Objectivus_logo_tag

News & Analysis

Objectivus_Favicon

Conduct Risk Framework – what the FCA expects

fca business plan conduct risk

Conduct risk continues to be a focus for the FCA. As it is not an FCA defined term, firms need to understand what it means. The FCA expects firms to develop their own conduct risk definition and strategies and put in place a tailored conduct risk framework to address the specific risks that their business is exposed to.

The FCA introduced the 5 Conduct Questions programme in 2015 and the leading wholesale banking firms operating in the UK and subsequently published feedback papers in 2018 and 2019.

The five questions were:

  • What proactive steps does the firm take to identify conduct risks in its business? 
  • How does the firm encourage people in front, middle, back office, control and support functions to feel responsible for managing conduct?
  • What support does the firm put in place to help its people improve the conduct of their business or function?
  • How does the firm’s board and executive committee get oversight of conduct in the organisation? And how do employees bring information into their discussions?
  • Has the firm looked at where there are any business activities it is engaged in that undermine its work to improve conduct?

The  2019/20 Business Plan  sets out the FCA’s overall objective of how to improve the way financial markets operate with respect to the protection of consumers, the integrity of markets and the promotion of competition. Among other things, the 5 Conduct Questions programme clearly supports their cross-sector efforts on firms’ culture and governance.

What is conduct risk?

Conduct risk is broadly defined as any action of a regulated firm or individual that leads to customer detriment or has an adverse effect on market stability or effective competition, these are a reflection of the FCA’s three statutory objectives:

  • Protect consumers – securing an appropriate degree of protection
  • Protect financial markets – protect and enhance the integrity of the UK financial system
  • Promote competition – promote effective competition in the interests of consumers

Firms should seek good behaviour across all aspects of their organisation and develop a culture in which it is clear that there is no room for misconduct. Although treating customers fairly (TCF) has long been part of the retail regulatory framework, conduct risk should not be seen as merely an extension of this. Linked to this is the commonly held misconception that conduct risk is only a retail client issue.

Firms need to consider what conduct risk means and ensure that there is a consistent definition and understanding throughout all levels of the firm including overseas entities.

How should firms identify the key conduct risks within the business?

Conduct risk drivers stem from the firms’ structures and behaviours which could create a risk of harm to consumers or market integrity. Firms that understand the drivers of conduct risk can better understand whether their conduct risk frameworks are robust enough to mitigate against the risk of harm originating from its activities or individual behaviours. Firms need to consider:

  • The conduct risks that the firm is exposed to. Examples of key risks may include insider dealing, conflicts of interest, product design or mis-selling through inappropriate incentive and bonus schemes;
  • The controls in place to monitor and mitigate these risks on an on-going basis. How it will be ensured that these controls remain fit for purpose;
  • Changes needed to be made within the organisation from a cultural/values perspective and how these can be tracked: and
  • The periodic refreshment of the conduct risk assessment.

We recommend a gap analysis be conducted to assess any additional controls that need to be put in place, to ensure that all risks are mitigated prior to putting in place a conduct risk assessment. Conduct risks need to be treated separately from other types of risk such as market and operational risk.

A clear relationship between conduct risk and business strategy should be established. The FCA expects firms to be able to demonstrate and evidence how conduct risk matters are driving business strategy and decision making. Questions which need to be asked are:

  • What is the firm looking to achieve from a conduct risk perspective; and
  • What does success look like?

Risk Appetite

The overall risk appetite for conduct risk should be informed by the key outcomes from the conduct risk assessment and the firm’s conduct risk strategy. We recommend linking the risk appetite to the FCA’s key objectives of good customer outcomes and market integrity.

Governance and Accountability

A firm which has poor governance arrangements cannot effectively identify and mitigate risks of harm caused by its business activities. For example, if a firm has many layers of management and committees which receive similar and overlapping Management Information (MI), it may be difficult to ensure that risks identified through reporting are being addressed correctly. Additionally, effective oversight in terms of how issues are being handled and by whom need consideration Firms may want to appoint a specific Conduct Risk Committee.

Conflicts of interest

A review of the business models and the assessment of potential conflicts of interest that may be present should be carried out. Areas to focus on could be:

  • The existence of a vertically integrated business model;
  • The manufacture and distribution of products;
  • Staff incentive schemes; and
  • The firm’s PA dealing policy.

Systems and controls

A firm which has inadequate systems and controls cannot effectively identify risks of harm caused by its activities. MI is a key form of control and, if not designed properly, can lead to risks not being properly identified. Senior management needs to keep the design of MI under regular review to ensure that it continues to be fit for purpose in highlighting risk areas. Training is another important form of control and rather than adopting a tick box approach, the FCA expects firms to develop training in order to embed awareness of conduct risk at all levels of the organisation. The Senior Managers and Certification Regime aims to strengthen accountability and provides firms with a great opportunity to roll out new conduct risk training programmes to all staff so that they truly understand the risks attached to their specific roles and how they should behave.

Business model

A firm’s business model can itself be a driver for conduct risk, for example in the design and delivery of products/services. Taking the example of consumers’ search for yield in a low interest rate environment, often encourages firms to try and design more complex and risky products to try to meet this demand. But that may present key conduct risks, like consumers not fully understanding the products, which in themselves are wholly unsuitable.

A key indicator of culture is the tone from the top:

  • Senior management must act in accordance with the firm’s policies and procedures;
  • Senior management should not reward bad behaviour which can come about through employee remuneration set against financial targets only;
  • A blame culture when things go wrong can often discourage people from speaking up and admitting they have made a mistake, thereby preventing problems from being rectified;
  • Employees turning a blind eye to misconduct in the workplace for fear of speaking up; and
  • Elements of indecision within the firm, where difficult decisions are put off. This can lead to long-running failings not being addressed through prompt and decisive action .

Firms should seek to promote good behaviour across all aspects of their organisation and develop a culture in which it is clear that there is no room for misconduct. Although TCF has long been part of the retail regulatory framework, Conduct Risk should not be seen as merely an extension of this.

Further Resources

https://www.fca.org.uk/publication/market-studies/5-conduct-questions-industry-feedback-2018-19.pdf

https://www.fca.org.uk/news/statements/conduct-risk-during-libor-transition-questions-and-answers

https://www.fca.org.uk/publication/correspondence/dear-ceo-letter-non-financial-misconduct-wholesale-general-insurance-firms.pdf

https://www.fca.org.uk/news/speeches/wholesale-conduct-risk

https://www.fca.org.uk/news/speeches/conduct-risk-briefing

https://www.fca.org.uk/firms/5-conduct-questions-programme

https://www.fca.org.uk/publication/business-plans/business-plan-2019-20.pdf

How we can help

If you are creating or reviewing the conduct risk framework within your firm and would like us to review or to assist, please contact us to discuss. We offer a number of services including gap analysis, implementation of conduct risk frameworks and management information packs.

Conduct Risk - is your framework compatible with the FCA's agenda?

In May 2019, the Financial Conduct Authority (FCA) published its third annual report on its 5 Conduct Questions Programme . Since its introduction, the FCA observed that firms have been investing substantial efforts in change programmes related to conduct and culture, a key cross-sector priority for the FCA .

In this Insight, Sushil Kuner, a Senior Associate within our Financial Services Regulatory team, identifies the 5 Conduct Questions, providing guidance on how firms can identify the conduct risks associated with their businesses. She also highlights key aspects of the FCA 's latest report, outlining examples of good and poor practices identified by the FCA during their Supervisory activities.

fca business plan conduct risk

The FCA launched the 5 Conduct Questions Programme in 2015, initially as a Supervisory tool for the Wholesale Banking sector to help firms improve their conduct risk management and, ultimately, drive cultural change. The programme has been very successful to date, with the FCA observing that many firms have been making significant strides in improving their conduct risk frameworks.

On the basis of this success, the 5 Conduct Questions have now been incorporated into the FCA 's Approach to Supervision, applying to all firms in the financial sector, wholesale or otherwise.

What are the 5 Conduct Questions?

  • What proactive steps do you take as a firm to identify the conduct risks inherent within your business?
  • How do you encourage the individuals who work in front, middle, back office, control and support functions to feel and be responsible for managing the conduct of their business?
  • What support (broadly defined) does the firm put in place to enable those who work for it to improve the conduct of their business or function?
  • How does the Board and ExCo (or appropriate senior management) gain oversight of the conduct of business within their organisation and, equally importantly, how does the Board or Exco consider the conduct implications of the strategic decisions that they make?
  • Has the firm assessed whether there are any other activities that it undertakes that could undermine strategies put in place to improve conduct?

The first step in addressing the 5 Conduct Questions is for firms to understand what 'conduct risk' means. This is not an FCA defined term as the FCA expects firms to develop their own conduct risk definition and strategies and put in place a tailored conduct risk framework to address the specific risks that their business is exposed to.

However, at the very highest level, it is generally accepted that conduct risk means any action of a firm or an individual that has the potential to cause harm to consumers or market integrity.

How do I identify the key conduct risks associated with my business?

There are a number of conduct risk drivers stemming from firms' structures and behaviours which could create a risk of harm to consumers or market integrity. Firms that understand the drivers of conduct risk can better understand whether their conduct risk frameworks are robust enough to mitigate against the risk of harm stemming from its activities or individual behaviours. We set out below some examples of key conduct risk drivers.

  • Governance - a firm which has poor governance arrangements cannot effectively identify and mitigate risks of harm caused by its business activities. For example, if a firm has many layers of management and/or committees, which receive similar and overlapping Management Information ("MI"), how does it ensure that risks identified through reporting are being addressed? Is there effective oversight in terms of how issues are being handled and by whom?
  • Conflicts of interest - do you routinely review your business models and assess whether there are any potential conflicts of interest that may be present? For example, do you have a vertically integrated business model? Do you manufacture and distribute products? Are staff incentive schemes creating conflicts of interest?
  • Systems and controls - a firm which has inadequate systems and controls cannot effectively identify risks of harm caused by its activities. MI is a key form of control and, if not designed properly, can lead to risks not being properly identified. Is senior management keeping the design of MI under regular review and ensuring that it continues to be fit for purpose in highlighting risk areas? Training is another important form of control and rather than adopting a tick box approach, the FCA expects firms to develop training in order to embed awareness of conduct risk at all levels of the organisation. The Senior Managers and Certification Regime aims to strengthen accountability and provides firms with a great opportunity to roll out new conduct risk training programmes to all staff so that they truly understand the risks attached to their specific roles and how they should behave.
  • Business model - a firm's business model can itself be a driver for conduct risk, for example in the design and delivery of products/services. Taking the example of consumers' search for yield in a low interest rate environment, this often encourages firms to try and design more complex and risky products to try to meet this demand. But that may present key conduct risks, for example, consumers not fully understanding the products to which they are signing up and the products being wholly unsuitable for them.
  • Does senior management act in accordance with the firm's policies and procedures?
  • Does senior management still reward bad behaviour, through remuneration, for example because an employee is hitting their financial targets?
  • Is there a blame culture when things go wrong? This often discourages people from speaking up and admitting they have made a mistake, thereby preventing problems from being rectified.
  • Do people turn a blind eye to misconduct in the workplace for fear of speaking up? While firms may have great speaking up initiatives, are these truly embedded within the organisation?
  • Is there an element of indecision within the firm? Do difficult decisions tend to be put off? This could lead to long running failings at the firm not being addressed through prompt decisive action.

