What should look for in a compliance consultant?

Firms are responsible for ensuring compliance with the regulatory system, whether or not they use a compliance consultant. Remember that using a consultant does not guarantee compliance. You cannot contract out your regulatory obligations and small firms need to meet the FSA's principles just as much as any other firm.

It is for your firm to decide how best to manage your compliance. The FSA will not require you to hire a consultant and many firms feel confident managing their own compliance.

If you are thinking about employing a compliance consultant, you should consider three key areas:

• establishing your needs;

• appointing and monitoring your consultant; and

• acting on the recommendations given.

Getting the right service is important. To do this, you should think about what services and help your firm needs to meet our regulatory requirements. How could a compliance consultant help you achieve the necessary standards? It’s a good idea to decide on the level of service you need before you look at particular compliance firms.  You might want to consider some of these questions:

• Do you need a compliance audit (also known as a regulatory risk assessment) conducted to identify weak areas in your current processes and practices?

• Do you have particular areas of concern?

• What level of support do you require?

• Are there specialist areas with which you require more help?

• How will you monitor your business to ensure that compliance processes are being followed?

Compliance consultants can provide a whole range of services. Some of the more common services include:

Initial risk assessment or audit? – an initial analysis to identify higher risk areas of the business and

weaknesses in procedures.

Business development – business analysis advice or advice on particular issues – for example, how your firm is Treating Customers Fairly and an action plan for implementing TCF across your business.

Help with setting up procedures – for example procedural manuals for recruitment, training and competence, complaints handling and anti-money laundering. May also include templates for disclosure documents, fact-finds and registers.

File audits – checks to ensure that procedures are being followed and identify good practices and weaknesses.

Technical support – may include advice on particular products or regulatory reporting. May be available in various formats, including website, helpdesk and individual technical advice.

Training – for example competency assessments, training opportunities or product risk guidance. May be online support, regulatory updates or seminar based.

Support on individual issues – for example in dealing with a complaint, a financial promotion or a particular suitability letter.

Professional Indemnity Insurance cover – help arranging cover.

Remedial work – helping to action remedial work required by the FSA.

Once you have clearly identified and established your needs, you may decide you want some external support. There are a number of questions you might like to ask potential consultants, to help you assess if they can meet your needs. You will also want to regularly monitor the service and whether you are getting the benefits you need from it.

• Do they have the necessary experience and qualifications to help you and your type of firm?

• How do they keep up to date with regulatory and product changes?

• Have you asked for a selection of clients and taken references?

• Have you compared them to any other consultants?

• Can they provide the type and level of service you need?

• How will you satisfy yourself that they are providing the service you need to achieve compliance?

• What are their charges?

• Do they have sufficient resources to support your firm?

It is usually a good idea to agree that a compliance consultant will give you details of any work they have carried out and their recommendations in writing. The FSA also recommend that you set out the details of the service and how it will be provided at the outset by establishing a service level agreement (SLA) or engagement letter, which you monitor and review.

Setting service standards may include the following areas:

• provision of services;

• charges and payments;

• obligations of both client and consultant;

• cancellation or termination of agreement;

• jurisdiction;

• liability and indemnity;

• confidentiality, publicity, intellectual property and data protection;

• complaints and dispute resolution;

• professional indemnity insurance; and

• conflicts of interest.

Make sure you consider the advice and information given to you by your consultant. You are paying for the service, so you should act where necessary to ensure you are compliant. If you have introduced new procedures, make sure all staff are aware of them, and follow them. For significant issues, you may want to check with the FSA.

When reviewing compliance with the FSA's requirements, they expect firms to have acted on recommendations from consultants where appropriate.

Consider:

• How would you seek to address any weaknesses identified in the processes or practices of your firm?

• Who could be made available to carry out work arising from recommendations so that issues raised are addressed and resolved quickly?

• How would you make sure that any changes that are necessary cover all areas of the firm, including past and future business if relevant?

• You are responsible for the overall compliance of your firm, whether or not you use a consultant. You need to have appropriate systems and controls in place and have a good understanding of your compliance processes and monitoring arrangements.

• There are many different services on offer from compliance consultants which vary in cost, quality and completeness. As with any service, you may need to shop around. You should be satisfied that the services you choose achieve your objectives and then monitor the services provided to ensure they remain appropriate for your business.

• You should take action if any reviews undertaken by your consultants reveal weaknesses in your compliance with our requirements. Any significant breaches identified should be reported to the FSA's Firm Contact Centre.

The FSA's website contains more information and examples of good and poor practices when paying for compliance support.  This link is http://www.fsa.gov.uk/pages/Doing/small_firms/general/questions/compliance.shtml .

The Association of Professional Compliance Consultants (APCC) can provide more information about how to find a consultant. Their link is http://www.apcc.org.uk

Conclusion

We take your business and its objectives very seriously.  We endeavour to provide practical, pragmatic advice which encourages development and implementation of compliance solutions which work. 

We will always provide you with an engagement letter and stick to the terms therein, unless of course we agree to expand or alter scope as a consequence of project considerations. 

We are wholly independent of any auditing or legal firm which may cause conflict for your business.

Remember, compliance consultants like all others, and we would encourage you to review engagements at least annually to ensure that you are getting what you pay for. 

NRS - Simply compliant, simply different. Why not contact us for a quotation?