The future of fraud part 4: industrialisation of claims
In the fourth and final part of this series we examine the recent change of regulatory body in relation to claims management activity and the avenues still open for industrialisation of claims and lead generation.
On 1 April 2019 the Financial Conduct Authority (FCA) become the regulator of claims management companies in England, Wales, and now including Scotland. Firms were required to register for claims management ‘temporary permission’ by 31 March 2019 if they want to continue trading after 1 April 2019.
Firms operating in Scotland will now also be required to be registered.
At the time of posting this blog 953 CMCs had registered for temporary authorisation.
Claims management companies were previously regulated by the Claims Management Regulator (CMR) arm of the Ministry of Justice.
When firms register for temporary permission with the FCA, they will need to confirm which activities they will be carrying on and in which sectors. There now appears to be a two-tier system of authorisation, separating out lead generation activities from advice and representation.
This explicit delineation of regulation is new, under the previous CMR rules ‘Advertising’ was a regulated activity. The FCA’s use of the term ‘lead generation’ perhaps suggests more of a focus on ‘claims farming’ activities.
The FCA’s Financial Lives survey indicates that 67% of customers who used a CMC over the last 3 years to make a financial services claim, wouldn’t have done so without the involvement of a CMC.
The FCA guidance currently published has an emphasis on claims companies operating within the Privacy and Electronic Communications Regulations and the Data Protection Act.
The FCA also proposes that CMCs should do due diligence on any lead generator they accept leads from. The FCA however does not regulate law firms, this is the job for the Solicitor Conduct Authority (SRA).
The former regulator had a focus on The UK Code of Non-broadcast Advertising, Sales Promotion and Direct Marketing (CAP Code) and The UK Code of Broadcast Advertising (BCAP Code). Under the previous CMR rules cold calling in person (door stepping) was prohibited. Any marketing by telephone, email, fax or text shall be in accordance with the Direct Marketing Association’s Code and any related guidance issued by the Direct Marketing Association.
A ban on CMC cold calling without consent has been in place since September 2018. The Information Commissioner’s office is the main enforcer of the cold calling ban.
Any GDPR and DPA requirements in relation to processing of personal data for direct marketing for lead generation can simply be side stepped when considering mail shot marketing by simply omitting a recipient name and sending to an address. The alignment to the Privacy and Electronic Communications Regulations (PECR) and Data Protection Act (DPA) for FCA regulation mean any fines levied against CMC’s can now be significantly higher.
The sectors requiring authorisation remain unchanged:
- Personal Injury
- Financial Services
- Housing Disrepair
- Specified Benefit
- Criminal Injury
- Employment Related
While it is known that the former claims management regulator had turned its attention to the emergent claims problem in holiday sickness claims, we are helping clients in other areas of increased claims farming activity. Our concern is that these claims in these industry sectors do not currently require authorisation or fall under the new regulator’s remit, never mind receive focused attention when they are under attack.
We are already dealing with and conducting investigations in the following areas that are not subject to regulatory oversight:
- Cavity Wall Insulation claims
- Japanese Knotweed claims
- EC261 flight delay claims
- Data breach claims
- Property leasehold mis-selling
The behaviours are consistent with claims farming from the personal injury sector:
- Cold calling, in person and by telephone
- Raising awareness and creating a market for claims via social media
- Pyramid referral schemes, again often using social media
- Referral without instructions
- Fabricated and exaggerated claims
- Repeat claimants, often for the same losses
- Complicit enablers
- Pre-packaged claims
- Claim layering
- Questionable handling/processing of personal data (the irony of doing this in respect of data breach claims is not lost on us)
Of course, whilst CMCs will be attracted to shiny new toys, those new and developing areas will not be pursued instead of personal injury claims, just as well as. As we alluded to in part 3 of this series – if it ain’t broke, don’t fix it. This goes just as well for the CMC business model as much as it does for the sectors in which they operate.
As we have discussed in this series, you cannot look at insurance claims fraud as a nil game. It is a risk that requires effective and thought through management. Making your claims process robust in the face of fraud whilst allowing core business processes to operate effectively is key.
We achieve this by accepting fraud is a problem that will require your long term attention and that your response takes account of the way in which it aggregates through small losses in large volume. Your strategy needs to be flexible to change – both in the environment (your process and the wider industry, regulatory and legal frameworks) and in the evolving approach of fraudsters.
Over the coming weeks we will continue to explore claims farming from how it works and what (in different sectors) it looks like.