Skip to content
Enterprise risk management

The rising costs of non-compliance

Stacey English  Head of Regulatory Intelligence

Stacey English  Head of Regulatory Intelligence

The price firms are paying for not complying with regulations.

The costs and consequences of non-compliance within financial services firms are greater than ever before. While the cost for firms endeavoring to be compliant has been growing with the rapid rate of regulatory change, it is the myriad costs of failing to be compliant which are now taking center stage.

Regulators have visibly lost patience, and in a world where supersize fines no longer either shock or deter, they have moved on to using a wider range of measures to ensure compliant behaviors. The wider impact of the actions now being taken can result in the firm or the individual suffering multiples of the cost and pain of the penalty itself – the ramifications of which will be felt by all stakeholders.

Financial implications can be much larger and have broader impact than the monetary fines levied. They can include the end of a business line, ending the ability to sell specific products or ultimately the end of the business itself. Regulatory action can have a negative impact on a firm’s share price and damage its relationship with investors. In addition:

  • Senior managers are in the regulatory firing line. They are increasingly held to account for their own behavior, with the potential for clawbacks on bonuses and a career-ending criminal conviction. And of course, while they’re dealing with this, they are distracted by spending time on remedial actions rather than focusing on the business itself.
  • There are expensive and disruptive operational consequences from non-compliance including retaining high-cost, high-quality compliance resources, implementing past business reviews and customer redress programs.
  • There is increased regulatory scrutiny, complexity and regulatory change, as well as customer distrust as a result of widespread compliance failures.

In 2008, in a pre-financial crisis world, Thomson Reuters first assessed the costs and implications of non-compliance. This is quite distinct from the resources and investment needed to become compliant (we have separately benchmarked that annually across the global financial services industry).

The world of financial services has changed almost beyond all recognition since our first review of this area. at the time, the first tremors of the financial crisis had already been seen in the Uk with the fall of northern Rock, and the cataclysm which was to follow with the collapse of (among others) Bear Stearns, hBOS, Lehman Brothers and Royal Bank of Scotland was still not even imaginable.

Before the financial crisis, regulators around the world were by and large content to punish regulatory breaches by imposing fines on the firm concerned. In a postcrisis world, regulators have had to take a different approach. When increasing fines dramatically didn’t seem to change underlying behaviors, a new style of regulator was needed – with new powers and a more holistic approach to discourage bad behavior by both firms and individuals. While not discarding the use of monetary penalties, regulators have changed their approach, deliberately and significantly.

“On a firm-specific level, we have taken a range of early intervention actions. The outcomes of these can range from consumer contact; reviewing certain lines of business; taking sales staff off the road and retraining; withdrawing financial promotions all the way up to changes to boards and governance arrangements. Historically this was not an area where enforcement was typically involved. That has been very different this year … ” (Speech on Sustainability by Tracey McDermott, director of enforcement and financial crime at the UK Financial conduct authority, at the Thomson Reuters customer Summit, June 2014).

Our first review took place at a time when financial services firms were faced with unprecedented economic uncertainty. Despite the fact that regulators worldwide were warning of the dangers of cost cutting within control functions, in practice compliance practitioners were both experiencing and expecting significant budget constraints. Many of the compliance failures and weaknesses that are now being punished are a direct result of that cost cutting. Many firms gave the perception that they had sufficiently robust compliance frameworks and expert resources in place to effectively manage their business operations. however, the financial crisis revealed major weaknesses in policies, procedures and cultures of big financial institutions that caused significant losses to investors and taxpayers alike. To some extent, many major firms are still dealing with this fallout.

Why review the costs of non-compliance again?

There is a gathering momentum and consensus to show that the fines imposed, despite being huge, are now perceived as nothing more than a cost of doing business and neither a deterrent for the firm or the marketplace. Patience for firms to clean up their own act has been lost. Regulators, who are under pressure themselves, are seeking more creative measures to drive good behavior and are deliberately driving up the cost and consequences of non- compliance. Individuals are being targeted, business activities are being curtailed, share prices are impacted and the once occasional compensation and remedial action programs are now the norm.

More answers