Thought leadership and disruptive ideas in financial services compliance, conduct and corporate governance
IC Insights is Innovate Compliance's flagship publication, designed to challenge convention on how to manage tomorrow's non-financial risks
ICI Quick Take
The watchman’s reach: does compliance oversight extend to a firm’s branding?
19 December 2024 | Natalie McManus-Barnett
Brand greenwashing: reputational or compliance risk?
In October 2022, the Advertising Standards Agency banned two HSBC poster advertisements that emphasised the firm’s green credentials, holding them in breach of its rules on misleading advertising (CAP Code 3.3) and environmental claims (CAP Code 3.11). This week, the ASA made a similar ruling against Lloyds PLC for a LinkedIn post. In both cases, the ASA considered that a consumer’s understanding would have been impacted if the adverts had included the firms’ continued financing of emissions businesses and industries.
Should these outcomes fall to the compliance officer to prevent, or influence? Certainly, the role of the compliance officer in ensuring regulatory communications are clear, fair and not misleading is well understood. Whenever marketing material, financial promotions or investment recommendations are shared with clients or the public, a review is needed to ensure they comply with a number of regulatory obligations, from reliability to disclosure, to prevent customer harm and market abuse. Some obligations are technical; others editorial. The compliance officer may be an approver, or an overseer, advising on the design and ongoing scrutiny of control frameworks; either way, their involvement is a key part of managing the firm’s risk of non-compliance.
When it comes to general promotional material put out by the firm, the role of compliance is not so clear cut. The ASA is not treated as a financial services regulator. Puff pieces promoting a firm’s brand or general ethos are usually managed by a firm’s public affairs team, and if they run any risk, it is largely reputational. An ASA ruling does not have the same teeth as a sanction from the FCA. It can ban non-compliant advertisements, and name and shame, but it cannot issue a fine.
Repeated bad behaviour can result in a more powerful regulator’s eye being drawn, either through public attention or referral, but financial regulators have their own rules to enforce. The FCA's anti-greenwashing rule, contained within the Sustainability Disclosure Requirements, is a restatement of the clear, fair and not misleading principle, applied to sustainability-related claims related to a firm’s products, services, business practices and investments. The broader focus of the SDR is on the sustainability labels used and claims made by funds. The SDR rules will be assimilated into pre-existing financial promotion control structures; the ASA’s rule book may be overlooked.
How far is the compliance officer’s reach?
ESG investing muddies compliance waters: the sector is highly politicised, and misrepresentation risks are multi- faceted, of interest to governments, employees, clients, investors and advocacy groups. As regulatory remits coalesce, so too must control structures. Even if a firm keeps its treatment of its communications distinct, a line must be drawn between what constitutes promotion and what constitutes product marketing.
Policing that line requires guardrails, monitoring and routine training (see the May 2024 IC Masterclass report on Perimeter Risk for further analysis). What was traditionally the remit of public affairs and legal has become something the compliance officer must take an interest in.
The more the interests of regulatory bodies cross over, the more philosophical a firm’s approach to compliance needs to be. Attempts to segregate financial and non-financial regulation are getting harder, and are likely to create opacity and control gaps. Instead of wrestling with pre-existing structures, a firm is urged to be pragmatic: to design controls that manage end-to-end compliance risks, with clear handoffs and accountability for compliance shared across functions. The compliance officer is a collaborative hand that drives efficiency, consistency and aligns controls, even if the existential question about the extent of their influence remains under contemplation. Compliance, itself, is a state of mind: one that takes a thematic eye to embed.
ICI Quick Take
Regulator accountability meets the political machine: why calls to abolish the FCA miss the point
28 November 2024 | Natalie McManus-Barnett
‘Incompetent at best, dishonest at worst’: the APPG has published its Report on the Call for Evidence about The Financial Conduct Authority, and the ensuing headlines have been damning.
The report consolidates testimony from 174 respondents, showcasing perceived deficiencies in the FCA’s culture, transparency and accountability. The testimonies, whilst unverified, appear credible, detailed and valid. Amongst the observations, the FCA appears to have a problem with its bedside manner. It has already recognised its whistleblower protocols need work; the lamentable irony of which has not gone unnoticed by social commentators. It reportedly has a problem with consistency, timeliness and overreach.
