Volume 7 (2023-24)

Each volume of Journal of Financial Compliance consists of four 100-page issues published both in print and online.

The Articles published in Volume 7 include:

Volume 7 Number 3

Editorial
Mario J. Difiore
Practice Papers
Intelligence-led analytics for anti-financial crime compliance
Ashley Bostel, Head of Financial Crime Analytics, NatWest Group

Financial institutions are continually looking for novel ways to improve the effectiveness of their anti-financial crime controls. Increasingly, they are turning to analytics to do this by embedding analytics into their anti-financial crime processes. Historically, analytics was used to gather information and provide summarisation and insights to support assessment and optimisation of financial crime controls, but advanced analytics and machine learning solutions have transformed the way financial crime is detected and investigated. In particular, the use of ‘intelligence-led’ analytics can improve the effectiveness of an institution's anti-financial crime controls by guiding them with additional financial crime intelligence information delivered through analytics solutions.
Keywords: intelligence-led analytics; analytics; financial crime; compliance; financial crime analysis; anti-financial crime analytics; transaction monitoring; financial crime investigation; machine learning; network analytics; big data; cloud computing; artificial intelligence; generative AI
Internal investigations into regulatory misconduct: Key issues for individuals
Francis Kean, Partner, McGill and Partners, and Menelaos Karampetsos, Associate, Brown Rudnick LLP

This paper will address key issues for individuals in respect of internal investigations prompted by significant, non-criminal, financial regulatory issues. For the purposes of the paper, the authors will focus on firms authorised and regulated by the Financial Conduct Authority (FCA) and internal investigations conducted as a result of a breach or suspected breach of FCA rules. The paper will cover matters relevant to individuals such as: (i) duty to participate, (ii) rights and obligations, (iii) access to materials, (iv) legal advice and (v) costs/the availability of insurance coverage. The analysis will be framed in the context of current FCA enforcement trends and priorities regarding both entities and individuals.
Keywords: investigations; FCA; insurance; misconduct
Are firms getting the message? Record-keeping obligations related to off-channel messaging
Kevin Spence, Director of Compliance, Teachers Insurance and Annuity Association

Several high-profile enforcement actions and significant fines brought against notable financial institutions for violations of record-keeping requirements relating to electronic communications continue to foster discussions throughout the financial services industry. This paper seeks to provide a timeline of the most notable regulatory activity and enforcement actions taken against firms. Secondarily, this paper will discuss the regulatory requirements for record-keeping and electronic communications as they relate to broker-dealers and registered investment advisers, while also highlighting significant differences between the two sets of requirements. Lastly, this paper provides guidance for financial services firms on implementing an effective compliance framework for establishing record-keeping controls that could potentially aid firms in meeting their regulatory obligations.
Keywords: record-keeping; off-channel messaging; compliance; broker-dealer; investment adviser
ESG and anti-financial crime: Two sides of the same coin?
Diane Bugeja, Senior Associate, Camilleri Preziosi Advocates

Over the past years the fields of environmental, social and corporate governance (ESG) and anti-financial crime (AFC) have grown to encompass major concepts which various business entities have struggled to grapple with. Both ESG and AFC developed separately, against different backgrounds and for different reasons. ESG is still a growing area (when compared to AFC) and much of the focus so far has been on investments within the ‘environmental’ criteria. Hence, it has not come naturally to most industry players to consider these two important risks together and highlight similarities between these two concepts. This paper looks into each of the factors making up the ‘ESG’ domain and assesses further how these are linked to AFC considerations. The aim of this paper is ultimately to get financial services market players to think about how to manage ESG and AFC together rather than in silos, in the hope of reaping even more benefits and avoiding duplication of similar workstreams.
Keywords: ESG; AML; AFC; corruption; risk management
The role of ethical leadership in resilient corporations
Jorge Dajani, Director of Global Corporate Services, World Bank Group and Marianne Rossert, Adviser to the Chief Ethics Officer, World Bank Group, Ethics and Business Conduct

