Compliance Easy Rider? - Why being an Appointed Representative should not mean easy compliance

September 2016

Here's the latest blog from Sandra Quinn - my fellow Director at The Compliance Foundation.  Well worth the read if you are a FinTech Startup.

At TCF we are asked regularly by would-be financial services firms and tech start-ups, who are keen to get set up and operating at speed, about becoming an Appointed Representative as an alternative to Full Authorisation by the Financial Conduct Authority.  We always say that it can be an attractive option, that can help you get up and running quickly, but that it does come with its own responsibilities and risks, that are not always obvious to the would be Appointed Representative and that the arrangement is not failsafe and can still lead firms into hot water with the FCA. 

The FCA themselves also appear to be refocusing regulatory attention on the operation of Appointed Representatives having just published a report on Principals and their Appointed Representatives in the General Insurance sector,

https://www.fca.org.uk/news/tr16-06-principals-appointed-representatives-general-insurance-sector. This report has lessons for anyone setting up a financial services business and thinking of doing so using an Appointed Representative status.   Below is our TCF “in a nutshell” view on the option.

Providing financial services in the UK requires authorisation by the relevant regulator – often the FCA.  An alternative to Full Authorisation, for certain types of service, can be, usually for a fee, to seek to become an “Appointed Representative” of an already ‘Fully’ authorised financial services firm known as the “Principal”.  To do this the Principal will need to have the regulatory permissions required to sell and operate the Appointed Representative’s proposed service or product.  Under the arrangement the Principal will take responsibility for ensuring that the compliance arrangements and performance of the Appointed Representative are at the standard specified by the FCA and to do this they are required to make regular compliance checks to satisfy themselves about the Appointed Representative’s conduct and performance.

Some firms sensibly enter into an Appointed Representative/Principal relationship because of the nature of the business they plan to carry out, e.g. to be able to sell and distribute a product provided by the Principal.  Where this symbiosis exists it can be a sensible plan and the level of compliance support and engagement can often be at a suitable level as it is clearly in the interests of the Principal to maintain a high level or risk their own business and/or reputation.

However, some Principals, have built their business models around the successful taking on and managing of multiple Appointed Representatives from whom they generate fees.  Other Principals have business models that provide an initial bed and breakfast arrangement, to enable firms to get off the ground, on the proviso that they pay fees and/or purchase business consultancy services to help them get fully authorised.   Our experience suggests that when firms look to become Appointed Representatives in these situations they need to proceed carefully as all that glisters is often not gold and can be toxic.   The lure of the promise of easy compliance and a platform to operate are a heady mixture.

Some firms tell us about Principals who have assured them that “compliance will be easy” and have left them to “get on with it”, developing a reactive rather than properly proactive relationship with them.  This has left them very vulnerable to FCA investigation as per below.

While the FCA’s report applies to general insurers, it draws conclusions which anyone considering seeking Appointed Representative status should consider as it highlights failings in a number of areas in the firms they reviewed which are potential risks in any Principal/Appointed Representative relationship and which show the potential consequences, including:

• Lack of control and oversight from the Principal with some of the Principals reviewed not appearing to have understood the full extent of their obligations for ensuring their Appointed Representatives complied with regulatory requirements.
• Over half of the 15 Principal firms in the FCA’s sample could not consistently demonstrate that they had effective risk management and control frameworks to identify and manage the risks arising from the activities of their Appointed Representatives.
• Failure to understand the nature, scale and complexity of the risks arising from their Appointed Representatives’ activities and in particular the risk to customers with almost half of the Principal firms unable to demonstrate that they had understood.
• Examples of potential miss selling and customer detriment as a result of Appointed Representatives’ actions at a third of the Principal firms included in the review, with most of these issues not previously identified by the Principals.  These cases included customers buying products they may not need, products they may not be eligible to claim under or customers not being provided with enough information to make an informed decision.  In one case the FCA was satisfied that at the Appointed Representatives of one Principal firm there was significant evidence of miss selling leading to actual customer detriment.

