Bluerock Review : August 2004

The content you are searching for is contained within our extensive library of PDF publications.

To access this document simply click the title of the publication shown below and you will be forwarded to our download page.

Bluerock Review - August 2004 (153k)
Don't Stop Now! - Post retirement financial planning " Regulation Speculation? The likely impacts of DP26
keywords: DP26 retirement security regulation pension bill


  PDF documents can only be viewed with the Adobe Acrobat Reader® application. This is available to download free of charge from the Adobe web site. If you do not currently have Acrobat Reader® installed, simply click the button to the right to download it.

If you experience any problems downloading any of our publications, or require alternative formats or additional information, please contact us.
Don’t Stop Now! - Pension Planning Post Retirement Following on from last month’s article examining the impact of the 2004 Pensions Bill, Roderic Rennison of the Bradford and Bingley Building Society examines how the financial services industry needs to address the changing investment requirements of an aging population. --------------------- We are all getting older, although not, it seems, necessarily wiser - at least when it comes to proper retirement planning and provision. It's not just the confused, sceptical or 'live for today' consumer who hasn't yet clocked the seismic shift in attitude and behaviour that will be required to stave off the well-publicised pensions crisis. If this is a message you’ve heard before and sounds like a stuck record, I apologise - but the tune won't change until the UK retirement planning market gets to grips with the changing needs of the older financial consumer. Let's look, for example, at how the majority of intermediaries define retirement planning judged on the basis of the typical services they offer. There are two striking observations. ­ Wealth creation not preservation The typical IFA or tied adviser deals almost exclusively with advice before or on retirement. The advice process often seems to stop when an annuity is purchased and a pension is drawn down. Of course there are exceptions to every rule - and indeed, some quality, high net worth IFAs often make a very good living focusing on fund selection and portfolio weighting to individuals long after their carriage clock moment, enabling them to actively preserve their capital. These IFAs take wealth preservation just as seriously as wealth creation - a key ingredient to efficient post retirement planning. However this brings me directly on to the second striking observation. ­ Advice for the wealthy only It is established wisdom in the industry that it's difficult to make advice profitable unless a client’s pension pot is £50,000 or over. With the average UK pension pot on retirement being a meagre £25,295 1, it's easy to see that a high percentage of the population has been frozen out of the retirement planning intermediary market. Yet, buoyed by the strong equity markets of the ‘80s and ‘90's, there has, up to now, been no shortage of lump sum investors before and on retirement to make a living from. If today's financial planning trends continue, however (increased debt burden, rising property prices pushing mortgage repayment to later years, low inflation subduing annuity rates, and reduced pension expectations), there will not be as many profitable advice clients available to the average financial adviser in the future. At the same time, though, it is expected that there will be an exponential rise in demand for expert financial advice across all sections of the population. So how is the circle to be squared? One answer is around cost cutting. There is room for advice costs to be reduced with online processing etc. However, significant cost savings are likely to be negated by the increasing burden of regulation . Even if greater efficiency was enough to broaden the advice market significantly (arguably a vain hope), this still doesn't get to the heart of the matter. I believe the only real solution available to the industry is to rethink the level and type of services offered. The astute financial adviser needs to start viewing retirement as a gateway, rather than a closed door, to his/her services. Conceptually, we are still far away from establishing and developing a proper market for post retirement planning that can be both commercially viable and properly serve the needs of mainstream older consumers. Crucially, the concepts need to focus on the holistic financial planning needs of the client and not individual product stables. Industry commentators might cite the burgeoning home equity release market as evidence of an evolving post retirement market. Home equity release, which dovetails into two distinct product groupings of home reversion and lifetime mortgages, is a natural by-product of rising property prices, dwindling pension pots and longer lives. Yet it has been met with a great deal of scepticism and concern among the media and consumer lobby groups who hail it as the next mis-selling scandal waiting in the wings, for which there is obvious potential. For example, there are still only a handful of lenders providing a drawdown facility and the majority