In our timely and topical series, our experts take a look at some of the key issues in our industry to help you navigate the changing market. Whether you’re an adviser looking to meet the changing needs of your clients, or an employer looking to support your employees, we’re here to help with a series of insight and opinion on a wide range of topics.
OUR TAKE ON MULTI-ASSET FUND INVESTING
Gavin Jobson-Wood, Pensions Expert, Scottish Widows
During this Vodcast Gavin Jobson-Wood will cover topics such as how unprecedented market conditions have led to heightened levels of volatility across all asset-classes and how diversified funds have helped investors in 2020. Other topics covered - why Multi-asset funds continue to be popular with advisers and customers alike and what does the outlook look like for multi-asset funds?
RECORDED VODCAST – 6 mins 26 secs
TAKING ON…VALUE FOR MONEY
Steven Nelson, Insight Director, the lang cat
Mark Polson, Principal, the lang cat
Gavin Jobson-Wood, Pensions Expert, Scottish Widows
This webinar discusses the important topic of Value for Money (VFM) in retirement planning. Covering what VFM in retirement planning means for advisers, how this can be measured for end clients and what the current and future regulatory challenges are that will impact VFM.
RECORDED WEBINAR – 60 minutes
TAKING ON A HEALTHY LIFESTYLE
Dr Mike Mosley, Helen Dick and Johnny Timpson
During this Vodcast our experts introduce us to the first of a new 3 part series of vodcasts focusing on different aspects of taking on a healthy lifestyle. In this one, the group discuss a range of topics including BMI, diet and the impact of Covid-19 to the life and critical illness market.
RECORDED VODCAST – 20 mins 26 secs
OUR TAKE ON THE FINANCIAL IMPACT OF CANCER
Johnny Timpson and Leo Miles
During this Vodcast our experts discuss the financial impact of cancer to clients and their families, and what support is available.
RECORDED VODCAST – 28 mins 08 secs
Our Take on Communicating Empathetically
Lee Morgan – Protection Expert
During this Vodcast our expert introduces us to a new 3 part series of vodcasts focusing on different aspects of Empathy. In this one he provides guidance on what empathy is and how can it enhance the quality of your conversations.
RECORDED VODCAST – 4 mins 53secs
We’ll record all of our webinars and make them available here, alongside our vodcasts and podcasts, to watch at a time that suits you. Have a look at some recent events from our Expert Series:
Get expert insights on the latest developments and emerging trends in the marketplace, and the opportunities they could present for your business.
October 07, 2020
Siobhan Barrow: Good morning everyone and thank you for joining us today. For those of you that don’t me, I'm Siobhan Barrow, Head of Intermediary Distribution at Scottish Widows. Today's session is such an important area for all of us, with the recent announcements advising everyone to work from home where possible for the foreseeable future, cybersecurity is becoming an increasingly important factor for all businesses going forward. So we hope that you find information provided today in today's webinar, extremely useful.
Now today, I'm thrilled to be joined by my colleagues, Alec Howard, Gareth Thomas, and Murray Jackson, who are all part of our cybersecurity teams across Lloyds Banking Group. Tony Clark, one of our regional development managers, will also be hosting the Q&A section at the end. So please do use the Ask a Question function to submit your questions at any point during the presentation. Tony will keep a lookout for some key themes and he can put those to the team towards the end of the session.
Now, the webinar is being recorded so it will be available for you to share with colleagues, et cetera, after the event, and you can use the same link that you used today. Now, we've already had some amazing topics on our expert series with some of the most popular additions being a brilliant session regarding the economic state of the nation with Paul Johnson from the IFS and an overview of best practice supporting vulnerable customers with Jan Holt. We've got lots more to come before the end of the year, including an interview with the broadcaster, Dr. Mike Mosley, which will look at the benefits of a healthy lifestyle for combatting illnesses, et cetera.
So do head over to our expert series web page, where you'll see all of the recordings from our previous sessions, but it will also give you an insight into what's to come. Now, as I mentioned right at the top, it's a very timely topic to discuss cybersecurity, so I don’t want to waste any further time. So let's get started. Alec, over to you. Thank you.
Alec Howard: Thank you Siobhan and good morning everybody, and thank you for joining today for what I hope will be a very informative and enjoyable event, and I appreciate everybody giving up time in your busy diaries to attend this. So brief introduction on myself. I head up the Scottish Widows division of the security team. In a nutshell, my job is to ensure that our parent group, Lloyds Banking Group, security policies and requirements are in place to help manage and ensure security risk is minimized to Scottish Widows and our customers.
So personally, for me, very interesting, varied, with rarely a dull moment in the day and particularly, as Siobhan said, COVID-19 has made this a really interesting dimension to manage these risks at the moment, and particularly some of the trends and themes we've been seeing as a group. Phishing emails have gone through the roof earlier in the lockdown period this year. So never has this kind of topic been more critical than now.
I'll just hand over to my colleagues to give a quick introduction on their role in the group. Gareth, I'm going to hand over to you.
Gareth Thomas: Good morning. My name is Gareth Thomas. I work for the Chief Resilience and Security Office in Lloyds Banking Group and I'm responsible for helping colleagues understand the cyber threats that affect them, and their families, and the group, and to protect our customers as well from cyber and physical security threats. Murray, do you want to introduce yourself?
Murray Jackson: Yes, sure. Thanks, Gareth. Good morning, everyone. My name is Murray Jackson. I'm an intelligence manager within the Lloyds Banking Group Chief Resilience and Security Office, working within the strategic intelligence team. Strategic intelligence is about highlighting medium to longer-term threats that could impact any part of the group and escalating them to the correct area or stakeholder. These could impact decision making or just inform the latest understanding of a threat.
I'm also joined by my colleague, Darren Morrissey, who leads the operational intelligence part of our team. So operational intelligence is much more reactive and involves daily scanning of intelligence sources and news to identify potential immediate threats to Lloyds Banking Group and to escalate them, often generating short-term actions to address any new or evolving threats. So Alec, back to you.
Alec Howard: Thank you, Murray. Thank you, Gareth. And just before we get started, I will caveat this presentation a little bit. This is general limited guidance that we're giving you here today, guys. So it isn't a replacement in thinking that this covers absolutely everything. You are recommended to speak to your professional IT provider or internal IT teams within your business. So however you're doing that. I know we've got a very varied audience on the call but it’s general guidance. This doesn’t cover absolutely everything but it’s really good food for thought. You can think ‘have we got some of these controls and processes in place to protect our business?’.
In terms of the agenda of what we're running through, we'll cover the typical ways attackers get in to try and attack a business and we'll go into some more specifics of those particular trends and attacks that they might do. So that’s covering website attacks, business email compromise, home and mobile working, social engineering, what could happen, malware and ransomware, and then cloud risk and then we'll finish up with some real examples where this has gone wrong for businesses and why this is all so critical.
But before we get started, I'm going to start with a little poll to get people thinking. So how long do you think that your business would last without your IT systems? We're going to give you four options. One day, one week, one month, or a year. So we're going to push the survey out to you now. I'll give the people about 30 seconds just to think about that. Hopefully that's come up for everybody. Quite interesting. I'll give people another 15-20 seconds. All right. I'll pause there and then I'll send the results so you can see. Hopefully this is coming up for everybody.
So what's come back for most people? A day, a week. There is no right or wrong answer on this, I want to say. But if you are answering in the one day, one week category, some of this guidance, and things to think about today will be really, really critical. This is to make sure that the systems that you use and rely on for your business are absolutely never out for longer than a day or a week hopefully. So no right or wrong answer on that one.
Going to a second poll. How long do people think it would take a cybercriminal to crack a password of six lowercase letters? Again, we've got four options for you. One minute. One hour. One day. Or one week. So I’ll move onto that one and hopefully you'll be getting the poll coming up now. All right, a clear winner. I'll just send the results to you all now. Most people are saying a minute or an hour, okay. It's a bit of a trick question, this one actually. The correct answer is actually four milliseconds. So Gareth, do you want to give us a bit of an explanation of how that’s possible?
Gareth Thomas: I know, it's scary, isn't it? The short answer is maths but I feel I should give you a little bit more depth than that. So when websites save passwords, you setup an account with a website and they save that password, they save it using a one-way encryption method. Now, very, very frequently, websites are breached and those encrypted password lists are stolen. The criminal will then try a number of different passwords to see if they can run it through the same one-way encryption and match it to the password that’s stored in the list.
Now, the slowest way to do this is what's known as brute force, where they literally try every possible combination of letters and numbers until they match the password that you've got. That’s the slowest way to do it. Now, think of it this way. If I had a password that was only one digit of numbers, then that would give ten possible combinations and you can imagine how quickly we could crack that.
If we had two digits, well, then that’s 100 combinations and that’s going to be a lot longer and three digits, of course, is 1,000 possible combinations. So you can see how very quickly and exponentially, it gets harder and harder to guess all of the possible combinations of a password. So a six-digit password is really not good enough anymore. It's just not up to the job. It can be cracked in four milliseconds. But if you went for something like a 15-digit password and you used uppercase, lowercase, numbers, and symbols, then you're really talking something around the few thousand years to try and crack it using a slow attack. So that’s where you want to head. We're looking for 15 characters mixed case.
Alec Howard: Fantastic. Thanks, Gareth. This is a key way that attackers are looking to get into businesses now. So maybe if you're sat there thinking, ‘I'm using quite a short length password for my business at the moment or my main Windows logon account’, or on your website, maybe you might think to go in and change that to a slightly longer and stronger one straight away.
Right. So first-term section of the presentation, ‘how do attackers get in?’. This is not an exhaustive list I'm going to go through but there are four key ways an attacker would typically try and attack a business to get a hold of data or information to commit fraud. For the first one; vulnerabilities in your website. So for example, this could include exactly what we've just said there with password requirements. Maybe a website has been designed and coded where actually it only needs a very minimum length password of six characters or eight characters for example. That's just going to enable someone to do those types of brute force attacks that Gareth said.
It could be that the website is not secure and encrypted but that would enable somebody to monitor the website traffic, for example. It could be that somebody would look to do something called a DDoS attack (Distributed Denial of Service). A website attacker may flood it with traffic just to bring it down. That will usually be followed by a ransom demand. We'll go into that in a bit more detail in a second.
The next one; flaws in software. So again, you might be using pieces of software such as your CRM (Customer-Relationship Management) systems that come from IT providers. Now, providers of these software or your main IT provider more often than not can offer patches in those software and updates to make sure they are protected against these types of malicious attacks, being taken advantage of. So what it might allow somebody to do if it has got a software flaw, it might allow an attacker - if they get through things like firewalls that you might have in place - to get into that software and start moving around. And they'll be looking for data. Can they make payments, change details, that kind of thing.
The next thing; people. This is a key one and it's often the first line of defence for organisations, but criminals will look to take advantage of people as a way to get into your business, to get hold of data or money. So again, that could be done through coercing insiders in an organization. It could be offering cash for data. It could be phishing emails. I’m sure people have heard that, where an email comes in looking as if it's from another company or a real company, but actually it's giving you links to a fake website to try and harvest credentials or it could be attached with a file, which could contain malware.
And that takes us onto the next one, the most common and probably an increasing trend of what we're seeing as an organization, but it's usually the malware or ransomware attachments in emails. But it could also come through websites or even mobile device messages. So these are little software packages that could be an attachment that then are getting into devices that you're using or your network, for example. They will run scripts and codes designed to do things like encrypting all your files and data, or send data back to the criminals.
So for example, Jeff Bezos, the Amazon CEO, he fell victim to something like this, through a Whatsapp message recently. So it's not just your emails these days. It's even through smart devices and messaging software.. There's a common theme here I would say. All these types of attacks will be used to try and generally steal data from you, your clients, your customers, your members, and probably then to commit fraud. It's all with the intent of making criminal gain.
So there's rarely people these days doing it purely for fun, as maybe it might have been seen 15, 20 years ago. These are often organised criminal groups and some of them could even be backed by nation state attackers. So Russia, China, North Korea intelligence. I know Murray and Darren would be able to back me up on this, that there is evidence that these big corrupt countries, potentially, are sponsoring groups to try and do these attacks constantly. That way they can gain, make money, get data that can be useful.
And what I would say generally is, ‘would I be attacked…we’re maybe a smaller business and not high profile’ but security for obscurity is not the strategy. We have seen circumstances with IFAs in our business. Attackers will go after anything they can find and monetize, generally speaking. So big, small, personal, individual, they'll go after it. If there's money to be made, they will do it. These are organised groups. They're going as far as to start deploying artificial intelligence and machine learning now to gather this data across the net and find potential targets.
Again, like Gareth said with the passwords, if websites have been hacked, it's generally available data for sale on the Dark Web, as people may have heard about. The Dark Web is a secret or hidden part of the internet that then will be there for people to try and use this data to basically go after individuals and businesses to make money. There's a common theme there that each of those criminal groups will do.
I'll move on then to the next section; website attacks. We'll go into this in a bit more depth. So there's a range of different attack methods here that attackers may do. So the first one, like we mentioned, it could be that your website is deploying (if you've got one) a weak password strength requirement. So it could be used to undertake a brute force attack, like Gareth said, just flooding website logins with a variety of different logins and password credentials, trying to get in, enter into a website.
And thinking back to that, if your website is there with only six lowercase characters, you are potentially vulnerable to your website being hacked, and unauthorized individuals getting in and moving around in your network, your systems, looking for data.
The next one, websites not being secure and encrypted. So again, this might enable an attacker to monitor the traffic that’s going through it. They will then use that to steal data, capture card payment details, for example, if you have that on your website. You can check if you're secure from this though. If your website is hosted by a third party provider, for example, just look for the HTTPS in the start of the website URL. Sometimes, most modern websites are, they have a little padlock symbol by it, for example, to show that it's a secure website. And most modern internet browsers, your kind of Edge browser, Google Chrome, for example, would automatically flag these and state that the website is not secure.
Another attack method that can happen, I've already mentioned it; something called a DDoS attack. So this is where criminals will flood a website with traffic. They will often use maybe a bot net device to do this in order to bring a website down and make it unresponsive. So that is then usually followed by a ransom demand from the criminal to say, ‘if you pay us X amount, then we'll stop the attack’. It's probably more likely an attack on higher profile companies but actually, it could be used as a distraction technique for other companies -- to basically go and do something else.
And another final way; it could be defacing a website. So again, if someone could get in using the credentials to change a website, they may look to change things like contact details on it, change the links to forms that you may have on your website, again, all with the idea of sending data to the wrong place which they can then then use to commit fraud.
So how can you protect yourself from this? Number one, use a reputable website provider. There are many out there on the market. I'm not going to try and run through them all but it's about doing your due diligence. Make sure they're a good company. Look at the Ts and Cs that are providing the services they’re offering.
Number two, use strong access credentials. I can't stress this enough. So make sure it's a long, strong password to get into the website, ideally using two-factor authentication as well. So this is where maybe a text message is sent to another device in order to log in, for example, to stop somebody trying to get into the website who is not authorised. Make sure the website is using technology such as HTTPS. Making sure that your website traffic is running encrypted traffic.
CAPTCHA, for example. This is what you might see when you complete a form and then you get a picture with ‘select all the traffic lights’ or, ‘select all the fire hydrants’.. This is designed to stop robots continually flooding and completing forms into your business.
And finally, be sure that your website is subject to something called a penetration test. So again, if you're using a reputable website provider, they may well offer this service for you. But if they're not, it's recommended. There's many accredited penetration testers on the market. They can run tests on your website to make sure it's safe, it's secure, and if there's any issues and vulnerabilities within that, how to close those off and make sure that you are safe.
Gareth Thomas: Alec, just to interject, I've had a lot of questions coming through about passwords and how to use and remember lots and lots of good secure passwords. So really simple advice is use a password manager where you possibly can. That’s recommended by the National Cyber Security Centre (NCSC). Use a password manager. That will allow you to remember and create unique strong and long passwords. That is the best advice really.
Alec Howard: Thank you, Gareth. Right. We'll move onto the next section; business email compromise. This is an increasingly common attack method and particularly, with IFAs - actually intelligence from our organization is showing that this is an increasing trend for committing fraud, particularly on investments and savings products that your clients have, particularly in the IFA population, for example. So what is this?
Criminals maybe look to impersonate email addresses. This will be for tricking customers into transferring money to the wrong destination or the wrong account details. So sometimes, a criminal might be sat there just monitoring, waiting, checking for that moment when a transaction or a payment might be taking place.
Or another way, as I mentioned, they’re already in -- they're in an inbox, either through your client, your customer, your member, or yourselves. So they're monitoring that traffic. Or they're just sat there looking to harvest data from it. So again, they're looking at what's going on, the kind of accounts that people have or businesses they deal with, or to build up a profile of you, your business, and what you're doing.
So it's increasingly common. People may hear about it with mortgages and solicitors. So criminals will often go after that space because, again, it's that classic payment fraud at the moment. The customer might be purchasing a house, transferring deposit to the solicitor. They'll try and get in there, pretend to be the solicitor for example. ‘We've changed our bank details. Can you please send it here?’ and somebody sends their deposit to the wrong place.
So there are lots of technical controls we'll go through but I'd actually say, in addition to those technical security controls, you may want to consider non-technical process things, like use of code word or secondary approval for payments. Have something you use in your organization to say, actually, during a critical moment where we're sending money around or sending a lot of data around, we're going to use that code word or process that’s only known internally to prevent Frauds.
But what can you do from a technical perspective? So be wary of phishing emails that you receive. The keywords we use internally in Lloyds Banking Group and Scottish Widows is ‘think before you click’. So if you have an email, were you expecting it? Did it come from outside of your organization? Check the domain that the email has come from. Is the spelling good in the email? Is it forcing a demand and a timescale, that kind of thing? Criminals are often trying to put pressure on people to make decisions quickly.
The next one; use strong passwords and change them regularly. Or as we've already said, multi, two-factor authentication wherever possible - a lot of websites and accounts will offer this now. Most domain email providers will say if you want to have a text message go to a secondary device before you log in, that it can help prevent some of this.
And then training your staff. I've already covered this one in the main attack methods at the start. People can be a weakness but they're also your first line of defense. So ensuring you have cyber security, data security training, especially around phishing is particularly key to try to prevent some of these attacks.
Gareth, can you give us any cases where this has been taken advantage of, for example?
Gareth Thomas: Oh, very much so. Yes, so there was a very, very famous case highlighted just recently. You'll find it in BBC News or you can Google for it… but the FBI raided a number of addresses in Nigeria alleging that massive fraud had been perpetrated through business email compromise. So the FBI said that the email was being intercepted by the criminals between real estate agents, as you mentioned, solicitors, and their clients. And they were doing it at the point of payment. So they would be monitoring the communication and at the point the bank details were exchanged, then the criminals would go and intercept that, and change the bank details to their own.
And so when people thought they were paying for their houses, they were actually handing over hundreds of thousands of pounds and dollars to these criminals. In fact, one of the alleged fraudsters was really famous on Instagram and liked to show off his luxurious lifestyle on a daily basis to his 2.5 million followers. When the police arrested that guy, they recovered $40 million in cash along with 13 luxury cars worth $7 million. And also, and this is the really interesting thing, the names and addresses of nearly 2 million victims. So this is industrial scale stuff, perpetrated by gangs that are as big as any company you know, doing this on an industrial basis.
Alec Howard: Thank you, Gareth. We are seeing intelligence on this that criminals are targeting the IFA market as well - particularly savings and investment products that you are operating on behalf of your clients, those types of products, it's more of a cash-based product. So potentially, if you think that a pension product, a life insurance, critical illness product for example, they're going to be slightly more difficult for somebody -- a criminal to encash money out of than something that is an investment product. That is what they are more likely to go after, so it's being wary around that particular area.
The next section; home and mobile working. As Siobhan said at the start, with COVID, I'm sure, many people in our audience today are working from home right now. I am personally. I'm sure all of you are. It's obviously gone through the roof since COVID. The benefit of flexible, agile life/work balance, for example, but there are risks to be aware of as well that you need to think about.
So typical ways that this could be taken advantage of. Something called remote desktop protocol. So this is where criminals may convince people to allow you to take over your device. So it might start with what's known as a vishing attack where a criminal phones you. They’ve maybe got your phone details from another data breach that’s occurred. They'll ring up pretending to be an IT support line or somebody from Microsoft/Google and say ‘will you allow me to remotely connect to your desktop’. And at that point, if you've left websites logged in and things like that, they'll go after everything they can do.
The next thing; USB sticks. These are an incredibly important method for criminals to use, that you need to be careful of. Criminals will sometimes give malicious removable devices to people. They'll have malware/ ransomware installed on them. The moment you put them into your device, it's going to deploy that malware onto your machines and into your network potentially. They've designed code to spread as much as they can within your device or network. It then might lock down all of your files, all your data, in demand for a ransom payment or it's sending data back to a criminal. And it will happen in the background, so you may not even be aware. So we would recommend that you don’t insert USBs into your machine unless you're sure of where it's come from. Be wary of free trial software that might be online. Make sure it's a genuine and reputable provider that you're aware of.
