Better controls are part of the financial zeitgeist, now reaching beyond banking and markets to every corner of financial services. How will the front office control model evolve to meet such changing needs?
The model for better front office controls was forged in the furnace of the sell-side of the financial industry. It was the major banks that generated the financial crisis and it was upon these firms that the ire of governments and regulators was first turned. But, other areas of financial services – asset managers, wealth managers, private banks, retail firms and brokers – can’t afford to think they can float under the radar screen.
“Any asset manager that doesn’t see what is happening at banks – the proliferation of controls and the rise in the headcount associated with the 1st line of defence – would be badly out of step. Whether this translates into them doing something is a different question,” says a head of 1st line controls and assurance at a UK asset manager that has around £350bn assets under management.
Of course, the main impetus for doing something comes from the regulators. In the UK, the Senior Managers and Certification Regime (SM&CR) will be pushed out to a fresh batch of around 46,000 firms in financial services over the next year or so, and this will capture asset managers, large and small. Henceforth, senior managers will be responsible for conduct, and failures thereof will meet condign redress. They need the comfort that better front office controls can furnish.
Setting those boundaries
According to Nick Miller, head of asset management at the UK’s FCA, asset managers are monitored closely to see if they produce healthy results for their clients and also if they perform their role as market participants with due probity.
There is also a great deal of regulatory attention upon best execution for clients; this is at the heart of MiFID II, for example. A too close and familiar relationship between the fund manager and the dealer could be inimical to that objective, and a lot of asset managers now realise that the two functions should be to some extent at arm’s length.
The fund managers should instruct the dealers on a purchase or sell order, but not tell them which banks, for example, should get the order. This is a major aspect of the direction the FCA is now giving to the asset management industry.
At the same time, however, there is greater internal pressure upon compliance to husband its resources more effectively, which often means, in effect, that functions are being passed down to the 1st line of defence.
“Second line risk and compliance leaders are having to respond to margin pressures like all other parts of asset management firms, where the challenge is in delivering efficient functions with evolving FCA expectations but without the ability to recruit headcount like the days of old,” says Ross Millar, EMEA investment management sector leader for the risk advisory practice at Deloitte. “There are a number of moving parts to consider, including pushing activities back into the 1st line of defence, which is itself starting to consider the creation of 1st line control teams and the application of more sophisticated surveillance platforms utilised across all three lines of defence.
But, in spite of these pressures, how many asset management firms have fully considered all of these moving parts across the operating model? Ross Millar is not sanguine. “In my experience, to date only a handful of firms have a fully defined strategy that considers these components holistically,” he says. “There are those that have been thinking about it, but they’re going to have to do more in the next year or so as regulatory expectations and good industry practices around 1st line control teams continue to evolve further and in the lead up to the implementation of the SM&CR.”
Different strokes for non-banking folks
Those asset managers and fund managers that have instituted thorough front office controls point out that the look of this function must be different to those at top banks because banks don’t hold a fiduciary responsibility. “The principles are the same, but the ‘flavour’ of implementation is a little different,” explains James Relph, who is head of anti-financial crime transformation in DWS (formerly Deutsche Asset Management).
This also means asset managers are looking for different things in terms of breaches of conduct. There is, for example, greater emphasis on Know Your Client (KYC) procedures and being on the lookout for incidence of financial crime. The advantage, compared to an investment bank, is that asset managers are generally dealing with fewer and often smaller clients, and with products that are far less complex. Relph says: “We have far fewer clients and therefore have spent less on the changes we’ve put in place compared to the average tier one bank. But we are more nimble and agile in how quickly we can make changes.”
AT DBAM, there are perhaps 800 total personnel in coverage, and in the region of 120 or so supervisors sitting in the front office to monitor what’s going on. The ratio of supervisor to relationship manager is thus about one to six. These supervisors will monitor class classification, suitability and appropriateness of products, all of which has to be evidenced. The team also performs quarterly checks, and provides an audit trail that has to be visible to regulators.
What should control look like?