of clients take a lump sum. Why is this? Advisers need to think carefully about the extent of financial necessity that makes homeowners take money out of their house at an interest rate of on average 7-8%, when the best interest they could hope to earn on it would be 4-5% - i.e. a negative return. The home equity release market raises complex issues regarding duty of care and legal advice. It certainly requires specialist training. The FSA has come part way to addressing this with its special module in lifetime mortgages but even this raises further issues. Divorcing an individual product stable from the wider financial interests of the client, without the right guidelines and parameters, can be dangerous. Home reversion schemes are also in the news – the fact that they are to be regulated is generally regarded as good news, but that regulation won’t be implemented for up to three years. A lot could happen during this time. The need for controls Advising on a product in isolation does not always sufficiently weave across other areas of complex financial planning such as inheritance tax planning. Estimates show that nearly 5% of the population have investible assets over £100,000, with a concentration towards the older ages . Add in the 70% of the population who own their own homes, worth an average of £160,000, and you can see this is no longer a specialist area. In an ideal world, a retired individual would sit down with one adviser to look across their investments, pension and property or other assets. But we are not living in an ideal world. So the parameters between simple financial advice and more complex financial needs have to be set clearly and cleanly by the regulator. This will require a great deal of attention, in adviser training, consumer awareness and regulatory guidelines. And nowhere is this more pressing than for retired individuals. Another specialist aspect of the post retirement planning market is long term care. Anecdotal evidence suggests that the level of advice in this area is patchy and greater attention to relevant adviser training and qualifications is paramount. The regulator has, to some extent, bared its teeth to protect older, potentially vulnerable financial consumers by mandating an examination qualification from later this year. A new approach It's clearly time for a new approach to post retirement planning - but what will this be? I believe it has to be found in partnership - between the intermediary and the provider. Take the annuity market for example, where there is real scope for product innovation and greater choice. However, as already argued, product is just part of the answer. Holistic advice is the key. So is this a utopian vision or just a statement of the obvious? The current demographics and household finance trends don't give us the luxury of indulging in an unworkable solution. A (commercially viable) post retirement planning proposition, with client needs at its centre, is an essential feature of 21st century financial services. Will providers and intermediaries view this as a threat or an opportunity? I hope it is the latter. Roderic Rennison is Group Financial Services Director of Bradford & Bingley plc Regulation Speculation? The Likely Impacts of DP26 Many information security (infosec) departments across the world suffer from under-investment. It is extraordinarily difficult to construct a true cost-benefit argument for security investment and this is not aided by the fact that managers often have to rely upon presentation of a view that expresses the costs of not proceeding with proposed spend rather than being able to positively position the business benefits of such investment. In this article Tony Kowalewski discusses one of the latest reasons why Chief Information Security Officers (CISOs) need to go into bat yet again! DP26 – Fraud and Dishonesty In December 2003, the Financial Services Authority published a discussion paper (DP26) that should set alarm bells ringing in infosec departments across the UK. At first glance, however, the relevance of the subject matter may not be immediately obvious. DP26 talks about the need for the FSA to face up to one of its reasons for being – the reduction in financial crime. DP26 makes it quite clear that the FSA is taking the financial services sector on another journey towards further regulation. So why should firms regulated by the FSA worry too much about this? A loosely worded section of the FSA’s Supervision Manual (SUP 15.3.17-20R) provides that firms must notify the FSA immediately they become aware of certain “frauds, errors and other irregularities” internally or externally, if these are “significant”. Currently, the definition of “significant” is largely left to firms to interpret, although if “The financial crime objective, section 6 of the FSMA” was taken more seriously, the FSA would receive many more notifications of fraud. In section 7 of DP26, the FSA makes clear that it intends to get much closer to firms on the subject of fraud. This definition, therefore, may be made much more prescriptive. The importance of controls within DP26 DP26 discusses several options for the future but what seems to shine through is the link between fraud and operational risk. Those who have been busying themselves with