This paper suggests that to ensure resilient and sustainable organisations, ethical leadership needs to go beyond strict rule compliance, using a four-pronged approach: 1. Collect and monitor broad indicators, quantitative and qualitative, that may signal an increase in ethical risks; 2. Create an open and safe dialogue culture where voicing risks and concerns is actively encouraged. 3. Develop a values-based corporate culture where duty of care, in its widest conception, guides policies and decision making by all members of the organisation. This implies actively supporting those who (i) show genuine concern and care for the organisation; (ii) care for one another and for their staff; (iii) care for stakeholders, including clients and those that may be negatively affected by its operations; 4. Create trust in this values-based culture by ensuring a gradual, people-centred response to inappropriate conduct, away from the traditional rules-based legalistic approach that has fuelled distrust in the system's ability to heal internally.
Keywords: ethics; resilience; care; trust; values-based
Future state AML: Using advanced technology to reimagine transaction monitoring
Chris Phillips. SVP, Director of AML Compliance, Valley National Bank

Anti-money laundering teams are increasingly looking to implement advanced technology, including machine learning and artificial intelligence, to help reduce workloads while ensuring compliance with applicable regulation. However, much of what is being implemented today sits on top of legacy systems and is aimed less at effectively detecting financial crime and more at reducing false positive alerts. This paper reimagines how AML compliance can implement advanced technology from the ground up to not only reduce the number of false positives, but to also provide more useful and timely information to law enforcement. All technology discussed in this paper is currently on the market or under development. The paper can be used as a starting point for AML teams to think about how they can implement advanced technology end to end in order to improve the transaction monitoring process and suspicious transaction filings.
Keywords: anti-money laundering; ma-chine learning; artificial intelligence; BSA; suspicious transaction filings
US economic sanctions targeting Latin America: Recent changes, developments and compliance challenges
Cari N. Stinebower, Partner, and Mariana Pendás Fernández, Associate, Winston and Strawn LLP

The United States — specifically through the US Department of the Treasury's Office of Foreign Assets Control (OFAC) and the Department of State — has maintained economic sanctions against certain Latin American countries since the 1950s. Starting with broad-based sanctions against Cuba, where OFAC prohibited virtually all transactions, the Department of the Treasury has instituted more-targeted sanctions regimes against Venezuela and Nicaragua, where non-government dealings are, for the most part, authorised. Together, the Departments of State and the Treasury also administer sanctions against various narcotics and terrorist organisations operating in Latin America. Most notable is the Foreign Narcotics Kingpin Designation Act, which has targeted trafficking organisations, foreign officials and their money laundering empires. To that end, sanctions, while initially imposed to fight certain political regimes, have developed into sanctions targeting all kinds of wrongdoing such as sponsoring terrorism, aiding and abetting drug trafficking, corruption and the commission of human rights violations. US sanctions violations are assessed under a strict liability standard (ie, no knowledge of the violation is required to trigger liability) and impact not only those directly subject to the jurisdiction of the US but also may carry implications for non-US persons undertaking certain ‘significant transactions' with sanctioned persons and jurisdictions. Further, while sanctions apply to US persons, OFAC can institute penalties on non-US persons for causing a US person to violate their compliance obligations. In addition, OFAC (or the Department of State) may sanction persons (individuals or entities) by adding them to the Specially Designated and Blocked Nationals (SDN) List. US persons must block the property and interests in property of SDNs, and are prohibited from virtually all, direct and indirect, transactions involving an SDN. SDN restrictions also apply to ‘Shadow SDNs' which are entities owned 50 per cent or more, directly or indirectly, by one or more SDNs in the aggregate. A Shadow SDN receives the same treatment as SDNs, regardless of whether such entity is itself on the SDN List. The challenge with Shadow SDNs is that they can only be discovered through rigorous due diligence into beneficial ownership structures of sometimes opaque corporate entities. This is where the world of sanctions compliance and enforcement crosses with that of anti-money laundering. The evolving customer due diligence, ongoing customer monitoring, suspicious activity investigations and reporting, and know your customer (KYC) (and know your customer's customer [KYCC]) evidenced are reflected through the evolving Financial Action Task Force (FATF) Recommendations, the Financial Action Task Force on Money Laundering in South America (GAFISUD) and domestic regulations. As a result of the increasingly unpredictable political changes in Latin America, and the concurrent changes in sanctions regimes, financial institutions (FIs) should maintain a proper understanding of the current sanctions prohibitions, the trends and updates in the area, but equally important, they should also maintain a good understanding of the complex legal provisions authorising certain behaviours — including the general licences and exemptions — that may apply. FIs must balance mitigating the risks of sanctions violations, and the associated hefty penalties, with the risks of a cumbersome and overly restrictive compliance regimen. An appropriately risk-based compliance programme that achieves both of these objectives is very much an art and not a ‘one size fits all’ model.
Keywords: sanctions; Specially Designated and Blocked Nationals (SDN); Office of Foreign Assets Control (OFAC); Latin America; Cuba; Venezuela; Nicaragua; financial institutions; anti-money laundering (AML); compliance

