Kate Brimsted, partner and UK lead for data privacy and security at law firm Bryan Cave Leighton Paisner, discusses the potential Consumer Duty breaches that could occur when communicating with clients via apps, emails or newsletters.
On 1st August the New Consumer duty came into force, imposing higher standards on regulated financial services firms and requiring them to deliver good outcomes for retail customers.
For example, under the Consumer Duty, firms should use their communications to support good retail customer outcomes. This means that even where consumers have opted out of direct marketing, firms will be expected to update them if there are better products available, for example accounts with a better saving interest rate.
Unwanted email marketing or “spam” is a feature of modern life. In the UK and EU the starting point is that consumer email and SMS marketing requires an organisation to have received prior consent from the individual (with narrow exceptions). This is an established area where the UK’s data protection authority, the ICO, regularly enforces the rules against businesses of all sizes and sectors. Fines of up to £500,000 can be issued and past enforcement has included household names, as well as smaller businesses.
In addition to the UK GDPR, there are e-privacy rules (known as ‘PECR’ in the UK) that can be challenging to comply with. They are well known among privacy lawyers for creating some Catch 22 like conditions and raising fundamental questions, such as: is this a ‘direct marketing communication’? Or it is a ‘service’ message? Or both?
The ICO and the FCA issued a joint letter in July to UK Finance and the Building Societies Association which clarifies that data protection law (and PECR) compliance still apply when firms are providing communications to consumers required by the FCA, and is not a barrier. In practice, though, firms will need to steer a careful line, since the ICO’s guidance indicates that it is possible for a mandated regulatory communication to qualify also as ‘direct marketing’ for the purposes of PECR. In that case, to be able to send the communication by email, a firm would need to be able to demonstrate it had the requisite consent (not just that the customer had not opted out from marketing emails). Much will depend on the context and content of the communication however, some practical tips for banks and other financial institutions which contact their customers under the Consumer Duty include:
• Consider tailoring your communications for different customer groups (especially those who have opted out from receiving marketing).
• Keep such communications neutral and factual in tone unless you elect to send as direct marketing (and have the necessary consent).
Increased communications triggered by the Consumer Duty might ironically cause a rise in complaints from consumers, at least initially. From experience, when customers opt out from marketing, their tolerance level for receiving what they perceive to be marketing communications tends to be low. Current economic conditions could also make any communication from a bank or building society unwelcome or even stressful. The tone of such messaging will be all important.
While this website is checked for accuracy, Barcadia Media Limited are not liable for any incorrect information included. We recommend that you make enquiries based on your own circumstances.