In the drive to identify and manage vulnerable consumers, many firms have directed effort towards training frontline staff. This is logical – it was a suggested approach within vulnerability guidance. But there’s an issue: training alone is insufficient – particularly for financial advisers and mortgage brokers. In reality, the use of technology is likely to be far more cost effective.
As one compliance officer said recently, “Although we put all our advisers through SOLLA training, when we subsequently undertook an audit, we discovered that we had still not identified vast numbers of vulnerable people”.
Why did this training – and training like it – not work, or at least not work to anything like the expected degree? Why is this particularly true within the financial adviser community? The reasons for this are becoming apparent.
First, there are many characteristics and circumstances that can lead to a consumer being vulnerable – and there are ranges of severity for each characteristic. What’s more, the potential for harm is different depending on the products of concern. Training every adviser on each characteristic, and when it requires an appropriate action, is a considerable task. Indeed, MARS, the MorganAsh Resilience System, measures over 400 variations of these.
GDPR requires us to only record any data we need for our purposes, while Consumer Duty requires us to assess consumer vulnerability in proportion to potential harms and monitor the data over time. There is clearly a balance to be achieved – and firms are agreeing the amount (and granularity) of data to collect and store, in proportion to the potential harm. Financial products can be a proxy for potential harm: for example, the potential harm for a defined benefit transfer is far higher than for a life insurance product.
With a training-only approach, policies are written, and each adviser must be trained on what the level of detail is appropriate to collect for each product. Without this, there can be large variations in the amount of detail collected and stored – which could result in issues should a poor outcome or just a claim be pursued later.
GDPR also provides us with a further challenge – because only those people who need to know should see the data. Equally, all employees (and indeed anyone associated with providing advice) need to be aware of a consumer’s vulnerabilities, including if they just phone in. An understanding of a consumer’s mental health is a particular point – on the one hand we need to keep this detail confidential, but we also need to ensure our staff our aware of the person’s characteristics.
MorganAsh generates a Resilience Rating – much like a credit score for vulnerability – for several reasons. One of these is to enable the communication of issues across organisations with different levels of detail. At its top level, a simple rating gives an immediate guide if there is a vulnerability issue and its severity, determining where a client sits on a scale from very vulnerable to very resilient. For example, if the rating is low, the employee is going to be empathetic, whereas a higher rating is going to be fine.
At the next level, the Resilience Rating is shown at its primary characteristic level – health, wealth, life events, financial understanding, engagement capability and support network. The next level down then gets into more detail on each of these categories – health being divided into mental health and physical health, for example. Firms can determine who sees what level of detail, depending on their role within the organisation. Everyone (and indeed support firms) could see the high-level rating (as there is no personal information divulged), but there is a good indication of vulnerability. This overcomes the GDPR versus Consumer Duty conundrum of having enough information to meet Consumer Duty while keeping information confidential.
Next, there is effectively an infinite number of mitigating strategies and support organisations to signpost to. These include local and national organisations, charities for health, powers of attorney, debt, domestic abuse and so on. Again, a great deal of training is required to understand where best to send people – and what those places are.
This is a great deal of detail on which to provide training. While it may well be suitable for customer service agents in a call centre who are solely focused on discussions with consumers, this is undeniably a big overhead for financial advisers who already have a large training overhead to keep up with financial, tax and regulatory changes. It’s arguably not their core skillset – and trying to convert advisers to doing this is probably unrealistic.
One provider promotes a one-page paper vulnerability assessment tool. At first glance, it looks easy to use, but its first item is: ‘I have considered how the client is assessed against our vulnerability policy’. To comply with this first question requires extensive training. The simple looking table actually has 80 assessment decisions to be made including the ‘fair treatment of clients in vulnerable circumstances capacity’ with advisers choosing red, amber or green.
We would not expect a medical professional to make triage decisions on a person’s financial health, so it’s slightly bizarre that we expect to train financial advisers to make these medical decisions.
Finally, firms have different tolerances and attitudes for different products – in terms of what they should, and should not, do in a particular circumstance. Documenting this alone is a massive task – never mind subsequently training all advisers.
When the genuine scope of the training need is understood, it becomes clear that expecting advisers to learn and remember all of this detail is such a massive undertaking that, in practice, it is unrealistic. It is not surprising that it isn’t working as expected.
While it is true that advisers and brokers have looked after vulnerable consumers all their professional lives, Consumer Duty has considerably moved the goalposts on the scope of vulnerabilities that must be considered, how these are evidenced and the required actions. As an industry, we can no longer be concerned just with financial vulnerabilities. We have to factor in all potential vulnerability issues – including health and lifestyle, domestic abuse, divorce, learning difficulties and so on.
Fortunately, there are now dedicated systems – such as MARS, from MorganAsh – which can overcome this apparent training overhead. These systems help to identify vulnerabilities, keep records for evidence and make recommendations on suitable treatments at the appropriate time. The information is always at advisers’ fingertips, whenever they need it, they don’t need to remember it or make difficult decisions on severity of vulnerable issues, how much data is required, GDPR, and how much data should be communicated to whom.
The way legislation was presented is partially to blame for directing people towards training. It’s not the only relevant change. The original vulnerability guidance, FG 22/1, promoted one-to-one assessment for consumers purely on a reactive basis – whereas Consumer Duty significantly upgrades this, requiring the proactive assessment of all customers, monitoring them over the lifetime of their products – and the need to maintain evidence of all this.
There is a need for training – but we should re-focus this on organisational culture, the use of available systems – and the soft skills needed to engage with consumers under difficult circumstances.