INTRODUCTION

  1.  FLA is the principal representative of the asset, consumer and motor finance sectors in the UK. FLA members achieved £93 billion of new business in 2006. Of this, £65.5 billion was provided to the consumer sector, and FLA members represented 28.8% of all unsecured lending in the UK. The remaining £27.5 billion was provided to the business sector and UK public services. Our members comprise banks, subsidiaries of banks and building societies, the finance arms of leading retailers and manufacturing companies, and a range of independent firms. The facilities they provide include secured and unsecured personal loans, credit cards and store card facilities, leasing, and hire purchase.

  2.  FLA is heavily engaged in many aspects of the fight against fraud and money-laundering, and of data-sharing. This is not the appropriate place to detail them at length, though we would like to mention here our active involvement in the Home Office's Identity Fraud Steering Committee and several of its working groups. For many years, we have led the calls for greater sharing of relevant data to aid responsible lending and help prevent over-indebtedness. Discussions continue with trade associations represented on the Steering Committee on Reciprocity (SCOR), on the future governance of data sharing with a view to greater transparency.

  3.  The crucial message we would like to leave with the Home Affairs Committee is that our members, like other lenders, rely heavily on certain aspects of "surveillance". They equally accept that checks and balances are needed and that finding out more about people for its own sake, or for a highly marginal benefit, is not acceptable by society. However, any reversal of the trend towards data sharing would have serious implications for responsible lending, over-indebtedness and financial crime.

BACKGROUND

  4.  Some time ago, Richard Thomas, the Information Commissioner, expressed concern that the UK was sleep-walking into a surveillance society. More recently, he has said he is worried that we are in fact sprinting towards a surveillance society. FLA's interest in "surveillance", which for us essentially means data sharing, stems from the need to prevent over-indebtedness and to prevent, detect and investigate financial crime. But, although we are strong advocates of data sharing for these purposes, we do also fully understand the requirement for robust controls to ensure that access to data is restricted to those who have a legitimate need for the data.

  5.  Consumer behaviour has changed significantly since the days when a consumer would have the majority of his financial arrangements with one organisation for life. 30 years ago, consumers approached their bank manager in person to open an account and saved with a building society for two years before applying for a mortgage. Credit cards had only just been launched. Now, there are 70 million credit cards in circulation. 60% of adults in Great Britain use the internet regularly, and almost half of adult internet users use it for personal banking and financial services. Indeed many people rarely, if ever, go into their bank branch. Now, consumers can apply for and open accounts over the telephone or internet or at a third party such as a store. "Know your customer" has changed from a way of life to a legislative requirement.

DEVELOPMENTS IN TECHNOLOGY AND DATA SHARING

  6.  Consumers as a whole willingly accept and use new technology, notably the internet. It brings them the benefits of greater choice, faster delivery, increased competition and therefore lower prices, constant availability, and a degree of anonymity that many people welcome. But for every plus there is a minus, and criminals deliberately seek to exploit any weaknesses. For FLA members, the biggest minus is the difficulty of knowing their customer. How can lenders be sure that the applicant for finance is who he says he is and can afford to, and will, repay the loan?

  7.  The Home Affairs Committee will recall that, in oral evidence we gave to your Inquiry in February 2004, FLA continues to support identity cards from a fraud prevention perspective. This is in the absence of a reliable universal form of identity or address verification database in the UK rather than the patchwork of information about individuals that exists across a variety of databases.

  8.  In a paper on the financial challenge to crime and terrorism, published jointly by the Home Office, HM Treasury, SOCA and the Foreign & Commonwealth Office in February 2007, the Government said that organised criminals used the financial system to move money, and launder and disguise it in other types of assets. In the same way that the financial system provides a mechanism for legitimate trade and investment, so it can be abused by organised criminals and terrorists for their own purposes. The financial sector in the UK relies on its international reputation for integrity and fair-dealing but is itself a target for organised crime, including fraud.

  9.  However, as criminals and terrorists rely on the financial system, so that financial system itself and the information within it now provide a new opportunity to tackle these threats. Financial information is one of the most powerful investigative and intelligence tools available, the true potential of which is only now being fully understood. Its value is often not fully realised until it is combined with other information. At the same time, criminals capitalise on a lack of routine data sharing. Contradictory information can still be submitted to a range of different agencies without it being picked up. Data-sharing within the public sector is often patchy, while sharing across the public—private divide is rarely even attempted. Happily, the benefits of data-sharing are increasingly being realised across government. For example, pilot exercises in the identity fraud arena and within SOCA are throwing up striking examples of what can be done when public and private data is shared, with particular potential to reduce financial crime, money laundering and fraud. A successful pilot exercise of public sector agencies submitting data to CIFAS, a private sector fraud information sharing service, suggested that a high proportion of address data (on average 31% but as high as 40% for some agencies) matched addresses already identified as being suspect by the CIFAS database.