As a result of these findings the FCA is taking action including:

• Calling in Skilled Persons (essentially commissioning professional services firms) to review two firms – very expensive.
• Requiring two firms to stop selling services and or products – terminal.
• In effect prohibiting five firms from taking on new Appointed Representative.
• Considering the need for customer redress and compensation and whether further regulatory action in relation to the issues identified is required – also very expensive.

Our advice is always, that for anyone considering becoming an Appointed Representative, that firstly they ensure, that they themselves, have enough regulatory understanding and compliance capability to keep their business secure and compliant.  In addition, getting effective and compliant processes and policies in to a business at an early stage can save huge amounts of money, time and energy at a later date as they won’t need to be reengineered.

Secondly ensure that they contract with a Principal that’s capable of providing the right compliance support, because, while the Principal might take an umbrella regulatory responsibility for a business, it’s still the businesses own customers, reputation and future that need to be protected.   The compliance regime offered by a Principal should be disciplined and demanding – its in an Appointed Representative’s best interests.

Thirdly ensure that the Principal’s business ambitions and reputation align with that of the Appointed representative.   What affects you can affect a Principal and what affects a Principal can affect you.  This is particularly important for anyone considering being an Appointed Representative before seeking full authorisation.  Reputations matter with the FCA.

In practice we often find ourselves helping clients to redesign and ‘upgrade’ their business and compliance arrangements to be able to apply for full authorisation.  Some of this is inevitable because an Appointed Representative can no longer rely on a Principal to provide compliance services and the general responsibilities are more extensive. But, while upgrading arrangements is entirely doable, we recognise that the more a firm can use their existing arrangements as a foundation, the more effective and the cheaper it can be.

In summary we believe that the old addage about there being “no such thing as a free lunch” applies to Principals and Appointed Representatives.  Good compliance standards and a demanding Principal who understands their responsibilities and applies them to a conscientious Appointed Representative is good for both the businesses and the regulators.

Reputations, customers and your business are all your own.

Managing FinTech Compliance – What we can learn from George Clooney and A Perfect Storm

Sadly for most this blog is not a shock revelation about George Clooney – the lead in the blockbuster movie The Perfect Storm (released in the year 2000) - giving up his acting career to take up a role as a Compliance Manager – rather it is a look at the challenges faced by the growing number of FinTechs in the UK who are desperately struggling to recruit and retain effective compliance managers in order to meet the regulatory requirements of the FCA.

The Perfect Storm for George was the arrival of three massive storm systems arriving at the same spot simultaneously creating massive winds and waves that, when combined with some over optimistic decision making, led to a tragedy at sea.

The perfect storm for FinTechs as they seek to recruit and retain effective compliance managers is the result of three equally massive challenges that can cause real threats to a FinTech’s sustainability. Let us explain the three challenges:

Firstly FinTechs are looking for compliance managers who have broad compliance experience and can advise on the compliance requirements of all areas of the FinTech business (sales & marketing, risk, operations, IT, etc). This breadth of experience is usually only found in very senior compliance managers who have developed their experience over 15+ years. As a result they are not cheap and are also difficult to find. Many FinTechs find the people they want to pay a £30-£40K salary, are in the market for more like £120K+.

Secondly FinTechs are looking for employees who really “get” their business and are able to fit in with the “go getting”, entrepreneurial cultures they prize – including recreation, table football and a fluid, creative working atmosphere focusing on growth and opportunity.  But while there are many dynamic compliance managers out there, there simply aren’t enough of them able or willing to make the transition into a FinTech culture which compliance as a discipline does not functionally groom people for.

Thirdly, where FinTechs find people who they see as good compliance candidates because of, for example, their Tech knowledge and their cultural fit, they face a challenge in growing their compliance knowledge and capabilities beyond sending people out to courses which are not designed for their needs in fast moving businesses.

This can leave FinTechs to either pursue a “long shot” policy of trying to track down a suitable candidate in a very limited pool or hiring someone with limited or no experience in the hope they can learn the role on the hoof without any extra development or support. Either path can lead to gaps in the FinTech’s ability to meet regulatory requirements and we observe often leads to expensive churning of people as firms repeatedly find they don’t have the people they need and go looking for replacements.

