Understanding the vulnerability gap
Understanding the vulnerability gap
How many vulnerable customers should a firm expect to have? The FCA’s Financial Lives survey reports that around 50% of people will be vulnerable at any one time. This seems like too many. Many firms still report single-figure proportions of vulnerable customers, sometimes as low as 1% or 2%. This seems far too few. Why is there such a difference? Why do many firms report such low numbers, and does it matter?
Comparable studies from related organisations also back up the FCA’s 50%, though it may seem high. Many of that 50% will be mild vulnerabilities. Based on live assessments from a wide range of firms across multiple sectors, MorganAsh’s data shows that the proportion of vulnerable customers requiring action can typically be expected to be around 10%–15%.
With reported figures ranging from upwards of 2% and the FCA setting expectations of there being around 50%, the shortfall is often huge. Let’s look at why there is such a gap.
The most significant issue is that most firms are working reactively – only checking whether customers are vulnerable when the customer contacts them. This is just a fraction of the total number of customers. Firms aren’t identifying their vulnerable customers, they only identify those they speak to, or who contact them during claims or complaints journeys.
Many vulnerability issues encountered are overcome by staff, informally, at the time of interaction. While providing responsive support is good, the vulnerability is automatically deemed to be overcome – and is often not recorded, even if it continues to be an issue, or is something which could worsen later.
There is a reluctance to record customers’ vulnerabilities at the point of sale, because of a concern that it may interfere with the sales process.
Firms and staff feel that it could be embarrassing to ask personal questions.
It may be believed that the consumer is reluctant to disclose issues which are considered private, or firms worry that customers fear that their information could be misused (or used to make negative decisions) or lost/stolen.
The vulnerabilities may be mild and not warrant any change to a process; firms therefore feel there is no need for them to be recorded.
All of these factors compound, resulting in firms only identifying a small proportion of vulnerable customers. Let’s look at each in turn.
Reactive-only approach: the problem with this is that firms rely on the consumer contacting them; in practice, an ever-increasing number of interactions are digital and transactional, so there is little opportunity for disclosure. Also, the consumer is usually unaware that there is any need to disclose vulnerability information to the firm (and they may also not consider themselves vulnerable or understand what a vulnerability is or isn’t). In some cases, customers may have disclosed but the information was not recorded. Where firms are proactive, and engage with all or most of their customers over time, the percentage of identified customers goes up. This works best when done at an existing point of engagement, for example at the point of sale, at a review or when a claim is made and so on – it can become a natural part of that customer journey.
No need to record a vulnerability: if it was overcome: there are three issues with this approach. First, there is no evidence for audit purposes that the vulnerability characteristics were considered; second, if a different product or circumstance comes into play in the future, where the vulnerability is relevant, there will be no record; and third, there is no comparison data for Consumer Duty outcome reporting – to demonstrate, when comparing outcomes, that the vulnerability was considered and overcome.
Fear of affecting sales: a common fear within commercial teams is that asking personal questions will be considered invasive and affect a sale. We have yet to find any evidence of this; indeed, we have evidence that an improved understanding of consumers’ personal situation leads to increased engagement and sales. This fear is natural but unjustified.
It’s embarrassing to ask personal questions: many people find that asking personal questions is embarrassing and are reluctant to do this. This is understandable, if only because it is a change. All of our experience is that, once you try, there is not an issue. It is ironic that our national greeting is “how are you?” – a question about health; many people find talking about money to be impolite, yet financial services firms do this every day. This is simply an issue of getting used to change. MorganAsh has assessed vulnerable people for over twenty years and this is very seldom an issue.
Reluctance to disclose: this is often quoted as the major issue by those who have not yet implemented a vulnerable customer strategy. It is true that a few consumers may not want to disclose all the information, but our practical experience is that they will if asked, or at least disclose enough to be useful. It is important to explain to consumers why the information is required, so they can understand the benefits of doing so.
The vulnerability is not important enough to be recorded: there are many issues that are relatively mild and common – for example, partial hearing loss. Such vulnerabilities do not require any adaption and are often judged to not be important enough to label the person as vulnerable. Our challenge here is that, (as with not recording vulnerabilities when overcome) we need evidence to demonstrate that the vulnerability was considered; we also need data for outcome reporting – and, if the vulnerability changes or progresses, what was once a mild issue could become acute (if we have recorded this, we can prepare for it).
Another factor is that many of the firms identifying vulnerable customers in single-percentage figures do so because their clients are wealthy or financially secure – not financially vulnerable. Other vulnerabilities need to be identified, because money does not provide immunity from health issues and life events.
The graph above shows how only a subset of vulnerable people are identified when the firm works in a reactive way (denoted by the strong white dots at the bottom left); in reality, anyone in the red area will be very vulnerable and need action or support, and anyone in the orange area may have a mild vulnerability which doesn’t require action but it should be recorded and reported on.
An identification gap of between 2%–50% may seem insurmountable but, in reality, the steps needed to move towards more accurate identification are neither complex nor hard.
While organisations can address these issues themselves, technology such as MARS (the MorganAsh Resilience System) already exists to provide a digital, low cost, easy-to-manage solution – one which can be adopted within days, if needed. It can operate fully digitally or within an agent/adviser-guided workflow.
Working proactively, recording not only vulnerabilities but also any mitigation strategies, support offered/taken and support outcomes, overcoming cultural or familiarity hurdles and changing the nature of the vulnerability categories recorded can shift the dial massively on your identification levels. This spills quicky into offering better support, delivering better outcomes, having better management information and being able to easily report to the regulator.
The gap is real – but the target percentage isn’t that difficult to achieve. And one thing is certain, if you think you only have a few per cent of vulnerable customers, you are almost certainly wrong – and a good data-driven process can show this.
