The FCA has recently published its findings from its thematic review1 of delegated authority arrangements in the general insurance market. The review was based on a sample of insurers writing products for UK retail and SME customers, and also firms holding delegated underwriting and/or claims authority from those insurers. The primary focus of the review was the management and oversight of their delegated authority arrangements and the impact of any shortcomings on customer outcomes.
The FCA concluded that many firms “did not appear to have adequately considered or recognised their regulatory obligations” and the review raised a concern that firms could not “demonstrate compliance with the Handbook requirements set out in SYNC and PRIN”. The findings included:
- Failure to demonstrate clear arrangements for assessing risk.
- Failure to treat delegated authority as outsourcing.
- Inadequate due diligence of conduct risks.
- No consideration of whether products were treating customers fairly.
- Insufficient control over claims functions and failure to identify conflicts of interest.
- Lack of oversight, monitoring and management information (MI).
- Over reliance on audits.
- Deficient agreements, for example, with no clear allocation of responsibilities.
- Failing to recognise product provider responsibilities in product design.
- Shortcomings in complaint processes, handling and outcomes.
- Product providers failing to make appropriate arrangements for product distribution.
Next steps for firms
Those firms that were subject to the review will need to consider the specific actions the FCA requires from them to ensure compliance. Other firms are expected to consider the report, review their activities and identify what changes are required to their policies and procedures to bring them in line with the recommendations, and demonstrate implementation of these steps. This will be followed up by the FCA as part of its ongoing supervisory work.
The principal concern of the FCA in the review was poor customer outcomes. In light of this, firms are expected by the FCA to be able to respond clearly to the following questions:
- Why has the outsourced party been chosen and do they have appropriate capabilities to deliver what customers could reasonably expect?
- Is it clear who designed and “owns” the product and where the relevant responsibilities lie as a result, and have they adequately considered how the product performs for customers?
- Are the claims processes in place appropriately designed and controlled to deliver fair customer outcomes?
- Is there appropriate monitoring and management information in place to assess customer outcomes?
- Is it clear that the outputs of any monitoring and MI are reviewed, understood, shared as necessary and acted upon?
- Do firms know who is selling their product and how, and exercise any meaningful oversight of this?
- Are significant conduct issues related to the product likely to be promptly identified and acted upon?
What does the FCA expect? The FCA expects outsourcing insurers to ensure they have effective and risk-based controls mitigating conduct risks. The FCA requires both insurers and intermediaries to monitor activities (with MI) to identify and review where customers are not treated fairly, to consider if they act as a “product provider” and identify responsibilities for product design and monitoring of the performance of the products (and allocate these responsibilities where circumstances allow), and for those with “product provider” responsibilities to assess appropriateness of the distribution channel and sales activities and exercise ongoing oversight.