Wealth management firms might well have been taken aback by the Financial Services Authority’s (FSA) ‘Dear CEO letter’, which was published in the light of its findings that four out of five portfolios from a sample of wealth management firms were unsuitable.

The FSA’s review of 16 wealth management firms found that 14 of them posed a ‘high’ or ‘medium-to-high’ risk of detriment to their clients. Two out of three files were not consistent with the firm’s in-house models or the client’s documented attitude to risk and investment objective.

There was often no record of the client’s financial situation, or the firms had failed to obtain enough information on the client’s experience and objectives.

In its letter, the FSA expressed concerns about inadequate risk profiling and risk management systems and broader ‘deficiencies in the management and control architecture of firms’. It has asked firms to respond by checking whether client information held on file satisfies all necessary obligations. It has also suggested that firms sample a meaningful number of client files, and assess whether the information in them is up to date and portfolios are suitable, based on the client information recorded.

Will German, a regulatory consultant at Avantage, suggests the best way to approach the ‘Dear CEO’ letter is in a systematic manner.

‘When the letter hits your desk, you should treat it as a project. Conduct gap analysis of the letter and go through it line by line,’ German advises.

FSA wealth management ‘Dear CEO’ letter – steps to take

Richard Scrivener, a consultant at Bovill who formerly worked at the FSA, provides guidance on how to respond to the FSA's recent 'Dear CEO' letter on suitability.

You are a small wealth manager, managing client portfolios on either a discretionary or advisory basis.

You didn’t get sent the Financial Services Authority’s (FSA) ‘Dear CEO’ letter on wealth management but you think you should be doing something.

The message behind the letter is that firms should consider the information contained in client files and judge whether it satisfies the suitability criteria enshrined within the FSA’s conduct of business sourcebook (COBS). Although the letter isn’t terribly explicit on what you need to do, here are some basic things you should be getting on with right now:

- Firms might be able to take sufficient comfort from their own periodic monitoring, but this might not be enough. It might be a good opportunity to do a ‘root and branch’ review.

- Select a representative sample of client files with a sample size relevant to the scale of your business. Choose from both advisory and discretionary; new clients and old; large and small.

- Bring together all of the necessary client information. This may have to be drawn from a variety of sources. If the ‘client file’ doesn’t ordinarily exist because you are putting the material together for your own review, think about what a third party might think. How quickly can you put the material together? If you’ve got good records and efficient systems, this shouldn’t be a problem.

- You can then assess whether files have relevant, meaningful, accurate – and most importantly – up-to-date information.

- Assess the depth, breadth and quality relative to the requirements in COBS 9. Can you build a picture of the client in your mind? Do you know their objectives, their attitude to risk, their investment time horizon, what proportion of their overall assets you are managing? Do you know what their knowledge and experience with regard to investments is?

- If you are satisfied that all the client information is in place, you should then judge whether the most recent portfolio is suitable based on the documented client information held. Is the asset allocation more or less in line with the firm’s current investment strategy for that type of client? If the asset allocation is out of line, is there a good reason noted on file? Is there an over-concentration in any particular holding – without good reason? Are there any assets, or combination of assets, that don’t accord with the customer’s risk profile?

- Remember, don’t just look for the outliers that might be up-risking the portfolio. Consider instances where the portfolios might be too conservative for the client’s requirements – these are less likely to be picked up through outlier or performance/volatility monitoring.

- Having done all of that, what if you spot a problem? Information shortfalls can be rectified. Getting a download from the portfolio manager by speaking with him/her is a good start, and encouraging him/her to document ‘what is in his head’. But if it’s apparent that some portfolios have been managed out-of-line with the mandate then you should have regard for Principle 6: a firm must pay due regard to the interests of its customers and treat them fairly. This might mean working out whether the client has been disadvantaged as a result. There is no easy solution. When did the ‘disadvantage’ begin? The portfolio may have been out-of-line but this may have benefited the client!

- Last, but arguably most importantly: you will need to consider how to keep all of this up to date. How do you engineer getting periodic updates from your clients (or from your fund managers?). How do you ensure frontline staff pass on crucial client information after they have met with a client?

Our advice to firms is that even if you were not a recipient of the ‘Dear CEO’ letter, you should have some actions already under way.