Protecting Consumers – What Does the Consumer Duty Mean for Money Laundering Reporting Officers (MLROs)?

Danger, risk, breach, leak, scam, fake, fraud, theft — all words which plague consumers’ experience of financial services. As the cost-of-living crisis envelops the U.K. and the amount of vulnerable people increases, the volume of various frauds, scams and other consumer-focused financial crimes are on the rise. Firms might perceive that consumers lack understanding and are naïve, making themselves an easy target for fraud — or that consumer protection is beyond the scope of their Financial Crime Programs. However, combatting fraud or any other form of acquisitive crime that is detrimental to consumers is a regulatory responsibility. Firms that increase their capacity to protect their customers in compliance with the requirements of the Consumer Duty may also increase their bottom line.

Consumer trust across financial services has diminished over time with the onset of various banking crises. Millions of consumers fall victim to financial crime every year. Polling suggests only 29% of U.K. citizens trust longer-term financial products, and the number of Suspicious Activity Reports (SARs) reported in the U.K. grew 20% from 742,317 to 901,255 between 2021 and 2022 — the NCA categorized a large number of SARs as relevant to organized fraud in 2020, and in 2022 identified increased cases of fraud against members of the public as a “new” “key challenge”. In the wake of expanding consumer vulnerability, updated guidelines and regulations have begun to appear.

Regulatory Response

Britain’s Financial Conduct Authority (FCA) published a new Consumer Duty which will apply to all new products and services from 31 July 2023. The guidelines aim to reduce and prevent the harm caused by firms via more comprehensive regulations and standard setting. Three core elements enshrine these aims:

• A 12th Consumer Principle.
• The Cross-Cutting Rules.
• The Four Outcomes.

The new Principle 12 states that “a firm must act to deliver good outcomes for retail customers”.

Three “Cross-Cutting Rules” underly Principle 12 and clarify the FCA’s expectations of the behaviours and standards of conduct required under the new Principle, stating firms must:

• Act in good faith towards retail customers.
• Avoid foreseeable harm to retail customers.
• Enable and support retail customers to pursue their financial objectives.

The rule to “avoid foreseeable harm to retail customers” speaks to the role that Money Laundering Reporting Officers (MLROs) can play in Consumer Duty compliance. They can do this by ensuring adequate systems and controls are in place to “protect consumers from harm” by preventing and detecting financial crime committed on the firm’s platform, or via the firm’s products and services. 

The Cross Cutting Rules help firms interpret the FCA’s “Four Outcomes” that dictate the conduct of firms across four key areas which define their relationship with the consumer:

• Governance of products and services.
• Price and value.
• Consumer understanding.
• Consumer support.

The Cross Cutting Rules and Four Outcomes work in tandem to set clear expectations of a firm’s culture and behaviour.  The rules apply to both retail and wholesale firms who market or sell products to retail consumers, either directly or indirectly. 

Bad for Business

The impending Consumer Duty has consolidated the FCA’s commitment to raise the bar on standards of consumer protection across financial services and to put the needs of the consumer first. The new Duty places particular emphasis on vulnerable customers, or those who may be at a greater risk of harm from the action or inaction of a firm. The new FCA guidelines confirm that firms can no longer pay lip service to consumer protection and must demonstrate they proactively identify potential points of harm in the consumer’s journey.  A proactive approach is encouraged both to ensure compliance when the Duty takes effect and to increase consumer trust in firms’ financial services — which will in turn mean an increase in financial services business.

In the face of a cost-of-living crisis, to comply with the new Consumer Duty, firms are expected to review and calibrate financial crime controls to ensure they can address emerging financial crime threats facing not just the firm but also its retail customers. For example, is the firm doing enough to raise awareness of emerging crimes such as Authorized Push Payment (APP) fraud, Account Take Overs (ATO), investment frauds, pension scams or unauthorized use of credit cards?  An affirmative answer to these questions from firms means consumers should be more secure and will feel more confident in the U.K.’s financial services sector.

Falling victim to fraud lowers consumer trust in legitimate financial products and services. Without trust in traditional financial institutions, vulnerable consumers become more susceptible to criminals whispering honeyed words of “simple”, “no paperwork” or “no account needed” financial services primed to defraud the consumer of their pension pot or charge ludicrous transaction fees.  Low consumer trust can be created when firms are negligent in their approach to consumer protection and think it is solely the consumer’s responsibility, or when consumer protection is outside the remit of financial crime specialists. This attitude does not align with the FCA’s guidance and could foster an environment which breeds financial crime and proves harmful to the consumer — a firm’s failure to consider the Consumer Duty from a financial crime perspective could enable the economic abuse of vulnerable customers by criminals.

