Speech by Emily Shepperd, Chief Operating Officer and Executive Director of Authorisations, delivered at the Armstrong Wolfe COO Summit 2023: Non-financial Risk
Speaker: Emily Shepperd, Chief Operating Officer and Executive Director of Authorisation
Event: Armstrong Wolfe COO Summit 2023: Non-financial Risk
Delivered: 7 February 2023
Note: This is the published version of the speech which may differ from that delivered.
Chief Operating Officers should use the levers of ‘soft’ power such as open communication as much as ‘hard’ power such as data and rules to mitigate non-financial risk
Diversity and Inclusion are about far more than targets – true inclusion means that people feel free to speak out
The FCA is an innovator as much as a regulator, embracing change and helping new industries flourish while protecting consumers from harm
The rules of engagement
When I told my team at the FCA that I was going to deliver a speech on how to organize a COO, there was a deep intake of breath.
‘Are you sure you want to do that? Surely you haven’t been here long enough to do that?’ One senior person told me.
‘What would you do differently?’ asked another.
‘It’s always the short ones,’ observed a third. I would like to say former colleagues but they are still there.
I had to explain that obviously, I did not mean that I was going to explore delivering a coup d’etat, but I did want to talk about delivery for COOs – or Chief Operating Officers.
A lot tamer, they agreed, shaking with relief.
But there are, in fact, many ways in which leading a coup and leading AS a COO cross over. Let’s look at three.
Firstly, you need to rally the troops – and to do that you need to have a handle on your culture and foster an open and effective dialogue. COOs have to be people-centric. After all, you are there to enforce the conduct as well as to nurture and shape the culture of the organization.
Secondly, you need to have operational resilience – do you have the right controls in place to mitigate the risk of your plot or operation becoming undone? Do you have control over your controls? How will you bounce back when things inevitably go wrong?
Thirdly, you have to know how to deploy both soft and hard power. The hard power is your tool. In the case of the FCA and most financial service firms, I would suggest this comes in the form of data. The numbers do not often lie. For the FCA, there is also our enforcement process. But there is also soft power.
This is the true story that weaves itself throughout your organization. It is your communication both internally and externally. It defines you and becomes a self-fulfilling prophecy.
Armstrong Wolfe has organized this conference with the theme of non-financial risk.
I will share some of my experience as I have been in the shoes of industry COOs. I have been on the other side of the fence looking up at the regulator, at times, I will admit, in utter bafflement.
Be open to open culture
I always knew that coming to a regulator after two decades of experience in financial services would be a bit of a culture shock.
I had not appreciated quite to what level. For example, the plan to speed up our Authorisations at the FCA had been named a Glide Path. I quickly reframed it as a Burn Down Plan.
When I arrived, it could take quite some time to get answers from our experts. I figured that actually, it was quicker to walk around to someone’s desk and have an informal chat. It was quite a revolution in speeding up processes.
And you know, speaking face to face with people is a really good way of ensuring the first step in your coup is a success – that is, rallying the troops. That’s part of your soft power.
Take the lift with everyone else, go to the canteen with everyone else, and listen more than talk. What is the language of that organization?
Those informal conversations are so important. Every COO – yes both kinds – needs soft power as much as hard power. Try and get people to talk early on before they become too institutionalized.
Don’t be afraid of asking questions. I always have more confidence in the staff who can answer questions or who know how and when they will source the answer. This all enhances your operational resilience and mitigates non-financial risk.
Diversity and Inclusion are not just a numbers game
One of the areas of non-financial risk is of course Diversity and Inclusion. So many firms are great at the tick box part of this: making sure that they have a diverse workforce. But many are not so great at the inclusive part. D&I is not just a numbers game. It is a qualitative as well as quantitative issue.
It is not about counting or bar charts but about measuring more deeply and analyzing. For example, at the FCA we noticed that the men were skewed more at both ends of the bell curve when it came to performance while the women were huddled in the middle. We are currently trying to dissect that and I suggest you too put your data through the diversity lens and see what you observe underneath.
