What does it mean to be certified for client protection?
A financial institution that is certified for the Client Protection Principles takes appropriate care to ensure that its offering to clients and treatment of clients adequately fulfill the spirit and meaning of each client protection principle.

1. It designs products with client characteristics taken into account, with the intent to do them no harm. (Appropriate product design and delivery)
2. It prevents the risk over-indebtedness by checking client capacity to repay and providing staff incentives based on the quality of the portfolio, not just growth. (Prevention of over-indebtedness)   
3. It communicates clear, sufficient, and timely information (especially on pricing, terms and conditions of products) in a manner that clients can understand, so that they can make informed decisions.  (Transparency)
4. It sets prices, terms, and conditions that are affordable to clients while allowing for its own sustainability. (Responsible pricing)
5. It has a very low probability of experiencing clients’ rights violations. (Fair and respectful treatment of clients, staff ethics, and non-discrimination)
6. Both staff and clients know how client data will be collected and used. Client data is protected at least to the minimum requirements of the country (or regional proxies when country policy is not available). (Privacy of client data)
7. Clear information is available to customers about how to submit a complaint, and the organization has an effective, appropriate system in place to resolve complaints in a timely way. (Mechanisms for complaints resolution)

It is important to note that while certification for client protection indicates a lower likelihood that financial institutions are harming clients, it cannot represent a "guarantee" because no institution can guarantee that all of its staff members are meeting intended standards 100 percent of the time. Thus, Certification means that the institution is taking what the task force believes (on the basis of practical research and experience) to be adequate steps to ensure that violations of the principles are rare.

Why certify?
The main rationales for the Client Protection Certification program are:

• To enable financial institutions worldwide to demonstrate their adherence to the Campaign's core Client Protection Principles as verified by third-party assessors.
• To highlight publicly those financial institutions that meet adequate standards in regards to Client Protection.
• To spur or improve the implementation of the Client Protection Principles.

When will the certification program be launched?
In October 2011, the Smart Campaign entered a period of public comment to receive feedback from the industry, refine the certification program, and pilot test the application of the standards in the field.

From now through mid-2012, the client protection standards will be tested in the field, with a targeted launch of the pilot Certification Program in June 2012. The program is then expected to be in a pilot phase for a year, and officially launched in June 2013.

Table 1. Certification timeline

Who will certify?
The Certification Program will be piloted with eligible specialized microfinance rating agencies that it will license, based on an evaluation of their certification methodology.  Specialized microfinance rating agencies were selected for the pilots given their in-depth experience of client protection evaluations and their involvement in the Sub-Committee of the Certification Task Force that developed the standards.

Beyond that, the Smart Campaign is envisioning that other organizations that meet the Smart Campaign licensing criteria will be eligible to become certifiers. Some concerns were expressed about having local associations become certifiers given potential issues of conflict of interest. Local associations have a critical role to play in preparing FIs for certification, and providing the needed technical assistance to improve their client protection practices.

Will the results of certification be confidential?
The results of the certifications performed during the testing period for calibrating indicators and benchmarks will be kept confidential.  Once the pilot Client Protection Certification Program is launched in mid-2012, results of the certification will be public for financial institutions that pass certification.  Financial institutions that do not pass certification will share the results at their discretion. This is in keeping with the intent of the certification program to incentivize improved practices.

How much will certification cost?
In order to reduce the cost for financial institutions, certification will be available not only as a stand-alone product for financial institutions, but can also be added as a module to a financial rating or a social rating, as most of the ground work required to assess a financial institution’s client protection practices is done during a rating.  It is envisioned that certification can be linked to a number of existing rating products in order to reduce overall costs for the financial institution. A brief description of such products is provided in Table 2.

Table 2. Available products

Table 3 shows the likely cost breakdown depending on whether the certification is done on a stand-alone basis or linked to other existing products.  The task force is committed to bringing the cost down as much as possible to make the certification process affordable to a wide range of financial institutions. The pilot phase will allow testing different methods to gather the necessary information (including client feedback) at the lowest cost, so that the certification remains meaningful. The Smart Campaign will not specify prices, leaving the certifying organizations free to set prices as they see fit. The prices below are based on past data and conversations with the rating agencies, but are not firm offers.

Table 3. Estimated cost of certification (pilot year)*
* Notes: Prices exclude travel costs. The wide range reflects the fact that these are estimates from all combined rating agencies and from the Smart Campaign. Prices will vary per region, provider, and based on the results of the pilot phase.

Six major elements will drive the range of costs for certifications:

1. Level of readiness of financial institutions to be certified (availability of documents, involvement in the planning process, level of responsiveness);
2. Size and complexity of the financial institution;
3. Honorariums of certifiers;
4. Travel costs;
5. Pricing in USD vs. EUR; and
6. Inclusion of client focus groups or client surveys. Client feedback in the form of focus groups or surveys is a prerequisite for certification. Costs will depend on the sample size and whether focus groups or surveys are selected.

We envision that through their work on client protection, national and regional microfinance associations will play a key role in helping member financial institutions prepare for certification and therefore reduce the overall costs required.

Who is eligible to be certified for client protection?
Retail financial institutions that provide services to the lower segments of the market and/or financially excluded populations are eligible for client protection certification. This includes institutions of any legal form: bank, finance company, NGO, credit union, etc.