Another way; weak public Wi-Fi connections. So I know I've seen Gareth actually do this at events I've attended. It's pretty easy to create fake public Wi-Fi networks. These are insecure. People connect to them. So often, if somebody is in Starbucks or the train station, they'll create a network. It will say Starbucks free Wi-Fi but it's not really. It's completely insecure. Criminals will then use that to monitor the traffic that’s pouring through it, looking for credentials or details, any sensitive data that they can put to their gain.
So how can you protect yourself from this? One, ensure you regularly update your device with the latest patches, like we said earlier. This will stop those particular vulnerabilities, particularly a remote desktop protocol, being taken advantage of. Avoid using public and free Wi-Fi connections if you can. So it's better to maybe try and use a 4G connection, My-Fi devices and things like that. But generally, use secure Wi-Fi connections that require a password and then the traffic through it is encrypted.
Providing your staff with dedicated work equipment rather than using their own, if possible. Sometimes that’s not the case but if you are giving staff their own devices, there's lots of different ways you can do that securely rather than allowing them to download data onto their own device. You can also, working with your IT provider, make sure that USB sticks are actually blocked. There are software packages like McAfee, which can do that for you to make sure that if the USB stick is plugged in, it will be blocked, for example.
When staff are working from home or in public places, just making sure it's away from open windows and doors. You'll often get low-level criminals who will take opportunistic chances if they see an open window and there's a laptop right next to it. They'll just sit there looking at the screen, trying to see what they do. So again, things like privacy screens on devices are very useful and a way of stopping that potential way of your clients' data being stolen.
And finally, as I've said before, two-factor authentication for logging in. But also something called a secure VPN, so it's a virtual private network on connections. Again, there's lots of different solutions on the market out there but this means that traffic - even if you did connect to a public Wi-Fi – would be encrypted as it flows through.
Gareth, we've got a lot of colleagues in Scottish Widows, don’t we, working from home at the moment. Can you run through some of the guidance we've given to colleagues beyond what we've done here?
Gareth Thomas: The advice that we give to colleagues is always fairly simple. It's the little things that you can do to make a big difference. So the first is make sure your workspace is safe and professional. That’s important obviously because you don’t want daytime TV blaring down your phone whilst you're trying to sell products. But also, keep yourself away from windows and avoid being overheard. It's easy to work with a window open and your next-door neighbour is catching everything that you say and popping it on Facebook. So we want to avoid that.
Only use the IT that we provide. That’s the other key message. Because people are always tempted. They think, I'm working at home, so why can't I use my home laptop or my home computer. That’s not a good idea. The laptops that we provide for our staff are really carefully secured and we make sure that they’ve got all the latest patches and all the good stuff on there. So we always tell our staff, please don’t be tempted to use your home devices. Don’t email stuff home or use your home software and please don’t use your personal printer. So just use what we provide to you because we know that it's secure and we're looking after it.
We also say lock your PC when you're not in front of it because you just never know who's wandering around your house. We have people that live in shared houses. We don’t know who's there. It may be that you have staff, or cleaners, or people that are around your house. So if you're not in front of your computer, lock it. Use the Windows key and L at the same time and that will just lock it.
And then when you're finished for the day, put it away and put the papers away, and just keep them all neat and tidy. And then you know that there's no temptation for people to oversee things. And of course, just because we're at home, it doesn’t mean that we shouldn’t maintain the great habits that we always use whether we're in the office or not. So as we mentioned lots and lots, strong and unique passwords. Make sure that you handle data correctly. Encrypt it when you need to and always, always, of course, be careful of phishing emails, which are a major threat and I'm sure we're going to talk about later.
Alec Howard: Thank you, Gareth. Right, the next theme then; social engineering and your online profile. We kind of touched on this a little bit already but criminals will increasingly use what's called your digital footprint and that’s how they can start potential fraud or attack on you or your business. So digital footprint - what do I mean by that? It's the information you've left on the web about you or your business.
And criminals are using multiple techniques to gather this data. So they'll look at social media, LinkedIn, Facebook, text messages if they’ve got access to your device. I'm always very wary, I have to say myself, if I see these kind of posts on social media that will say ‘fill in this form, what's your favorite holiday location, what's your favorite football team’. Why are people doing that? Well, it's generally to try and gather data that might be a password, a credential for them to get in. So be very, very wary about what information you leave on the internet, on public forums, social media because it can be used against you to try and access your systems, commit fraud, impersonate you or your business and commit identity theft.
What do we say to our colleagues and staff, and what should you be thinking about to protect yourself and your business? So ‘think before you click’ on any messages that you receive that are not expected or do not feel right. Someone might be trying to gather more data about you to commit that type of fraud, so limit what you post about yourself on social media.
You may see things like privacy settings on your accounts for these websites. It's thinking about making sure it's limited to just your friends and connections only. Don't be putting posts out there, which are open to all and ‘public’. People on LinkedIn will often say ‘I'm the database engineer at IBM’. Okay, that’s giving a criminal a potential easy target that they want to go after because you're revealing too much about yourself. So it's not to say that staff and colleagues can't go on these sites. Absolutely not. But just think and be careful about what you're putting on there because it can be the start of a potential attack.
And then finally; search your name. Put your name in Google, or Bing, or something like that and when you search yourself, what can you find? And if there's anything you're not comfortable with or it gives a little too much away about yourself or your business then it's a good step to try and limit that audience, go onto those websites, delete the data, or limit the audience.
So Gareth, any examples that you could give us where this is being used to a criminal's advantage, for example?
Gareth Thomas: We've had a few instances recently of staff being called out of the blue actually on their personal mobiles, which is quite interesting. So somebody, somehow, has managed to find a personal mobile link to a group employee. And the phone calls say things like ‘we're from the IT support team and we can see that your laptop has got an issue. We need to log into that laptop please and do some maintenance’. And when the caller was questioned a bit harder, it all began to reveal itself as a bit of a scam.
We've also had colleagues called on the phone from people saying that they are from HR and that there's been a problem and that they need to come into the office, or they need to hand over the laptop, or they need to do some other option. And again, colleagues have been wise to these kind of scams and been able to put the phone down and report it to us. We've also, interestingly, seen phishing emails being sent to colleagues and then being followed up with phone calls. And that means that while you might spot a phishing email and think, ‘this looks a bit dodgy’. Somebody finds it and says, "Oh no, that was from me. It's okay. It's absolutely legitimate. No, definitely. I'm from ABC supplier. We have changed our bank details. Just click on the link and change your stuff." But of course, both the phone call and the phishing email are from criminals. It's quite common to combine those types of attacks and try and fool staff. So be on your guard. Have really good processes in place that mean if you do get anything like that, you double-check it. You call the person back or have processes to double check that what the caller is saying is true.
Alec Howard: Thank you, Gareth. Right. Just to check everybody is still listening - another poll. This leads to our next section; ‘what percentages of businesses have reported having cybersecurity breaches or attacks in the last 12 months?’ Again, I'm going to give you four options; 10%, 26%, 35%, or 46%. So I’ll just put that survey out and we'll give 30 seconds for people to respond to that one.
Right, I think that’s a good proportion of everybody. Most people went for 46% or 35%. The right answer was 46%. That was actually from an Office of National Statistics Survey earlier this year of businesses and it's on the rise. So basically, put it another way, there's almost a 1 in 2 chance that your business could be subject to a breach or attack within the next 12 months.
So it's on the rise and a particular way and increasing trend we're seeing that happening from is malware and ransomware. So as I touched on earlier, this is malicious software packages or code that is deployed into your devices, your networks, for example, that is then designed to just wreak havoc and can have an absolutely devastating impact to the businesses.
So there's a couple ways it can happen. Malware is typically designed to gather and steal data, control devices, capture log-in credentials, which will then be used to go in and complete an attack or a fraud at a later date. Ransomware, people may have heard of that particular term. It's the same kind of thing but it's generally where all of the files on your devices, your network and the code that is designed to go through and encrypt it,. You'll then receive a ransom demand from the attackers of ‘okay, if you want to get all your files and data back, you need to pay money to this location here’. Typically the demand being in cryptocurrency, something like Bitcoin, which is designed to avoid detection of where that payment has gone and who it's really gone to.
We'll run through some real world examples of this later but our intelligence suggests it's definitely on the up. Again, link it back to the point on nation state attackers. These criminal gangs that are being sponsored to try and develop this stuff. Sometimes it's to attack businesses, and money, and fraud, but actually, some of it is also in things like election fraud, or going after the critical infrastructure of countries as well. Increasingly, countries like Iran, North Korea are doing this. So it's very real and it's on the up.
How can you protect yourself against this? Regularly backing up your systems and data. I can't stress it enough but if the worst were to happen and this kind of thing happened, having a backup and a copy of your systems and data is the best protection and keeping that on a separate network or a separate location, or even better, on an offline device. If the worst were to happen, at least you can go back to the data you've taken at the last cut. Generally, for an organization like Lloyds Banking Group, we're backing up systems and data multiple times a day.
The other bit of that is ensuring you've got the latest security updates and patches on your devices and using a good antivirus product. So something like McAfee, for example, will sit there scanning your devices, your networks to make sure if any of this code is there, it's designed to detect it, quarantine it, and get rid of it.
Consider purchasing cyber insurance is another way. Increasingly, companies are doing this. There are companies out there on the market, a broker like Arthur J. Gallagher, for example, where you can buy insurance against this type of attack. A word of caution with it. Make sure you check the conditions of the policy. It will probably require that you are following good security practices in order to benefit from a payout if the worse were to happen and you had disruption to your business or a fine, for example, from the ICO, for that. It is a good way to potentially mitigate and protect your business.
Be very wary of emails with attachments and links, especially something that’s asking you to click something that creates an emotional response. Those keywords, ‘think before you click’. If you weren’t expecting it, if it's coming from outside your organization, if it's got a demand that you need to open this or provide your details in the next five minutes or otherwise you're going to lose access to your systems, it's probably not real.
And then finally, we touched on it before but people are the first line of defense but also a potential weakness. Make sure they're trained, particularly on phishing emails. Within Lloyds Banking Group, for example, we do phishing test emails to our colleagues every month. Gareth's team actually does that - where we do thousands of test emails to try and test that colleague understanding. They are harmless but it is a good way of testing if your staff are aware and following what they need to do.
Right, the next section before we get onto Q&A; Cloud risk. This is an increasing area. We're seeing a lot of businesses and companies, including ourselves, are moving data and systems to be hosted on the cloud. And what do we mean by ‘the cloud’? I guess that’s a starting point and ‘what is cloud computing’. A phrase I often heard is ‘there's no such thing as the cloud. It's just another person's computer’.
Essentially, what it means is that rather than hosting data on your own network, or your own servers, or your own computers, you're basically hosting it with another specialist IT company. So typical providers of this are Amazon Web Services, Google, Microsoft, as you can imagine. There are a few other providers out there. And why do people and businesses look to do this? It's often cheaper than running your own datacenters. You won't have the cost of maintaining your hardware or the technical and physical security controls around it.
You may well be considering to do it because of that cost benefit. I think it definitely is the future of computing solutions but it comes with potential risk, particularly configuration issues. So this might be - are you responsible for configuring the access control to it, managing those user access permissions for people to get into your systems that you're hosting on there. And because of that, it can be openly accessible by mistake to criminals. So you need to be extremely careful before doing it, to make sure that risk is being managed.
How can you protect yourself and your business? If you're looking to do this or you have already done it, check the level of service you're paying for from your cloud service provider. You'll find with companies like Amazon, for example, that they offer different levels of service from just hosting it and you're responsible for everything; to the opposite end of the spectrum where they will configure all the security and do it on your behalf. So recheck what you're actually getting and what you're responsible for and what they're responsible for. There's lots of benefits and there's lots of pitfalls if it's done wrong.
And then finally; review your responsibility and your liability provisions. So you'll find those Ts and Cs, the terms and conditions for your cloud service provider. They will say what they're responsible for and if there is any liability should data be lost, compromised, or your system compromised from the cloud.
Right, onto real-life examples of when this has gone wrong and then we'll open up to some Q&A. So people may have heard of the ICO, the Information Commissioner's Office, and a little something called GDPR or the General Data Protection Regulation, which came into force in 2018. People mostly remember getting a lot of emails saying ‘do you still want to get emails from us’ and unsubscribing around that time. It came into force about May 2018 in the U.K. and the European Union. And whilst the majority of that regulation is aimed at data privacy, so things like marketing consent, marketing preferences, Data Subject Access Requests, Data Privacy Notices, the individual rights of consumers. However it also includes security requirements that organizations need to take.
The general wording is you need to take appropriate organisational and technical measures to protect data. So if you and your business are a data controller or processor, these laws and requirements are applicable to you. And the ICO can issue fines of up to 4% of your turnover or EUR 20 million for getting this wrong. So if you have a personal data breach, this can be really painful to a business in terms of that financial hit if it goes wrong.
Gareth, do you want to go through these very quickly, some of the real examples? Do you want to touch on British Airways and what happened to them?
Gareth Thomas: They were also fined. They were fined GBP 183 million and of course, the fine is, I guess, the easy bit to stomach. It's dealing with your customers and the lack of trust that is going to be shown. So British Airways were fined GBP 183 million because they allowed criminals to scrape credit card details from their payment site. Now, it's not entirely clear how criminals managed to do this and as you can imagine, British Airways are being pretty cagey about it. But there is a fair amount of speculation that allowing adverts on the payment page could have been a way in for hackers.
Now, point of sale devices, be them tills or all sorts of different ways of taking payment, are a target for criminal gangs. And some criminal gangs actually specialise in this. This is what they do. So as ever, the advice is use a reputable payment service for taking payments and always keep your devices up to date. So that’s taking the latest updates from the manufacturer that are sometimes called patches. If you keep your device up to date, then that’s great.
Alec Howard: Thank you, Gareth. And another one here, so Travelex. People maybe have seen this in the news around December last year, January this year. So what happened to Travelex? They basically were impacted by a ransomware that impacted their systems and network. It came in through their website. A key message is that they did not patch vulnerable software despite advice to do so. And what happened is that they ended up paying a $2.3 million ransom to a cyber-criminal gang to get their systems back and get their data unencrypted to get their currency online.
During that period, they had their staff using pen and paper again to transact those currency transactions for their customers. So should you ever negotiate with criminals? It's a tricky one. They decided to pay out and it got their business back. Criminals can often demand a lot in things like that. It's a very tricky situation here. The biggest thing is that they could have prevented it by protecting and patching their software.
Gareth, Saudi Aramco.
Gareth Thomas: Yes, Saudi Aramco, for those of you who don’t know, is possibly one of the biggest companies in the world. They are estimated to be something around ten times bigger than the Apple corporation. And they were compromised, not Apple of course, Saudi Aramco were compromised by a phishing email it's thought. So hackers planted malware on the network of Saudi Aramco and it was triggered by the hackers during the holy month of Ramadan when the company was at possibly its lowest staffing level.
Now, the malware that they installed and executed wiped out 35,000 computers before it then started attacking the company's servers. The company lost their payroll. It lost their directories. It lost their shipping databases and it got so bad that they actually took the whole company offline and at one point were giving away their products to random customers just to keep their production facilities working. And it all started from one phishing email and it's estimated to have cost them billions of dollars to put it right.
There's a brilliant podcast all about this story on Dark Net Diaries I think it's called, possibly. I suspect that many businesses that had smaller cash reserves would not have survived this level of attack. So it just shows how potent attackers can be through just a simple phishing email, which accounts for probably 90% of the start of all cyber-attacks.
Alec Howard: Thank you, Gareth. And finally, Talk-Talk. So this is a bit of an older one actually back in October 2015. So it started as a DDoS, a distributed denial of service attack, that was actually the distraction though as it was actually a 20-year-old hacker. This attacker, he then did an SQL injection attack onto the website, an insecure page, and that allowed that attacker to get through to a customer database; 157,000 customer's data was exposed and that actually included 15,000 bank account details of those customers.
Talk-Talk, had suffered two similar attacks actually on that particular page earlier that year but they didn’t take any action to remove the pages or make them secure. I don’t think the pages are actually even needed for their business, which is the irony. And the ICO issued them a £400,000 fine at the time, pre-GDPR. So I can only imagine what that fine might have been for them had it been a couple of years later. Good news for them was that they only paid £320,000. They settled early. They admitted their mistakes and learned from it. So I think be wary with this kind of stuff. Again, your customers, or your clients, your members can suffer. But actually, it can hit your business in the pocket as well.
The list goes on. There are countless other examples out there. And whilst these may all look like big companies and examples we're using, we see it all the time. Criminals will go after businesses of all shapes and sizes and they'll look to exploit weaknesses if there's money to be made.
Tony, I think that’s myself and Gareth done. It's just over to you for Q&A.
Tony Clark: Fantastic. Guys, thanks ever so much for so much information and so many examples as well. I've done a few of these Q&As in recent weeks on the Expert Series. This is probably the one that's seen the highest number of questions. Just as a reminder, folks on the call, we will look to collate the themes of the questions and actually provide some answers after. There's no way we're going to cover all the questions in the nine minutes we've got left. So we will look to do that.
So I've got a few that you guys can decide, I guess, who is best to answer these with the themes coming through. So with so many people working from home now, a couple of questions around home routers and personal printers. How exactly are these items compromised and what can folk do to make sure that their colleagues working from home are staying safe using their personal routers and their personal printers?
Gareth Thomas: I can take that if you like. So I did answer a couple of questions on home routers and offer some advice there. So do have a look back in the answered questions. When you're using home routers, the first and most important thing is to change the default passwords that come with them. Because when they ship from the internet provider, they're deliberately made easy to set up. And so they'll come with basic security settings, the absolute essential. So change any default passwords that are on there. It's a good idea to change the default SSID. That’s the name that gets broadcast because that obviously often refers to the type of router and gives any hackers a clue as to what it is.
It's really essential to switch off remote management, which would allow somebody on the internet to log into the router if they had the default user name and password. It's a good idea to turn off things like UPNP and WPS, which are both features to make things really easy for the router to be used but are sometimes used by malware. If you Google for ‘how to configure my home router to make it more secure’, there's some great articles out there too that will take you through more detailed steps.
When it comes to home printers and things like that, as my advice was before, use the equipment that’s provided to you by your company. And I appreciate that some of you will be providing your own equipment and it's hard to give specific advice on every device. But what I'd say is: consult an IT specialist who can advise you specifically on the right devices to use and how to keep them safe. There are printers that contain, just like your router does, a way to log into the printer. They have default passwords on them and there's even examples where people can send malicious documents to them and compromise them. So get specialist advice when it comes to that kind of thing.
Tony Clark: Thank you. That’s spot on. Another question that’s on a theme around the wonderful world of spam and junk mail as well. One comment made, which I absolutely get is whether or not GDPR has actually had any impact on the amount of junk mail that we appear to be getting. The wider theme coming through is, are there ways to avoid and reduce the volumes coming through. And indeed, should we fully delete items that go into spam immediately or do we just let the spam folder do its thing?
Gareth Thomas: I think my advice on this was very much be careful where you put your email address. So spam will tend to build up because you've subscribed to lots of things or your email address is out there on the web. I absolutely understand that it is a necessity of doing business that you give your email address out to people but be careful what sites you put it on because that can be scraped by illegitimate companies that will then start sending you spam.
If you do need to subscribe to sites and you want to receive those newsletters, it's a good idea to set up a separate email address, and then you know that whatever comes through there is likely to be subscription type emails and possibly spam. And that keeps your main address free for doing business. So keep your digital footprint low and be careful where you put your email address is probably the best way to avoid spam.
Having a really good email provider that’s got proper filtering and subscribes to good intelligence sources is also a great idea. That will lower the amount of spam that you get because it should be trapped by the provider.
Alec Howard: Just to add to that Gareth, I would say, whilst companies like Microsoft and Google are taking great efforts to try and block some of these things, and law enforcement is trying to shut down these gangs; the phrase we use is ‘whack-a-mole’. So the moment you shut them down from sending these kind of junk malicious emails that you don’t want, they'll just pop up somewhere else and do it again. So my advice would be don’t rely on your email provider or your spam filter to do it. If you don’t think you need it, you don't expect it, just delete it. Get it off your device.
Tony Clark: Thank you. Absolutely spot on. Thank you. One question I've got is around the support for security training and actually, I'll happily pick this one up myself around what more is available from Lloyds Banking Group to support people around their cybersecurity. We've actually got a website, Lloydsbankacademy.co.uk. Now, I'd recommend that for anyone because that provides support whether you're running charities, business, education -- financial education for children. There's all sorts of content on that website.
If you then extend that out to /learn-for-business, there's lots of content in there around the general running of business, but specifically around the digital aspect and cybersecurity as well. So take a look. Lloydsbankacademy.co.uk is a great resource. But then it's /learn-for-business will definitely take you to more resources that you can share with your colleagues, as well as this call, of course.
Guys, a couple more questions for you. Many of us are getting of ‘an age’, do you have any tips for remembering passwords. I heard the other day that it's safer to actually write them down. You've got less chance of them being stolen from your house than you have of having a simple one and repeating the same one over and over again. I'm not sure that’s the best advice but what tips have you got for remembering them?