Volume 7 Number 2

Editorial
Mario J. Difiore
Practice paper
Reviving securitisation in the EU: A critical analysis of the reporting requirements
Olivia Hauet, European Central Bank

The EU Securitisation Regulation (SECR) came into force in 2018, applying to securitisations issued after 1st January, 2019 and to eligible legacy securitisations. This is a cornerstone of the Capitals Market Union (CMU), which, together with the amendment of the Capital Requirements Regulation (CRR), aims at reviving the European securitisation market. By introducing a robust and harmonised framework, the regulator intends to resolve the following conundrum: how to relaunch the securitisation market, which is essential for financing the economy, while mitigating its vulnerabilities and the stigma associated with it? More specifically, the CRR amendment contains the calibration of capital requirements in accordance with the updated hierarchy of methods while the SECR defines the criteria for securitisations to qualify as ‘simple, transparent and standardised’ (STS). The SECR also sets common rules for the due diligence obligations of institutional investors, regardless of the sector to which they belong. An intrinsic (although not specific) problem with securitisation is the question of asymmetry of information, since investors have access to less information about the loans backing the tranches than lenders involved in their origination. Article 7 of the SECR addresses this issue by defining high standards to transparency requirements using a very granular reporting method. While market participants recognise the necessity of fostering transparency and due diligence to increase confidence in the market, the current reporting framework, because of the burden it represents, may discourage potential investors and originators. This paper provides a thorough overview of the reporting obligations set on credit institutions in the context of securitisation. It demonstrates how the lack of integration and proportionality combined with technical limitations perpetuates regulatory fragmentation and associated high costs. It proposes potential solutions to integrate requirements from various sources into a unified model and concludes with the necessity to improve the governance of reporting and data requirements at a European level.
Keywords: securitisation; due diligence; regulatory reporting; capital requirements; granular data; data model
Compliant marketing: breaking down the new marketing rule
Elizabeth Cope, SEC Compliance Solutions

The Securities and Exchange Commission (SEC) adopted the New Marketing Rule on 4th May, 2021, giving registered investment advisers until 4th November, 2022 to comply. This New Marketing Rule (the Rule) replaced the original advertising rule that was adopted in 1961 and the original cash solicitation rule that was adopted in 1979. This much-needed update takes into consideration the modernisation of advisers' marketing efforts and combines the two old rules into one. As with any new rule, advisers run into the added challenge of interpretation. This Rule is primarily principles-based, and we do not know yet how the SEC will interpret advisers' various implementations. This paper will only address the requirements that apply to investment advisers registered with the SEC. As such, this paper will tackle the new definition of an ‘advertisement’, principles-based prohibitions, specific disclosure requirements and restrictions for performance, testimonials and endorsements, third party ratings, clarification on the applicability for private fund managers, new ADV disclosure requirements around advertising and new books and records requirements.
Keywords: marketing; solicitation; general prohibitions; disclosures; testimonials and endorsements; third party ratings
Preparing for the implementation of EMIR REFIT
Carolyn Jackson and Ciara McBrien, Katten Muchin Rosenman UK LLP

The new obligations under EMIR REFIT (as defined below) require firms to adopt new reporting standards for derivatives transactions and upgrade outstanding derivatives transactions to the new reporting format. The implementation date is 29th April, 2024 in the EU and 30th September, 2024 in the UK. To navigate the complexities of EMIR REFIT, firms should start preparing for the implementation of the new requirements as soon as possible.
Keywords: reporting; EMIR; REFIT; derivatives; regulation; EMIR 3.0
AML for a blockchain age
Neal Christiansen, Valerie-Leila Jaber, Grant Rabenn, and Melissa Strait, Coinbase

