|
The latest Regulatory Alert from Moore Stephens, designed to keep you up-to-date with the latest requlatory developments in the insurance industry.
Contents
- Changes to Financial Services Compensation Scheme (FSCS);
- Director banned for inadequate control and business wound up;
- HSBC fined over £3m for information security failings;
- New rules for Approved Person;
- CEIOPS releases its second set of advice on Solvency II Level 2: implementing measures.
Changes to Financial Services Compensation Scheme (FSCS)
The FSA has published proposals that will enable people to see how firms handle complaints, including; the number received, services covered and speed of resolution. The proposals would see firms publishing their own complaints data every six months and the FSA would publish results from the whole sector twice a year.
It is proposed that firms will need to provide contextual information such as the number of complaints per 1000 customer accounts and those firms receiving the largest number of complaints will publish information on:
- how many complaints they have opened and closed;
- the percentage closed within eight weeks;
- the percentage of complaints upheld.
Dan Walters, the FSA’s director of retail policy and conduct risk, said ”Publishing complaints data will mean that people can learn more about how firms handle complaints and the frequency with which they arise. We also consider that publishing this information will incentivise firms to deal more effectively with complaints and help to raise industry standards in this important area.”
The proposals are part of a number of steps the FSA is announcing to improve transparency, building on the discussion paper published in May 2008. The FSA is inviting comments on its proposals relating to the publication of firms’ complaints data and the closing date for responses is 30 October 2009.
Director banned for inadequate control and business wound up
The FSA has prohibited Graham Darby, Director of insurance broker Ambrose Darby, for failing to control the business of the firm adequately. The order bans Darby performing significant influence functions at any authorised financial firm.
It was found that Darby, who was diagnosed in July 2008 with a severe medical condition, did not have a full understanding of the firm’s responsibilities about handling clients money and did not conduct client money reconciliations as required. Part of the findings were:
- there were no systems and controls in operation at the firm to manage the receipt of monies from customers or, to effect, the payment of premiums to insurance providers;
- it appeared at one time that Ambrose Darby owed insurance providers £83,814.71 and was owed £61,961 from customers (some of which had been outstanding for more than 90 days);
- due to Darby’s medical condition and the absence of structured systems and controls, the firm lacked adequate resources from both a financial and personnel point of view. Following the diagnosis of his illness, he did not seek assistance to deal with his business affairs.
Margaret Cole, the FSAs Director of Enforcement said, “The FSA is sympathetic with regard to Darby’s medical condition, but the consequence nonetheless was that it was unclear both to customers and providers who was responsible for the day-to-day operation of the firm while he was absent. This was unacceptable.”
Ambrose Darby is currently in liquidation and is no longer authorised to conduct regulated business.
HSBC fined over £3m for information security failingsThree HSBC firms were fined over £3 million by the FSA, for not having adequate systems and controls in place to protect their customers’ confidential details from being lost or stolen. These failings contributed to customer data being lost in the post on two occasions.
HSBC Life UK Limited (HSBC Life) was fined £1,610,000, HSBC Actuaries and Consultants Limited (HSBC Actuaries) was fined £875,000 and HSBC Insurance Brokers Limited (HSBC Insurance Brokers) was fined £700,000.
During its investigations, the FSA found large amounts of unencrypted customer details were sent via the post or couriered to third parties and confidential information about customers was left on open shelves or in unlocked cabinets. The FSA also found that staff were not provided with sufficient financial crime training, such as how to identify and manage risks like identity theft.
Margaret Cole, director of enforcement at the FSA said, “These breaches are very disappointing. All three firms failed their customers by being careless with personal details which could have ended up in the hands of criminals. It is also worrying that increasing awareness around the importance of keeping personal information safe and the dangers of fraud did not prompt the firms to do more to protect their customers’ details”. She went on to comment that identity theft is a major concern and “firms must ensure that their data security systems and controls are constantly reviewed and updated to tackle this growing threat.”