  10.  There is significant scope to reduce harm through such mechanisms in a way that strikes the right balance with the need to protect confidential data, as enshrined in the Data Protection Act. Where the Government has information that can help direct private sector efforts to deter money laundering and terrorist finance, it should be shared. This principle is as relevant at the tactical level—for example, sharing details of stolen passports with banks to assess which accounts have been opened with these—as it is at the strategic level—for example, by providing information on the money laundering risks that a firm might exposed to when conducting business in a particular country. The Serious Crime Bill contains important enabling provisions to facilitate more sharing of public sector data.

HOW DECISIONS ARE MADE

  11.  As lenders and customers have become more distant from each other, systems and procedures for assessing risk have had to change. Like anyone else, lenders can only make their decisions based on the information available to them at the time. In risk decisions, that information comes from two or, sometimes, three main sources:

—    The consumers themselves, on the application forms.

—    Lenders' own records and experience, if the consumers have had a previous relationship with them.

—    Credit reference and fraud prevention agencies.

  12.  Information provided by consumers, however, is of variable quality and accuracy. Many individuals genuinely do not remember the detail sought by lenders and guess or generalise their answers. Those who believe themselves to be a high credit risk omit information or selectively inform a lender of their situation in an effort to ensure that the credit they seek will be agreed. Many people overstate their income when seeking credit. Those who represent the greatest risk have the greatest incentive to withhold information that could be considered negative. And fraudsters lie.

  13.  Existing or previous customer records are an important and reliable source of information on the behaviour and track record of consumers in managing their credit. However, government policy is to advise consumers to shop around for the best product and deal. This means that consumers are increasingly seeking to transact with new suppliers and are far less likely to approach only their existing lender for a new credit facility. This results in a high reliance on credit reference and fraud prevention agency data for risk assessment.

  14.  Data is provided to credit reference and fraud prevention agencies by lenders, and then in turn by the agencies to lenders, in accordance with strict guidelines to ensure consistency and accuracy. The use of consistent and accurate credit reference agency data in credit scoring models has led to a significant increase in lenders' ability to assess risk, and this in turn has led to better lending.

WHO BENEFITS FROM DATA SHARING?

  15.  There are two main reasons why data sharing benefits both lenders and consumers:

—    Lenders make more accurate credit decisions more quickly, and are better able to protect themselves against fraud, with increased shared predictive data. This means reduced credit losses, reduced account handling time, and increased lending.

—    Shared data means that there is more likely to be early warning of problems for those who may be in financial difficulty, and both consumers and lenders benefit. When lenders become aware that consumers are experiencing difficulties, new applications from those in difficulty are declined, preventing additional overindebtedness. In addition, existing lenders will know to take action to help their customers in the early stages of indebtedness when this help is most effective and when there is a greater chance of a less painful resolution.

—    Fuller and prompter sharing of data would greatly reduce the damage which identity theft can cause. The credit industry, including the credit reference agencies, is working on ways of supporting victims of identity theft.

SAFEGUARDS

  16.  The Data Protection Act is a sound piece of legislation that protects consumers' fundamental human right to respect for their private and family life, their home and their correspondence. The response that is needed to the development of a surveillance society is not a change in the law. What is needed is widespread and effective training in the reasons for, and impact of, the legislation, combined with risk-based and effective enforcement. We support the Information Commissioner's work to identify and prosecute "blaggers", and we agree that a custodial sentence can be an appropriate sanction for those who wilfully flout the law. We do not support headline-grabbing, punitive fines against legitimate businesses that take their responsibilities seriously but occasionally make mistakes.

CONCLUSION

  17.  Developments in technology have changed the way that businesses and consumers interact. There are undoubtedly benefits for both sides, but downsides, too, and "surveillance"—which for us means data sharing—is an inevitable method of dealing with the downsides. There are risks involved in data sharing, risks of data being abused by criminals, terrorists and others with malevolent intent, but legitimate businesses, the public sector and law enforcement must have access to the same sort of technological tools that criminals use. To help protect consumers' rights, there must be widespread and effective training in the importance of the Data Protection Act, and effective risk-based enforcement of it.

  We would once again welcome the opportunity to give evidence to the Committee.

April 2007