We all know the arguments for a proper D&I policy and one of the unsaid ones is that not only is it the right thing to do from an integrity perspective, but it is more often than not the right thing to do for your bottom line.
I remember when I was pregnant with my second child and working in the City, my then-boss asked me ‘How’s the illness?’
Of course back then I laughed it off – through gritted teeth – but there is no way you would get away with it today.
Even during my 12-week maternity leave – yes I said weeks, not months – I was dialing into work every week to make sure I was staying on top of things. I mean I took keeping in touch days to a whole new level.
As I was working my way up through management, I remember being told – usually by men – ‘You’re very good at what you do Emily but you need to have more… polish. You need to have more gravitas.’
Very easy for a six-foot-two man to say when all he has to do is put on a dark suit, tie, and white shirt. A bit harder to achieve as a then younger, under a five-foot woman.
When women have been successful in reaching one of the top jobs in an organization, it has often been as COO.
But wouldn’t it have been so much less stressful if we had not been made to spend time thinking about the elusive qualities of ‘polish’ or ‘gravitas’ and just been allowed to get on with the job?
Times have thankfully changed. But there is still more work to do. There is always more work to do.
More action, less talk on ESG
One area of non-financial risk that needs more work is in the field of Environmental, Social, and Governance – or ESG.
Now, these are responsibilities that arguably straddle both the non-financial risk and the financial risk areas.
Armstrong Wolfe’s survey of COOs on this shows that many are divided about which bucket it should sit in.
There is also a debate about whether we should separate the G – or Governance – from Environment and Social responsibilities.
You should be in no doubt that we are fully behind the government’s agenda to make the UK the first net zero-aligned financial center.
And many of you are on that same journey. You know it is good for people, you know it is good for the planet, and frankly, you know it is good for business. So how do we achieve that?
Our Financial Lives survey, which canvasses more than 19,000 people, showed that nearly eight out of ten consumers believe businesses should have a wider social responsibility than making a short-term profit.
Yet nearly nine out of ten adults surveyed by the Boring Money website do not feel confident in investing in current sustainable funds.
Our role is to ensure the integrity of our markets. Your role is to demonstrate integrity in your products, integrity in your people, and integrity in your promises.
We want to clamp down on greenwashing and consider how to incentivize best practices.
In the coming days, we will publish a paper on the role regulations can play in driving positive change. Please read it and give us feedback.
Putting clients at the heart of what we do
When I joined the FCA, one of the traits I wanted to entrench was client-centricity.
We do not forget that it is through the fees of regulated firms that we exist and can carry out our work. Our role can only become easier if we make sure firms are on board – or at least clear – about what the regulations expect of them.
And we are always keen to hear from you about what works and what does not work so we can shape the rules in a better way.
That is why I meet regularly with our FCA Practitioner Panel of industry insiders. Sometimes we debate, and sometimes we agree but the most important thing is that we connect.
And connection is another element of soft power by the way. Whether it is with your staff internally or with your external contacts.
One policy that firms have not hesitated in giving us feedback on is the upcoming Consumer Duty. Now is a good time to remind everyone that the deadline is just six months away.
Now is a good time to line up your distributors and other third parties to make sure they understand the principles and practice of the Duty.
Change is hard, we get it. But the principles of Consumer Duty should not be controversial. Indeed, we’ve seen many excellent examples of the industry embracing these.
What we ask is that you have put your customers at the center of the products and services you offer and that you can demonstrate the decision-making process around that. We also ask that the information you provide to them is clear and relevant to your target market.
And one element that we need to be mindful of is that getting this right upfront should mean fewer new regulations down the line. It should mean fewer customer complaints and it could mean more customer loyalty.
Our deadlines on this are here to stay but we will monitor how it is implemented and its impact.
When things don’t work, we change.
Agility is another trait that any coup leader should demonstrate. And it coos themselves always have.
You need to pivot, you need to remember your operational resilience plans when things go wrong – and they do.
