Good tech is the answer to the vulnerable customer challenge
In February 2021, the Financial Conduct Authority (FCA) introduced comprehensive guidance aimed at ‘ensuring the fair treatment of customers in vulnerable circumstances. This was driven by the recognition that vulnerable people, because of circumstances such as poor health, financial instability, or negative life events, are particularly susceptible to harm if not “treated fairly”. The FCA’s guidance outlines actions firms should take to understand and address the needs of these customers, ensuring they receive “outcomes which are as good as other customers’”. The goal is to create a financial services environment where all customers, regardless of their circumstances, are treated fairly and with respect.
This requires firms to:
- Understand everyone’s characteristics and to mitigate any potential harms.
- Monitor the consumer through the lifetime of the product/service.
- Report on outcomes of vulnerable cohorts, compared to the resilient, for Consumer Duty reporting.
- Assess and report on the fair value received by vulnerable cohorts, compared to the resilient.
- Maintain evidence of the above.
None of this is easy. The first challenge is how to identify those customers who are vulnerable. Firms are attempting to do this in several ways, dividing them into indirect, or reactive, methods – essentially assessing current data sources – and direct, or proactive, methods – engaging directly with the consumer.
While it’s true that there is a lot of financial data available which can infer financial vulnerability, this is only part of the picture – there is minimal information available on health and lifestyle. Focusing on only financial data provides a woefully incomplete picture. Indirect approaches are largely limited to financial characteristics; the only practical way to obtain health and lifestyle information is to engage directly with consumers. This is very successful. Firms can obtain good information, directly from consumers, using voice analytics, face-to-face meetings or calls, voice calls, questionnaires and similar approaches.
AI is heralded as a silver bullet – but in the absence of a library of vulnerability data on which to train the AI model, this is currently little more than wishful thinking.
We know that around 50% of people are vulnerable at any one time. The only way to identify that 50% is to assess everyone. Far too many firms began by using reactive methods – waiting for customers to inform them of their vulnerabilities or waiting for vulnerabilities to be identified at points of interaction. These approaches are seldom adequate – identifying few people – so most firms are looking to be both more proactive and thorough in their assessment methodologies.
Once we identify vulnerabilities, the next challenge is how to classify and store the data – with around 100 characteristic data points, each having a range of severities, there is a lot of data on which to base an assessment. If undertaken manually, understanding (and therefore assessment) is subjective – and many early approaches used text descriptions. These are inconsistent and difficult (if not impossible) to use structurally for assessment, management and reporting. Proprietary lexicons of vulnerability bring an objective assessment methodology which delivers consistent data. One such system is the MorganAsh Resilience System (MARS).
After identification and classification, there is the thorny challenge of GDPR. We need to restrict data to only those who need it, while communicating vulnerabilities across firms so that mitigation strategies can be used. Many firms have yet to resolve this. The solution is to code, classify and communicate characteristics – and mitigating strategies – so that an individual’s personal data is not openly passed around.
The next challenge is how to mitigate customers’ vulnerabilities. Many solutions are obvious, and, with flexibility, these can be implemented by front-line staff. However, this approach is too limited to be successful. There is a vast number of mitigations strategies that might be appropriate, vast numbers of consumer groups to signpost to – and firms may have different appetites for customer service for different groups. It’s unrealistic to expect busy staff to be experts in all vulnerabilities and mitigation paths. Again, systems are required to deliver consistency and scalability.
A further development is how vulnerability data is shared between firms. In an intermediated market – which is most of the financial services industry – manufacturers’ products are sold via intermediaries. Typically, intermediaries have contact and relationships with consumers, while the manufacturer maintains the product – often over multiple years. To meet the monitoring obligation, either the intermediary and the manufacturer undertake separate vulnerability assessments, or they collaborate and share information. The industry has been slow on this, with minimal discussions between groups.
While customer vulnerability is a very human issue, for it to be managed it needs data – and systems to support this data. The good news is that this is already happening. Vulnerability tech systems are already in place and working well – and pioneering the new discipline of vulnerability management.
Want to read the full report? Visit https://www.
Johnny Timpson OBE, Chairperson, MorganAsh