Gareth Thomas: The good news now is we've moved to the point now where we don’t have to write them down and we don’t even have to remember them. So the advice from the NCSC is to use a password manager. A password manager is simply a tool that sits sometimes on your browser and sometimes on your device, built-in by Apple and Google into their devices. Where a password is asked for, it will suggest a password that’s strong and unique and it will then remember that for you. So next time you come back to that website, it says, right, I know the password for this site and it will submit it for you. So you don’t have to remember them all. They're all strong and they're all unique, which is brilliant.
Now, clearly, what's very important is that we have a very strong password for our password manager. Now, often, I get asked does it not increase the risk, having all my passwords in one place. There is always a balance of course, but the NCSC does strongly advocate using a password manager.
Now, we're not allowed nor would we suggest any particular product. I can't suggest an individual password manager for you, nor unfortunately, can we suggest any antivirus products or recommend any individually. I would say that Apple and Google have them built-in and if you were to use a search engine and look for best password managers, there's a range in there and I notice that the same names keep coming up over and over again in all the different reviews. So that should give you a bit of a choice there too.
I wouldn’t really recommend writing them down unless you absolutely had to and absolutely, please, don’t use the same password across multiple sites. Because as I mentioned earlier in the call, it's where a website gets compromised and lots of websites have been compromised, and some big ones too, they will steal that password and then routinely, they will try that password in all your different accounts. So you might lose a password from a shopping site and if you've used that in your email, they'll get into your email and start resetting other accounts or they might try it in your PayPal, your Amazon, your work accounts, and you can only imagine the damage that could be caused there. So password managers are definitely the way forward.
Tony Clark: Fantastic. Thank you. And that takes us fully up to time with more questions still coming through. So as I said already, we will look to get some themes together and provide some answers to the questions. This call is available on demand from here, just by using the same link that you did to dial in today. So please feel free to share that with colleagues. Gareth, Darren, and Alec, thank you so much for your contribution today. It's been absolutely fantastic. When we close this call down, there is a very quick survey that we would ask you all to take a quick look at to give us some feedback on your thoughts for today and one or two wider questions as well, to help us with some future planning. So thank you all very much for your time today. Have a great afternoon.
September 3, 2020
Alison Nicholson: Good morning, everyone. I'm Alison Nicolson, Head of Client Relationships here at Scottish Widows. We're delighted you've been able to join us for our Economic State of the Nation webinar. This is part of our expert series, and I can see from the attendees many of you have joined our webinars before. And we hope those of you who it's the first one will join us for our future topics as we navigate these ever-changing times together. Whether you're an EBC, IFA, or employer on the call, you'll all have been affected both personally and in your business by COVID.
Today, we're delighted to be joined by Paul Johnson, CBE, Director at the Institute for Fiscal Studies. Paul has been at the Institute since 2011. He's a key influencer of U.K. policy as a member of the U.K. Climate Change Committee and of Banking Standards Board. He was previously Chief Economist at the Department of Education; Director of Public Spending at the Treasury, where he also served as Deputy Head of Government Economic Service. It’s really no wonder Paul was awarded a CBE in 2018.
Paul will share with us his thoughts on the economy, the COVID world we live in now, and what it means for pensions.
Throughout the session, please use the "Ask a Question" function. Alexis and Robert , who you see on your screen, will be hosting a Q&A with Paul at the end of our webinar.
So, to kick us off, we would like to hear from you. And Robert, can I ask you to start us with a poll before we hear from Paul? Enjoy the session, everyone.
Robert Cochran: Thanks very much, Ally. As Ally says, I'm Robert Cochran. And we're going to run a little survey here at the beginning. So, Paul is going to cover the economic state of the nation, but what we'd be really interested in is how you feel about your business, where you work. So, thinking about where you work, how confident do you feel about the business outlook and what this will mean for you or your employer?
So, I'm sending this survey to all just now. We'd love it if you could just complete this. It will help give Paul a benchmark for how we're all feeling and will support him when we look at all the numbers. So, how confident do you feel about your business outlook at what this will mean for you or your employer?
Here we go; "I think our business will shrink in size," we had about 18% saying that. "I think we'll remain about the same size," so 53% put that in as an answer. Great to see. And, "I think we're set to grow in size." So, on the whole, a pretty positive outlook there. So, that's a decent set of results for Paul to look at as we move into his session.
Now, Ali did say I think we'll do questions at the end, but we'll also take questions throughout. So, if you put questions in the little question box, both myself and Alexis will be watching out for them. And if there's appropriate times, then we'll ask Paul those questions as we're going through the session. Failing that, there will be some time at the end for questions to be covered off then.
So, without further ado, I'm going to hand you back to Paul to update us on COVID-19, the economy, and pensions.
Paul Johnson: Okay. Thanks ever so much. And it's quite a broad canvas I'm going to be painting today. I'm going to say something about what the economy looked like before COVID. It's something I've spoken about much too little, actually, over the last few months, but it is worth remembering that time many months ago, it feels, before COVID actually hit. I'll say something about where we are in terms of the economy at the moment, what that's likely to mean for the public finances. Meaning, one thing it's going to mean I think is that tax rises are likely to happen. I'll say something about that. And then, what that might all mean for pensions.
So, with no further ado, let me start with this chart, which until COVID I think was probably the most important chart in economics and, indeed, politics for the last decade. What it's showing is that both productivity and, as a result, average wages really flatlined almost completely from 2008, right the way through to 2019. So, absolutely astonishingly, the first time in literally hundreds of years – literally, hundreds of years – that average earnings haven't risen over a decade and the worst productivity performance over a decade in a similar period.
And the dotted lines at the top are, in a sense, what should have happened, had the economy grown as expected, had the economy grown as it had grown over the last 50 years, or so. You can see that wages would have been something like 20% higher than they actually were. So, that's an indication of the difficulty we were in as we came into the COVID crisis.
This next slide is showing you what happened to median incomes for different groups over that period. So, starting off with the population as a whole, you can see that incomes last year were somewhat higher than they were pretty much 20 years ago, but not very much higher. If you look at this green line – so, those of working age – you can see that the growth was even lower. You've got a growth of maybe 5% over a 20-year period; again, astonishingly low level of growth.
And then you've got this black line, what happened to pensioner incomes, or at least income for those over the age of 60, and you can see two remarkable things there. One is that, actually – particularly, over the 2000s; less so over the last decade – pensioner incomes rose very fast; a combination of higher occupational pensions, higher state pensions, and higher levels of earnings, actually, among people over 60.
Remarkably, they overtook the under-60-year-olds in about 2011 for the first time in history – miles, miles behind people of working age over history. We're not talking about
wealth here; we're talking about incomes. Incomes of the over-60s, in general, and of pensioners, in particular, overtook the incomes of those under the age of 60.
So, all of that...
Robert Cochran: Paul, can I just pick up a question, just around the productivity and wages that have flatlined. So, we can see that earnings kind of flatlined, but prior to that we had this flatlining of productivity. Any reason why that was the case?
Paul Johnson: There's a big question. So, I see one of the questions here is about whether this is just for the U.K. These are U.K. numbers. Most of the world has seen some significant tailing off in productivity and wages over the last decade, but on a less significant, to a less significant degree than we have.
What appears to have – a number of things have happened here. The two are obviously very closely related. Productivity appears to have been hit by a combination of reduced investment by companies, particularly both post 2010 and post 2016; by the long hangover from the Financial Crisis. There may be some measurement issues here, in that productivity may have been overstated, actually, in the U.K., given the scale of our financial sector, but certainly the hit to the financial sector post 2010 has had an impact on that.
And then there's this sort of compositional effect. This is looking at productivity per worker and wages per worker. We've actually got a lot more workers. So, the plus sign of this is that there are a lot more people in work – or at least six months ago there were a lot more people in work – than there had been. And that has helped I think keep wages down and bring people into lower-productivity jobs, as well.
Now, there are a whole series of long-term issues, of course, that drive productivity. In particular, our education system, infrastructure, transport, housing, all of those sorts of things, massive for productivity, though none of them explain that huge slowdown in wages and productivity post 2010.
It is also worth saying, finally, that things were actually – I don't know if you can see that in the – you can't see it very readily in the chart, but you can see wages in 2014-2015, if you look at that yellow line, were picking up. And we might have expected them to pick up quite a lot better than they did, but there was a clear slowdown again after the 2016 referendum. Inflation went up and wages didn't. So, real wages were kept down. Corporate investment collapsed post 2016 as uncertainty increased. So, a whole series of things going on there.
Let me come to the last chart on this kind of pre-COVID section, which is just to remind you of – so, what I've talked about so far is incomes, earnings, productivity, growth of the economy, which was very poor. What you can see here is one illustration of austerity. You can see government spending shooting up as a fraction of national income, largely as national income shot down during the Financial Crisis, with a big gap between revenues and spending. And then you can see that long, long reduction in spending over time as austerity bit and borrowing coming down by 2019, broadly, to pre-Financial Crisis levels. And that's where we went into this new crisis: borrowing down actually a bit below pre-Financial Crisis levels but, of course, debt much higher.
And finally, of course, don't forget about Brexit. That will have a continued and ongoing negative effect on the economy.
So, that's the run-up to where we were in beginning of this year. The economy had been growing slowly for a long period; wages and so on, barely growing; public finances largely repaired after the last crisis.
But we are now entering – we are now in – what I think we can safely describe as the biggest recession or the deepest recession in history, and that's not terribly surprising given that we shut down a large fraction of the economy, as did the rest of the world. So, this chart just shows you one of the International Monetary Fund forecasts of what might happen to major economies over 2020. It's looking at a 10% reduction in the size of the U.K. economy over this year. You can see that's pretty much in line with what they're expecting for most other economies. There's all sorts of forecasts for this. Whether it's 8%, 10%, 12%, or something different, we don't know, but we do know it's something pretty remarkable.
Now, in one sense, it doesn't really matter enormously what happens over this year. That seems like a strange thing to say, but if the economy collapses this year as a result of the pandemic – you'd think that's a one-off effect – and then jumps back to where it otherwise would have been, then actually we could look back on this as a bad dream and then carry on with our lives, as before.
But this chart showing the scenarios or forecasts from the Office for Budget Responsibility over the next several years, you can see that their central forecast – and I think this is what really matters – their central forecast is that the economy will remain much smaller than it would have been in the absence of the pandemic, even five years out. And that's what's going to drive lower incomes, our unemployment, and, as I'm going to come on to in a minute, problems for the public finances.
Why does it have this long-run effect? Well, partly, there are obviously huge risks and uncertainties around this – how long is the virus going to stay, are we going to have second waves, and those kinds of things. But even without that, even if the virus in some sense goes within the next year, 18 months, you have a big scarring effect from this sort of event: unemployment will persist, people will have lost the experience, businesses will have gone bust. And all of that has an ongoing effect on the economy.
So, their central scenario is the economy will be still 4% or 5% smaller than it otherwise would have been by 2025, and it could be significantly worse than that. All of which of course is associated...
Robert Cochran: Hi, Paul. Just a question, where you're looking at that. So, a couple of people asked questions about austerity and how we dealt with that previously. So, austerity had helped keep borrowing under control after the Financial Crisis, but do you feel that it stunted economic activity at that point? And do you think we've learned lessons from that that might be able to help support the situation where we are right now?
Paul Johnson: Well, I think it's pretty clear that the nature of austerity has had an ongoing negative effect on growth; and in particular, the big cuts in capital spending back in 2010-2011, the kind of spending that we know would have supported the economy at the time and would have supported the economy, going forward. I think there's less evidence that, for example, cuts in spending on local government or health or social care or what have you. Did that have a negative effect on economic growth? Probably not. But did the big cuts in capital spending have a negative effect? Yes, they probably did.
And I think that is actually something that government is learning from, because if there's something that's being prioritised over the next few years it clearly is that kind of growth-
friendly capital spending. And I'll come on to say a little bit more about what I think might be the response to the high deficit in a moment.
Lower growth, obviously, means higher unemployment. This is a remarkable chart. Again, these are all forecasts, lots of uncertainty around them. But this is – you're looking here at the central forecast of unemployment tripling over the next few months actually – and I should have put a longer-term chart up here – to levels we haven't seen since the early to mid-1990s, having had this long period of very low and falling unemployment. Particularly, this is going to hit younger people, people entering the workforce at the moment, but actually also younger people in the workforce who are much more likely to be working in retail and hospitality and entertainment, exactly those areas which have been shut down, which are doing particularly badly at the moment.
So, unemployment of course, as ever, is going to be unequally distributed. But this time – very often in the past, unemployment has been hitting particular regions, particular industries – heavy industries and manufacturing and so on. This time, it's going to be a particular part of the service industry probably hardest hit and particular parts of the population actually, those who are low paid and those who are young. And actually, also, those towards the end of their working lives are also somewhat more likely to work in those affected sectors.
So, again I could say a lot more about where we are with the economy. Clearly, we are moving up swiftly at the moment. The question, of course, is how quickly or rather how far we're going to move up. Whatever the impact of that, we're clearly going to have a big hit to the public finances. The economy is this year hugely smaller than it was and over the next few years will continue to be smaller.
So, this chart is just giving you a sense of the scale of that effect on the public finances. This is a slightly complicated chart. But just to summarise what it's saying, it's saying that back in March – remember March? remember the budget before lockdown? – the expectation was borrowing would be about £50 billion this year. The current central scenario is that it will be £350 billion this year. An astonishing change.
And unusually, actually, a large chunk of that is down to policy measures: so, the three red bits towards the right-hand side of this chart showing support for households; the furlough scheme and the self-employment schemes for business, for public services; and then that additional red bit that we got in the summer economic update back in July. Big increases in spending and cuts in tax over this period; that's about half of the increase. And the other half of the increase is we're just getting less in, in the way of taxes, because of the effect on the economy.
Three hundred fifty billion pounds, the biggest borrowing in peacetime, as I'll show you in a minute.
Now, borrowing this year, in one sense, doesn’t matter. Particularly if this is a one-off, we can live with the additional debt and carry on pretty much as usual. But the real issue here is that we're expecting borrowing to be higher into the future. So, this next chart showing you some IFS projections of where borrowing might be over the next few years. And as you can see, we're expecting instead of being about 2% of national income – about £50 billion – towards the end of this Parliament, more like 5% or 6% of national income – well over £100 billion.
And that assumes that none of the additional spending that we have in place at the moment continues. More realistically, we're also going to be spending more. And so,
without additional work from the Chancellor, we're going to be borrowing more into the medium term, as well as in the immediate term.
That means the government's selling vast amounts of gilts; just over the last four months, £225 billion, which is about twice the previous maximum, having no problem at all selling these gilts. It's worth saying, interest rates remain at absolutely rock-bottom levels.
Look back over a long period and you can see, actually, this remarkable – those dots at the end is our view about where borrowing as a fraction of the national income might be this year, literally at its highest level ever outside of the First and Second World Wars. Historically, completely unprecedented levels of borrowing.
Debt is a slightly different matter. You can see that actually over our history we've had public sector debt of well over 100% of national income for quite long periods, as you can see here: 131 over the last 320 years. We've had two periods where that debt has come down a lot. The first was that long period after the Napoleonic Wars, all the way through pretty much the First World War. And actually, the whole of the 19th century, from a fiscal point of view, was really of help bringing down that overhang of debt from the Napoleonic Wars.
But the experience after the Second World War was very different. It came down much faster, and that's essentially to do with very fast economic growth and a fair chunk of inflation and fairly tight budgets over that period. And the question for us, going forward, is have we got a Napoleonic War sort of – have we got a century of worrying about elevated debt? Or are we going to see debt falling very fast as the economy grows very fast over the next few years? I think the worry is that there's not much sign of that very fast growth.
The remarkable thing, though...
Robert Cochran: Paul, there's a couple of questions in about just scale here. So, the scale of money that's being thrown at the COVID crisis this year versus the scale of money that the government threw at the Financial Crisis.
Paul Johnson: Well, in terms of actual additional support for the economy, it's much bigger this time around. The furlough scheme by itself is something like 3% of national income. The big business rates holidays and so on are also very substantial. There was quite a lot thrown at the economy in the Financial Crisis, with temporary VAT cuts and so on.
But the big support through the Financial Crisis, as it were, is that the automatic stabilisers worked. So, most of the increase in the deficit during the Financial Crisis was driven by the fact that the government carried on spending broadly what it was going to spend. Tax revenues stopped coming in because the economy had shrunk. And so, the deficit rose.
And that's why I stressed what I said earlier, that it is quite unusual that this time around half of the increase in the deficit is actually down to specific additional policies by the government. So, the government in a sense have been much more active this time around, in a sense not surprisingly given what it did also actively was shut a large chunk of the economy over the period between April and June. And supporting through the self-employment scheme, the furlough scheme, the business support schemes, and so on was the sort of parallel part of that.
So, just carrying on with this point about the deficit and the debt – and I think it is quite an important issue about to what extent do we worry about this – you can see the debt interest payments, again going all the way back to the 1680s. Debt interest payments, despite this highly elevated level of debt, are actually at historically low levels, which really does suggest that, in some sense, borrowing large amounts at the moment is not problematic. The risk, of course, is that if interest rates start to rise in a way which is not associated with additional growth, then we really do start to hit trouble. But that point about being not associated with economic growth is important. If interest rates rise, accompanying increased economic growth, then that's much less of an issue.
I'll skate very quickly over just some of these issues about where the money has gone. So, nearly £50 billion for public services. That's not including things like the furlough scheme; this is for health and other things. Nearly £50 billion for public services since March. You can see a very large fraction of that for the NHS and then a significant amount for other parts of the public sector, as well, really driving a complete coach and horses through the spending plan set out in the Spending Review a year ago and set out in the government's manifesto back last December.
The most remarkable thing about this, though, is the huge amounts of money going on personal protective equipment in the NHS and test and trace. It's £15 billion there for personal protective equipment in the NHS this year alone. That is a staggering amount, as is the amount going to test and trace.
A lot of new policies in the Summer Economic Statement. The Kickstart Scheme, which actually started this week, supporting young people into work. Apprenticeship schemes. And then you can see there the stamp duty holiday, the reduced VAT for hospitality and accommodation, and a series of other programs, as well. So, again you can see that in answer to the last question, a really active, a really active bit of government response to the scale of this crisis. And as I say, this is on top of the self-employment support schemes and the furlough scheme.
So, what does all that mean for the public finances? Well, as I showed you, the public finances look like we're going to have really quite significant deficit, going forward, even without additional spending. And I expect there to be significant additional spending, going forward, as well. At some point – and I don't mean in this budget – at some point that will likely to mean tax rises. We've seen a lot of kite flying or leaking or something from the Treasury over the last several days suggesting that taxes may have to rise in this budget for next year. Personally, I'd be very surprised if that's what happens. We've still got a very weak economy, a very large amount of uncertainty, and I'm pretty sure that actually the focus in this budget coming up will be in supporting the economy through that period.
But at some point, kind of self-evidently, if the economy is smaller and tax revenues are lower and if spending is higher, which I suspect it will be, at some point we're going to have to do something about that. I think it's unlikely, given a decade of austerity, that we'll end up with additional spending cuts, but I think we will see some tax increases. But I do think this point about timing is really, really important. I don't think it should happen – I don't think it will happen – next year. Arguably, it might not be ideal the year after that, either. You then of course get, as I will show you, into the political cycle.
Now, can we raise taxes? Well, if you look at the U.K. by international standards, we're not a high-tax country. Across the OECD, we're sort of an average-tax country. Across Europe, we're a fairly low-tax country. So, can we raise taxes and remain an
economically effective and efficient country? Yes, we can, because a lot of other countries do it.
One of the slightly difficult aspects of that, though, is if you look at where they raise their taxes, I'm afraid they broadly raise higher taxes on middle earners. They don't raise more taxes from corporates. They don't raise more taxes from high earners. They don't tend to raise more taxes from wealth. How do they manage to raise much more in the way of revenue? In general, it's because they tax middle earners – and particularly, actually, through employer social insurance contributions – much significantly harder and higher than we do.
Now, that's not to say that's the only way of raising taxes, but I think it is actually a terribly important part of understanding how other countries manage to raise significant amounts of tax and something that we need to take account of in debates that we have about how we might fix that fiscal hole. I could talk for hours about options for raising tax. There clearly are numerous options, whether you're looking at corporate tax or capital gains tax, and I'll come on to say something about pensions tax and so on in a minute.
But if the scale of the challenge is what I think it is, which is pretty substantial, which is looking at tens of billions, rather than the odd few billion, of tax, in the end I don't think we'll have much choice other than to look at our three big taxes – income tax, national insurance, and VAT – which between them raise nearly two-thirds of all our revenue. And if we're looking at raising a lot more, I think we're going to have to look, at least to some extent, at those three taxes.
