Who: The Information Commissioner’s Office (ICO) and CPS Advisory Limited (CPS)
Where: United Kingdom
When: 10 September 2020
Law stated as at: 25 September 2020
What happened:
The ICO has fined CPS £130,000 for making more than 100,000 direct marketing calls about pensions to members of the public without lawful authority.
In an attempt to regulate who can make calls about pensions and reduce the number of people falling victim to pensions scams, the Privacy and Electronic Communications Regulations (2003) (PECR) was amended by the Privacy and Electronic Communications (Amendment) (No. 2) Regulations 2018 on 9 January 2019.
Under the new Regulation 21(B) PECR, companies must not use a public electronic communications service to make unsolicited calls to people about their occupational or personal pensions, except where the caller is authorised by the Financial Conduct Authority (FCA) or is a trustee or manager of an occupational or personal pension scheme, and the recipient of the call consents to the calls or has an existing relationship with the caller. The ban on unsolicited cold-calling also extends to communications to members of the public by email and text message.
Under the PECR, the ICO has the power to issue fines of up to £500,000 to firms that do not comply with the rules.
Between 11 January 2019 and 30 April 2019, CPS made 106,987 unsolicited, direct marketing calls to members of the public in relation to occupational or personal pension schemes. The ICO found that CPS did not comply with the PECR conditions in relation to any of these calls and issued CPS with a fine of £130,000.
CPS attempted to defend its position by arguing that, because the firm was an Introducer Appointed Representative (IAR) under the Financial Services and Markets Act 2000 (FSMA) during some of the relevant period, the firm was entitled to engage in the calls. However, the ICO confirmed in response that, because IARs are not “authorised persons” under section 31(1) FSMA and CPS was not a trustee or manager of an occupation or personal scheme, it was unlawful for CPS to make direct marketing calls in relation to pension schemes.
The ICO further clarified that, even if CPS was an authorised person, or a trustee or manager of an occupation or personal scheme, CPS did not have the consent of the individuals that it called and there was no evidence of an existing customer relationship with those individuals. The calls were therefore made without lawful authority.
Within its reasoning for awarding a fine, the ICO commented on the “high levels of financial detriment and/or emotional distress” that pension calls can lead to, as well as the “significant public and parliamentary concern” towards the practice of making unsolicited, direct marketing calls in relation to pension schemes. The commissioner further noted that ignorance of the law is no excuse for companies and that the issue of a monetary penalty “is an opportunity to reinforce the need for businesses to ensure that they meet the strict criteria to engage in such activities and are only telephoning customers who want to receive those calls.”
Why this matters:
The enforcement action taken by the ICO emphasises the need for pension professionals and other financial advisors to ensure that they understand and comply with the terms of PECR (as amended by the Privacy and Electronic Communications (Amendment) (No. 2) Regulations 2018). The issuing of such a large fine acts as a clear warning to other companies that pensions cold-calling without the necessary authority is unacceptable and the ICO will pursue and hold to account those who are flouting the rules.