FCA 's Key Findings in its Third Annual 5 Conduct Questions Report

The FCA 's latest report covers supervisory activity and discussions with a sample of approximately 50 firms in the Wholesale sector but the content of the report is relevant for all firms in the financial sector. It builds on the previous two annual reports which we do not cover here in detail, but overall, since its launch, firms in the Wholesale sector have made significant strides in improving their policies, processes, training and identification of conduct risk through this programme.

Early firm initiatives concentrated on process flows and bad behaviour, leading to the creation of new policies and procedures, new training programmes and the use of technology for better surveillance. The FCA 's recent report highlights that the previous emphasis was on avoiding preventable breaches, addressing conflicts of interest and designing MI to help identify weaknesses. This work was often led by functions such as Compliance, Risk, HR and IT. While these strategies are supported by the regulator, the FCA is keen now for firms to consider conduct in its widest sense.

The FCA has observed firms implementing two or three year programmes that focus narrowly on regulatory adherence and avoiding rule breaches which they consider leads to conduct being narrowly defined and treated like a 'tripwire' with staff being more likely to respond with fear than forward-looking enthusiasm.

In contrast, firms integrating conduct with longer-term corporate goals and framing it as a component of a broader strategic effort are more likely to lead to a culture of positive behaviour and not just an environment of avoiding bad behaviour / rule breaches.

Those firms which have framed conduct as an integral part of larger corporate goals, have seen positive reactions from all stakeholders. Firms embedding good behaviours across the whole organisation have benefitted from better client engagement (clients like to deal with firms they can trust) which has also benefitted shareholders. Firms investing resource into developing their Purpose and Mission statements to underpin a meaningful social impact, are also more likely to engage the wider stakeholder community as well as staff, thereby securing the long-term sustainability of the business - a sense of individual purpose that aligns with corporate purpose has been demonstrated to drive superior performance.

Noticeably, the FCA has increasingly been emphasising the need for firms to focus on psychological safety in the workplace, whistleblowing, as well as non-financial misconduct. The FCA 's view is that where there is psychological safety at work, staff are comfortable sharing concerns and mistakes without fear of embarrassment or retribution. As such, they feel comfortable that they can speak up and won't be humiliated, ignored or blamed. As well as being vigilant to the well-being of staff, firms have been encouraged to develop training on a wide range of human development skills to support psychological safety. While senior management and junior employees have benefitted from training on conduct, the FCA 's view is that middle management (which is highly influential in providing day to day leadership on conduct) could benefit from more attention.

Regarding whistleblowing, the FCA reviewed whether staff could use firms' whistleblowing processes without fear of identification and reprisal. The FCA noted that, perhaps due to active promotional efforts, a greater than usual number of cases were being reported with firms being uncertain as to what a normalised volume would prove to be. The nature of the whistleblowing reports also varied significantly across firms, where similar cases handled in the normal course of business at one firm triggered a whistleblowing event at another. The FCA has concluded that the challenge for firms remains to fully embed the desired changes of mind-set across the whole organisation.

Despite this progress, the FCA is particularly concerned that the largest component of investigated cases in the whistleblowing channel were categories like 'Dignity at Work' or 'Non-Financial Misconduct', which captured bullying, favouritism, exclusion and sexual harassment. These cases seemed to be on the rise, although it is not yet clear whether this is due to more active reporting rather than a deterioration in behaviour.

The FCA is keen to understand how firms are dealing with non-financial misconduct; tolerating any form of misconduct is not indicative of a healthy culture and if this gives rise to failures or harm, the FCA is likely going to take an interest, especially where senior management is involved. Senior management positions within the financial services sector are positions of trust and the FCA expects holders of these positions to act appropriately both in and outside the workplace.

Examples of Good and Poor practices found by the FCA during Supervisory visits

In line with the FCA 's 2017 5 Conduct Questions Programme and 2018 5 Conduct Questions Programme annual reports, the FCA 's third annual report provides examples of good and poor practices within Wholesale firms, identified by the FCA during its Supervision activity. While these were identified within the Wholesale sector, the examples do apply to all firms in the financial services sector.

1. What proactive steps do you take as a firm to identify the conduct risks inherent within your business?

Examples of good practice.

  • Defining conduct risk as a separate category that sits sensibly alongside other major risk types such as Credit, Counterparty, Market and Operational risks;
  • widening the working scope of conduct risk, as framing it more narrowly potentially limits both the design of efforts to identify it and the outcomes;
  • raising the profile of, and actively promoting, competition concerns as a business as usual consideration where firms have a large market share;
  • taking action to reduce the conduct risk challenges from staff using smartphones and social media by creating short breaks and safe locations to step out and log on or connect;
  • assessing the impact and harm of potential events from the customer's point of view;
  • formalising a bottom-up approach as a monthly exercise for each key business unit;
  • introducing approaches that immediately feed newly identified risks or crystallised risk into the delivery of targeted training; and / or
  • clearly interweaving conduct topics with business discussions, rather than relegate them to more narrowly focused discussions in, for example, Operational Risk Committees.

Examples of Poor Practice

  • Firms showing little impetus to identify new risks through forward-looking proactive efforts;
  • reliance on a largely top-down approach where key risks are not comprehensively apparent or captured;
  • investing a lot of effort into identification exercises but then underinvesting in the steps to take action on the risks identified;
  • difficulties differentiating conduct risk from operational risk with the result being that the business line ownership of conduct risk being weak;
  • support services and second line of defence units not conferring with each other; and / or
  • firms approaching conduct risk in a diffused way instead of defining it as a category.

2. How do you encourage the individuals who work in front, middle, back office, control and support functions to feel and be responsible for managing the conduct of their business?

  • Holding CEO-led town hall sessions on conduct;
  • holding smaller town hall events hosted by desk or area heads, reflecting the fact that staff listen carefully to their more immediate line managers who are also able to actually observe their day-to-day behaviour;
  • carefully planning town hall sessions to ensure more junior staff and their management do not attend together in an effort to encourage discussion; and / or
  • openly communicating with staff the mistakes made by the firm in the past year, and inviting the staff to a session to discuss how those mistakes had happened and make sure they couldn't happen again.
  • Senior executives promoting the general importance of the firm's conduct messages without explaining what any of those messages were;
  • issues being escalated too rapidly, which risked bypassing key individuals who may be more directly accountable for managing and resolving the problem; and / or
  • undermining programme objectives by not ensuring that Desk Heads and other more senior managers attend open session Conduct Risk Forum meetings.

3. What support (broadly defined) does the firm put in place to enable those who work for it to improve the conduct of their business or function?

  • Framing risk appetite statements as a series of expectations of staff and developing metrics around those desired outcomes;
  • positive framing of key initiatives by strongly emphasising openness, transparency, accessibility and safety;
  • reframing initiatives to focus more on rewarding efforts such as identifying and resolving policy deficiencies, rather than solely punishing breaches as they happen;
  • repositioning 'zero tolerance for conduct risk' culture (which can make staff fearful and reluctant to disclose problems) as 'zero tolerance for unmanaged conduct risk' where staff are encouraged to be alert and respond to conduct risks;
  • participating in industry-led initiatives to address conduct issues;
  • looking beyond firms' own boundaries to assess conduct standards and risks from clients, counterparties, outsourced service providers and others;
  • not looking the other way if a client mistreats a member of the firm's staff;
  • introducing a reverse mentoring programme where staff significantly more junior than an executive meet regularly to share feedback;
  • introducing a one-off, tailored internal survey to assess conduct and culture and prevailing views among staff rather than use a more wide-ranging annual staff survey;
  • introducing a specific communication programme around disciplinary outcomes to provide transparency on how the firm decided and applied them;
  • specifically analysing the potential conduct risk in examining, preparing and implementing changes from EU withdrawal;
  • shifting beyond gender-based diversity by raising the importance of other aspects, such as race, educational background, economic background and other skills or experience; and / or
  • going beyond simply encouraging people to speak up by providing them with specific tools and training on how to raise a challenge with more senior staff. Correspondingly, providing related training for senior staff on how to receive and deal with a challenge.
  • Building a library of 'grey issue' scenarios for use across a wide range of businesses;
  • using notes from 'grey area' discussions to tailor additional targeted training and consider where revised policy and procedures may be helpful;
  • employing professional actors to role-play risk scenarios; and / or
  • extension of training to include the recruitment process to ensure that training includes conduct and behaviour assessments so that they are carried out consistently across all businesses.
  • Weighty, complex, centrally-led committees and programme management infrastructure - sometimes leading to fractured accountability in the firm, noticeably slower or stifled progress and less ability to summarise its position and progress.

4. How does the Board and ExCo (or appropriate senior management) gain oversight of the conduct of business within their organisation and, equally importantly, how does the Board or Exco consider the conduct implications of the strategic decisions that they make?

  • Greater investment in data design, creation aggregation and trend analysis leading to the creation of dashboards and MI that Managers and Boards can use to steer more effectively;
  • MI growing in depth and scope;
  • key risk indicators enabling firms to strengthen and reinforce more positive conduct and behaviours;
  • development of more focused and streamlined processes to collate and aggregate perceived risks, which are useful for management oversight;
  • introduction of a semi-formal 'Shadow Executive Committee' comprised of staff several levels below the actual Exco;
  • providing clear evidence that conduct risk is a key component of the review of strategic business initiatives, including business expansion (e.g. through committee papers and minutes);
  • evidence of challenge of new product approvals; and / or
  • better use of customer feedback, so while not a complaint, can alert firms to potential problems.
  • Key risk indicators being inwardly focused on misbehaviour, rule breaches or policy compliance.

5. Has the firm assessed whether there are any other activities that it undertakes that could undermine strategies put in place to improve conduct?

  • Horizon-scanning being formally included within strategic business planning, there being formal tipping point analysis for risks that appear to be growing;
  • new working groups being established to specifically address Question 5 and the conduct issues from new or evolving products or other business initiatives such as an acquisition; and / or
  • senior and middle-level executives actively participating in industry-wide initiatives. Engagements with industry peers acts as both a source and a delivery channel of progressive views.
  • No periodic horizon-scanning for the firm as whole involving business representatives; and / or
  • insufficient thought being given by firms to Question 5 as a whole.

If you are creating or reviewing the conduct risk framework within your firm, and would like a review or assistance, please contact us to discuss whether and to what extent you are capturing the key conduct risks relevant to your business.

Photo of Sushil Kuner

Photo of Jonathan Chamberlain

Related Insights & Resources

fca business plan conduct risk

0800 689 0190

Compliance Consultant London

Understanding Conduct Risk: What the FCA Expects

Conduct Risk

Conduct Risk Overview: In the ever-evolving landscape of financial services, one constant focus for the Financial Conduct Authority (FCA) is conduct risk. While the term “conduct risk” may not be explicitly defined by the FCA, it holds a pivotal role in the regulatory framework. Firms operating under FCA regulation must grasp the essence of conduct risk, develop their unique definitions, and craft tailored strategies to address it effectively.

