Many firms received a month ago from the FSA a Dear Compliance Officer letter requiring confirmation that, in the CO’s opinion, the firm had adequate policies and procedures covering its UCIS activities and requiring a range of data relating to those activities. This letter has attracted a great deal of criticism and it is good to see the CISI taking up this issue.
Some have not entirely recognised the trap that the FSA has fallen into on this one. Although it is not new for the FSA to require some form of attestation from firms, this is very rare, in fact possibly unique, in requiring that attestation from the Compliance Officer. In the past the letter has been addressed to the CEO. I suspect that the FSA does not entirely appreciate the great significance of this change.
For firms where the systems for the promotion of UCIS are working perfectly, it is easy enough to provide a positive response to the FSA’s demand. For others this is a real problem. The whole point is, of course, to put the firm, and especially the approved person signing the attestation, on the spot. If they provide confirmation and that proves to be unfounded, the individual is vulnerable to disciplinary action by FSA. Precisely that scenario has arisen in the past, in the context of client money compliance.
So what is the CO who has been pressing senior management to improve controls over UCIS promotion supposed to do? Does he tell the FSA bluntly – and formally – that his firm is not in compliance? That is a step that is bound to cause immense disquiet within the firm, with the real possibility that the CO’s position becomes extremely uncomfortable, to say the least. And if he puts his neck on the line for the firm, what leverage is he left with? The firm will, explicitly or otherwise, act in the knowledge that the CO can no longer criticise the firm’s promotion procedures – he has officially confirmed that they are adequate!
How different this is from the format where it is the CEO who is required to attest to the firm’s compliance. The CEO has the power to change procedures if he is not comfortable with what exists. The sensible CEO will seek guidance from the CO who will be able to point out what needs to be done in the firm to enable the CEO to sign with confidence. The FSA’s objective of procuring compliance will be achieved. An effective tool with a successful outcome. What a contrast.
It is very disappointing to see the FSA forgetting rule No 1 where compliance is concerned: senior management is the responsible party; Compliance is the adviser.