22 May 2018
David Craig

David Craig

David Craig - Thomson Reuters

5Posts 23,084Views 0Comments

Who is responsible for managing compliance risk? You are

27 June 2014  |  5388 views  |  0

High profile scandals and enforcement actions around the world have elevated the stature and scale of the compliance function across our industry.  This could be seen as, perhaps, one of the few good outcomes of the financial crisis.  Yet compliance is moving into unchartered waters.  The focus on personal liability as an enforcement priority is sending a chilling message to boardrooms and compliance teams alike, just as regulators are also shifting focus from rules-based compliance to concepts which are harder to measure, none more so than culture and conduct risk.

But measure is exactly what we must do.  This week at our 10th annual Compliance & Risk Summit in London, the UK’s Financial Conduct Authority (FCA) enforcement director Tracey McDermott spoke to a packed house of 500 compliance professionals.  Ms McDermott’s message is that conduct and culture will be key indicators used to assess if the customer is being treated fairly. 

Conduct risk was not even on the radar of most compliance officers three years ago and its exact meaning is still not strictly defined.  What we do know is that conduct risk is not market, credit, liquidity or operational risk; it is more about the way that firms and their staff conduct themselves. For compliance teams this means traditional quantitative-based analysis around the compliance of rules won’t suffice in assuring boards and regulators that their firms have done the right thing by the customer. 

Across the financial industry there is welcome talk of moving to a compliance culture.  Companies fail when compliance is seen to be the lone responsibility of the compliance team.  The FCA has articulated that a high standard of behaviour has to be in evidence from every part of the organisation – from top to bottom and front to back. However, the intricacy of today’s organisation and its supply chain make this ever more complex. 

We have already seen the reputational damage from companies and/or their suppliers’ use of forced labour in factories or the abuse by workers across some industries. The Summit heard that far from being remote, there are an estimated 30 million people involved in slavery and forced labour generates approximately $150 million in illegal profits. Preventing and combating this blight requires that banks, corporations and regulators work together to tackle the criminals using the banking system to hide this illegal and harmful activity.  Financial institutions, in particular, are in a unique position to use their data to identify anomalies in financial transactions which may shine a light on human trafficking. Companies need to look beyond the financial metrics to understand how their suppliers are going to deliver those services at a particular cost. 

At the Summit this week, the FCA was clear that banks are not yet out of the penalty box. In fact, we heard that 10 banks were fined $243bn from 2008 to 2014 for mis-selling, market rigging, anti-money-laundering (AML) abuse and other issues.  Beyond the headlines, the real pain cuts much deeper as firms often spend the same figure again on the legal counsel, accountants, management time, and more to manage the related investigations. All of this serves to highlight that the risks associated with both non-compliance and the costs of compliance are higher than ever before.

The lack of a black and white rulebook is causing more complexity. My advice for our industry is to stay in touch with the nuance around regulatory expectation.  There is a need to define what looks good and then decide how to measure, communicate and consistently apply.  We can’t just track rulebook changes; there needs to be an understanding of how the regulatory powers will be used. We must also look at the cultural implications of remuneration and sales incentives in the event they drive poor customer outcomes – as recent examples have already illustrated.

Finally, we shouldn’t underestimate the challenges.  Tracey McDermott used the word ‘sustainability’ to refer to those firms with the right models that will be here in the medium- to long-term.  With signs that the economy is improving, now is the time to embrace a compliance culture.


TagsRisk & regulationInnovation

Comments: (0)

Comment on this story (membership required)

Latest posts from David

Are the capital markets young enough to embrace disruptive technology?

30 January 2015  |  4861 views  |  1 comments | recomends Recommends 1 TagsRisk & regulationInnovation

Compliance: now it’s getting personal

20 November 2014  |  2438 views  |  0 comments | recomends Recommends 0 TagsRisk & regulation

A new dawn for China and the global investment community

17 November 2014  |  5951 views  |  0 comments | recomends Recommends 0 TagsTrade executionInnovation

Who is responsible for managing compliance risk? You are

27 June 2014  |  5388 views  |  0 comments | recomends Recommends 0 TagsRisk & regulationInnovation

The rise of the renminbi as a truly global currency

08 May 2014  |  4447 views  |  0 comments | recomends Recommends 0 TagsTrade executionTransaction banking

David's profile

job title President - Financial & Risk
location London
member since 2014
Summary profile See full profile »
President of the Financial & Risk business of Thomson Reuters, which accounts for US 6.5 billion in revenue and is a leading provider of financial information, news, technology and regulatory solution...

David's expertise

Member since 2014
5 posts0 comments
What David reads
David's blog archive
2015 (1)2014 (4)

Who's commenting on David's posts