Dealing with the reality of the new compliance officers: it's a no-blame game
The SRA has again delayed the date on which its in-house watchdogs (COLP/COFA) come into force. It seems the SRA, despite some encouraging rhetoric, is still struggling to come to terms with licensing ABSs and getting to grips with its new powers.
But while firms and compliance officers (COs) in waiting will undoubtedly be pointing the finger at the SRA, they may need to refrain from the blame game in their own firms to ensure the COFAs/COLPs carry out their roles productively.
On one hand, COs will be carrying the critical importance of avoiding breaches, but on the other they will also be expecting full disclosure of any mistakes or breaches by individuals. This will be a difficult but vital balancing act - there must be a no-blame culture in the firm to ensure a transparent dealing with the breach register, and a clear route to the COLP/COFA.
Neither too aggressive, nor too passive
No business is bullet-proofed from risk - mistakes happen in every business, and there must be an open-door policy under which issues with compliance can be discussed. This will mean that internal perception of the COs must be delicately handled.
If the CO is too aggressive, employees will be intimidated and be reluctant to disclose mistakes. If fingers are then publically pointed at those that made the mistakes, other individuals might stay quiet for fear of reprisals. But if the CO is too relaxed, this could encourage sloppy behaviour - leading to the same end result of non-disclosure by individuals thinking the CO will not be bothered by the breach.
When concealment is worse than a breach itself
In time, concealing a material breach will have more serious consequences than the breach itself. A strong and aligned message would therefore be for a firm to have a policy that prescribes disciplinary action for non-disclosure but not for disclosing material breaches (unless it forms part of a pattern or on-going performance issue).
Though rational accountability is of course necessary, it is up to the COLP/COFA to possibly protect individuals from exaggerated criticism (or worse) triggered by one-off mistakes, and the possibility of exposing the firm to the unwelcome attentions of the SRA. But this throws up another pitfall: how will individuals be able to have an open and “off the record’ chat with the COLP/COFA, when they know the CO is obliged to inform the SRA?
Treading a fine line
There have also been arguments that the COLP should not be the same partner that deals with the firm’s professional indemnity insurance. If an individual confided in the COLP about issues that may need to be reported to insurers, the chances are the COLP will be obliged to file a report to the SRA regardless of the fact that no claim has materialised. I can only imagine this will make individuals more wary of sharing their troubles.
Whether you agree with that or not, I think there will inevitably be a fine line to tread between COs fulfilling their duties and looking after the best interests of the firm.
Just don’t start blaming each other...
What do you think about the issues raised around the COFA and the COLP in Richard's blog? Let us know in the comments below...