Installing and testing a corporate governance system to manage compliance is key to satisfying FSA requirements. John Quigley and Joe Egerton explain
The FSA requires high levels of corporate governance by management. A central belief is that a well-designed and well-run organisation will deliver quality services to clients and other users of the market. What a particular firm has to do to satisfy the FSA of its corporate governance commitment is determined by the complexity and size of the business. A large business, with several divisions and branches requires a considerably more complex control structure than its three-person, single-discipline counterpart.In formulating the firm's systems and controls and allocating responsibilities it is imperative that a firm's chief executive makes an unbiased appraisal of the business and the resources to hand. This appraisal may require independent input and assistance.The FSA is looking for observance of best practice and will not accept excuses for an inferior model such as, "it has always been done this way", or that an inappropriate individual is given responsibilities beyond their ability because "they needed or demanded a title".Having examined the business that the firm conducts, and may seek to develop in the near future, the 'controlled functions' that must be catered for can be identified. A firm should also be looking for risk hotspots in the operation that merit additional attention and care. With this accurate and tested information to hand, the appropriate structure of controls and management systems can be designed to ensure responsibility is allocated and managed at the agreed levels within the business. The chief executive must be alert to the fact that along with the rest of the directors, he or she is ultimately responsible for any failures in the system. The structure will also need to ensure that information feeding out of this framework reaches the management team and board of directors in such a fashion that it is timely and transparent.Additional elements of the control structure will, as mentioned, vary depending on size and complexity. It may be anticipated that a large complex firm will need a dedicated internal audit team as well as a dedicated compliance team. A three-person retail broking firm's focus will differ and will include the need to make arrangements to ensure that everybody dealing with clients knows and complies with relevant rules (ICOB), that complaints are properly investigated and answered, that there is some arrangement in place for monitoring quality of work, and that there is appropriate time and resource for training.The FSA expects individual firms to work out what arrangements they need to set in place in order to deliver and guarantee quality. Above a certain size - £1 m income for brokers - the FSA has said that it will expect to see formalised procedures and compliance manuals and a formalised compliance monitoring programme. But at this level there is still a wide degree of discretion as to how a firm is organised.There are some simple tests that can be applied to determine whether a firm has thought through what it needs to do and implemented effective controls:Simply asking these questions - and the FSA may well do so with a surprisingly large number of applicants - can produce unhappy results. For instance, if you ask a chief executive who is responsible for some aspect of the business, it is by no means unknown for him to name a director who promptly denies that he deals with it at all. The director may even thinks that he just passes files to the chief executive to deal with.So one essential task for any applicant for authorisations is to test systems, controls, roles, responsibilities and competences by asking simple questions. Mapping a minefield is best done with care and great thoroughness, and the evidence recorded accurately to share with others.
Is work checked for compliance?
