As any healthcare professional will confirm, treating the symptoms is usually easier, cheaper and more effective than treating the disease. The FCA is now taking a similar line, and in a recent speech, the FCA’s director of supervision, Megan Butler, set out what signs they would be looking for to detect those companies which might be about to break the law.

In a speech at an event organised by the Investment Association, Butler argued that the two biggest causes of rule breaking were culture and business model. Depending on how both were structured, she said, a company might be more or less likely to break the rules.

When assessing a company, she said they looked at four ingredients.

  1. Incentives: People play by the rules of the game and how they are rewarded. Inappropriate incentives, such as those based on high commission, can encourage people to operate in an inappropriate way.
  2. Purpose: Employees, say they are more attracted to firms which have a clear purpose and a positive mission. The FCA agrees and says that those which clearly state their mission are more likely to get things right than one in which its purpose is vague, or in which it is not embedded into daily operations.
  3. Leadership: Good, strong leadership from people who set the tone is crucial. This shows all employees the kind of behaviour that is expected and the conduct that will advance them in life. Those leaders who exhibit poor conduct or a willingness to prioritise profit over ethics tend to pass those behaviours down.
  4. Governance: Butler said that the regulator looks at governance in detail. It is important to have clear controls in place to ensure that people are not only technically competent, but that they go about things in the right way.

With the Senior Managers Regime due to be rolled out across the entire financial sector in December, firms can improve their prospects by adopting the same attitude as the regulators. They can monitor their own businesses for these four issues to ensure they have all the key ingredients in place to achieve the kind of positive culture the regulator is looking to promote.

But, what does this look like? Butler also had thoughts on this…

Ultimately it is about establishing a speak-up-and-listen culture. Employees must be encouraged to speak up when they see inappropriate behaviour.

Historically, those firms which have fallen seriously foul of the regulators have suffered from a negative culture in which employees were actively discouraged from expressing concerns. At times, whistle blowers were actively penalised. We only have to look at the example of Jes Staley, the Barclay’s banker who was fined for his aggressive pursuit of a whistle blower. Actions such as this reverberate across an organisation. They tell everyone that this is a company which will punish those who flag up misconduct more than those who commit it.

Finally, it’s also a question of how businesses perceive compliance. Do they see it as a regulatory risk; namely a box-ticking exercise done to keep the regulators happy, or is it a business risk? Positive conduct and culture comes from viewing it as a key business risk. It not only puts you in the firing line of the regulators, but it also means your business model is inherently insecure.

As mentioned at the start of this post, treating the symptoms is more effective for everyone. It helps the regulator identify those firms which are most at risk of breaches – and it also helps firms to minimise the risk of a breach occurring in the first place.