Vulnerability: a much wider problem to UK financial service providers than first thought?

The escalation of financial crime and fraud has become one of the most widely talked about issues of our times. Indeed the City of London Police’s Action Fraud Team recently estimated that people in the UK lose as much as £190,000 a day to fraud. Issues involving identity theft continue to rise to the point where we all now know someone who has been impacted by fraud – very often that someone is us.

For those unlucky enough to fall victim to this crime the effects can be traumatic, both financially and psychologically. The impact of becoming a victim can often lead to serious problems even for those who would consider themselves to be financially and mentally resilient. So the consequences for members of society who are considered vulnerable can be much more serious.

The Financial Conduct Authority (FCA) published its Occasional Paper No.8 in 2015 to encourage debate and stimulate interest amongst financial services organisations to act appropriately and understand the needs of vulnerable groups. 

As a result of that guidance The Financial Services Vulnerability Taskforce came into being in 2015 and has published firm guidelines to help companies create processes, and put in place structures that help people who are considered vulnerable. This will help avoid these people being discriminated against, as well as provide with them with additional protection from certain types of crime.

Cifas already operates a service called Protecting the Vulnerable, which is in line with the following acts: the Mental Capacity Act 2005, Adults with Incapacity (Scotland) Act 2000 as well as the Mental Capacity Act (Northern Ireland) 2016. The service is a shared register that is used by local authorities, solicitors and healthcare trusts. It hosts data of people who are subject to Court Order of Protection.  If a consumer makes an application for financial services it can be an easy way to alert the lender that this person is on this register and allows them to deal with the application appropriately - such as preventing fraud against that person’s identity. 

The number of those UK adults classified by the FCA as being vulnerable in 2015 was 6.5 million with that figure expected to grow by over 25% to around 10 million by 2030. Worryingly the FCA also suggested in 2019 that 50% of the UK population displayed characteristics that might indicate some form of vulnerability in the future.

Whilst recent FCA guidance identifies examples of vulnerability, with factors such as health, life events, resilience and capability all being drivers, it’s an incredibly broad spectrum and having the wherewithal to identify these factors, when a consumer applies for a financial product and at post application stage, is a significant challenge.

From a financial crime perspective, the well-publicised increases in misuse of account and Authorised Push Payment fraud (APP) across the industry highlights the extent of the vulnerability issue. Synectics Solutions Financial Crime Intelligence Team (FCI) recently reported that misuse of account represents nearly a third of all fraud recorded, whilst identity fraud represented around 50%.

Within both these fraud typologies, the FCI Team inevitably saw individuals fitting the descriptions of the FCA guidance on vulnerability - either as victims of fraud themselves, or tricked into the APP and money mule process via some form of social engineering by organised criminals.

In meeting the vulnerability challenges, the creation of The Vulnerability Register Service (VRS) certainly feels like another step in the right direction. The VRS is the first central register helping those seen as vulnerable to protect themselves against debt or financial stress. Vulnerable consumers register for free and can self-register via the VRS web site or with the consumers consent, a lender or service provider can register them on the database.

However, it instinctively feels there’s more that could be done to support the vulnerability initiatives and assist financial service providers. For example, if we look at the Financial Power of Attorney, whilst it provides a level of protection over existing financial relationships, it offers limited protection in respect of mitigating the fraudulent creation of a new financial relationship, particularly via something like impersonation fraud. By expanding on the work being undertaken by Cifas’ Protecting the Vulnerable service and the Vulnerability Register Service (VRS), as well as increasing data sharing with The Office of Public Guardian, the DWP, Social Services and, indeed, any other public bodies with data on potentially vulnerable individuals, we could provide even firmer foundations to build upon, whilst also ensuring consumers can be treated fairly and proportionately, commensurate to their own needs

It would seem that there is much more that could be done to improve the level of services and protection that could be provided to vulnerable groups. Wider collaboration on sharing information of a greater number of the vulnerable is certainly the next step in preventing people from becoming victims of crime.

To this end, Synectics Solutions not only provides access to the vulnerability data held by Cifas but is also now working in partnership with The VRS to host their data to help protect vulnerable consumers in the continued fight against fraud and financial harm.