The late Sir Edward George, when Governor of the Bank of England, was fond of the phrase “a stitch in time saves nine”. By which he meant, of course, better to act today to prevent a problem becoming bigger tomorrow. Moreover, as a keen yachtsman, “Steady Eddie” also knew the importance of a firm hand on the tiller.
A firm hand and the promise of pre-emptive action are what leap out from the FCA’s latest Dear CEO letter to payment firms (16th March 2023). Indeed, while the letter might, on the face of it, be read as merely a reiteration of messages that should be familiar to most firms in the industry we would argue that it is more significant than that.
The emphasis on three key messages or outcomes (keep your customers money safe, ensure you don’t compromise financial integrity and meet your customers’ needs) speaks to a heightened concern on the part of the FCA. Moreover, the letter puts firms on notice that the FCA’s approach will be notably tougher than before.
What is driving this heightened concern?
The FCA‘s letter talks of “tightening economic conditions and the cost-of-living crisis” but the timing is significant. Given that the letter came out a few days after the failure of Silicon Valley Bank it does not take a great leap of the imagination to conclude that clearly, and rightly, the FCA has concerns about financial contagion.
However, we would suggest that there is also a deeper, underlying issue to take account of. The FCA’s letter mentions that, generally, payment firms have come through the travails of the Covid pandemic in good shape and have proved to be robust. However, pointing out that macroeconomic conditions remain challenging, the unexpressed concern seems to be that while this may be true generally, some firms might have been left short of capital and liquidity and thus are ill prepared for a financial crisis that cannot be gainsaid.
The nightmare scenario for the FCA is a slew of payment firm failures where systems and controls prove to have been inadequate (particularly when it comes to safeguarding arrangements), leading to customer detriment and potentially creating a negative momentum of its own. Such an outcome would be reputationally damaging, not just for the payment services industry but for the FCA as well.
What does the letter expect firms to do?
Given the above it is unsurprising that the first of three key messages in the letter relate to keeping your customers money safe. This in turn is broken down into three priorities: safeguarding, prudential risk management and wind down planning.
In all three areas the FCA voices concerns based on what its supervisory activity is uncovering. In particular it is notable that the FCA calls out shortcomings in wind down plans, saying that many firms have not yet even created plans and that those that do exist and have been reviewed frequently fail to meet the FCA’s expectations, being over-optimistic and otherwise unrealistic and, consequently, inoperable.
The second of the three outcomes relate to ensuring firms don’t compromise financial integrity. The FCA is concerned that payment firms are a target for bad actors who might be tempted to target firms in an industry that they (the bad actors) perceive rightly or wrongly to be less secure and more vulnerable than traditional banks. With this in mind, the FCA reinforces the message around ensuring AML and sanction controls are appropriate and robust, and that timely action is taken to protect customers from fraud.
The letter then turns to the importance of firms meeting customer needs, which is as much as anything a reminder of the importance of implementing the Consumer Duty. The Consumer Duty sets new expectations for firms throwing the emphasis on the firm itself to demonstrate to the regulator that it is committed to good outcomes for consumers.
After this the letter sets out the FCA’s cross-cutting priorities (Governance, Operational Resilience and Regulatory) all of which further underpin the more specific messaging contained earlier in the letter.
The sting in the tail.
First, the implications for authorisations. This is simply and boldly stated as: “firms that submit poor quality applications are likely to find their applications either rejected or refused”.
No change there then, one might suppose but it does speak to a process that is only becoming more challenging, time consuming and resource intensive for applicants. However, this can hardly be a surprise if supervisory activity is uncovering faulty wind down plans, poor safeguarding practice and generally less than robust governance and control. This suggests potential applicants must be prepared to submit immaculate paperwork underpinned by robust financial projections and a realistic business plan.
Secondly, the importance of getting prior approval for Changes in Control from the FCA. This comes with a reminder of the consequences of not doing so. Consequences that include objecting to the transaction or indeed the use of the FCA’s prosecution powers.
Thirdly, the FCA also states (in the final paragraph of the letter) that where it identifies issues, it will take swift and assertive action to protect customers and ensure market integrity. This is consistent with its strategic commitment to do just this across its supervisory portfolio. One has only to consider the change of name from ‘Payments Supervision’ to ‘Market Intervention’.
While we would perhaps sympathise with those who believe they have heard this before, we suggest that firms need to take this statement extremely seriously and accept that they are operating in a very different regulatory environment to a few years ago: an environment in which the FCA will be keen to show it has addressed the perceived failings highlighted in the Gloster Report.
One final takeaway from the letter is the relatively brief paragraphs on ESG and Diversity and Inclusion. This sounds to us very much like a veiled warning from the FCA to payment firms to ensure that this issue is on the corporate agenda if it is not already. We would encourage firms to be pro-active and take up the offer to put forward views on how to improve diversity and inclusion in the industry. This is especially so if they wish to avoid finding themselves without agency as the FCA’s thinking on this matter evolves.
In conclusion, we believe an assertive and robust approach by the FCA is to be welcomed. First, it will weed out those poor quality firms (and prevent them from gaining access in the first place). Second, in doing so it can only strengthen the industry overall and enhance the reputation of the sector.
It is with this in mind that we believe responsible firms will not only take heed of the FCA’s letter but welcome it. If you would like to discuss any aspect of the FCA’s letter with our experienced Payment Services consultancy team, please do get in touch.
Contact Us