And then this last chart about taxes, I just think I rather enjoy, which is just to show you when taxes rise. And the answer is taxes rise in budgets immediately after elections. We have not had big tax rises in budgets immediately preceding elections in the last 30 or 40 years. And I think that will be playing very strongly in the Chancellor's mind as he thinks about the timing for when to address this fiscal problem. Is he going to go into the next election having raised taxes very substantially in the year or two beforehand? Or does he think he can get away with waiting until just after the next election? And how that will play in to both the economics and the politics I think will be very interesting to see.
So, for the last few minutes I'll just say a few words about where I think this leaves pensions or what this might mean for pensions. Obviously, all of this has all sorts of consequences for pensions. Obviously, if you're thinking about the very, very low interest rates, that's an issue. But equally, I think the government is going to be thinking about pension tax relief to fill that hole.
So, let's start by talking briefly about pension tax relief. I think one of the things that it's worth saying is that if you look over the last decade the second biggest tax rise after the VAT increase back in 2011 has been the restrictions on pension tax relief for high earners. That's been very remunerative for the Chancellor. And other than the outcry from the doctors last year as a result of the combination of complexities created and the generosity of their pension scheme, other than that it's been done with remarkably little in the way of political pain. So, big restrictions have raised something on the order I think of £8 billion to £10 billion a year for the Chancellor.
And I think one of the kind of key elements of this is this has really changed the pattern of tax relief for savings. So, this chart is just one way of illustrating that. The blue line is showing what the pension annual allowance was for most people – this is for moderate earners – over this period between 2006 and 2018 and what the ISA allowance, the red
line, has been over that period. And clearly, for the period before 2011 you could put, if you had the money, vastly more into a pension than you could into an ISA. It's now only twice as much into a pension as to an ISA if you're a moderate earner. Obviously, if you're a highest earner, you can put more into an ISA than into a pension.
And remember, back in 2014-2015, George Osborne was talking about the possibility of changing pension tax relief. So, instead of getting the tax relief up front, you'd get tax relief as you do with an ISA at the end. He moved away from that but when he did that, he announced a further increase in the ISA limits, reduced pension limits further. So, without actually doing what he said he was thinking of doing he got some significant steps down that line.
Now, the advantage of course to governments is that pension tax relief costs money up front; ISA tax relief costs money for your successors many years down the road. I think that that pattern of change, in a sense, is exaggerated by this chart because obviously not many people were putting £200,000 a year into a pension. But it gives you a fairly clear sense of the direction of change and the way that the tax system works.
Will there be further cuts to pension tax relief? Well, there's been talk about restricting the basic rate. If you were to do that, that would raise money worth having: £10 billion a year, possibly more, depending on behavioural response. You can see why a Chancellor might be interested in that. Clearly, it takes more money from higher earners than for lower earners. But it's really only hitting – or it's hitting hardest – those in the sort of £50,000 to £80,000 range, what you might think of as middle England, conservative England, "Daily Telegraph" readers, what have you. So, the politics behind it are quite difficult. It adds another layer of complexity to those very few really in the public sector who are still in defined benefit schemes and further limits the attractiveness of pension saving.
Will it happen? I don't know. It's not – I'd be surprised if it happens, for political reasons. There are clearly other things you could do to pension tax relief and, in particular, to the tax-free lump sum, which might be more palatable and actually more appropriate given the way that pension tax relief works.
So, is the Chancellor going to think about this? He's certainly going to think about it, because there's a lot of money there. Is he going to do it? Well, in the end that will be a political decision much more than it will be an economic one.
So, where now for private pensions, more broadly? Well, as you know, we've moved effectively completely away from defined benefit schemes in the private sector. So, we have a defined contribution, a world of defined contribution pensions for the vast majority of private sector employees. In that context, auto enrolment, as you know, has been enormously successful.
But it does seem to me that one thing that recent events has done is to illustrate actually very clearly some of the concerns with the current model. The stock market has fallen, and that has hit the wealth of all pension savers. Particularly, we might worry about those who are relatively close to retirement. And we're actually putting some new work out next week suggesting that that's had significant effects on the retirement decisions or retirement expectations of older workers.
Interest rates are lower than ever. So, with pension freedoms, annuity rates are at an all-time low. People are not, understandably, taking annuities in vast numbers. Taking an annual income doesn't look attractive. With defined contribution schemes, there's no risk
sharing. In my view, we essentially genuinely do not have private pensions in the U.K. any more. Defined contribution pensions are just another tax-privileged savings pot. Now, whether you define that as a pension or not is up to you, but what you don't have are those things that you usually think of in pensions: they're not providing annual income in retirement; they're not providing any kind of risk sharing. They're providing you with exactly the same thing that an ISA or a bank account is providing you, just with a different form of tax relief.
And if I have one worry about our pension system now, it is that lack of risk sharing either within or between generations that is created by not just the accumulation phase, but also now the decumulation phase. And as I say, I think this crisis has illustrated rather well the risks associated with that.
And finally, let me just say something about the triple lock, which is the other element of pension policy which has come up for consideration at the moment. And I think the current situation illustrates rather well the pitfalls of the triple lock. I don't know what's going to happen to recorded average earnings over the next year or two, but I think there is a chance that they might rise really quite sharply next year, partly because of the unwinding of furloughs – so, we all move from 80% to 100% earnings – and partly, actually, because a lot of job losses really are going to be among low earners. If low earners lose their jobs, then the average earnings of those who remain in work will rise.
At the same time, inflation is likely to remain low. That's certainly the view of the Bank of England and of the OBR. I think there are some upside risks on inflation, I have to say, with the result that we could end up with pensions rising, state pensions rising much faster than prices; and indeed, in any real sense, over a two-year period rising much faster than earnings, as well.
So, it seems to be very clear that triple lock should at least be suspended for the next couple of years. But the crucial point here, though, is that the government can simply decide to suspend the triple lock. Rising in line with average earnings is actually in primary legislation. And probably, it is next year's rise in line with average earnings that might be the problem. So, the problem for the government, as it were, is that they're not – what is not required is a change in policy which can simply be announced at the drop of a hat, which is that triple lock is suspended; that can be done easily. The problem for the government is if they want to stop the state pension rising in line with earnings, they're going to have to put through primary legislation to do that. And that, of course, is likely to be problematic.
So, let me just conclude by saying – just reminding you, as it were – of the key features of what I said. We came into this crisis after a pretty tough economic decade, though an economic decade in which we got the public finances into some kind of order.
This crisis has created the biggest recession, the deepest recession in our entire history, probably going back to the Black Death of 1348, as a guess. That, in a sense, wouldn't matter that much if we thought the economy was going to jump back to where it otherwise would have been. But economies don't really work like that. Even if you hit them with a one-off shock which then goes away, it can take them a long time to recover, and the expectation is that the economy will remain smaller than it otherwise would have been.
And of course, we've got the additional problem of Brexit layered on top of that.
That's going to create problems for the public finances. Now, those are not urgent problems, partly because interest rates are so extremely low, but they are problems that will need to be dealt with eventually. Not this year, not next year, maybe not even the year after, but at some point in the medium run that's likely to mean tax rises of one kind or another, probably tax rises affecting income tax, national insurance, and VAT to some extent.
In that context, it's not surprising that people are talking about what might happen to pension taxation, the triple lock, and so on. There are clearly options for changing pension taxation. One thing I might add to that is that there are also options for increasing the tax on pensions in payment, though I don't expect those to be explored. Pension in payment have been very much protected as pension contributions have become more heavily taxed. The triple lock is in the long run an expensive policy, and the issues associated with it have really come to the fore in the rather odd circumstances we're in at the moment.
So, that's all I'm going to say for now. I'm now very happy to take questions on any of that.
Robert Cochran: Well, Paul, we'll just let you catch your breath there. And before we fire over the questions, what we thought we'd do is just get a view from all those taking part as to what they think about the triple lock. So, just as a reminder, I'm going to send you a survey to see what you think should happen with the triple lock. The triple lock is for state pensions, and it guarantees that it will rise in line with living expenses – so, CPI, the increase in average wages, or 2.5%, whichever of those three is the highest. So, that's what the triple lock is.
So, I'm going to fire you a question just now. In your view, the pension triple lock should be either maintained? Or should it be suspended for five years? Or should it be abolished?.
So, it's a fairly even split. We've got 30% of you saying it should be maintained; we've got 45% saying it should be suspended for five years; and about a quarter of you say it should be abolished. So, that's a fairly even split. And I guess that's part of the challenge they have when they're looking at how you create policy around that which takes everyone with you.
Okay. I don't know what you think of that, Paul. Do you think that reflects the country?
Paul Johnson: Probably. I suspect the country is somewhat split on age lines, and of course the government is highly sensitive to the views of older voters.
Robert Cochran: Yes. Okay. Brilliant. So, let's now go to questions.
Alexis Ward: Okay. So, Paul, the first question I'm going to ask is, how does the U.K.'s projected COVID economic impact and levels of indebtedness compare to other developed countries?
Paul Johnson: It's not so dissimilar. There are other – there are all sorts of international measures. It looks like we've done somewhat worse in terms of numbers of deaths, but actually not by vast amounts relative to some other countries. And a lot of that seems to be associated with two things: we've managed our care homes very badly, but also we've had the
impacts, at least up till now, have been more broadly distributed across the U.K., whereas in some other countries have been more locally affected.
In terms of the economy, you'll see one of my earlier charts showed the expectation is that the British economy will shrink by about an average amount by the standards of other major OECD countries. We might turn out to be a little bit worse, we might turn out to be a little bit better, but it doesn't look dramatically different.
And the scale of government response here again has been not too different from that in some other countries. In some other countries, actually, some of the response was much more automatic because they have welfare systems which automatically replace very large fractions of your income if you become unemployed. Here, we have made universal credit, for example, a little bit more generous. But certainly for those who have lost their jobs, for some of them, the experience here will have been worse than the experience in some other countries.
I think the truth is we won't really – again, I know that there will be – this government has not covered itself in glory in the competence with which it has dealt with things over the last six to nine months, but I do think it will be some time before we know how well, over all, the U.K. has done relative to other countries.
Alexis Ward: Okay. Thank you for that.
Robert Cochran: Paul, one of the areas I guess we didn't really cover today was self-employed. So, we've seen a rise in the number of people who are self-employed, a fairly significant rise, over the last few years. Do you think that this kind of structural change will increase the self-employed make-up within the workforce?
Paul Johnson: Well, I think there are pressures in two directions there. The first thing to say is that, clearly, a lot of people who were self-employed very quickly found that their capacity to work dried up. They got – some of them or a large fraction of them got really very significant help through the Self-Employment Income Support Scheme, which for the majority of the self-employed really was very generous; but for a minority, left them completely uncovered. So, there was a lot of rough justice in that scheme.
It might leave people feeling more risk averse. If you're feeling more risk averse, I think you're less likely to go down the self-employment route. So, it might have that impact, reducing self-employment. On the other hand, we know that a lot of self-employment actually is a response to losing your job. So, a lot of people who become self-employed become self-employed having lost their employment, and it's almost an involuntary kind of self-employment, although the majority then report actually being happier in their self-employment even if it was, as it were, enforced than they were when they were employed.
I think the last thing it's worth saying on this is that, remember, the Chancellor did say when he introduced the Self-Employment Income Support Scheme that he would take the opportunity, as it were, to level up some of the taxes on the self-employed towards the levels of taxes on employees. Part of the reason at least for the increase in levels of self-employment is the much lower levels of taxes that self-employed people pay, particularly once you take into account employer national insurance contributions. This is of course why some tech companies – Uber, for example – much prefer to have their people working for them as self-employed, rather than employees, and one of the reasons that the Office for Budget Responsibility has raised significant budgetary concerns actually about the increase in the numbers of people who are self-employed and incorporated
because of the lower levels of tax that's associated with them. So, it will also depend to some extent on the policy response, I think.
Alexis Ward: Thanks for that, Paul. And one close to, I guess, everybody's heart, what would be the impact of raising state pension age by one year for everyone immediately?
Paul Johnson: Well, we know that the increase in female state pension age over the last decade has significantly increased the number of women aged between 60 and 66 who have stayed on in work. You can see that very clearly in the data, that as you increase pension age, the numbers of people in work increase. And that's not – that might sound obvious, but it is not obvious that people would respond like that.
The second thing that we see, more generally, is that there's been an increase in the number of people actually over state pension age who have stayed in work over the last decade or so. One of the reasons that there's been this increase in incomes for people over 60 and over 65 is that earnings have risen for that group. But of course they're very unequally distributed. A lot of people either don't or can't work.
I think if you were to raise state pension age immediately, with no notice at all, it may be that people have difficulty responding to that and changing their retirement plans very quickly. But it's certainly – and is this the best moment to be doing it, when jobs may be particularly hard to come by and some people may already be feeling discouraged? I don't know, but there seems to be in my mind in the medium run, as the government is planning, there is no question but that we need to keep the state pension age rising.
Alexis Ward: Okay. Thank you.
Robert Cochran: Paul, you mentioned that you could see additional taxes being raised from pension in payment. Do you think that would be special tax rates for retirees? Or do you think those over state pension age would be asked to pay national insurance contributions?
Paul Johnson: Well, I think there's a number of options there. One thing one could certainly consider is having – if you're in employment and over state pension age, of course there's currently no national insurance to pay, and maybe that's an anomaly that could be changed.
The other thing that I have in mind is that if you've got an occupational pension in payment, because most of occupational pension contributions come from employers, they will never have been any national insurance contributions paid on those pensions in payment. So, there is at least a case for an additional tax on occupational pensions in payment. Now, it would be very difficult to do that at anything like the full national insurance rate overnight, but you could do it at a few percent on significant payments. That's not going to raise vast amounts of money for the Treasury, but it might not be a bad way of raising some. It is worth repeating again that in terms of taxes, those over pension age have not seen any increase in their pension taxation, whilst those under pension age have seen very big reductions in the value of pension tax relief.
And finally, as I said in the presentation, I think the case for reducing the value, the generosity of the tax-free lump sum is also fairly significant.
And one much smaller point, the way in which DC pots are treated at death strikes me as being absolutely absurdly generous and should certainly be changed to raise sums. Again that's not going to raise you significant money in the short run, but at least it makes pensions look more like something that they should be used for, rather than as a way of avoiding inheritance tax.
Robert Cochran: Paul, thank you very much. We've had well over 40 questions. So, unfortunately, we couldn't get to all of those questions, and we're almost out of time. So, I'm going to hand back to Ali to close off. But thanks very much, everybody, for submitting your questions. And thanks, Paul, for your answers.
Alison Nicholson: Thank you, Robert. Thank you, Paul. And a thank you to all of you on the line for taking part.
It was actually really good to see at the beginning the positive outlook you have for your own businesses and the future that you see coming through COVID and the pandemic.
Paul, it's great that you shared with us so many statistics. And there was a couple that really stood out for me, and that's the extent that the government has been financially active in support. We all know because we see it and we read in the news about the furlough scheme and the different things that were put in place. But £50 billion on public services, huge amounts on PPE and test and trace, and another £30 billion in the plan for jobs are absolutely staggering figures. So, unsurprising that government borrowing is an all-time high and in the face of such a deep recession.
Depressing, but true, that our economy not in great shape, and you shared some really good statistics with us. The biggest recession in history as you said, and really we are always thinking what next and what might happen. And you've really addressed that for us today, Paul, and shared your thoughts. No one has a crystal ball, but you've really shared thoughts, specifically around pensions, for us, too; tax income; the impact of stock market volatility; the triple lock. All great insight, and thank you very much for doing that on behalf of everyone on the call.
Our next date for the expert series is later this month, and it's all on responsible investing. We would love if you could join us.
As we close this call, a feedback survey will appear on your screen shortly. It's really short, and we would appreciate you taking part to comment on both this call and what you would like to see in the future.
So, thank you for joining us, and enjoy the rest of your day.
September 17, 2020
Alison Nicolson: Good afternoon, everyone. Thank you for joining us today. For those of you who don't know me, I'm Alison Nicolson, and I'm the Head of Client Relationships here at Scottish Widows.
Today I'm joined by colleagues, Maria Nazarova-Doyle, who you can see here on the slide, Head of Pension Investments, and Tony Clark, who is our Regional Development Manager. We were really lucky to steal Maria from Mercer and I know that we have a few of her ex-Mercer colleagues on this call. So, we thank you. But many of you may also follow Maria on social media. And if you don't already do that, then please do, because you will see a lot of what is going on from her social media.
For those of you that tuned into previous webinars on the evolution of our pension funds or investment markets, you will have heard some teasers about our Responsible Investment approach. And so, we're delighted that Maria, here today, will provide you with some more information on this ever-evolving topic.
Please do use the "Ask a Question" function to submit your questions at any point during the presentation. And Tony, who you can also see here, will keep a lookout for key themes that he can put to Maria towards the end of our session.
This webinar is being recorded, and it will be available for you to share with your colleagues after the event on the same link that you used to access it today.
This forms part of our Experts Series, which is a set of topical webinars, podcasts, podcasts, which see our experts talking of some of the key issues in our industry to help you navigate the changing market. We've been building the content in this series since June; our most recent one, a brilliant session on the economic state of the nation with Paul Johnston, from the IFS. Please have a look at the web page for this in our advisor extranet. If you didn't join it, I think you would enjoy it.
We have another great session coming up next month, with our LBG Security Team providing an overview of cybersecurity, a really hot topic given we've all moved digitally. This will help you and your companies be protected. So, please keep a lookout for the information coming into your inbox or on social media over the next few weeks.
Feedback from our previous webinars has suggested that investments is a really popular topic. And so, I don't want you to have to listen to me. Let's get started. And I'll pass over to Maria. Maria, over to you.
Maria Nazarova-Doyle: Thank you very much, Alison. Hi. My name is Maria Nazarova-Doyle, and I'm Head of Pension Investments at Scottish Widows. I look after our investment proposition, and I'm also responsible for integrating ESG into everything we do.
I'm delighted to see so many of you joining our Responsible Investment webinar today. The interest in this topic has been growing exponentially, and many pension schemes, asset managers, and providers are on the journey of integrating ESG into their business models and products. And today I will tell you how we approach RI integration at Scottish Widows. Well, I might be biased, of course, but I do feel that our approach is very comprehensive and that we have made significant progress in this area.
But before we go through the presentation, let me run a quick poll with you, as I'm quite interested to know whether I am preaching to the choir today or whether I need to work harder to convert the non-believers. So, Marco, if you could send the poll out, please, it will be really good to see what the audience thinks.
Marco, could you show the results, please?
So, if you're looking at what I'm looking, it's quite a strong support for "ESG factors affecting financial returns," and we do have a fairly small group that said they do not believe so and a slightly larger group who are not sure. So, I'm going to try to work harder today to get us to 100% believing. But if you still have any outstanding questions after this, I'll be more than happy to cover and have additional conversations.
Right. So, let's kick off then with our presentation. At the beginning of this year, we published our Responsible Investment and Stewardship framework to articulate our position and ambition in this area. So, since then we have been working hard to implement these principles in practice. And to set us up, here is how we define "responsible investment." We define it as, "incorporating financial and material ESG factors into the investment process to better manage risk and help identify investment opportunities." Our six principles are: invest responsibly, operate an exclusions policy, reduce portfolio carbon footprint, ensure our fund range is aligned to customer values, integrate these principles across all asset classes, and look for ways to enable direct investments for DC, particularly when we look at green energy and infrastructure.
And our stewardship commitments see us developing into an active owner of our assets, and our stewardship policy lays out a three-pronged approach to this. So, firstly, we'll work very closely with our asset managers to monitor their stewardship and voting activities, both looking back and looking forward, so that we can override their voting plans and direct their votes should the need arise. Secondly, we're engaging directly with our top 20 holdings, and then dialogue with those companies to influence developments that enhance the value of a customers' investments. And thirdly, we engage with other asset owners like us and the industry organisations, like Climate Action 100+, the IIGCC, the PRI, and others to drive positive change at the systemic level.
So, the principles are all well and good. But what does that actually mean we're doing in practice to integrate ESG? Here is our Responsible Investment toolbox. It consists of four main tools that we use to integrate ESG. Stewardship is number one. This one is the extremely important as, when done properly, it helps protect and enhance the value of our investments, as we work with companies we invest in to ensure they've been responsible in their business practices. I will cover up some examples of our stewardship in an action later in the presentation.
So, another tool we have is screening or exclusions. There are certain things that represent unrewarded risk in our portfolio, and this isn't something we can solve with engagement. In these cases, we simply do not want to hold these investments, as we have no way of mitigating these risks. So, we're now finalizing our approach to exclusions, and there will be further announcements on this later this year.
And I should note here that it is very important to decide where to draw the line between stewardship and exclusion. As a large asset owner looking after around £170 billion of investments, we can make a real difference if we keep a seat at the table and engage with our industry companies, rather than just passing the buck further down the chain to individual small investors. So, it's important not to approach exclusions as a blanket tool, and it's quite a blunt tool, as well. But it's also important to manage downside risk for people who trust us with their savings.
So, our preliminary analysis shows that there is a level of exclusions that helps achieve that, and I really look forward to telling you more about it later this year.
