I went along to an event a few weeks ago organised by JWG-IT in which they talked about how they are involving 8 of the top banks (it was 11 but these are the times we live in…) in defining what they term as "Sturdy Breakwaters" to help financial institutions turn regulatory principles into template action plans that would (almost) ensure regulatory compliance.
A "Sturdy Breakwater" is a legally recognised term which in the context of industry guidance by FSA is described as offering effectively what amounts to protection against action by the FSA against an institution following such guidance, but not offering protection from other third parties (other institutions and clients maybe). Such industry guidance would need to be explicitly made public by the regulator but once done so it would be possible for institutions to adopt this approach and benefit from its protection (and prescription). For those of you interested in finding out more please take a look at a background document "FSA confirmation of Industry Guidance"
The debate on the pros and cons of rules-based or principles-based regulation have raged on and on in the industry. Basically most regulators dislike the rules based approach since firstly it promotes a "tick box" approach to achieving regulatory compliance (without necessarily delivering on the underlying problem being regulated) and secondly the bright people at the banks invariably find a way round any given set of fixed rules.
The banks would prefer a rules based approach since it is easier to turn a set of rules into a set of actions, rather than trying to figure out what a broad principle means – anyone fully certain what achieving "best execution" from MiFID entails doing yet for example?
Institutions understandably do not like it when regulators use the best part of a compliance implementation at one organisation to say to another "and why aren't you doing this too?" but sometimes the flip side of this is that the institutions sometimes do nothing for a particular regulation, watch what other organisations do and which organisations are fined and why.
Put another way it seems like the regulators and the institutions are both sometimes guilty of trying to arbitrage each other through a deliberate policy of either saying or doing very little.
This Sturdy Breakwater/Industry Guidance approach seems to be a sensible approach to bridging the gap between principles and rules, I guess the only question is if this is such a good idea then why are there only four pieces of confirmed Industry Guidance in place so far? Any answers appreciated!