House of Commons (23) - Commons Chamber (11) / Written Statements (6) / Westminster Hall (2) / Ministerial Corrections (2) / General Committees (2)
House of Lords (11) - Lords Chamber (8) / Grand Committee (3)
(10 months, 3 weeks ago)
General CommitteesI beg to move,
That the Cttee has considered the draft Financial Services and Markets Act 2000 (Regulated Activities) (Amendment) Order 2024.
This instrument makes an update to financial services legislation to make operating a pension dashboard service a Financial Conduct Authority-regulated activity. Let me begin by saying that the Government have long held the ambition of delivering pension dashboard services to the public. It is very important that individuals can easily access and view data about their pension savings in one place and at their convenience. Executed well, pension dashboards can deliver significant benefits to consumers, providing better access to information about their pensions held in different schemes. These days, people often have many different schemes.
The instrument will bring a step change in how people engage with their pension savings and will finally allow people to have a full picture of those savings. Equipped with that information, individuals will be better able to plan for their retirement, seek financial advice and guidance, find lost pension pots and make informed decisions. The Government are supporting the development of the digital architecture needed to make pension dashboards a reality, as well as facilitating the development of a Government-backed pension dash-board by the Money and Pensions Service. We have also supported the development of multiple private sector pension dashboards. Different individuals will have different needs, and this will ensure that a wider range of platforms exist to suit such needs.
However, we are clear that this multiplicity of providers can only take place with a suitable and robust regulatory framework, recognising that consumers using pension dashboards could be vulnerable to unfair potential harms. During the passage of the Pension Schemes Act 2021, the Government committed to bringing the operation of a pension dashboard service within FCA regulation. This order amends the regulatory perimeter to make operating a pension dashboard service that connects to the Money and Pensions Service’s digital architecture a regulated activity. Once in force, it will mean that anybody choosing to operate a pension dashboard will need to be authorised and regulated by the FCA.
This new legislation refers to a lot of personal data about individuals’ pensions, and the Government have suggested that commercial bodies will also be involved. Can the Minister give guarantees about the protection of the data of individuals concerned?
I thank the hon. Gentleman for his point. The whole Committee knows of his strong commitment not only to those in his constituency but those across the country when it comes to protecting people from unfair potential harms. He has illustrated that commitment with his question. I would say two things in response. First, the reason we are making this a regulated activity is precisely to protect individuals, whether it is their data or protecting them from being open to potential scams or anything else. That is why under the regulated activity the FCA will be watching anybody who operates a pension dashboard service. Secondly, the reason we are not just having one Government dashboard service but a multiplicity of private providers is that different people will want different things, and different institutions will operate in different ways. It is important to ensure that we have the right competition, but that competition needs to be underpinned by safety and security. That is why this is being made a regulated activity.
Firms that are authorised by the FCA and are granted permission to undertake the new regulated activity will have to follow the rules set by the FCA. As hon. Members may be aware, the FCA consulted on rules for pension dashboards last year. We will continue to work with the FCA as it develops its response. In conclusion, this instrument delivers an important change to ensure that appropriate consumer protections are in place while progressing our ambitions for pension dashboards. I hope the Committee will join me in supporting this measure, which I commend to the House.
It is a pleasure to serve under you, Mr Twigg. I support the order, which designates the operation of a pensions dashboard as a regulated service; it must therefore be regulated by the FCA. The Opposition support any initiative that helps people to manage their finances and save for later life. The changes being debated are long overdue. Even though I support them, the Minister will not be surprised to know that I have some questions. International evidence and the DWP’s own impact assessment show that to reach their potential to help millions of people, dashboards must be incorporated into services that people already use, so how will the Government encourage firms to come forward to offer dashboards and ensure that they are regulated safely? When will the FCA publish its final rules? Does it expect commercial dashboards and the Money and Pension Service’s dashboard to be available at the same time?
Pension dashboards have already faced delays, as the Minister will know, and the Association of British Insurers has warned that the industry needs confidence that the existing timetable will stick to ensure effective delivery of this initiative. To what extent will pension dashboards rely on other parts of the Government? For example, will they rely on the Government’s One Login service and how will that affect the market for pension dashboards?
