Look Forward and Back, But Do One Thing to Keep Yourselves Safe

There are two interesting developments in regulation that have been announced recently. They’re not necessarily connected, but it’s important to be aware of both of them, because they potentially represent a regulatory assault on two fronts. For this reason, it’s important to keep one eye on what’s ahead and one eye on what might be coming up behind. Let me explain why.

A question of conduct

Those of you working in the major banks should be aware of how the management of conduct risk has become a big issue. Banks have come under increasing pressure to demonstrate how they are bringing about cultural change within their organisations, as the FCA continues to express concern about how their conduct risks are managed.

Well, now, the FCA has ratched this up a gear. In the 2015/2016 business plan, it states that there will be a thematic review carried out on this very subject. To use the FCA’s own words, it says:

"In 2015/16 we will conduct a new thematic review on whether culture change programmes in retail and wholesale banks are driving the right behaviour, in particular focusing on remuneration, appraisal and promotion decisions of middle management, as well as how concerns are reported and acted on."

This sounds quite heavy, and may well be in all likelihood.

Conduct risk is a term that is now being used regularly within our industry. As a concept, it is extremely wide, and essentially, encompasses anything that presents a risk to good customer outcomes when dealing with firms. This can include those issues which directly affect customers, such as their experience when buying products or services, to how they are treated when they raise queries or make complaints. It also looks at the culture within the firms that drives the processes used at the point of interaction with the customer.

As a result, many of the major banks have instigated board-level conduct risk programmes, which in some cases are driven by specific sub-committees established by the board. Typically, these look at things such as key indicators of conduct risk, as well as employee behaviour, and how well staff embrace the firm’s stated values.

And they will now have to demonstrate to the FCA how well these programmes are working when the thematic review gets underway.   

This is clearly a very important issue for the FCA, and whilst at the moment, its focus is restricted to the major banks,  it’s distinctly possible that this could move to smaller firms, and then to other sectors.

In other words, this is an issue that all firms should be aware of, and when the results of this thematic review are published, they should be studied carefully.

Which then begs the question – what happens if the FCA doesn’t like the look of what it sees during its review?

The backstop

Of course, the FCA has a range of regulatory tools at its disposal to try and correct certain behaviours within firms. But one in particular appears to be being used with increasing frequency, and that’s the direct commissioning of skilled persons reports.

Typically, these are used when the FCA discovers concerns about an aspect of a firm’s operations or perceived weaknesses in its systems and controls  The “skilled persons” in question are usually from consulting firms, who are able to provide the FCA with an independent and objective view of the issues.

I mention this because the figures published by the FCA on how many of these reports it commissioned during the last quarter of its 2014/15 year, make interesting reading.

At first glance you might think there isn’t a problem. After all, there were 15 reports commissioned during the fourth quarter, and there were 14 commissioned during the third quarter – hardly much of a change.

But there are two key metrics that suggests a tightening of the FCA’s focus.

Behind the figures

Firstly, there is the number of those reviews that were commissioned directly by the FCA. Since the Financial Services Act 2012 was introduced, the FCA can choose to either directly contract with a skilled person to carry out the review, or it can leave this selection to the firm. In the third quarter, the FCA directly contracted with a skilled person for just one out of the 14 reviews. In the fourth quarter, that number had jumped to eight out of 15.

Secondly, where these reviews are focused is of interest.  In the third quarter, the greatest concentration of reviews (five out of 14) was on the subject of governance, controls and risk management frameworks.

In the fourth quarter, this had changed dramatically. Of the 15 reviews commissioned, 12 of them were focused on conduct of business. Or to put it another way, 80% of them.

What's also interesting is how these 12 were split across firms of different categories. Surprisingly, 9 out of the 12 were carried out in smaller Category 4 firms, with one and two respectively for Category 2 and 3 firms. And none for the largest firms.  But perhaps this is because the focus is on giving larger firms time to get their conduct risk frameworks in place in advance of the thematic review.

All of this clearly points to one thing – conduct risk is now extremely high on the FCA’s agenda, and it is prepared to use both forward and backward-looking regulatory tools to ensure that firms measure up to its expectations. And whilst the forward-looking focus is primarily on the big banks, the FCA is looking at conduct risk across all firms, and is willing to take action where necessary.

A key safety measure

For those firms still getting to grips with conduct risk and what it all means, training for the key individuals at board level and within control functions is essential. Without a thorough understanding of what conduct risk is, it’s not possible to set up the appropriate framework, controls and be able to set the right level of risk appetite.

The FCA’s focus on this topic means that this is one to definitely get right. External training is a great way to short-cut the learning process, and training providers are now responding to this need.

So, whilst you’re looking forward and back, use Industry Events Online to help you see the picture clearly.  


Martyn Oughton    

By Martyn Oughton a Professional Member of the International Compliance Association (ICA).  Martyn now writes a regular blog for Industry Events Online focusing on the importance of training in all aspects of compliance. Read Martyn's other publications at Martyn's Writers' Residence website.

To keep up to speed with new events and blog posts sign up to the Industry Events Online weekly newsletter.