As you'll be aware, many firms with investment permissions recently received a Dear CEO letter from the FCA.
The letter, dubbed by the regulator as a 'portfolio strategy letter', sets out the FCA's key areas of concern in relation to advice firms and the actions it expects firms to take.
While the timetable for next steps is unknown, it's likely the FCA will be contacting selected firms in the near future and asking them to submit client advice files.
This will allow the regulator to complete what it's calling its 'Assessing Suitability Review 2' (more on this later).
If this is the case, experience suggests that firms can expect the FCA to begin by asking firms to submit their advice register, for file(s) to then be selected on a risk basis.
The letter states the focus of the review will be initial and ongoing advice relating to clients taking an income in retirement.
From previous experience, this is likely to be done on a remote basis with firms receiving written feedback in the first instance and further follow-up face-to-face visits as required.
There are several other themes within the Dear CEO letter that are worth highlighting:
The FCA expects the letter to be discussed at board level so firms can consider what actions are required. Principal firms should share the letter with their appointed representatives (ARs).
We'd recommend that such meetings and discussions are minuted, to evidence to the FCA the letter has been taken on board.
If you plan to take any actions as a result of the letter, these should be constructed on a SMART basis (specific, measurable, achievable, relevant and time bound).
These actions should then allocated to the appropriate senior manager within the firm.
The regulator highlighted that firms need to make sure costs and charges are disclosed clearly and that they act in the best interests of their clients.
As such, we believe the FCA will want to review how firms are describing their costs and charges for initial and ongoing advice.
Many firms will have updated their disclosure documents last year in line with the increase in Financial Ombudsman Service award limits.
However, now's still a good time to cast a critical eye over your disclosure documents to make sure you're meeting FCA requirements.
Assessing Suitability Review 2
This is about assessing the suitability of advice following pension freedoms.
Of course, whether your firm is selected will depend on the types of advice recorded in your advice register.
As with the similar FCA exercise in 2018, files in other advice areas may be selected which don't fall into the main thematic category.
Firms should check that their training and competence (T&C) plan as part of overall activity works on a risk assessment basis to select higher risk files for suitability checking.
Where high risk cases (for example drawdown cases) are highlighted, priority to those files should be given when selecting cases to be reviewed.
You may want to start pre-sale reviews of advice given to clients looking for income in retirement, to make sure that if the FCA select a recently completed case they will know that it has already recently been reviewed by the firm.
Alternatively, you may want to conduct a mini review now, ahead of the FCA review, to make sure that if such a case is selected by the FCA there aren't going to be any surprises.
Conflicts of interest
The letter highlighted that "conflicts of interest must be identified and where they cannot be prevented, disclosed and managed."
Firms will have updated their conflict of interest policy to meet Mifid II requirements and should also have completed staff training post Mifid II's introduction in January 2018.
For firms that are carrying out defined benefit (DB) transfer business, they will have updated their policy again, in line with the regulator's expectations set out in May on DB transfers and contingent charging.
As with disclosure documents, now would be a good time to review your conflict of interest policies, making sure that all relevant staff have evidence of recent training completed on how to apply this internal policy in their role.
Pensions and investment scams
The FCA flagged the important role of firms and advisers in helping to prevent scams.
It said advice processes and systems need to be robust enough to avoid risks, and that any suspicions of wrongdoing should be reported to the FCA's firm queries team.
Firms who have ARs are advised to make sure their supervision records are robust and up to date.
In 2017, the FCA issued an alert warning on the risks of authorised firms accepting business from unauthorised introducers.
In line with this, we believe the FCA will want to make sure firms complete robust due diligence and ongoing monitoring of their introducers, if applicable.
Introducers' role in the advice process needs to be very clearly defined, and no introducer should have influence on the final investment choice.
Due diligence records on introducers need to be up to date, as does monitoring of the business introduced.
Professional indemnity insurance
The Dear CEO letter also highlighted that advice firms need to meet their financial resources requirements, including the requirement to maintain compliance professional indemnity insurance (PII).
The FCA may want to review the firm's PI policy to make sure it meets its expectations in terms of limits, aggregate levels and any exclusions or conditions that would affect the policy's effectiveness.
In particular, we believe the FCA will be looking at any conditions or sub-limits that have been negotiated.
Promotion of mini-bonds
If firms are involved in this activity, they'll need to have clear and robust policies and evidence on what training has been carried out for advice and administration staff.
More widely though, the firm should have a clear route for approving any financial promotion, which is overseen by the senior manager responsible for eventual compliance sign-off.
Senior managers and certification regime
All firms will have already completed their senior managers and certification regime (SM&CR) training of all senior manager and certified staff before 9 December last year.
Firms should now have plans in place to train all the other staff that fall under the Code of Conduct rules (if they haven't completed this training already), and have in place robust training and competence procedures which will lead to certified staff being issued with their certificate.
Both of these objectives must be complete by 8 December this year, with certificates awarded annually thereafter.
The FCA was critical of the banking industry in its SM&CR feedback to solo-regulated firms in that they felt banks had paid too much attention to the training of senior managers and certified staff, with too little resource spent training staff who ll under the code of conduct rules.
The letter suggests that it's the statements of responsibilities (SOR) and training given to certified staff that is the focus, but at this stage this is just an impression created by the letter's wording.
Senior managers should still have the creation of their own SOR fresh in their memories.
If things have updated or changed since the introduction of SM&CR, it may be a good idea to take some notes on any 'reasonable steps' senior managers have taken.
This can then be used to evidence that they know their role and are acting accordingly. For example, this might be retaining notes on how a policy was updated by the senior manager responsible for it.
Advisers should also make sure they've documented their SM&CR training in their CPD records.
Firms with passporting permissions should already have taken on board previous guidance provided by the FCA.
The Dear CEO letter highlights several issues that firms will be well familiar with.
While there's nothing new here, seeing all the issues in one four-page letter can be a bit daunting.
It's unlikely any one firm will be scrutinised on every aspect of the letter, yet it's still important to see this letter as important rather than be complacent.
By reviewing this letter carefully and considering if your firm has any weak (or weaker) areas where action might be needed, this isn't just a 'reasonable step' required under the SM&CR, but good business practice generally.