FCA Portfolio letter: Supervision strategy for the retail banking portfolio

On 5 February 2021, the FCA published a letter to those firms within its retail banking portfolio setting out its supervisory strategy.

In the letter the FCA:

Sets out its view of the key risks of harm that retail banks’ activities are likely to pose over the next two years. The FCA has grouped these risks into four priority areas of focus.
Emphasises its expectations about what retail banks should be doing to mitigate the key risks of harm in the four priority areas.
Outlines what work the regulator will do in the four priority areas to ensure firms are meeting its expectations and mitigating these key risks of harm. The FCA will work closely with specialist colleagues, other portfolio supervisors and, where appropriate, the PRA.

The four priority areas of focus and the work the FCA will do in them are:

Ensuring fair treatment of borrowers, including those in financial difficulties. The FCA explains that assessing banks’ regulated lending activities and delivery of forbearance and other protections will continue to be a key supervisory priority. The FCA has set out more detailed views of the risks of harm from lending activities, and its supervisory priorities and actions concerning them, in strategy letters for specific lending portfolios, with some published recently and others that will be published in due course. The FCA will continue to oversee firms’ strategies and targets for identifying repeat users of overdrafts, including those in financial difficulty, under chapter 5D of the Consumer Credit sourcebook (CONC 5D). In addition, the FCA will monitor the retail bank portfolio to see how forbearance and other CONC 7 protections are being delivered for relevant small and medium enterprise (SME) borrowers in financial distress.
Ensuring good governance and oversight of customer treatment and outcomes during business change over the next two years. The FCA’s work will aim to ensure that, among other things, it is sighted on strategic change and business transformation programmes, and on whether these are being appropriately governed, assessed and overseen. The FCA states that firms will want to set themselves milestones and it will expect to engage with them about whether they are meeting these. The FCA warns that it will be especially alert to the resulting outcomes for vulnerable customers and for SMEs where their treatment is covered by the Handbook. Specifically, the FCA’s work will include: (i) continuing an assertive approach with identified higher risk firms to secure agreed material improvements in their governance and oversight, escalating interventions if necessary; and (ii) targeted proactive engagement (including information requests) with newly identified higher risk firms, who the FCA identifies through continuously intensifying use of data. The FCA will engage to understand the risk of harm from the firms’ business models and from any planned changes to these, focusing on controls over customer outcomes, including during any cost cutting. The FCA will also monitor and engage with firms in relation to any plans for branch and ATM closures or conversions and other changes that may impact access to cash. This supervisory work will support the broader policy engagement by the Joint Authorities Cash Steering Group.
Ensuring operational resilience over the next two years and beyond. The FCA’s work will aim to ensure that, among other things, it is sighted on operational and technological change programmes, and whether these are being appropriately governed, assessed and managed. The FCA’s emphasis will be on controls around outsourcing of functions that underpin important business services or have direct customer impact (e.g. contact centres), data migrations, and the approach to risk management and governance of using cloud-based technology. Specifically, the FCA’s work will include: (i) continuing an assertive approach with identified higher risk firms to secure agreed material improvements in their operational resilience, escalating interventions if necessary; (ii) sharing and using the findings from its Implementing Technology Change review; (iii) carrying out targeted proactive engagement with newly identified higher risk firms. The FCA will identify these from data, the information it gathers about the pace and scale of firms’ business transformation plans, and findings by specialist colleagues ; and (iv) responding to firms’ notifications of incidents and other relevant reactive casework.
Minimising fraud and other financial crime. The FCA’s work will focus on ensuring that firms meet its requirements to have effective systems and controls to detect, disrupt and reduce the risk of financial crime. Specifically, the FCA’s work will include: (i) continuing an assertive approach with identified higher risk firms to secure agreed material improvements in their financial crime controls, escalating interventions if necessary; (ii) targeted proactive engagement with newly identified higher risk firms, including in the light of findings from work by specialist colleagues; and (iii) dealing with notifications of issues from firms and other relevant reactive casework, including by engaging with foreign regulators or parent companies where needed.

United Kingdom (and EU regulation)