Setting up compliance and training and a budgetary structure within a company can pose a number of problems. Petrina Oxshot outlines the pitfalls

Fascinating and complex is probably one of the best ways of describing the subject we are going to address, but in the new world of FSA regulation it is absolutely vital that the learning points are taken on board.

If you study regulation in any detail it becomes clear that there are certain key responsibilities within a regulated firm. Among them are compliance, training and human resources.

Here is a case study which centres on the importance of these three areas and raises certain questions.

James and Smithers is a firm of insurance brokers with 100 staff. It has four divisions, each having a director responsible for operations.

The chairman, who is in effect the owner of the company, makes most of the high level decisions. After advice from consultants he decides to appoint one of the directors as a part-time compliance consultant and another as training manager. He also employs an HR (or personnel) manager from outside the industry.

The compliance consultant starts by having a health check on the business and, as part of that process, maps out an action plan. He asks the board for a budget of £50,000 for compliance, competence assessment and training for the coming year. This is agreed by the board.

Part of the compliance action plan is to undertake a gap analysis of competence and this is done over a three-month period. That pilot scheme indicates that there are some serious gaps in knowledge of market practice, product knowledge and regulation.

So the compliance consultant puts together a plan for training and assessment across the whole firm and presents this to the board, with a request for £20,000 from the amount set aside for compliance and training.

The board point out that, unfortunately, the training manager has already spent £45,000 on time management and management soft skills courses in the first month of the year and so there is actually only £5,000 left for compliance for the remainder of the year.

Two budgets
Now this raises the first important learning point. It is absolutely vital that, when planning and budgeting for FSA regulation, to decide who will manage compliance, who will manage training and who will control the budget. If necessary, there should be two budgets, one for each of the two managers - one for training and the other for compliance.

Perhaps, there should also be a compliance budget to be spent on all training that is specifically related to getting and staying compliant?

This was a common problem under the earlier regulation of the life industry. Money poured into sales and management training but very little was diverted to compliance and getting compliant.

If you run a company or are responsible for allocating these sorts of funds (large or small), be absolutely sure that you have created clear lines of authority for spending it. It may well be sensible to give the compliance officer overall authority, at least until it can be demonstrated that the firm is compliant, which in reality can be proven only by FSA authorisation.

Competence gaps
Having swallowed the bitter pill that the training manager may have spent the training budget, the compliance consultant sets about a programme of training for supervisors and learning for staff where competence gaps have been identified by the training needs analysis.

From his compliance training he knows that the supervisor training will be very limited at this stage (until the FSA decides on final rules and guidance). He also knows from his file reviews that product knowledge among staff is poor and that irrespective of regulator's requirements, the company is at risk from negligence claims unless he addresses product knowledge training as soon as possible.

Indeed, I suspect that the FSA would be rather pleased that this flexible risk-based approach to a problem was adopted.

However, having put together a plan for limited compliance training for supervisors and a more detailed plan for product training - to include the assistance of insurers- he is staggered to be told by the HR manager that competence training and assessment falls to the HR department. The HR manager probably has little experience of compliance, but a lot of letters after her name.

She will also tell the compliance manager that, to save money, she is impressing on the chairman the need to focus on e- learning with off-the-shelf products.

She will defend this by saying that, as the FSA requirements will be no different for general insurance than they are for other financial services, it is better to buy a cheap off-the-shelf generic training course now, rather than wait until the rules are known and face the problem of time constraints.

In particular, having read the FSA proposals (and the rules of GISC) the HR manager is convinced that product training and competence assessment can wait.

This leads to another very important learning point. Whatever the rights and wrongs of the arguments, this is a classic situation of no one having decided who is responsible for competence assessment and retraining and assessment when non-compliance is detected.

Not only that, we have a situation that the authority itself is not identified.

Let us suppose that in the case above, all three people report to the chairman. The fact is that this firm is going to have difficulty surviving if that chairman:

  • Does not understand regulation and compliance
  • Shows favouritism rather than take an objective view
  • Prefers profits to compliance.
  • There are decisions that every broking firm will have to make, not least of which is the allocation of responsibilities in the first place. But the major point I want to get across is that, not only must you allocate responsibilities, but you must also decide clear lines of authority and reporting.

    Even if you are a firm where little authority is delegated, it is important to understand that the competence of the person making those decisions, particularly defined by the Financial Services and Markets Act under controlled functions, has to be assessed and declared.

    My opinion is that in the case study above it is perhaps the compliance officer who should have the overriding authority at this time. However, if the chairman wishes to maintain the decision-making authority with no element of delegation then he must be careful to acquaint himself well with the tasks and issues at hand and be willing to declare his competence on the issues.

    Legal issues
    If, for example, in the above case the chairman backs the HR manager and defers the product training and serious negligence claims arise, it is he that could be blamed by the regulator.

    On the other hand, the HR manager is far more likely to understand the legal issues of employment and the training manager may well be the only one of the three who has formal experience of training issues.

    Ultimately, the board really must make sure that all three managers know and understand enough about regulation that they can be signed off as competent to do their jobs in a regulated environment.

    But, perhaps more than anything, there must be documentary evidence to support how this firm is going to run and who makes decisions and has authority over whom.

  • Petrina Oxshot is a specialist in compliance issues
  • Using this CPD page
    For the vast majority of practitioners and indeed support and supervisory staff in our industry, CPD is about regular learning and study that is planned, recorded, timed and evaluated.

    If you are a member of a professional body with a CPD requirement then there will be certain rules regarding the quality and nature of study material, and the way in which it is recorded.

    For staff of GISC members this means recording on your individual training file what the learning was, who provided it and when.

    It might be structured, such as a course, a learning programme or exam study. But it can be unstructured. This form of study encompasses reading the trade press, technical material or taking part in activities to support your professional body.

    Some CPD requirements are points related (a little antiquated) and others require a time value to be allocated.

    For example, it might take one hour to read Insurance Times each week. Most of that could be put as a time value but, in reality, perhaps only an half hour was devoted to learning something. The rule is to be honest with yourself and record the time that is relevant.

    Always take time to make a note of what you felt you gained from the activity. This is useful information for anyone else considering the same activity.

  • This page is edited by RW Associates, specialists in training, compliance and competence.


    To download a PDF of this article as it appears in the magazine click here .