COVID-19 has placed both financial services providers and their customers under significant pressure. The number of customers needing extra support has risen. The urgent need to roll-out initiatives such as the Business Interruption Lending Scheme has led to financial services companies rapidly defining and deploying policies and process and repurposing staff to new roles. Given the pace at which these changes have been executed, the risk of customer detriment is significant.
Below, I’ll set out in this post some of the Conduct and financial crime risks the sector may be facing, and some thoughts as to how best to respond.
What are the key risks?
The implications of capital payment holidays and the terms of the different Business Interruption Loan schemes may not have been fully comprehended by customers. Anecdotal evidence suggests that some (perhaps many) customers of the Coronavirus Business Interruption Scheme (CBILS) view the 100% government guarantee as a grant which they do not need to repay. This could cause challenges for financial services companies when the time comes to receive payments if customers feel they were not adequately informed of their commitments.
Creditworthiness checks have been relaxed for the Business Interruption schemes. The Financial Conduct Authority also provided guidance that mortgage payment holidays should be approved unless it can demonstrate it is reasonable, and in the customer’s best interest, to do otherwise. The reduced levels of due diligence conducted in these cases increases the likelihood that customers have taken on lending or increased monthly mortgage payments that they are unable to afford. This may result in criticism of the banks that they did not apply prudent lending criteria or appropriate affordability requirements.
Customers who have incorrectly had their applications for additional support declined may have experienced financial detriment. In some cases, customers may have entered arrears or liquidation after their application for support was declined.
The scheme rules and guidelines have not remained static during the crisis. This makes it challenging to ensure the consistent treatment of customers and ongoing adherence to latest rules. Non-compliance may have led to customer detriment and regulatory censure, as well as impacting lenders’ abilities to claim on the government guarantee in the event that customers default on repayments. This will apply particularly if firms cannot provide a recorded rationale for any decisions made.
Anti-money laundering (AML)
Many financial services institutions were already facing challenges in reviewing and dispensing high volumes of know your customer (KYC) /customer due diligence (CDD) and transaction monitoring alerts. These processes may have become even more challenging as screening of customers has been de-prioritised (or in some cases partially switched off) due to limited staff availability.
Furthermore, some customers have experienced lifestyle and employment changes which have fundamentally altered their transactional profiles. Usage of cash has also changed significantly. These factors may have reduced the relevance of existing detection scenarios and the effectiveness of transaction monitoring systems, potentially generating large volumes of false positive alerts.
The increasing numbers of businesses in financial distress may also have resulted in acceleration in the rate of corporate ownership changes. Financial crime operations may also have been disrupted by reduced staff availability and remote working, so financial services companies may have seen capacity reduce just as demand for KYC/CDD resources has increased.
How do you need to respond?
Given the number of potential Conduct and AML factors in play, plus their potential scale, it is important that financial services companies try to get to grips with these issues now. Decision-makers need to start by understanding their biggest areas of risk. Then they can prioritise their actions and determine how they will tackle them.
Key initiatives they should consider include:
- Policy and process reviews to identify potential systemic failings.
- Review of customer communications and of guidance given to customer-facing staff to improve the clarity of messaging to customers.
- Interrogation of complaints data and data sourced from other customer touchpoints to gain early line-of-sight of potential issues.
If potential remediation requirements are identified, the following steps should then be considered:
- Quantifying the potential issue by identifying impacted customers.
- Estimating the level of effort required to manage the remediation and putting in place the level of resourcing needed to respond, using third party suppliers where necessary to given additional / surge capacity.
- Starting to define your remediation policy and process and putting in place / configuring the required technology solutions (data repositories; workflows; redress calculators).
KPMG can work with you in all aspects of remediation: helping you identify and prevent Conduct and AML issues; mobilising and running remediation operations, both within your environment and in an outsourced model, using KPMG Managed Services; and transforming your BAU operations post-remediation to identify and rectify root causes. Please get in touch if you would like to discuss.