The FCA recently investigated a small number of robo-advice firms in the discretionary management and advisory sector to determine if the good practices identified in its finalised guidance document issued in 2017 – FG17/8: streamlined advice and related consolidated guidance – had been widely adopted, or if there was a continuation of the poor practices that had previously been identified. The results were mixed.
Surprisingly, the items that are more automated in nature – and which would have been expected to have been more readily implemented correctly, such as costs disclosures – were generally poorly executed.
Perhaps not as surprising was the finding that the suitability processes of many of the firms looked into, both discretionary and advisory, were also poor.
Basic factors such as clients’ knowledge and experience, investment objectives and capacity for loss were not gathered or were insufficient for the discretionary services, and some of the advisory services made assumptions about the clients rather than gathering appropriate information such as their financial circumstances, including debt and other outgoings.
While there was a focus by the FCA on suitability in this review, weaknesses in the suitability process can often lead to problems elsewhere in the regulatory universe, notably in the anti-money laundering/financial crime arena, where know your client is a fundamental building block.
The informational basis for suitability has often been treated in isolation from the know your client basis for AML and general financial crime checks, but they are inextricably linked.
To understand what products or investments may be suitable for a client it is important to gather a lot of information, not just about attitude to risk but also relating to issues such as the client’s investment history, their personal background and, as a potential indication of investment experience, where their money originates.
AML checks are often seen as simply verification of the client’s name and address and, in some circumstances, undertaking politically exposed person and sanctions checks.
However, AML KYC processes are much more involved and advisers and managers need to consider the client’s wider circumstances.
The level of information required to ensure suitability – remembering that the information is not required to demonstrate suitability as demonstration is really for the adviser/managers’ benefit – will also inform the wider questions of who the client is, if there are any circumstances giving rise to higher risk concerns and if there are any risks of financial crime.
Client risk does not stop at attitude to risk and suitability; it extends beyond these narrow confines
Without knowing the answers to these questions, there is a risk of AML process failures and potentially of allowing financial crime to exist and persist.
These questions cannot be answered if they are not asked or investigated in the first instance.
This is an ongoing issue when there is a continuing relationship with the clients, which is particularly the case with discretionary management activity, so the ability of firms to recognise the information required and to ensure that it is gathered on a timely basis is paramount. Suitability and AML KYC is often not a one-hit wonder.
So, what should firms be looking to do now? In the first instance, firms should consider their current practices and ensure that they are able to guarantee (and demonstrate) suitability in their advisory and/or discretionary management activities.
They should consider at what stage suitability needs to be demonstrable and whether ongoing processes gather the right information to do this.
Firms should avoid falling into the trap that their client base presents a low or uniform risk of financial crime -– all too easy to do where clients are UK-based and seemingly all retirees or near-retirees – and use the information gathered in its suitability process to assess financial crime risk comprehensively.
After all, client risk does not stop at attitude to risk and suitability but extends beyond these narrow confines.
The role of the business and the compliance function in ensuring clear lines of defence across this area is therefore vital.
Simon Collins is managing director, regulatory, at Eversheds Sutherland