Summary: You don’t need us to tell you that last year was full of surprises. The EU referendum, followed by the US election result, has created huge uncertainty and widespread anxiety among businesses. As we ponder the true meaning of Brexit and what contribution Donald Trump will make to American and world politics, one thing we can be sure of is that we would all like more certainty and less risk.
At BLP, we’ve identified six regulatory themes every Board needs to keep on its radar in 2017.
And unlike so many other things in the world at present, we’ve made sure nothing is open to interpretation.
1. Regulation is getting more personal
No matter how large a company’s compliance function, the regulator’s view is that responsibility for regulatory compliance lies primarily with senior management. Regulators are increasingly determined to bring cases against senior managers, as well as - and sometimes even instead of - cases against firms. To minimise this increased personal regulatory exposure, all senior managers would be well advised to conduct regular assessments of the design and operational effectiveness of the risk management framework within the areas of business that they are responsible for. If an issue does occur, quick and decisive action is essential. Concerns need to be escalated promptly and effectively, the wider implications considered and all responsive steps recorded.
2. Next-gen corporate governance
If financial services businesses don’t recognise corporate governance as a regulatory issue, they may be misunderstanding and mismanaging their regulatory risks. For banks, practising good governance doesn’t stop with successful implementation of the Senior Managers Regime. It means revisiting Management Responsibilities Maps and Statements of Responsibilities regularly to ensure that they reflect the reality on the ground; using those documents to conduct periodic reviews of the effectiveness of the firm’s current corporate governance arrangements and making sure their Boards are aware of this new regulatory focus.
3. Get on board with ‘on notice’ letters
If a company is suspected of breaching competition law, the FCA has started to use one of its ‘soft’ regulatory tools – the so-called ‘on notice’ letter. Such a letter will merely raise the possibility that a competition law breach has occurred, leaving the firm to decide how to respond. If issued with one of these letters, the onus is on the firm to convince the FCA there is no need for further investigation. With penalties for competition law infringement representing up to 10% of a group’s annual global turnover (not to mention possible third-party damage claims), any firms receiving such letters need to act swiftly to protect their positions.
4. Getting tough on tax evasion
This year, the government is taking its crackdown on tax evasion one step further. The introduction of a new criminal offence for corporates who fail to prevent the facilitation of tax evasion means that if an employee, contractor, agent, or anyone representing a business breaches tax laws, the company could be held liable. Financial institutions in particular are likely to be scrutinised, so it is important that firms assess the risks, implement policies and engage senior management. If a company can show it has reasonable procedures in place, it will not be liable. However, it will ultimately be up to the courts to decide whether the prevention procedures are ‘reasonable’.
5. Mind the (gender pay) gap
Gender pay gap reporting could be compulsory for large employers as soon as April 2017. The financial services sector’s 39.5% pay gap is more than double the national average. To avoid being named and shamed, businesses must review their pay data and implement the necessary steps to reduce any gaps. Under the new legislation, companies will need to be open, honest and detailed in the pay gap reports they will be required to publish. We believe this is likely to take longer to deal with than many Boards expect.
6. EU – UK = No more GDPR?
Early 2016 saw many companies preparing for the new General Data Protection Regulation (GDPR). Effective as of March 2018, it include fines of up to 4% of annual turnover for breaches. However, following the Brexit vote, many businesses wondered if this might mean no more GDPR. That’s not the case. Even if the UK exits the EU by March 2019, companies will still need to comply – even just in the short-term. Businesses that want to deal with the rest of the EU will have to play by the rules (GDPR included). With the 2018 implementation date looming, firms still have a lot to do and must not forget that the EU’s gold standard is something customers trust.
Are you prepared for financial regulation in 2017?
Attend our annual Financial Regulation seminar on Wednesday 25 January for practical advice and direct opinions on the key regulatory risks.
With an unsettled regulatory climate forecast for 2017, the seminar provides a valuable opportunity to stay one step ahead.