The Financial Conduct Authority fined Ms Paivi Katriina Grigg nearly £15,000 for breaching Principle 6 of the Statements of Principle and Code of Practice for Approved Persons, finding that she failed to properly understand her responsibilities as Risk Management Director and adequately identify, manage or control the material risks arising out of the business model of the firms for which she performed the role.

The FCA identified governance failings within a group of firms operating an adviser network, comprising up to 397 appointed representatives (“ARs”) and 516 registered individuals (“RIs”). Grigg was the Group’s Risk Management Director (“RMD”), holding the CF1 (Director) significant influence function (see final notice).

As an advisory network, the Firms were responsible for the fair treatment of underlying customers by their ARs and RIs. The FCA found that Grigg was personally culpable for a flawed risk management framework throughout the relevant period. There was an inherent risk that 26,750 underlying customers would receive unsuitable advice as the Firms’ ARs and RIs had a high degree of freedom and flexibility in their dealings, but Grigg wrongly viewed it as the Compliance Director’s responsibility to manage that risk.

In reaching its decision, the FCA placed reliance on the job description for the RMD role, which Grigg had drafted with the Group CEO. The FCA used this to determine that she had accountability for customer risks – even though Grigg herself did not consider these as her responsibility. The FCA also took into account that she should have been particularly alive to the risk to underlying customers due to prior FSA action against the previous CEO and the Firms themselves over pension switching.

Less high profile than the Upper Tribunal decision of Pottage, Grigg still reveals some valuable tips, such as:

  • if an incoming senior manager performs an initial review upon appointment, they must ensure it is “adequate” – and should include a handover report or certificate;
  • a remedial plan must be put in place (record the plan in case the board / management does not accede to and assist that plan); and
  • the incoming manager must know and understand the scope of responsibilities for the role and how these are shared with other senior personnel.

The decision also illustrates that a job description can effectively equate to a “statement of responsibility” under the Senior Managers Regime, which will eventually apply to all regulated firms operating in the UK financial sector. With the FCA’s continued will to pursue enforcement actions against individuals, not performing against a job description could be an easy-win for the regulator in an enforcement investigation.