"The FSA is now in Regulatory Winter, a time when the most advanced city firms should be able to create their own bespoke 'rulebooks' provided they demonstrate their ability to identify and manage regulatory risk," said Lindsay Thomas, risk assurance adviser, at the first of a series of round tables hosted by QUMAS, the global compliance software company.
The round table, which was attended by 34 senior compliance professionals from 24 financial organisations and chaired by Kevin Ludwick, Head of Regulatory Services at QUMAS, addressed the topic of whether Heads of Risk Management will be Heads of Compliance in the future.
The two speakers, Michael Blane, a former head of compliance and SEC official, and Lindsay Thomas, formerly a senior FSA official, discussed the role of compliance officers as the regulatory environment moves towards a principles-based approach.
Michael Blane argued that although compliance officers should be able to take a narrow view of regulatory risk, they needed a broad enterprise-wide understanding to be able to support management properly.
Lindsay Thomas said that compliance officers are already under pressure to work in a risk based way but that the way in which they modeled reputational risk would need to be significantly improved. The benefits within the FSA's principles-based regime would be the ability to take more risk and reduce compliance costs. Lindsay said that businesses will be able to agree settlements with the FSA which will give a feeling of de-regulation. Compliance and risk will no longer be purely internal issues but businesses will need to communicate their approach externally and be able to justify their actions in public. Michael Blane felt that compliance officers needed to become comfortable advising in the "grey space" between black and white decision-making.
Kevin Ludwick summarised a lively discussion: "Regulators on both sides of the Atlantic are pressing firms to manage regulatory risk more robustly. Senior management need to engage with compliance officers to characterise their regulatory risk appetite and direct their resources to mitigate the risks they do not want. Doing this without clear models and appropriate infrastructure is impossible."