A Roundup From the Regulators at the Risk Management Association Seminar
At a recent Risk Management Association (“RMA”) seminar, the topic of firm culture took center stage. Interestingly, the esteemed panel comprised of regulators from the SEC, FINRA and the Federal Reserve Bank all agreed that culture, or more specifically, conduct and behavior, is a major influence on compliance practices.
FINRA defines firm culture as “a set of explicit and implicit norms, practices and expected behaviors” that affects how a firm makes and implements decisions relating to the firm’s business. In 2016, FINRA will assess how firms develop, communicate and evaluate employee fit within their culture using some defined indicators outlined in their priorities letter.
The topic of firm culture is closely related to an area of focus for FINRA: supervision. According to the seminar panelists, risk and compliance personnel should be integrated and provide input in the review of the front office functions. The FINRA priorities letter backs up that notion saying, “firm's supervisory, risk management, and control systems are essential safeguards to protect and reinforce a firm's culture.”
The SEC outlines the use of data analytics to identify potential illegal activity and misconduct in their 2016 priorities letter. In all examination initiatives, the SEC utilizes data and intelligence from their own examinations as well as regulatory filings to identify areas of increased risk. They also use analytics to identify and track individuals with a record of misconduct and examine the firms that employ them. If an employee commits an offense, the SEC will probe the firm’s compliance oversight and controls of investment advisors.
The panel suggests that a firm’s investment in onboarding new employees ensures the right people are integrated into the company. This may include conducting the appropriate background checks such as fingerprinting, running credit checks, conducting reference checks and also investigating prior disciplinary actions.
Firms should also conduct extensive employee orientation with both human resources and the compliance department. The orientations should include review of the firm’s human resource policies and its Core Values and how employees will be measured against its Core Values. The compliance department should provide training on the firm’s Code of Ethics, personal and insider trading policies and relevant regulations that may impact an employee’s responsibilities such as gifts and entertainment, anti-money laundering and privacy laws.
Removing employees that don’t fit or comply with the firm’s practices and expected behaviors will send a message to other employees. According to the panel of experts at the RMA seminar, firms have identified traders using code words such as “soccer” as an indicator for market manipulation. This suggests that data analytics and email and texting surveillance of traders may be worth consideration.
Is the behavior and conduct of your firm a direct result of a firm’s senior management? Has the company’s culture been defined? The panel suggested that the ethical standards at the top have a trickle-down effect. Misconduct may not be self-directed, as an impure tone at the top or mixed messages from senior staff could drive the ethical and cultural narrative of the organization.