(Notes may differ slightly from speech as delivered)
Tēnā koutou katoa,
Ko Kōtirana te whakapaparanga mai,
Ko Manawatū te whenua tupu,
Ko Kiwitea te kāinga,
Kei Te Whanganui-a-Tara au e noho ana,
Ko Jane taku ingoa,
Tēnā tātou katoa.
Thank you for inviting me here. The title of my segment today is regulatory investigations. It's a serious topic and I will have to choose my words carefully. My aim in this speech is to apply more of a supervisory lens to give an overview of the last few years, and how the FMA and the insurance sector can best learn from recent enforcement cases and work together under the CoFI regulatory regime.
For those of you who don't know me, I'm Jane Brown, Head of Insurance at the Financial Markets Authority. Before joining the FMA, I was the General Counsel at Te Kāhui Inihua o Aotearoa / The Insurance Council of New Zealand for six years. In my current role, I have built up the FMA's insurance team both in terms of numbers and understanding of the sector that we regulate ahead of CoFI coming into force. And because I take every opportunity I have to do so, I will say that I am very fortunate to have a team that is eager to engage with and understand the sector at both an operational, and also a strategic level.
This year's conference theme is "regeneration". It's a fitting theme for the city we are in given all that it and its people have been through. The FMA and the insurance sector are also on a regeneration journey of sorts, as we prepare for a new way of regulating the conduct of financial service providers. Additionally, there is an element of regeneration in terms of the FMA and the insurance sector's relationship - but more on that later.
Recent cases
The FMA and Reserve Bank of New Zealand's joint Conduct and Culture review of banks and life insurers in 2019, and the FMA's review of fire and general insurers in 2021, uncovered some examples of poor practices negatively impacting customers and unfair treatment. Now, no one at the FMA will talk about ongoing investigations, no matter who is standing on the stage, and my focus is on the supervision of insurers, so what I want to do here instead is look at what we as regulator, and you as regulated firms or representatives of regulated firms, can learn from recent cases.
In eight cases, the FMA's Enforcement team took civil proceedings under the Fair Dealing provisions within the Financial Markets Conduct Act. They stemmed from false or misleading statements in marketing material for financial products, and in many of the cases with insurance companies, were for failing to apply multi policy discounts to customers who were entitled to them. The FMA was particularly concerned by the length of time these failures went unchecked. Some cases stretched back decades, resulting in significant breaches, customer harm, and millions of overcharged premiums.
For the FMA this work was time and resource intensive, stretching over multiple years, in part due to the complexity and breadth of each issue.
In the FMA's view, and that of the Courts, the relationship between insurers and their customers is one of trust. Customers should rightfully expect to be treated fairly by their insurer and that agreements between the two parties will be honoured. The deficiencies in IT systems and lack of oversight by the insurers administering the products broke that trust.
If you haven't already, I encourage all of you to read the judgments that have come out of the proceedings we have taken, something I'm also working my way through. They provide incredibly useful insights into the Court's view of bad conduct and what firms should be thinking about when considering what fair treatment looks like.
These issues were often associated with more than one product or one aspect of business. In these situations, the FMA expects firms to test other parts of their business, or other products, to ensure similar problems haven't arisen.
The FMA has also shown it is willing to use alternative regulatory tools available to it. In one case, the FMA chose to issue a warning to one provider for failings similar to the eight proceedings. This case was a good example of the FMA's action being proportionate to the seriousness of the offending, number of customers affected, and the remedial work undertaken by the provider.
Self-Reporting
A key issue that the response to the Conduct and Culture work has flushed out is self-reporting.
Among our minimum expectations for those we supervise, and for good conduct risk management, is that issues and potential breaches should be self-reported to the FMA. This is a sign that entities take their legal and licensing obligations seriously - and by informing us, they will endeavour to fix the issues quickly.
When the self-reported issues have the potential to reveal significant breaches or involve risks and harms to customers, we may investigate further and it can result in us using our regulatory or enforcement tools and remedies.
It is also worth reminding you of our view of what best practice "self-reporting" looks like. If there is an issue a firm discovers that requires remediation for customers, or shows that systems or processes are not delivering promised outcomes, that's not good news. But it is here where firms start to make the choices that matter. The right way or the wrong way. The right way involves promptly informing your board, bringing the issue to the FMA, and ensuring timely remediation and communication with customers.
Waiting until firms think the problems have fully bottomed out, before making first contact with the FMA, or your customers may be tempting. Instead, we urge firms to prioritise stopping the harm as soon as possible.
The choices an entity makes after discovering the problem will be relevant to the FMA's enforcement response and will often influence our view of the entity's overall conduct. However, self-reporting cannot provide immunity from potential action and even litigation, especially if the issues are significant, systemic or have led to customer harm.
The nature of the underlying misconduct itself will always be the driving factor in assessing the appropriate response. The more serious the misconduct - to consumers or to the market - the more likely it is we will take strong enforcement action, irrespective of how it was reported to us. And that makes sense, not just for the FMA, but for any law enforcement agency. The FMA has said it before - a confession does not absolve responsibility. No one thinks poor conduct or breaches of the law should go without accountability.
CoFI
Many of you will be aware of this recent history. But there is a key point I want to raise.