Enough of the doom and gloom. For those that are interested, we at TCF believe we have developed a set of alternative options that will enable ambitious FinTechs to plug their compliance manager gaps. Using our experienced network and leveraging our wide experience, we have developed a range of options for our clients. These include providing a comprehensive development programme for compliance managers in FinTechs to boost experience and performance, either as a standalone or in combination with a tailored managed support service backed up by the choice of experienced full or part-time interim compliance managers.

If you would like details of any of these options then please do get in touch.

www.thecompliancefoundation.com

info@thecompliancefoundation.com

Innovation and the art of Product Lifecycle Management

Dear Readers,

Earlier this year I was asked to write an article for Oracle on Innovation in relation to Product Lifecycle Management.  That article has now been published and so I thought I'd take the opportunity to share the original with you.  Of course this doesn't have all the nice graphics and pics of the finished article but it does have the unedited content.  I hope you enjoy it.

With the advent of the digital revolution has come a dramatic change in the way many businesses seek to source, fund and manage innovation.   Rather than simply relying on their own innovation processes or those of their traditional supply chain partners, many businesses are now aspiring to partner with entrepreneurial digital start ups (either directly or through technology ‘incubators’) in a concerted attempt to access digital expertise.  

Digital expertise is required to create, enhance and develop product sets and challenge business models.  In many cases these new partnerships are being championed by the Chief Marketing Officer who has lost a measure of faith in the ability of their own product development teams to create customer centric, digitally accessible products at speed. If proof were needed of this major shift one only needs to look at the exponential rise in the number of technology incubators offering to act as brokers between big business and entrepreneurial technology start ups. 

This is a big challenge for PLM and its associated tools, which, if we are being honest, have not always done the best job of supporting businesses in the effective management of the innovation processes at the very front end of the product development lifecycle. Too often the inception of product ideas is not linked to the product lifecycle. Instead inception is within the domain of an isolated team using stand-alone, hard-to-use and opaque systems. As a result the Chief Marketing Officer (CMO) often feels entirely justified in looking outside their own organization to plug into new sources of innovation.  What the CMOs need are tools that can provide them with a sufficient level of clarity on the quality and costs associated with the innovation process and more importantly on the visibility of the product innovation pipeline - including inception.

Therefore, PLM methods and tools currently face a double challenge, firstly to simply get better at managing the existing innovation process and the existing sources of innovation and secondly to adapt themselves to managing and extracting data from the newly emerging innovation ecosystems.

If PLM methods and tools cannot adapt to these changes then we are in danger of seeing a growing disconnect between the existing, data rich, PLM tools and the new product pipeline.   This will only add fuel to the fire of the power struggle between the Chief Marketing Officers driving the demand for new innovative digitally accessible products, the Chief Information Officers providing the infrastructure to support the product lifecycles and the Heads of Manufacturing and Supply Chain who are tasked with delivering the products at an optimum cost point and the CFO who is responsible for providing the investment funds.  Multiple and conflicting sources of data will continue to be developed with each senior executive not trusting the data provided by the others.

To bridge this growing schism requires work, but it is far from an impossible task. In fact the solutions seem to sit within the history of PLM itself and its approach to the supply chain.   We know the ability to deliver effective product lifecycle management blossomed when the full product supply chain and the external suppliers’ systems were bought within the scope of PLM thinking and methods; when their data was captured, their processes were improved and the interfaces between the suppliers’ business and the product development businesses were enhanced. What is now clear is that we need to treat the innovation eco-system, at the very front end of the PLM process, with the same type of diligent approach if we are to continue to see a steady increase in the benefits that accrue from effective PLM.

