Risk & Compliance Magazine talks with our EVP Paul Johns about the expectations that risk and compliance managers will face in 2021 as the regulatory landscape shifts.
R&C: How would you describe the current regulatory landscape and the extent to which it is subject to change? What should risk and compliance managers expect as 2021 unfolds?
Paul Johns: Coronavirus (COVID-19) upended regulatory plans and programmes in 2020 as pandemic relief for companies and their customers took precedence. However, regulators were still working on their programmes and supervisory priorities, so we expect an active regulatory environment in 2021 fuelled by the complexities of legislation post-Brexit. In the UK, the topics we are watching in the regulatory landscape include the following.
First, Brexit legislation requirements and the future stipulations for trading with the European Union (EU). Many organisations will need to address policies and processes to align with UK and European legislation.
Second, imminent UK Sarbanes-Oxley Act (SOX) legislation and Sir Donald Brydon's review of reshaping the audit profession. As the UK exits the EU, financial reporting will also need to align. Many key FTSE 100 organisations are already addressing their risk and control framework and, as a result, the governance risk and compliance (GRC)/integrated risk management (IRM) market thrives with new SOX initiatives.
Third, rollout of the Financial Conduct Authority's (FCA's) Senior Managers and Certification Regime (SM&CR) and the completion for solo-regulated firms in March 2021. Many organisations have addressed this legislation directly in point solutions, however as programmes mature, this GRC use case is now finding its way into larger requirements.
Finally, the Bank of England and the FCA's commitment to phasing out the London Interbank Offered Rate (LBOR) by the end of 2021 raises additional compliance issues for companies and not only impacts existing lending facilities but also any new financing.
There are also important ancillary issues such as environmental, social and governance (ESG), climate change and diversity. These are all taking place in an environment where companies are still managing through accelerated digital transformations and digitalisation of their processes.
With the regulatory landscape shifting toward greater accountability, it is imperative for companies to focus on operational resilience and establish frameworks that recognise the interconnectedness of risk.
Reprinted from Risk & Compliance Magazine, April-June 2021 issue.