My 13 year old daughter recently celebrated earning her ‘Skydiver’ badge and is also a newly appointed member of the ‘Hawaii Club.’ These ‘awards’ have been presented to her, along with weekly progress reports by the automated reporting of her new wrist worn fitness tracker. Out of interest, the Skydiver badge is handed out for climbing over 1000 floors of steps (claimed to be a similar height to that of a Skydiver) and the Hawaii club is awarded when you have walked more than 563 kilometres, apparently the length of the Hawaiian archipelago. In truth, these measures and metrics and ‘successes’ are so much nonsense but, what is interesting is that they work! Both my wife and my daughter have started wearing these fitness trackers and the constant monitoring and reporting of statistics and measures and these ‘nonsense’ rewards generates almost constant discussion in our house.
I fully expected that these wristbands would be a 5 minute wonder and very soon would be consigned to a drawer and forgotten but not at all. As time goes by, and the metrics and progress reports stack up, they are more and more engaged and committed, mini competitions spring up and friends are being roped in. Both are in real danger of getting fitter and healthier! I am very aware that there is nothing new here. These devices and the linked ‘Apps’, automated emails, random positive reinforcement, continuous improvement monitoring, regular progress reporting etc. are tried and tested techniques with well-established track records. But sometimes we forget about the obvious, we fail to think about methods that have worked in the past and become stuck in the new issues and the nature of the new problems.
In my previous article, I talked at length about Andrew Bailey’s speech, ‘Culture in financial institutions: its everywhere and nowhere’, where he spoke at length about what is Culture and what are the drivers that influence it. Since then, on the 18th April, FCA have published their 2017/18 Business Plan. In which they set out their priorities for this year. The plan identifies six major ‘cross sector’ risks:
- Firms’ culture and governance
- Financial crime and anti-money laundering
- Promoting competition and innovation
- Technological change and resilience
- Treatment of existing customers
- Consumer vulnerability and access to financial services
It also outlines specific target outcomes and identified issues in each of the seven individual sectors the FCA categorise, including specific links to ‘Culture’ in each of them, see below. It is clear that ‘Culture’ is very much at the heart of the FCA agenda for this year. I don’t think it is a coincidence that ‘Firms’ Culture and Governance’ is listed first in the ‘Priorities for the Year Ahead’ section or that it is also referenced in John Griffith Jones’ Chairman’s Foreword:
‘There is a clear link between poor culture and poor conduct, and industry must continue its work to achieve and embed its own cultural change.’It is also obvious that each of the cross sector risks have implications for ‘Culture’. What does your Firm’s ‘AML policy’ or your ‘Vulnerable Customer Strategy’ say about the culture of your business and how do they influence how your people behave? The following are a few key extracts from the detailed section of the Business Plan that explains the Culture and Governance risk as FCA express it:
- ‘Firms should own and manage their cultures at all levels and are responsible for identifying and managing the risks created by the drivers within their firms.’
- ‘…the way firms design their governance arrangements provides an infrastructure for how they are run, our focus is on the effectiveness of those structures.’
- ‘We expect them (Boards) to take responsibility for their firm’s culture and its key drivers, ensure culture remains high on the agenda and that an appropriate culture is embedded throughout the firm at all levels.’
- ‘…we are interested in the direction of travel of firms’ cultures and whether indicators suggest that progress is being made…’
- ‘In 2017/18, we will continue to embed the SM&CR in our supervisory approach and processes, and focus on how the SM&CR is integrated into the running of deposit takers and PRA-designated firms.’
The Business Plan also contains an interesting section on FCA Supervisory activities. They set out the principles of their supervisory engagement with Firms, which includes a focus of attention on ‘…the most significant drivers of behaviours, including senior management accountability and remuneration, and on firms improving their standards of conduct at all levels.’
They also comment that ‘…SM&CR supports firms’ development of a culture of responsibility to identify the harm developing from their behaviour and take steps to address the risk. We consider firms’ systems and controls, governance arrangements and risk management capabilities and how these link to the firm’s conduct.’
One interesting observation is that despite the ongoing burden of regulation and particularly the rate and pace of regulatory change we are entering a new era of ‘transparency’ between Firms and the Regulators.
