In UK Financial Services regulatory tumult, the recent years have been a tipping point for the UK regulator the Financial Conduct Authority (FCA), because the very first time it pursued more civil and criminal enforcement action against individuals than firms.
An important change, that lots of senior managers and directors still need to grasp because of this emerging regime that’s being built worldwide post-crisis, is definitely the growing requirement for these people to have the capacity to manage their own individual regulatory risk. Although it may look like to be an additional and unnecessary burden which adds another worry bead for already stretched senior executives however, the growing practical truth is that this active acknowledgement and managing personal regulatory risks is the most suitable possible insurance coverage for an individual whenever regulatory issues arise.
The Senior Managers and Certification Regime is set to be rolled out across the industry in 2018, so 2017 will provide interesting times, especially with the Brexit Agenda formulating in the annals of power.
Banks and the very large institutions have already implemented the SMR and SMIR (Senior Managers and Senior Managers Insurance Regimes) along woth the Certification Regime for certified persons of significant influence within the business.
To assist firms, Compliance Consultant have a number of solutions and products to assist in planning for the SM&CR as well as Strategy Planning (our “Pathfinder” program).
Obviously senior managers have got a duty to help with their firm being compliant and similarly must be expected to demonstrate execution of their personal regulatory obligations and accountabilities. Contained in the new individual’s core competency being able to manage their own individual regulatory risk brings into play several elements for consideration:
- Clear illustration showing effective performance of responsibilities could be a unique and different angle for the use of job descriptions as part of the internal environment. It really is clear the companies producing the job description into the future will need to make them somewhat more detailed than those currently used, as well as the protection of both individual additionally, the firm it is critical that all regulatory criteria, degrees of and matrix of responsibilities, including company expectations are included. Sooner or later, becoming a daily part of the handling of the firm, senior managers will routinely need to gather and store evidence to show how they individually discharged all their obligations and responsibilities. When their role changes they’ll need to perform a precise documented hand-over and acceptance by the incoming manager to ensure that all concerned have managed their personal regulatory risk adequately. It could possibly easily be viewed as a cottage industry but the increased level of documentation regarding job descriptions is set to become an essential part of enabling senior managers to signify the correct performance of their responsibilities.
- Increasing and developing knowledge and awareness not simply with the changing regulatory environment but also with the implications of the changes. Engaging in a constantly evolving and rolling regulatory training programme or undertaking a structured institute led CPD course may very well be another. Failure to remain “on the ball” will lead to a significantly increased chance of enforcement action for virtually every unprepared or unaware individual and they are generally very likely to have the full brunt of supervisory enforcement. In such a circumstance and a senior manager ends up not being banned as part of any enforcement action, it’s highly likely the fact that this individual that has “only” been fined is ever going to work again within a senior capacity in virtually any financial services firm.
- In establishing and developing any individual personal vault or store of evidence brings with it IT security, access and usage issues, that firms ought to identify and form policy. All senior managers really should build and keep their very own individual evidence to demonstrate the whole and complete discharge of their regulatory obligations, and this should be portable to allow them to have the ability to call upon the details at any stage of litigation in the coming years. With the quantitative elements this is certainly going to be a comparatively simple process but there can be often challenges when culture is added into the mix. One quick win could possibly be to assemble all board as well as other meeting minutes that provide verification of the process and engagement because of the individual. For an appreciation of the scope of the evidence that should be gathered, senior managers could check out the Financial Stability Board’s consultation paper “Increasing the Intensity and Effectiveness of Supervision”, which put together a list of “indicators” for senior managers that they might demonstrate compliance along with a good culture inside the firm.
There are numerous indicators of a typical sound risk culture that must be considered collectively as well as mutually reinforcing; considering each indicator in isolation will ignore the multi-faceted nature of risk culture.
These indicators include:
- Tone from the top: The board of directors and senior management would be the starting position for setting the financial institution’s core values and risk culture, together with behaviour must reflect the values being espoused. This will require the leadership systematically developing, monitoring, analysing and assessing the culture inside the financial institution through effective governance measures that include policies, procedures, internal attestations and under-managers performing their own personal assessments.
