5 tips to improve your business post Royal Commission.
We have avoided making comment on the Banking and Financial Services Royal Commission up to this point. After all, we figured there were enough pundits, tut-tutters, doomsday merchants, mea culpas and chest beaters waxing lyrical amid the occasional accurate, useful reportage and analysis already.
However, with Round 2 of the Royal Commission Public Hearings having wound up, it is clear that there will be more regulatory change recommended for financial services at the completion of the Royal Commission. Perhaps even substantial change. Whatever the wash up, there are a number of proactive steps that, even very good, licensees should be turning their mind to in order to move their businesses forward and meet the demands of an even more robust regulatory regime, whatever shape that may take.
Here are our top 5 positive steps you can take to help ensure your financial services business is future proofed, regardless of the wash up from the Royal Commission.
1. Revisit conflicts
Much of what we have seen at the Royal Commission has been a failure by big institutions to adequately manage their conflicts. In our experience, many licensees only scratch the surface of conflicts. Yes, they typically have a conflicts policy and a conflicts register but very few have taken a deep dive to properly identify all potential conflicts at all levels and in all aspects of their business. Remember, the regulatory obligation is not to avoid all conflicts but to manage them effectively. This starts with identifying conflicts and then coming up with a management strategy, which will typically include risk controls. Done well, along with your broader risk management obligations below, effectively managing conflicts will help you run a better business and produce better outcomes for all stakeholders.
2. Check-in on culture
Lip service and values statements do not cut it by themselves. Any leader will tell you that culture starts at the top. All of us who have been in financial services for some time are painfully aware of some of the poor cultures that have been both promoted and allowed to flourish. There are a number of ways to tackle culture but, as with any significant change, if you determine that change is required in your organisation it won’t come about merely by demanding that people change their actions. For meaningful cultural change, individuals, leaders, all team members need to be on the same page at the conceptual level of what it means to have an effective culture. This means ensuring the very idea of an effective culture is well understood, accepted and promoted. Some people say that it is impossible to measure culture. This may be true in one sense but it is very easy to set up KPIs and cultural markers that help identify whether you and your organisation are on track. Typically, they are rich, interesting discussions to kick off within a business. Why not use the Royal Commission as your catalyst to formalise a review?
3. Review your monitoring arrangements
In our view, so many of the poor outcomes that we have seen from the Royal Commission could have been avoided if more effective monitoring arrangements were in place. By more effective, we don’t mean merely bigger, brighter and more resource intensive. We mean something a lot smarter. Our first observation about monitoring is that, in our experience, a lot of licensees think monitoring relates only to advice monitoring. However, it is much broader than that. Most licensees say they comply with the relevant Australian standard on compliance management systems (AS ISO 19600). One of the core components of AS ISO 19600 and therefore a core component of a compliance management system is performance evaluation. This includes monitoring, measurement, analysis and evaluation. So, to do monitoring properly it needs to be at an organisational level as well as individual advice level. It is necessary to monitor, for example, whether as a licensee you are complying with all your regulatory obligations as well as complying with your internal obligations flowing from your compliance and risk management framework.
But perhaps the area where, in our experience, licensees can make the biggest gains with their monitoring is through establishing a risk-based monitoring regime. That is, spending most of your time and resources monitoring the activities that produce the biggest risks. But the first step in this process is appropriate identification of the relevant risks. For example, if your advice monitoring program is still based on a random, untargeted selection of client files, this can be a very ineffective and inefficient use of resources. More sophisticated monitoring regimes have identified risky advice situations (e.g. product replacement advice), risky products and risky advisers, among other things. The monitoring regime feeds straight into breach and incident management and, vice versa, complaints and breaches feed into the monitoring program. Of course, it is not possible to supervise and monitor everything that goes on within your business. But it is possible to make sure that your scarce resources are focused on the most important things. Continually reviewing and improving your monitoring arrangements can reap great rewards.
4. Re-think risk
In our experience, many licensees don’t truly understand risk, or more accurately, risk management. In most cases, if we asked to see a licensee’s risk management arrangements, we would typically be pointed towards a risk register and risk management policy and nothing more. No one seems to particularly enjoy risk management! And no wonder, when most systems are static, un-dynamic and appear to bear no relevance to the day-to-day decisions taken in running and growing a business. But done well, an effective risk management framework will be a part of your ‘business as usual’, reduce the potential for downside outcomes, and actually enhance business and strategic decision-making. Risks exist, whether you pay attention to them and manage them effectively or not. It is typically a longer term process trying to re-imagine your risk management approach. But why not let the Royal Commission be the excuse for doing just that!
5. Identify efficiencies
There is no doubt about it, financial services is highly regulated with a heavy compliance burden. Indeed, it is becoming more and more difficult to meet all your obligations. But, to be profitable, be efficient you must. Plus, as many of you will already know, you already have the legal obligation as a licensee to provide your financial services efficiently, honestly and fairly. Building efficiencies can produce better outcomes for all stakeholders. Everything from your compliance arrangements, including the use of RegTech where necessary, to your recruitment and onboarding processes, the advice process itself, CRM and the production of SOAs can all be improved significantly if sufficient thought is given to them first.
Of course, if you are a small-to-medium-sized licensee your compliance arrangements don’t need to be War and Peace. But they need to be effective. And they need to be as efficient as you can make them. Naturally, imac legal & compliance would love to help should you wish to kick off a conversation about making the most of your compliance arrangements. If not, I trust you got some benefit and perhaps an idea or two from this article in any case.