The hidden costs to firms and individuals for non-compliance.
26th February 2021 by Brielle Hewitt
Investing is the art and the science of balancing risk and reward.
The best investors habitually make judgements based on both the likelihood and magnitude of events. Given the rewards available for those who do well, competition is steep and only the very best can carve out a career in the industry.
It’s natural, then, that many of those who operate in the markets see the traits that made them successful appearing in other parts of their lives. A professional risk-seeker is likely to have a higher tolerance for risk in other areas, and those used to making investment, trading and risk management decisions based on expected value are likely to attempt to judge payoffs in other areas of their business and lives, too.
In light of this, it is almost understandable that some would view their compliance obligations as simply another such calculation: the risk of non-compliance may even be deemed ‘“worth it’” or “a cost of doing business” if the likelihood of being caught is judged as sufficiently small, or the penalty is outweighed by the potential gains to be had. Ships that sail close to the wind move faster, after all, and in the markets, speed can be everything.
However, morality and conduct aside, this approach fails to account for the true cost of regulatory action. Far from simply being a cost of doing business, being subject to an enforcement and a costly remediation programme may even cost offenders their entire business. Simply being an employee at such a firm may even tarnish your career.
More than a fine
The FCA issued more than £192m in fines last year, but this figure does not account for the true cost to the firms involved. Each will have faced months if not years of a disruptive and distracting investigation, followed by appeals, before final notice was given. A fine might be £100,000, but what was the cost of hours of wasted time, not to mention diminished performance due to stress and reputational damage individually and to the firm?
This is just the beginning. While an enforcement action may only target the management of a firm, the impact on staff can be considerable. Professionals in the financial sector tend to be capable, ambitious and driven. How many will risk their future career through association with the toxic brand of their employer?
The same goes for clients and partner firms. As ESG moves increasingly centre stage, firms are under pressure to meet ever-higher standards of conduct and stewardship. In this context, close association with bad actors and third parties is unlikely to be tolerated for long. Likewise, investments from big players – the sort that can be a massive stamp of approval for small firms – often come with comprehensive side letters outlining expected standards. Misbehaviour can quickly turn a make-or-break relationship sour.
Compliance must be comprehensive
It must be made clear that non-compliance in this context does not simply mean an outright refusal to follow the rules. In fact, firms that are risking fines may have a number of time-consuming and expensive compliance procedures in place. If they are deemed to be ineffective and or disproportionate, however, the risks remain.
Firms that are recording communications may still face action if their monitoring and supervision isn’t up to scratch. Likewise, failing to archive properly can also lead to enforcement action. Even if a firm isn’t the target of an investigation, as we have written previously, it can still run the risk of inadvertent tipping off.
Further enforcement is expected
Looking at the numbers, one might assume that the FCA was moving away from fines as an enforcement mechanism, given the falling numbers in recent years. However, with a new chief executive at the helm and manifold new compliance risks created by the pandemic and the shift to remote working, it would be wrong to assume the regulator is taking a back seat.
“I think it felt like the FCA had other priorities in recent years with Brexit, climate change and the pandemic, but I think that’s going to change,”
said James Ritchie, Managing Director at Eiger Regulatory Partners.
“In the last couple of weeks, they have issued some further enforcement proceedings against individuals for insider dealing, which suggests a renewed focus. Regulatory sanction, reputational damage and immediate remediation costs for firms caught out are going to continue to increase.”
Compliance teams are already burdened with complicated manual processes, but the answer to this problem lies in simplicity, not further complexity. Our Fingerprint platform lightens the burden on teams by automatically recording and monitoring communications, flagging up anything that needs investigation. This reduces compliance processes to six automated steps, allowing teams to focus only where the risk is highest.
Even the smallest firms can sign up and implement our systematic, scalable platform and know they and their clients are protected, and will continue to be protected as they grow.
It is worth considering, as James points out that,
“history will repeat itself, there will continue to be misconduct and non-compliance with rules. Given the FCA Senior Managers and Certification Regime aims to reduce harm to consumers and strengthen market integrity by making individuals more accountable for their conduct and competence, I certainly would not want to be in the ‘unhedged risk position’ where I got the call from the FCA enforcement team who had identified potential misconduct which the firm could and should have identified themselves. Having no or inadequate surveillance won’t help your defence, have a robust programme will. Front-loading the cost of this technology will ultimately outweigh reduce the risk of paying any far larger enforcement costs”.
We can take you through how Fingerprint can help your firm move away from manual, ineffective process, and empower your compliance team with automated communications monitoring solutions, and help to find more effective ways of running day to day. Drop us an email: firstname.lastname@example.org
Thanks to the team at Eiger RP for their input this week. Eiger RG provide experienced compliance and surveillance resources on a consulting, contract and FTE basis to support your programme in collaboration with Eiger Regulatory Partners, you can drop them an email at email@example.com.