Blockchain technology is not only unlocking important innovations in financial systems, it is also the foundation for powerful new tools used to combat illicit finance. This paper describes some of the ways that this technology not only enhances traditional compliance tools but also goes further, offering investigators unprecedented access to transactional data. The result is that virtual asset service providers, unlike traditional financial institutions, are not limited to static or opaque stores of customer information but can instead conduct more sophisticated analyses that are faster, more reliable and more dynamic than what was previously available. Given this new compliance landscape, this paper sheds light on where the most significant illicit finance threats are in the cryptocurrency ecosystem and, further, how regulators can support the development and adoption of powerful new compliance tools, including those using novel digital identity systems.
Keywords: virtual assets; cryptocurrency; virtual asset service provider; VASP; blockchain analytics; know your transaction; KYT; decentralised identity; DID
Unintended consequences of the risk-based approach? De-risking tendencies in anti-money laundering and countering the financing of terrorism compliance
Astrid Satovich, European Savings and Retail Banking Group

This paper provides an overview of the regulatory approach taken by the European Union (EU) to counter unwarranted de-risking activities by financial institutions in the field of money laundering and terrorist financing. As an integral part of the network to combat money laundering and terrorist financing in the EU, financial institutions are subject to a comprehensive regulatory framework that follows a risk-based approach. In the course of the revision of this legal framework and driven by different developments such as migration, the phenomenon of unwarranted de-risking has increasingly come to the attention of EU regulators. Some related factors to unwarranted de-risking are typically the risk of non-compliance with rules in the field of anti-money laundering (AML) and countering the financing of terrorism and respective sanctions, including reputational damage, the increasing administrative burden that potentially comes with risky customers, as well as the associated high compliance costs and necessary training for employees. Additionally, the phenomenon of unwarranted de-risking can only be fairly assessed when being distinguished from de-risking decisions taken by financial institutions in accordance with their business strategy. Given the high impact unwarranted de-risking can have on important areas such as financial inclusion and as a result of observing an increase in unwarranted de-risking activities, EU regulators have focused on clarifying legal uncertainties faced by financial institutions, for example in the AML package published in 2021 and in the revision of existing and issuance of new Guidelines by the European Supervisory Authorities in 2023, as examined in this paper.
Keywords: de-risking; compliance; anti-money laundering; risk-based approach; know your customer; KYC; financial crime
How does hotline and incident management stack up in the financial services industry? An analysis of comparative metrics
Carrie Penman, NAVEX

An efficient and trusted mechanism by which employees can anonymously or confidentially report allegations of suspected or actual misconduct is the hallmark of a well-designed compliance programme. Yet, every industry will have different metrics related to their reporting processes and systems. There is not a ‘right’ answer because all metrics will be influenced by the risk areas facing each industry. The finance sector is no exception. So, what does the data show for the finance sector and how can the data be used to impact programme effectiveness? To answer this question, in 2023, NAVEX®, a provider of governance, risk and compliance information system software and services, examined financial-industry specifics within a large global data set of anonymised hotline and incident management metrics. This research, published here for the first time, follows the release of NAVEX's 2023 ‘Hotline & Incident Management Benchmark Report’ — an annual, publicly available analysis of hotline reporting data generated through the intake channels NAVEX provides to its customers. This research publication, published in March, involved a total of 1.52 million reports worldwide. Financial services was the third-most represented sector across the larger benchmark report. Comparing financial services to global benchmarks, it appears the industry is outperforming other sectors in several key incident management metrics. Yet for individual financial firms, the industry-specific benchmark data revealed in this analysis could provide a more refined look into the ways organisations can compare their programmes to their industry peers. Overall, the financial services industry received more reports per 100 employees, fewer anonymous reports, and were consistently closing cases even with a different mix of issue types, ie more business-related issues than other industries.
Keywords: compliance; governance; risk and compliance; organisational culture; risk management; hotline
How counter extremism could improve financial institutions’ counter terrorist financing controls
Richard Wall, Bank J. Safra Sarasin (Gibraltar) Ltd

This paper aims to provide insights into counter-extremism measures and how these may be applied by financial institutions as part of their counterterrorist financing controls. The paper suggests that extremism ‘red flags' could be used as a pre-emptive measure against terrorist financing.
Keywords: counterterrorism financing; extremism; terrorism; financial institutions
Expert networks, alternative data and managing risks of material non-public information
James G. Lundy, Margaret Gembala Nelson and Bill McCaughey, Foley & Lardner LLP

