I mentioned in my previous post (here) about the contrast
between the inability to learn music from the noise that a grand piano would
make if dropped down a staircase and the ability to learn lessons about risk
management from FCA enforcement actions.
On this occasion, I am reviewing
the FCA enforcement notice against ‘JLT Speciality Limited’ (JTLSL) from
December 2013 (here – all references are to this document).
JTLSL provides insurance broking, risk management and claims
management. The enforcement case
concerns failures of its anti-bribery and corruption arrangements. This is a specialised area of the FCA
Handbook. However, the lessons are quite
wide and applicable to other areas of financial regulation.
The ‘relevant period’ of the breach appears relatively long:
from Feb 2009 to May 2012. The
resulting fine was £1.9m.
Interestingly, while the FCA has been emphasis outcomes as a
driver of regulatory intervention (‘The FCA approach to advancing its
objectives’, July 2013), in this case the FCA seems less keen on it. The FCA acknowledges that there is no
evidence that the company had permitted any illicit payment or inducement to
any overseas introducer.
As it is usually the case, there were policies and other
high-level statements setting out the company’s expectations in terms of how the
risk of bribery and corruption should be managed. At different times, it appears that the shortcomings
were related to the:
(a) lack of
practical requirements to enable the appropriate activities to take place; this
includes the lack of requirement on employees to take steps to establish whether
the introducer was connected to the client (para 4.22); and the lack of ‘any’ guidance
to enable employees to operate the high-level anti-bribery and corruption
procedures in place (paras 4.11 and 4.12);
(b)
failure
to follow the company policy requirements; the FCA refers to the failure to gather the
required information to assess the risk (para 4.36) and to follow up the actions
required in the policy, typically, an enhanced sign-off if certain conditions were
evidenced (paras 4.37 and 4.38).
These are important lessons to anyone working in the implementation of regulatory requirements.
A slightly different, and equally interesting, remark in the
enforcement notice is about the challenges of gap analyses, in particular where
FCA rules and legislation (Bribery Act, 2010) cover the same area. Typically, financial services regulators
impose more onerous and comprehensive requirements than general legislation so
the choice of benchmark is vital. This
means that the extent to which gaps may be identified and the reassurance provided
by a gap analysis would depend heavily on the benchmark selected.
I mentioned earlier that this enforcement case relates to a
period of over 36 months. During this time supervisors visited the company
three times to assess systems and controls in relation to bribery and
corruption. JTLSL also accepted a
voluntary variation of permission such that it ‘was unable to enter into a new
relationship with third parties without prior approval from an independent
skilled person’.
Not surprisingly, the
FCA recognises the costs incurred by JTLSL, in terms of financial costs,
opportunity costs and management time.
I am therefore left with a simple question: why wasn’t this
fixed in a timely manner to avoid enforcement action? I don’t really know. I have read and discussed the importance of
the ‘tone from the top’ on regulatory issues which sets out priorities for employees. I wonder if this could have been a
factor.
No comments:
Post a Comment