So, tool #3 is integration. So, this is where ESG considerations are fully embedded into the investment decision process at security level and normally applies to active management. You might know that our active mandates are managed by Schroders, who have achieved full ESG integration throughout all their investments. So, therefore, our own actively managed funds are now covered for this particular aspect.
And last, but not least, is allocation. This is where specific themes can be pursued to help capitalise on ESG-related opportunities. And a good example would be our recent investment of £2 billion into the BlackRock Climate Transition World Equity Fund that I will also cover off later today in a bit more detail.
There are many ways to position our discussion today. There is a lot I'd like to share. So, I've been thinking about how best to kind of put a framework on the conversation today so I don't just talk about lots of different things. And for the purposes of giving this some structure, I think it would be helpful to use the framework that I outlined on this slide. So, whereas the previous slide covered the approaches to embedding ESG into our investments, specifically, and we addressed the whole spectrum of ESG in our funds, this is how we address ESG at strategic, board level as a pension provider and asset owner.
So, this looks at our stewardship activities and investments into customer offerings and functionality. We define our strategic priorities on a three-year basis, as it is much better to focus on a smaller number of important things and get them done, rather than to chase a wide variety of things and master none of them. So, the rest of this presentation is dedicated to giving you more details around our activities within these three focus areas. So, they are climate and carbon, customer empowerment, and board cognitive diversity.
So, let's start with climate and carbon. Climate risk is very much an investment risk, but also an investment opportunity. The goals of the Paris Agreement that have 195 signature estates is to limit global warming to below two degrees and to make finance flows consistent with a pathway towards lower greenhouse gas emissions and a supportive climate-resilient development. So, UNPRI's work on the inevitable policy response projects highlights significant disruption to the investment industry, driven by changes in underlying valuations of companies due to adverse financial impacts from climate policy.
Now that the U.K. has legislated to be in line with the Paris Agreement, the government will be forced to act on its goals, and the longer a robust policy response is delayed, the more disorderly the implementation will be and the higher the potential costs. We know already that the assets are getting repriced as we speak and oil majors are writing off billions of their balance sheets due to oil reserves they know they will never manage to extract.
As institutional investors, we're acting to support the low-carbon transition through our stewardship by focusing on some of the largest high emitters that we own and through changes to our investment portfolios to help manage standard asset risk.
So, speaking about investment, we are strengthening our pension default by allocating £2 billion of these equities into the new fund we designed together with BlackRock, called the Climate Transition World Equity Fund. This fund allocates more to those companies who score highly on their low-carbon transition readiness, which includes things like carbon emissions, percentage of clean technology revenues, water and waste management, and tilts away from those who achieve the lowest scores.
We're very excited to introduce this fund, as it is very innovative and achieves some amazing environmental characteristics, alongside making the return stream more sustainable by taking out some of the ESG risks and overweighting companies where we expect ESG-related benefits to come through.
The fund has exclusions for controversial weapons and U.N. Global Compact violators. So, these are companies breaching international labour laws, human rights directives, those involved in child labour, modern slavery, and corruption. So, this helps us to address some of the "S" and the "G" concerns, but the fund is mostly targeting significant improvements on "E" – so, on environmental characteristics – like achieving around 50% of carbon emissions reduction compared to its index, which is MSCI Broad Equities. It also achieves 63% increase in green technology revenues and 10% decrease in water consumption.
So, we expect that this fund is going to deliver very good environmental characteristics, alongside a more robust return stream over time.
The philosophy of the fund is built on five main pillars, within two broad categories: what the company's business actually is, and how well they manage natural resources that they use. I have seen a number of environmental funds – and I'm sure you have, as well – but there are a few things that make this fund stand out. For example, most often low-carbon funds would just run a screen on highest polluters, whereas this fund doesn't just do that; it goes further, into allocating to companies whose business models are in green technology and renewable energy. So, the fund benefits from the successes of the low-carbon transition.
Also, this fund incorporates natural resource management into its scoring, like water and waste management, which is becoming increasingly important, alongside carbon emissions mitigation.
(inaudible) This approach scores companies within the MSCI World Index based on these five parameters, and then excludes those with the lowest scores. So, that results in about 2% of the index being excluded on these scores outright. And what it does then, it allocates almost 90% of the fund to those companies in the top two quartiles of scores.
As I mentioned earlier, we're allocating 10% of the equities in our pension portfolio and retirement portfolio funds to this new fund, and we're already thinking ahead in terms of next steps to tackle ESG and climate change risks in our portfolios.
We address climate and carbon risk not only through investments, but through our stewardship and engagement. A year ago, we began a process of engagement with the largest oil companies in our portfolios, which were BP and Shell. With BP, we were the second largest shareholder in the group that put forward the shareholder resolution to require BP to publish their plans on achieving net zero and Paris Agreement commitments. That resolution received overwhelming support. And we continue to engage with BP to ensure the progress on this.
We have recently exchanged letters again when the news broke out over the summer of the write-down of around $17.5 billion of assets from their balance sheet, combined with lowering of their long-term energy price assumptions, while also increasing their assumptions on carbon pricing. So, not very good news, at all.
We received additional information and (inaudible) clarifications we were after the CEO of BP, Bernard Looney, and have been watching with interest the latest commitments that BP set out in their new business plan, as they've committed to restructuring as a low-carbon company.
We're having similar ongoing engagement with Shell, where last year we have been successful in tying the executive compensation to their achievement of carbon reduction targets, and we're staying close to them as a significant investor as the sector is undergoing a major structural shift from which clear winners and potential losers are already starting to emerge.
That's perhaps enough about "E," and now we can move on to "S" and, specifically, to how we define "social" at a strategic level, which is customer empowerment. We look after pension savings of over six million people, and this is only too well known in the industry: they do not engage much.
However, we have noticed a rise in customer interest and demand when it comes to ESG. We conduct regular U.K.-wide research in this area, and our latest research shows that a lot of people would really like to understand more about ESG, while even if they don't recognise the actual term immediately. But they find it difficult to understand how savings and investors, whether the provider is sustainable and whether their pension fund is sustainable.
So, we have seen a big rise in social and environmental consciousness in the population, but that hasn't yet quite translated into more active pension engagement. And I think we're on the brink of that lightbulb moment where people will make this connection, and we want to help them do it.
We're going to empower customers to give them the right information and a robust selection of investment options to help them align their investments with their beliefs. While this is perhaps not a traditional way to address the "S" of ESG, please remember I'm talking here about our strategy as a business and as a pension provider. We do feel that we have an important role to play here in unlocking pension engagement that also helps people build a future worth retiring into.
We're already implementing ESG as standard into our default offering, but we know customers want to go further and address a range of specific issues that are important to them. So, we will offer them that choice.
We conducted another piece of research to understand what those thematic issues may be that people would want to invest their pension savings into and whether it would make a difference in the engagement. But before I show you the results, I'd like to ask you to take a quick poll, as it would be interesting to compare how the audience today responds versus the U.K. population.
So, let me just click onto the poll question. So, just to position this a little bit, this is what we asked our customers in the recent research piece that we did, to understand whether any of those themes would actually click and people would want to put their money into. So, I would be interested to know if any of those themes actually resonate with the audience today. Marco, if you could please send the poll out, that would be helpful.
Fascinating. I don't know if you can see this, but I'm watching there the different columns kind of go up and down. It's really interesting. We'll just wait a few seconds, and Marco, if you could send the results out, as well, so the audience can see what I'm seeing?
That's very interesting. I'll show you kind of the answers that we got from our poll, but I could tell you that everybody definitely agrees on clean energy. So, there's definitely consistency there. But other than that, there's a little bit of difference. And particularly, I think the biggest difference would be around U.N. Sustainable Development Goals.
So, without further ado, let's have a look at the results of our customer poll and then maybe analyse the comparison a little bit more. Hopefully, you can see the results now in your screens.
We asked similar questions from about 1,400 U.K. DC savers, and the results were somewhat surprising, on one hand; but on the other hand, perhaps quite obvious. Most people tended to pick clean energy, water and waste management as their key priorities. And this relates, of course, to what people already do in their daily lives. So, that makes sense that they would want their investments to be aligned in the same way.
And interestingly, the asset manager, Nordea, conducted a piece of analysis not so long ago, to find that moving your pension savings into an environmental fund could have up to 27 times more positive effect on the environment than any of the individual actions we're taking, like flying less, travelling by train instead of by car, eating less meat, and so on. Oh, and on this subject I was a little surprised that vegan/sustainable food themes scored really quite low in our poll with the U.K. population, but we will keep monitoring developments in this area.
And biodiversity and U.N. Sustainable Development Goals both scored – got the lowest scores. I think there's still some work to do to link that better to the idea of investments. So today, it's probably not surprising that quite a lot of you voted for Sustainable Development Goals, because probably this particular audience already has an interest in ESG and understands what that means and understands the link; whereas, there is work to do to help U.K. population to understand that that is actually investable.
And on diversity, which is quite an important area for us, the stats are not particularly high. But interestingly, for Scottish Widows customers the stats were higher than the average market. And I suppose this is the draw of the Widow. Maybe there is a bit, some selection going on that's more diversity-conscious customers come to Scottish Widows.
So, the important question here, though, is will this make a difference? Offering people more ESG thematic funds looks to be something that will make them more interested in their pension investments. Over half of respondents said that the top three scoring themes, they will make them "more" or at least "a little more" interested. The proof of the pudding will be in monitoring actual customer activity, but I do believe that ESG has the power to unlock pensions engagement, as it makes pension savings suddenly relevant in the here-and-now, as these investments can target causes that people care about and identify with, and it's just relevant today rather than sometime in the future when they retire.
We then specifically asked if people would consider putting their money in thematic funds if they were made available to them. If you think this is only the woke millennials that care about ESG issues, you will be pleasantly surprised. Although the Under-34s did score the highest – 67% of them said yes – we saw high levels of interest across all age groups tested.
There was some difference for males and females who would actively put money in thematic funds, but we think that is part of the trends that we've seen around men tending to make more self-select choices outside of the default, rather than a comment on men being more ESG conscious, in particular. So, over all, the difference wasn't too large anyway; so, 61% of male respondents said that they would move money, against 49% of women.
And as I alluded to earlier, we carried out this poll to understand the areas where we can support our customers better by offering them a fund range aligned to their values. And you will be hearing more from us on how we're delivering this to them towards the end of this year and early next year.
Our ESG research report is also available on our website, or please feel free to reach out to your usual Scottish Widows contact if you would like a copy if that's easier. I'll also be posting them on social media, as you probably wouldn't be surprised to hear. So, you can get them there, as well.
Now we come to talking about the "G" within ESG, which stands for "governance." What I wanted to cover in a little more detail today is the focus of our stewardship activities in the current three-year period. While there are many aspects within "G," we believe that board diversity and, in particular, cognitive diversity is one that can be the most impactful. Without a diverse way of thinking and being able to consider different perspectives around the decision-making table, companies we invest in risk (inaudible) falling foul of groupthink, which is one of the things that gave us the Global Financial Crisis a decade ago.
So, if we turn our heads to the looming crisis that is climate change, we need better quality decision making at the most senior level if businesses and the economies are to be successful in the low-carbon transition. Diversity is not just a buzzword or a nice-to-have. There have been numerous studies documenting the financial impact of this. This ledger shows a handful of such research results. And what we know on an intuitive level also comes through in research data: more diverse companies perform better.
Diversity isn't just about gender. It's about all aspects that help individuals think differently and enable new ways of looking at the same issues. Cognitive diversity stems from differences in education, age, religion, race, nationality, and other factors that are all very valuable if you want to get a balanced view. We, the business, are strong supporters of diversity. We have been championing diversity throughout the business and in our leadership position for a very long time, and we have committed to meeting the target of 33% female representation and at least one Black, Asian, or minority ethnic board member by 2021.
Recently, you may have heard that the ratings agency, Moody's, found our new Race Action Plan to be credit-positive, and we expect diversity to become increasingly financially material in the coming years. We have a variety of approaches available to us to ensure that the largest companies we invest in are making good progress in this area. We will write to them, hold meetings with them. And where progress isn't achieved, we can use our voting powers to help move the dial.
So, stay tuned for more updates in this area as we put our new stewardship policy into practice.
So, that was a bit of a whistle-stop tour in our approach to ESG, but I hope it gave you a better understanding of what we have already put in place and also helped signpost some of the developments that are underway.
I'd like to leave you with highlights in the next step on our ESG journey that we hope to start putting into practice later this year, which is our exclusions policy. We're at the latest stages of finalizing this and look forward to be able to communicate this to the market as we come to implement it later this year.
As I mentioned earlier today, we're very conscious of the progress we can make as a large asset owner by engagement; particularly, if we work with others, too. So, we won't be looking to suddenly disinvest from everything that looks a little off, nor would we look to disinvest on moral or ethical grounds. We'll work hard to protect our customers' lifelong savings from unrewarded risks, and this new policy will help us become even better investors on their behalf.
Thank you very much for listening. I am very happy to take your questions now, as I'd much rather be answering the questions that you have than to just kind of preaching to you on my pre-prepared remarks.
So, Tony, over to you.
Tony Clark: Thank you, Maria. And thanks for that insight on where we currently are and what some of our initial next steps are on this wide and reaching subject.
There's a few questions that have come through. I'm just trying to sort of define them into some themes. One particular one, I'm actually going to – I'm going to let you take a glug of water, Maria, and aim this one, actually, to Ali, who obviously introduced the call earlier on, around that difference between men and women and how they approach this whole ESG subject. What do we think drives the difference in the way that they think about this subject, Ali?
Alison Nicolson: Tony, I think that's a really interesting question, and I think many of the people here listening on this call will have views on this, as well. From research that we do in this area, we can see that more women than men are actually worried about some of the things that Maria has just talked about. So, for example, climate change, many more women worry about that on a day-to-day basis than men; yet, the question that Maria shared with us told us that actually less women than men are likely to invest in ESG-friendly funds if it was made available.
And we have to ask yourself, why is that and what can we do about that as a provider and what can you do about that as advisors on the call. And if we look wider at some of the things that we get underneath when we do research with women, we know that more women than men don't actually understand their savings, they don't know what they've got for their long-term savings. And more women than men feel they're not adequately prepared for the future. So, these types of stats tell us that actually there's probably a knowledge gap and potentially a confidence issue.
So, we've tried to take that quite seriously, to help support – and I'm sure many of you in the call will take that quite seriously to support. Because if we have women who have a passion in this field, but not necessarily going to follow it through in their investment principles, then there's a lot of education that we'll have to do to support.
Tony Clark: Excellent. Thank you, Ali. That's good to hear, and it's good to see that we kind of take the way differing groups and populations – and this isn't just about gender. I know the way that Scottish Widows and Lloyds Banking Group work on these things, we take much more wider thinking into our approaches about the way that different groups around the U.K. approach these particular subjects. So, thank you for that.
Maria, I hope you've had time to have a bit of – to whet your whistle, so to speak, and have a drink after talking us through there. A couple of questions that have come up then. So, one of the ones that's come up, one of the themes, is around the fact that clients historically have already held environmental and ethical views and beliefs that's made them approach their investments by using environmental and ethical funds. Are we going to focus first on those, where clients are already consciously making those kind of choices?
Maria Nazarova-Doyle: It's a good question. Thank you very much. We're trying to address quite a few things at the same time. So, as we're trying to understand what other things we're missing in the fund range that people might want to invest in, we're also looking at what we already have and how we can improve this. So, we're currently reviewing the mandates for our ethical environmental funds just to make sure that they still address customer needs and what we believe is the market best practice or leading approach to ethical environmental investments. So, we're doing both, in tandem, so that the fund range that we do offer actually doesn't have any gaps and things that we do have in the range are exactly spot-on.
So, thank you for that question. You should be able to see progress on customer range of funds very soon.
Tony Clark: Thank you, Maria. Leading on from that almost around workplace pensions, where obviously there's a lot of employees who have Scottish Widows as their provider of workplace pensions, where do you see BlackRock Climate Transition Fund and the wider thinking that we have here, where do you see that sitting within the workplace environment?
Maria Nazarova-Doyle: So, we're already integrating this fund into our default, which is our largest workplace product and with the majority of customers in it, but we're also looking to add this fund as a self-select option to the fund range, as we discussed earlier that we're looking to add different funds.
So, you might recall from the customer poll that the top three themes that people cared about are climate, kind of clean energy, climate, water management and waste management, which incidentally happened to be the top three themes that that BlackRock fund actually addresses. So, originally our thinking was to just have this in the default. But then, seeing the results of customer polls we thought that it makes really good sense to offer it as a stand-alone option, as well. So, those people who care about those issues could invest directly up to 100% of their savings, should they want to.
Tony Clark: Thanks, Maria. And one other question that's just come through, actually, which is almost linked to this side of things, as well, is whether or not there's any work that we've got planned to support the ESG message through the schemes so, actually, end customers and employees actually start to get this messaging through to themselves, as well. Any thoughts or plans on that side of things, at all?
Maria Nazarova-Doyle: Yes, absolutely. So, I'd say we're starting from strategic level to make sure we put the frameworks and the foundations in place for us doing all the right things fully and the way we intend in terms of integrated ESG. And as a next step, we're looking then to engage with customers once we have this fund range that we think answers their exact needs and also our customer empowerment broken into two. So, one is giving them the good fund options and choices that they want, but the second one is to give them the tools to make better decisions and being able to incorporate ESG into those decisions.
So, what we're doing is we're also working on developing new tools for customers that are ESG tools that should be able to get them a lot better visibility of how the investments are aligned with things that they care about, whether it is global warming or diversity or anything else that they care about.
So, those two together we think of having a really robust, wide thematic range for sustainability themes and also giving customers the tools, combined together, will really empower customers, and we're doing both together. So, obviously, it's a process. So, it does take time to put things in place. We're now at the kind of proof of concept stage for this. But if that proves to be successful, we will continue on with implementation. And again, you should be seeing the results of that next year.
Tony Clark: That's fantastic. And I guess we would continuously welcome feedback on that kind of content, that kind of education piece, that knowledge piece, etc., and any support we can give on that front we would always consider to see what we can do, as we take our responsibility on this so strongly, don't we?
I guess you'll get a number of questions, Maria, around our definitions and how we defined the elements of our strategy and our exclusions policies and what we include, what we exclude. And that will be up for debate in terms of folks who maybe are trying to look for black-and-white answers to some of these questions. But I guess just as an example, one of the questions we've had in is around BlackRock's fund deemed to be low-carbon, yet it includes companies with up to 5% revenues from thermal coal and tar sands. A very specific question, but how do we shape our thinking on that? How do we consider that fund to be low-carbon, given those numbers?
Maria Nazarova-Doyle: So, the fund is not just fossil fuel-free funds, to begin with. It is a low-carbon fund because it actually achieves more than 50% carbon reduction compared to its index. It outright excludes companies that have over 5% revenue from thermal coal and tar sands, which actually is a very, very low threshold. And what that means is that the companies who potentially have some operations that give them a small amount of revenue, they normally will be phasing them out and they would have put plans in place and agreements in place to phase them out, like Drax recently did, for example. So, it's a process of companies moving out from those areas.
So, what BlackRock's fund does, it cuts off anybody who has more than 5%. And then those who have below 5%, it then does the scoring over them. And it may be that that scoring means that actually they're still not in the fund, because there are also then rules about 2% of the MSCI universe of being in that fund. So, it might not even be there, specifically. So, we can look at it on a company-by-company basis.
But the point is that whatever is left in the investable universe after that exclusion is being scored, and only companies that actually have very clear targets and goals and commitments of exiting those areas, they will be included in the fund. So, yes, for us, it's very much a low-carbon fund that gives a really good carbon benefit to the portfolio.
Tony Clark: Thank you, Maria. And I wonder within that then if that answers one of the other questions that we've had, does that start to balance out something you've mentioned already. So, you mentioned that ESG has got both an investment risk and an investment opportunity. And we've been asked how we manage to minimise the risks associated with ESG investments. Some of the answer may have been in what you just said there, but I wonder if you had any wider thoughts on that, at all?
Maria Nazarova-Doyle: I think kind of a straightforward tool to manage ESG risk is exclusions, but as I've said before you don't want to exclude too much. You want to exclude some of the unrewarded risks that you can't manage with stewardship. But beyond that, also stewardship is a really good risk mitigation tool.
What helps – specifically, around carbon – is embedding that thinking into your asset allocation process, and that's what we're doing at the moment. So, we're kind of on this journey. So, we already take into account carbon footprinting of investments when we do asset allocation analysis for our portfolios.
But I want to go even further and properly embed it into scenario analysis and kind of in line with TCFD recommendations, as well. And we're working with some data providers and tool providers to help us develop something completely new that will help us embed that into our asset allocation.
And one thing I probably should mention on this, as well, is the work that we've recently done with the IIGCC, which is the Institutional Investors Group on Climate Change. So, what they have done – and we supported them and were a part of the working group for this project – is design a framework, a Paris-aligned investor framework, which is amazingly important for the industry because it outlines what does it actually mean to be Paris-aligned in your investments. Because everybody talks about it, talks about net zero, talks about aligning portfolios to Paris, but nobody actually has yet said what that really means.