One cannot help but consider if the strength of the criticism bearing down on the FCA is entirely fair. The report is not an audit, and in general, calls for evidence tend to suffer from selection bias, attracting individuals with axes to grind, legitimate or otherwise. Contented individuals don’t typically expend effort to comment.
The FCA is an agent of the people, and the people have a right to hold it to account. But it is not, and cannot be, perfect. No regulator can.
There is always tension between protection and growth objectives. A regulatory body cannot resolve the unresolvable. There are always compromises. There must be a risk-based approach; there must be a regulatory risk appetite. Without it, the disruption a regulator does to the market outweighs its value. Holding authorities disproportionately culpable for the actions of criminals and bad actors is a societal trend we would do well to temper.
Baby, bathwater
It is good to see a regulator being held to account. It is less good to see the political machine behind it, calling for abolition. Action is needed, but a knee-jerk reaction to throw the baby out with the bathwater looks at best emotional, and at worst, political point scoring.
I was a fresh faced graduate when I first heard calls to split the Financial Services Authority in two. It would take until 2013, five years after the financial crisis, for the cleaving to happen: a decisive and highly visible political act that, if one were cynical, assuaged public dissent without materially changing regulatory practices.
Whilst executives lauded Australia’s twin peaks model of regulation, those I was with at the coalface simply saw it as an increase in bureaucracy, an administrative heavy lift to recategorise the rulebook, something that got in the way of the job. The change was aesthetic; the work remained.
A costly overhaul is unlikely to fundamentally solve today’s problems. Parliamentarians would be better directed to think reflectively on the nature of regulation. The complexity and interconnectivity of the financial world is becoming unmanageable, and the regulator simply cannot keep up with the ever-expanding remit. The approach to regulation generally needs an overhaul, not merely the regulator.
Nonetheless, the FCA must do better. No matter how laudable the organisation, there is always dysfunction between those at the top and those at the coalface. Regulation is human: individual supervisors vary in terms of skill, cynicism, ability and authority, and internal consistency is essential to fulfil the FCA’s mandate. It does not need to come at the price of intuition and discretion, nor psychological safety. Even at regulators, individuals need to be able to make mistakes without them being criminalised in the court of public opinion.
Others will answer whether individuals, rather than the organisation, should be held accountable for the alleged failings. Let us hope that adjudicator will be philosophical about the limitations of regulation to solve problems.
ICI Quick Take
Checklist-driven manipulation: the threat of the LLM-driven results note
21 November 2024 | Natalie McManus-Barnett
A good editor is worth their weight in gold. They smooth the edges of a story, nudging the reader ever closer to a particular view. Choice words such as ‘enhance’ over ‘improve’. Choice placement of ‘optimism’. They gloss. They sidestep. They spin.
And whilst the age of spin has been upon us for some time, it seems the machines want to play too.
Companies are employing AI to refine their results briefings and notes, using large language models to anticipate what the market wants (and, perhaps, what it will react more positively to). They stop short (one hopes) of actual falsehoods, but LLMs can tease positive sentiment out of thin air, if they so choose. So far, so normal.
In the world of results, companies must mind the line extremely carefully: they cannot report falsehood or omission; they must, fundamentally, be truthful with the market, clear and not misleading. Falling short of this will breach disclosure and transparency rules, resulting in a visit from the regulator, as my former colleagues at the FCA put it, ‘without tea and biscuits’.
As readers, many of us have gotten wise to often devious editorial tactics designed to prey on our cognitive biases, but they still sway us. Reinforcement. Anchoring. Framing. Linguistic choices skilfully deployed to use our own minds against us.
But there are shades of grey, and one of the fundamental concerns with AI is how subtle its changes can be, and how pervasive its reach is.
The buy side is at it too: requesting sell side research houses provide their notes in machine readable format, so that it can be aggregated and analysed without human effort.
When AI shapes the language of a press release or results script so that other AI can better interpret it, we enter a world where the end investor sees a different picture depending on their access to LLM technologies. Because AI does not (yet) need to show its workings, this story smoothing could happen anywhere, with limited comprehension of its realities.
The more structured an activity, the greater the suspicion
Back in 2012, Goldman Sachs paid $22mn as a result of its practice of internal huddles: as a matter of procedure, research analysts were encouraged to pass select short term trade ideas to their trading desks. The SEC and FINRA deemed GS to have selectively disseminated investment research as a consequence (a cardinal research sin).