Those asset managers that have begun the task of imposing front office controls have often put a considerable number of functions in the 2nd line, but that trend is beginning to be reversed. “The 1st line has historically delegated a lot of the KYC responsibility,” says Relph. “Now we have reminded all coverage staff of their obligation to understand the KYC risk of any client and a clear process to track compliance. If the business is happy to take the money, it has to know the risk. Staff need to know the anti-money laundering risk of a client and must apply this across the value chain.”
This ownership of client suitability also makes the business far less cavalier about signing on new clients than previously. In the past, the front office would tend to sign on new clients with abandon, knowing that the due diligence would be performed by compliance. If this new client didn’t generate much fee income, then they’d simply sign on some more. This is now less likely.
The focus upon financial crime and the principles of KYC evinced in the asset management space are echoed at Julius Baer, the Swiss private bank, which, at the end of 2017, had over CHF390bn (£299.9bn) assets under management. According to Eleanor Malcolm, chief risk officer at Julius Baer in London, the control function closely scrutinizes both transactions and client activity.
It needs to know whether any prospective client has been correctly risk assessed for sources of wealth and whether there is any hint of money laundering. Beyond these initial checks, it will make sure the business has correctly identified client needs and his or her capacity to understand the investments and their risks that will be recommended. This falls under the category of ‘suitability’ and this forms a major part of risk control in private banks. Above all, this must be clearly and comprehensively documented.
Knowing, and staying behind, the line
The front office control function in private banking goes by various names – relationship management, quality control or business risk supervision, for example – but it amounts to the same thing. It refers to the unit that sits alongside the bankers and is responsible for supervision.
Julius Baer has built up this unit over the last four to five years, says Malcolm. “The structure is now reasonably common in the UK and USA, I’d say. Five or ten years ago, the industry model was focused on asset growth and fee preservation rather than client outcome, but of course this can lead to conflict of interest,” she adds.
Although interdealer brokers don’t hold positions for extended periods of time and, as a result carry far less market risk than a major bank, they are not immune to the great changes that are sweeping through the industry.
A chief risk officer for a leading brokerage in New York says: “The Libor scandal taught us we do have a fundamental role in execution. The great value of the broker model is anonymity, but with this comes responsibility. You have to know: this is the line. This is what you can say, this is what you can’t.” Although brokers do not submit Libor readings, evidence suggests that certain brokers conspired with favoured traders to nudge the setting in the desired direction.
No more steak dinners
The nascent 1st line of defence has been in place for about two years. It sits alongside the brokers, and, the risk office concedes, is still a work in progress. It uses the bank model as a template, and, until recently, the responsibility for operational risk in the front office fell to brokers themselves, or senior managers or the risk function itself.
As ever, the particular role of the business in question within the financial services universe gives an idiosyncratic flavour to the role the control function performs. Interdealer brokers have a long and distinguished history of entertaining dealers on a Babylonian scale to furnish thanks for services rendered and to solicit more of the same. Those lavish days are over.
Travel and entertainment are now scrutinised very carefully. The purpose of the meeting with any banker has to be approved, the attendees and the venue for the meeting have to be approved, and there is a spending limit of $200 per head. After the event, full receipts and a report of the meeting has to be provided. No more $2,000 steak dinners at Sparks followed by the VIP room at Scores then.
These meetings also provide valuable intelligence for the risk function. If, for example, a client is taken out frequently but deals infrequently, it’s a red flag that has to be checked out. Conversely, if a client is taken out a great deal and revenue with that client peaks, it’s another red flag.
The whole area of corporate hospitality has become such a minefield that some dealers now refuse to be taken out. At the same time, it is now not unknown for bankers to take brokers out for dinner as the market intelligence at such meetings flows both ways – a state of affairs that would have been occasioned blank stupefaction followed by undisguised derision from any New York bulge bracket trader some 20 years ago.
Work still to do
There are 20 1st line supervisors in the global business at the broker, says the brokerage risk officer, who adds that this number will likely increase and that some of the functions will be covered by the 2nd line of defence. The 2nd line also reports to him, though it also has a matrix report to the head of business controls.
So, there’s something of a patchwork quilt in the financial services industry beyond the world of global investment banking. It’s fair to say that the front office control function is not nearly as advanced as it is in banking, and also that the model has to be tweaked to suit the exigencies of the particular business. But these are early days; things will change.