Expert networks and alternative data providers can be sources of invaluable information with which to make investment decisions, and they can play an important role in maximising returns from financial markets, but with the use of the sophisticated information they provide comes certain risks of regulatory scrutiny and even potential investigation for insider trading. However, a well-designed compliance programme can be tailored to monitor for, prevent, and detect red flags to avoid investigations and charges by financial enforcement authorities. Due diligence, the establishment of proper policies and procedures, and adherence to best practices will make the difference, not only in avoiding prohibited trading but in ameliorating the potential consequences if allegations of illegal behaviour arise. Financial advisers looking for an edge are well advised, themselves, to understand the risks and prepare against them.
Keywords: expert network; alternative data; material non-public information; MNPI; insider trading; investment best practices; SEC

Volume 7 Number 1

Editorial
Mario J. Difiore
Practice paper
Why and how to embrace entity resolution and contextual monitoring
Aaron Wolf, Deutsche Bank

Criminal activity is an unfortunate constant in life. Some criminals are highly sophisticated, others not so much. The common objective of each criminal, regardless of the level of sophistication, is to stay at least one step ahead of the system of controls in place to prevent, detect and report their illicit activity. From a transaction monitoring perspective, criminals had a significant advantage for some time with the ineffective rules-based transaction monitoring (RBTM) that most banks utilise. The scale is beginning to tip back in our favour with the advent of new and improved technologies, such as entity resolution and contextual monitoring (ER/CM). The purpose of this paper is to demonstrate the clear advantages of ER/CM and what you as practitioners should consider when deciding if you should make the switch and what to consider when implementing the technology.
Keywords: regulatory technology (RegTech); entity resolution; contextual monitoring; risk-based approach; risk appetite
The case for self-regulation for the digital assets industry
Alma Angotti, Tracy Angulo, and Gene Bolton, Director, Guidehouse, and Gabriella Kusz, Global Digital Asset & Cryptocurrency Association

The concept of self-regulation and the use of self-regulatory organisations (SROs) as a feature of legal and regulatory frameworks has been adopted to support effective and efficient capital market development in a number of countries around the world. Most notably, the International Organization of Securities Commissions (IOSCO) set forth through its SRO Consultative Committee a ‘model for effective self-regulation’, the general principles for self-regulation and why self-regulation should be incorporated into regulatory frameworks. Since 2000, this has served as the outline for SRO development. Today, many countries are struggling with the question of how to regulate cryptocurrency and digital assets — including the US. The rapid evolution, high degree of expertise and understanding needed, and decentralised, cross-border nature of digital assets presents unique challenges for regulators. In the wake of the failure of the centralised finance (CeFi) digital asset exchange FTX, this research explores whether an SRO may be suited to the nature of the digital asset industry and how it may provide a strong complement to formal US government regulation. Such a complementary relationship may offer United States regulators and legislators a mechanism for providing a high degree of regulatory coverage which balances the need for consumer protection and market integrity with the need for innovation. In exploring this subject, researchers undertook desk study on the IOSCO Framework for Effective Self-regulation and explored existing and emerging national SROs in the digital asset space. Desk study was coupled with individual one-on-one interviews with global digital asset industry leadership and public roundtable forums. This research concludes that an SRO may serve to provide the US legal and regulatory framework with a high-quality solution to the challenges of legislating and regulating in the ever-changing environment of digital assets.
Keywords: self-regulation; digital assets; crypto; cryptocurrency; regulation; the International Organization of Securities Commissions (IOSCO); National Futures Association (NFA); Japan Financial Services Agency (JFSA); Japan; Switzerland; USA; securities; commodities; Commodities Futures Trading Commission (CFTC)
The resolution plan for insurers in France: Being prepared in case of a failure
Frédéric Visnovsky, French Prudential Supervision and Resolution Authority

The failure of an insurer may affect policyholders as well as the broader economy. This explains why a resolution regime is useful, with the objective of making it feasible to maintain vital economic functions and activities, which are needed, without disruption and without exposing taxpayers to loss. The resolution regime is a core element of the policy measures adopted by the G20 in the wake of the global financial crisis and applies to banks in most countries, with France being one of the first EU member states to adopt a regime for the recovery and resolution of insurance undertakings. The work undertaken to prepare resolution plans consists of first identifying the functions deemed to be critical which should be maintained. For the resolution to be effective, this work needs to be complemented with analysis of the level of separability of these critical functions from the rest of the undertaking or group, as this is necessary to ensure operational continuity in the event that a resolution action is applied. The next step consists of specifying resolution strategies that could be applied to groups or bodies performing critical functions, in accordance with different possible crisis scenarios and taking into account different resolution tools used separately or in combination. Based on these elements, Autorité de Contrôle Prudentiel et de Résolution has adopted the first resolution plan for 13 insurers, but this needs to be complemented by additional analyses and additional information in order to cover all the topics needed to operationalise resolution strategies and ensure the resolvability of undertakings.
Keywords: recovery; resolution; insurers; critical functions; separability; interconnection
Best practices when handling whistleblower complaints
Tracey Salmon-Smith. Sandra D. Grannum, Jesse Linebaugh, and Vijayasri G. Aryama, Faegre Drinker

