Standards for all: Delivering good outcomes regardless of size: Part 2: Assurance

Download a PDF of this here.


Without assurance measures in place, firms cannot be confident that they are treating their customers fairly and delivering good outcomes. As a firm providing regulated financial services, it is more than likely that assurance is currently being carried out on a daily basis. However, it is important to consider the effectiveness and validity of that assurance. By looking critically at how assurance is conducted within your firm, it should be possible to increase the value of the assurance currently in place, identify any gaps that need resolving, and continually develop your approach to deliver better outcomes.

This piece on assurance is the second part of our insight series, Standards for All, and it aims to give practical examples for firms to use when reviewing their approach. The first part of the series looked at governance, the last in the series will focus on training. This series aims to make two key points. Firstly, that registration to the Standards and Codes[1] the LSB oversee is designed for any applicable firm keen to implement best practice and deliver better customer outcomes. Secondly, registration and compliance with those Standards and Codes can be achieved regardless of size or the resources available.

Assurance – practical considerations for firms

There are several important factors to consider when it comes to assurance measures. Below we look at the role of quality assurance (QA), including the importance of having targeted assurance, how to improve consistency across QA, how to train assessors, and how to provide feedback and follow up on actions. The piece then looks at how second line monitoring and customer journey reviews can be used to further assure the work done on the first line. By taking these steps into account, firms should be able to review their own approach to assurance and consider whether there are areas for development or improvement.

Quality assurance

QA checks are an integral part of ensuring that the first line is acting in line with the policies, processes, and service levels expected by the business. The concept of QA checks is nothing new, and it is extremely likely that they are already conducted at any firm reading this piece. However, the quality of the QA checks themselves, along with the design of how they are implemented, will greatly affect their impact. By ensuring that QA checks are targeted at the right areas, regularly completed, consistent, and responsive, firms can improve both how they conduct assurance and deliver outcomes.

Targeted assurance

QA checks should be regularly completed across the customer journey to mitigate the risk of bad outcomes. To do this, firms should look critically at the journey and think about where the risk areas are for the firm and where QA checks are likely to add the most value. For example, if a firm has a Collections & Recoveries function, it is likely to have several customer interaction points that could be critical to how a customer in financial difficulties is treated. This would be an important area to have regular checks, to mitigate and manage any risk of bad outcomes. This is opposed to, for example, a query line dealing with log-in issues for online accounts. Although QA in this area is warranted to ensure good service, the risk of bad outcomes is less than in the collections space. QA should therefore be split accordingly, to make sure resources are targeted at the higher risk areas. This means having more frequent checks and keeping a close eye on diagnosing and fixing any issues on the first line.


Consistency of QA checks means ensuring that the standard expected of each check and how they are conducted are the same across the firm. To do this, firms must decide what each QA review is checking for and what ‘good looks like’ when assessing it. Sometimes, this can be simple, for example, when looking at a process and checking whether it was completed or not. These ‘yes or no’ checks leave little room for misinterpretation.

However, when QA looks at more intangible elements of the journey, or where an element of judgement is required, there is a greater risk of inconsistent outcomes. A clear example is when completing QA checks on the soft skills of advisors when assessing customer contacts. It is very important that customers are treated empathetically and that they are given the opportunity to explain any issues or challenges they may have. This is especially the case when dealing with those customers with vulnerabilities[2], in financial difficulties[3], or in other key areas, such as when assessing claims that fall under the Contingent Reimbursement Model Code for Authorised Push Payment Scams (the CRM Code)[4].

Because of the importance of soft skills, displaying empathy, and actively listening, firms will want QA to monitor how this is conducted. As this involves an element of judgement on how the call was handled, QA staff need to understand what they are looking for and what the firm expects. This enables them to be consistent when completing QA and when delivering feedback. Consistency is provided by training QA staff and by the second line, both of which are discussed in further detail below.

QA training

QA staff need to be trained so that they know the technical nature of conducting QA checks (how to complete them, where to log them, etc.). QA staff also need to understand what ‘good looks like’ and when there are areas for improvement. This is vital so that any scoring system used, such as a Red Amber Green (RAG) rating or similar, is accurate and, more importantly, that any risks are identified. Finally, QA staff need to understand how to deliver feedback and respond to findings, when required.

