ANNOUNCEMENT: UK Adviser is now PA Adviser. Read more.

How to meet financial regulation in the letter and the spirit of the law

Suitability regulations should be more than a box-ticking exercise, writes Oxford Risk’s Greg Davies

Greg B Davies


A common first question to ask about suitability regulations is: ‘How do I meet them?’ A better one is: ‘Why do they exist?’

Were you to track regulatory changes over time, you would see a clear direction of travel. Aligning your suitability processes with this direction can transform meeting the rules from a burden to a competitive advantage.

You do this by shifting your focus from the letter of the laws – what they say: the isolated boxes to tick; to their spirit – why they exist: to ensure good client outcomes.

A focus on the boxes to be ticked rather than the reasons the boxes exist can lead to laws being technically followed at the expense of meeting the very outputs the laws are there to produce.

The spirit of financial advisory regulations is clear: to protect clients from bad investments, from unscrupulous salesmen, and even from the clients themselves. They aim to increase a client’s comfort and confidence with investing – to arm them with a greater understanding of what they’re investing in, and why.

The letter of the regulations says you must account for a client’s risk tolerance, knowledge and experience, and so on. But that’s not really what the regulations are after. Because it’s perfectly possible to ‘account’ for these in a counterproductive way.

See also: All I want for Easter is the findings of the FCA’s thematic review

For example, in its 2011 guidance, the Financial Conduct Authority (FCA) stated that they’d ‘reviewed 11 risk-profiling tools and were concerned to find that nine tools had weaknesses which could, in certain circumstances, lead to flawed outputs.’ And in its 2023 MiFID II guidance, the European Securities and Markets Authority (ESMA) spelled out: ‘In assessing a client’s knowledge and experience, a firm should also avoid using overly broad questions with a yes/no type of answer and or a very broad tick-the-box self-assessment approach.’

It pays to ask why these guidelines exist. Shouldn’t the rules themselves be enough, without requiring separate guidelines on how to follow them? The regulators would not have bothered releasing additional guidelines if the ways the risk tolerance and knowledge and experience boxes were typically ticked were good enough. The problem wasn’t what was being done, it was the way in which it was being done.

This is arguably even more apparent in the way Mifid II guidance and the Consumer Duty rules have incorporated the requirement to account for client behaviours. For example, the need not only to tell a client something but to take reasonable steps to make sure they have actually understood it.

We see something similar too with the new Sustainability Disclosure Requirements and their guidance to tackle greenwashing.

See also: Advisers have rich opportunity to treat investors more like humans, not robots

Problems of a checklist-focused approach to suitability

It is undoubtedly tempting to believe that methodologically extracting each requirement from the lines of legislation and ensuring they’re covered in some way will add up to a clean bill of regulatory health. However, this decontextualised line-by-line approach has some practical pitfalls:

  1. It encourages ineffective upfront loading – Confirming the right level of investment risk for a client prior to investing is non-negotiable. But that right level is subject to dynamic change. Understanding of both the client and how they interact with their investments naturally grows over time. Outputs also decay. Of the main elements of suitability, only risk tolerance is broadly stable across time. Trying to get everything out of the way as soon as possible is effective for a checklist, but counterproductive for a client outcome.
  2. It hinders client understanding – A client’s understanding of what they’re investing in (and why) is not helped by haste or volume, or by the lack of a clear link between information requested and its ultimate importance for them.
  3. It leaves advisers playing catch-up – A focus on the letter of the law can leave advisers feeling like they’re playing a constant game of catch-up: tweaking processes, and bolting-on additional steps to meet each new requirement. However, reacting to regulatory changes is less efficient than anticipating them. A focus on the spirit of the laws should ensure that regulatory requirements are met as a side-effect of following processes designed for other purposes.

Future-proofing your suitability processes

It could be argued that all talk of ‘spirit’ is a bit unscientific, and no defence against a regulatory judge. This would be wrong. It is far more dangerous to rely on blind box-ticking with evidence only of the answer, not the process, or the reason, or what the question was, or why it was being asked.

This isn’t about abandoning the checklists in favour of assuming that if a client is comfortable then all is well. It is simply about where to angle your attention. To see that the best suitability processes focus less on acquiring client knowledge for the purposes of ticking boxes, and much more on how we use this knowledge in coherent suitability frameworks that reflect an understanding of what truly matters to investors.

Greg B Davies, PhD, is head of Behavioural Finance, Oxford Risk

Latest Stories