Bank Group Insurance Co Ltd, the House of Lords warned against the acceptability of using
an overly holistic approach to establishing the “cause” of regulatory responsibility for the
purposes of determining civil liability as between the insured and insurer under an insurance
contract.
The Financial Services Authority operates on a risk-based approach whereby it differentiates
between regulated institutions and allocates resources to areas of greater perceived risk.69 It
identifies three sources of risk namely:70 The external environment ; consumer and industry-
wide risks and the regulated institutions themselves. The risk-based approach operates on two
levels: at an organisation level, and at the firm level which is articulated in the ‘firm risk
assessment framework’71 Referred to as the ARROW framework (Advanced Risk-Responsive
Operating Framework) by the FSA and its staff, the approach is not focused on compliance
with the prudential requirements that exist within the Interim Prudential Source Book or the
Handbook Guidelines, but encapsulates risks that exist externally and internally in the
financial services industry.72 It takes into specific consideration the interests of wider
stakeholders such depositors, investors and other financial intermediaries, as well as its own
interests and compliance with its statutory objectives and principles.73
The FSA, being a risk-based regulator, has to make difficult choices about how it deploys its
enforcement resources, as with its other resources.74 A consequence of its risk-based approach
is that more of its supervisory resources will be devoted to its supervision priorities and,
within this framework, to the larger financial firms and groups.75
When firms are contacted by the FSA, they automatically assume that, because they have
been selected, it means that the FSA has already decided that there is a problem in that firm -
which is not the case.76 The decision to select a firm takes into account a number of factors
such as the number and type of firms which are active in the market or product that the FSA is
interested in; the desire to find a sample of firms that is representative of the various different
sizes or structures in the market the FSA is considering; the desire to create a representative
sample which includes some firms which the FSA considers are likely to set the highest
standards in terms of systems and controls and practices in that area.77 The sample may also
include some firms about whose practices the FSA has concerns and how the FSA can most
efficiently use its resources to obtain sufficiently information for its needs.78
The combination of more resources being committed to priority areas and the application of
the FSA's risk-based approach to enforcement may give rise to an external perception of
unfairness or ‘rough justice’.79 Any firm which believes its standards to have been no
different to those of its peers may be aggrieved if enforcement actions are imposed on it while
69 See J Hitchins M Hogg and D Mallett, Banking : A Regulatory Accounting and Auditing Guide (Institute of
Chartered Accountants 2001)120,121. In January 2000, the FSA announced its adoption of risk as a driver
for its “business”, see J Gray and J Hamilton 'Implementing Financial Regulation' 2006 p 25. There are
however questions surrounding the suitability of risk as a capable regulatory tool due to its contested nature.
70 Ibid p 121
71 FSA (2000) A New Regulator for the New Millennium, January; FSA (2000) Building the New Regulator:
Progress Report 1, December; FSA (2002) Building the New Regulator: Progress Report 2, February; FSA
(2003) The Firm Risk Assessment Framework, February.
72 FSA Progress Report 1, ibid., at p. 8.
73 FSA Progress Report 1, ibid., at p. 8
74 <http://www.fsa.gov.uk/pubs/other/enf process review report.pdf> at page 18
75
ibid
76
ibid p 19
ibid
ibid
ibid p 20
77
78
79