Скачать книгу

tenet to be challenged is that compliance is not synonymous with or part of risk; it is much bigger than that. There may be compliance or regulatory risks within a risk framework but it does not follow from that that compliance is in some way subservient to risk or should be part of the risk department. Compliance, as we shall see in Parts II and III, has a much more strategic and wide-ranging scope and should report to the board independently and directly. Having a compliance person or specific non-executive director (NED) on the board is a clear sign that compliance has stepped up and not been left behind.

      New Compliance

      More than can perhaps be imagined depends on a new compliance emerging. This requires regulators and compliance to engage in a shared journey in which both are investing heavily in research, education, and discussion while establishing new joint approaches and infrastructures. We examine these new structures and elements and how they work together for a new compliance in Part II.

      Shared Journey

      It is important that the journey to new compliance is a shared one with compliance and regulation following the same map – the map is suggested in Chapter 2.

      Ideally, regulation and compliance should be able to move forward in partnership at the same rate, but too often one side is playing catchup. If regulation is ahead of compliance, firms may be subject to increased regulatory risk, and if compliance gets ahead of regulation, then the risk is of unexpected interpretations increasing regulatory firm risk and regulators suffering reputational damage and loss of support by appearing flatfooted.

      Regulation's role is to reflect and mediate the expectations and requirements of the wider public and economy. Regulatory objectives are rarely unreasonable, but regulators often lack the practical business experience to know how to implement them effectively and in a balanced way. Conversely, compliance should have the hands-on experience but may be more distant from the policy agenda or democratic public needs. Obviously, a dynamic process of learning from each other is ideal, but this needs a facilitative infrastructure, a basis of trust, and extensive practice. The crucibles for building mutual understanding may be shared training vehicles, informal discussion groups, frequent communication documents, and staff exchange programmes.

      The most important shared understanding is that regulation and compliance are not ends in themselves. This self-delusion is dangerous and both compliance practitioners and regulators need to remind each other of their wider role and the implications of their actions. Both needs to have a shared answer to the question: Why do we do what we do? We consider that in Part III.

Chapter 2

      General Model of Regulatory and Compliance Development

      It is not the strongest or the most intelligent who will survive but those who can best manage change.

– Charles Darwin

      Introduction to Development Models

      Charles Darwin set out a general model to describe the evolution of species and the principles of competition and natural selection. Adam Smith, similarly, provided a general model of economic development and described the operation of comparative advantage.

      So development models usually have two basic components:

      1. An overall direction and stages of development

      2. Processes underlying change.

      Regulation and compliance needs an overall picture of its development, including the major stages in that journey and an explanation of the processes by which change occurs. A general model is proposed here to help explain the pathway of change and to uncover the processes driving development. This in turn gives a clearer view of the future.

      The usual caveats about models apply: there are variations in the fine detail, different cultures and jurisdictions develop at different rates, and progress is rarely linear. But models provide an easily comprehended picture that we can then re-complicate, adding all the appropriate variables to apply it to our own situation and circumstances.

      Crucially, a model gives us vision, a way of summarising the past and helping us deal with future uncertainties. This is what compliance needs so badly: a narrative about where it has come from, and a map for its future progress and development.

      General Model of Regulatory and Compliance Development

The model in Figure 2.1 describes a process of maturity. This is the development of regulation and compliance from start-up, through early and “teenage” years, to a more grownup state. This provides a model for understanding and evaluating each stage of a regulatory–compliance system. It also supplies a roadmap for future growth and improvement and may be considered at the levels of a:

      ● Jurisdiction

      ● Sector or subsector

      ● Firm

Figure 2.1 General Model of Regulatory and Compliance Development

      It is not necessarily the case that all firms operating from or within a jurisdiction will be at the same level of maturity as the jurisdiction as a whole. There will be a range of maturities of individual firms or even subsectors, and this causes interesting problems both for the laggards and for the regulators concerned.

      The model identifies five stages. These are clearly not mutually exclusive but blend one into another, each building on the others:

      1. Start-up: Establishing credibility by using direct, often simple and easy-to-implement measures to combat an obvious and commonly agreed problem. Enforcement at this stage is often punitive, and rule breaches are described in technical terms. Regulation may operate in an apparently business-friendly way, and may be through self-regulatory organisations that are close to the issues and allow governance by peers. This stage may offer perfectly adequate protection for some societies and be a rational place to remain for some time, but regulators credibility and effectiveness may be undermined when crises emerge.

      2. Crises: This stage is characterised by reactive and often disorganised or disproportional responses to emergent problems (e.g., 2008 GFC), or the unexpected consequences of earlier interventions (e.g., UK 1980s and 1990s pensions mis-selling). Changes are often driven by public opinion and political necessity that may see extra regulation as the only credible quick fix. This may be the trigger for a secondary wave of reform involving the rationalisation of regulatory and compliance structures. Societies may revert to these crisis conditions at any time in the development path and can cause progress to temporarily retreat down the curve.

      3. Expansion: Here, regulation becomes more proactive and confident, often associated with clearer objectives (e.g., UK Financial Services and Markets Act 2000), and extensions of scope into more fringe areas (e.g., insurance and mortgages), usually based on the pressing consumer protection expectations of a newly wealthy middle-class. Regulation almost inevitably becomes more expensive, bureaucratic, and unresponsive under the pressure of size, and therefore potentially higher risk. This is compounded by resistance and lack of consensus within the industry, which now seems more distant.

      4. Sustainability: Recognition that expansion cannot continue exponentially. Regulatory and compliance toolboxes become more fit-for-purpose and sophisticated. Methods of rationalisation and performance improvement now include:

      ● Risk-focused compliance

      ● Cost-benefit analysis

      ● Principles-based regulation

      ● Emphasis on prevention – focusing on corporate culture (conduct risk), ethics, and governance

      The emphasis here shifts significantly from controlling precisely individual internal process to framing the internal

Скачать книгу