The Financial Conduct Authority's (FCA’s) operational objectives specifically include securing an appropriate degree of protection for consumers, and promoting effective competition in the interests of consumers. The FCA’s 2020-21 Business Plan mentions 'consumer' 124 times in its 25 pages, so it is clearly important that firms supervised by the FCA are clear as to who is, and who is not a consumer. Unfortunately, this is not as simple as it might initially appear.
To start with the basics. I am a consumer. You are a consumer. Each of us, in our individual dealings with our bank, credit card company or other financial services provider is a “natural person acting for purposes outside his trade, business or profession” and as such have the protection of the Distance Marketing Directive, Unfair Terms in Consumer Contracts Directive, E-Commerce Directive, Consumer Credit Directive, Mortgage Credit Directive, and importantly for the audience for the article, the Payment Services Directive. The Payment Services Directive also allowed EU Member States to allow Payment Service Providers (PSPs) to extend consumer protection to microenterprises, an option which the UK adopted.
You will have seen (and I’m sure read) the FCA’s Consultation Paper CP21/13 published in May 2021 entitled "A new Consumer Duty”. In spite of its title the FCA propose applying the definition of consumer to retail clients. This would include ALL clients other than professional clients, such as large corporate entities and government bodies and 'eligible counterparties'. So, for the purposes of the Consumer Duty, all SME clients would be 'consumers'.
The FCA and Prudential Regulation Authority's operational resilience requirements were published in March this year in Policy Statement PS21/3. These requirements apply to all Payment Institutions and Electronic Money Institutions and they must identify their important business services, described as those services which, if disrupted, could potentially cause intolerable harm to consumers. Consumers in this context means those that are the direct consumers of the firm’s services or in other ways dependent upon them. This includes both retail and wholesale market participants. So, a payment services firm in a chain of PSPs and other regulated firms could be a 'consumer' for this purpose.
When the new Consumer Duty comes into effect its interaction with other requirements will require careful consideration. For example, if the wording chosen for the Consumer Principle is “A firm must act in the best interests of retail clients”, how will this affect a firm’s ability to apply the “corporate opt-out” in the Payment Services Regulations (PSRs), allowing firms to agree with clients above “micro-enterprise” level that the information provisions and certain liability provisions do not apply? Many clients above micro-enterprise level will still be 'retail clients' and therefore the firm will need to consider whether it is in the best interests of the client for the “corporate opt-out” to be applied.
The direction of travel seems clear – the protections that were originally aimed exclusively at protecting individuals are increasingly being extended to corporate entities ('Legal Persons') and the size of corporate entity benefitting from such protection is also increasing.
It is therefore important that firms have a proper understanding of who their customers, and what category individual customers fall into. 'Know Your Customer' is therefore moving beyond Financial Crime and Anti Money Laundering considerations, into an ongoing customer protection and governance requirement. If a firm doesn’t understand who its customers are, how can it be sure that it is acting in their best interests?
Finally, as always, a reminder that it is not enough for senior management to consider these matters. The fact of the consideration and the reasons for the decisions made need to be recorded, so that in the event of challenge by the FCA management can show justification. Proper governance is key.