Follow us


June 2023. An audience perches on the edge of their seats waiting for the first public words from the UK FCA's new Co-Head of Enforcement. The regulated community, and those who advise them, want to know what to expect from the new leadership and, importantly, what the new leadership expects from them. 

As the speech begins, the headline message forms: Do the right thing. The audience relaxes – that's eminently reasonable, they can get on board with it. After all, who sets out to do the wrong thing?

But – not so fast – sure, it may sound straightforward, but what does it actually mean?

The concept of fairness has featured heavily in financial services regulation globally for a while, and certainly the challenge of interpreting fuzzy law isn't unique to firms in the UK. Admittedly, if regulatory expectations were clear-cut, there may be less for those of us who advise the financial sector to do! And, of course, it's impossible – and not necessarily desirable – to regulate for every eventuality.

Let's look at three areas where some regulators are currently doing a better job than others at making their expectations clear and at incentivising doing the right thing

In a nutshell:

Regulators globally are calling for financial services firms, and the individuals who work in them, to 'do the right thing'.

With the implication that this involves going beyond the strict requirements of law and regulation, regulators could make their expectations clearer.

Take credit for co-operation as an example, where some regulators are doing a better job than others of explaining when credit will be given, although there remains a lack of clarity as to how this translates into a financial incentive.

For the benefit of both firms and consumers, regulators need to shine more light on what they expect and not leave the industry operating in the dark.

Jenny Stainsby
London

Credit for co-operation

Credit for co-operation has long been a feature of financial services regulatory enforcement. In many jurisdictions, firms are expected to assist regulators as well as proactively report, investigate and remediate potential issues themselves. However, what constitutes sufficient co-operation, and how credit is calculated, is not always clear.

In the UK, the FCA's recent enforcement announcement in respect of Equifax Limited highlighted a 15% credit for "high level of co-operation during the investigation, the voluntary redress it offered to customers and the global transformation programme it instituted after the incident". The FCA also recently praised another firm for its voluntary steps to pay redress; referring to "very high levels" of co-operation, the FCA made a rare decision not to impose a financial penalty. The common thread in these decisions seems to be doing more than what is strictly required, but precisely what distinguishes "high level" from "very high levels" remains unclear.

In the US, CFTC Director Ian McGinley has made similar remarks with respect to co-operation credit: "If you self-report, fully co-operate, and remediate, it is likely you will receive a substantial reduction in the penalty that would otherwise be appropriate." The US SEC echoes the sentiment; commenting on its track record over 2023, SEC Director of the Division of Enforcement Gurbir S. Grewal said the SEC had "aggressively rewarded meaningful co-operation". Helpfully, recent SEC settlements have highlighted the type of action considered for credit for co-operation, and some useful themes emerge: prompt self-reporting; substantial assistance to SEC staff; and taking proactive, voluntary remedial measures. Nonetheless, there is still a lack of clarity on how co-operation credits are calculated.

We need to see responsibility fairly allocated across everyone who plays a key part – with increasing interconnectedness, it's not reasonable to only penalise regulated firms in the financial services sector.

Phoebe Fox
London

In Hong Kong, regulated entities are given credit for proactively co-operating with regulatory investigations which allow regulators to allocate resources more efficiently and facilitate timely conclusion of investigations and enforcement. The Hong Kong regulators, including the Hong Kong Monetary Authority (HKMA) and the SFC, strive to enhance transparency of their enforcement process and provide specific guidance on what amounts to "substantial co-operation" which warrants reduced sanctions, how they measure co-operation, and the general principle for reducing the sanction imposed.

In Australia, 'doing the right thing' has also emerged as an important consideration in remediation programmes. ASIC Deputy Chair, Karen Chester, has recently called on licensees to be "proactive, timely and fair" in consumer remediation, flagging that ASIC will "consider regulatory action where licensees fail to deliver fair and timely remediation to affected consumers". 

Incentivising the right thing

Although there is room for improvement around transparency, it is clear that, in the enforcement context, credit is given for co-operation. However, in other areas, 'doing the right thing' is not always rewarded. Take the example of the global fight against fraud.

We traversed the global regulatory landscape relating to scams in our recent publication Trust Matters. But it is particularly interesting to contrast the current positions in the UK and in Singapore.

In 2019, the UK's largest banking groups established a voluntary code under which they committed to reimbursing victims of authorised push payment fraud where the customer met the standards expected of them under the code. The voluntary code has been co-opted by the UK payments regulator and is due to become obligatory in 2024. However, in placing all liability and responsibility on firms in the financial sector, the statutory formalisation of the code risks letting other sectors and consumers off the hook.

Hardly an incentive for others to do the right thing.

In Singapore, while the proposed new regime for fraud reimbursement (the Shared Responsibility Framework for Phishing Scams) is not equivalent in scope to the UK regime, it recognises an ecosystem of fraud whereby others in the chain of a fraud, such as telecoms providers and even consumers, may have a share of responsibility. The proposed regime provides clarity on respective duties. 

Getting credit for co-operation is to be welcomed, but – in the interest of a level playing field – it must be clear how credit is calculated.

Jenny Stainsby
London

Transparency on priorities

Enforcement cases can take a long time (recent data shows the mean average duration of an FCA investigation in 2022/23 was 41 months). As such, lessons learned from enforcement, if and when decisions are eventually publicised, may be very out of date. 

In the context of doing the right thing, it is therefore helpful to understand the regulators' current enforcement priorities. ASIC does this very well. Its annual steer on areas of focus for the upcoming year is clear and welcome. Likewise, the SFC includes enforcement priorities for each year in its annual report. This is a model which others should follow. 

As we go into 2024, we exhort regulators themselves to do the right thing – where possible, provide greater transparency on their expectations and to encourage, rather than discourage, firms to do the right thing.

Key contacts

Jenny Stainsby photo

Jenny Stainsby

Global Head – Financial Services Regulatory, London

Jenny Stainsby
John O'Donnell photo

John O'Donnell

Partner, New York

John O'Donnell
Andrew Eastwood photo

Andrew Eastwood

Partner, Sydney

Andrew Eastwood
Phoebe Fox photo

Phoebe Fox

Senior Associate, London

Phoebe Fox
Simone Hui photo

Simone Hui

Of Counsel, Hong Kong

Simone Hui
Chee Hian Kwah photo

Chee Hian Kwah

Director, Prolegis LLC, Singapore

Chee Hian Kwah
James Emmerig photo

James Emmerig

Senior Associate, Sydney

James Emmerig
Leanette Ko photo

Leanette Ko

Associate, Hong Kong

Leanette Ko

Stay in the know

We’ll send you the latest insights and briefings tailored to your needs

London Riyadh New York Paris Tokyo Sydney Malaysia Group Singapore Perth Mainland China Brisbane Hong Kong Melbourne Madrid Dubai Johannesburg Bangkok Jakarta Germany Brussels Milan Financial Services Regulatory Market Conduct Enforcement and Investigations Regulatory Change Compliance Advisory Transactions Regulatory Support Governance and Risk Management Financial Institutions Banks Jenny Stainsby John O'Donnell Andrew Eastwood Phoebe Fox Simone Hui Chee Hian Kwah James Emmerig Leanette Ko