This paper is intended to serve as an initial guide for members of public companies on creating company whistleblower policies and procedures for the investigation of employee whistleblower complaints. Companies should establish clear internal policies for how employees can make whistleblower complaints, who should receive those complaints, how to investigate those complaints (whether internally or externally) and how the results of the investigation should be reported or shared with others.
Keywords: whistleblower; whistleblower complaint; regulatory; regulatory investigation; internal investigation; internal complaint; compliance
The crypto frontier: How US policymakers and investment advisers can address digital assets
William Nelson, Investment Adviser Association

This paper focuses on prominent issues surrounding digital assets. The lack of a comprehensive federal digital asset law has recently raised several issues for Securities and Exchange Commission (SEC)-registered investment advisers as they try to navigate new markets and new industry practices. As such, this paper addresses the current US regulatory landscape, provides a comparison of non-US approaches to digital assets and provides US policymakers with key principles they can consider for potential digital asset legislation and/or regulation. The paper also provides compliance considerations for investment advisers who currently manage digital assets, to address the evolving obligations under the US securities laws.
Keywords: Securities and Exchange Commission (SEC); investment adviser; compliance; digital assets; cryptocurrency; crypto-assets
Consumer protection and good customer outcomes in an evolving financial services ecosystem
Donna Turner, Shapes First

Consumer protection and the conduct of financial services firms has been a focal point and priority since statutory obligations on the financial services sector became law in 1986 with the introduction of the Financial Services Act. However, that has not prevented the continuous stream of scandals hitting the financial services industry and the consumers they serve or the never-ending battle to fight against criminal activity and strategies. This paper describes the evolution of standards in relation to financial services consumer protection, the new and evolving risks that consumers face and considers why regulation is needed that requires firms to put their customer needs first.
Keywords: treating customers fairly; payment protection insurance; consumer duty; Senior Managers and Certification Regime (SM&CR)
Simplifying US state-level obligations to help achieve compliance certainty
Kris Stewart and Elaine F. Duffus, Wolters Kluwer

This paper provides key insights into how expert augmented intelligence helps simplify and refine state compliance obligation management with dynamic technology. Learn strategies to help financial institutions overcome four unique pain points of achieving complete compliance confidence. Readers will learn how top banks are able to reduce reliance on third-party legal firms, connect various components of regulatory change management together and gain a strategic perspective on how that impact is realised.
Keywords: state obligation management; regulatory change; regulatory compliance; artificial intelligence; state-level legal and regulatory compliance
Is employees’ understanding of conduct risk aligned with values espoused in their employers’ public statements?
Alexander Culley, C & G Regulatory Solutions

The purpose of this paper is to examine whether there is any correlation between the values expressed in the published statements of investment firms and their employees' understanding of conduct risk. A qualitative examination of: (a) 20 semi-structured interviews, comprising 17 with employees from nine UK firms engaged in brokerage and trading activities, and three interviews with consultants specialising in conduct risk who regularly assist such firms; and (b) the publicly available statements issued by nine UK firms engaged in brokerage and trading activities. The paper finds much alignment between firms' publicly stated values and their employees' understanding of conduct risk. However, some themes that are currently high on the UK Financial Conduct Authority's (FCA) agenda, such as non-financial misconduct and transparency, receive little to no attention in either. The study's findings are limited to the insights of the interviewees who took part. These insights may not represent ‘what actually happens' on the trading floor. For this, an ethnographic study would be required. The findings imply that current conduct-related initiatives led by the FCA are not making a significant impact on brokerage and trading firms. This paper builds on a previous study that examines possible relationships between banks' corporate value statements and incidences of misconduct. Furthermore, it proposes the piloting of a conduct risk awareness programme that utilises the experiences of former miscreants to help embed cultural change.
Keywords: conduct risk; Financial Conduct Authority; corporate values; corporate culture; business ethics; investment firms