And those people who maybe have made commitments, like it would be really interesting to see what they even mean by that, because there isn't a standard definition or understanding of what that means in practice. Whereas, this framework was put together by practitioners, for practitioners, representing some of the leading environmentally friendly and conscious investors in the world, essentially, to put together that framework that actually could be implemented for portfolios to then be able to say we are aligned with Paris Agreement.
So, we supported that work and which was hugely exciting. And that framework is now out for consultations with the market. And once the feedback is received by the end of September, we'll see if that needs to be refined. And then, obviously, the next plan is then to start implementing that framework in portfolios. And hopefully we'll get some consistency in the market and we'll be able to actually call out if people are saying, "We are Paris-aligned and we are net zero aligned," if they use that framework that we should be able to all have some kind of belief that they are actually doing this properly.
Tony Clark: Thank you, Maria. And again I've got one last question which I'm going to ask. And I wonder if it is linked to the answer you just gave earlier, as well. It's a question that's just come through, which is it seems very much aligned to that kind of risk and the approach that we take. The question I've got here is around the extent to which our assessments here are backwards-looking, (i.e., it's kind of evidenced content that allows us to drive our decisions) versus a forwards-looking basis. So, the targets that countries around the world – the U.K. – have, et cetera, around these particular subjects, how do we balance that evidence piece looking backwards versus the target piece looking forward in terms of the decisions that we make?
Maria Nazarova-Doyle: I'm trying to understand what that actually means. Okay. So, I think I get it. I think I get what you're asking. And if not, please get in touch with me separately.
When we look back at ESG-related data and we look at kind of experienced financial performance, for a number of years we couldn't really see ESG factors coming through as performance-positive. But over the last few years that really has changed. And particularly, Morningstar has found that ESG funds, a majority of ESG funds, tended to outperform more traditional investments over one-, three-, five-, and 10-years periods from this year. So, that kind of paradigm is really shifting.
I think it's a lot to do with investor expectations and investor behaviour as large institutional investors are moving their money towards kind of ESG-friendly strategies and better, more responsibly managed companies. So, there's a bit of a self-fulfilling prophecy in it.
But also there's, like, lots of other factors, because customers are also voting with their dollars and pounds in terms of where they shop and which brands to buy from. The company profitability is actually changing, too. So, that ESG thinking is more and more embedded in our daily lives; hence, it has more impacts on company profitability, as well. Plus, investor behaviour is starting to move the dial, too.
So, you can look at things like oil. Which has just not fared well in any almost of the periods you look since the Global Financial Crisis. It's, like, the last-performing, bottom-performing sector if you look at energy sector versus, say, technology, for example.
So, ESG is here to stay. And if you look forward, it's only going to come through more and more. And whereas several years ago it was hard to see it in the data, it's now very much in the data, past-looking and forward-looking, as well.
Tony Clark: Thank you, Maria. And I did say that might be the last question. But actually, I've got one more for Ali. So, there's been quite a few questions around the fund make-up and the risk and that kind of very valid content, which is totally understandable. But one question that's been raised is around that diversity message, where we were talking about men versus women and their attitudes earlier on, Ali, and how we focus on race and gender a lot. One question has been raised about how Scottish Widows also are looking at things like social disadvantages, skills diversity, et cetera, when it comes to this subject, as well.
Alison Nicolson: That's a super question, because we do tend to default to some of these race and gender because the stats are actually just so powerful. But these are equally as big societal issues that we've got.
There's a few things probably to share. I think that this is a topic in its own right. And if it is something that's of interest, we'd be very happy to create a webinar around it. We have what we call vulnerable customer program, and it's something that we're pretty passionate about right across the bank and it’s making sure that where people are disadvantaged for many different reasons – it can be social disadvantage, it can be educational disadvantage, it could be disability – that when we are designing new propositions and thinking about our literature and updating it – because some of it is still in old technical speak – we have a program of updating all of this, and we test that with vulnerable groups. And sometimes they can actually engage with us in a way that means that we're picking up exactly what we need. So, in some cases, it's a representative for the organisations that lobby for them. But there's some really interesting findings in that program that we're building through, and we'd be very happy to share.
In terms of education, we have a program running at the moment and Scottish Widows sponsors called Helping Children Prosper. And this is a series of Zoom and webinars that engages kids. And we are doing it through some employers. So, if it's of interest to you on the call, then please do let us know.
And what we're trying to do here is get to grassroots level in upskilling children on the basic financials. So, irrespective of social background, irrespective of education, there are some really basic needs or educational things that we want them to understand. And we built this on top of the program that the bank runs, where they go into schools and provide education at primary school levels. So, start to get people much more financially aware.
And the final thing probably to bring out on that question is that we have charitable foundations in England, Wales, over in Ireland, and also in Scotland. And the key focus for them is disadvantaged groups. So, as well as supporting customers we invest directly into charities who are helping to support disadvantaged groups across some of these other social issues that the question is focusing on.
So, there's a number of different themes in there, and if it's something that you'd like to know more about, then I personally would be very happy to speak to you or, indeed, we could set up a webinar around it.
Tony Clark: That's fantastic, Ali, and that's a comprehensive answer, as they all have been. Thank you so very much.
A huge thank you to both Ali and Maria for joining us today and answering those questions and showing where Scottish Widows are in their journey around ESG and what the future looks like, as well. So, thank you, both.
It's clear from the questions that have come through and the sheer number of them and the variation that this subject is one that many people are passionate about and for very, very differing reasons, whether that be from an investment perspective, an advice perspective, or a humane kind of desire to do the best for the planet perspective. It's just great to see such content. So, thank you all who've raised questions. We will come back to you after this call.
And again, you'll have heard from both Maria and Allie that we are open to further dialogue. If you want to contact us directly, then feel free to do so, whether that be through the usual forums of the likes of LinkedIn and Twitter or through local Scottish Widows contacts. As you see fit, then please do so.
So, thank you once more, Maria and Ali. And I wish you all the very best. Have a great day.
Alison Nicolson: Thank you, everyone.
Maria Nazarova-Doyle: Thank you.
Good morning everybody. I think it is fair to say that the last few months have been extremely challenging for many of us, in lots of different ways.
There’s no doubt that the effects of the pandemic have made their mark on the financial resilience and financial plans of countless people. Some of them may be your clients.
This has left more people vulnerable than ever before – so it is timely that we’re discussing this important topic today.
Whether you’re reviewing and sense checking your approach, or still developing it, I’ll be sharing some key information and ideas to help you with this.
We’ll focus on:
• What vulnerability is, how it can cause harm
• How firms can identify vulnerable clients,
• And once they have, what can they do to support them.
Let’s start by looking at the regulator’s activity around vulnerability.
This is what the FCA said in a recent speech, when they talked about their aims to protect the vulnerable.
It is becoming very clear that they want to see this topic shifting from an approach where the right boxes have been ticked to achieve compliance, to firms standing back to ask “what are our vulnerable customers’ needs, and how can we respond to deliver good outcomes”.
In other words – having a process is one thing, making that process live and breathe within your culture and your business is another.
This isn’t a new topic for the FCA. It’s worth having a quick look back at where their focus started, and how it has evolved over recent years.
Five years ago, Occasional Paper No. 8 first highlighted this topic. It set out the definition of vulnerability and sought to raise awareness and promote best practice across the industry.
We then had two further papers which included reference to vulnerability, whilst focusing on Access to Financial Services & the impact of longevity for financial services.
2018’s Financial Lives survey set out the four main indicators of vulnerability and emphasised the scale of vulnerability in the UK, we’ll look at both of these things later.
And then in 2019, for the first time we see FCA consulting on issuing guidance for firms on the fair treatment of vulnerable customers. Again, we will come back to this consultation – GC19/3 - shortly.
We’ve now seen the first complaint upheld by FOS because a firm did not treat a client as vulnerable. She complained about the advice given to her soon after her husband died. She believed that she should have been treated as vulnerable, and wasn’t. And had she been, the recommendations made ought to have been different. The Ombudsman agreed, and ruled that the firm had to compensate her for giving unsuitable advice.
So, if vulnerability isn’t already a key area of focus for firms, then maybe it should be?
Before we move on to explore this topic further, let’s take our first poll of this morning and ask you what percentage of your clients you think – or know – would be classed as vulnerable. OPEN SURVEY
CLOSE SURVEY and SHOW RESULTS
Thanks you for your input, it’s useful to know your views. SUMMARISE RESULTS
Where that number is on the low side, there may be specific reasons, but it would be interesting for you to see if your thoughts change by the end of this session.
If your screen isn’t now displaying my slide headed FCA definition, then you may need to close down the poll pop up screen by hitting the X near the question.
So what is vulnerability? Occasional paper 8 defines a vulnerable person as somebody who is susceptible to detriment because of their circumstances, particularly when a firm isn’t acting with the appropriate levels of care.
Helpfully, the FCA also issued a practitioners’ pack alongside Occasional Paper 8. This includes examples of good practice in identifying and interacting with vulnerable customers.
I’ll be sharing some thoughts on good practice today, but you can also use these documents, along with Guidance Consultation 19/3 to help you put the appropriate processes and support in place.
Let’s explore further how vulnerability might result in detriment?
First, there could be financial detriment – for example, somebody gets scammed. Or they get into debt, which spirals and then there’s an impact on their credit history. Or they suffer financial loss, because of making sub-optimal choices or poor decisions as a result of their vulnerability.
Detriment can also relate to psychological harm. Vulnerable people often feel unable to cope – then they may become stressed or anxious, and even feel embarrassed and humiliated because of their situation.
We need to ensure that customers don’t lose trust in firms and withdraw from financial services altogether which could ultimately leave them with a higher exposure to risk.
So what is the FCA suggesting that we could do? Let’s look at the three key areas they included in the proposed guidance issued last year.
First of all they expect firms to proactively take steps to understand the needs of vulnerable consumers – including know what the drivers, impact and effect of vulnerability are.
Then they want to see staff who are equipped with the knowledge, skills and confidence to work effectively with these customers.
In terms of practical action, they’ve focused in on these three areas. So they don’t expect firms to develop products specifically for vulnerable customers, however they do expect us to embed consideration of vulnerability in product design.
Vulnerable customers are more likely to have particular service needs, for example they may need more time to understand information, reflect on it and make decisions. So we should consider this in relation to our customer service.
Communication can be a significant barrier for vulnerable consumers where they have additional or different needs. There’s a lot that we can do to ensure good and appropriate communications – and we’ll come back to this later.
Finally, they expect that all of this will be reviewed & adapted on an ongoing basis.
Vulnerability comes in a range of guises – and many people in vulnerable situations would not recognize themselves as such.
There are certain risk factors that are particularly important within financial services, which we can explore.
First of all, low literacy, numeracy and language skills. For example, if English isn’t somebody’s first language that can have a real impact on their financial capability.
Physical disability, illness or poor mental health can make it difficult to carry out day to day tasks – including looking after our finances properly.
A sudden change in circumstances such as job loss, bereavement or divorce can not only make it difficult for us to cope emotionally, but can trigger a financial loss.
And having caring responsibilities can make us vulnerable – many people who take on caring duties find that their income often reduces. Carers often use up any savings they have and can end up with debt. The FCA extend this risk factor out to include those operating a power of attorney. It can be time consuming to manage a complex set of financial affairs for somebody else – which can lead to less time or focus spent on one’s own financial situation.
There are two age related vulnerability factors.
Those who are young may lack the financial experience to make the best decisions for themselves - or not had time to build up a strong credit rating.
Being old does not in itself make you vulnerable. You’ll all know 80+ year olds who are sharp as a pin. However, it is more likely that that as we age, we will be living with cognitive or physical impairment, or experience sensory impairments such as problems with hearing or sight. The onset of ill-health is more prevalent and those in this age group are generally not comfortable with new technology.
We’re now in a world where technology is king – we wouldn’t be here today without it. So many of us have had to rely on going online to manage our finances during lockdown.
And finally, having low income and/or debt can present challenges.
So when you look at all that – and bear in mind this is not an exhaustive list – it’s easy to see how the Financial Lives study concluded that 50% of UK adults display one or more characteristics that signal their potential vulnerability.
We can summarise the various situations that might make us vulnerable into four key groups.
• Health conditions or illnesses.
• Major life events such as bereavement or relationship breakdown.
• Low ability to withstand financial or emotional shocks impacting financial resilience.
• And the things that affect financial capability.
This can be helpful in remembering what to look out for. This chart – taken from GC19/3 – can act as a useful checklist to help spot vulnerability. If your client displays one or more of these characteristics, there’s a flag for you to put your vulnerable client process to work to establish whether vulnerability exists – and what that means.
GC19/3 says that firms should have systems in place to record information on the needs of vulnerable customers and make that information available to relevant staff.
This is so that vulnerable customers don’t have to repeat the information AND to ensure that everyone is geared up to deliver the service that the client would deem to be good and appropriate.
In GC19/3, vulnerable is defined as actual or potential. So if somebody has a history of stress related illness, or has taken on caring duties, they may not be vulnerable now, but have the potential to be. The guidance says that what you do for your vulnerable clients, you do for potentially vulnerable.
I also want to talk briefly about the FCA’s recent Policy Statement and Guidance on Pension Transfer Advice. You’ll know that a ban is being imposed on contingent charging for this advice. But there is an exception – the “carve outs”. These are specific types of vulnerable customers in circumstances that make pension transfer advice particularly worth considering – those in serious ill health and those in serious financial hardship. The rules help these customers access the advice they might not have been able to afford.
In PS20/06, the FCA says that firms should have the relevant knowledge and experience to deal with the specific personal circumstances of vulnerable customers who meet the tests to be carved out. For example, understanding the behaviour of those with persistent debt and the debt management options available. PTS are also required to carry out specific CPD, and one example given as a relevant CPD topic is: advising vulnerable customers on DB transfers. So for those of you involved in DB advice, I’d recommend including this into your vulnerable client policy.
I said earlier that the Covid-19 pandemic has affected many of us. What does that mean in terms of financial vulnerability?
First of all we’ve seen significant market volatility with clients experiencing sudden falls in their investments, and there’s uncertainty about future market and economic recovery.
We’ve seen an increase in income shock caused by investment volatility, furlough, redundancy or bereavement. This has led to millions applying for universal credit or mortgage payment holidays in recent months.
Savings are worth less. Many retirement income plans on hold or being reviewed and adjusted.
With an ‘income shock’ recognised by the FCA as an indicator of vulnerability, this means you will have a number of clients who did not start out 2020 as vulnerable – but now they are - even if temporarily.
There has undoubtedly been an impact on many people’s financial resilience.
Many have seen their physical or mental health impacted by the virus or by lockdown.
Death rates are significantly higher than is normal, leaving many more families newly bereaved.
Many are taking on caring duties, or trying to maintain caring duties under difficult circumstances.
And finally, another driver of vulnerability can be lack of access to financial services or indeed other services and support. This has been an issue for many – mortgage and financial adviser offices have been closed, bank branches closed, or open for shorter hours. And of course many people have been unable or unwilling to leave their homes. I’ve already talked about a greater reliance on digital services – imagine being one of the 9 million people who struggled to get online by themselves before lockdown? The recent Lloyds Bank UK Consumer Digital Index reports that almost 4 million people were totally disengaged digitally – and almost 6 million were unable to turn on a device.
So overall, the numbers who are vulnerable is likely to have increased recently, purely as a consequence of the pandemic.
It might feel as if I’m painting a very gloomy picture here, but the great news is that you can offer a lot of help and practical support to your clients.
An immediate and obvious action is to keep in contact with them and let them know you are there for support.
You can offer reassurance about your business continuity plans, educating them about what to do – and not do – in times of market volatility. Ensuring that they don’t let valuable protection policies lapse if it can be avoided. I’ve seen some great examples of firms signposting clients to places where they can get help and information. Like using Newsletters containing all the relevant links that their individual or business clients might need to access. Some firms have run webinars like this one to talk to their clients. And of course there’s the good old fashioned option of picking up the phone for a chat!
You may also be experiencing or thinking about the changes to client reviews that as a direct result of the current situation.
If you haven’t already, you could consider prioritising those clients who need an urgent review.
Which of your clients were on the cusp of making significant changes to their life or financial plan. For example, you may have clients who were about to retire. You may have been helping a first time buyer with house purchase. And now with changes to both pension fund values and lending criteria – these clients will need to speak to you sooner rather than later.
For the review meeting, normal practice is to review the overall plan. So to identify any changes to your client’s situation or objectives and carry out an assessment of how well things are on track. But we’re not in normal times, so you’ll need to understand exactly how Covid has impacted your clients. There may be some planning implications.
Some clients may have exercised their contingency plan, but if there wasn’t a contingency plan, or the emergency fund has run out - what alternatives can they consider? Are there other sources of funds? Can they use their Property?
For clients close to retirement, they may need to work on an additional year or two beyond their target date. And those already in retirement may mean to adjust their discretionary spending.
Whilst some of this may feel unpalatable to clients, knowing what needs to happen will reduce any stress or anxiety they were feeling about their financial situation.
Along with this, there’s an opportunity to discuss budgeting – what adjustments can be made, what payments can be stopped or delayed to help with the current situation – if necessary. Checking that those who need to are taking advantage of mortgage payment holidays, for example.
Recent research suggests that on average we’re spending £182 a week less since lockdown started. For those who are working, and now have more surplus income, could that be put to good use in support of longer term goals.
Let’s look at some important future planning points – and how you can help protect your clients.
You can establish what is causing concern right now? Is it protection against illness, early death or redundancy? This is the perfect time to discuss the protection solutions that provide financial support if any of these things happen.
Don’t forget business owners – business protection is crucial for continuity and succession planning.
I hear that the pandemic is bringing topics like wills or power of attorney front of mind. This is a key opportunity to work with those who haven’t yet got these important tools in place.
And for those already drawing income in retirement – are they now feeling concerned that the balance of secure and unsecure income is right for them? Has their appetite for risk, or capacity for loss changed? Would they be concerned if a drop in investment values meant that they would struggle to pay their bills?
Sadly a plethora of new scams have emerged to take advantage of the pandemic. Who is at risk of being scammed – probably most of us, especially with recent reports of phishing emails to IFAs purporting to be from the FCA - and are you helping your clients understand how to spot a potential scam? There are some great fact sheets that you can use to help with that from Citizen’s Advice, PFS, MAPs and Scottish Widows.
The message here is that you are uniquely positioned to help clients – many of whom are under an unusually high amount of stress at the moment. So by making adjustments to their plans, keeping them focused on the bigger picture and creating contingency plans, you provide much needed peace of mind in these highly uncertain times. Doing something, rather than nothing, with respect to the financial plan – will give your clients back an element of control.
For those who are vulnerable,
The trigger for this can be sudden, like an unexpected bereavement or gradual, like the onset of dementia.
Vulnerability can also be exacerbated by the actions of firms in some cases. For example if a firm made an error that caused either financial loss or stress and anxiety or had policies and processes that were making it difficult for people to engage, then that in itself can be a trigger point.
Not everybody will always be vulnerable, and, indeed, some people will move in and out of vulnerability. Others will always be vulnerable, and, for some there may be more than one thing that is making them vulnerable.
The reality is that we all have the capacity to be vulnerable at some point in our lives.
So before we come on to look at some practical steps that you can take to support vulnerable customers, we have our second poll question.
Can you tell us if your vulnerable customer approach is
Still in progress
Complete and fully in place
In place but you’re currently reviewing it
For those who are working on their policy, reviewing it, or merely want to do a sense check, let’s come back to the FCA guidance and remind ourselves that is expected of us.
Remember the regulator is suggesting these three key areas, and we’re now going to look at some ideas on how you can take positive action in all of them.
I appreciate that this won’t be true for all of you, but some firms are finding that there are people in their business with a bit more time available than is usual. So it’s a great opportunity to engage in education about this topic – like this webinar, for example, and make sure that everybody is fully up to speed.
There may also be the resource available to review your processes and revisit your communications.
Communication was a key area of interest from vulnerable consumers, when they were asked in research what good looked like.
They want clarity and choice in terms of communication – with everything that is sent to them being clear and straightforward. They also want alternatives like large text where is needed, and different options than face to face – and we’ve all had lots of experience of carrying out meetings in different ways in recent months. And also there may be certain times of day that are better for clients to meet - depending on when they take medication, or have carers calling in.
Clients want to be offered clear and easy to understand financial products that do not contain surprises that may only become apparent when crisis strikes – e.g. hidden “get out” clauses for paying claims.
They’d like it if we were proactive when we suspect that something isn’t quite right.
And when we know that a client’s situation makes them vulnerable, they want a flexible and tailored approach.
All of that of course means we have to take the time needed to listen, let conversation take its natural course, and be sufficiently trained to spot the signs of vulnerability.
It really isn’t difficult, and in many ways it isn’t that far removed from the way we are obliged to treat customers fairly – so one way of thinking of this is as TCF Plus – adding a layer of extra service or support those for who need it.
So how do you go about spotting the signs. Bear in mind that it may not be you who is the first person within your firm to learn of a customer in vulnerable circumstances. It could be somebody else like a Receptionist or administrators, for example. Which is why training across the entire business is vital.
