Last week, mobile phone retail giant, The Carphone Warehouse (the “Firm”), was fined £29,107,600 by the FCA for pressure-selling its mobile phone insurance and technical support product known as “Geek Squad” to mobile phone customers over a period of 6.5 years. In this article, Polly James, Daren Kemp and Samantha Paul in BCLP’s Financial Regulation team in London summarise the FCA’s findings in this interesting case, and consider the key practical takeaways from the decision.

The FCA’s Final Notice gives useful reminders of compliance requirements for insurance sales procedures by unauthorised retail firms. The notice also clarifies the definition of “relevant revenue” used to calculate the penalty, encompassing all revenue from the business area, not limited to sales commission - and not necessarily equal to the gross written premium for those sales. However, the notice relates to a legacy case and should not be seen as entirely indicative of how the FCA would deal with similar breaches today.

What rules were breached and how?

As detailed in the FCA’s Final Notice ,The Carphone Warehouse was found to have breached Principle 3 (Management and control), Principle 6 (Customers’ interests) and Principle 9 (Customers: relationships of trust) of the FCA’s Principles for Businesses during the period 1 December 2008 and 30 June 2015. In summary:

  • Principle 3 requires a firm to take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems. In The Carphone Warehouse’s case, there were no records made relating to the nature of sales during the relevant period; and the management information upon which the Firm relied to monitor the compliance of its mobile phone insurance sales was fundamentally flawed. As a result, the Firm’s board committee responsible for compliance was not equipped to address the risk of mis-selling revealed by high early cancellation data on its TCF (treating customers fairly) dashboard.
  • ICOBS 4.1.6R and 4.1.7R required the Firm’s sale consultants to tell the customer, prior to concluding the sale, that it could only sell an insurance product provided by certain insurers, and to state that it was giving a personal recommendation. However, The Carphone Warehouse’s sales consultants were not trained to do this.
  • In relation to DISP 1.4.1R and Principle 6 (Customers’ interests: A firm must pay due regard to the interests of its customers and treat them fairly), for most of the relevant period, the firm’s complaints handling process for complaints about the sale of Geek Squad involved complaints being upheld or rejected solely on the basis of whether a signed insurance certificate could be found.
  • Principle 9 requires a firm to take reasonable care to ensure the suitability of its advice for any customer who is entitled to rely upon its judgment. Limited training was provided on how to respond when customers gave answers indicating that Geek Squad may not be appropriate, for example, if they already had insurance cover or considered Geek Squad to be too expensive. The sales process involved no formal assessment of affordability of the product, and until June 2015, there was no detailed, documented and tailored assessment of demands and needs.

As such, the decision highlights some important learning points around firms’ systems and controls to ensure compliance with insurance sales procedures. In particular, the decision highlights the importance of appropriate training of sales consultants and sufficient qualitative data in management information reports so that the sales process can be properly supervised.

What was unusual about how the fine was calculated?

  • While the facts and liability were determined following a focussed resolution agreement, the quantum of the financial penalty was determined by a contested Regulatory Decisions Committee hearing. This is the first significant decision from the RDC under new procedures. There are now 5 steps considering: disgorgement, the seriousness of the breach; the impact of the breach; the nature of the breach; and its level of seriousness.
  • The FCA found the overall seriousness of the breach to be level 3 (out of 5), because the breaches were found to have been committed negligently. Some may find this relatively light-touch approach surprising, given the volume of non-compliant sales to consumers over an extended period.
  • A technical point also arose on how “relevant revenue” should be calculated. The Firm submitted that sales commission should be the relevant figure at Step 2 of the penalty assessment, rather than the gross written insurance premium for the insurance sales. It submitted that non-regulated post-sales services paid from the insurers to the Firm were not relevant; and noted that the GWP figure included monies which never belonged to the Firm. The insurers were also required to pay insurance premium tax and to pay other third parties for providing services related to the insurance. Finally, an additional fee was paid to the insurers.
  • The RDC nevertheless concluded that relevant revenue includes: sales commission, post-sales payments and profit commission. DEPP 6.5A.2G(2) provides that it “will be the revenue derived by the Firm during the period of the breach from the products or business areas to which the breach relates”. This definition does not restrict the revenue to that derived solely from the relevant activity affected by the breach, as it encompasses all revenue derived “from the products or business areas” to which the breach relates.

What other consequences were there for The Carphone Warehouse?

The Firm substantially changed its sales process in June 2015 by introducing a tailored assessment of demands and needs.

In 2016, the Firm also voluntarily commenced a redress exercise to compensate those customers whose complaints may have been refused primarily because of the existence of a signed insurance certificate. In 2018, the Firm voluntarily commenced a second redress exercise paying compensation to customers who had cancelled their policy for reasons identified as potentially indicative of mis-selling.

This is clearly one of the “legacy” cases that the FCA Enforcement Division has had on its books for some time. New rules implementing the Insurance Distribution Directive from 1 October 2018 now require an insurance Firm using a retailer to sell insurance products, to ensure that the retailer complies with certain standards - such as acting in the customer’s best interests and ensuring the product meets customer needs - even if, as is common, the retailer itself is exempt from FCA authorisation.

It is also inconceivable that, within the FCA’s current strategy of pursuing enforcement action against individuals as well as Firms, that the FCA would include a statement in a Final Notice dealing with recent facts, stating that no individuals have been criticised in respect of the misconduct found. We suspect that the FCA was forced to make this statement by way of concession, in order to get a large “legacy” case settled – and this should by no means be taken as indicating the FCA’s approach going forward.

A whistleblower investigation

Finally, it is worthwhile noting that the FCA Press Release accompanying the Final Notice specifically flags that the decision follows an FCA investigation that stemmed from whistleblowing reports. In the Press Release, Mark Steward, FCA Executive Director of Enforcement and Market Oversight, states:

"Without whistleblowers coming forward these practices may never have come to light. In the past few years, whistleblowers have contributed critical intelligence to the enforcement actions we have taken against firms and individuals."

The FCA message is clear. Promoting whistleblowing remains high on the FCA’s regulatory agenda and an important source of information for their enforcement investigations. And they are keen to take every opportunity to remind “would be” whistleblowers of this, and firms of the importance of maintaining their internal “speak up, listen up” procedures around whistleblowing.