At the heart of the new thinking and tooling required is the recognition of a number of truths:

• That the sources of Innovation (in house R&D, supplier’s R&D, and digital incubators) can be effectively monitored, tracked and managed.
• That the process of Innovation can be effectively monitored, tracked and managed, it really is not a mystical process reliant upon some maverick genius. Innovation is a key business process and should be treated as such.
• That effectively managing the Innovation process is a key driver of competitive advantage.
• That managing the Innovation process requires effective collaboration between marketing, IT, manufacturing, supply chain management and finance.
• That there is a pressing need to access and utilize effective PLM tools that supply useful data and management information on the costs and quality of the innovation pipeline.

 Once we have taken onboard these truths we should be looking to create intelligent PLM tooling that delivers the following:

• Visibility of the innovation pipeline from all the sources of Innovation, including the emerging innovation ecosystems.
• An understanding of the real “cost of deployment” for products developed on standalone external systems, especially where the product is utilizing new technology or technology platforms.
• A rich source of data and the associated analytical tools that can spot and analyse trends in the innovation pipeline in e.g.:

1. Innovative Business model and operating model trends
2. Innovative Material and technology performance trends
3. Innovative Product distribution trends
4. Innovative Ecosystem trends
5. Innovative Service management trends

 Tools that are capable of delivering these outputs will ensure that a business investing in a PLM tool is investing in a tool that is capable of supplying the crucial strategic data required for managing the investment portfolio.

 If the PLM industry does not respond to the challenges provided by the developments in Innovation then PLM tools will still provide a valuable source of intelligence on the manufacturing process but will not continue their impressive progress towards holding centre stage in the Boardroom as a rich source of data, trusted by all members of the senior executive team, upon which key strategic business decisions can be based.

Compliance Breaches will continue until the UK’s Financial Institutions finally put delivering positive customer outcomes as their primary objective

Last month’s FOREX ruling in the UK and US against a cadre of the best known names in banking saw the issuance of some of the largest fines to date yet for regulatory breaches in the Financial Services sector.  

Whilst the wanton act of corruption is, in itself, deeply disturbing, what makes it particularly shocking is that it was happening at a time when many of the senior executives in the banking sector were opining that the industry, whilst not yet being perfect, had significantly cleaned up its act and was now once again trustworthy.   It hadn’t and it wasn’t. 

So were the apologist executives actively lying about the state of their industry or were they just as in the dark as the rest of us as to the shady goings on within their institutions.   Outside of a court of law I guess we will never know the answer, however, I would not be surprised to find that a number of them were even more surprised and disappointed by the actions of the FOREX traders than the general public.   Why?   Because I think a number of them genuinely believed they had done all that was necessary to protect their Bank from serious compliance breaches.   However, based on the evidence and supporting anecdotes all they had done was to ensure that the compliance boxes were ticked.  What they had struggled to deal with, in any meaningful way, was the same pernicious culture of “bankers self interests” that had underpinned the 2008 crash.

Strangely, contrary to public opinion most Banks believe themselves to be over run by compliance and risk staff – the people whose job it is to spot and stop errant behaviours.  Bankers are forever being asked to complete mandatory compliance training, complete risk assessments and participate in internal audit activities. So how on earth, at some of the most “protected” banks, (i.e. those with the largest risk and compliance departments) can such a massive set of non-compliant behaviours not get picked up and stopped at a much earlier stage?   How is it possible, given the compliant exhortations and sentiments of the Chief Executives, that FOREX traders still think it is OK to form a cartel and fix the exchange rates to the detriment of their customers?   

The answer is relatively simple to articulate and elusively challenging to enact.   Culture change.

The FCA are now very fond of reminding their regulated firms and those applying for regulation, that complying with regulation, both the spirit and the letter of it, maintaining a “culture of compliance” and delivering fair customer outcomes (and nothing less) is what they are expecting.

However, from my most recent experiences of working within major financial institutions it still appears to me as though the Banks are missing the point on what the FCA is actually looking for.

As part of a recent assignment I had to complete a series of mandatory training modules on compliance and risk in order to be able to work within a particular bank.  I believe that the total time required for me to complete the training was approximately 6 hours.  The modules covered the banks approach to risk, compliance, fraud, bribery anti-money laundering etc, etc and were very comprehensive.  Surely the bank could do no more in preparing me to work in a compliant way?  Well yes and no. 