Conduct risk – the foundation: 5 conduct questions.

To help firms navigate the labyrinth of conduct risk, the FCA introduced the 5 Conduct Questions program in 2015. These questions serve as a compass for firms to align their practices with regulatory expectations:

1. Proactive Risk Identification: What steps does the firm take to identify conduct risks within its business?

2. Shared Responsibility: How does the firm instill a sense of responsibility for managing conduct across all functions?

3. Support for Improvement: What support mechanisms are in place to enhance the conduct of the firm’s business or functions?

4. Board Oversight: How does the firm’s board and executive committee oversee conduct, and how do employees contribute to this oversight?

5. Holistic Evaluation: Has the firm evaluated any business activities that undermine its efforts to improve conduct?

The FCA’s Wider Objectives

The FCA’s 2019/20 Business Plan highlights its overarching objective of improving the operation of financial markets concerning consumer protection, market integrity, and competition promotion. The 5 Conduct Questions program plays a vital role in advancing cross-sector efforts aimed at fostering a culture of good conduct and robust governance within firms.

Deciphering Conduct Risk

Conduct risk, in broad strokes, encompasses actions by regulated firms or individuals that harm customers, disrupt market stability, or hinder effective competition. These align with the FCA’s three statutory objectives:

1. Consumer Protection: Ensuring an appropriate level of consumer protection.

2. Market Integrity: Safeguarding and enhancing the integrity of the UK financial system.

3. Competition Promotion: Promoting effective competition in the interest of consumers.

However, conduct risk should not be confined to retail clients alone. Firms must apply a consistent definition across all organizational levels, even for overseas entities.

Identifying Key Conduct Risks

Understanding conduct risk begins with recognizing its drivers, which can stem from a firm’s structures and behaviours. Key steps include:

– Identifying specific risks (e.g., insider dealing, conflicts of interest, product design). – Implementing controls for ongoing risk monitoring. – Cultivating a culture of awareness and tracking cultural changes. – Regularly refreshing conduct risk assessments.

Consider conducting a gap analysis to identify additional controls necessary to mitigate risks effectively.

Conduct Risk in Strategy

A clear link between conduct risk and business strategy is essential. Firms must demonstrate how conduct risk considerations shape their strategies and decision-making processes.

Conduct risk – Risk Appetite

Aligning risk appetite with the outcomes of conduct risk assessments and the firm’s strategy is crucial. This linkage should reflect the FCA’s key objectives of achieving positive customer outcomes and maintaining market integrity.

Conduct risk – Governance and Accountability

Effective governance is paramount for risk identification and mitigation. Firms should streamline governance arrangements, avoid redundancy in management layers, and establish oversight mechanisms, possibly through a dedicated Conduct Risk Committee.

Addressing Conflicts of Interest

Scrutinizing business models for potential conflicts of interest is crucial. Key areas to examine include vertically integrated models, product distribution, staff incentives, and PA dealing policies.

Systems and Controls

Robust systems and controls are vital for risk identification. Management Information (MI) must be well-designed to highlight risk areas, and training programs should foster awareness of conduct risk at all organizational levels.

Business Model Impact

A firm’s business model can either mitigate or exacerbate conduct risk. Careful consideration of product and service design, especially in response to market demands, is essential to avoid conduct risks associated with complex or unsuitable products.

Nurturing a Positive Culture

A culture that promotes good behaviour is fundamental. It should involve senior management adhering to policies, discouraging bad behaviour, fostering openness, and addressing issues decisively.

Conduct Risk: Resources for Further Exploration

For a deeper understanding of the FCA’s perspective on conduct risk, you can explore these resources:

Industry Feedback on the 5 Conduct Questions 2018/19 https://www.fca.org.uk/publication/market-studies/5-conduct-questions-industry-feedback-2018-19.pdf Conduct Risk during LIBOR Transition: Questions and Answers https://www.fca.org.uk/news/statements/conduct-risk-during-libor-transition-questions-and-answers FCA Conduct Rules https://www.fca.org.uk/firms/senior-managers-and-certification-regime/conduct-rules Dear CEO Letter: Non-Financial Misconduct in Wholesale General Insurance Firms https://www.fca.org.uk/publication/correspondence/dear-ceo-letter-non-financial-misconduct-wholesale-general-insurance-firms.pdf Wholesale Conduct Risk – Speech by Megan Butler https://www.fca.org.uk/news/speeches/wholesale-conduct-risk Conduct Risk Briefing – Speech by Julia Hoggett https://www.fca.org.uk/news/speeches/conduct-risk-briefing FCA’s Business Plan 2019/20 https://www.fca.org.uk/publication/business-plans/business-plan-2019-20.pdf

How We Can Assist

If you are in the process of establishing or reviewing your firm’s conduct risk framework, we are here to help. our services encompass gap analysis, implementation of conduct risk frameworks, and the creation of management information packs. contact us to discuss how we can support your journey toward effective conduct risk management..

Disclaimer: This article serves as a general guide and should not be considered legal or regulatory advice. Always consult with appropriate professionals for specific guidance related to your firm’s conduct risk management.

fca business plan conduct risk

  • Quick links
  • 10 Trends Shaping 2024
  • Global Private Equity Risk Index Highlights Risky Insight From Digital Chatter
  • 2023 Fraud and Financial Crime Report
  • Popular topics
  • Valuation Advisory Services
  • Compliance and Regulation
  • Corporate Finance and Restructuring
  • Investigations and Disputes
  • Digital Technology Solutions
  • Business Services
  • Environmental, Social and Governance Advisory Services (ESG)
  • OUR EXPERTS
  • Environmental, Social and Governance
  • Consumer and Retail
  • Financial Services
  • Industrials
  • Technology, Media and Telecom
  • Energy and Mining
  • Healthcare and Life Sciences
  • Real Estate
  • Client Stories
  • Transactions
  • Restructuring Administration Cases
  • Settlement Administration Cases
  • Find an Expert
  • Board of Directors

Wed, Sep 30, 2020

Conduct Risk and FCA Expectations - “Messages from the Engine Room”

Mark Turner

Mark Turner

Five years since the launch of the 5 Conduct Questions Programme (5CP), the Financial Conduct Authority’s (FCA) latest publication, “ Messages from the Engine Room ,” shows that the financial services industry’s conduct and change efforts are having a positive effect on businesses, customers and the market. Yet while these advancements are encouraging, the FCA has identified several existing and emerging conduct risk areas that require the industry’s attention. Importantly, the FCA also confirms that conduct and culture will continue to remain a supervisory priority focus area over the coming years. 

Recap: What is the 5CP and its Evolution?

Launched in 2015 by the FCA as part of its strategy for supervising wholesale banks, the 5CP’s purpose is to drive positive change in conduct and culture across the sector. Whilst the programme initially focused on wholesale banking, the FCA’s views and expectations are relevant to all financial services organizations regardless of sector. 

The five conduct questions are:

Conduct Risk and FCA Expectations

The FCA has published 5CP reports annually since 2016 based on their engagement with the industry on this topic. These publications are designed to provide an important litmus test of how culture and behaviors within the industry are evolving. This information is obtained through feedback and insights from the industry on their change experiences and practices, as well as the FCA’s own observations and expectations of the industry.

The FCA’s latest 5CP report was published in September 2020: “Messages from the Engine Room: 5 Conduct Questions”. To compile this report, the FCA held separate roundtables with 18 wholesale banks, each attended by 10 employees at the vice president level (typically 10+ years’ experience). 

Key Takeaways From “Messages From the Engine Room”

External Influences 

How has the FCA’s view and expectations changed since the start of the 5CQ programme four years ago? In short, they have not changed materially, however the external environment of 2020 has brought conduct risk management and behaviors into sharp focus. 

In particular, the FCA acknowledge that 2020 will take a toll on business operations as well as on staff. The impacts of COVID-19 have heightened some risks and brought about new risks that firms will need to consider for conduct and culture. These risks are driven by changes in customer behavior, dramatic shifts in operational arrangements, increased reliance on technology, loss of face to face interaction between employees and loss of direct face-to-face oversight. To add to this, the personal impacts on individuals have been significant: increased stress levels resulting from isolation and the challenges of remote working, as well as concerns from managers on how to effectively manage people and processes.

Tone from Within

One interesting area is how the FCA has evolved the discussion to where everyone is accountable and responsible for conduct—there has been a shift in the mantra of “tone from the top” to today where the mantra is “tone from within”. We welcome this change in message as the culture, and consequently the approach to conduct risk prevalent within an organization, is made of individual behaviors, approaches and ethics; it’s not merely a statement and the actions of those from the “top” of an organization.

Areas of Weakness

In terms of progress made on conduct risk across the industry, the FCA saw several positive examples. However, it concluded that there also remain areas of weakness. These key areas are summarized below:

  • Identification of Conduct Risk Remains Weak  Depth of understanding in terms of identifying conduct risks in day-to-day work activities was low. There was an awareness of the “headline” conduct risk areas such as conflicts and treatment of customers; however, the nuanced areas such as enabling customer bad behavior were less identifiable by the roundtable cohort as areas which impact conduct risk management. The FCA’s expectation is that emerging conduct risks should be considered; as such, organizations need to provide guidance and training to staff on how to proactively consider risks beyond conduct and those identified as part of the risk management framework. The FCA also holds the view that conduct risks cannot be considered through only a simple annual review. As conduct risks are driven by behaviors, a more active approach is required to identifying, managing and responding to these risks in the same dynamic way as other risks. Many organizations for example use processes which have the capacity to evolve with internal and external factors. 
  • Remuneration and Performance Assessments  Whilst the FCA acknowledged the work to date to link personal conduct behaviors to performance and remuneration processes and assessments, the roundtable participants felt that substantive discussions regarding conduct issues and behaviors were not undertaken and that rewards (remuneration, bonus or promotions) were still predominately based on achievement of financial targets.
  • Culture, Safety and Leadership  Participants felt that subcultures within an organization could contribute to the failure of driving a positive culture and positive conduct within the whole organization. Whilst it was clear that organizations had invested in “Speak Up” mechanisms, there was less clarity with regards to how these mechanisms were used in a day-to-day context for matters which may not need to be flagged to the governing body. For example, small conduct misdemeanors which have a micro impact, or which when amalgamated lead to a significant conduct concern. Participants also felt that layered middle management could obstruct positive conduct behaviors by failing to cascade information both upwards and further down into the various levels of an organization. 
  • Purpose, Principles and Values  Whilst some participants felt that their organizational purpose was clear, many participants could not accurately articulate that purpose and there was confusion between the terms purpose, principles and values. Roundtable participants also felt unsure as to how principles and values linked to their own goals and objectives as well as the objectives of the organization. Approaches to defining a purpose vary. Some organizations start the process of defining what success looks like in terms of various measures: financial, staff, behaviors and customers. By ensuring success is measured multilaterally, an organization can focus on sustained, long-term success rather than short-term. Positively, many participants appear to be enthused and engaged when they understand what is meant by purpose, principles and values. Where these align with their own personal vision, and where they see them being lived and breathed in an organization, there appears to be a real sense of ambition and pride, which itself is likely to push the conduct agenda the right way.