Some dashboards will present other financial data alongside pensions. That is one of the main benefits to consumers: to see all their finances in one place. As such, this statutory instrument is relevant to the Data Protection and Digital Information Bill as the smart data proposals in the Bill will enable the Government to create a framework for open finance and the digital verification proposals will make it easier for consumers to prove who they are online. Could the Minister reassure me that these related initiatives will not be considered in isolation and that he will take a holistic view of the legislation?
I will also support the order, but I too have some questions. Too often in the pensions field, we have seen the Government and the regulators act in two ways. I doubt that any of us are without constituents who have been affected by scandals such as those at London Capital & Finance, the Atomic Energy Authority pension scheme and the British Steel pension scheme—the list goes on and on. There cannot be any doubt that the way in which the Government moved in the mid-2000s and the 2010s made it easier for people to do different things with their pensions. That is how they saw it. It also made it far too easy for people to get caught out and scammed out of their pensions. The risks were not properly thought through at the time and, to a large extent, we are still playing catch up.
The victims of some of the schemes that I mentioned still have not got the money back, and some of them never will. Could the Minister give more detail on what specific criteria applicants will need to satisfy in order to be allowed to operate a pension dashboard, and what follow-up action will there be? How will we make sure either the Government or the Financial Conduct Authority will be able to make sure that a business that met the criteria at the start continues to meet it after two years, three years, five years and so on?
I want to reiterate some of the issues raised by the hon. Member for Wansbeck about security standards, particularly for information security. This is clearly going to be an area of interest to the Information Commissioner’s Office because it is responsible for the protection of personal data in any circumstances. It concerns me when a legal regulatory responsibility is split between two regulators, especially when one of those regulators is the FCA. Too often we have seen catastrophes that could have been prevented were it not for the fact that the Financial Conduct Authority thought it was somebody else’s job to regulate and somebody else thought it was the FCA’s job. Can the Minister give a bit more detail about where precisely the regulatory boundary will lie between the Financial Conduct Authority and the Information Commissioner’s Office? How will he make sure that, if there is a problem with where that boundary lies, it will mean that two people try to intervene rather than them both standing back and assuming that it is other person’s responsibility?
Assuming that the data on someone’s dashboard will have to have come from, for example, the Money and Pensions Service, and that that service will have to have brought information about somebody’s state pension, possibly indirectly, from the Department for Work and Pensions, what will the Minister do to make sure that the people who hold the initial information—such as the DWP or the Money and Pensions Service—are not legally permitted to share that data with anyone until after the registration has been fully cleared? What will he do to ensure that they stop providing that information immediately if, for any reason, the registration comes into doubt?
It is one thing to say that firms will not be allowed to operate these systems if they are not registered, but we should also surely say that those who provide information into a system and who provide access to electronic means of exchanging information have a responsibility as well. If the Money and Pensions Service has authorisation to hold somebody’s personal data, surely it can only release that information with the service user’s explicit permission, and it should not be allowed to do that until after it has been approved by the Financial Conduct Authority.
Finally, will there be any restrictions on the operators of a dashboard using the information that will be held there for any other purposes? Will they be allowed to use that information to provide helpful advice—as they would see it—to push their own products? Will they be allowed to suggest to somebody, “I see you’re getting a pension from so and so—have you thought about shifting it to somewhere else? Because you would do better out of that.”
There is a very grey area between the provision of information and the provision of pension advice. Again, far too many people have been caught out because they were given what they thought was independent advice, but what was actually a sales pitch for particular pension schemes. Could the Minister please explain what steps are contained either within this order, or elsewhere, to make sure that the benefits of the pension dashboards, which I agree could be very significant for the pension holder, will not be tempered, or even undone completely, by placing the holder at greater risk of suffering the fate that far too many of my, and all our constituents, have already suffered? They put their pensions somewhere they thought was safe, but when the time came to collect those pensions, they discovered that they had disappeared.
A lot of interesting points have been made, and I will address those made by the hon. Member for Hampstead and Kilburn, who raised the broader policy agenda around open banking. In response to her question about whether I will take a holistic view, the answer is yes. It is important to see all of these things in one picture, and I am doing a lot of work with the industry on that.
