fines for non-compliance and breaches, and gives people more say over what companies can do with their data. It also makes data protection rules more or less identical throughout the EU. The GDPR will apply in all EU member states from 25 May 2018.

GDPR relates to the collection and maintenance of personal data and the requirement for data to be processed lawfully, transparently and for a specific purpose. Once that purpose is fulfilled and the data is no longer required, it should be deleted.

The first difference is that consent for the processing of data must be an active, affirmative action by the data subject, rather than the passive acceptance under some current models that allow for pre-ticked boxes or opt-outs.

The new legislation gives individuals the right to have their data deleted, this is known as the “right to be forgotten”.

This new transparency will cause many FSMA firms problems. For instance, how does the GDPR deal with the need of firms to maintain historical records? Pension transfer files need to be kept in perpetuity. Also, if firms get rid of old files, the defence against claims for poor advice becomes more difficult, if the old records no longer exist.

Insurance Distribution Directive

Originally, IDD was to be adopted in February 2018, but this has now been delayed to October 2018.

The Insurance Distribution Directive (IDD) is revision of the Insurance Mediation Directive (IMD), which was introduced by the FSA in 2005. Like the IMD, the IDD covers the authorisation, passporting arrangements and regulatory requirements for insurance and reinsurance intermediaries. However, the application of the IDD is wider, covering organisational and conduct of business requirements for insurance and reinsurance undertakings.

The IDD should provide an enhanced regime that ensures a level playing field for sellers of insurance, helping to prevent arbitrage with competing products and providing better protection for consumers when buying insurance. This should ultimately result in:

• consistent consumer protections across different distribution channels, preventing regulatory distortions of competition
• products being sold to consumers that better meet their needs, alongside improved product information, enabling consumers to have greater confidence in their insurance purchasing decisions

Main provisions

• requires brokers and employees of insurance companies that sell insurance to do at least 15 hours of training and CPD per year
• introduces new product governance requirements, which are largely in line with the FCA’s product governance requirements
• requires firms that sell insurance on a non-advised basis make sure that the product they are selling fulfils the customers most fundamental needs
• imposes new duties on insurance companies that are selling products through companies that are not authorised by the FCA
• requires general insurance firms in the retail and small corporate market to provide customers with Insurance Product Information Documents, which are similar to Key Features Documents.

So, the IDD is going to bring insurance sales and advisers in line with other financial services products. Weirdly, when I set up my own firm in 2000, I treated all products the same so that I would not need to remember which ones were regulated. I was 18 years ahead of the game and never knew it.

Senior Management & Certification Regime

The Senior Managers and Certification Regime (SM&CR) replaced the Approved Persons Regime (APR) for banks, building societies, credit unions and dual-regulated (FCA and PRA regulated) investment firms in March 2016. It is now being extended to FSMA authorised firms.

SM&CR will replace the Approved Persons Regime. The FCA is now consulting on how it will move firms and individuals to the new regime.

There are three key parts to the senior managers and certification regime:

• the Senior Managers Regime
• the Certification Regime
• Conduct Rules

These new regimes are likely to commence in mid-to-late 2019 and are the subject of consultations.

One of the main issues is that the current FCA register would be replaced by a register that only shows senior people within firms and not the individual advisers. The onus would be on firms to ensure that the advisers are – and continue to be – fit and proper to perform their duties.

Many clients, and the public in general, rely quite heavily on the FCA register to undertake due diligence on firms and advisers. I think that it would be a considerable client detriment if they were unable to check the authorisation of advisers. Indeed, I would go in the other direction and register all mortgage and protection advisers in addition to the diploma qualified advisers as I believe that this would increase accountability of the advisers.

Alternatively, the register of advisers could be outsourced to other bodies, such as CISI or PFS which already issue Statements of Professional Standing for advisers and have records of adviser qualifications. Personally, I would be more comfortable if the register remained under the direct control of the FCA, rather than an independent third-party, but there does need to be a public accessible register of advisers.

Adding them all together

Whilst each of these new ways of working will cause plenty of work for advisers, firms, compliance consultants and IT geeks, the end result should give the public more confidence in the financial services industry.

MiFID II is ushering in age of transparency for fund managers and also for platforms and advisers. The IDD brings in a more uniform method of dealing with insurance products. The GDPR gives clarity of how and why personal data is kept and gives clients more power in this respect. SM&CR gives greater accountability and responsibility for management of firms.

All of these together should greatly increase the chances of advisers Treating Customers Fairly. Somehow it is quite amazing that the principle of Treating Customers Fairly needs so much legislation for an activity that should really be second nature – as indeed it already is for so many professional advisers practising today.