Overview
In updating the Consumer Protection Code, the Central Bank of Ireland ("Central Bank") has taken the opportunity to respond to and account for the significant digital transformation of the financial services industry that has taken place in recent years. The proposed cross-sectoral requirements follow on from the Standards of Business regarding Securing Customers' Interests and Informing Effectively and set out more specific requirements in the Central Bank (Supervision and Enforcement) Act 2013 (Section 48) (Conduct of Business Regulations) ("Conduct of Business Regulations") and the Supporting Guidance on Securing Customers' Interests ("Guidance" and together the "Revised Code").
The relevant sections of the Conduct of Business Regulations aim to ensure that regulated financial service providers ("RFSPs") can take advantage of the opportunities provided by digitalisation, whilst also ensuring that the key concerns for consumers in a digital context are addressed. The Central Bank notes that the key challenges facing consumers in a digital context include, (i) a lack of in-person contact; (ii) accessibility and computer literacy; and (iii) concerns regarding the use and security of data.
Digitalisation
The Revised Code reflects the importance of the G20/OECD High Level Principles on financial consumer protection on the impact, risk and opportunities of digitalisation and the importance of digitalisation on consumer protection. A new concept of a 'digital platform' is introduced, to which the new requirements in relation to digitalisation and the engagement of RFSPs with consumers is codified.
The Central Bank's consultation paper notes that the Revised Code is intended to be technologically neutral, such that the same principles and requirements apply regardless of the specific technology used, however the definition of 'digital platform' is drafted with reference to 'an online system' and thus appears to provide consumers engaging with RFSPs through a digital platform with enhanced protection.
A digital platform is defined as "an online system through which contracts can be concluded to provide financial services to consumers, or a website or application that provides access to consumers to conclude contracts for the provision of financial services".
General Requirements
The Conduct of Business Regulations apply to consumers only. Generally speaking, the Conduct of Business Regulations require that all RFSPs, using digital technology to provide financial services, ensure that the 'digital platform' (ie technology) is designed and implemented with a consumer focus.
What this means in practice is reflected in the following new requirements under the Conduct of Business Regulations:
- ensuring that the standard of the digital platform providing consumers with a financial service, ie ensuring that it is designed for a consumer without requiring specialist knowledge and that the digital platform is easy to use, understand and navigate;
- the testing of the digital platform to ensure that it is easy to use, understand and navigate;
- the provision of clear and effective step-by-step guidance to consumers on how to use and navigate the digital platform (including prominently displaying a means to access this guidance on the digital platform); and
- providing information on the digital platform, regarding the availability of assistance for consumers when using digital platforms and further information on the financial service provided.
The Central Bank notes in its consultation paper, that RFSPs transitioning from traditional to digital business models should carefully consider the impact on consumers and identify appropriate mitigants for issues identified. RFSPs should give particular consideration to the impact on consumers in vulnerable circumstances and what assistance might be required to mitigate adverse outcomes.
Specific Requirements
Further to the general requirements RFSPs must adhere to when implementing, designing and maintaining the digital platform used to provide financial services to consumers, the Conduct of Business Regulations set out the following specific requirements:
- a prohibition on providing preselected options to consumers indicating that they have read or understood information provided by a RFSP in relation to a financial service;
- where RFSPs offer, or make information available in relation to, a range of more than 3 financial services of the same type through the same digital platform, the digital platform must allow consumers to filter the financial services shown to the consumer, in accordance with pre-set criteria selected by the consumer;
- following a request from a consumer and prior to agreeing to provide a financial service, the following warning must be given to consumers:.
"You are about to enter into a contract for financial services. Think carefully about whether this financial service is right for you."
Notifications
The following notifications must also be provided to consumers by a RFSP on its digital platform:
- Withdrawal of Access to Information: where information required to be provided to consumers under the Conduct of Business Regulations is only available to consumers through access to a digital platform, RFSPs are required to notify consumers at least 15 working days in advance of any withdrawal of access to the systems or information. RFSPs must notify consumers that the information is available to download, print or otherwise retain prior to the withdrawal of the means of access;
- Cooling off Periods: where consumers benefit from a "cooling off" period, RFSPs will be required to notify consumers between 3 and 7 working days before the period expires to remind them of their right to withdraw, the date on which the right expires and how the consumer can exercise the right.
To read the full article click here
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.