Addressing vulnerability in Ireland Addressing vulnerability in Ireland Addressing vulnerability in Ireland

In order to address the new category of vulnerability emerging, firms should reconsider their current definition of vulnerable customers. Vulnerabilities may not be immediately apparent when engaging with customers and customers may not offer this information freely due to its personal nature (e.g. bereavement / mental illness). Firms should provide staff with the tools to enable them to consistently and effectively identify vulnerable customers. Firms should be aware of patterns, warnings signs and other indicators as a means to identify vulnerable customers. Key considerations in identifying these customers include:

• Do you have a clear definition of actual / potentially vulnerable customers which is communicated to your staff at all levels?
• Is training provided to staff both at induction and on an on-going basis?
• Do you actively monitor customer behaviour and consider potential vulnerability in all customer interactions?
• Are you hosting focus groups with operational management to walkthrough vulnerability journeys and identify learning points for the firm?

Awareness of the touchpoints across the customer journey is key in the approach to identifying vulnerable customers. Firms should analyse products, processes and all customer journeys to identify where they may particularly affect vulnerable customers and where the nature of the process may cause customers to become vulnerable. Operational staff will interact with customers as part of their day-to-day service offering, however, there are points of the customer journey which are likely to provide greater insight into the financial and / or personal circumstances of customers:

• Sales / product suitability: Staff will engage with customers during the sales process and in discussions regarding product suitability. This provides firms with an opportunity to identify, from the outset of customer engagement, any vulnerabilities / potential vulnerabilities impacting the customer (e.g. cognitive disorders or physical health difficulties);
• Arrears / pre-arrears: Financial difficulty may be an indicator of a change in personal circumstances (e.g. a period of unemployment);
• Complaints: The complaints process may provide insight into the circumstances of the customer and highlight areas where firms must increase their focus on / awareness of potential vulnerabilities. Firms must ensure a drive for continuous improvement in their approach to vulnerable customers, including learning from complaints root cause analysis;
• Claims handling: This process requires customer engagement at a time when a financial shock may have been experienced. The nature of the financial shock / life event will determine any actual / potential vulnerability impacting the customer and its timeframe (e.g. a long term / short term period of unemployment); and
• Bereavement: Due to the nature of financial service products (e.g. home insurance / lending products), customers are likely to engage with firms where they have suffered a bereavement. Financial services firms must ensure that they have appropriate processes in place in these circumstances.

1. Proactive steps: Actions to limit the impact of vulnerability when it does arise (e.g. consideration as part of the product / process design);
2. Detective steps: Understanding the types of vulnerability that may emerge and the triggers which indicate actual / potential vulnerability; and
3. Reactive steps: Once identified these steps involve the treatment of vulnerable customers (e.g. monitoring of customer engagement with the firm).

In order to ensure that vulnerable customers are treated appropriately, firms must embed their Vulnerable Customer Framework in their operations. This Framework should focus on providing supports and fair treatment to those customers impacted by a vulnerability. Below are the areas firms should consider when developing / enhancing their Vulnerable Customer Framework:

• Are your Board and Senior Management Team engaged and receiving regular reports / updates?

• Do you have a detailed and embedded vulnerable customer policy with clear expectations?
• Do you evaluate your strategy and policy regularly to ensure they remain relevant and up to date?
• How do you capture vulnerability risk in product design?
• Do you perform risk and control assessments to identify existing controls for vulnerable customers and any control gaps that exist?

• Does your record keeping system allow a sufficient level of detail to be recorded regarding the nature of the customer’s vulnerability?
• Does your recording allow for periodic vulnerability reviews, taking into consideration the changing nature of certain vulnerabilities?
• Do you use a risk score for vulnerabilities to support treatment strategies?

• Does your data show which products / processes are impacting vulnerable customers?
• Are your Management Information (hereinafter “MI”) metrics aligned to risk and control assessments, as well as risk scores applied to vulnerabilities?
• Are you providing a holistic customer view to your Senior Management Team and taking proactive steps to address MI metrics which are outside the accepted tolerance level?

• Is there a clear point of contact for vulnerable customers with a specialised support team with experienced staff providing guidance / advice?
• Are you tailoring communications to the needs of vulnerable customers?
• Have you engaged with the HSE Safeguarding and Protection Team in your treatment of elderly customers who are at risk of financial abuse / with cognitive challenges?

• Are all your staff trained on vulnerable customer policy and approach?
• Does your training programme encourage decision making that will lead to good customer outcomes?
• Does your training programme incorporate on-the-job learnings from experienced staff?
• Do your staff view vulnerability as ever changing and do they consistently monitor customer behaviours?

• How are you supporting customers who are digitally disadvantaged?
  
• How do you assist vulnerable customers in gaining remote and digital access to services?
• Does your presentation of information online allow for sufficient clarity to all customers?
• Do you make your customers aware of potential / actual fraud and have a treatment strategy where this occurs?

Have you considered how your firm treats its vulnerable customers? KPMG provide risk and regulatory advice, proposition design, operational risk and control optimisation services across the financial services sector. We can help ensure you have an appropriate Vulnerable Customer Framework in place to ensure that you are both identifying vulnerable customers and ensuring good customer outcomes once identified. Examples of how our team of experts can assist include:

• Identify a suitable owner for a vulnerability programme including the design of an appropriate governance framework;
• End-to-end customer journey mapping, identifying vulnerable customer touchpoints and designing appropriate controls to reduce the risk of customers receiving poor outcomes;
• Identify the roles and responsibilities within a customer journey that give rise to a requirement for additional staff training. Our team will support you in training your staff through a variety of training techniques;
• Review your risk assessment framework, including a focus on digitalisation and the impact this has on your customer base;
• Develop a customer treatment policy for all categories of vulnerability; and
• Design a reporting framework with quantitative and qualitative MI, to demonstrate trends as well as the characteristics of vulnerability and potential vulnerability.

For further information, please contact Gillian Kelly of our Risk Consulting practice.