There’s gold in these words from regulators — compliance must adapt to shifting risk


 

Things are finally settling down, and everyone seems to have got into the rhythm of working from home, as well as having more visibility on what happens next as lockdowns are eased and many companies contemplate a return to the office. 

With 11 weeks of remote work under our belt, initial panic subsiding, and generally successful adaptations to a distributed life in financial markets, the first official views of what was, and is, important are emerging.

Reuters ran an interesting piece last week, that was then picked up by The New York Times, where Behavox revealed that escalations have risen by 18 percent since March across a broad range of behaviors: potentially unlawful or unauthorised disclosure, profanity, moving dialogue offline, sending materials to personal emails, and advising friends and family on financial matters. 

That percentage rise on its own is not surprising – the market conditions have been extraordinary, and the fact that the data being monitored has also increased significantly, because so much more dialogue and interaction is now online, means that there will, of course, be more hits. Of more interest is the percentage mix of new behaviors that are being identified in the data – and that is a noteworthy change.

Especially so because regulators, like the UK FCA, have been pronouncing on where firms need to be looking, which is gold dust for any compliance people worrying about how they and their firms are going to be assessed during this unusual period. Perhaps more important is how compliance folks act now that the regulatory expectation is laid out for them. FCA’s Market Watch 63, which is always a must-read for us monitoring geeks, is pretty specific.

I particularly liked this quote on MNPI: ‘In the context of the pandemic, the nature of the information that is material to a business’s prospects may have altered, and what now constitutes inside information should be carefully assessed.’ Added to the concern that we all have about the reduced control over so much sensitive information, which is usually held to some effect within the confines of an office, is the realization that the current market conditions are breeding an exponential increase in sensitive information related to issuer plans for raising capital, as well as their current performance, and even their plans for normal business resumption. The FCA circular is packed with good advice that, as always, is kind of a supervisory roadmap that firms should expect from their regulators in the next set of visits and examinations; albeit these might be remote and data-driven in many cases.

Here are the golden takeaways from FCA’s pages of wisdom: mandatory compliance leave is great compliance hygiene for front office folks (as Warren Buffett says, ‘you only find out who is swimming naked when the tide goes out’); training comes to the fore and a refresh on MNPI receipt and disclosure might be worthwhile now, as well as making your supervising regulator happy when they come to check what you did during this period; on that subject, keep watertight records of all your regulatory and governance decisions that were tailored for this tough time so they can be reviewed and explained when your friendly regulator comes knocking; enhanced monitoring to account for pockets of increased risk as well risk-based reviews are very sensible; communicate with your regulator especially if you are unsure of the right approach; make sure anything you delay doing is done eventually. 

The FCA even suggests doing a rejig of the risk assessment, but we all know that is not something that can be done overnight and is an eye-stabbing pain to do more than once a year!

To hear more on risk assessment, join us for our upcoming webinar on Risk-Based Approach for Ensuring Effective Compliance — Wherever You Are in the EU on June 11 and the US on June 18.

Stay safe and stay compliant…