Conduct risk under the spotlight: UK financial institutions face ever greater Covid-19-related regulatory scrutiny

In 2020, at the height of the pandemic, we considered that regulatory reckoning would focus on three areas: market conduct risks, retail conduct risks and SME lending decisions in the context of government loan schemes. Several months on, and with the virtual working environment now “business as usual” for many banks and financial institutions, we revisit these likely areas of scrutiny to consider developments and manifestation of these risks so far.

Market conduct risks

Misconduct risk may well be heightened because of remote working, and firms have been encouraged by UK regulators to pay attention to these increased risks. During the pandemic, there has been increased use of encrypted communication applications (apps) such as WhatsApp for sharing potentially sensitive information. This presents significant conduct risks as firms have historically been less focused on monitoring these communications.

FCA Market Watch 66 sets out the FCA’s expectations that firms must continue to comply with the recording obligations in SYSC 10A, which apply to conversations and communications made with, sent from or received on equipment used for business purposes. Firms will therefore need to ensure that if apps are used for in-scope5 activities on business devices, they are recorded and auditable.

From a conduct risk perspective, without effective recording and monitoring controls, there is a real risk of loss of monitoring and surveillance capability, and also, potentially, a loss of evidence to resolve transactional disputes between a firm and its clients, to help detect and deter market abuse and to facilitate enforcement.

In addition, the FCA mandates that firms should be able to evidence that they have recording policies and procedures that meet the recording rules and have been updated for home working arrangements. Where new technologies are permitted and amended policies and controls are introduced, firms are expected to provide accompanying enhanced training to staff covering the use of new technologies and the conduct risks arising.

The FCA has taken enforcement action against individuals and firms for misconduct involving the use of WhatsApp and other social media platforms to arrange deals and provide investment advice.

In a different market conduct risk area, market abuse proceedings against former hedge fund manager Corrado Abbattista resulted in a Final Notice dated December 2020 disclosing the GBP100,000 penalty and prohibition order levied by the FCA against Abbattista for market manipulation.

In a recent speech relating to market abuse, the FCA’s Director of Enforcement and Market Oversight, Mark Steward, highlighted that the regulator had increased its proactive market monitoring during the pandemic. Notable measures include a new approach to short-selling reporting – which speeds up validation, introduces automated alerts and enables short-selling positions to be reported on the FCA’s Electronic Submission System (ESS) – and a new measure for market cleanliness, the Potentially Anomalous Trading Ratio (PATR), which focuses on the underlying trading behaviour around specified price-sensitive announcements and assesses whether the behaviour can be deemed anomalous.

In parallel, the FCA affirmed that suspicious transaction and order reports (STORs) remain vital sources of information and that STORs being received have remained high quality over the pandemic.

Retail conduct risks

The FCA’s recent “Dear CEO” letter to retail banks highlighted that the key risks of harm over the next two years will be shaped by the economic and social impact of the pandemic, the challenges these present to the retail banking sector and, crucially, that sector’s responses to the challenges.

At the top of the list of priority areas of focus outlined by the FCA for supervision of retail banks is ensuring the fair treatment of retail borrowers, including those in financial difficulties. The FCA expects retail banks to put appropriate governance and oversight in place to balance the needs of customers and shareholders in product and lending decisions, and to deliver the forbearance and other protections provided under the rules and guidance (such as CONC 6 and 7, MCOB 13 and the Payment Deferral Guidance issued by the FCA in relation to consumer credit customers) to those retail customers in financial distress as a result of circumstances relating to the pandemic. Since March 2020, the FCA estimates that 4.5 million payment deferrals have been effected across mortgages and consumer products under the Payment Deferral Guidance.

In September 2020, the FCA published its Tailored Support Guidance aimed at moving retail customers from temporary payment deferrals to tailored support, and covering three areas of retail lending: mortgages, consumer credit and overdraft customers. The FCA expects that if this guidance is applied by banks, then customers should not be pressured into repaying their debt within an “unreasonably short” period of time, and should be allowed sustainable arrangements, which take into account other debts and essential living costs, to give them a reasonable opportunity to repay their debt.

Retail banks should ensure they recognise customer vulnerability and respond to the particular needs of vulnerable customers. Indeed, the FCA recently released its finalised Guidance for firms on the fair treatment of vulnerable customers, setting out details as to what is expected of firms to ensure they treat vulnerable customers fairly.

On 25 March 2021, the FCA published the findings from its review of the implementation of Tailored Support Guidance by mortgage lenders and consumer credit firms since November 2020 and the operational readiness of firms to support customers in financial difficulty. Firms are advised to read this report and to consider whether changes are required to their policies or processes as a result.

What will be deemed reasonable (and unreasonable) in the context of retail banks’ forbearance during the aftermath of the pandemic is not yet fully tested. In the meantime, banks should consider the FCA’s latest findings in detail, give careful thought to their forbearance policies and ensure consistent and fair – and well documented – decisions in this difficult and challenging area.

Conduct issues in relation to debt collection under BBLS

As a result of the focus on speed of delivery of loans through the government’s Bounce Back Loan Scheme (BBLS), Coronavirus Business Interruption Loan Scheme and Coronavirus Large Business Interruption Loan Scheme, UK taxpayers may have been exposed to significant losses in the region of between GBP15 billion and GBP26 billion.
Most losses will be a result of credit losses but there may also be significant losses resulting from fraud.

One of the features of BBLS is that lenders were expected to pay out funds within 48 hours of application. Although banks were required to carry out their usual anti-money- laundering checks, they were not able to carry out enhanced due diligence on those applications, and even the standard credit and affordability checks that would usually be carried out were not required.

Applicants, in effect, self-certified that the information they were providing on their application was true and that they met the criteria. Inevitably, perhaps, BBLS was vulnerable to high risk applicants and fraudsters.

The first companies and individuals to be investigated and prosecuted face significant reputational damage, in addition to criminal penalties. However, from the lenders’ perspective, many of those SMEs to which loans were made are, sadly, expected to default. In such circumstances, lenders should be aware that debt collection under BBLS is a regulated activity if the borrower is a sole trader or a small partnership.

In January 2021, the FCA issued finalised guidance for firms collecting payments under a Bounce Back loan. The FCA expects firms to treat customers with forbearance and due consideration in line with CONC 7 and the Lending Standards Board’s Standards of Lending Practice for business customers. “Pay As You Grow” options are also available to all BBLS borrowers. The FCA reminds firms that where they use a third-party debt collection firm to collect payments under BBLS loans, they must also comply with guidance on outsourcing in SYSC 8.1 and lenders must oversee the conduct of these third parties as set out in CONC 7.13.