Standards are used across the financial services industry to help institutions and retail businesses manage their internal and external risks and ensure customers are treated fairly.

This is done by implementing industry-agreed processes and procedures that allow the adoption of the right level of behaviour and professionalism.

For regulated firms, the significance of effective compliance management has been emphasized by major regulatory breaches in recent years that have occurred on a global scale relating to wholesale, retail, and investment markets. 

Rogue trading, insider dealing, mis-selling, and failures in Anti-Money Laundering procedures can have major impacts on firms, their customers, investors, and shareholders. Consequentially, firms are seeking to improve their internal systems and controls through additional investment.

When compliance is well managed, it helps organizations to detect and prevent breaches, thus reducing their risk of fines and lawsuits. BS ISO 37301:2021 is about implementing an ongoing compliance management system and obtaining a better understanding of good compliance.

It specifies requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining, and improving an effective compliance management system within an organization.

In addition to the requirements, which follow the ISO high-level structure, BS ISO 37301:2021’s annexes provide excellent guidance for those interested in gaining a deeper understanding of the need for, and benefits of, good compliance.

In 2011, BSI published a British Standard BS 8453:2011 Compliance Framework for regulated financial services firms, developed by industry experts and compliance practitioners to help establish, manage and maintain an effective compliance function. BS 8453:2011 takes a risk-based approach to managing compliance through the implementation of an effective compliance framework. The compliance department needs the support of senior management to prevent regulatory breaches and be truly effective. 

How do standards help financial organizations manage compliance risk?

Standards, such as BS ISO 37301:2021 and BS 8453:2011, provide best-practice compliance frameworks designed for financial services. 

They offer practical advice and guidelines to help firms develop a compliance culture from the top-down, reducing risk to you and your investors, by specifying overarching policies, procedures, and methods for operating a compliance framework within a regulated financial services firm. 

The benefits of using BS ISO 37301:2021 include:

• It brings together the organization’s key structures, policies, processes, and procedures, making compliance management more efficient

• It helps organizations better understand their context, business operations, obligations, and compliance risks, and implement reasonable steps to meet their obligations

• It prevents or enables the early detection of rules violations, decreasing the risk of fines, penalties, work shutdowns, lawsuits, and reputational damage

• It can help ensure that organizations act lawfully and conduct their operations ethically, in line with social responsibility commitments.

Adopting these standards allows your organization to work with confidence – knowing that you’re using a set of best-practice systems and controls. The extent to which the requirements of the standard are applicable to an individual firm depends on the nature, size, and complexity of the firm’s business.

To learn more about protecting your financial service business from risk and building organizational resilience, click here. 

What is a compliance culture?

BS 8453:2011 defines a compliance framework as a “series of activities across a firm that, when implemented together, help to ensure compliance”. 

To be a compliant organization within the financial and professional services industry, a firm’s governing body, through policies and appropriate training, must articulate the core values which underpin the firm’s relationships with its clients, customers, counterparties, authorities, industry, and markets. These will define the behaviours expected of its staff thereby establishing a compliance culture that promotes integrity in all aspects of an organization’s business.

A compliance culture can be promoted by, among other things, mission statements and codes of conduct. A firm’s governing body and senior managers should work with the compliance function and others to drive the culture, identify deficiencies in their business culture and provide solutions.

Other key standards in the financial services industry

The financial services industry has long embraced standards to simplify integration between service providers and clients. The following titles are also key to organizations in the financial services industry:

• Information security management – BS EN ISO/IEC 27001

• Business continuity management – BS EN ISO 22301:2019

• Complaints handling guidelines – BS ISO 10002:2018

• Data protection – BS 10012:2017

• Compliance Risk Management - BS ISO 37301:2021

• Legal Risk Management – BS ISO 31022:2020

• Financial advice and planning services – BS 8577:2012

• Inclusive service provision – BS 18477:2010

Protect your financial services business from compliance risks by adding the standard BS ISO 37301:2021 to your collection today.

Discover BSI Knowledge

BS 8453 and over 100,000 more internationally recognized standards are available for simple and flexible access with a BSI Knowledge subscription. In your trust-critical industry, our subscription service puts the control in your hands, with traceability to monitor and demonstrate your business's compliance to standards, and self-serve functionality that enables you to manage your subscriptions, standards, users, and content quickly and simply. Request to learn more.