With Consumer Duty preparation in full swing, a lot of focus has been on delivering the four outcomes. But equally important are the three cross-cutting rules and advisers will need to think through the foreseeable harm rule in particular.
Advisers need to be able to evidence how they are delivering good outcomes for all clients and that includes protecting them, as far as possible from things which might go wrong – or harm...
The Consumer Duty contains a formal requirement. PRIN 2A.2.8 states:
'A firm must avoid causing foreseeable harm to retail customers.
Foreseeable harm may be caused by both act and omission, in a firm’s direct relationship with a retail customer or through its role in the distribution chain even where another firm in that chain also contributes to the harm.'
So advisers need to look up and down the distribution chain to check for foreseeable harms – what might go wrong? And that includes doing detailed due diligence on the providers they use – exactly what the FCA said in 2016 about the need to:
'assess… the provider... to establish whether [it’s] appropriate to entrust the provider with client assets.' (TR16/1)
A thorough due diligence process is not about product features or options (that’s “research”, according to TR14/5), it’s about understanding the product or service in depth and then looking in detail at the provider, asking yourself “what might go wrong?” And “is it appropriate to entrust this provider with client assets?” This is true whatever solution you are recommending be it a platform or a discretionary manager.
Over the years, the FCA has issued numerous Dear CEO letters and Thematic Reviews, each identifying potential risks to consumers.
If the FCA has highlighted possible risks of harm, it may be difficult for an adviser to say that such harms are not foreseeable…
So what should advisers be looking for, and how do you go about it? The areas of concern will vary depending on the type of product or service being recommended and size and nature of the provider, but fundamental questions might include:
- How securely are client assets held?
Who’s the custodian? If it all goes wrong, what are the FSCS or insurance protections? What information do you obtain on the custodian? Do you seek information on the results of CASS audits, for example? - How secure is the provider?
Do they have the financial and people resources to deliver to your expectations? - How resilient is the provider?
What might happen to cause significant damage to their business? Technology failure? Cyber-attack? Data breach? - How robust is their governance and oversight framework?
- What’s their approach to risk management?
Addressing these concerns, and others, involves asking searching due diligence questions, engaging with the responses, and checking that you’re happy with the responses. That takes time, but a tool like DD|hub streamlines the process, with a library of true due diligence questions alongside responses from a wide range of providers. This removes huge amounts of hassle.
The FCA guidance also makes clear that assessing the risk of harm is dynamic – advisers will need to monitor for emerging trends that identify new sources of harm. This could include FCA supervisory activity and changes to regulatory requirements, so advisers also need to monitor providers on an ongoing basis, which is why DD|hub has a ‘follow’ feature to alert you when a provider updates their responses
Alongside the FCA, the Financial Ombudsman Service has also been commenting on due diligence – or the lack of it – when making decisions, making it even more important that advisers can produce evidence of their due diligence process.
They need to be able to show why particular solutions or providers were recommended.
Whilst Consumer Duty may be the catalyst, any adviser wanting to deliver good consumer outcomes will be thinking about – and aiming to protect clients from – foreseeable harms. It means looking carefully at third party providers, but the right technology makes it much easier.