operational risk reviews as part of Basel II preparations will understand very well the need for controls that are clearly documented. In the event of a review with a firm arising either as part of a regular review process or as a result of a security / business solvency breach, the FSA is likely to expect that policies, processes and governance are all thoroughly documented. The following extract from the Senior Management Arrangements, Systems and Controls Sourcebook (SYSC) demonstrates the seriousness with which the FSA views the subject of controls: 3A.1.3 G This guidance on operational risk systems and controls is in SYSC because operational risk is present in all firms and can affect a firm’s solvency and the fair treatment of consumers and can lead to financial crime. This guidance deals with the management of people, processes and systems, and external events. In particular, guidance is provided on the subjects of employee responsibilities, IT systems, internal and external documentation, information security, geographic location, expected and unexpected events, business continuity, outsourcing and the role of insurance in guarding against the consequences of operational risk. These concerns, though, are not just restricted to the FSA. Average fraud losses in the UK retail banking sector tend to be higher than in Europe. Losses resulting from poor controls are likely to be perceived as an ongoing risk to business, and hence of greater concern to the City than losses written off to bad debt (which can be blamed on a number of trading conditions). Cart/horse, chicken/egg Before controls, however, should come policy…..and processes…..and procedures. A common fault in organisations that suffer high fraud losses is the fact that policies and processes rarely reflect what is actually happening on the ground. And it’s almost inevitable that there is no quality assessment or review of related documents – that’s if they exist at all. I have talked about the need for controls, security policy, processes and QA, etc. It would be easy to create all of these things tactically. Yet adtopting such a tactical approach would constitute the classic mistake of treating symptoms, not the cause. To address the cause one must take a much more strategic view by looking at the framework within which infosec is managed across the whole organisation. Fundamental principles such as governance, ownership (of data, systems, risks, processes, etc) plus responsibility and accountability all need to be established before any lower level tactical arrangements can be truly effective. Wider implications The FSA makes extensive reference in its various publications to BS7799 and/or ISO17799 and believes those standards to be the baseline against which information security arrangements should be created. BS7799 (and its ISO equivalent 17799) has been around for a long time and almost all financial institutions have infosec policies based upon it. But to what degree are such policies simply there to satisfy a perceived requirement to have one? A great amount of lip service appears to be paid to BS7799 rather than treating it as a source of good practice upon which to build excellence in infosec management. There’s a certain inevitability that the FSA will expect, as part of any increased regulation coming out of DP26, that firms will have in place arrangements that reflect the principles laid down in BS7799 / ISO17799. So what to do? And so we move on to some suggestions for improvements to infosec arrangements that will help to satisfy the inevitable increased regulation of “financial crime”. ? Review the governance of security and clearly document who is empowered to make decisions and at what level ? Document processes to a detailed level and place them in an inventory that is actively managed ? Complete a risk assessment against those processes to identify where vulnerabilities exist not only within the IT area but also as part of an end-to-end business process review (security is about much more than just boxes and wires!) ? Make sure that incident response processes include effective two-way interfaces with business operations – determine who does what and where the boundaries of responsibilities lie ? As part of the risk assessment, identify what controls exist and perhaps more critically where new ones are required. Feed that info into your change management programme ? Monitor and audit. Make sure that the ability to identify incidents exists The Final Word In its survey of UK businesses in 2002, the National Hi-tech Crime Unit found that whilst many companies are taking the threat of computer enabled crime seriously, “the importance attributed to this issue contrasts with the very small levels of spend on (its) prevention”. In the same survey, a whopping 21% “of firms did not carry out audits to verify that processes and spend on security are working properly”. And so we come to the need once again for the CISO to go begging for more cash. There’s no discernable cost benefit (again!) but the need to spend some more money is crystal clear for those whose organisations have yet to base their security regimes on BS7799 and risk assessments that are as rigorous as those demanded by Basel II. The cost of not doing so? The FSA is on its way……..