This year, the FCA Business Plan, incorporating their Risk Outlook, is about twice as long and much more detailed than ever before. They have recently released their new Mission Statement and for the first time, also published their ‘Sector Views’ which provide a detailed insight into FCA’s thinking and approach for each of:
- Wholesale financial markets
- Investment management
- Pensions and retirement income
- Retail banking
- Retail lending
- General insurance and protection
- Retail investments
Together, these documents provide a more complete picture of the way FCA identify and assess risks in the sectors they regulate, and how and why they choose their Business Plan priorities, including the actions they intend to take in the coming year.
They have never had such a wealth of information about each regulated firm before and it will probably take a little while for the implications and consequences of all this to filter through to Supervision relationships and Thematic activities.
There is a strong argument that never before have regulated firms had the benefit of such a complete picture of the direction of travel and clear intent of the Regulators, with a good understanding of what is expected of them and how they should behave.
At the same time, FCA are in receipt of Management Responsibility Maps, containing clear and explicit detail of how a firm’s Governance arrangements and Accountability works and fits together, covering all of the firm’s activities and operations. They also receive Statements of Responsibility for each Senior Manager clearly defining everything they are personally responsible for.
They have never had such a wealth of information about each regulated firm before and it will probably take a little while for the implications and consequences of all this to filter through to Supervision relationships and Thematic activities.
Clearly much of the above, which refers to SM&CR, currently only applies to Banks and Deposit Takers and to a significant extent Insurers under SIMR. However, the direction of travel is clear and it is coming soon to a firm near you!
Obviously the delays to the anticipated Consultation Paper have frustrated many of us, and slowed or stopped many firms who have been doing the right thing and setting Accountability programmes in place.
We must be very cautious of allowing these delays to interfere with progress and planning though!
If you have recently reviewed the publications from PRA relating to SM&CR and SIMR, probably the biggest surprise is the speed and of the implementation deadlines. On 12th May PRA released PS12/17. This was a response to Consultation issued back in October last year, considering ‘amendments and optimisations’ for SM&CR and SIMR. It contained various changes, some of which came into immediate effect!
Others changes came into effect from 3rd July 2017, and a few more provisions have a date of 12th Sept 2017.
The Policy Statement also referred to a second consultation to consider a new Senior Manager Function and linked Responsibilities. This CP has also recently been published, CP8/17, which has deadlines for responses of 14th August and 22nd September 2017.
This accelerated timeline, is very likely to be consistent for the major consultation relating to Accountability 2 and the application of SM&CR to all of us. FCA have been very clear that they consider Accountability 2 to be a proportionate extension of what is already successfully implemented – not something new.
Despite the delays, they appear very keen to defend and persist the ‘2018’ deadline, suggested by the Treasury and therefore I am sure that elements of the regime will be expected to apply to all firms before the end of next year (less than 18 months away).
Some of the urgency, I suspect is driven by the priority and focus on Culture and Governance as a cross sector risk. Once Accountability 2 is in play, the clarity and collateral referred to throughout the FCA Business Plan will be available for all firms, all Boards, all governance teams and all regulatory supervisors and policy makers.
we have many, many ‘people related’ metrics that speak volumes of the ‘Culture’ of our business.
With this in mind, where are you in your firm with monitoring and reporting on your Culture? It is clear that many (most? all?) operational reporting and existing MI can be reviewed and considered from a ‘Culture’ perspective but within T&C and Performance Management and HR and Compliance areas of the business we have many, many ‘people related’ metrics that speak volumes of the ‘Culture’ of our business.
It would be a worthwhile activity to review now all of your existing T&C metrics and KPIs to consider how they can be used as evidence of the Culture (and Conduct) of your people. What new metrics should be introduced to support the new obligations of SMR and Certification?
Given that our business is supplying systems and process management to help manage risk, enable compliance and deliver efficiency to firms operating Performance Management, T&C, SMR, Conduct and Certification schemes we have many examples of Key Performance Indicators and relevant MI metrics. If anyone is interested in discussing these examples, please do get in touch.
Hopefully, if you use a system similar to ours, Insight T&C, configuring new KPIs, metrics, workflow and automated emails is a simple and easy exercise.
Perhaps we could all join the ‘Culture Club’ and be awarded our ‘Conduct’ badge? Receive a monthly progress report highlighting our significant achievements and assuring us that we have completed over 100 ‘transactions’ without a single breach?
Now here’s a thought that I can’t resist – What would a Fitness and Propriety ‘Bit’ look like and what might it measure / report on? (Suggestions posted on the TC News Linkedin Group please?)
Now, where did I leave the blessed charger???