Compliance Oversight (CF10) Obligations and Accountabilities

The FCA expects those with Compliance Oversight (CF10) responsibilities to challenge management where compliance with regulatory standards and requirements is at risk. The FCA have stated, “… your job … is to force the board to ask the difficult questions – how do you positively reward those who highlight problems, do you take whistleblowing seriously, do you use the wealth of information from complaints to drive improvements, do you really learn from the mishaps of your peers?”

ATEB believes that failure to do so will be increasingly scrutinised by the FCA and we expect to see more sanction. The impending implementation of the Senior Managers and Certification Regime (SM&CR) will bring this obligation under acute focus.

There have been numerous examples in recent years:

  • The FCA have been critical of a compliance officer, stating that “[the Firm’s] lack of adequate compliance controls is attributable, in part, to the compliance officer’s failure to challenge [the chief executive] on his stance in relation to compliance. The compliance officer was free to raise this issue with the Board but failed to do so.”
  • In another case, the regulator stated that they expect the firm’s compliance officer, to take “… reasonable steps (and raise the alarm) … the failure to raise the alarm and/or challenge colleagues indicates that the compliance officer failed to understand the importance of his CF10 role and the regulatory obligations it brings. He failed to properly discharge his responsibilities as the Firm’s compliance officer.”

We believe that instances of cases like this will increase under the expansion of the senior managers regime.

The FCA states that “the aim of the SM&CR is to reduce harm to consumers and strengthen market integrity by making individuals more accountable for their conduct and competence”.

This point about “making individuals more accountable” is important. On one hand, it can be argued, as the FCA has done, that by making individuals responsible it will embolden them, and provide more licence to challenge senior managers. On the other hand, and this is where ATEB sees the danger, there is the possibility that the SM&CR will enable heads of compliance to be used as ‘scape goats’.

Let’s take into consideration the key components on the FCA’s findings as outlined above and pose a simple question – what if the compliance officer had raised the issues and other senior managers chose to ignore them? What if the compliance officer didn’t want to push too hard on these matters as they feared losing their job?

Further analysis of some of these final decision notices do indicate that the compliance officer tried – for example one case states “such reticence [to make necessary changes] had followed the compliance officer encountering resistance from the chief executive……. With the compliance officer ultimately, and improperly, deferring to the chief executive’s industry experience regarding what was appropriate”.

If a compliance officer is put in this position what are they to do? Are they to overrule the chief executive? Practically how would that work?

As for the other example we outline, is it possible that a compliance officer who might be in the same position raises the alarm BUT verbally, as there are ramifications internally for putting such things in writing?

Indeed, in one of the final notices, FCA state that the compliance officer “could not recall any specific examples of where they challenged any of the Board directors during the Relevant Period…” could it be the case that compliance officers are challenging directors, not in writing, because there could be ramifications? Is it a case of damned if you do and damned if you don’t? If so, is this affecting peoples’ thinking in terms of compliance as a career. ATEB are aware of many (but of course, not all) heads of compliance who have left their role, or who are very uncomfortable in their role, because they were / are being stopped from doing their job.

Important Note: ATEB news is intended to provide general information ONLY. The content, including any views expressed or guidance provided, does not replace the need to comply fully with FCA Rules and Guidance. Unless you have discussed news article content with ATEB, and specifically how it relates to your circumstances, then ATEB disclaims all liability and responsibility and actions arising from any reliance placed upon it. For the avoidance of doubt therefore, any reliance you place on such information without our consultation is at your own risk.

ATEB Compliance offers compliance and regulatory advice.

ATEB Suitability provides report writing software for the financial services market.

Our View

As a CF10, is there a way to manage this?

To provide perspective, for most of the firms that we deal with, this is not a pressing issue, primarily because compliance is integral to the firm’s ethos and culture. It also tends to be less of an issue with smaller firms.

However, the fact remains that it is an issue for many firms. ATEB strongly believe that compliance officers should be given regulatory compliance accountability – but should also be given the ability to exercise their accountability without fear of ramification. This can be achieved by removing the conflict of interest that we believe exists, and by clearly elaborating CF10 obligations in writing. Radical thinking is needed to ensure that true independent challenge is exerted on firms, independent challenge which we believe will lead to better customer outcomes.

This ‘independent challenge’ could come from numerous sources, such as:

  1. The FCA. Perhaps CF10s can only be disciplined and ultimately removed with the approval of the FCA;
  2. Non-Executive directors with clear, written terms of reference;
  3. External compliance consultants.

Fundamental changes such as these would make it difficult to sweep things under the carpet and would have an unsurpassed positive impact on the industry. Only when the fear of reprisal is removed, will we be able to have a senior managers regime which will allow compliance officers to carry out their role freely and independently leading to better customer outcomes.

Action Required By You

  • Ascertain if this important problem exists in your firm. This is easier said than done. It will require objectivity, an open and honest culture and it would be helpful to consider independent, third-party input.
  • Ensure that CF10s have detailed job specifications that clearly outline their obligation to challenge senior management without fear of reprisal, and to whistle blow where deemed necessary – this in itself will lead to better practices.
  • Consider appointing non-executive directors with clear terms of reference.

About the Author

Technical Manager - Often referred to as the Oracle or the Sage, Alistair has a wealth of financial services experience. He is our go-to Technical Manager and enjoys nothing more than a complicated conundrum. Feel free to test his renowned knowledge by getting in touch.

Contact Us

Explore more articles in this category

Other articles that you might be interested in