The new FCA – don’t have nightmares

Neil Herbert is a director at HRComply

Is there anything to fear about the new FCA? Well, possibly quite a lot, it would seem. A hundred or so days into the new era of the FCA and it would be hard for anyone in the wealth management or private banking sector to have missed the message that the regulation of the sector is going to be different from now on, writes Neil Herbert.

Although the new head of the FCA, Martin Wheatley, has sought to play down the ‘be afraid’ tone famously set by his predecessor at the FSA,Hector Sants, some of the warnings and statements may have sounded pretty scary to many in the industry. There are going to be heftier fines, more stringent reporting requirements, naming and shaming of errant firms and individuals (without first having the inconvenience of providing actual proof of wrong doing) and, for the wealth management sector, its very own department. It will be headed by Clive Adamson, director of supervision at the FCA, who in a recent speech emphasised the shift away from the tick box approach to one that will be judgement-based (their judgement, presumably), forward looking and outcome-focused.

This all sounds good in theory but this emphasis on a firm’s culture and business models is somewhat more subjective than the previous focus on controls. The logic appears to be that it is all very well having controls policies and processes in place but if these don’t drive market and client relationship behaviours – and general conduct – then they are useless.  In addition Mr Wheatley (despite seeming to want to pursue a more constructive relationship with the financial services sector) has set out a different stance whereby his regulatory body aims to get tough on the individual rather than just the firm. Dismissing the impact of fines  – “To be honest, to the banks that make billions of pounds in profits, whatever the level of fine it will get passed on to shareholders” – he has pledged that the FCA will focus on the conduct of individuals – specifically senior management – and make them accountable.

This will be a surprise to the 130 or so people banned from the industry in the last two years, let alone those who have paid nearly £30 million in fines in the same period. They might be forgiven for believing that the FSA was pretty tough on individuals already. Wheatley as served notice to senior management that if they aren’t in control of the market and customer conduct of their registered staff and they haven’t yet instilled a compliance culture in their firm from the top down, then it is they that stand to pay the price for the failings of staff (and by inference, of the firm, its systems and controls).

It should therefore be a given that all registered staff have a clear knowledge and deep understanding of their role (its requirements, objectives and limits) and responsibilities to their employer, the market and the customer. At the same time there must be clear standards of acceptable conduct drummed into all staff, with objective benchmarking and assessment of both conduct and performance in place. And yet many of the companies I speak to readily admit that they don’t even have simple job descriptions, let alone a decent system of assessment for individual performance or conduct in those roles.

There is a stubbornly enduring culture of dealing with symptom as opposed to the cause: audit-driven processes that identify problem behaviours and conduct after they have occurred. Investment in training to enable staff to deliver the highest standards (using technology to distribute that training and assess delivery and identify shortfalls as they happen – not in an audit six months later) will give progressive firms the edge in terms of better product, service and client reputation. Presumably it will also give the management and supervisors a better night’s sleep as it’s they that stand to be penalised for failings.

Effective training and competence is a contract struck by the firm with the employee, but also with the regulator and the customer. It is an agreement of terms that are constantly renewed and defined. Standards, expectations and how those will be achieved.

Clear definitions of roles; responsibilities; personal, client-based and business objectives and limits; and acceptable risks and conduct: this is the starting point. Training and development of staff to ensure that they can meet these definitions must be planned individually. Roles and responsibilities then need to be distributed, with completion monitored and logged. If your training and competence management system doesn’t do this, then you have cause for concern.

Assessment of the three Cs (competence, conduct, contribution) against agreed benchmarks is the next step, ensuring shortfalls are identified and dealt with. The testing of knowledge (product, markets, conduct, process and policy) should be performed regularly and as part of the overall assessment process. Rooting out those who are not delivering nor buying into the compliance-based culture you are trying to embed is essential if you are going to address such risks. These are real risks to your business, your reputation and individually your career if the worst happens and the FCA holds you accountable (as Wheatley says they will). No-one can be certain about every advisor, ensuring everything that they say and do is compliant, but if those advisors don’t know what ‘good’ looks like, if you haven’t equipped them sufficiently to deliver ‘good’, if you haven’t monitored and enforced that delivery and indeed recorded having done so, then you will be accountable.

Make sure those policies that you’ve been developing are really put into practice. Clarify your standards, your assessments and benchmarks and invest in a decent training and competence management system. And as the popular TV crime programme concludes, “don’t have nightmares”.