When it comes to training on how to judge subjective areas, such as the empathetic conversations previously described, firms can use a variety of methods. For example, playing examples of good calls as compared to ones that failed to live up to expectations can be insightful. It can also be valuable to practice conducting QA reviews, such as by playing a call and having a group discussion around what people thought of it. This can lead onto playing calls, with trainees individually assessing them against the QA scorecard used, before explaining their decisions and any feedback or actions they would deliver.

The use of examples of best practice should not be limited to the training environment. Rather, these can be used both to keep QA staff’s skills up to date and show the first line what is expected and what can be achieved when supporting customers.

Feedback and actions

Identifying risks or areas for improvement solves nothing without further action taking place. Providing feedback or ensuring that appropriate actions are taken forward needs to be a central part of what the QA function does in its day-to-day role. Feedback will be required to advisors and other staff who are subject to a QA assessment for them to understand what went well and any areas for development. When a check identifies a process or policy failure, QA staff need to inform the individual or team responsible for that section of the journey, so that appropriate corrective actions are put in place.

When training QA staff, along with the elements previously discussed (the technical and qualitative nature of the role) staff must be confident in delivering feedback to staff. This involves being able to engage, gain the confidence of, and coach staff to improve the service they deliver on the first line. This can be challenging, especially as QA staff may be the same grade as the staff they are assessing. By having QA staff trained to deliver accurate, measurable, and relevant feedback in an effective manner, firms mitigate the risk of errors being repeated or staff failing to develop.

It should also be clear within firms who is responsible for delivering feedback on QA results. Often it will be the QA assessor themselves, although some firms elect to have QA fed back to the adviser’s line manager, who then delivers the feedback to their team member. This is a business decision that may be impacted by resourcing or other factors, but it should not affect the validity of any feedback. However, it is important that team managers and QA are on the same page in terms of expectations and what ‘good looks like.’ If line management deliver feedback in the manner of, ‘I thought it was OK, but QA said…’, it is likely the message and effectiveness of the QA will be diminished.

Providing positive feedback is an important and potentially underutilised area. Balanced feedback and encouragement can help reinforce good behaviours and increase the likelihood of them being repeated. Firms should aim to create learning environments that go beyond the classroom and training sessions but reach out into the first line as part of continuous professional development. This involves creating a culture where, along with risks being identified, good practice is too. Having a positive environment, where staff want to hear and learn from management and QA about their development, helps improve both service delivery and customer outcomes.

If the QA check has identified a potential policy or process issue that has affected the first line delivery, QA must ensure that actions are put in place to mitigate any potential risks. Where this is the case, it is unlikely that the QA assessor will be responsible for putting in place the action required to resolve any issue. Instead, it is important that they speak to the person who is responsible (such as the policy or process owner) and are clear about any concerns. This should be followed up in writing/email, so there is a record of the instance and clear oversight of the QA process.

Reporting and QA

QA results from across the business need to be collated and analysed to understand any trends that may be affecting the firm. This then allows for certain areas to have further assurance measures put in place, for example, customer journey reviews. QA management, or in smaller firms, the assessors themselves, need to have a way of bringing QA results together against the different sections of the customer and product journey, to see how things are working in the first line.

In practice, this could include looking at, for example, the checks that are in place at the application stage of a credit journey and collating these results together. By analysing pass rates for each section (i.e., ‘Was the product adequately explained?’, ‘Was the customer given the opportunity to ask questions?’, ‘Were T&Cs delivered?’ etc.), QA can see how that stage of the journey is performing. If issues are identified which go beyond isolated incidents and show a trend, further investigation will be required as to why.

Collated QA results should be provided to senior management through regular reporting packs. These may be sent to risk or other oversight committees, and packs may also be provided to department heads so they can see the QA results affecting their teams. Consideration should be given to how this information is presented. Too much information risks delivering unclear messages to management and could mask risk areas, whereas too little may not provide an adequate picture of the scope of checks and areas requiring more focus.

Second line monitoring

In the commonly used three lines of defence model, QA teams often sit within the first line. The second line, including teams such as Compliance or Compliance Monitoring, play an important role in providing assurance that the first line, including QA teams, are doing what they say they do.

In relation to QA measures, the second line function would have oversight of ensuring that both the scope of checks completed by QA are adequate and that those checks are being delivered. Without this, there is a risk that the QA being conducted is ineffective, is missing key risk areas, or that checks senior leaders believe are in place are not being completed as planned.

