Why a Tick-Box Approach to Compliance and Training is Not the Answer

In the complex landscape of UK financial services, protecting customers from harm is paramount. Regulatory compliance, coupled with training and competence, is therefore rightly a keystone in the sector. However, we still see more and more firms taking a tick-box approach to compliance and training which often falls short of effectively mitigating risks and safeguarding customers. This method, largely used to cut corners and save costs can be characterised by a focus on meeting regulatory requirements through checklists and standardized procedures, which fails to address the dynamic nature of financial services.

So, how should firms and management boards be working towards a holistic approach? Let’s first consider the reasons why a tick-box approach may not be right, and why the regulator is starting to push back on firms who evidence this methodology:

The Limitations of a Tick-Box Approach

  1. Superficial Compliance: A tick-box approach encourages a culture of minimal compliance, where the primary goal is to meet regulatory requirements rather than genuinely understanding and mitigating risks. This can lead to a superficial understanding of compliance, where employees are more focused on completing tasks than on the underlying principles of customer protection.
  2. Lack of Engagement: Training programmes designed to tick boxes often lack engagement and fail to resonate with employees. These programs are typically generic, one-size-fits-all solutions that do not consider the specific needs and challenges of different roles within the organization. As a result, employees may not fully grasp the importance of compliance or how it applies to their daily activities. It also does not make staff feel valued, it doesn’t promote the right culture, and it is at odds with regulatory initiatives such as Consumer Duty which should be at the heart of the business, not just given a cursory glance.
  3. Inadequate Risk Management: Tick-box compliance does not account for the evolving nature of risks in the financial sector. New threats and vulnerabilities emerge regularly, and a static checklist cannot keep pace with these changes. Effective risk management requires a proactive and adaptive approach that continuously assesses and addresses potential risks.
  4. False Sense of Security: Relying on checklists can create a false sense of security. Organizations may believe they are fully compliant and protected simply because they have completed all the required tasks. However, this can lead to complacency and a lack of vigilance, increasing the likelihood of customer harm. It does not represent the holistic challenge and the developmental mindset that the FCA is encouraging, particularly when these documents may just sit in a drawer.

The Need for a Holistic Approach

To truly reduce the risk of customer harm, UK financial services must move beyond tick-box compliance and adopt a more holistic approach. This involves:

  1. Embedding a Compliance Culture: Compliance should be ingrained in the organisational culture, with a focus on ethical behaviour and customer-centric practices. This requires leadership commitment and a clear communication of values and expectations.
  2. Tailored Training Programmes: Training should be tailored to the specific needs of different roles and departments. Interactive and scenario-based training can help employees understand the real-world implications of compliance and how to apply it in their daily work. Think about how you truly manage your CPD, reflecting on individual training needs and the skills required to perform the role.
  3. Continuous Monitoring and Improvement: Risk management should be an ongoing process, with regular reviews and updates to policies and procedures. This ensures that the organisation can adapt to new risks and regulatory changes promptly.
  4. Employee Empowerment: Employees should be empowered to speak up about potential risks and compliance issues. Creating an open and supportive environment encourages employees to take ownership of compliance and contribute to a culture of continuous improvement. This is one of the reasons that Diversity, Equity and Inclusion is becoming so important in the modern workplace. New employees will often ask about training and culture as part of their interview process. They are actively seeking out a potential employer who aligns with their own beliefs and values. If safeguarding customers is paramount, then training should be aligned and there should not be any disjoint.

In conclusion, while a tick-box approach to compliance and training may seem convenient, it is insufficient for effectively reducing the risk of customer harm in UK financial services. The regulator is pushing back when it sees this behaviour, and its recent comments on the evolving approach to enforcement shows a commitment that change is coming, and it will lead to better outcomes.  A more holistic and integrated approach, focused on embedding a compliance culture, tailoring training programmes, continuous monitoring, and empowering employees, is essential for truly safeguarding customers and maintaining trust in the financial sector. Let’s be prouder of the investment in compliance and talent development that we all make. Ticking a box just doesn’t feel right.

 

 

About the author

Tom joined RWA in 2006 and was part of the executive team that helped grow the company into one of the leading general insurance FCA compliance consultancies in the UK. He is now Head of Commercial for UKGI Group's consultancy division, and has been working closely on the harmonisation of RWA into UKGI. Tom also leads the Searchlight Insurance Training team, part of UKGI Learning Solutions. 

Tom Wood UKGI

Get UKGI Insight In Your Inbox

Regular business news and commentary delivered direct to your inbox each week. Sign up here