In this article, My Compliance Centre CEO, Ben Mason, revisits a favourite old subject: The cost of compliance. Ben attempts to calculate the cost of compliance with financial services regulations to the UK and asks, ‘is it value for money?’
The cost of Financial Services compliance has interested me for a long time. We know it is a big number – but what is that number?
My interest in this topic has been rekindled by the FCA’s recent announcement that for each £1 spent running the FCA £11 of benefit is derived for consumers, see page 3 here.
I am a big fan of the FCA working through the various processes that they do to establish cost-benefit of their work. What I found interesting about that specific calculation, is the FCA counted the cost of running the FCA only, not the additional cost to firms of complying with the FCA’s rules. This is an interesting and arguably slightly controversial position to take. Funding of the regulators themselves is a cost born by firms, but only one of the costs they experience. The FCA (and PRA) have an obligation to minimise the cost of compliance to those they regulate (under the Regulators’ Code), and the increasing cost of compliance is a concern for all regulated firms and their service providers. However, it is difficult to find a reliable source of information on the subject, so, I have tried to take on working it out.
Much of the challenge is the significant differences across financial services sectors: from Capital Markets to Insurance; from Asset Management to Banking and so on. The dynamics vary by sector very significantly and so assessing the total aggregated cost is a challenge.
I should emphasise now that this is not the last word on the subject; much more of a ‘starter for ten’ in a debate in which I am interested. I have made a set of assumptions, a number of which I know are approximations or guestimates, and I am interested in honing these over time.
Before we get started, what am I expecting?
According to the government, the UK financial services industry employed 1.1m people and produced £164.8bn in 2020, which seems as good a start as any.
One very broad rule of thumb is that compliance costs 5% of output. 5% of £164.8bn is £8.24bn p.a. Intuitively, this feels too low.
The cost of Financial Services compliance to UK Plc: Where do you start?
I am sure that there are many ways of costing compliance and others might adopt a very different methodology. My approach is to work from first principles and look at it from firms’ perspectives, by aggregating costs across the whole industry.
On that basis, it seems that the compliance costs might be categorised as the following:
- Direct regulator funding.
- Compliance staff.
- Non-compliance staff spending time on compliance activities.
- RegTech (i.e. compliance related systems for AML, compliance management etc.).
- Professional services.
- Network costs for Appointed Representatives (arguably a branch of professional services.)
I have kept the scope of my calculation to financial services regulation and not leaked into the cost of financial crime compliance for non-financial services firms, for example, or Data Protection or IT compliance costs, which are not specific to financial services.
What assumptions did I make?
- The cost of regulators, in which for convenience I include the ombudsman (FOS) and compensation scheme (FSCS), we know from their published business plans
- Starting from a population of 1.1m workers in financial services, I have assumed that just over 4% are compliance staff (from LinkedIn and personal experience of dealing with regulated firms) and non-compliance staff spend 2.5% of their time on compliance activities. These two assumptions, along with the cost of employment, are the primary drivers of UK compliance costs. (I asked a stockbroker friend how much of his time he spent on compliance, and he said ‘60%!’. He does complain about it a lot and I don’t really believe him! There are many others whose direct compliance activities will be an hour a week or less)
- I assumed that the average financial services salary is as stated on reed.co.uk
- I have relied on the ‘good calculators’ website to advise that doubling a base salary cost is broadly an accurate way of reflecting employees’ true employment cost
- Ironically, given my current and previous roles, estimating the cost of RegTech and professional services in relation to compliance specifically, I have found the most difficult. I made a set of assumptions by market sector and ended up with professional services coming in at roughly 10% of the total compliance cost and made a very broad RegTech assumption
- I’ve not tried to be too clever and include, for example, the costs to firms of specific FCA processes such as burning capital while waiting to get authorised, and so on. Some costs are too complex to work out.
So, what is the answer?
My calculation is below, and the answer it throws out is that the UK’s financial services compliance cost is approximately £10.02bn p.a. or 6.1% of the UK’s financial services output.
Is it worth it? Does this represent good value for money?
That is a debate that could rage, but my belief is ‘yes’.
It you tried to add up the cost of the damage that hypothetically would be done if there were no regulations, both to the financial markets and consumers, it seems a no brainer.
Think of it like this: When regulation goes horribly wrong (think the credit crunch), or even just has the odd blip (think London Capital and Finance), then the costs are very high. Direct costs of such failures are in the £bns or hundreds of £mns, very easily.
If there was no regulation at all this damage would be ongoing. Consumers would not be able to buy financial products with confidence. The capital markets would suffer from ongoing manipulation. Investment firms, insurers and banks would go out of business much more regularly. Overseas investors would put their money in another jurisdiction. And just look at the resilience of our systemically important financial institutions (SIFIs) in dealing with the shocks of the last few years. It seems the lessons of the credit crunch have been well learned, if judged by SIFI’s apparent recent resilience.
(My fingers are firmly crossed as I write that!)
So, expensive though it is, I believe the cost of regulation is worth paying in return for a more stable country and financially resilient population.
Can the cost of regulation come down?
I know many people running regulated financial institutions would feel that compliance should be less costly.
So, let me finish with a little regulator anecdote.
I once shared a conference platform with an FCA manager who proudly told the audience that her business was to disrupt my business (which at the time was compliance consultancy).
This literally made me laugh out loud: firstly, I am sure her business was really to protect consumers and financial markets. But secondly, the only reason that I had a flourishing consultancy business was the complexity introduced into regulation by legislators and regulators. It is that complexity that leads regulated firms to seek and pay for professional support.
And I think that is the answer: to make any significant reduction to the cost of regulation the authorities would need to significantly reduce its complexity.
So, where does that complexity come from?
- The size of the rule book. Quite simply: there are lots of rules!
- Different rules across jurisdictions multiplies that complexity.
- The complexity of regulation reflects the complexity of financial services being provided.
- The increased sophistication of ‘the bad guys’ means that last years’ laws and rules are no longer adequate – they have to keep moving on.
- The political angle: every time something goes wrong, something new must be done. The net effect, ultimately, is to load complexity and pressure on firms. Recent examples are the advent of crypto or the London Capital and Finance scandal. These, via the Dame Gloster report, have led to an increase in scrutiny from the FCA and more pressure on the cost to regulated firms.
- The tension between principles-based regulation and detailed rules. The market tends to prefer rules based, because compliance can be automated rather than having to take and justify decisions on what the firm is doing. We generally use the more expensive principles-based approach in the UK.
When I look at this list, I don’t see anything changing. Complexity will not reduce; compliance and the associated cost is here to stay.
And finally – in practice what can you do?
We agree you cannot do much about the cost of compliance to UK Plc.
However, what you can do is manage the cost of compliance within your own company. As for all other commercial functions, a significant part of the answer is to utilise a suitable management system, such as My Compliance Centre, to increase control, reduce administration and ensure costs don’t rise as your company grows.
(With many thanks to my ex-colleague, John Burns of Compliancy Services, for his supporting and insight in writing this this article.)