Here are just some of the signs that anybody engaging with a client can be alert to:
You may become aware that a client seems to be struggling to understand information or follow a conversation:
They ask you to speak up or speak more slowly. They ask you to repeat information – or they repeat themselves, ask unrelated questions or wander off topic.
They indicate a lack of understanding. Or a client who previously has been well prepared for meetings has started ignoring letters or reports. Any of these things raise a flag that something isn’t quite right.
There could be audible or physical clues – they seem flustered, or out of breath, or they tell you about new medication or a change in health.
They may want to do things differently to the way you’ve always worked with them – like requesting home visits when previously they came to your office. The two other points here that need proper investigation would be where somebody else is helping with their finances, or unusual financial requests that weren’t in the original plan. If a client discloses that somebody else is helping them – you need to find out if this is an informal arrangement for extra support, or whether the appropriate power of attorney in place – and if it isn’t, should that process be started?
Where a client is asking or income or capital withdrawals outside of the plan you’d agreed with them, it is important to understand the reasons why – and I know that usual processes would do that. A third party could be putting somebody under duress to withdraw money – the client may be about to be scammed, or be the victim of economic abuse. Or they may have got themselves into financial difficulty.
And finally, they disclose something that has triggered a financial shock, like business failure, being furloughed for example.
Having established that there may be a potential vulnerability, the next step would be to explore further what this means and how you can help.
Vulnerability can be challenging to ascertain because customers may not believe themselves to be vulnerable; or be reluctant to disclose certain things, or believe that they will be treated badly because of it. When in fact, the opposite will be true – understanding what is going on will usually make it easier for the firm to provide the level of service the customer needs.
So, the Practitioners Pack I mentioned right at the start contains practical tools to assist us when having conversations around vulnerability. We’ll look at two of those today – the TEXAS and IDEA drills.
The T in Texas stands for Thanks – it may have been difficult for your client to disclose something and you can also let them know that doing so will help you offer a more flexible way of working together.
Then you should Explain how the information will be used - including why it is being collected, how it will be used to help decision making, and who, if anybody, it will be shared with.
Which of course means that you need to obtain the customer’s explicit consent to use the information. I should point out here that the protocols were developed with data protection in mind, if you follow them as described in the practitioner pack, you will meet your obligations. Of course you will need to satisfy yourself about that, and there is good information about DPA and GDPR in both the 2015 pack and the 2019 Guidance Consultation.
Asking these three will enable you to understand the situation better – and help you work out what you can do to support your client:
1. What does your situation make it difficult for you to do? (focus in one hour meeting)
2. Does your situation affect your ability to deal or communicate with us? If so, how?
3. Does anyone need to help you manage your finances such as a carer or relative? If so, how? Important to know if this is a formal Power of Attorney that needs to be used. Is it registered and ready to go? Or if there isn’t one, should it now be put in place.
The S in Texas stands for signposting. This can be toward internal or external help. So, you might need to refer a client to a colleague who is better placed to help them.
Or, you might consider external signposting to an organisation such as a debt advice agency for help with multiple debts. We’ll come back to external signposting shortly.
IDEA is particularly useful where a customer has mental health issues
As with TEXAS, ask what the mental health problem either stops the customer doing in relation to their financial situation, or makes harder for them to do. This will help provide insight into both the severity of the condition, and its consequences.
It is also useful to understand how long the customer has been living with the reported mental health problem, as the duration of different conditions will vary. This can inform decisions about the amount of time someone needs to be given to retake control of their situation.
Some people will experience more than one episode of poor mental health in their lives - you will need to take such fluctuating conditions into account in your decision making.
And finally, question what care, support or treatment your client has been able to get for their condition. AND, is anybody else helping them manage their finances now?
Let’s explore what kind of approach you could think about when conducting a review or factfind meeting with a Client.
I’ve separated this out into new and existing clients, although some things here are interchangeable.
When meeting a new client, in the context of vulnerability, here are a few things to consider:
Does your fact find gather sufficient information for you to be able to assess if there is a potential vulnerability? If not, can you add some questions, or use a checklist separately to support this?
Are there some more obvious signs, for example somebody else is accompanying a client to a meeting? Any other unusual requests or behaviour? You may pick up on some of the signs we’ve talked about a few minutes ago.
The final point relates to a situation where you’re working with an attorney or attorneys. It is really important to clearly establish the adviser / client relationship. I’ve heard some horror stories in the past of power of attorney being abused. And often, when an attorney is also a beneficiary, they may have different ideas to you about what is in the client’s based interests.
When meeting or speaking with existing clients, I suggest that when you know people, it is usually easier to spot if they’re acting differently or their behaviour or circumstances have changed. Does a change in circumstances come up that might lead to vulnerability - e.g. taking on caring responsibilities, needing to draw more income for some reason.
In addition you may be able to sense when their understanding and recall of information isn’t what it used to be.
Some firms use questions or other techniques to check their client’s recollection if they think it’s appropriate.
And again, being aware of the potential for conflict of interest or undue influence if working with more than one person.
When it comes to the presentation of information, I think this is an area where most of us would admit that we could make improvements if only we had the time. So here are some ideas.
This can be simple steps to adjust the delivery and format of information – like using large text in documents or emails. Or the use of infographics to simply complex topics and explain issues and solutions clearly.
It would also be good to challenge how information can be explained with a limited use of jargon. This can be incredibly difficult in financial services - there is some jargon we just can’t get away from, as we have to use the correct terminology for certain things because of legislation.
But, it is always worth undertaking a review of documentation. The Plain English Society has a range of excellent guides – available to download from their website. My favourite is the Alternative word finder, which has complex or outdated words and phrases on the left side of the page, and on the right hand side says “you might want to consider using this instead”.
There’s been a lot of talk about how we can make Suitability reports easier to understand. I read an article by a paraplanner recently where she mentioned having 3 levels of suitability report that she will choose from depending on the client’s attention span.
Most people find it useful to include a summary at the front of a suitability report or information pack. However, I wouldn’t call that the “executive summary” because that’s jargon! Instead, you could title that page “Read me first”. And use this one pager to highlight the important points, actions and deadlines are. If the things you need your client to do are hidden away in page 15 or at the back of the pack, they might spot it before a deadline. But if it is clear up front, you have a better chance of your client taking action.
I want to talk about cashflow models, too. They’re a great way of simplifying complex information, however I know that some cashflow tools come with lots of additional features. At some point, as their cognitive ability changes with age, your client may not be able to take in all the whistles and bells, so look out for the point at which you need to pare it back to core information. And here I’m talking about the normal changes to our brain as we get older, not necessarily where somebody has a dementia diagnosis.
And finally, you should challenge everybody who communicates with your clients to review how they do it – your colleagues, providers and professional connections!
I want to come back to the topic of signposting because I think it is vital and I don’t think enough firms make the most of it.
There are a range of vulnerabilities that present challenges outside of your area of expertise. So why not start to collate a “Directory” of signposting partners.
Let me share a couple of examples.
So, for example: charities – like MacMillan who offer fantastic support for helping those with a cancer diagnosis, both emotionally and practically.
The Alzheimer's Society or Alzheimer's Scotland – again, amazing support and helplines/factsheets to support anybody affected by dementia.
And it doesn’t have to be national charities – you can recommend local support.
There may also be services that the customer needs that they can’t offer. For example, an existing client contacts you because they want to consider releasing equity from their home. If you aren’t authorised or qualified to help with that, then, it would be great if you can put that client immediately in touch with somebody else who specialises in that type of advice.
This could make a huge difference this could make to somebody who is possibly quite stressed and anxious – rather than keeping them waiting while you search around for another adviser who can help them.
The final point to make about working with third parties, is where advisers are working with providers in relation to specific client requests. It is often helpful to let us know if your customer is in a vulnerable situation. Whilst we can’t record that against the customer, it can help us ensure that we manage the specific transaction with that in mind. For example, you may be working with a client who is going through a divorce, and needs access to their pension funds to pay a bill. If you submit the request but don’t tell us that, we might miss the opportunity to treat your client appropriately – and in a worst case scenario, they could miss the deadline for payment, which may have other implications.
You can help providers be in the position to deal with clients effectively
Here are some of the things that we do within Scottish Widows and Lloyds Banking Group to support vulnerable customers and drive thinking in the industry:
We have partnerships with Macmillan Cancer Support, who I mentioned earlier, with Turn2Us – a national charity that helps customers in financial need get information and gain access to welfare benefits, charitable grants and other financial help. And if you’re familiar with Scottish Widows protection solutions, you’ll know about the link with RedArc – whose Personal Nurse Advisers give people the practical advice and emotional support to transform their whole experience of illness, disability, trauma or bereavement.
As a group we have specialist teams in place to properly support our customers at certain points in time when they need additional help. There are some examples on screen, including the Scottish Widows Protect dedicated Claims Team. Each person who claims is given a claim assessor who will stay with them throughout the claims process, and they use their expertise and specialist knowledge in all types of protection claims to support the client.
And finally we support and deliver a wide range of initiatives across financial services.
Our “Taking on your Future” campaign, has the aim of helping people across the UK plan their financial future better. You can use our financial planning tools and short pension films with your clients to help them understand the issues, challenges and opportunities they may be facing, whatever stage of their retirement journey.
We’ve also recently added some short films to YouTube to reassure people in these uncertain times – for example, that our life insurance policies will cover claims for death as a result of Covid-19.
2019 marked our 15th annual Women and Retirement report. This highlights the unique challenges women face in saving for their futures. We then provide you with practical resources and issues to consider when having client conversations, including maternity leave, reduced working hours and childcare costs.
My colleague Johnny Timpson chairs the Access To Insurance Working Group in his role as Cabinet Office Disability Champion for Insurance. One of the Group’s key successes is the signposting agreement which expands access to protection insurance for those with pre-existing medical conditions and/or disabilities.
When it comes to meeting your customer’s needs, we’ve worked hard to embed consideration of vulnerability into our product and service design.
As the UK moved in to lockdown, we rapidly adjusted our ways of working and our processes – to ensure that you and your customers still had access to us and were able to transact with us.
We have a comprehensive protection offering with the added value of Red Arc support and a great reputation in supporting people and families with claims – backed up by statistics.
When it comes to retirement planning and retirement income, we are extremely well placed to help you support your clients - whether they need flexibility, certainty, or a mixture of both:
Our retirement account has a clear charging structure, the benefit of family pricing and a range of funds with the ability to cope with volatile markets.
Where your clients want simplicity and guarantees for some or all of their retirement income – our annuity gives them exactly that, providing valuable peace of mind.
There’ll be chance in the feedback survey to request specific information about any of the Scottish Widows support or solutions that I’ve mentioned. This will open up for you automatically as we end the webinar.
Now I’m going to hand over to Tony Clark as we open up this webinar to questions.
In closing, I would urge you to check that your approach to vulnerable clients is in line with the latest thinking to deliver good outcomes.
You can get more help with this from both the Guidance Consultation I’ve talked about – and from Occasional Paper 8.
For more insight on a range of financial planning topics, visit the Expertise section of Scottish Widows Adviser website, where you’ll find our CPD masterclasses and technical articles.
To hear from your dedicated relationship manager, let us know how we can help in the feedback survey that will appear on your screen shortly and we’ll be in touch. And do look out for details of our future webinars in your inbox and on our social media channels.
We’ll be making a recording of this webinar available to you, so please feel free to share it with any colleagues who weren’t able to attend today.
Thank you so much for joining this webinar, my colleagues and I look forward to hearing your feedback and to speaking again to those of you who request support from us.
Find out more about how workplace schemes are evolving and what you can do to help your clients and employees adapt to the modern workplace.
Pick up practical insights on how the Individual Retirement market is changing and how to plan for your client’s varied needs.
Join our experts in exploring ways to help ensure every client can understand and access the financial protection they need.
August 19, 2020
9:30 AM EDT
Tracy Jeffery: Good afternoon, everyone, and thank you for joining us today. For those of you who don't know me, my name is Tracy Jeffrey, and I'm the National Sales Manager for Scottish Widows Protect. And today I'm joined by my colleagues, Scott Cadger and Carol Anne Mitchell. Scott will be providing some really timely updates on mental health, the protection market, and how Scottish Widows have approached these areas in recent times. Joining Scott and I will be Carol Anne Mitchell, our other National Sales Manager, who will be facilitating your questions today.
Please do use the "Ask a Question" function to submit any questions you have during the presentation. Whilst we will endeavour to answer all your questions today, should any relate to client-specific cases we will look to answer these offline on a case-by-case basis.
This webinar is being recorded and will be available for you to share with your colleagues after the event. And it forms part of our Expert Series, which is a set of topical webinars, broadcasts, and podcasts which see our experts talking on some of the key issues in our industry to help you navigate the changing marketplace. We've been building the content in this series since June. So, please do take a look at our website within our advisor extranet section if you wish to review any of our previous recordings.
We also have another great session coming up at the end of September, and we are delighted to be joined by Paul Johnson, Director from the IFS, who will be providing his thoughts on how the post-COVID economy will affect pensions, going forward. Additionally, Johnny Timpson, who is our Protection, Technical, and Industry Affairs Manager within Scottish Widows, will be recording a podcast where he will be providing an overview of his Access to Insurance initiatives. So, please keep a lookout for further information within your inboxes and through our social media posts during the coming weeks.
Now, feedback from our previous sessions suggests that this is a really popular topic. So, on that point, I don't want to waste any time. And I would, therefore, love to pass you straight over to Scott Cadger, please.
Scott Cadger: Thanks, Tracey, for the introduction, and good afternoon to those who are listening live today. And good day, good evening, and good night to those who are listening on-demand whenever you choose to listen in.
So, today's session is going to cover a bit of background around mental health and how it's been root-tapped over time, how we as insurers now face the challenges of underwriting this risk, and how we at Scottish Widows have taken on that challenge and taken a really different approach in terms of the rationale and the outcomes you can then give to customers.
As a bit of more background on me, as Tracey introduced, I head up the underwriting claims and commercial strategy functions for our protection business. And I've been with Scottish Widows for the last 15-plus years and the last 10, or so, within the protection industry. Of that, it's probably been split 50/50 between leading the underwriting team and, prior to that, leading the launch of Scottish Widows Protect, along with (inaudible) and some of our colleagues on that front.
Also, probably kind of linking to why we want to talk about mental health, as part of Lloyds Banking Group we've had a partnership now for the last two years with Mental Health U.K., and as we go through this we will kind of show you where we've worked really closely with them to understand both customer concerns around mental health but, equally, how we're adapting to current practices.
So, with no further ado, we'll move on, and we'll start looking right to the very start. So, if I take us all the way back – and there's been a bit of kind of digging through history and kind of through the Middle Ages – we've looked around to kind of understand when mental health as a condition or as a media topic has been around from, and it's fair to say it's been around forever, although probably not disguised or talked about as something called mental health.
As you can see from the slide, a range of different theories around what was going on with people. And from kind of psychogenic theories – which are based around having a traumatic or stressful experience, and therefore, you have distorted perceptions of reality – and right through to some probably, as we now look at it now, back like through sort of the lens of hindsight, some very strange views around being possessed and being a demonic possession are the cause of (inaudible) with you.
And equally, the treatment around mental health in those days were particularly gruesome. Some things, like asylums, have still existed all the way through the 20th century and beyond, but trepanning was one of the areas that and probably when looking back through really sort of stood out for me, where people would bore holes into people's skulls to allow the bad spirits, the demons, to leave the body. It is an area that, obviously, from a mortality perspective and worrying about the risk of (inaudible), that is something obviously you really didn't want to be doing too often.
As we move forward in time and probably closer to more recent views around mental health, there are now two main theories that kind of came through in the late 19th, into early 20th century: from Freud, around psychodynamic features – that is, the kind of play between what's going on within your unconscious mind and how that plays out into your conscious behaviours; and also from John Watson, around behaviours and the ability to condition yourself to either like or dislike something. And a whole range of activity has come off the back of that in terms of the type of treatment. So, kind of following on from Freud and delving into people's pasts and looking at root-cause triggers through psychoanalysis has been an area of treatment that has continued up till present day.
And equally, looking at reconditioning. So, this is where you would almost continually repeat experiments. Facing into your fears, challenging yourself, and making that challenge harder and harder until you've overcome them have been around since the early 20th century, but we see a lot more within it.
Equally, we're still, I suppose, a view that we would take on treatments that are still, quite literally, shocking. ECT therapy, where you would literally put electricity through people to try and shock them out of their mental health conditions. Again when we look back with hindsight and look at how we are approaching things these days, it seems very much on the extreme side of the scale.
And so, to kind of bring it up to present day and kind of look at the more modern approaches to mental health – and this is where we've really worked with a range of our charity partners and we've been speaking across industry experts in the field of mental health – what we identify is that there's a range of behaviours. Your mental health is very much like your physical health, in that you are on a full spectrum. It is not just one particular treatment to solve (inaudible). There's a range of activity and different aspects that you should then take forward.
So, ranging from how you deal and handle with your emotional side of things, right through to the fact that there's a very clear link between financial pressures and how you're feeling and your stress levels and how that can have an impact on your mental health, and all the way through to (inaudible) that you're in, and we'll touch later in the presentation.
But we are in a much more heightened environment around fear to our health or challenges to our health with coronavirus and COVID-19. And as we come out of the severe lockdowns we've been in, but still (inaudible), there's still to do in looking at vaccines and beyond.
If you then look at the treatments that are then now taken, there still are the medical treatments. There are still drugs being used and medication being taken, and they're still using talking therapy, psychoanalysis, but there's a lot more wider and holistic therapies. So, art and creative therapies, exercise being prescribed, and we've just seen very recently Public Health England making a bigger push now towards how they use complemented therapies and willing to prescribe that and sort of social prescribing to help with mental health, going forward.
And so, all of these build themselves up to be a very different approach to mental health than where we have been in the past.
And alongside that, we've seen over the last 10 to 15 years a real shift in the public attitude to mental health and, in some ways, similar to some of the physical illnesses that are out there. And as we understand more and more about that, that understanding comes into empathy and helps people move forward, to help them focus on how to recover and what support is needed.
When you look at the two images – and we could have picked any two images – of celebrities in here that either have triggered events (inaudible) deaths of loved ones. But they've talked far more openly in the last five years, or so, around the impact of that bereavement and the impact on their mental health than you would have seen if you looked back 10, 15, 20 years. And the big part of that is that public perception and that shift in attitudes in terms of the confidence that if you speak out, you will get the help that you need and people will look forward to help and support you.
And so, I suppose with all that context and that background, I suppose the big question is, from a protection industry perspective why is this important? It's massively important. One in four of us will affected by a mental health condition in any given year. And when we look at what see in our application forms, once you get past smoking and your BMI, it is the highest disclosed area. We've seen from our own data ranging between 15% to 20% of all applications have some form of mental health disclosure on there.
And also, when we look back at income protection claims and across AVI data, mental health bounces around there at the top of one of the most common causes of claims. In 2017, it was the most common. Historically, it's always been up there in the sort of top two, top three.
And these changing practices make it incredibly difficult for us to then consider how we wish to approach underwriting the risk. So, from our perspective, when you're looking at assessing the risk, one of the key sources of data is your past claims and past experience across a population. But equally, what you're seeing is a very significant change in the approach around interventions, around treatments, and around the prevalence of people willing to talk about it. But equally, they talk about where they are with mental health probably on cases that are far less extreme than historically would have been disclosed to a GP.
And so, the challenge when we then look at this is, are we seeing more disclosure errors and what's the impact on this and how we should be best make sure that our underwriting practices are fit for purpose?
If we start with sort of changes in population around mental health, what we see is over the last 25 years, or so, year by year a decline in the number of days lost through sickness. And if we kind of – we can't unpack this whether the sickness is due to mental health or due to physical health, but we can say that in that same period we know that the number of people talking about mental health when they're going to see GPs and that's getting treatment are continuing to rise. But equally, the impact, the severity of their condition is not to the same degree and to the same extreme as it has been historically.
And if you move on, we can also kind of look at the levels of suicide. And that is, ultimately, the risk that we are trying to consider when it comes to life cover for mental health, is that is somebody at a higher risk of, unfortunately, taking their life. And what we see is that over the same period we're seeing – other than a slight uptick last year – an ever-declining rate around suicide rates once we allow for changes in the age profile of the U.K.
But one of the things that is quite interesting at the same time is the CISR score. Now, this is a scoring system used by the medical profession that indicates whether a person has the current – it indicates the most severe symptoms (inaudible) that we'd want them to take intervention and medication. So, this is where you would be if you were scoring kind of upwards of 12, towards 18, is where medication and intervention is really required. And we are seeing an increase in that, but we are seeing at the same time reduced impact in terms of the ultimate poorer outcome around suicide.
And therefore, with that, around that perception piece, we've seen very recent events. So, the FA Cup final was a major piece where kind of the renaming of that to kind of heads up the FA Cup final, to see the association and the number of charities to help raise awareness and to get people talking about at an early stage to remove any remaining stigma that's there. And you can see from the data that the rates of ultimate impact is coming down. I suppose it does get us to challenge the question around why are insurers interested in mental health.