What struck me as odd as I worked my way through the well prepared materials was the focus of the training.   Almost all the modules concentrated on informing me of the actions that I needed to take to protect the bank from financial and reputational risk – not a bad thing in itself – but what almost all the training modules failed to do was emphasise the need to do the right thing for the customer and to drive positive customer outcomes.   In essence, there was still a faint whiff of the old masters of the universe thinking in the materials. Banking is for bankers.

In my opinion, if the banking industry is truly going to adopt a culture of compliance then they will have to navigate away from the bank and bankers being the primus inter pares to the customer and the customer’s outcomes taking that position.  Until that place is reached there will continue to be a regular (all be it somewhat reduced) flow of breaches and scandals that will have the Chief Executives of banks wringing their hands and scratching their heads.

So how do they get there?  Unsurprisingly there are a myriad of actions required over an extended period of time.  However, here are a few that appear obvious to me.

1.   Ensure the voice of the customer is prominent in all compliance training

2.     Review technology, products, processes and policies from an end to end viewpoint to ensure that they are actually delivering positive customer outcomes

3.     Invest in a targeted culture change programme to increase the focus on the customer

4.     Spend more time listening to the voice of the customer at senior manager level

      There are a course a million others but that’s for another blog.  Do get in touch if there’s anything you’d like to agree or disagree with in the blog or whether you recognise the issues in your Bank and would value some advice and support.

The Key to Corporate Success - The Leadership Spine

In the UK we have just seen the closure of the mid season, soccer transfer “window”.  Traditionally this window, and especially the last day of it, provides a perfect opportunity for club owners and managers to participate in a spot of over-priced, panic buying in order to bolster their squads for the rest of the season, as they bid to either avoid relegation or enhance their promotion or league/trophy winning potential.

This season’s merry-go-round has been much calmer than normal but that hasn’t stopped the usual flood of media rumour and counter rumour as agents and clubs look to bolster their positions in the market.   Interestingly there is always constant argument between the pundits and commentators as to the merits and demerits of each individual player and their “fit” with the new club’s pattern of play and the likelihood of the player single-handedly delivering success.  However, one thing that is almost universally acknowledged by the pundits, is that the successful clubs are those that have quality leaders and that those clubs that are very successful have a “spine of leadership” (both on and off the field). 

Now when it comes to defining the specifics of what is meant by “leadership” or even a “spine of leadership” in the context of a football club, it is again a matter of great debate.  However, what is clear is that it is generally agreed that having a spine of leadership is about the creation of positive relationships between individual leaders that runs from the Boardroom onto the pitch.   It is therefore not just the quality of the individual leaders but also the quality of the relationships between the leaders that is the determinant of overall success.   A club will not be very successful if it merely has good individual leaders who are locked in constant ego battles and arguments with each other – it needs to generate positive, value adding relationships between the leaders.

Now, this concept of a leadership spine provides a rich theme for discussion and analysis when applied in a business context.   It really does suggest that the key to running an effective business is to ensure that you have “good” leaders deployed from the Boardroom, through the C-suite and out into the functions charged with the day-to-day delivery of the business.

Imagine an enterprise where, not only are individuals recruited at all levels based on a combination of their individual technical capabilities, their leadership capabilities and their ability to work as leaders up and down the organization, but also an enterprise where the development of positive bonds and interactions between the leaders at all levels is developed and managed.   These would be the enterprises that are truly investing in developing a leadership spine and sustainable success.

However, what I can quite happily say, without fear of too much contradiction, is the holistic view required to recruit and develop the leadership spine is as haphazard within the corporate enterprise as it appears to be within so many of the UK’s leading football clubs.  Why?  Well I guess it all gets a bit hard, particularly given the demands on both the senior executives/Chairmen to demonstrate success almost instantaneously.  Unsurprisingly it therefore becomes much more prudent to attempt to sign a single new messianic leader, who can deliver results from day one, rather than look to build a balanced, leadership team and ethic throughout the business.   With this approach the good news is that when it fails there is already a built in scapegoat to take the blame.