My career as a COO in a financial services firm started on an auspicious date, April 1st.
It also coincided with that industry’s biggest CASS fine ever delivered. And guess who was handed it? That was a true rite of passage after my internal promotion.
Another firm I joined at a later date had a huge technical meltdown over an investment platform they had integrated into their other systems. The entire thing came to a crumbling halt, resulting in customer phone lines being down to the call center.
I went in there to sort it out. It took two years.
To incentivize staff we had Workaholic Wednesdays where pizzas were delivered through the night to power the troops.
I am not sure how free pizza and working round the clock would be seen as morale-boosting today!
But you know, as a COO, you do need that grit. We had to throw resources and bodies at tackling the challenge. But the way to do that is not necessarily by donning a camouflage vest and going over the top in a workaholic frenzy.
These days it is through positive encouragement. Being specific with staff and teams about what they are doing well. Sandwiching the bits that are not going so well with the bits that have improved but being straight about it too.
Of course, you have to test your operational resilience plans during peacetime too. Because while there is no crisis today, there will be one tomorrow. It is never a question of if things go wrong, it is a question of when.
I work for an organization that is largely in the headlines when things go wrong. When things are going well, we are never near the front pages.
Of course, we can never catch every fraudster. We will never foil every scam. The bad guys and girls and entities will slip through the net.
But one tool we can deploy to stop more of them is data. We are using, for example, web scraping technology which looks out for suspect sites around the clock.
We are also piloting automated forms to speed up our authorisation process while making sure it is more robust than ever.
Our caseload on authorizations has almost halved over the last year. Yet more firms and individuals are not being authorized because our checks are even more thorough.
That is a good thing as it protects the wider market from contagion. And in these interconnected days, technology means we are all far more contagious.
Agility, assertiveness, innovation
In conclusion, I also wanted to share with you what I got wrong about the FCA and how you can learn from it.
I had not appreciated that the FCA – thanks to its open culture – will embrace risk.
If I had believed what I read in the headlines several years ago, I would have conjured up an image of a bumbling, faceless regulator that was stern but scared.
What I found was that I had joined an innovator as much as a regulator.
We have more sandboxes than a playground. For those who do not know, sandboxes are partnerships and workshops where firms can trial products and services with us to see how they would fare from a regulatory point of view – without taking on the risk of going straight to market.
We also held successive sprints on crypto. Our responsibility over digital currencies and crypto is set to grow under upcoming legislation.
Until now, it has been all about stopping money laundering and terrorist financing and blocking any firm that could not prove its anti-money laundering or counter-terrorism financing credentials. We have also repeatedly warned consumers that investing in crypto is high-risk and that they should be prepared to lose all their money.
But soon crypto firms will need to comply with our financial promotions regime and we expect to hold them to the same standards as for other high-risk investments.
Rather than thwarting the crypto industry, this will support it by giving it some element of regulatory consistency.
We have our eyes on the future. As an example, we are working with the Bank of England and Prudential Regulation Authority on AI.
The FCA had an open culture when it came to looking at new firms and industries, particularly about our ever-changing perimeter.
As part of the long-term transformation of the FCA, we have reformed our decision-making processes.
Senior managers now have the power to take decisions on a firm’s authorization rather than it all being referred to the Regulatory Decisions Committee.
This will streamline our processes, freeing us up to take more decisive action to prevent the entry of those who do not meet our standards.
This will reduce the costs of dealing with those firms and individuals. What once took six months can now take six weeks.
And as a COO, you will have to deploy at speed those same traits that are needed at times of more radical change. You need to be agile, You need to be assertive. You need to be innovative in how you deal with people and risks.
And where there are people, there are risks.
We experiment. Sometimes we make mistakes. But you can only learn from mistakes. And without learning there is no growth.
So make the most of your time as a COO. Test your operational resilience plans. Rally your troops. Deploy soft and hard power. Embrace change. For there has never been a better time to be a disruptor.