Pressure on Compliance teams has long been increasing and the FCA has been vocal recently about the fact that it is no longer looking at box ticking and controls. It is interested in ‘outputs’; in terms of how does a compliance activity translate into market or client behaviour and the quality of advice that wealth managers deliver. It is also interested in the embedding of a compliance culture – not just in the Compliance department but also across the whole firm.
In such a culture, everyone has a responsibility for Compliance. A focus on Conduct, quality and suitability of advice, know your customer and general customer and market outcomes must drive outputs in terms of behaviours.
The problem with all of this is that it is relatively vague. Without clear rules or benchmarks, how can firms ensure that they are meeting the expectations of the regulator?
Recent cases have seen enforcement against traders including bans and huge fines for market abuse relating to trader conduct. In some of these instances few, if any, in the industry can truly identify what was actually wrong.
For example in a recent case the FCA notice focused on a trader’s conduct, mainly because there was little actual quantitative evidence relating to the trading impropriety that allegedly took place. There are references to the fact that he acquired too much of a particular bond and accounted for a large percentage of the trading turnover, yet there are no comparative quantum caps imposed in market abuse regulations. Instead the FCA makes reference to ‘particularly egregious‘ conduct which fell far below the standards of integrity expected of FCA approved persons. Yet there is no definition of what this actually means – there are no quantitative benchmarks of the expected levels of conduct integrity expected by the FCA. Instead there appear to be only subjective judgements.
The FCA assesses culture through factors such as how firms respond to, and deal with, regulatory issues; what customers are actually experiencing when they buy a product or service from front-line staff; how a firm designs products and the considerations around this; the manner in which decisions are made or escalated; the way in which claims or complaints are handled; the behaviour of that firm in certain markets; and the remuneration structures and how a firm’s board engages in those issues and satisfies itself that the firm is operating as the Regulator expects. It therefore makes sense to focus on these key areas when designing assessment and management tools to monitor how well the business and individuals perform and to correct undesirable outcomes.
In a relatively recent FCA speech to a Mortgage Industry Conference the speaker owned up to the fact that the FCA deliberately did not have a master definition of conduct risk and that conduct risk profiles would be unique to every firm – making a one-size-fits-all approach impossible. Instead she said that the FCA has made it clear that having the right ‘culture’ i.e. one that puts customers at the heart of the firm’s business, is an important component of conduct risk. No specific definition of the kind of culture required has been offered.
In a 2013 global survey conducted by Thomson Reuters Accelus, 84% of respondents did not have a working firm-specific definition of conduct risk. This must surely be the first step that senior management need to take. They must define what ‘good’ looks like in the various elements that contribute to conduct risk and then ensure that ‘good’ happens. These elements must be benchmarked and monitored, clear policy and process designed and appropriate T&C and assessment management mechanisms put in place.
Getting the biggest return from their compliance investment must be the goal of all firms who want to rise to the challenge.
What firms can and must do is implement the highest levels of scrutiny. This means the monitoring, assessment and enforcement of behaviours through appropriate policy, process and technological infrastructure. In particular, the effective deployment of automated training and competence (T&C) technology and process–based decisions will relieve some of the pressure and help free up the Compliance team to concentrate on cultural change.
Only then can shortfalls and the risks they present be identified and dealt with quickly. Only then can senior management say they have done everything possible to counter conduct risk, inappropriate behaviours and outcomes.
The rest will be down to the subjective judgement of the FCA.
Neil Herbert, Director, HRComply