Compliance in the Era of Remote Work
The prospect of a second spike has dashed hopes of a return to normal in the immediate future. With remote working now the norm, the FCA is stepping up pressure on banks to deliver the same level of compliance in the home that they would in the office. That will mean surveillance of employees, in their homes.
Such moves instantly raise concerns about privacy. However, under business-as-usual conditions financial institutions are required to keep a close eye on the work of front office personnel including traders, advisers, or salespeople as they interact with each other, clients, and other companies.
In a work from home situation it becomes much more difficult to maintain that level of oversight. It’s all too easy for things to be missed. For example, someone might get tired trying to dial into a remote meeting and ring a client on their own phone. Documents might be dropped into a personal waste bin with the intention of disposing of them properly later, but get forgotten. Such actions create the potential for non-compliance.
In the early days of the lockdown, the FCA was relatively understanding. They acknowledged that scenarios could emerge in which firms were unable to maintain the same levels of surveillance and oversight that they would otherwise have been expected to.
However, as Julia Hoggett, the FCA’s Director of Marketing Oversight said in a recent speech, those days are over. From now on the regulator believes firms should have got to grips with remote working and ensured provisions are in place to make certain that the same level of oversight as they would have in the office is implemented in the private home.
"Our expectation is that going forward, office and working from home arrangements should be equivalent - this is not a market for information that we wish to see be arbitraged," she says. "We expect firms to have updated their policies, refreshed their training and put in place rigorous oversight reflecting the new environment - particularly regarding the risk of use of privately-owned devices."
Policies, for example should prohibit the use of privately-owned devices for activities where recording is not possible. Any communication methods being used, no matter the device, should have controls and be prior approved by management.
Home working presents further of challenges. Home workers might lack the technology or bandwidth to effectively perform remote trading activities. Remote printing, obtaining wet signatures or replicating face-to-face interactions with clients and co-workers can also be challenging.
Reduced contact time between staff members can make it more difficult to sustain supervision, while firms which have reduced head count could struggle with additional workloads. In turn, high workloads can create errors including missed flags or even false alarms.
In addition to the idea that firms have had time to get to grips with remote working, Waymark’s view is that the FCA’s stance reflects their view of post-pandemic life. In that view, which we agree with, we’ll find ourselves in a ‘new normal’ in which home and office working are blended, even though the pressures of Covid-19 have passed. There are certainly signs of willingness to make such a blend work, from both employers and employees (though there are different views on the best weighting of the blend). Regulatory forbearance in the face of unusual circumstances doesn’t work when the unusual has become usual. This moves the RegTech sector into the spotlight as this is where we find new tools offering end-user functionality combined with the oversight features that this new normal calls for.
So, in our view, now is the time for firms to ensure not just that they are caught up with expedient short-term fixes, but with sustainable solutions to an issue they need to (and many will want to) live with in the longer term.
To speak to us or subscribe to our newsletter please contact us here.
Or message us via the chat icon in the bottom right corner of your screen.