What happens when a financial institution is certified?
Certified financial institutions will get a short report highlighting the key results of the certification and examples of how they have met adequate standards for client protection. They will have the right to use the ‘Client Protection Principles Certification’ label, indicating the year the certification took place. A brief version of the report will be available through the certifier’s website, and the name of the certified institution will appear on the Smart Campaign website.  The certification process does not envision a Principle by Principle certification. Rather, the certification requires meeting adequate standards on all of the principles. The standards are presented in Appendixes 2 to 8.

What happens when a financial institution fails certification?
Financial institutions that fail to meet one or several of the standards for client protection will be given a certification status report that identifies the areas where they have weaknesses and will have from 6 to 12 months to put in place corrective measures to improve their practices and enable them to be certified for complete compliance.  The report will be confidential and financial institutions will be able to share the results at their discretion.

How will the certification information be used?

• Financial institutions will use the certification results to market their organization as a pro-client institution to their clients, funders, regulators and the general public. They will also use the certification tool to pursue continued improvement in practices beyond the adequate standards to emerging high standards for each CPP.
• Investors and donors will use the certification results to inform their funding decisions (i.e., focus on the financial institutions that have already passed the CPP certification, or on the contrary focus on the ones that are not yet certified in order to provide the support needed for them to get there). Investors will use the certification results during due diligence, and require certification during a reasonable time prior to or after the investment.
• Technical assistance providers will use the results of the certification to target the financial institutions that need assistance in putting the Client Protection Principles into practice.
• Organizations monitoring and rating client protection and rating agencies will update their methodologies to reflect the standards defined for the certification program, providing a unified basis for how client protection is measured.

Other intended outcomes from certification
The certification indicators can serve as a best practice document that clearly describes adequate standards in regards to client protection. It is expected that they will inform other stakeholders’ work, such as regulators’ efforts to better understand and address client protection issues of microfinance service providers. A long-run vision is that certification might evolve into a tool that clients could use in selecting their providers.

How often will the certification need to be done?
Over time, financial institutions’ client protection practices are likely to improve. Nevertheless, there may be cases where providers adopt new practices or product features that put clients at risk.  Also, new providers may enter the market with the objective of achieving high growth and market share at any cost. Therefore, certification should be done on a regular basis. Our proposal is that certification is valid for two years, after which a new certification should be obtained by the financial institution.

Who will certify financial institutions for client protection?
Certification will be done by organizations licensed by the Smart Campaign.  From 2012 until mid-2013, licenses will be granted to members of the Technical Sub-Committee of the Certification Task Force.  Beyond mid-2013, licenses will be open to others, provided they meet the licensee criteria.

How will compliance with adequate standards be evaluated?
Through the program, financial institutions will apply for certification and one certifier (from among the group of certifiers accredited by the Smart Campaign) will verify whether the financial institution meets the standards for client protection. Adequate standards  will be evaluated through a streamlined desk review and on-site due diligence process that will include staff and client feedback.  Through this two-step process, the certifiers will judge whether the financial institution meets adequate standards to warrant an on-site evaluation. Financial institutions need to apply for certification and will be asked to share key documents with the certification team.  At the time of application, the financial institution will pay a fee to the certifiers for the desk review. Field work will be scheduled only if the financial institution has submitted all the required information and is responsive to the certifiers’ questions. If big gaps are identified during the desk review process, feedback will be given to the financial institution so that they can improve before the field visit is scheduled and improve their chances of meeting the standards for certification.

The key elements of the content of the certification methodology are as follows:

• There are five major categories that the certification process will examine: governance, policies and procedures, staff incentives and staff training, compliance, and results. The detailed content of the certification process, including adequate standards, is presented in Appendixes 2 to 8.
• The key indicator is noted. Although all indicators are equally weighted and need to be met in order for the financial institution to be certified, the key indicators represent indicators that are particularly important and for which evidence of compliance will be reviewed in detail.
• A brief note on context is provided. Context recognizes any special circumstances that may require a more in-depth analysis, such as in countries where there is a higher risk of over-indebtedness. The context note also considers the financial infrastructure available, such as the quality of credit bureaus or the regulatory environment.
• Adequate standards for certification are listed by indicator. The financial institution must meet all the standards to be certified. High standards are also listed, as a basis for differentiating between the minimum for certification, and strong practices.
• A desk review and an on-site review are the main certification tools in the two-step certification process. Appendix 2 provides information about what each review entails, such as document reviews, interviews with the financial institution staff, focus groups with clients and loan officers, and sampling of client files.
• Client verification is an important step in the certification process. Client verification is most often carried out through focus groups, a sampling of client files, and review of contracts and passbooks, etc. Specific focus group and interview questions are noted.
• The certification process is a work in progress. Pilot testing will hone many of the quantitative indicators which are currently based on prior working group experience with financial and social ratings, social audits and CPP assessments. The quantitative indicators draw from the indicators developed by the Smart Campaign to evaluate the performance of financial institutions in client protection, but have not yet been tested within the certification process. The first principle, appropriate product design and delivery, currently focuses on credit products; it will be expanded to include savings, insurance and payments, in light of the new Client Protection Principles and corresponding guidance updated by the Campaign in July 2011.