Areas for Consideration

Below are 10 area for firms to consider when planning their conduct agenda, which draw on both the findings from the FCA’s report as well as our own experiences working with clients across the industry:

Organizational Purpose and Principles

  • Is your organization’s purpose central to the business model, strategy and culture?
  • Have your leaders and managers clearly communicated a company purpose?
  • Has the company purpose and principles been articulated by leaders and managers in a way that links to staff members’ specific roles and responsibilities, objectives and goals as well as the wider organization’s?

Organizational Values and Behaviors

  • Is the corporate mindset framed in a positive ethos where all staff are responsible for identifying and managing conduct risks? 
  • Are corporate values and goals aligned to conduct behaviors?
  • Is there a consistent approach and style adopted by managers on their own and staff’s application of company values and behaviors?
  • Do individuals at all levels live the organization’s culture, where their actions and words align with the organization’s values?

Roles and Responsibilities

  • Do staff understand how their roles and responsibilities can potentially create conduct risk or harm for the customers, the firm or markets?

Identifying Conduct Risks

  • Does your organization’s overall ERM framework enable you to adequately identify, understand and mitigate all types of conduct risks, using both top down and bottom up approach? 
  • Have staff received sufficient training to be able to identify conduct risk in their day-to-day roles beyond general awareness?

Leadership and Management

  • Is direct support provided from leaders and managers to staff when raising a conduct question or speaking up about issues?
  • Does your organizational structure support leaders and managers to effectively cascade tailored communications to staff, such as the company purpose aligned to roles and responsibilities, values and objectives?
  • Is middle management delivering consistent messages from leadership to staff? 

Staff Engagement and Empowerment

  • Has your organization fostered a culture where staff can raise emerging conduct risks and feel confident their voice will be heard? 
  • Do all staff members feel individually responsible for conduct in their role?
  • How and when does your organization regularly engage with staff on conduct risks and culture? Is that sufficient?

Performance 

  • Do individual objectives and performance appraisals adequately recognize personal conduct and behaviors in achieving objectives?
  • Are line managers sufficiently supported to enable their teams to perform at their best in a way that supports the organization’s conduct approach and culture?

Remuneration and Reward

  • Is remuneration truly linked to conduct behaviors in your organization, and applied consistently? 
  • Are financial targets given undue significance? 
  • Are there conduct behaviors which can be quantified to enable positive recognition of good behaviors?
  • Is your organization’s Speak Up process structured such that staff feel able to flag concerns? 
  • Does the process account for conduct issues which may not be immediately considered as the most serious? 
  • Are staff truly confident in the anonymous nature of the process or do they fear retribution and therefore lack psychological safety? 
  • Is there sufficient time, resource (a team or individual) and expertise assigned to managing Speak Up within your organization?

Organizational Structure

  • Does your organization’s operating model adequately support achieving your company purpose, strategy and desired culture?

Financial Services Compliance and Regulation

End-to-end governance, advisory and monitorship solutions to detect, mitigate, drive efficiencies and remediate operational, legal, compliance and regulatory risk.

Kroll is headquartered in New York with offices around the world.

More About Kroll

  • Trending Topics
  • Media Inquiry

More About Kroll

  • Accessibility
  • Code of Conduct
  • Data Privacy Framework
  • Kroll Ethics Hotline
  • Modern Slavery Statement
  • Privacy Policy

KPMG Personalization

fca business plan conduct risk

  • FCA publishes its 2023/24 Business Plan

A summary of the FCA's annual business plan

  • Share Share close
  • 1000 Save this article to my library
  • View Print friendly version of this article Opens in a new window
  • Go to bottom of page
  • Home ›
  • Insights ›

The FCA has published its Annual Business Plan . Much of the plan reiterates activity that is already in train, published or scheduled with very little that is new or materially altered. This is understandable as last year the FCA published a three-year strategy. Interestingly however, the metrics to which the FCA announced last year it would hold itself accountable have not been reported. These will now be published later in 2023 as part of the Annual Report. 

The most notable announcement in the plan is the creation of a new Interventions team within Enforcement specifically for Consumer Duty. This function will be operational from August 2023 to enable rapid action where immediate consumer harm is detected.

Four FCA commitments

Although its three-year strategy remains unaltered, with delivery across 13 commitments, the FCA has decided to invest further in the four commitments it has identified as critical in the next 12 months.

1. Putting consumers' needs first

The FCA will continue to prioritise protecting people from unfair treatment, with more staff being allocated to ensure firms support consumers who are struggling financially. Further, the FCA has committed to providing additional resource (£5.7m) to ensure that Consumer Duty is embedded effectively. Here the FCA has (again) dangled the carrot of a `more simplified approach to regulation.' 

2. Preparing financial services for the future

The FCA will continue its urgent work relevant to the new Future Regulatory Framework (FRF) and Edinburgh Reforms, which will help support the UK's wider economic growth and international competitiveness. More than £12m will be invested to prepare for the FRF, including the orderly movement of firm-facing requirements in retained EU law into the FCA Handbook. Critically, and likely to be welcomed by the industry, a new cost benefit analysis panel will also be established to support the effectiveness of the FCA's programme of work. 

3. Strengthening the UK's position in global wholesale markets

Alongside continuing regulatory reform in secondary markets and of the Listing regime, the additional funding for this commitment will be focused primarily on strengthening the FCA's capability and capacity to predict and react to events in global markets, including heightened volatility. 

4.Reducing and preventing financial crime 

The FCA continues to look for innovative ways of reducing and preventing financial crime, which harms confidence and integrity in the UK market and puts consumers' money at risk. Initiatives include a strengthened authorisation process, increased covert capabilities to identify and disrupt fraudsters, improved assessments of firms and more staff to investigate and prosecute offenders.

Specific Challenges

The FCA also identifies specific challenges for the year ahead:

Key Uncertainties

The FCA expects the economic and geopolitical environment to remain highly uncertain over the year ahead and has flagged the following specific uncertainties:

  • Interest rates and inflation.
  • The risk that unemployment increases more than currently projected.
  • Potential for further declines in real household disposable incomes.
  • Potential for further market volatility.

Wholesale markets

Although wholesale markets have recovered from gilt market volatility and the impact on pension funds in the autumn, the FCA will remain alert to potential problems and be ready to act (as firms will need to be) if necessary, to manage heightened operational and market risks.

Cost of living and Consumer Duty

Rising interest rates and inflation have contributed to an increase in the number of people stretched financially and many consumers face significant financial pressure. The FCA will identify and track early indications of problems to enable it to respond proactively.

Update of FCA's focus areas

As established in last year's Business Plan (summarised here ), the FCA has three key focus areas:

  • Reducing and preventing serious harm.
  • Setting and testing higher standards. 
  • Promoting competition and positive change.

The rest of the plan mainly provides detail on the progress of work that the FCA will be continuing (coupled with supporting data). There is, however, also confirmation of key new activities that will commence in 2023/4. As referenced above, the most impactful of these will be the creation of a new Interventions team in relation to Consumer Duty Some of the other `new' areas are surprising, less in relation to the ambition and more that it was not activity already underway — see the entry below on taking more action against problem firms.

Fca Table

Regulatory Fees and Levies

The FCA has also published the consultation on its fees and levies for the year ahead. In recognition of the pressure firms are under, it proposes to freeze application fees, and the minimum fees paid by firms.

Action for firms

Firms will want to review the actions set out in the FCA's plan and reassure themselves that they are well positioned to respond. 

Alongside continuing strong focus on its primary operational objectives, the FCA is beginning to adapt to its likely new secondary objective to facilitate international competitiveness of the UK economy and this may provide opportunities for firms.

It is clear that the FCA plans to request more data from firms and seek to respond to market events in a more agile way. To illustrate this point, given that the FCA is setting up a new Intervention team to take action in short order on outliers, firms impacted by the Consumer Duty should focus in the immediate future on gaining comfort that they have appropriately considered its implementation. For more detail about how to approach the Duty, read our recent article on substantive compliance — and how far is far enough. 

Related content

View of sea island

Providing pragmatic and insightful intelligence on regulatory developments.

blur-lights

The FCA Business Plan: What does it mean from a governance perspective?

United Kingdom |  Publication |  June 2022

Earlier this year the Financial Conduct Authority ( FCA ) published its latest Business Plan. The Business Plan itself took a different form when compared to previous incarnations by having a shorter summary of priorities and planned activities and cross referring to other documents including the three-year strategy and the regulatory initiatives grid. Notwithstanding this, the Business Plan contained, as usual, a number of nuggets for firms which will help guide them on the regulator’s expectations in certain areas. Governance is clearly an area of focus for the FCA and the Business Plan contains both explicit comments which firms should take on board and references to the FCA’s own governance arrangements which may be of assistance to firms considering potential enhancements in this area. In this article we will cover both these types of comments.

Appointed Representatives: One of the key reforms this year will be the changes to the Appointed Representatives Regime (AR). The FCA has already published a consultation paper outlining its proposed reforms, the catalyst of which has been a concern that principal firms are not adequately overseeing the activities of their ARs leading to a risk that consumers are being mis-led and mis-sold. Improving oversight of ARs was a topic mentioned in the Business Plan and principal firms were reminded in the consultation that they must effectively oversee their ARs and ensure that they have appropriate governance arrangements, effective risk frameworks, internal controls and adequate resources.  Operational Resilience: The Business Plan also mentioned that whilst operational disruptions are inevitable, firms must be operationally resilient. An important part of any operational resilience strategy should focus on having effective governance arrangements in place. Having clear organisational direction, transparency over roles and responsibilities and effective internal co-ordination all lead to better resilience outcomes. Market Abuse: The Business Plan also spoke of the FCA delivering assertive action on market abuse and working to ensure that firms and issuers have robust controls in relation to inside information and to disclose it to the market in an accurate and timely way. Understanding what good governance over the control of market abuse risks looks like and implementing the requisite processes to manage this, is critical for senior managers. ESG: Unsurprisingly, the Business Plan referenced the FCA’s environmental, social, and governance (ESG) priorities and this included embedding consideration of ESG issues in the authorisation process. This includes considering factors such as D&I, the nature of the firm and the products and services to be offered and increasing supervisory focus on asset managers. Crypto-assets: In relation to crypto-assets, the FCA made the point in the Business Plan that the UK currently only regulates such assets for money laundering purposes but these assets are increasingly being adopted and incorporated into existing financial services.  As per its statement in March the FCA reminded firms that when interacting with or exposed to crypto-asset services they remain responsible for assessing the risks to their business and consumers.  As mentioned above, the FCA made a number of comments regarding its own governance arrangements which may also be applicable to firms. These include the FCA:

  • Noting that the Business Plan was being published when the external environment is changing rapidly and flagging its adaptive approach to allocating resources and monitoring performance to make it more agile and able to respond to market needs; respond to today’s challenges and prepare for those of tomorrow (such as by understanding the impacts of digital developments).
  • Recognising the need to use resources efficiently so the FCA has weighed the different outcomes it wants to achieve, looking at factors such as severity and probability of harm.
  • Framing its activities by reference to the outcomes they achieve rather than the processes it follows.
  • Committing to reporting publicly on outcomes and developing a set of metrics to be used to measure progress.
  • Investing in its capability to become a data-led regulator as part of its transformation programme and exploring how it can use technology such as AI and increasing resource in intelligence and analytics to help spot and track fraudulent activity.
  • Streamlining its decision-making process (so that the Regulatory Decisions Committee focusses on contentious enforcement cases) so it can act more decisively and swiftly.
  • Engaging with devolved administrations and having a Devolved Nations team, recognising that different areas of the UK often have different needs.
  • Challenging itself to find the limits of its powers.

