A new report (TR15/12) from the UK's Financial Conduct Authority looks at the 'suitability' of retail investment portfolios provided by wealth management and private banking firms.

The results fall neatly into three: one-third of the FCA's sample of 150 file reviews (conducted at firms of all kinds in the wealth sector) fell substantially short of the standards it expected of them; one-third ought to make some improvements to meet the FCA's standards; and one-third raised no substantial concerns. There has been an improvement since the regulator's previous work on suitability in 2010, with the proportion of highly risky or unclear files falling from 79% to 59%.

"This is not compulsory...or is it?"

It was in 2007 that the old Financial Services Authority, which the FCA and Prudential Regulation Authority replaced in 2013, began to offer its private opinions on the nature of 'good and bad practice' without relying solely on the text of enforceable rules. This odd habit persists to this day. The FCA is, however, slightly humbler in its expectations for agreement with its opinions than previously, stating merely that it is making its assertions about good and bad practice "to provide firms across the wealth management sector with insights and ideas that may help them to deliver suitable outcomes for their customers." It does, however, go on to spoil this somewhat by stating that "firms may need to meet other regulatory requirements," which might give unwary readers the false impression that its opinions about 'goodness' and 'badness' are, in themselves, regulatory requirements. The US Securities and Exchange Commission often makes similar assertions, to its everlasting discredit.

The FCA summarises its main findings (some of which it will, no doubt, be quoting on regulatory visits as though they are actual rules) in note 1.9 as follows: "The main messages from our work are [that] a number of firms have taken steps to both improve and demonstrate the suitability of customer investment portfolios; many firms still have to make substantial improvements in gathering, recording and regularly updating customer information to support the investment portfolios they manage for customers; firms need to do more to ensure that the composition of the portfolios they manage truly reflects the investment needs and risk appetite of their customers, especially those who have a limited capacity for, or desire to expose themselves to the risk of, capital loss; [and] firms need to ensure that their governance, monitoring and assessment arrangements are sufficient to meet their regulatory responsibilities in relation to suitability."

It attaches another non-rule-based 'expectation' to these findings: "We expect senior management to consider whether any of the concerns we raise in this report are reflected within their own firms’ practices and to take any action necessary to minimise the risk of unsuitable outcomes to customers. This document is relevant to all firms that provide discretionary and or advisory portfolio management services to customers. It will also be of interest to those that may provide third party support services, such as compliance services, to these types of firms."

Good and poor practice: what the regulator thinks you ought to believe

Annex 2 of the report contains the FCA's impression of what might be good or bad. If there is one thing the FCA loves, it is the sight of very senior managers spending a great deal of their time looking at compliance. This is the first point of many: "Good practice: In a number of firms the CEO was an active member of the Compliance committee which had responsibility for monitoring portfolio suitability." The corollary of this is a dislike of any vagueness about compliance on the part of senior managers: "Bad practice: The CEO of one firm struggled to describe the culture within the firm. They appeared to be overly focused on IT-based control mechanisms within the first line of defence..." The FCA's definition of this 'first line' is the front office.

There is no definition here of any 'second line,' but the FCA gives an example of one in a 'Dear CEO' letter that it sent to pension providers on 25th January: "When a customer contacts their pension provider to access their pension, providers will be required to ask the consumer about key aspects of their circumstances that relate to the choice they are making. Providers will be required to give relevant risk warnings in response to answers from the consumer." In a thematic review of the governance of unit-linked funds from October 2013, TR13/8, it refers to Compliance with a capital C as 'the second line of defence' and Internal Audit as 'the third line of defence.' In neither of these three documents does it say what the 'defence' is against, although in TR15/12 'unsuitability' (of advice, of investment decision-making and of product provision in the context of the customers' best interests) is bound to be fairly near the mark. The FCA goes on to make it crystal clear that it frowns on any failures on the part of people on 'line 1' to monitor things independently of the people on 'line 2.'

The 'four eyes' rule (sometimes called the 'two-man rule,' whereby a firm decides that this-or-that decision must always be countersigned by someone else) comes in for some praise in this paper, although not as a universal panacea. The FCA thinks it is appropriate as a control mechanism for individual investment transactions for customers. In the same breath it endorses weekly peer reviews for samples of customers' portfolios.

Another 'good' practice is to ring up customers to perform periodic updates on their files. The FCA is especially pleased when this is backed up by some bureaucracy. It also makes it clear that information that 'appears' to be out-of-date is a cause for regulatory concern, even if that has not been proven. The FCA will also be distraught whenever a relationship manager (RM) tells his clients that he thinks that regulatory information-gathering requirements are 'burdensome' - in this regime, it is evidently a sin not to love Big Brother.

Sense and suitability

Once one forgets about the ponderous, heavy-handed 'regulatory creep' implied in the FCA's insistence that firms ought to pay strict attention to its wishes rather than its rules, there is much here that a dispassionate observer would find sensible. The FCA's obsession with the wealth manager ascertaining the 'level' of income that the HNW customer wants is a good one; a lack of clarity about the amount of income he needs and how regularly he wants it to be paid is sloppy by any standards. The same is true of contradictory information on files. The FCA cites one instance where a file note stated that there was no specific purpose for the portfolio and no investment time-horizon, while other information on the file suggested that the customer relied on a specific amount of income every year from the portfolio to supplement other income.

A good assessment of the customer's risk appetite is essential and the paper has many examples of failures in this department. If a customer says that he has no room for manoeuvre when it comes to income but the private bank then asks him to reconsider and consent to an increase in his recorded risk appetite, this appears to be on the fringes of sharp practice and will certainly provoke some questions from the regulator. So, too, will any unilateral decision by an RM to change someone's stated risk appetite without recording (or giving the customer) any reason for it. In fact, one might have expected the regulator to say that there was a full-blown rule against such a thing, but it does not.

The paper records another egregious example of the same thing. Apparently, one firm had been adjusting its formal evaluations of its clients’ risk appetites to fit in with the risk profiles of their existing investment portfolios. In one instance, the RM's excuse was that costs would be incurred if the firm were to move the portfolio to the less risky profile that the customer had originally selected. Likewise, any risk profile given a score of 'low-to-medium' seems difficult to reconcile with a portfolio that contains more than 90% equities in the absence of any investment strategy to which the customer has agreed, but this did unfortunately happen.

US regulators are obsessed with – and, indeed, have a special brief for – protecting old people from the depredations of dodgy financial practitioners. In a previous interview in 2014, Compliance Matters interviewed an ex-regulator from the Financial Industry Regulatory Authority who said: "you shouldn’t be allowed to sell a 90-year-old a variable annuity that has a death feature!" The FCA, believe it or not, found a watered-down version of the same thing: "One firm had elderly customers, including one over 90 years old, who were documented as having a medium risk appetite and 20-year investment horizon. The firm did not appear to have sense checked this information."

The UK's wealth management industry, which undertakes financial planning, provides advice about investments, manages investments and performs stockbroking services, manages more than 1.8 million portfolios for customers in the UK and has more than £600 billion of their assets under management.