However, it is important to see that there are fundamental differences between the goals of open banking and pension dashboards—and this also addresses some of the points made by the hon. Member for Glenrothes. Open banking seeks to enable data sharing and increased competition and innovation in the banking market, whereas pension dashboards will help increase consumer awareness and understanding of their pensions. Therefore, in terms of what the purpose of those services are, we are talking about a difference between producers and consumers. One of the key differences is that it would be very unusual for somebody not to know the provider of their bank account, whereas we know that people have lost track of their pensions—often because they have so many different pots.
On the hon. Lady’s question about whether pension dashboards will use the Government’s One Login service, the short answer is that I do not know, but I am happy to write to her on that. I confess that I will have to check that myself, and I thank her for that question. On the hon. Lady’s question about timing, this SI is the beginning of the process whereby, as soon as possible, we will make sure that the architecture is developed safely.
That takes me on to not just the hon. Lady’s point, but also the point made by hon. Member for Glenrothes about minimising the risk of people losing their data. It is important for the Committee to know that no data is stored on pension dashboards. As a result, it is not possible to mass-harvest individuals’ data via dashboards technology. As for the Money and Pensions Service, security standards are designed to ensure that the ecosystem interface of qualifying pension dashboards meet the appropriate level—
I appreciate the Minister’s reassurances, but he will be aware that it was not possible for anybody at Fujitsu to mess about with the information held on Horizon until somebody discovered that it was possible. Without going into too much detail, at what level of expertise and at what level of independence from the whole project are the assurances of IT security being tested?
The hon. Gentleman asks at what level. In terms of the Money and Pensions Service, it is the National Cyber Security Centre that is advising specifically on these. I am happy to talk to him about it in future weeks and months, but that is the level of seriousness with which we take this issue.
When it comes to other private sector providers, as we talked about at the beginning of the debate, the FCA will determine at which point they are able to connect to the technical architecture. There are various dependencies, including the time required for them to familiarise themselves with the rules, when the architecture is ready and various other things, but the FCA will determine that. Why? I go back to the whole purpose of this statutory instrument: the FCA will make sure that this is a regulated activity to address the concerns of the Committee and others, because it is very important, as we all agree.
The SI introduces an important addition to the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 to ensure that pension dashboard operators are appropriately regulated and that consumers are protected. I am glad that there appears to be broad support from the Committee for the aims of the order. I thank Committee members for this debate, which I hope they have found informative, and I hope that they will join me in supporting this secondary legislation.
Question put and agreed to.
(10 months, 3 weeks ago)
General CommitteesI beg to move,
That the Committee has considered the Civil Procedure (Amendment No. 4) Rules 2023 (S.I., 2023, No. 1397).
It is a great pleasure to serve under your chairmanship today, Mrs Cummins. I welcome the hon. Member for Merthyr Tydfil and Rhymney—it is good to see Whips taking their rightful place.
This statutory instrument amends the Civil Procedure Rules 1998, known as the CPRs, to provide a closed material procedure for court proceedings relating to prevention and investigation measures. I will refer to these as STPIMs—state threats prevention and investigation measures—to distinguish them from terrorism prevention and investigation measures, which are known as TPIMs.
STPIMs are new measures established under provisions in part 2 of the National Security Act 2023 that closely replicate the provisions for TPIMs in the Terrorism Prevention and Investigation Measures Act 2011. STPIMs provide a suite of restrictive measures that can be used, where necessary and proportionate, to prevent, restrict and disrupt an individual’s further involvement in state threats activity, where prosecution and other disruptive actions are not possible. STPIMs will be used sparingly and as a measure of last resort to mitigate the immediate threat an individual poses while they continue to be investigated by the authorities.
STPIMs require specific procedural provision in order to be workable. This statutory instrument, while not establishing STPIMs, makes that procedural provision to enable their operation. The imposition of STPIMs requires the permission and review of the court and contains a procedure for appeal by the STPIM subject. This statutory instrument amends the Civil Procedure Rules 1998 to provide the court with a bespoke closed material procedure for proceedings relating to STPIMs.