Firms may find it useful to consider how they can incorporate and evidence similar approaches to governance in the context of their own businesses with a view to being in a better position to demonstrate compliance with the FCA’s expectations.  

Katie Stephen

  • Financial institutions

Practice area:

  • Financial services and regulation

Recent publications

Publication

Essential Corporate News – Week ending 8 March 2024

On 29 February 2024 the second commencement regulations under the Economic Crime and Corporate Transparency Act 2023 (ECCTA) were made. These bring into force a number of important company law changes (through changes to the Companies Act 2006 (CA 2006) and other legislation) with effect from 4 March 2024.

United Kingdom | March 08, 2024

Fall 2022 update on US IBTs and Divisions

Corporate Transparency Act ruled unconstitutional by district court

The US District Court for the Northern District of Alabama held the Corporate Transparency Act (CTA) unconstitutional.

United States | March 07, 2024

Environment-trees-ESG-green-leaves-natural-resources

SEC adopts climate-related disclosure rules

The US Securities and Exchange Commission adopted final rules by a 3-2 vote that would require domestic and foreign registrants to provide climate-related disclosures in their registration statements and annual reports.

Subscribe and stay up to date with the latest legal news, information and events . . .

© Norton Rose Fulbright LLP 2023

  • Canada (English)
  • Canada (Français)
  • United States
  • Deutschland (Deutsch)
  • Germany (English)
  • The Netherlands
  • Türkiye
  • United Kingdom
  • South Africa
  • Hong Kong SAR
  • Marshall Islands
  • Nordic region

Leaders in Cloud & Cyber Security for the Financial sector

Cloud & Cyber-security Experts

The FCA’s Business Plan for Minimising Operational Risks in 2022/23

01 Jun 2022

The FCA’s Business Plan for Minimising Operational Risks in 2022/23

The FCA is the conduct regulator for approximately 50,000 financial services institutions and markets. The regulator recently made announcements regarding their business plan for the next 12 months and what this means for businesses who operate in UK markets. A key focus from the FCA’s strategy covers ‘minimising the impact of operational disruptions’. This umbrella term used by the FCA includes responses to cybersecurity and why this is becoming an increasing concern in the financial services industry.

In the last two years, the FCA has significantly transformed how they work as a regulatory operator. This has been greatly influenced by the onset of the COVID 19 pandemic and as a consequence, the FCA have been seeking to continue to evolve and change so they can provide adequate, effective and safe regulation for all market participants. As part of this transformative process, they have carried out a deep dive into their own operations with a goal of establishing how to use data and technology to make informative decisions regarding consumer interests.

The FCA has recorded a great growth in digital services supplied to consumers within the financial services markets. Both customers and businesses continue to have access to more and more data so they, in theory,  can make key decisions regarding investments and finances faster and more effectively. However, whilst this greater access and speed brings greater opportunities within the digital finance and fintech world, it also opens a pandoras box of risks that can evolve very quickly. Operational risks that can arise due to this new financial climate include increased danger of cyberattack. Due to this, the FCA has set the intention to improve their technologies and capability to find and stop harm faster, whilst also seeking to strengthen the resilience of the firms they manage. In the next two to three years, the FCA will be assessing the resilience of all financial firms by analysing their business continuity plans, their incident response frameworks and their cyber security and third-party management. The FCA will be placing great scrutiny on firms who cannot adhere to and meet their current or new resilience guidelines.

Outsourcing Risk Management to Third Parties

As the FCA places greater pressure on financial firms to have adequate risk detection and management, we will be working with clients to mange this demand, implementing our Automated Incident Response Engine ‘AiRE’  and Security Operations Centre, Seceon aiSIEM. Both of these platforms are award winning. They are industry leading adaptive and intelligent security information and event management platforms.This technology empowers us to support our clients with their overall IT architecture, whilst also giving them a 360 degree view of their managed security service. Through this service, RFA will be helping clients minimise the impact of operational disruptions that could be onset by cyber terrorism or cybercrime. Being able to protect a firm’s financial data from cybercrime is critical to protect both the firm’s employees and their clients from a data breach.

The threat of cyber attack continues to grow in momentum as the world of digital finance continues to expand. The FCA understands such attacks are inevitable and can lead to operational disruptions. However, these risks need to be managed and firms must be in a position to protect themselves by investing in their resilience in the event of an attack. By investing in adequate risk detection and management, firms will be adhering to the FCA’s future guidelines, whilst also protecting themselves, their employees and their investors.

Related Articles

Counting down to dora – six key takeaways, the roadmap towards dora: 2024 and beyond, the cisa updates its #stopransomware guide.

In September 2020, the CISA (Cybersecurity & Infrastructure Agency) and FBI launched a #StopRansomware guide for businesses operating in the United States.

Redefining technological support every day

Let our experienced team discuss your organization’s requirements, review your current IT setup, and provide tailored guidance on the right course for you.

fca business plan conduct risk

UK FCA Regulatory Objectives and Focus for 2023 and 2024

Richard burger, lindsey cullen, related solutions.

  • Financial Services
  • Bank Regulation and Enforcement
  • Broker-Dealer Compliance and Regulation
  • Securities Enforcement
  • UK White Collar Defense and Investigations
  • White Collar Defense and Investigations

The Financial Conduct Authority’s (FCA) 2023/24 Business Plan (Business Plan) sets out the FCA’s aim to be viewed as a proactive, assertive and robust regulator, especially in its protection of retail consumers.

Released on 5 April 2023, the Business Plan establishes the FCA’s priorities for the coming year and how it is going to deliver on the second year of its 2022-2025 Strategy . This strategy established the FCA’s intention to act more assertively and test the limits of its powers. The details of this year’s Business Plan elaborate on how it will do so.

Some of the key elements of the Business Plan are summarized below. 

The new Consumer Duty is a key priority for the FCA this year. The duty comes into force on 31 July 2023 and requires firms to act to deliver good outcomes for retail customers. The FCA has significant funding earmarked for the Consumer Duty, which it plans to use for sector-specific supervisory work. 

The Business Plan states that through this supervisory work, the FCA will “ identify, assertively supervise and effectively enforce against activities which undermine effective competition and good consumer outcomes ”. This indicates that firms should expect the FCA to open investigations and commence enforcement action where it deems that regulated firms have taken insufficient action to comply with the Consumer Duty.

Financial and Operational Resilience

The Business Plan states that regulated firms should be investing in their operational resilience, in light of a growing level of cyber threats, operational risks and a complex geopolitical backdrop. While the FCA has always been focused on the financial resilience of firms—ensuring that firms meet financial resource requirements so they can conduct business and, if necessary, wind down without causing harm—operational resilience is a relatively new priority that became highly relevant during the 2020 global pandemic. The FCA will be starting to assess firms’ operational resilience ahead of the 2025 deadline in order for firms to demonstrate that they can remain within specified operational impact tolerances.

Financial Crime

One of the FCA’s primary areas of focus is the reduction and prevention of financial crime. This focus combines the FCA’s aim to reduce scams and frauds for retail consumers, as well as its aim to reduce the incidence of money laundering through firms.

The FCA plans, among other things, to increase its proactive assessment of firms’ anti-money laundering (AML) systems and to control and develop the data-led analytical tools used in its AML supervisory work. The Business Plan also re-emphasised the FCA’s ongoing work to supervise AML within cryptoasset firms, a sector of increasing importance for the FCA. The multiple references to AML within the Business Plan show that it continues to be a priority for the FCA.

The FCA plans to deliver assertive action on market abuse. There are two important strands of this plan: first, to ensure that firms are resilient to market abuse, for example by having robust systems and controls and a strong reporting and anti-market abuse culture; and second, to deter wrongdoers by imposing sanctions. Specifically, the FCA plans to invest in the investigation and prosecution of fixed income and commodities market manipulation, with a focus on very high-risk firms. 

Market abuse has always been an important area for the FCA, but this year’s Business Plan indicates that it has new, tangible plans to address this issue. If effective, these should result in new market abuse investigations being opened, which may ultimately result in more civil criminal insider dealing investigations, regulatory outcomes and prosecutions

The FCA notes that it has significantly increased its headcount since the start of 2022, particularly within its Authorisation and Enforcement divisions. 

News of additions to the Authorisation division should be welcomed by firms and senior individuals who have been caught in a regulatory vacuum while authorisation and change of control applications have been significantly delayed. 

Equally, additions to the Enforcement division should allow the FCA to more effectively manage its significant workload. Firms and individuals subject to enforcement action can therefore hope to see a reduction in the ever-lengthening duration of FCA investigations. As well as increased headcount, the FCA’s Enforcement division is also undergoing a significant change of leadership: Therese Chambers (an FCA veteran) and Steve Smart (former head of intelligence of the National Crime Agency) are replacing Mark Steward as co-executive directors of the Enforcement division. Mr. Smart’s criminal intelligence experience supports the FCA’s investment in and expansion of its intelligence-gathering capabilities.

Burger_Richard

+44 (0)20 7872 1016

Cullen_Lindsey

Senior Associate

+44 (0)20 7872 1081

Unless you are an existing client, before communicating with WilmerHale by e-mail (or otherwise), please read the Disclaimer referenced by this link.(The Disclaimer is also accessible from the opening of this website). As noted therein, until you have received from us a written statement that we represent you in a particular manner (an "engagement letter") you should not send to us any confidential information about any such matter. After we have undertaken representation of you concerning a matter, you will be our client, and we may thereafter exchange confidential information freely.

Thank you for your interest in WilmerHale.

You are using an outdated browser. Please upgrade your browser to improve your experience.

Linklaters

  • Client Services
  • Find People

Click here to enter the knowledge section of the site.

  • >  Germany
  • Log in / Register

Click here to open up the search.

  • Publications

FCA Business Plan 2021-22: A faster future FCA

Author: Simon Treacy

In his first Business Plan since becoming Chief Executive of the Financial Conduct Authority, Nikhil Rathi promises to make the FCA a more innovative, assertive and adaptive regulator.

Would you like to continue reading?

Log in or register for free to access this content and more on our Knowledge Portal. If you were registered to the previous version of our Knowledge Portal, you will need to re-register to access our content. 

Linklaters user? Sign In

Already registered? Continue reading by logging in.

Not registered yet? Create a free account to access this content and more.

Share this article

Close  ×

You will need to log in or register to view the content

  • 01. Your details
  • 02. Your organisation details

Information collected as part of the registration process will be used to set up and manage your account and record your contact preferences.

Further details about how we collect and use your personal data on the Knowledge Portal, including information on your rights, are set out in our Global Privacy Notice  and Cookie Notice .

