By James Hamilton, J.D., LL.M.
The move towards principles-based regulation and away from rules-based regulation appears to be inexorable. And yet, no one appears to know exactly what a principles-based regime will look like and how it will function. And, I suspect that many people secretly find comfort in rules, even while outwardly professing loyalty to principles-based regulation. These are important issues as the SEC and the FASB have also genuflected at the altar of principles-based regulation.
As the UK Financial Services Authority moves more towards principles-based regulation, it is envisioned that compliance officers and senior management will have increased duties in making sure that firms abide by the principles, as well as the remaining rules. In recent remarks, FSA Director Thomas Huertas also noted that the shift to more principles–based regulation means that senior management will have more scope to decide for themselves how the firm should comply and therefore more scope to shape compliance to the overall needs of the business. Compliance officers will have the opportunity to decide, together with senior management, how to make their function more efficient in terms of achieving what the FSA believes are two complementary outcomes: 1) achieving the results summarized by the principles; and 2) achieving sound and lasting business results.
As the director correctly pointed out, the FSA has always been a principles-based regulator, with eleven high-level principles for authorized firms. The authority also has about 8,500 pages of rules, which embellish but do not supplant the principles. But in its Business Plan for 2007-2008, the FSA emphasizes that it will become a more principles-based regulator. Accordingly, the FSA has begun to subject its existing rule book to the same type of cost-benefit test employed when establishing a new rule.
An article in today’s Financial Times notes that the financial services industry will be handed a £50m bill from the FSA as it moves to principles-based regulation. The article notes that there is continued uncertainty in the City of London about the meaning of principles-based regulation and how it will work in practice.
In any event, the director said that the FSA expects firms to take a risk-based approach to compliance. This approach should focus on preventing material breaches to principles and to inform the FSA of any that are material, either singly or in aggregate. The director emphasized that the FSA will look closely at what the firm does in response to a breach, for example, whether it investigates the cause of the breach and takes appropriate corrective measures. The senior official warned that the FSA will not tolerate systematic and deliberate breaches of the principles and of the rules, adding that such a strategy may itself be a violation of Principle 1, which is that a firm must act with integrity.
The FSA also expects that firms will be able to tell the agency how they are tracking the effectiveness of the systems and controls that they have put in place to assure compliance with the principles. This need not be a census of all transactions, said the director, but could involve risk-based sampling or screening to gauge the overall frequency of breaches and to assure the detection of any material breaches.