And so, when we look at this, what we see is there's quite a lot – and there's a lot of data on here, but actually there's a lot of co-risks that are correlated with mental health and we see a lot of kind of adverse behaviours with people with poor mental health. So, heavy smoking, substance abuse, you see higher levels of physical inactivity, and that we see levels of poor diet then coming through.
And equally, there's quite a large cross section of people who went into schools having a mental disorder, and a large proportion of them are also people who are suffering from a physical medical condition at the same time. And those comorbidities, those co-challenges, the relative risks that come along are then the ones that we need to be quite mindful for when we come to underwriting a risk. It's not just looking at the individual pieces; it's looking at it in the whole.
One of the challenges when we've gone through all of the working review over the last nine months, or so, within the underwriting strategy here has been to kind of understand what are people's views and identifying the link between suicidal thoughts and attempts and around then the subsequent people who then go forward and commit suicide and look at the population data that is within that. And a number of studies have looked at this, and it is a very difficult area upon which to underwrite accurately. And there are some areas where we can see identified triggers and we can see some areas where the risks are significantly increased, and they are the areas that we focus within underwriting.
But equally, a number of people may not have disclosed to a GP. They haven't talked about it yet. And therefore, being able to predict from those who distinguish between who will attempt and those who just consider the idea becomes very difficult. And as you'll be aware, on the majority of policies out there in the market one of the areas that prevent us in an underwriting aspect is to have a short-term policy exclusion for a early suicide, because that ability to predict or ask questions to understand those risks in the very short term become very difficult to do.
So, with all that in mind the team and I took away the challenge last year, at the end of last year, looking at our application question form, looking at the rules that sit behind that on our online systems, and also how we would approach the condition (inaudible) and where to hit a manual underwriter. And had a real good look at the application form and think about how we can change it.
And as you may have noticed over the last few months, you will have seen the changes come through in the way that what we come through in the application form. And on first glance, the changes between the old, on the left, and the new question it is that we look for further conditions, on the right, it doesn't look any different. But equally, what we worked on and are trying to look at in a great depth was, how do we word and phrase the questions to allow customers to feel comfortable talking about their condition? And a lot of the feedback that we got – and we'll come to that – kind of draws us in that direction.
And equally, one of the key items – and we'll come to it in a bit more detail later as we look through a couple of case studies – was allowing customers to tell their individual story, to give the opportunity for free text and to hear from that customer first-hand how their particular condition is impacting them and what they're doing to help themselves and the support that they have got.
So, if we move on, we'll see in terms of some of the old questions around looking for medication, historically what would happen is that if you were on medication the underwriting philosophy would treat that as a bad thing. And as we've worked with the charities and looked at a lot of the risks of people when they are on medication, actually the area that we are most worried about is where people don't have their condition under control. And if we weren't talking about mental health, but talking about, say, diabetes, we'd be having a very similar discussion. When it's a physical condition where you've got that under control, we would reward for that. And where it isn't under control, then that would be a case where we wouldn't; we would see a heightened risk. And it's no different. And that was a challenge the teams worked through, to consider this when it becomes down to a mental condition.
So, the revised questions that we now have then looks at, if you are on medication, has it increased or has it been changed in the last 12 months. If it's level, if it hasn't changed, we will not add any further review on that front.
And similarly, we've looked at use of drugs, attempted suicide. We've shortened the period upon which the risks are there and tried to kind of remove the word "suicide." It was something that became from a lot of customer feedback a word that we just really struggled with when it was on the application form.
And then when we talked about episodes and length of symptoms, what we were really clear to kind of understand is, what was your last experience and how much time have you taken off for any periods, as much as possible. And it's very difficult to remember everything that has happened in the last five years, and that's why we're kind of looking at the most recent aspects and trying to understand when that was.
And one of the further changes we made within the application journey is looking at some support and signposting and guidance as you go through that point in that particular area. So, we put some further text into the journey around indicating why providing your medical history, both about your physical and mental health, is incredibly important. We've also made some real signposting to our Scottish Widows care support service, which includes a telephony support around mental health for you and for your family.
And one of the things that we added in that was brand new was how do we capture what the customers are doing in terms of making positive lifestyle changes. So, when I talked about the wellness wheel earlier in the presentation, how do we reward customers who are got a regular fitness exercise, who are taking on new hobbies, new crafts new activity? And that allowed us to put in some free text boxes that would then end up looking an underwriter to look at and look at how we can reward somebody for that in terms of their overall underwriting outcome.
One of the things that we did as we were going through this – and we mentioned our partnership with Mental Health U.K. – was as we were walking through the old model, what it was that was new and what it was that they felt customers were saying about our journey and is there anything more that we could learn about that, and a lot of what we got back was that your questions are in the negative; they're almost framed, as such, that you are looking to catch somebody out. So, we made a real conscious effort on that front to move away from that and to get to a point where we were looking at making the conversation talk about your mental health in exactly the same ways we talk about your physical health, and that everybody knows it's on a spectrum. You have good days, you have bad days. And so, there's been a real change in the language that's in there.
Alongside that, we've looked at how we balance the evidence that we get. So, if we can't underwrite everything at point of sale, then when we do require an underwriter to look at a case, what's the best way of approaching that? And so, historically, you would send out a questionnaire that has some very black-and-white questions, or we might ask a GP's report or ask for a specialist report.
But what we found from the feedback from the charities and from feedback from the advisors and as we've been working in this area for a good while now, the key point was actually listening to that story. So, what we've done, as well as making amends to the rules and the outcomes that we get from the underwriting journey online, we made a real push with our underwriters and the operations team to make sure that they are picking up the phone and having a conversation with the customer to help understand their story, their situation, and with that, be able to make sure we've got the right rewards for customers as they go through.
And alongside and why is this so important, it's so important to make sure that people don't see that having a mental health condition will prevent them from being able to get cover. And one of the things that we've been very transparent on and have talked to the markets a lot and to the broader Access to Insurance working group that is working across the industry is about being able to demonstrate that the vast majority of people are offered cover. As the slide shows, 96% of people will get life cover, and about 80% of that does so at standard rates.
So, a big part and a big plea from us is to encourage people to disclose. Trust that we will do the right thing. I hope that the changes that we're going to put through make it very clear that we are approaching this in a way that encourages people to talk to us and to give us full disclosure. We will treat it in the right way, and we'll reward the people who are taking the right positive steps to improve their mental health, which is all in keeping with the work that the Access to Insurance group and the EVI are focusing on around accessibility, improving the process in the same posting, and being very transparent around the approach.
And to try and bring that together, I thought I'd kind of talk through a couple of case studies. So, the first one is relatively straightforward. A female, aged 24, was diagnosed with depression by their GP four years ago. Hadn't had any time off work. And their last symptoms were over a year ago, and they were on medication but they hadn't had any change to it. And under our old philosophy, we would have been offering standard terms for life and CI. But what you would have got when you define for CI with TPD, total permanent disability, is you would have had a mental health exclusion. And when we've now worked that through and understood that that medication is stable, has reached a level of control, and behind the scenes in the journey we actively have a complication (inaudible) the number of risk factors that have been identified through the journey. So, historically, that would have triggered a further complication count.
With the new journey, with the rewarding of people who are actually taking medication but have it under control, that complication count would come down. And therefore, the decision now under the new philosophy is you would get standard grids for life, CI, and for TPD.
If we jump on to the second case study, what we have now is a male, aged 35, and suffers from anxiety and depression that was diagnosed three years ago, and has been treated by a psychiatrist. They've had 35 days off work in the last five years. They have started on medication, but have had no change to it. The last symptoms, eight months ago, and no episodes of self-harm. And they also participate in group therapy. They've increased their exercise levels and they've done a lot of work to improve their diet.
And historically, again this would have attracted a plus-50 action mortality rating on a life decision and for a CI case it would have ended up with standard rates, and again you would have had a mental health exclusion on the TPD. Now, in this scenario, again with the improved position that we've taken around medication, if there is no change in the last 12 months, now that doesn't count against you as an additional risk factor. And equally, that further sort of balance of positive around participating in group therapy, increasing exercise, and improving diet now means that the new decisions that would come through would be standard rates for life and for CI. Because there are current symptoms, we would still look at applying a mental health exclusion on TPD. And given where we were only eight months ago, it is still a very much improved life decision, as we see coming through.
As I move along from the case studies and I think, to some extent, I've probably done reasonably well to not mention COVID-19 so far as we've gone through, but I think it would be foolish to kind of ignore it as we walk through this; in particular, the interactivity between the physical condition and what it could potentially do to your mortality. And as you know very much, there's lots of information out there around the impact of COVID-19.
Balancing it with that co-risk of mental health, it has been an incredibly stressful time where there have been direct health fears and fear from the whole population, from those that have, like, a shield or are more vulnerable, but equally from the additional stressors that it has and that apply to all of us. We're all finding a balance at home and at work. And there are a lot of us who are working from home, and it has been quite – very much different. And I know personally for me the joy of being able to be around your family and the kids, it's a positive; equally, the fact that they're back to school now here in Scotland means they haven't come busting in at any point over this presentation and shouting and screaming and trying to knock lumps out of each other. And so, it does raise that level of stress and anxiety that sits around the population, and it does – we are seeing mental distress rising into lockdown, rather than kind of pre lockdown.
From our position it is our role as an insurer to look at we can manage the future. It is an unknown. We are being very mindful in monitoring the position here and the toll that it takes. We know we can – we have been very resilient so far through all of the aspects here, and we feel that we have the wider support services that sit across our propositions to help customers who are in situations, whether it be financial stress or whether it would be mental stress, anxiety around the impact of COVID, that we aren't looking at changing anything in this case around the additional mental health risks, but we are very mindful of the impact we could see as this goes forward.
So, that covers the main piece. I think probably the key bit for me to kind of take away for everybody across that is that mental health and poor mental health has been as prevalent for as long as good mental health, as well as it's been there for physical health. It is a spectrum, as we think about it, in the same way as we do about physical health. There are good days, there are bad days. There are people who are super fit, and there are people who unfortunately have to suffer some quite horrible physical illnesses and diseases. It is exactly the same with mental health.
It is also not something that you put kind of in a box on one side, and it's independent to your physical health. There is huge interplay between the two areas. And as you've seen earlier in the session, our new focus on covering good physical health can also really benefit you in having great mental health, as well.
Treatments have varied significantly from, as I say, back in medieval times of boring holes to remove the demons from skulls, to the much wider holistic model that we now have in place that is focusing on your whole self and not just medication or medical intervention.
We've seen huge increase in public awareness and acceptance that mental health is a condition like every other health condition, and that has really helped kind of allow people to talk about this. We do see a higher prevalence come through from GP records, from data that sit there. But the average impact is significantly reducing.
We do find there aren't a very consistent evidence base to assess the risk. And therefore, what we've done when we've assessed how we want to approach underwriting is look at the key factors, look at the key triggers that are real long-term risks, and look at how we from an underwriting perspective can make sure we are rewarding people who are doing the best they can to control the risks that they've got.
And I suppose that one of the big key takeaways we're really keen for you to make sure gets out there much wider into the market is that it's a lot easier to get protection even with a poor history of mental health than you might think, given the level of cover we can offer, and that we are at Scottish Widows Protect adopting a far more sympathetic approach, absolutely avoiding underwriting, aware of the uncertainty that is there in the market, but doing what we can to make sure for those and for everyone who's looking out and trying to help themselves we are trying to make sure we help you with our underwriting experience, as well.
And that's where I'll finish just now, and I'll hand back over to Carol Anne, who will take us through the Q&A session.
Carol Anne Mitchell: Thanks, Scott, and thanks for that presentation. Really interesting points and thought-provoking conversation I think.
We've had a lot of questions coming through. We did say at the beginning that we wouldn't identify any personal or client-specific questions, but I can certainly summarize some of the questions that we have there. I've picked out some general kind of questions, and I think we have covered off a few of them. But what (inaudible) if we don't get all the questions answered in the time that we have, we will issue a PDF at the end with any questions that we don't get covered. And we have also been asked if we will issue CPD certificates, and we will issue CPD certificates after the presentation, as well.
One of the common questions that's come through – but I do think that you have covered this off towards the end of the presentation there – was just the impact of COVID affecting our underwriting decisions. I don't know if you've got anything more to add to it or if you feel that you've covered enough on the COVID piece there.
Scott Cadger: So, in terms of COVID, it is a shock event and it is a shock event to the whole population at large rather than, say, a local shock event. A couple of examples earlier in the session was around individual bereavements that impact the family and immediate people around that, but it's not a national or international piece.
To some extent, the fact that it is national and we're all going through this together helps I know, and people have been, I would say – and this is probably a personal experience, but I've seen it observed right across both my organisation, but right across peer groups, friends, etc. – people are far more mindful now to support and look at and reach out to others.
And therefore, it's still early days from an underwriting perspective. We're not looking at changing philosophy, and we will continue to approach mental health based on people taking particular treatments, what they're doing to help support themselves, and what they're doing to help improve their mental health if they are struggling at any particular point. And it is always the case that we can come back and review further down the line when somebody – if their condition improves, as well.
But yes, that would – I think the fact that people are looking out to support each other, my personal view is that the direct impact will be – it's not going to be at the severe end where we would be looking at excluding or removing people from the underwriting flow. I think we've got a very balanced position, and we look to maintain that as we go forward.
Carol Anne Mitchell: Okay. Thanks for that. Another question that's come through is how would decreasing medication apply? Would we see that as a positive in our underwriting?
Scott Cadger: Absolutely. So, as we see people coming off medication and we can see the kind of broader track record of why it's been reduced, we absolutely – that would contribute and reduce the level of complications, the counts that we talk about within our rule system, which would then result in more positive decisions for the customer.
Carol Anne Mitchell: Okay. And someone has asked a question specifically about the last case study. Do you ever apply temporary exclusion?
Scott Cadger: Yes, we have the capability to apply temporary exclusions when we know it's a specific, whether it's mental health or a physical condition, but it has a shortened period. As it they are relatively rare, but we have the capacity to do so. And we usually find that they are more permanent. And particularly with mental health, we know it does need to be looked at on a case-by-case basis. There can be some shock events or traumatic acute events that can trigger a particular episode. We need to be able to distinguish them from an ongoing chronic condition that needs ongoing support and management.
But yes, we can apply temporary when necessary.
Carol Anne Mitchell: Okay. Great. One question that we've had – and you touched on sort of talking therapies, alternative therapies, arts, and creative therapies, and it is obviously difficult when historic data is of less relevance when it's maybe look at data on morbidity or people's health and mortality data – are we going to take some of the data, potentially, from alternative sources like that, that we can apply to underwriting strategies, going forward?
Scott Cadger: So, as part of the review that we looked at here, we looked at not just hospital and GP incidence rates, but we also looked at the treatment methods that were there and how we could best reward people for it. So, we look at the broader data. We did want to try and capture the levels of activity. We felt this (inaudible) of allowing for kind of free text for allowing a customer to explain their particular treatment, the particular approach, and then if we need to have a further conversation with them, having our underwriters to contact and talk to them in detail was probably the right first step, rather than designing outcomes that almost predict what you should be doing.
So, if we were to put something out there that says if you're doing "x" number of steps more than you were previously doing you'd get a better outcome, that might work for one individual but it may not be right for another. And therefore, we need to be really careful that we let the data build up and capture that, but actually let customers tell their stories, because it will be different for everybody. And therefore, we've got to just make sure that we get the right overall outcomes for customers there.
Carol Anne Mitchell: Okay. Thank you. Another thing that comes through on a few – I'll maybe finish on this one as a summary and we can answer the rest of them in a Q&A because there are quite a few questions coming through that we may not be able to answer them all – but as a summary one, we've been asked a few times if a client's condition becomes less severe over a period of time can we review the existing policy or would they need to reapply (inaudible) or do they need to reapply?
Scott Cadger: It is one – we will take each case on its merits. So, I think we have the capacity to look at reviewing cases. And is not something that we do on a sort of regular basis, but it is something that we're incredibly keen that we'll look at how we can evolve that. We need to get mindful around what else has happened within that individual's life at that point. So, perhaps they may have reduced medication. Has all of the other remedies kind of improved and has their health changed significantly? And that, therefore, becomes the harder bit between applying brand new and just removing the exclusion or looking at how we can come to an appropriate risk assessment without having to go back through the new business process. It is something that we're looking to develop further on. If we've got some very clear evidence, then we can look at how we can review that condition and review the terms that are on offer.
And we do so – we approach that with smoking, which is probably the current, the most relevant one, where people do or can see a material and ongoing change in their smoking position. We would then to make that change and we would look where we can to remove any further exclusions.
I think the key point to kind of refer to and kind of remind ourselves under this ability is that the vast majority of customers are still getting standard terms even when they disclose through the journey. And I know the two case studies kind of picked up almost the outliers, where we don't have standard rates decisions. But it is worth bearing in mind that the vast majority of people will still end up with standard rates if they go through the (inaudible) and through their disclosures.
Carol Anne Mitchell: Okay. I've actually looked just to clear a few more questions coming in as we're speaking, I'll maybe just take another few questions, because quite a few more have actually just been coming through as we've been speaking and we still do have a few minutes. So, I will just go through on them.
And maybe one of the points that would answer one of the questions coming through here is just (inaudible) to use the pre-underwriting therapists if they have a client who they are concerned about from the point of view of they may think that they've got mental health issue or condition that maybe wouldn't be strictly a process case. Because obviously, we talked about the percentage of cases that were offered standard terms. So, I think it's probably a good point to remind people that we do have the pre-sales process and to let (inaudible) speak with an underwriter if they are concerned about the client details and they can give us more information than would be answered on the actual questions itself.
One other one, as well, is just a reminder around the additional services and the Radark (ph) and the fact that Radark doesn't exclude clients who have pre-existing mental health conditions, where the Radark information service doesn't exclude people from pre-existing mental health conditions. So, I think that's an important one. Again it's coming up as a generic question to remind the people that the Radark therapist is there and doesn't exclude people from that.
There is one other one that's coming through, asking if there's an additional risk factor if a client had a previous drug abuse relating to mental health issues, but is now fully engaging in meetings and treatments. Would that be treated differently or separately?
Scott Cadger: As I say, we focused on this session around kind of that individual aspect of looking at how mental health operates within the mental health disclosures, rather than the broader sort of wrap rules that we kind of set and then we can look at all of the relevant disclosures and look at the interactivity between the two.
Again, if we've had people in that situation where they have been with previous drug abuse but we can see a clear link and we can see clear remedies, then we would be looking at how we can, as I say, come to the right decision that looks at the ongoing risk that's relative, rather than just saying that this has happened in the past, therefore we expect it to happen again in the future.
We would – obviously, with cases like that, that are more complex, they are likely to land more with an underwriter who would then want to work with the advisor and the customer to truly understand the situation. And as Carol Anne mentioned, both at the application stage but, equally, at that pre-application stage, the team are really keen to understand as much about the individual case that is going through so that we can make sure that we give as clear and as direct a set of outcomes that would then help you consider whether to come our way or other lines. And the more data we've got even at that stage we'd then go to look at it right through the whole journey, not just look at individual condition and disclosure.
So, I know that's not an exact answer. We'd look at how we could, as I say, much of the word is "reward," but take credit for the fact that they were engaging in treatment, and then the appropriate meetings, and are kind of engaging with that. We'd obviously have to understand (inaudible) skills, etc., as well. But it is something we would make sure we are giving the appropriate credit, but also considering the broader risks.
Carol Anne Mitchell: Okay. Thank you. And another question that's just popped up, will the (inaudible) have any influence on the underwriting decisions taken? I don't know if you'd just want to touch on the underwriting limit.
Scott Cadger: So, with any case, whether it's physical or mental aspects of the underwriting form, we have a pre-agreed set of non-medical events that we view as being competitive there within the market. We don't have any additional triggers beyond that from a mental health perspective that is specific. We would wave through smaller cases but kind of challenge the kind of middle cases. We look at it in the round and where we require further medical information because of the non-medical limits or whether it is for broader financial reasons. Ones there, there's sort of very high value cases. And we treat all conditions equally on that front.
Carol Anne Mitchell: Okay. Great. Thanks, Scott.
I think, on that, we will summarize everything. We've got quite a lot of questions here. A lot of them are thematic. As I said at the beginning, we will sift through all of them, and we'll create a document and make sure we answer the questions that have come through. And we can get that published, as well as a recording of the session for anybody who has any colleagues who haven't managed to dial in today.
We'd like to thank you all for your time today and for dialling in. We hope you did find it to be informative. I know I always learn things at these expert sessions. Everyone that was done, I have certainly learned something.
There will be a short feedback questionnaire when you exit the webinar this afternoon, and we'd be really grateful if you would take a couple of minutes just to fill in that questionnaire. It really does help us shape future events. It helps us understand what has been successful from your own perspective. So, we would really appreciate it if you would take a couple of minutes now to fill that in when you exit the webinar.
So, I would just like to thank you once again for your time this afternoon, and enjoy the rest of your day. Thank you.