Reset password

If you were registered to the previous version of our Knowledge Portal, you will need to re-register to access our content.

fca business plan conduct risk

  • The FCA’s 2023/24 Business Plan: Stop Me If You’ve Heard This One Before…

April 19, 2023

Compliance Alert

On 5 April 2023, the Financial Conduct Authority (FCA) released their 2023/24 Business Plan , detailing the actions the UK regulator aims to take over the next 12 months in support of its three year strategy , which was published in April 2022 .

Set against the continuing backdrop of economic and geopolitical unpredictability, the Business Plan highlights key uncertainties for the year ahead, which include volatility around inflation and interest rates, the risk of unemployment increasing more than currently projected, the ‘cost of living’ crisis, and the potential for further market volatility. 

But those expecting something new and revolutionary will be sorely disappointed. Following last year’s approach, the document is once again structured with cross-sector focus points and desired outcomes applicable to all regulated firms, framed in the same three key strategic themes. The FCA wants to be a more assertive, adaptive, and innovative regulator and is cognizant of the need to be agile to deal with new challenges, though a reference to “finite resources” does perhaps temper expectations. Despite the obvious budgetary constraints (with regulatory fees increasing below the level of inflation and a freeze on application fees) headcount has grown, locations have expanded, and new digital and data capabilities are afoot.

Critical Commitments

Alongside the strategic themes of reducing and preventing serious harm, setting and testing higher standards, and promoting competition with positive change, the FCA sets out four critical commitments: 

  • Preparing financial services for the future The FCA plans to continue its urgent work with its partners and deliver the outcomes of the new Future Regulatory Framework (FRF) and Edinburgh Reforms . More than £12 million will be invested to prepare for the FRF, which will help support the UK’s wider economic growth and international competitiveness, in line with the FCA’s new secondary objective. The regulator will also continue to support innovative and high growth firms.
  • Reducing and preventing financial crime As always, financial crime is an area of focus for the FCA, with it now continuing to look for innovative ways of reducing and preventing financial crime. This includes a strengthened authorisation process, improved assessments of regulated firms, and more staff to investigate and prosecute offenders. Much of the work to deliver on its commitments is well underway and the FCA wants to continue to prioritise its work to bring the most benefits to consumers, firms and the wider economy. 
  • Putting consumers’ needs first In light of the rising cost of living, the FCA is ever more aware of its duty to ensure that retail investors are protected from unfair treatment, with more staff allocated to ensure firms support consumers who are struggling financially. Nothing is more prevalent in the Business Plan than the Consumer Duty (the Duty), coming into force later this year, which plays a leading role in meeting the regulator’s objective of putting consumers’ needs first. It’s apparent that this concept is becoming integral to the regulator’s mindset in every stage of the regulatory lifecycle. The FCA has committed to providing additional resources to make sure the transition is smooth for consumers and that firms properly commit to the new principal, with threats of enforcement activities for those whose activities undermine good consumer outcomes or result in consumer harm. 
  • Strengthening the UK’s position in global wholesale markets To ensure the UK remains an attractive place for business, the FCA is pouring investments into its technology and analysis capabilities to aid in quicker and more efficient market oversight. The regulator will use the opportunity provided by the FRF to review regulation of the asset management sector . It is already seeking views and will bring forward proposals based on the feedback it receives later this year. There has been much discussion around the democratization of the private markets over the last year or so and the FCA will consider the necessary mechanisms, as and when deemed appropriate, to enable retail access to the capital markets. 

Focus Points

The stated outcomes within each strategic theme have been set out over a 3-year time horizon, and the FCA’s progress in year one will be published later in the year in its Annual Report. Keen followers of the FCA Business Plan will note that the themes covered are consistent to last year’s plan though the narrative around these themes, one year on, have progressed.

Focus 1: Reducing and preventing serious harm

  • Problem firms – Acting faster to identify and react to firms causing harm to consumers or to wholesale markets with more risk adverse and robust action by the FCA.
  • Redress – Improving the framework to ensure consumers receive prompt compensation, but also ensure the firm that owes the redress pays it, as opposed to passing it on to other regulated firms through the FSCS levy.
  • Firm failure – Ensuring firms are able to meet their financial resource requirements and can recover quickly from disruptions to their business models, or wind down orderly. This is not a ‘zero failure’ regime.
  • Oversight of Appointed Representatives (ARs) – A complete overhaul of the requirements on principal firms came into effect in December 2022 with the hope of creating stronger principal firm oversight and reducing AR harm.
  • Financial crime – Improving confidence that consumers and market participants have in the financial services industry by lowering incidences of money laundering through supervised firms. 
  • Market abuse  – Delivering assertive action to help firms develop strong prevention cultures and effective surveillance, underscored by improved detection capability by the FCA to achieve clean markets.

Focus 2: Setting and testing higher standards

  • Consumer protection – Reiterates the importance of the forthcoming Consumer Duty coupled with concerns over the cost of living, financial inclusion, and access to cash, ensuring the renewed higher standard is met.
  • Enabling customers to help themselves – Focus on the use of technology and data to find breaches and shut down misleading promotions that may be unsuitable or result in mis-selling.
  • Environmental, social, and governance (ESG) – Ongoing development of the FCA’s strategy for positive change and building a regulatory framework that is at the forefront of ESG thinking internationally as sustainability related matters become increasingly material to firms and investors.
  • Operational resilience – New standards related to operational resilience to ensure consumers can continue to access essential financial markets and threats to confidence in and disruption of the sector are reduced.

Focus 3: Promoting competition and positive change

  • UK regulatory framework – Additional investment in this area, given the political backdrop, with the aim of ensuring the UK maintains its position as a leading financial sector.
  • UK competitiveness – The desire for the UK financial services industry to be open to innovation to support growth, with a backbone of high standards of market integrity and consumer protection, making it the leading choice for investment and international issuers. 
  • Market digitisation – Better understanding of the opportunities and risks which lie in the digital world by working with other regulators to support consumers making good decisions.

The FCA has set out the expected budget requirements for the year and, alongside the previously mentioned £12.7 mln for investment in the FRF, the implementation of the Consumer Duty alone is expected to cost around £5.3 mln. These amounts are in addition to an increase in budget of approximately £47 mln for ongoing regulatory activities, bringing the total Annual Funding Requirement to just north of £680 mln, which is just shy of a 10% increase YoY.

Key Takeaways

The FCA has always been focused on the consumer market and protecting the wholesale market in general, and this clearly remains central to the FCA’s approach with “consumers” being dominant in each area of the Business Plan. How the implementation of the Consumer Duty plays out across the market, even for those not directly impacted, may set the tone for regulatory reassessments and reviews in the coming years. The review of the Asset Management sector is similarly weighted towards the consumer despite the FCA themselves stating that 80% of AUM resides with institutional investors.

What also cannot be ignored is the political influence that runs throughout, with the Edinburgh Reforms forming the backbone to the recent reviews and discussion papers that have been issued (Asset Management, SM&CR review et. al.). Much of the FRF is predicated on the passing of the EU Retained Law Bill, including the “sunset” clause within this hotly debated piece of legislature. With recent briefings indicating a willingness to forego at least the “sunset clause”, the pace of regulatory change may reduce in the lead-up to the next general election.

Until then what is past appears to be present and the power, or at least the focus, sits firmly with the people.

How we help

Compliance teams need continuous support and knowledge sharing to stay on top of regulatory initiatives. Our team helps you navigate the evolving regulatory landscape while considering the complexity of your firm’s unique compliance requirements. 

We help our clients with their FCA regulatory program through our advisory ,  outsourcing , and  technology solutions . Our services and solutions include standard and customized compliance packages, cybersecurity and technology risk assessments , ESG assessment and program management , and a variety of business advisory, technology, and training solutions for financial services firms.    

Contact us  if you have any further questions, or to find out how ACA can help your firm meet your regulatory requirements.

Share This:

Related insights.

curved glass building looking up at a blue sky

New Requirements for Broker-Dealer Execution Quality Reports

March 08, 2024

Amendments to Rule 605 also require attention from Investment Advisers and Investment Company Directors

  • Broker-Dealer

highway from overhead daytime

U.S. Regulatory Update – February 2024

February 29, 2024

This update covers new rules for asset-backed securities transactions, tips for filing Form ADV, FINRA's new rules for home offices and the remote office inspection program, the Corporate Transparency Act, and more.

Will SM&CR Pass its own fit and proper test

The FCA Proposes a New Approach to Publicise Investigations

February 28, 2024

The FCA’s recent proposal to publicise investigations should prompt investment firms to take a fresh look at compliance culture, platforms and testing.

We explore the FCA’s Business Plan in detail, uncovering its implications for compliance teams.

Introduction

The FCA plays a crucial role in shaping the landscape of financial services, and its annual Business Plan serves as a roadmap for the regulator’s priorities and initiatives. 

This post aims to provide an in-depth analysis of the FCA’s Business Plan, highlighting key themes and initiatives that are expected to drive change in the financial sector. By examining the plan’s key commitments, metrics, and focus areas, we can better understand the FCA’s vision and its potential impact on regulated firms, market participants, and consumers.

FCA in the UK

Table of contents

What is the fca.

The FCA, or Financial Conduct Authority, is the regulatory body responsible for overseeing the financial services industry in the United Kingdom.

The primary objective of the FCA is to ensure the integrity, efficiency, and fairness of the UK financial markets. It aims to protect consumers, promote competition, and maintain the stability of the financial system. The FCA regulates a wide range of financial firms, including banks, insurance companies, investment firms, mortgage lenders, and consumer credit firms.

It was established in April 2013 as part of the Financial Services Act 2012, replacing the Financial Services Authority (FSA).

The Financial Conduct Authority (FCA) regulates the financial services industry in the UK. Its role includes protecting consumers, keeping the industry stable, and promoting healthy competition between financial service providers. Gov.uk

The UK's Financial Regulator

A history of the fca.

The FCA’s formation was a response to the global financial crisis of 2008, which exposed serious shortcomings in financial regulation. The FSA, which was responsible for regulating the financial services industry at the time, faced criticism for its failure to prevent the crisis and effectively regulate the industry. As a result, the UK government decided to split the FSA into two separate entities: the Prudential Regulation Authority (PRA) and the FCA.

The PRA is responsible for the prudential regulation and supervision of banks, building societies, credit unions, insurers, and major investment firms in the UK. Its primary objective is to promote the safety and soundness of these financial institutions and ensure the stability of the UK financial system.

Conversely, the FCA is tasked with the supervision of the 60,000+ firms it has oversight of, as well as protecting consumers and working with firms to ensure fair outcomes. Since its establishment, the FCA has implemented various regulatory initiatives and reforms to enhance financial stability, firm conduct and consumer protection. It has introduced stricter rules and standards for financial firms, including requirements for greater transparency, improved risk management practices, and enhanced customer safeguards. The FCA also has the power to enforce regulations, investigate misconduct, and take disciplinary action against firms or individuals who breach its rules.

Understanding the Financial Conduct Authority

What are the fca’s objectives.

The FCA’s primary objectives are to protect consumers and maintain the integrity of the UK’s financial markets. It has a wide range of responsibilities, including supervising and regulating banks, insurance companies, investment firms, and other financial institutions. The FCA aims to ensure that the firms it oversees operate in a way that is fair, transparent, and in the best interests of consumers.