When a structure is put around a particular behaviour, it can begin to look nefarious to a regulator. Gloss and spin may be well known, and the sentiment shared in company results may well be taken with a pinch of salt, especially given the incentives on company executives to be positive. But if AI is being used as a matter of process to frame that positive sentiment, it begins to look like it might be structurally manipulating investor behaviour. Some investors will be wise to this. Others won’t. And if that disparity creates unfairness, there will be a regulatory reckoning.
Elevating compliance data: fighting data fiction and putting purpose at the heart of metric design
1 June 2024 | The ICI Team
Data is a critical part of a firm's compliance and risk management story. Metrics give integrity to a strategy, and underpin a firm's reputation for transparency, oversight and accountability. Data both aids a firm in managing risk and being seen to manage it: regulators demand compliance metrics from boards and senior managers to demonstrate competency and taking reasonable steps, and a good dashboard is always in vogue.
Too often, however, a desire for data overtakes perspective, especially in the face of growing stakeholder or regulatory pressure. Measuring what is easy is not the same as measuring what is right, and data without context is a dangerous thing. Incomplete, lagging or biased compliance metrics do more damage than having no data at all: they undermine strategy and culture, and indicate to a regulator that a firm is at best careless, and at worst wilfully blind.
To avoid this trap, a firm needs to have a robust compliance data management system with a core purpose. Its strategy must navigate particular challenges with data quality, ownership, controls and bias. Its purpose must be anchored in the different needs of its audience, including regulators, the board, clients, suppliers and risk oversight functions.
We explain why purpose must be at the heart of a firm’s compliance data story and consolidate key principles in our signature MasterClass Cheatsheet.
Published in the Journal of Financial Compliance
Everything, everywhere, all at once: the impossible mission of compliance officers
May 2024 | Natalie McManus-Barnett & Olivier Goffard
**This essay appears in Volume 7, Number 4 of the Summer 2024 edition of the Journal of Financial Compliance, published by Henry Stewart Publications. To request access to the full essay, please contact us.**
This paper explores how the increasing interconnectivity of risks and regulatory interests create new compliance challenges. The paper explains how this causes new challenges for effective compliance risk management, particularly with regard to the definition of compliance risk, which keeps on expanding, and to the growing complexity of determining compliance roles and responsibilities across the organisation. It also offers insights on how AI and technology are actively disrupting compliance operations. As a matter of illustration, the paper considers how non-financial risks such as conduct and environmental, social and govern- ance create cross-enterprise complexities that may be shifting the compliance risk management paradigm. Finally, the conclusion gives practical advice on how the modern compliance officer can stay relevant in a changing world.
'Misconduct is misconduct', except when it's not: why the prevailing thinking on conduct in financial services is counterintuitive
1 May 2024 | The ICI Team
Ensuring the fitness and propriety of individuals working in the financial services industry remains a pivotal part of rebuilding trust in financial services. Ethical problems associated with regulatory focus on non-financial misconduct are emerging, including how to preserve individual rights, privacy, and fairness in disciplinary and accountability frameworks.
As regulators evolve their thinking on the behaviour that firms should supervise, the risk of unintended consequences increases, including the loss of psychological safety through hyper-vigilance and hazard avoidance bias.
IC Insights discusses why inferring dishonesty from an individual's personal acts is dangerous and can impede professional accountability. We discuss conceptual, philosophical, environmental and practical problems arising from this shift and offer takeaways on embedding fairness in accountability frameworks.
Understanding perimeter risk arising from external communications
30 April 2024
Communication in the modern era is fast, freeflowing and viral, and the regulations around how financial services firms communicate with their clients and prospective clients, including the public at large, are not as simple as they first appear.
One critical but often poorly understood part of managing external communications is the concept of perimeter risk: or the risk that a firm's unregulated activity strays into the regulated sphere. Perimeter risk requires constant vigilance to manage, especially in communications, where there are potentially severe consequences for inadvertently providing a financial promotion or investment recommendation.
IC MasterClass discusses the nature of this risk and provide resources to aid firms in their understanding and risk management.
© Copyright Innovate Compliance Limited | All rights reserved | Reproduction or commercial use of any of the content on this site or other IC materials is prohibited without the express permission of Innovate Compliance
Innovate Compliance Limited is a UK registered company | number 15523445 | 63-66 Hatton Garden, Fifth Floor, Suite 23, London, England, EC1N 8LE
We need your consent to load the translations
We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.