To adhere to the FCA’s Principles, firms must engage with financial crime prevention anywhere where the firm has a nexus with consumers. Therefore, regardless of the relationship consumer protection has with the bottom line of a business, it is squarely the responsibility of the firm to protect consumers from harm through financial crime.

How Should MLROs React?

As the appointed person and holder of the FCA’s Senior Management Function (SMF17), it is the duty of the MLRO to react to the FCA’s guidance and translate the Consumer Duty guidance into useful actions their firm can take to minimize consumer harm through fraud and other financial crimes. MLROs should assess Consumer Duty and determine what changes they need to make to their existing Financial Crime Framework.

MLROs can improve the existing Financial Crime Framework by incorporating three amendments:

• Customer-oriented internal gap analysis and feedback loops.
• Improved customer awareness.
• Expanded internal training and culture.

Operationally, MLROs can integrate the new Consumer Duty into their existing financial crime framework by identifying where consumers fall victim to financial crime, investigating these cases thoroughly and taking appropriate action to incorporate the learnings into new or updated controls and procedures.  MLROs should also monitor news reports and publications from the National Crime Agency, CIFAS and others to identify emerging fraud and financial crime typologies that target consumers and take steps to strengthen their firm’s prevention and detection capabilities, where possible.

The FCA’s expectations of firms under the Consumer Duty echoes the core messaging of existing guidance. The official handbook lays out broad instructions such as asking firms to “put consumers at the heart of their business and focus on delivering good outcomes for customers”. This expectation guides the operational response of the MLRO as follows:

• Implement controls to prevent consumers from being victims of financial crime.
• Find where customers are victims of financial crime, identify a gap in controls and procedures, investigate and take appropriate remedial action, and then feed this back into the Financial Crime Framework for continuous improvement.  
• Consider internal and external SARs since they may provide additional information on internal control weaknesses or failures with products and services. SARs provide the MLRO an abundance of valuable data and intelligence to feed back into their Financial Crime Framework to improve consumer protection.

A conscious inclusion of consumer protection assessments into existing gap analysis, assurance activity and operational feedback loops can help to quickly upgrade a Financial Crime Framework to comply with Consumer Duty. For full effect, such operational actions can be implemented in conjunction with updated training and customer awareness campaigns.

Increased customer awareness of fraud and other forms of acquisitive crime helps improve consumer protection and can build trust between consumers and financial institutions. Lessons can be learned from campaigns initiated by the larger retail banks where interactive customer awareness resources are easily accessible. MLROs should partner with their regulatory compliance colleagues to flag consumer protection as a firm-wide mission; MLROs can help the business understand the full extent of financial crimes which can endanger consumers and help them to understand the FCA’s requirements for Consumer Duty through a financial crime lens. MLROs have the added responsibility of ensuring that their Board of Directors are appropriately informed of the additional responsibility, which can take the form of inclusion in the MLRO report submitted to the Board.

Training is a foundational pillar of any financial crime framework. Aspects of consumer protection and the new Consumer Duty can be integrated into firms’ pre-existing AML/CTF training programs — the MLRO can translate the FCA Consumer Duty requirements and guidelines into practical and consumable training resources. Folding aspects of consumer protection into existing training equips employees to fight financial crime and protect consumers from harm; educates customers interacting with customer-facing staff; and breeds a working culture which values consumer confidence and is vigilant in preventing the economic abuse of consumers.

The new Consumer Duty is not a set of recommendations which financial crime experts can ignore, but instead requires careful thought and resolute action from MLROs and their functions. Training, awareness and operations can all be updated to meet the FCA’s guidance “to deliver good outcomes for retail customers”. The guidelines emphasize that the consumer nexus is an avenue for financial crime. Translation of the Consumer Duty through operational actions, training, awareness and culture ensures MLROs can effectively and proactively integrate the new Consumer Duty into their financial crime programs.

Visit our anti-financial crime – risk management and compliance page and learn how we can help your firm navigate the impending Consumer Duty by providing an end-to-end health check of a firm’s financial crime systems and controls.