Generally, as regulatory change programmes develop over time, it is not uncommon for them to lose focus and drift off course, often due to a combination of factors. Some projects, simply due to their length, lose their way against their original objectives particularly when wider business change is “tacked on” due to budget, resource or time constraints. The original goals or intended outcomes can easily be compromised partially or entirely.
With so many potential distractions and hurdles to overcome, how can organisations ensure that their change programmes meet the requirements of the regulations they are supposed to comply with? At BeyondFS, we recommend using a regulatory traceability matrix for all change or transformation programmes connected with a regulatory mandate. The matrix can also be used to define the Definition of Done and can be used to make informed decisions when a firm is deciding how they are going to conduct ongoing monitoring.
What is a traceability matrix?
A traceability matrix ties a programme together by mapping the regulatory requirements through to project structure and workstreams and the final end state that the organisation wants to achieve. Starting with the regulatory requirements, the matrix would typically include a description of the required work or output that satisfies the requirement, details of how it would be implemented, and an example of how implementation (and in the case of Consumer Duty, relevant customer outcomes) would be tested. Pinning down these definitions will improve communication between stakeholders, ensuring that everyone is aware of the agreed requirements, and better articulating the steps needed to succeed.
It can then also be used to track the progress of requirements, remediation plans, implementation and testing helping management to ensure that all requirements are met and that the planned outputs are consistent with the regulatory requirements. In brief, with a new, complex and wide-ranging set of rules like the Consumer Duty, a traceability matrix can give an organisation comfort that they are fully compliant.
Outcomes not rules
The ultimate success measures for Consumer Duty implementation will take the form of good customer outcomes, a stipulation which is unusual for regulatory projects. This makes compliance more complicated as organisations need to anticipate the outcomes of their activities, and put in place measures to evidence that desired outcomes are really happening. The blank canvas makes it more difficult to know whether an organisation is compliant initially, but the granularity now required of a firm will give them greater understanding of their products and offerings, and ultimately give them far greater control.
The key point is that organisations must have a clear understanding of the customer outcomes they are trying to facilitate, and documented evidence of how their products and services are designed to optimise the probability of these outcomes.
Looking beyond implementation
However, it is not enough for firms to evidence implementation; rather this oversight must be carried through to business as usual to monitor customer outcomes. As such, firms will need to design and build a robust reporting control framework before transition to business as usual. A traceability matrix can also be used as a starting point for this as controls can be matched directly back to the workstream activities and original regulatory requirements. Under Consumer Duty, firms need to produce annual assessments of whether they are delivering good customer outcomes, and so it is important to be prepared with what needs to be reported, and how it can be demonstrated. Approaches may include:
- Reviewing a product, service, or communication from the standpoint of the end customer. Taking things in isolation, as would be presented to the client, can quickly highlight where areas may be lacking clarity or be misleading.
- Having processes and policies in place to deal with bad outcomes, mitigating the risk of further harm to the end customer.
- Embedding Consumer Duty into the culture of a firm makes compliance second nature, rather than a tick box exercise.
By following the practices described here, organisations should be able to provide comfort to both regulators and internal governance that they are meeting customer outcome expectations. Constructing a regulatory traceability matrix is one simple tool of many to ensure appropriate oversight and help to drive meaningful and sustainable change across the organisation.