Second line may also assess the quality of the checks themselves. This could include looking back over the original QA check and listening to the call or reviewing the interaction involved. This enables a second opinion on whether QA is assessing accurately against the standards expected. The purpose of this is less to ‘check the checker’ on individual QA assessors’ work. This activity may be done by the QA team’s line manager while completing regular reviews of their team’s work, before delivering feedback and coaching as required. Instead, the second line could assess a wide range of QA checks and see if, as a unit and across customer journey areas, reviews are consistent and accurate.

For smaller firms or new entrants, the resource available may be limited in terms of the scope of what the second line could look at. Where this is the case, it is especially important to complete a risk assessment to establish the areas to focus on. These would be the stages of the journey where there is the highest potential for non-compliance to regulations and, crucially, the highest risk of customer detriment. A clear example of this is focusing on areas with customers in challenging positions, such as those with vulnerabilities or facing financial difficulties.

The Standards specify that assurance measures need to be in place to ensure that both vulnerable customers and those in potential financial difficulties are treated fairly and in line with the Standards.[5] Any QA plan or second line plan (such as a Compliance Monitoring Plan) should include reviews of both these customer groups. Any checks should be considered both in terms of their effectiveness and timeliness.

Timing is vital when establishing the approach to assurance measures. For example, it is no use having QA checks in place that cover all the right areas but that are completed too infrequently. If this is the case, the QA may be ineffective because of the time lag between the check and the subsequent feedback, coaching, or action. For example, QA on accounts involving financial difficulties have to be regularly conducted in order to identify any instances of poor practice. Without regular checks, bad outcomes could be delivered to a number of customers and over a long period of time, without this being identified and the behaviour rectified by QA.

Customer journey reviews

There is a risk when completing quality assurance and oversight checks that each element reviewed is considered in isolation. Looking at QA checks on their own allows a firm to see if a single process or customer interaction was conducted to the level expected. However, it is possible that this risks missing the bigger picture, and customers could still be receiving bad outcomes despite QA checks not finding any fault in the process or delivery. Therefore, a more holistic view of the customer journey is needed to identify all relevant risks.

For example, a customer could call into a contact centre and explain they are worried about how they will pay their next bill. The adviser takes their details, deals with them empathetically, and says that a specialist colleague from the firm’s financial difficulties team will contact them. At a later date, that colleague does so and assists the customer. Once again, the customer is properly treated and receives an appropriate solution.

An individual QA check on the first or second call would not show anything amiss because they were both dealt with fairly, empathetically, and following the agreed process. However, a customer journey review, which takes one account and follows the service the customer received through the whole or part of the journey (in this case, financial difficulties), could show something else. For example, it is possible the journey review shows the second call was made one week later – by which time the customer had already missed a payment and had been worrying about it for a week. Despite both individual QA checks passing, the customer journey review has identified a risk that needs resolving, namely, that the handover times between the contact centre and specialist teams is too long.

It is only by going through the journey as the customer does that blind spots may become visible and areas for improvements identified. Customer journey reviews are not expected to be regular events in the same way that QA checks are. They can be resource intensive and often cannot be completed on their own, for example, in the above case, we would want to look at more financial difficulties journeys to see if this service level was a one-off or a trend. However, by planning ahead, targeting key areas, and looking for risks that could be missed in the ‘standard’ QA process, customer journey reviews can play an important role in identifying threats to good outcomes.

The final section of Standards for All will look at the role training plays when implementing best practice standards within your firm. If you have any questions about any of the pieces within this series, or if you would like to know more about how the LSB can assist your firm, please contact us using the details below.

Contact details

Anna Roughley – Head of Insight – 07392 867 176

Harry Hughes – Senior Insight Manager – 07387 108 498

[1] LSB, Standards and Codes

[2] LSB, Standards of Lending Practice – Consumer vulnerability

[3] LSB, Standards of Lending Practice – Financial difficulty

[4] LSB, Contingent Reimbursement Model Code for Authorised Push Payment Scams

[5] LSB, The Standards of Lending Practice, Standards of Lending Practice – Consumer vulnerability and Money management

Have some thoughts on this subject?

Click here to continue the conversation on email

Registering with the LSB signals a commitment to deliver the highest standards of customer treatment.

Find out more about registering.

Related Stories