Focus on compliance culture

The benefits of financial services regulation remain as contentious as ever – despite improved interaction between regulators and market participants
by Paul Golden


When Aidan Paddick, chair of the CISI International Regulation Forum, first became involved in compliance in the late 1980s, it was seen as an add-on to the role of internal audit.

“It started to become a stand-alone function closely aligned with legal in the early to mid-1990s with heads of compliance reporting to general counsel,” he says. “In the early to middle part of the next decade it started to become more autonomous as issues such as conduct and ethics started to come to the fore.”

This was a result of the global financial crisis of 2007–8, which set into motion ongoing regulatory change and increased compliance demands, both of which continue to be big compliance challenges globally, according to the Thomson Reuters Cost of compliance 2022 report.

Further indicators for change in the compliance sector include widespread digital transformation, a global pandemic, and an increased focus on firms’ culture and operational requirements, balanced with competing priorities “compounded by tightening budgets and potential shortages of skilled professionals”, says the report, concluding that for 2022, “it appears that at least some compliance functions are expected to do more with less”.

"Regulators will be focusing carefully on data and the technology that enables it"Just 35% of the 500 worldwide respondents expect their compliance team to increase in size in 2022, a slight increase from 31% the previous year, while 50% predict an increase in their compliance expenditure compared to 52% the previous year. “Culture and conduct risks still require focus,” says the report, which notes that culture and conduct risk frameworks “were found to lack sufficient effectiveness to manage the many implications of the pandemic”.  

A focus on compliance culture is important because, says David Moland, Chartered FCSI, former chair of the CISI Compliance Forum and head of financial crime and MLRO at Arbuthnot Latham, the changes and increased costs – “from self-regulation in the 1990s to principles-based regulation at the turn of the century and then back to a rules-based regime following the global financial crisis” – over the past 30 years have not necessarily resulted in better client outcomes.

This point is taken up by Camille Blackburn, chief compliance officer at Legal & General Investment Management, who says that principles-based regulation is easy to understand but difficult to enforce because it can mean different things to different people.

“The response to the financial crisis was to develop ‘black letter law’ [well-established, undisputed] requirements,” she explains. “Now, underneath any regulatory principle are detailed obligations specifying what that principle means in all situations. But watch this space: the pendulum is starting to swing back, partly as a reaction to the eye-watering complexity of the rule books we now have.”

Stepping up

According to David, various scandals – most recently the mis-selling of British Steel employee pensions – indicate that the financial services sector has failed to learn from experience, and therefore cannot complain when regulators seek to raise the bar.

From an investment management perspective, the impact of the Markets in Financial Instruments Directive II (MiFID II) on how the sector operates has been widely discussed (see – particularly the requirement for fund managers to budget separately for research and trading costs.

In the advice segment of the market, the UK’s Retail Distribution Review, implemented in 2012, has been extremely important in professionalising the sector as well as increasing transparency and fairness. Commission bias has been a regulatory focus across most markets but, “While in general the removal of commission has been viewed as a positive for both customers and the sector, one knock-on effect is that advice is increasingly unaffordable for the masses,” says Tom Selby, head of retirement policy at AJ Bell. In Australia, for example, the 2012 Future of Financial Advice reforms removed commission-based payments, but 2022 research conducted by consumer advocacy group Super Consumers Australia finds that the cost of advice is encouraging many consumers to navigate the complexity of retirement planning without professional guidance.

“Addressing this ‘advice gap’ is becoming an increasingly pressing public policy issue,” says Tom.

Positive changes
Employee protection
One of the most interesting developments over the past 30 years has been the evolution of protection for employees who report misconduct in their organisations. Initiatives such as the Senior Managers and Certification Regime (which aims to strengthen market integrity by making individuals more accountable for their conduct and competence) in the UK and Sapin II in France (which requires companies with more than 500 employees to implement a compliance programme against corruption) have been built on by the EU Whistleblowing Directive.

David describes the move in the UK towards making senior managers take responsibility for unregulated as well as regulated activity as a positive development. “The CISI has led from the front in this area and its Speak Up campaign ( was well received, although employees are still reluctant to speak out for fear of negative consequences,” he says. “In addition, the introduction of the conduct rules was long overdue and means the FCA is now more aligned with the values of the CISI and firms.”

International consumer protection
In 2011, the G20 released its High-level principles on financial consumer protection, which begins with the following statement: “Financial consumer protection should be an integral part of the legal, regulatory and supervisory framework, and should reflect the diversity of national circumstances and global market and regulatory developments within the international financial sector.”

The World Bank’s Good practices for financial consumer protection, published in 2012, highlights the importance of consumers receiving information to allow them to make informed decisions, and having access to recourse mechanisms to resolve disputes while being protected from unfair or deceptive practices.

Adapting to technology
Recognising the increasingly digital environment for financial products and services, in 2018 the G20/OECD Task Force on Financial Consumer Protection published policy guidance focusing on the role of oversight bodies and the importance of disclosure and transparency.

Technology and technological developments, such as the impact of blockchain on settlements (highlighted in the 25th anniversary edition of The Review) are also becoming increasingly important. Yesha Yadav, professor of law at Vanderbilt Law School in the US, refers to the challenge facing policymakers tasked with overseeing fintechs in encouraging innovation while protecting investors and markets – and doing so in a way that is clear and predictable.

She suggests that while post-2008 rule-making has resulted in a robust and well-used system of standard-setting, surveillance, and soft enforcement of global standards, it has to adapt to markets that are in varying stages of disintermediation from banks and traditional financial firms.

Keeping up the pace

Looking ahead, David expects the pace of regulation to remain high with a focus on consumers and customer outcomes. But he highlights the risk of regulation becoming too protective and consumers expecting someone else to pay when things go wrong, as a result of “increased protection after the 2008 financial crisis where very few consumers lost money and were paid out over and above the amount due from the Financial Services Compensation Scheme”.

The increasing shift to digital and demand for self-service will require greater use of personal data and open finance. According to Matt Burton, chief risk officer at Quilter, this presents significant risks as well as opportunities. “For example, it could increase the risk of fraud, cyber-misuse and even mis-selling given there may be an absence of personalised advice,” he says. “Regulators will be focusing carefully on data and the technology that enables it.”

Impact of Brexit

A report published by the European Central Bank in 2020 recognises that Europe’s future financial architecture would be significantly affected by the extent to which regulatory and supervisory frameworks in the UK diverge since alignment is a precondition for recognising the UK as an equivalent jurisdiction under the EU’s third country regime.

Brexit is likely to prompt changes to regulation in certain areas. “We have seen the UK government announce its intention to tweak Solvency II regulations and it is expected that there will be further changes in the years ahead to better tailor regulation to the UK sector’s circumstances,” says Matt.

In conclusion, David believes all areas of firms need to understand and take responsibility for complying with the regulations. “A strong focus on delivering good client outcomes will be essential,” he adds.

The full article was originally published in the September 2022 edition of The Review

All CISI members, excluding student members, are eligible to receive a hard copy of the quarterly print edition of the magazine. Members can opt in to receive the print edition by logging in to MyCISI, clicking on My account, then clicking the Communications tab and selecting ‘Yes’.

Once you have read the print edition, keep coming back to the digital edition of The Review, which is updated regularly with news, features and comment about the Institute and the financial services sector. 
Seen a blog, news story or discussion online that you think might interest CISI members? Email
Published: 25 Nov 2022
  • Compliance
  • Risk
  • International regulation
  • compliance culture

No Comments

Sign in to leave a comment

Leave a comment