This article sets out to define what we mean by “authentic compliance” and why, indeed, it is a “thing” that firms regulated by the Financial Conduct Authority (FCA) should be paying urgent attention to. Why many – perhaps most – firms are currently falling short of the required standards of employee Training & Competence (T&C), and why this is akin to waving a red flag to the increasingly technically sophisticated regulator. And how harnessing Artificial Intelligence could solve the staff dissatisfaction issues associated with the traditional approach, whilst also paying for itself in lost time savings and underpinning good and purposeful culture in your firm.
Regulation isn’t going away
In the last few years, the FCA has introduced a raft of sweeping new legislation. At the heart of which is the desire to ensure all regulated firms, of all sizes, treat customers fairly, identify and treat vulnerable customers appropriately to their vulnerabilities, and ensure products and services are designed with vulnerability in mind.
One of the most significant changes was the introduction of the SM&CR, which forced firms to map responsibilities and thereby make individual Senior Managers personally responsible for the failings of themselves and those they manage. Thus, removing the “comfort blanket” of collective corporate responsibility.
The Conduct Rules apply to Senior Managers and junior staff and remove any ambiguity that might be arising from other legislation. It would, I daresay, be impossible to commit any crime and justify that it wasn’t in breach of one or more of the Conduct Rules.
AI managed more than 100 million individual competency interventions, many in firms just like yours, where initial levels of individual in-role competence and knowledge was just 54%.
And most recently, we have the Duty of Care legislation that, regardless of market readiness, is set to become law on 31/03/22. Personally, I think the Duty of Care legislation is perhaps the most challenging for firms of all sizes to comply with, as it goes well beyond the “system failure” requirements and demands that every firm has a Duty of Care to their customers – howsoever that may be discharged. Building this control into the customer journey isn’t easy for large retail banks for example and places a huge reliance on the first line of defence for every firm.
The individual employee is crucial
There has never been a greater reliance on individual employees to know and understand how (often) complex legislation impacts them in their role and the Duty of Care they have to customers in discharging those duties. They – perhaps your most junior employees – represent the first line of defence for your business and, in most cases, this “defence” is an illusion, not a reality.
How do we know this? Because last year our AI managed more than 100 million individual competency interventions, many in firms just like yours, where initial levels of individual in-role competence and knowledge was just 54%. Meaning, on average, employees knew about half what their employer needed them to know. If this were true in your firm (and the evidence would suggest it is), then what is the impact on your first line of defence, and how comfortable does this make you feel?
One argument, perhaps, is that firms are doing their best, have a business to run, and must be pragmatic and balance “compliance perfection” with common sense. As a businessperson myself, who spent 20-years in regulated markets, I come from this camp.
But, in the time since I have left the FinServ sector the legislation has changed, and where maybe in the past a tick box approach to employee compliance was sufficient, now it is not. In fact, now it is perhaps fuelling a false sense of security, whilst also disengaging your employees and having a counter-productive impact on your company culture.
In our most recent November and December webinars – hosted in conjunction with Worksmart and Bovill – 36% of 168 risk & compliance professionals polled said they have ‘little or no understanding of what drives poor culture in their firm’ and, when conduct risks have been identified, they are not acted upon.
Just 4% said that they have the ability to carry out ongoing monitoring to actively manage conduct risks within their firm.
To further compound matters, in terms of meeting the regulator’s six key expectations to ensure that all customers are treated fairly, 62% of 165 risk & compliance professionals polled stated that ‘monitoring and evaluation’ were the primary challenges facing their respective firm right now, with 33% noting that the ability to ‘take practical action’ was also a major concern.
When asked how confident they felt that their staff were well equipped to deal with vulnerable customers, 79% of the 165 risk & compliance professionals polled said ‘to a degree’. Just 16% said they had full confidence in the ability of their staff, with 5% stating they had no confidence.
The problem
The “problem” stems from the fact that most employers have pursued a relentless drive to make employee compliance T&C as low cost and time efficient as possible. We have all been caught up in a race to the bottom and, during that race, we have lost sight of the objective. The objective is not lowest cost to deliver, it is engaged, competent and capable employees driving a genuine and good culture.
The reality is that compliance training is delivered, often via e-learning, in a one-size-fits-all approach, concluding with a largely pointless “test” which often allows the employee multiple chances to re-take until they achieve the desired pass mark. If this approach worked, then we would not see employees presenting with average competency scores of 54% and having to be chased to complete the refresher training.
It is, of course, cheap to deliver and administer which is good, right?
Cheap is rarely good and this model runs the risk of being a shining example of that truism. One of the unintended consequences of this approach is that employees (politely) dislike it, management resent it, and everybody gets it done and gets on with their work.
Over time, as the curriculum has become wider and more complex, employee engagement in compliance has waned to the point where many firms are facing a compliance rebellion, just as the regulator increases focus on culture and announces their use of AI to monitor and assess the culture of firms for themselves.
One must hold up the mirror and ask the tough question: “Is our current approach to employee T&C authentic or is it, in fact, a box ticking exercise?”
Privately, I suspect that many a compliance professional winces and defers to pragmatism and the fact that “perfect compliance” is unrealistic, yet also recognises that, as time passes, the bar rises, and the void widens.
“Authentic compliance” is a regulatory requirement. Some may choose to ignore the message; some have already acted; and some are perhaps wondering how to achieve authentic compliance.
In a nutshell…
Unless you have already changed…
FACT: Your current approach to employee T&C doesn’t deliver competent and knowledgeable employees.
FACT: It disengages your employees and fuels an unhelpful dislike of compliance in your workforce.
FACT: It costs you a lot of money in lost productive time to deliver annual “refresher training”.
FACT: The regulator is becoming increasingly sophisticated, using AI to draw their own conclusions of your firm’s culture.
Which of course begs the question: “Why would you continue with a T&C model that is so obviously flawed when there is a better and cheaper alternative?”
What’s the answer?
Artificial Intelligence is the answer. Many firms (including the regulator) already deploy AI to address different problems, but few have cottoned on to the fact that AI can be used to solve the employee T&C conundrum. We would know – we guarantee it.
According to Gartner, 9/10 AI deployments fail. We have a 100% success rate; which is how we can financially guarantee it. What’s more, 9/10 employees who use our AI prefer it to the traditional model (likely your current approach).
50% of the Top 10 UK General Insurers trust our technology to keep them honest and their employees authentically compliant. It may be coincidence, but you be the judge.
