Memorandum submitted by the Finance &
1. FLA is the principal representative of
the asset, consumer and motor finance sectors in the UK. FLA members
achieved £93 billion of new business in 2006. Of this, £65.5
billion was provided to the consumer sector, and FLA members represented
28.8% of all unsecured lending in the UK. The remaining £27.5
billion was provided to the business sector and UK public services.
Our members comprise banks, subsidiaries of banks and building
societies, the finance arms of leading retailers and manufacturing
companies, and a range of independent firms. The facilities they
provide include secured and unsecured personal loans, credit cards
and store card facilities, leasing, and hire purchase.
2. FLA is heavily engaged in many aspects
of the fight against fraud and money-laundering, and of data-sharing.
This is not the appropriate place to detail them at length, though
we would like to mention here our active involvement in the Home
Office's Identity Fraud Steering Committee and several of its
working groups. For many years, we have led the calls for greater
sharing of relevant data to aid responsible lending and help prevent
over-indebtedness. Discussions continue with trade associations
represented on the Steering Committee on Reciprocity (SCOR), on
the future governance of data sharing with a view to greater transparency.
3. The crucial message we would like to
leave with the Home Affairs Committee is that our members, like
other lenders, rely heavily on certain aspects of "surveillance".
They equally accept that checks and balances are needed and that
finding out more about people for its own sake, or for a highly
marginal benefit, is not acceptable by society. However, any reversal
of the trend towards data sharing would have serious implications
for responsible lending, over-indebtedness and financial crime.
4. Some time ago, Richard Thomas, the Information
Commissioner, expressed concern that the UK was sleep-walking
into a surveillance society. More recently, he has said he is
worried that we are in fact sprinting towards a surveillance society.
FLA's interest in "surveillance", which for us essentially
means data sharing, stems from the need to prevent over-indebtedness
and to prevent, detect and investigate financial crime. But, although
we are strong advocates of data sharing for these purposes, we
do also fully understand the requirement for robust controls to
ensure that access to data is restricted to those who have a legitimate
need for the data.
5. Consumer behaviour has changed significantly
since the days when a consumer would have the majority of his
financial arrangements with one organisation for life. 30 years
ago, consumers approached their bank manager in person to open
an account and saved with a building society for two years before
applying for a mortgage. Credit cards had only just been launched.
Now, there are 70 million credit cards in circulation. 60% of
adults in Great Britain use the internet regularly, and almost
half of adult internet users use it for personal banking and financial
services. Indeed many people rarely, if ever, go into their bank
branch. Now, consumers can apply for and open accounts over the
telephone or internet or at a third party such as a store. "Know
your customer" has changed from a way of life to a legislative
6. Consumers as a whole willingly accept
and use new technology, notably the internet. It brings them the
benefits of greater choice, faster delivery, increased competition
and therefore lower prices, constant availability, and a degree
of anonymity that many people welcome. But for every plus there
is a minus, and criminals deliberately seek to exploit any weaknesses.
For FLA members, the biggest minus is the difficulty of knowing
their customer. How can lenders be sure that the applicant for
finance is who he says he is and can afford to, and will, repay
7. The Home Affairs Committee will recall
that, in oral evidence we gave to your Inquiry in February 2004,
FLA continues to support identity cards from a fraud prevention
perspective. This is in the absence of a reliable universal form
of identity or address verification database in the UK rather
than the patchwork of information about individuals that exists
across a variety of databases.
8. In a paper on the financial challenge
to crime and terrorism, published jointly by the Home Office,
HM Treasury, SOCA and the Foreign & Commonwealth Office in
February 2007, the Government said that organised criminals used
the financial system to move money, and launder and disguise it
in other types of assets. In the same way that the financial system
provides a mechanism for legitimate trade and investment, so it
can be abused by organised criminals and terrorists for their
own purposes. The financial sector in the UK relies on its international
reputation for integrity and fair-dealing but is itself a target
for organised crime, including fraud.
9. However, as criminals and terrorists
rely on the financial system, so that financial system itself
and the information within it now provide a new opportunity to
tackle these threats. Financial information is one of the most
powerful investigative and intelligence tools available, the true
potential of which is only now being fully understood. Its value
is often not fully realised until it is combined with other information.
At the same time, criminals capitalise on a lack of routine data
sharing. Contradictory information can still be submitted to a
range of different agencies without it being picked up. Data-sharing
within the public sector is often patchy, while sharing across
the publicprivate divide is rarely even attempted. Happily,
the benefits of data-sharing are increasingly being realised across
government. For example, pilot exercises in the identity fraud
arena and within SOCA are throwing up striking examples of what
can be done when public and private data is shared, with particular
potential to reduce financial crime, money laundering and fraud.