- Accountability: Successful risk management requires employees at all levels to understand the main values of the institutions’ risk culture together with its approach to risk, be capable of performing their prescribed roles, and be mindful that they will be held accountable with regard to their actions pertaining to the institution’s risk-taking behaviour. Staff acceptance of risk-related goals and related values is essential.
- Effective challenge: A great risk culture promotes a surrounding of effective challenge by which decision-making processes promote many different views, allow for testing of current practices, and stimulate a confident, critical attitude among employees along with an environment of open and constructive engagement.
- Incentives: Performance and talent management should encourage and reinforce maintenance of the financial institution’s desired risk management behaviour. Financial and non-financial incentives should secure the core values and risk culture at all levels of the financial institution.
- Being focused on establishing, monitoring and adhering to a highly effective risk appetite statement that underpins the financial institution’s risk management strategy and is integrated with the overall business strategy.
- Possessing a clear view of the risk culture in which they aspire for the financial institution, systematically monitor and measure the prevailing risk culture and proactively address any identified aspects of weakness or concern.
- Promote through actions and words a risk culture that expects integrity and a sound strategy for risk. The board and senior management promote an open exchange of views, challenge and debate, including making certain all directors possess the tools, resources and data to execute their roles effectively, particularly their challenge function.
- Engage mechanisms such as talent development and succession planning, that will help to reduce the influence of dominant personalities and behaviours.
Systematically assess whether the espoused values are communicated and followed by management and staff at all levels to ensure that the “tone at the middle” and throughout the institution is the same as the “tone at the top”.
- Employing adequate mechanisms positioned to assess whether the risk appetite statement, risk management strategy and overall business strategy are clearly understood and embraced by management and staff at all levels, and effectively a part of the decision-making and operations of the business.
- Establishing a compensation structure that supports the institution’s espoused core values and promotes prudent risk-taking behaviour.
Create a clear knowledge of the standard and consistency of decision-making throughout the business, including how decision-making is in conjunction with the financial institution’s risk appetite and the business strategy.
- Provide and analyse clear opinion of the business lines believed to pose the most significant challenges to risk management, such as unusually profitable elements of the business, which are subjected to constructive and credible challenge in regards to the risk-return balance.
- Monitor how quickly issues raised by way of the board, supervisors, internal audit as well as other control functions are addressed by management.
Implement and embed clear approaches to be certain that any failures or near-failures in risk culture, (internally or externally), are reviewed regularly (at least annually) at all levels of the organisation and they are seen as an possible opportunity to strengthen the financial institution’s risk culture and also make it more effective.
- Analyse and articulate lessons learned from recent in addition to past errors which are seen as an possible opportunity to strengthen the firm’s risk culture and to produce a catalyst for real changes in the future.
One final point about the maintenance of personal evidence to show the compliant discharge of regulatory obligations concerns intellectual property. Any time a senior manager changes firms it is actually entirely reasonable that he or she should be able to maintain the suite of documents to support their compliant behaviour, but due to the fact at least several of the documents could be business-sensitive, and the intellectual property of the firm, sensible arrangements needs to be manufactured to help the senior manager gain access to the documents under certain situations whenever they may be no longer working for the firm.
Governance packs can be found at http://fcaapplicationgovernance.com
Compliance Consultant is regarded as the most flexible of UK Regulatory Consultancies, providing fast responsive solutions for the financial services industry. With experienced and qualified staff from complaints handlers to Chartered Fellows of city of London institutions, you’ll find we have the expert understanding and experience to answer your challenges today!
Compliance Consultant has experience in implementing new banks from the Governance, Risk and Compliance aspects and would welcome early discussions with new start-up banks (Challenger Banks). Contact us on +44 (0) 20 7097 1434 or email firstname.lastname@example.org.
For full details see www.complianceconsultant.org