HSBC fined over £3m for information security failings
Three HSBC firms were fined over £3 million by the FSA, for not having adequate systems and controls in place to protect their customers’ confidential details from being lost or stolen. These failings contributed to customer data being lost in the post on two occasions.
HSBC Life UK Limited (HSBC Life) was fined £1,610,000, HSBC Actuaries and Consultants Limited (HSBC Actuaries) was fined £875,000 and HSBC Insurance Brokers Limited (HSBC Insurance Brokers) was fined £700,000.
During its investigations, the FSA found large amounts of unencrypted customer details were sent via the post or couriered to third parties and confidential information about customers was left on open shelves or in unlocked cabinets. The FSA also found that staff were not provided with sufficient financial crime training, such as how to identify and manage risks like identity theft.
Margaret Cole, director of enforcement at the FSA said, “These breaches are very disappointing. All three firms failed their customers by being careless with personal details which could have ended up in the hands of criminals. It is also worrying that increasing awareness around the importance of keeping personal information safe and the dangers of fraud did not prompt the firms to do more to protect their customers’ details”. She went on to comment that identity theft is a major concern and “firms must ensure that their data security systems and controls are constantly reviewed and updated to tackle this growing threat.”
New rules for Approved Person
The FSA has confirmed an extension of the Approved Persons regime for those that perform a ‘significant influence’ function at firms.
In its Supervisory Enhancement Programme (SEP), the FSA stated that it would place greater emphasis on the role of senior management, including Non-Executive Directors (NEDs).
In the FSA’s policy statement, it sets out changes to the Approved Persons regime which improves the FSA’s approach to ‘significant influence’ functions by ensuring that those likely to exert a significant influence on a firm fall within the scope of the Approved Person regime. In particular, the FSA has:
- extended the scope and application of CF1 (director function) and CF2 (non-executive director) to include those persons employed by an unregulated parent undertaking or holding company, whose decisions or actions are regularly taken into account by the governing body of a regulated firm;
- extended the definition of the significant management controlled function (CF29) to include all proprietary traders who are not senior managers but who are likely to exert significant influence on a firm;
- amended the application of the Approved Persons regime to UK branches of overseas firms based outside the EEA.
The original proposal included clarifying the role of NEDs to make clear that the FSA will look at NEDs more closely where it believes they should have intervened more actively within a firm’s management.
The Director of Permissions, Decisions and Reporting Division, Graeme Ashley-Fenn, said “It is important that directors and senior managers at firms understand their regulatory obligations and have the relevant competencies and experience to carry out their roles with integrity.”
Before making a final decision on this issue, the FSA wishes to consider the relevant recommendations of the Walker Review and the Financial Reporting Council’s review of the Combined Code. These results will be published in a further consultation paper on governance which the FSA expects to publish in Q4 2009.
These changes will come into effect on 6 August 2009 with a transitional period of six months. Firms should now begin assessing which individuals require approval and submit timely applications to comply with the end of the transitional period.
CEIOPS releases its second set of advice on Solvency II Level 2: implementing measures
The European Commission has requested CEIOPS provide final, fully consulted advice on the vast majority of Solvency II Level 2 implementing measures for October 2010 and begin developing Level 3 guidance on certain areas.
On 2 July CEIOPS released for consultation its second set of advice developed on the basis of Solvency II Level 1 text adopted by the European Parliament on 22 April 2009. The consultation papers provide advice on key aspects for the future implementation of the Solvency II framework. Although they are presented in separate papers, the issues are interlinked.
A first set of advice on Level 2 measures has already been consulted on and comments are currently being processed. The third set is expected to be released at the beginning of November 2009 and stakeholders will be invited to comment on both the consultation papers and annexes. Subsequently CEIOPS will finalise the papers for submission to the European Commission, taking into account the comments received and the lessons learned from the crisis.
|
