Compliance functions in wholesale banks – ten questions to consider

27 November 2017

Following a review of the way that compliance is organised in wholesale banks the FCA has published a report summarising its findings.

The FCA sent a questionnaire to 22 wholesale banks to gather information about their compliance function. The questionnaire contained 27 questions about the compliance function covering:




  • Role and structure
  • Strategy and planning
  • Compliance monitoring
  • Technology
  • Support and challenge
  • Personnel

In summary the FCA’s message is that:

“Compliance functions need to evolve in response to a changing environment, including the advancement of technology driven businesses and operations and the expanded range of first line of defence controls. More strategic thinking is required”.

The FCA has posed ten questions that it invites boards and senior management to consider in relation to their compliance functions:

  1. Do boards and senior management committees have sufficient visibility and oversight of the longer term goals and strategies of compliance functions, and their delivery?
  2. Has the compliance function been given adequate support and resources to conduct sufficient strategic thinking and effective planning in light of the changes to the operating environment?
  3. Do compliance functions strike the right balance between management and ownership of risk and assessing the efficacy of the risk management efforts of the first LoD while also balancing their perceived role as adviser and key provider of challenge?
  4. Has adequate consideration been given to the changing mix of ownership and responsibility in the LoD model, and how a compliance function best fits into it?
  5. Has adequate consideration been given to the possibility of convergence or overlap between the activities and responsibilities of the compliance function and internal audit?
  6. Is the compliance function adequately aware and taking sufficient ownership of the conduct risks that can arise within it?
  7. Are compliance functions resourced appropriately, having regard to any changes in the mandate and operating model of compliance and the activites of the firm?
  8. Is there a medium term (3-5 year) strategy in place to address the growing skills gap for more specialised or senior compliance roles?
  9. Is the compliance function adequately engaged in the development of technology solutions across the firm?
  10. Is the compliance function considering whether the development of technology solutions offers it opportunities to enhance the delivery of its mandate?

The report is available in full here.

Share this