View more on these topics

Adviser fury over claims firm data requests

Advisers have expressed anger at the inc­reasing use of data requests by claims firms as part of “fishing” exercises to file spurious complaints.

Under the Data Protection Act, individuals can use subject access requests to access their medical records or other information held by firms or Government bodies.

But advisers say claims firms are increasingly using data requests to solicit complaints against advisers.

Subject access requests must be complied with but advisers can only charge up to £10 to provide the requested information. Advisers say the time involved is overly burdensome, with some case files going back more than 20 years.

Subject access requests are not permissible in litigation claims as it amounts to what is known as “pre-litigation disclosure”. Advisers are campaigning for the Financial Ombudsman Service to treat claims firms’ data requests in the same way.

Last week, Blue Sky Mortgages director Ian Broadbent met with Ministry of Justice officials to press the case.

He says: “This is a big grey area. The MoJ is aware of it and cracking down.

“Claims firms are using it for mortgage and investment misselling complaints and they are growing in numbers. This is going to be a very big deal for advisers in the next 12 months.”

Highclere Financial Services partner Alan Lakey says: “The law is being misused. Claims firms are gaining access to records for £10, sifting through and hoping to find something. It is defeating the spirit of the original legislation.”

Apfa director-general Chris Hannant says: “It is wrong that claims firms are using access requests as a generalised tool. Claims chasers are a menace.”

The Information Commissioner’s Office, which has responsibility for access requests, says claims firms are acting legally and it is not pushing for changes.


News and expert analysis straight to your inbox

Sign up


There are 4 comments at the moment, we would love to hear your opinion too.

  1. Advisers are being foolish if they simply conform.

    Under disclosure, there is a simple yet clear defence and I encourage advisers to use it. The information request must be specific and is not to be used as a simple fishing expedition. The Data rules say you don’t have to disclose material if:-

    The organisation should give you the information in writing but they need not do this if it is not possible, if it takes ‘disproportionate effort’ or if you agree to some other form, such as seeing it on screen. The Act does not define what disproportionate effort means but we think the following should be taken into account:

    the cost of giving you the information;
    the length of time it will take;
    how difficult it will be;
    the size of the organisation; and
    the effect on you of not having the information in permanent form.

    So I suggest – bank the cheque, send limited information which answers the specific requests (eg application form) and revert to them quoting this. Then they would have to send another £10 and so on….

  2. Sorry, but you all shouted for this and as i predicted many months ago you are now all getting upset about it!

    One minute you want CMC’s to prove that a policy existed and as soon as CMC’s use legitimate and legal means to prove this in the first place you all cry ‘we are hard done by’. if we dont make DPA requests, you cry ‘fishing’ if we do make DPA requests you cry ‘fishing’, but the whole world cries ‘mis-selling’ and you cry ‘nothing to do with me guv’.

    Personally i would be very careful about taking Philips advice, it will extremely difficult to prove to the ICO what is disproportionate. The rules do cover this and the fact you have to photocopy 3 pages or 500 is not disproportionate and at the end of the day you could have to send it to the FOS anyway (and you dont get your free £10 for that!).

    The rules also state ‘all material’ must be provided, not just an application form. It works both ways – if you want to prove that PPI was not sold, then just send the application – CMC’s dont want to get involved in cases that they aren’t likely to win (especially if no PPI was sold), but if they are asking for information on a specific policy, then you are legally bound to send it.

    Since when has Alan been interested in the ‘spirit’ of legislation? This is the same man who keeps campaigning for the long stop – where is that in the interests of anyone other than the adviser? The spirit of financial services regulation is to protect the client!!!

    All of that said, when the first mortgage complaint gets upheld through the FOS then you need to worry, upto that point, let the ‘new boy’ CMC’s make all the DPA requests they like, they aren’t going to win many (if any – other than sub prime) and this is not going to be the next PPI – and as soon as the FOS do uphold a mortgage complaint, simply phoenix the company and burn the files!!

  3. It is not for the adviser to substantiate the case for the complainant. It is for the complainant to provide the evidence to the CMC to substantiate miss-selling and a possible claim. If they don’t have the evidence (because it does not exist in most instances perhaps) then the CMC is in breach of the new rules:-

    New rules will require CMCs to ensure the claims they submit have a realistic chance of success, and that they provide full evidence to back up allegations.

    We had a case recently where the ex-client was trying to pursue the drop in his ISA from one six month period to the next, despite a significant overall increase from inception to disposal! All he had provided to the CMC was the two valuation summaries! We have heard no more but we have sacked the ex-client’s wife as we don’t need people like that as clients, thank you, regardless of the success of her own arrangements under our care.

    I have suggested to the CMC too that far greater emphasis should be placed upon the opportunity for complainants to approach the Financial Ombudsman Service free of charge before any third party needs to be engaged. Even a complainant having to sign a document so he knows of the opportunity and the cost of not complaining direct could be involved perhaps. Of all the billions of compensation paid to people who were miss-sold products over the last few decades (or not!), a significant element of this has gone to parasitic companies as opposed to rewarding the often hard-pressed individuals who were entitled to receive appropriate recompense. This is almost as significant as the miss-selling scandal in the first place and yet so many of these firms dress themselves up as ‘ethical’ saviours of the aggrieved!

    My advice remains the same – a proportionate response and not a full file to allow fishing for the evidence they don’t have in the first place and hope to find within, whilst fabricating some other reasons to try to justify a claim.

    I should add – we are CMC regulated as well for the occasions when we are called upon to help someone in the unfortunate situation of cause to query but we do our best to guide clients to approach the relevant organisations direct first.

  4. There are limitations on how subject access works. However, what the applicant gets really depends on how you validate the request. Section 7 of the DPA allows you to ask for information to locate what has been requested e.g. reference number or account details, when the person signed up, what services they have received. It’s true to say that the request is not valid if you reasonably need information like this and don’t receive it. You can (and should) check the person’s ID as well. This means obtaining proof from the CMC that they have the client’s consent, as well as proof of the client’s ID. But if a person (or their agent) proves who they are, and gives you sufficient information about their relationship with you, the technique of attempting to get multiple £10s out of them is bogus. If a person has clearly asked for lots of information, that’s their request. If you don’t answer it properly, you can’t charge them a second £10 for locating information they have already asked for. It’s also worth considering what kind of message you’re sending. If you can’t easily locate information, have you complied with the rest of the DPA, which requires data to be adequate, accurate, up-to-date and subject to proper retention periods? You don’t want to dodge a subject access but give the impression that you don’t comply generally with the DPA.

Leave a comment


Why register with Money Marketing ?

Providing trusted insight for professional advisers.  Since 1985 Money Marketing has helped promote and analyse the financial adviser community in the UK and continues to be the trusted industry brand for independent insight and advice.

News & analysis delivered directly to your inbox
Register today to receive our range of news alerts including daily and weekly briefings

Money Marketing Events
Be the first to hear about our industry leading conferences, awards, roundtables and more.

Research and insight
Take part in and see the results of Money Marketing's flagship investigations into industry trends.

Have your say
Only registered users can post comments. As the voice of the adviser community, our content generates robust debate. Sign up today and make your voice heard.

Register now

Having problems?

Contact us on +44 (0)20 7292 3712

Lines are open Monday to Friday 9:00am -5.00pm