The FCA expects those with Compliance Oversight (CF10) responsibilities to challenge management where compliance with regulatory standards and requirements is at risk. The FCA have stated, “… your job … is to force the board to ask the difficult questions – how do you positively reward those who highlight problems, do you take whistleblowing seriously, do you use the wealth of information from complaints to drive improvements, do you really learn from the mishaps of your peers?”
ATEB believes that failure to do so will be increasingly scrutinised by the FCA and we expect to see more sanction. The impending implementation of the Senior Managers and Certification Regime (SM&CR) will bring this obligation under acute focus.
There have been numerous examples in recent years:
- The FCA have been critical of a compliance officer, stating that “[the Firm’s] lack of adequate compliance controls is attributable, in part, to the compliance officer’s failure to challenge [the chief executive] on his stance in relation to compliance. The compliance officer was free to raise this issue with the Board but failed to do so.”
- In another case, the regulator stated that they expect the firm’s compliance officer, to take “… reasonable steps (and raise the alarm) … the failure to raise the alarm and/or challenge colleagues indicates that the compliance officer failed to understand the importance of his CF10 role and the regulatory obligations it brings. He failed to properly discharge his responsibilities as the Firm’s compliance officer.”
We believe that instances of cases like this will increase under the expansion of the senior managers regime.
The FCA states that “the aim of the SM&CR is to reduce harm to consumers and strengthen market integrity by making individuals more accountable for their conduct and competence”.
This point about “making individuals more accountable” is important. On one hand, it can be argued, as the FCA has done, that by making individuals responsible it will embolden them, and provide more licence to challenge senior managers. On the other hand, and this is where ATEB sees the danger, there is the possibility that the SM&CR will enable heads of compliance to be used as ‘scape goats’.
Let’s take into consideration the key components on the FCA’s findings as outlined above and pose a simple question – what if the compliance officer had raised the issues and other senior managers chose to ignore them? What if the compliance officer didn’t want to push too hard on these matters as they feared losing their job?
Further analysis of some of these final decision notices do indicate that the compliance officer tried – for example one case states “such reticence [to make necessary changes] had followed the compliance officer encountering resistance from the chief executive……. With the compliance officer ultimately, and improperly, deferring to the chief executive’s industry experience regarding what was appropriate”.
If a compliance officer is put in this position what are they to do? Are they to overrule the chief executive? Practically how would that work?
As for the other example we outline, is it possible that a compliance officer who might be in the same position raises the alarm BUT verbally, as there are ramifications internally for putting such things in writing?
Indeed, in one of the final notices, FCA state that the compliance officer “could not recall any specific examples of where they challenged any of the Board directors during the Relevant Period…” could it be the case that compliance officers are challenging directors, not in writing, because there could be ramifications? Is it a case of damned if you do and damned if you don’t? If so, is this affecting peoples’ thinking in terms of compliance as a career. ATEB are aware of many (but of course, not all) heads of compliance who have left their role, or who are very uncomfortable in their role, because they were / are being stopped from doing their job.