"There aren’t any biscuits"
This is the final blog in our current series, which has identified common mistakes made by firms and individuals. The blogs explain why these mistakes are damaging and could lead to regulatory sanction, a capital add-on and even a skilled persons review (S166). If you are making any of these mistakes, you need to change your practice.
Many years ago, in keeping with other institutions in the financial sector, the regulator stopped providing biscuits with the tea and coffee when firms visited the authority. Naturally many of the firms I met spotted the absence. A few months later, during a meeting at the offices of one of those firms, they dimmed the lights, executed a table top drum roll, and proudly brought in a plate of biscuits. I have since heard of another firm’s Head of Compliance who used to buy biscuits for regulatory meetings from his own pocket.
While this incident provides the title for this blog, the issue of course is not whether you provide biscuits when your regulator visits, but how you conduct yourselves during the visit and your relationship with your regulator. Would your relationship with your supervisory team enable you to provide biscuits – as a joke? (Notwithstanding, of course, that some regulators are specifically prohibited from accepting hospitality in any form, probably over concerns that they will be corrupted by a Hobnob.)
The points below will help you avoid ‘schoolboy’ errors during your meetings with regulators, and highlight some of the mistakes I saw both as a regulator and in firms:
- Don’t ask your regulator what gives them the right to ask you about your framework
During one visit the Operational Risk Head outlined his experience at some length and then asked why the regulator felt they were in a position to question him. He had clearly forgotten that the supervisor has the mandate of their respective authority, and in this instance that trumps everything else;
- Make sure you understand and record the questions you are asked by the regulator
Some firms feel they can dominate the meeting and steer the discussion. You must listen attentively, understand any issues or concerns, and respond appropriately to the regulator’s agenda and questions. Address all the regulator’s topics during the meeting, and, after the visit, review the issues raised and make sure that any identified weaknesses are remedied immediately;
- Death by PowerPoint
PowerPoint is another way of seeking to dominate and control a meeting, often in an attempt to reduce the supervisor’s freedom to challenge or question. Unless it’s a very inexperienced or lazy supervisor, this usually backfires with the team interrupting and stopping the presentation. It annoys the supervision team and can lead to the team putting strict limits on any presentations at future meetings.
- Ensure there aren’t any gaps in the actions you have taken to resolve issues raised previously by the regulator
A surprising number of firms do not review and bring to supervisory meetings details of previous supervisory requests or instructions and are, at best, woolly on how they have resolved them;
- Don’t assume that because you have submitted a response to the supervisor it has been accepted
Silence is not assent. A number of firms write to the supervisor about issues raised and assume that no response means everything is OK. It does not;
- Don’t feel you can’t challenge the supervisor
Looking back, the visits I enjoyed most were with firms who respectfully challenged the visiting team. This was particularly valuable when we were requesting information as the firm had a better insight into their data than we did. In addition, there is such a thing as lazy supervision, which should always be challenged, although not by name;
- Intimidation by numbers
Some firms field three or four times more people than the supervisor. I have heard of one firm that countered a two-person regulatory team with 16 in the room and two on video. This was seen as an attempt to intimidate the supervisor, looked ridiculous, and both damaged the relationship and resulted in a very unproductive meeting. Sensible firms aim to balance the numbers and it is reasonable to check with the supervisor before any meeting, as part of the relationship management;
- "We’ll call your chairman"
I heard of a meeting where a member of the supervisory team asked the firm what they would do if they didn’t get the approval they sought. After some discussion, the response was a curt ‘our CEO will call your chairman’. Clearly not an appropriate response, and one that seriously damaged the relationship between the supervisory team and the firm;
- Develop a good relationship with the supervisory team
The supervisory team deserves respect and can be easily contacted. If you are not clear on what is expected, why not contact your supervisor directly to clarify the situation. Be open and friendly, and it never hurts to break out the Hobnobs…
If you found this blog useful, don’t miss Dr Jimi Hinchliffe’s forthcoming blog: ‘How to manage regulatory visits successfully’, which will be published next week.
We hope you find all our insights helpful. Chapelle can help firms prepare for supervisory operational interactions, meet supervisory operational risk expectations and build their operational risk frameworks. For a full overview of our approach to framework improvements, please contact us directly.