My hon. Friend says that there would need to be court approval. What level of court would it be, and will there be any ministerial approval required, or is it just the court?
My understanding is that this would require High Court approval. There is a review mechanism by the subject, subject to the purview of the Home Office, but it does not involve the Secretary of State for Justice.
The procedure includes, in particular, for applications by the Secretary of State for permission to impose measures, directions for a review hearing after the imposition of the STPIM and appeal against the imposition of the measure itself, or any other determination in connection with the STPIM. Both the review hearing and any appeal hearing will be determined on judicial review principles.
These cases will inevitably involve sensitive material. This instrument therefore sets out a procedure to enable the sensitive material to be relied on by the Government, and the evidence against the STPIM subject, to be tested by the court, but through a closed procedure that will ensure that it can be adequately protected in the public interest. This rule change is effected by amending part 80 of the CPRs, which contain rules relating to TPIM proceedings, so that the rules cover the equivalent STPIM proceedings.
In conclusion, the Government have publicly committed to provide operational partners with the tools needed to combat state threats. STPIMs are important measures within this toolkit, and this instrument is vital in ensuring that STPIMs are a usable tool that can be fully defended and justified in our courts through both open and closed proceedings. Given the sensitivity of the evidence, which will be a key component in why an individual cannot be prosecuted and why the use of an STPIM is necessary, it would fundamentally undermine the scheme if closed proceedings—where sensitive intelligence and national security arguments can be made—were not available. I hope colleagues will agree.
It is a pleasure to serve under your chairmanship this evening, Mrs Cummins—I do not believe it will be necessary to detain you for long. Apologies that my hon. Friend the Member for Stockton North could not be here.
I am grateful to the Minister for outlining the purpose of the SI. As he said, it amends the Civil Procedures Rules 1998 and includes provision for a closed material procedure for core proceedings relating to STPIMs, which were established under the National Security Act 2023. Our first duty in this place is to ensure that we keep our people across the country safe. The measures proposed today assist with that by ensuring that the law is amended appropriately to facilitate proceedings undertaken in relation to the 2023 measures relating to states as well as individuals.
The National Security Act provides a major update in legislation to counter state threats. Before it was passed, there was no available measure tailored to the specific terrorist threats posed by foreign state activity, and TPIMs were available only in relation to individuals. It is therefore clear that, without the measures in this SI, the purpose of the changes to the National Security Act would not be achieved.
The instrument also relates to High Court STPIM procedures and the use of closed material—material the disclosure of which it is believed would be contrary to the national interest. Just as there has to be caution in the use of the power relating to both TPIMs and STPIMs, there must be caution around withholding information that may be in the public interest. I note that the Secretary of State is required to disclose all the material that is relevant to proceedings but, with the permission of the court, may withhold closed material from the individual, although such material must be disclosed to the court and the special advocate.
We must be nervous about any action in this area that could prejudice a fair trial, which the Minister touched on. How will the Government ensure that we do not get into that situation, and is there any provision to avoid that? The explanatory memorandum outlines the procedure for the imposition of an STPIM notice, the need for a directions hearing and for a substantive review, and appeal arrangements. Is the Minister content that the courts have the necessary powers to ensure that the Secretary of State deals with these notices in the most appropriate and transparent way possible, given the likely need for some information to be withheld?
Overall, we are content that the measures before us are necessary in the national interest. For that reason, we will not oppose them.
Let me touch on a couple of points. First, yes, we are content that the Secretary of State has the relevant powers to ensure that these measures are used correctly, and those involved also have an appeal mechanism to ensure that they are being applied correctly.
One reason why the closed material procedure is required is that, while we all appreciate the need for transparency and for justice to be seen to be done, putting sensitive information into the public domain would disclose the sources of that information, which could put people at risk and might also create a flight risk. Another reason is that, sometimes, the Security Service may wish the person operating on behalf of a state actor to continue their activity while they can be monitored, and disclosing information might cause that activity to cease while the security services are undertaking that work. That is why, on balance, we think these measures are a necessary step to ensure that our national security needs are met and that justice is met.
Question put and agreed to.