Securely store sensitive information

Objective #1

Secure an appropriate degree of protection for consumers.

Remediation

Objective #2

Protect and enhance the integrity of the UK financial system.

people icon

Objective #3

Promote effective competition in the interests of consumers.

THE FCA'S REMIT

Who is monitored by the fca.

The FCA monitors and regulates various entities and individuals to ensure the integrity, stability, and transparency of the financial markets. The FCA’s oversight extends to a wide range of participants operating within the UK financial sector. 

It is important to note that the FCA’s regulatory oversight is extensive, covering a wide range of participants in the financial sector. The specific entities and individuals monitored may vary based on the nature of their activities and any sector-specific licences they hold.

Banks and building societies

Insurance companies, investment firms, stock exchanges and trading platforms, payment service providers, mortgage lenders and brokers, consumer credit firms, financial advisers and investment intermediaries, crypto currency businesses, appointed representatives (ars).

Banks and building societies: The FCA monitors and regulates banks and building societies operating in the UK, ensuring they comply with regulations and maintain the stability of the banking system.

Insurance companies: Insurance providers, including life insurers, general insurers, and insurance intermediaries, are monitored by the FCA to ensure they meet regulatory requirements and provide fair treatment to customers. 

Investment firms: The FCA oversees investment firms, including asset management companies, hedge funds, and investment advisors, to ensure they operate within the regulatory framework and protect investors’ interests. 

Stock exchanges and trading platforms: The FCA monitors investment exchanges, such as the London Stock Exchange, and trading platforms to maintain fair and transparent markets. 

Payment service providers: Firms providing payment services, such as banks and payment processors, are regulated by the FCA to ensure the security and efficiency of payment systems. 

Mortgage lenders and brokers: The FCA monitors mortgage lenders and brokers to ensure responsible lending practices, fair treatment of borrowers, and compliance with mortgage-related regulations. 

Consumer credit firms: Firms offering consumer credit, including lenders, debt management companies, and credit brokers, are regulated by the FCA to protect consumers from unfair practices and excessive borrowing. 

Financial advisers and investment intermediaries: Individuals and firms providing financial advice, investment recommendations, or acting as intermediaries in investment transactions are monitored by the FCA to ensure they meet professional standards and act in the best interests of their clients. 

Cryptocurrency businesses: The FCA also actively monitors and regulates certain types of cryptocurrency-related businesses, such as crypto exchanges and wallet providers, in order to combat money laundering, protect consumers, and maintain market integrity. 

Appointed Representatives (ARs) : Individuals or firms acting as appointed representatives of authorised entities are monitored by the FCA to ensure compliance with regulatory requirements. 

UNRAVELLING THE BUSINESS PLAN

What is the fca's business plan.

Published on a yearly basis, the FCA’s Business Plan outlines the regulatory body’s priorities for the year ahead. It defines what the regulator is doing to deliver on its current strategy, and outlines a number of commitments and metrics by which progress will be measured.

birds eye view of houses of parliament

KEEPING IN LINE WITH THE FCA

What behaviours does the fca expect of financial service firms.

While the FCA sets the regulatory conditions that it encourages, and if needed, enforces good conduct, firms are ultimately responsible for conducting their business in a compliant and responsible way. The body’s specific expectations of firms vary for consumers and for wholesale markets, with similar topline outcomes of fair value, confidence and access.

The Business Plan is just one part of the overall framework. There is an important three-year strategy which started last year, they've (the FCA) talked about what year two looks like, and that feeds into the Business Plan. They've got a number of commitments and metrics. And we have those changes to the regulator's perimeter. Lucy McClements, Independent Consultant

There are four overarching outcomes that the regulator expects of the firms under its supervision serving consumers directly:

  • Fair value: consumers must receive fair prices and quality
  • Suitability and treatment: consumers are sold suitable products/services and are treated well when doing so
  • Confidence: consumers have confidence when participating in financial services, with minimised financial crime and, in cases where firms may fail, they experience less harm
  • Access: financial services that meet diverse consumer needs and are easily accessible to all

For wholesale markets, these outcomes are slightly different but demonstrate the same core themes:

  • Fair value: through increased transparency, market participants can make informed assessments of value and risk
  • Confidence: markets are resilient, with low levels of abuse, financial crime, and regulatory misconduct
  • Access: market participants are able to access a range of services in an orderly fashion across a variety of market conditions

PLANNING FOR THE FUTURE

The fca’s commitments.

All customers or entities entering into a relationship with a regulated organisation must undergo checks in accordance with anti-money laundering regulations. As a minimum regulatory requirement, FATF recommends that financial institutions undertake customer due diligence measures when:

Safeguard against undue risk

Reducing and preventing serious harm.

Why NorthRow

Setting and testing higher standards.

Latest technology

Promoting competition and positive change.

Focus 1: Reducing and preventing serious harm​

​focus 2: setting and testing higher standards, ​focus 3: promoting competition and positive change.

  • Dealing with problem firms : Creating a better functioning financial market by reducing and preventing harm and consumer risk. The FCA will improve its capacity to intervene when firms do not meet threshold conditions, removing or sanctioning those that can’t or won’t meet the FCA’s rigorous standards. 
  • Improving the redress framework: Ensuring consumers have access to the correct procedures and channels to redress when something goes wrong. The FCA aims to identify potential problems earlier, improve firms’ resilience, and undertake redress exercises with firms so they are prepared to quickly remedy any harm.
  • Reducing harm from firm failure: Helping firms to prepare for the risk of failure from the point of authorisation and, where appropriate, through early oversight. The FCA aims to act faster to identify and resolve problems to prevent firms from causing harm to consumers and market participants. 
  • Improving oversight of Appointed Representatives (ARs): In acknowledging the risk of consumer harm from ARs (a firm that undertakes regulated activities and acts as an agent for firms authorised by the FCA), the FCA aims to improve the amount of information it has on ARs, increasing its supervision of ARs, and identifying which business models may pose a heightened risk. 
  • Reducing and preventing financial crime: Continued scrutiny of firms before they are authorised and thereafter to ensure they meet FCA standards for the prevention of financial crime. Increased proactive supervision, monitoring social media for suspicious advertising, and ensuring cryptoasset firms’ compliance with money laundering regulations.
  • Delivering assertive action on market abuse: Ensuring firms have the right culture and safeguards in place to identify, report and reduce the risk of market abuse, while improving the body’s ability to detect and deter future instances of abuse. 
  • Putting consumers’ needs first: Ensuring consumers are able to make their own, informed decisions which are in their best interests and pursuant to their financial objectives through the proposed Consumer Duty, which outlines clearer and higher expectations on the standard of care firms provide to customers. 
  • Enabling consumers to help themselves: Enabling consumers to make decisions based on their own information research to make informed and good investment decisions. The FCA aims to improve consumer understanding, clamp down on misleading information and adverts, and stop unauthorised businesses. 
  • A strategy for positive change: ESG priorities: Promoting and executing a strategy supporting key ESG initiatives to help firms to better meet the needs of consumers, support innovation, build trust, further competition and position the UK at the forefront of ESG leadership on a global scale. 
  • Minimising the impact of operational disruptions: Helping firms to respond to, recover from and prevent disruptions to operations to limit any adverse impact on access to essential services and minimise any knocks to consumer confidence in financial services through comprehensive guidance to strengthen firms’ resilience.
  • Preparing financial services for the future: Adapting and implementing the FCA’s regulatory framework to suit UK markets quickly and in response to innovation, new challenges or emerging risks.
  • Strengthening the UK’s position in wholesale markets: Continue to position the UK at the forefront of evolving global standards, and provide transparency, consistency and cooperation with overseas wholesale markets and other authorities. 
  • Shaping digital markets to achieve good outcomes: Ensuring the FCA has a deep understanding of the risk and opportunities of the digitalisation of financial services in a way that benefits consumers and mitigates any harm through regulatory initiatives, swift response to technologies developments, building skills and capabilities within the FCA itself and providing thought leadership where appropriate.
I think that as a compliance officer, a compliance professional, you have a choice. Do you just read your 'Dear CEO' letter and the guidance - and there has been a massive drift towards guidance and policy statements - or do you look at the whole thing and understand where the movement is over time? Ben Mason, Founder of My Compliance Centre

These commitments form the pledges the FCA is making to achieve its focuses for the coming year, and create the conditions for firms to deliver the outcomes the regulator expects. As such, firms must have a clear understanding of these commitments, how the FCA will define and measure success, and ensure existing regulatory frameworks are adapted to ensure ongoing regulatory compliance.  

In order to deliver on these commitments, and hold itself accountable, the FCA has developed a number of key metrics. These metrics will allow the regulator to measure its success in delivering these commitments in line with its strategy.

MEASURING REGULATORY SUCCESS

Fca metrics to watch.

As part of this year’s Business Plan, the FCA has detailed the metrics it intends to track over the next 12 months that will be used to assess progress against delivering the outcomes listed above, as well as providing a baseline for authorised firms to measure their own performance against. With some 80+ metrics referenced in the latest Business Plan to measure the body’s progress, the next 12 months are shaping up to be a transformative period for financial service firms. We’ve picked just a fraction of the current list of metrics being tracked by the FCA and take a look at these below.

Outcome: Consumers receive fair prices and quality

Metric: CFV-M01: Reduction in the proportion of consumers who, in the last two years, have been offered a financial product or service they wanted, but at a price, or with terms and conditions, they felt to be ‘completely unreasonable’

Using data sourced from the FCA Financial Lives Survey, the regulator hopes to achieve a reduction in the number of customers who have been offered financial products or services in the last two years at a price, or with T&Cs, they felt to be ‘completely unreasonable.’ This metric is a key indicator of whether consumers feel that they are receiving a fair price or quality.

Baseline value: 7% of consumers (2020 results used as baseline for comparison)

SME lender AML checks

Outcome: Diverse consumer needs are met through high operational resilience and low exclusion

Metric: CAC1-M01: Reduction in the number of operational incidents

Making use of the vast amounts of supervisory data held by the FCA, this metric takes into account any operational incidents that could detrimentally impact a customer’s access to financial services. Firms authorised and supervised by the FCA must be open and cooperative with the regulator, disclosing anything that relates to the operational resilience of the firm.

Baseline value: 599 operational incidents (data from 2021 used as baseline)

Metric: CAC2-M01: Reduction in the proportion of consumers who were declined a product or service in the last two years, and, in their view, this was due to non-financial factors such as their age, health or ethnicity

From data in the Financial Lives Survey, this metric evaluates the extent to which consumers feel they have been denied access to a financial service or product based on non-financial factors. This metric is an indicator of where a firm may be, through their own conduct, perpetuating financial exclusion.

Baseline value: 19% of consumers who were declined a product or service (data from 2020 used)

Legal firm

Outcome: Markets are resilient to firm failures and clean with low levels of market abuse, financial crime and regulatory misconduct

Metric: WCO2-M03 (under development): Increase in proportion of applications rejected, withdrawn or refused by the FCA under Money Laundering Regulations (MLRs) or for financial crime reasons

An indicator of the strength of the FCA’s application gateway in minimising financial crime, this metric uses FCA authorisations data around the firms refused, withdrawn or rejected by the regulator following an intervention by FCA staff. It demonstrates their commitment to only authorising firms with high standards for reducing financial crime from the outset.