A successful pilot exercise of public sector agencies submitting
data to CIFAS, a private sector fraud information sharing service,
suggested that a high proportion of address data (on average 31%
but as high as 40% for some agencies) matched addresses already
identified as being suspect by the CIFAS database.
10. There is significant scope to reduce
harm through such mechanisms in a way that strikes the right balance
with the need to protect confidential data, as enshrined in the
Data Protection Act. Where the Government has information that
can help direct private sector efforts to deter money laundering
and terrorist finance, it should be shared. This principle is
as relevant at the tactical levelfor example, sharing details
of stolen passports with banks to assess which accounts have been
opened with theseas it is at the strategic levelfor
example, by providing information on the money laundering risks
that a firm might exposed to when conducting business in a particular
country. The Serious Crime Bill contains important enabling provisions
to facilitate more sharing of public sector data.
11. As lenders and customers have become
more distant from each other, systems and procedures for assessing
risk have had to change. Like anyone else, lenders can only make
their decisions based on the information available to them at
the time. In risk decisions, that information comes from two or,
sometimes, three main sources:
The consumers themselves, on
the application forms.
Lenders' own records and experience,
if the consumers have had a previous relationship with them.
Credit reference and fraud prevention
12. Information provided by consumers, however,
is of variable quality and accuracy. Many individuals genuinely
do not remember the detail sought by lenders and guess or generalise
their answers. Those who believe themselves to be a high credit
risk omit information or selectively inform a lender of their
situation in an effort to ensure that the credit they seek will
be agreed. Many people overstate their income when seeking credit.
Those who represent the greatest risk have the greatest incentive
to withhold information that could be considered negative. And
13. Existing or previous customer records
are an important and reliable source of information on the behaviour
and track record of consumers in managing their credit. However,
government policy is to advise consumers to shop around for the
best product and deal. This means that consumers are increasingly
seeking to transact with new suppliers and are far less likely
to approach only their existing lender for a new credit facility.
This results in a high reliance on credit reference and fraud
prevention agency data for risk assessment.
14. Data is provided to credit reference
and fraud prevention agencies by lenders, and then in turn by
the agencies to lenders, in accordance with strict guidelines
to ensure consistency and accuracy. The use of consistent and
accurate credit reference agency data in credit scoring models
has led to a significant increase in lenders' ability to assess
risk, and this in turn has led to better lending.
15. There are two main reasons why data
sharing benefits both lenders and consumers:
Lenders make more accurate credit
decisions more quickly, and are better able to protect themselves
against fraud, with increased shared predictive data. This means
reduced credit losses, reduced account handling time, and increased
Shared data means that there
is more likely to be early warning of problems for those who may
be in financial difficulty, and both consumers and lenders benefit.
When lenders become aware that consumers are experiencing difficulties,
new applications from those in difficulty are declined, preventing
additional overindebtedness. In addition, existing lenders will
know to take action to help their customers in the early stages
of indebtedness when this help is most effective and when there
is a greater chance of a less painful resolution.
Fuller and prompter sharing
of data would greatly reduce the damage which identity theft can
cause. The credit industry, including the credit reference agencies,
is working on ways of supporting victims of identity theft.
16. The Data Protection Act is a sound piece
of legislation that protects consumers' fundamental human right
to respect for their private and family life, their home and their
correspondence. The response that is needed to the development
of a surveillance society is not a change in the law. What is
needed is widespread and effective training in the reasons for,
and impact of, the legislation, combined with risk-based and effective
enforcement. We support the Information Commissioner's work to
identify and prosecute "blaggers", and we agree that
a custodial sentence can be an appropriate sanction for those
who wilfully flout the law. We do not support headline-grabbing,
punitive fines against legitimate businesses that take their responsibilities
seriously but occasionally make mistakes.
17. Developments in technology have changed
the way that businesses and consumers interact. There are undoubtedly
benefits for both sides, but downsides, too, and "surveillance"which
for us means data sharingis an inevitable method of dealing
with the downsides. There are risks involved in data sharing,
risks of data being abused by criminals, terrorists and others
with malevolent intent, but legitimate businesses, the public
sector and law enforcement must have access to the same sort of
technological tools that criminals use. To help protect consumers'
rights, there must be widespread and effective training in the
importance of the Data Protection Act, and effective risk-based
enforcement of it.
We would once again welcome the opportunity
to give evidence to the Committee.