The CISI survey mentioned on this site yesterday "FSA paper trail hampering compliance activities" raises many issues. But first, congratulations to Julian Sampson for undertaking this service in the first place. It puts some firm data against all of the
anecdotal evidence that many compliance departments are spending more time ensuring that they have not "missed something from the FSA" than they are in providing feedback and assurance on the regulated activities of their organisation.
It's little wonder that senior management don't always see the value in the function that's supposed to be their "eyes and ears" around the organisation. When Compliance Departments are constantly keeping their eyes down, trying to interpret the impact
of so many FSA outputs, their output - in terms of assurance reviews - declines. No wonder so many compliance departments find it difficult to get the resources they need to get their job done - because it's so difficult for senior management to see the value
in the service they provide, from their perspective it's equally difficult to justify further investment.
I hope that the CISI's letter to the FSA is given the attention it deserves. Here's three things I would like to see happen :
- The FSA grades it's outputs (guidelines etc.) by impact. That way regulated firms can prioritise their work;
- The FSA looks at the way it distributes information so that workflow automation is facilitated;
- Compliance Departments get a little more tech savvy and learn to leverage technology to help them prioritise, manage and monitor their work load - after all if you need additional resources the best way to get it is to have the data that proves you need