Baseline value: 49 applications (22.4%) from Annex 1 financial institutions were rejected, withdrawn or refused

Outcome: Ensuring firms start with high standards and maintain them

Metric: STO3-M01: Increase in FCA-led refusal/withdrawal/rejection rates for new firm authorisations

In a similar vein to WCO2-M03 referenced above, this metric also used FCA authorisations data to measure the number of firms being rejected, refused or withdrawn from becoming authorised by the FCA during the registration process or in the early years of being supervised. 

Baseline value: 15% in 2021 (up 7% from 2020 due to the registration gateway becoming more robust)

AML for accountants

Please note: While we here at NorthRow work with compliance professionals every day, we are not lawyers. This post is a high-level overview of the FCA’s Strategy and Business Plan. This post should not replace sound legal advice tailored to your business that is available from professional solicitors or lawyers.

Ready to get started?

Book your free demo of our comprehensive AML compliance solution today.

NorthRow is proudly powered by WordPress

  • Work & Careers
  • Life & Arts

Become an FT subscriber

Limited time offer save up to 40% on standard digital.

  • Global news & analysis
  • Expert opinion
  • Special features
  • FirstFT newsletter
  • Videos & Podcasts
  • Android & iOS app
  • FT Edit app
  • 10 gift articles per month

Explore more offers.

Standard digital.

  • FT Digital Edition

Premium Digital

Print + premium digital.

Then $75 per month. Complete digital access to quality FT journalism on any device. Cancel anytime during your trial.

  • 10 additional gift articles per month
  • Global news & analysis
  • Exclusive FT analysis
  • Videos & Podcasts
  • FT App on Android & iOS
  • Everything in Standard Digital
  • Premium newsletters
  • Weekday Print Edition

Complete digital access to quality FT journalism with expert analysis from industry leaders. Pay a year upfront and save 20%.

  • Everything in Print
  • Everything in Premium Digital

The new FT Digital Edition: today’s FT, cover to cover on any device. This subscription does not include access to ft.com or the FT App.

Terms & Conditions apply

Explore our full range of subscriptions.

Why the ft.

See why over a million readers pay to read the Financial Times.

International Edition

IMAGES

  1. 1/3 of FCA's key drivers of risk are Behavioural Economics

    fca business plan conduct risk

  2. Making Conduct Risk [Good] Business As Usual

    fca business plan conduct risk

  3. The FCA's new era of accountability and 5 conduct risk questions

    fca business plan conduct risk

  4. FCA Business Plan and Risk Outlook for 201415

    fca business plan conduct risk

  5. Customer Insight & Conduct Risk

    fca business plan conduct risk

  6. What are the FCA Conduct Rules?

    fca business plan conduct risk

VIDEO

  1. Conduct risk: what you need to know

  2. FCA Conduct of Business Rules (COBS) Online Course

  3. Risk Financing

  4. Financial Conduct Authority's Approach to Supervision event

  5. How to perform a Business Impact Analysis and Risk Assessment

  6. Responses to risk

COMMENTS

  1. Business Plan 2023/24

    Business Plan 2023/24. protect and enhance the integrity of the UK financial system. promote effective competition in the interests of consumers. Interest rates and inflation: Financial market expectations of interest rates in the UK and in other jurisdictions remain volatile as do expectations with respect to inflation.

  2. Business Plan 2022/23

    This Business Plan gives details of some of our proposed metrics to measure progress against our commitments for 2022/23. In our commitments section we provide the full list of outcome measures and proposed metrics for each commitment. Financial services outcomes can be significantly affected by external factors, including the economy, changes ...

  3. PDF Our Strategy 2022 to 2025

    Our Business Plan 2022/23. sets out in more detail the actions we . are taking in the coming year to help deliver our commitments. Our webpage provides the full list of outcomes and proposed metrics for each one. The following sections set out: our expectations for financial services. how our commitments will help us reduce

  4. Conduct Risk Framework

    The FCA expects firms to develop their own conduct risk definition and strategies and put in place a tailored conduct risk framework to address the specific risks that their business is exposed to. The FCA introduced the 5 Conduct Questions programme in 2015 and the leading wholesale banking firms operating in the UK and subsequently published ...

  5. Conduct Risk

    The FCA launched the 5 Conduct Questions Programme in 2015, initially as a Supervisory tool for the Wholesale Banking sector to help firms improve their conduct risk management and, ultimately, drive cultural change. The programme has been very successful to date, with the FCA observing that many firms have been making significant strides in ...

  6. FCA Business Plan 2023/24

    The FCA's 13 commitments. Focus 1: reducing and preventing serious harm. Focus 2: setting and testing higher standards. Focus 3: promoting competition and positive change. The Financial Conduct Authority (FCA) Business Plan for 2023/24 follows the structure introduced last year: a shorter summary of priorities and planned activity rather than ...

  7. Conduct risk frameworks: adapting to change

    This post explores the FCA's approach to conduct risk management and the steps firms should be taking before the FCA's "more rigorous" approach to conduct standards begins to bite. ... Notwithstanding that the FCA's conduct programme was not highlighted in the FCA's 2021/2022 business plan, there is no doubt it will remain a key ...

  8. PDF What the FCA Business Plan 2019/20 means for your firm

    Conduct Authority (FCA) set the scene for the FCA's Business Plan 2019/20 by focussing on the degree of change in financial services, and the risks and opportunities change can bring: both to firms and to regulators. Change is inevitable, increasingly fast moving and widespread: whether it be technological

  9. Understanding Conduct Risk: What the FCA Expects

    Conduct Risk Overview: In the ever-evolving landscape of financial services, one constant focus for the Financial Conduct Authority (FCA) is conduct risk. While the term "conduct risk" may not be explicitly defined by the FCA, it holds a pivotal role in the regulatory framework.

  10. Conduct Risk and FCA Expectations

    The FCA's latest 5CP report was published in September 2020: "Messages from the Engine Room: 5 Conduct Questions". To compile this report, the FCA held separate roundtables with 18 wholesale banks, each attended by 10 employees at the vice president level (typically 10+ years' experience). Key Takeaways From "Messages From the Engine ...

  11. FCA Business Plan

    July 2021. The FCA's Business Plan continues to be heavily outcomes-focused and there is less sector-specific detail, revealing a conscious change of approach. It notes that the digitalisation of financial services brings profound changes in the way consumers make decisions and global markets operate, that the transition to a net zero economy ...

  12. FCA publishes its 2023/24 Business Plan

    The FCA continues to look for innovative ways of reducing and preventing financial crime, which harms confidence and integrity in the UK market and puts consumers' money at risk. Initiatives include a strengthened authorisation process, increased covert capabilities to identify and disrupt fraudsters, improved assessments of firms and more ...

  13. PDF Business Plan 2021/22

    Financial Conduct Authority | Business Plan 2021/22 5 Finally, we need to be open about our long-term vision for financial services. We've set out the focus of our role and the changes we're making to meet current and future challenges in Chapter 2. In early 2022, we will publish our wholesale and retail strategies to set out

  14. FCA Business Plan 2022/23

    The Financial Conduct Authority have published their Business Plan for 2022/23. David Morrey explains what it means for businesses, and shares own our sector-specific guide. The Financial Conduct Authority (FCA) Business Plan for 2022/23 takes a different form to its predecessors. It's a shorter summary of priorities and planned activity that ...

  15. The FCA Business Plan: What does it mean from a governance perspective

    Earlier this year the Financial Conduct Authority (FCA) published its latest Business Plan.The Business Plan itself took a different form when compared to previous incarnations by having a shorter summary of priorities and planned activities and cross referring to other documents including the three-year strategy and the regulatory initiatives grid.

  16. The FCA's Business Plan for Minimising Operational Risks in 2022/23

    The FCA is the conduct regulator for approximately 50,000 financial services institutions and markets. The regulator recently made announcements regarding their business plan for the next 12 months and what this means for businesses who operate in UK markets. ... Outsourcing Risk Management to Third Parties. As the FCA places greater pressure ...

  17. UK FCA Regulatory Objectives and Focus for 2023 and 2024

    The Financial Conduct Authority's (FCA) 2023/24 Business Plan (Business Plan) sets out the FCA's aim to be viewed as a proactive, assertive and robust regulator, especially in its protection of retail consumers. Released on 5 April 2023, the Business Plan establishes the FCA's priorities for the coming year and how it is going to deliver on the second year of its 2022-2025 Strategy.

  18. PDF The FCA Business Plan & Priorities: 2021-2022

    specialises in conduct risk and regulation, proposition and distribution, principally in the retail investment sector. • Robbie was a Skilled Person on the FCA's s.166 panel for conduct reviews and now advises on the implementation of new regulation, and new business and distribution models, giving conduct risk and regulation

  19. FCA Business Plan 2021-22: A faster future FCA

    In his first Business Plan since becoming Chief Executive of the Financial Conduct Authority, Nikhil Rathi promises to make the FCA a more innovative, assertive and adaptive regulator. ... To help you navigate and control risk in a challenging legal landscape, we have collated a range of key advice and guidance. ... FCA Business Plan 2021-22: A ...

  20. Business Plan 2021/22

    Business plans Published: 14/07/2021 Last updated: 19/08/2021 See all updates. Print this publication. Our Business Plan 2021/22 explains how we see our future role and priorities, how we intend to deliver them and how we will measure our performance. This summary outlines some of the key work we'll be doing over the following year.

  21. The FCA's 2023/24 Business Plan: Stop Me If You've ...

    On 5 April 2023, the Financial Conduct Authority (FCA) released their 2023/24 Business Plan, detailing the actions the UK regulator aims to take over the next 12 months in support of its three year strategy, which was published in April 2022. Set against the continuing backdrop of economic and geopolitical unpredictability, the Business Plan ...

  22. The FCA's Business Plan 2023

    The FCA plays a crucial role in shaping the landscape of financial services, and its annual Business Plan serves as a roadmap for the regulator's priorities and initiatives. This post aims to provide an in-depth analysis of the FCA's Business Plan, highlighting key themes and initiatives that are expected to drive change in the financial ...

  23. FCA plans to name firms under investigation in UK deterrence drive

    The UK Financial Conduct Authority is planning to name firms under investigation more frequently and at a much earlier stage in an effort to increase the deterrence effect such probes can have on ...

  24. Our Business Plan 2019/20

    Our Business Plan sets out our main areas of focus for 2019/20. It outlines our priorities and describes our response to the issues we have identified. It covers our supervisory priorities as well as market studies and the policy work we undertake. This enables industry and consumers to understand the entirety of our work in their sector and ...

  25. The FCA's spotlight turns to Premium Finance

    The FCA's Head of Insurance recently gave an interview outlining the regulator's concerns in respect to the value that the Premium Finance product provides and suggested that regulatory action may be taken against firms in this sector 1.Whilst the suggestion of regulatory action comes as news to many, the FCA's concerns over this product and the risk of poor outcomes provided to customers ...