Remedial Compliance: Define Compliance Or Compliance Risk.

At Compliance Consultant we get a number of enquiries every month concerning new applications for Authorisation regarding the Part IV permissions needed and the role of Compliance in the application process and beyond.

There is often a misunderstanding about the role of compliance consultants and the internal role of compliance functions, so we thought we would close off a few of those and cover the top levels of regulatory compliance expectations in the UK Financial Services world and concerning the Financial Conduct Authority (FCA) regulatory compliance guidelines.

First of all, the definition of compliance is technically “the action or fact of complying with a wish or command”. This is not the most helpful definition of compliance regarding financial services regulatory compliance, so we must look to the echelons of the industry to provide a definition of compliance that is more suitable for our purpose, operation and outcome.

Techtarget.com (the online news and strategy site) define regulatory compliance as “Regulatory compliance is an organization’s adherence to laws, regulations, guidelines and specifications relevant to its business. Violations of regulatory compliance regulations often result in legal punishment, including federal fines.”

Wickipedia defines it as “Regulatory compliance describes the goal that organisations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws and regulations.”

As we can see there is little distinction between the term “Compliance” and the very real meaning of “Compliance Risk“. The risk of non-compliance is a very real threat and can be significant in both terms of cost, management time as well as reputation and remedial compliance actions to rectify the errors or failure of process. This is the main area that we at Compliance Consultant get involved in as we help clients achieve significant and sustainable improvement in their quality performance, customer satisfaction, and regulatory compliance projects.

Perhaps the most accurate and representative definition, although primarily focused on Banking is from the Basel Committee on Banking Supervision, which in 2005 described Compliance risk as: “the risk of legal or regulatory sanctions, material financial loss, or loss to reputation a firm [bank] may suffer as a result of its failure to comply with laws, regulations, rules, related self-regulatory organisation standards, and codes of conduct applicable to its [banking] activities (together, ‘compliance laws, rules and standards’).”

sa-complianceconsultant

Understandably, the ‘compliance laws, rules and standards’ actually get revised and updated by the FCA under their authority from the Financial Services and Markets Act 2000 (and it’s various amendments and supporting legislation like the Regulated Activities Order ‘RAO’). There are other influences such as the Prudential Regulation Authority which supervises banks and a handful of large financial companies, but they work hand in hand with the FCA. Advertising standards, data protection and a raft of other legislation and guidance help the mix to become even more complex and complicated, which is why firms employ consultants like Compliance Consultant to manage discrete special or specialist compliance projects.

The regulatory compliance and risk projects can vary immensely but the overall requirement is usually to provide compliance specialist project resource to resolve or remedy a situation that has arisen. Identification can either be by operational failure, audit or other internal assessment review or regulatory scrutiny as part of a themed visit or ‘deep-dive’ investigation in that sector.

From this you could derive a belief that the FCA are vindictive or aggressively trying to catch out the firms, however the FCA don’t go out of their way to be unreasonable in their expectations and they offer a great deal of guidance and support on their website. The regulator does have a difficult job insomuchas it cannot know every different business model or procedure so it wants to understand the specifics, to ensure that one way of doing things does not cause detriment to the consumer, versus they way they envisage things being done in an ideal world. Saying that, they do expect a certain level of basic compliance from all authorised businesses. The whole rationale of their involvement is centred around every authorised firm and their commitment to treating customers fairly (TCF).

There are the six TCF outcomes of that commitment according to the FCA.

  • Outcome 1 – Consumers can be confident that they are dealing with firms where the fair treatment of customers is central to the corporate culture
  • Outcome 2 – Products and services marketed and sold in the retail market are designed to meet the needs of identified consumer groups and are targeted accordingly
  • Outcome 3 – Consumers are provided with clear information and kept appropriately informed before, during and after the point of sale
  • Outcome 4 – Where consumers receive advice, the advice is suitable and takes account of their circumstances
  • Outcome 5 – Consumers are provided with products that perform as firms have led them to expect, and the associated service is of an acceptable standard and as they have been led to expect
  • Outcome 6 – Consumers do not face unreasonable post-sale barriers imposed by firms to change product, switch provider, submit a claim or make a complaint.

Although this is a very light touch of the overall requirements, there is obviously a lot more to it as you also need to run a very tight ship when it comes to record keeping. The FCA have a central handbook called the “Senior Management Arrangements, Systems & Controls” (SYSC) which contains all of the fundamental areas of business and the rules (and guidance) it needs firms to follow, including risk management, compliance, financial crime, outsourcing and record keeping.

Saying you treat your customers fairly is one thing, but you need to be able to evidence it on a consistent basis.

How Compliance Consultant Can Help

Whether you are a startup bank, have compliance related strategic operational projects, governance, risk and compliance projects, or perhaps banking compliance projects and need additional specialist resource, we will have a solution. We are a niche consultancy and as such only deal with a few select clients at any one time, but we have huge reserves and the ability to react quickly.

Compliance Consultant can help you with;

  • Challenger bank start-up: We are experienced in forming and operationalising bank start ups with great pragmatism and corporate understanding. We can provide the governance and risk structure, the necessary financial stress-testing packages and full range of policies and procedures, as well as marketing assistance and product design.
  • Benchmarking. To help clients diagnose their quality performance qualitatively and quantitatively, we employ our proprietary benchmarking data to assess factors such as product quality, total costs of quality, resource efficiency, maturity of shop-floor and quality processes, and quality culture.
  • Developing quality and compliance strategies. Many companies take a short-term approach to address quality costs and imminent non-conformance. Instead, we help clients develop strategies that sustain quality excellence and compliance for the long term.
  • Delivering compliance and remediation services. Within compliance and remediation, we are able to support a full suite of services using a pragmatic approach and functional experts with deep experience in regulatory requirements. These include helping clients respond quickly to crises and minimise negative impact, as well as identifying and correcting the root causes of quality failures using our proven diagnostic tools.

Contact

Author: Lee Werrell

Owner & Principal Consultant, CEO: Compliance Consultant

Lee has nearly 30 years Financial Services Experience and much of that in governance, compliance and risk areas. He achieved the Diploma in Investment Compliance in 2006 and was one of the first members of the Securities & Investments Institute to be Chartered when they received their Royal Charter in 2010.

Having run previously successful companies since the 90’s he launched Compliance Consultant in early 2014 and was immediately involved in some long term highly confidential work.