It's the period before the Conduct of Financial Institutions regime comes into force. The only tools the FMA has to deal with the historic issues I've set out is its fair dealing powers under the FMC Act. The FMA hasn't licensed insurers for conduct, there's no other tools for us to use other than investigations or enforcement. What CoFI does is provide us with a licensing regime, and a whole heap of tools such as monitoring, supervision, direction orders, stop orders, and the broader range of soft tools we have at our disposal, like guidance, like media interviews, like this speech.
I would now like to turn to what the FMA's supervision approach will look like under CoFI. The Conduct of Financial Institutions regime (CoFI) introduces a new regulatory regime to ensure registered banks, licensed non-bank deposit takers, and in your case, licensed insurers, comply with the fair conduct principle when providing relevant services to consumers.
The fair conduct principle is the overarching principle of CoFI that a financial institution must treat consumers fairly. It is important that consumers get the financial products and services they need throughout their life, when they need them, and have trust and confidence that those products and services will perform as expected and meet customers' needs.
CoFI supports a greater focus on good conduct risk management and customer outcomes, proactively analysing how products are performing for customers (not just the business), communicating clearly and regularly with customers and acting quickly if something is not working as it should be. An outcomes focus requires thinking about and implementing good effective practice and the results this will achieve, not just complying with prescriptive rules set by law.
The FMA sees this as a continual journey: good conduct and treating customers fairly needs to be ongoing and ever-evolving rather than being a one-off project. Embedding good practice now will smooth the transition to the new conduct regime - a good conduct programme is as much about change management and cultural change as it is about compliance.
So, to supervision. CoFI will allow the FMA to evolve into a more fully fledged conduct regulator with a range of proactive tools - as well as litigation where necessary - to influence conduct and consumer outcomes into the future. Fair dealing powers can only be reactive. They exist to correct behaviour where things have gone wrong. These are necessary, but not sufficient, for either preventing poor conduct outcomes or encouraging good outcomes.
Under CoFI we will be focusing more on the outcomes resulting from treatment of consumers rather than just on the methods financial institutions have chosen to comply with CoFI obligations. We believe that financial institutions know their businesses best and are best placed to determine the most effective actions to achieve CoFI obligations and objectives.
And how do we assess conduct?
- By running monitoring reviews to assess how firms are complying with obligations and demonstrating they are serving the needs of customers
- Undertaking 'thematic reviews' of the sector to understand how different firms conduct themselves on a particular topic of interest
- Acting on information (such as complaints) from customers and market participants themselves.
When investigations and action are required, we will still take an approach proportionate to the misconduct to achieve an appropriate market outcome. We are also committed to taking strong action and holding individuals and entities accountable when they break the law and fail to meet the standards that are expected of them.
I'm sure you or your clients are all well into the application process for your CoFI licence. With a little over six months until the regime gets underway, the FMA strongly encourages all firms that require a CoFI licence to get their application in before the end of 2024, to ensure a smooth transition into the regime that begins on 31 March 2025.
The FMA has received several applications so far, and approved more than half a dozen, but that's fewer than we would have expected by now given how close we are to go time. We are currently engaging closely with a wide variety of firms who need a licence and are proactively engaging with smaller firms in particular, such as non-bank deposit takers and Credit Unions.
Some firms have told us that they are likely to seek an exemption to requiring a fair conduct programme. There are also some firms who have indicated to us that they are likely to seek an exemption from the regime as a whole. We would really encourage those firms to have a Plan B, in terms of getting a CoFI licence. The law is very clear about what is expected. A licence application takes around 60 working days for the FMA to process. If a firm is not licensed by 31 March 2025, they will not be able to offer financial services for their retail customers. FMA staff are here to help and support firms in getting ready for CoFI, and we encourage firms to reach out if they have any questions. We are committed to an open and educative approach, so all financial markets participants have clear and well-understood responsibilities.
One of the other ways our regulatory approach is developing is in the ways we are thinking about the costs and benefits of our regulatory approach. Where it's appropriate, and where we are able, we'll look to remove unnecessary burden, and we always remain alert to how our actions can impact firms.
Concluding statement
So, in short, the FMA has been busy these past few years when it comes to its regulatory investigations. It has come at a time of significant change for both the FMA and the sector. We are moving from a reactive, to proactive supervisory approach of financial institutions under CoFI.
Our work in this space will continue and change as we embed the CoFI regime in our day-to-day operations. We won't be on this journey alone, we want to take you there with us, well hopefully not down the investigations route, but I hope you get my point.
The FMA, along with its Council of Financial Regulators partners, recently set its vision for New Zealand's insurance sector. We want an insurance sector that is forward-looking, fair, stable competitive and efficient, promoting informed and confident participation by consumers and businesses. We aim to do this by working with you all as part of a co-ordinated system of prudential and conduct regulators. CoFR will continue to work closely with you all to ensure that this vision is achieved.
I said this in my first speech as an FMA employee earlier this year but it's worth reiterating. We all want the same end result. That is for businesses to grow successfully and support their customers by treating them fairly and putting their interests at the heart of their decision-making. For those professionals that help industry with financial services regulation, we understand and support the work you do. We know that keeping an open dialogue with all our stakeholders will be critical to our success in both the short-term, delivering the up-coming changes, but also the long-term, in order to foster the fairest financial sector in the world.