Neil Herbert, the founder and principal of HR Comply, has spent years marrying the efforts of compliance and human resources functions together at financial firms. His commentary first burst onto the web-pages of Compliance Matters in 2013. In this wide-ranging question-and-answer session, we look at what has changed since then and what ground 'HR' has gained on its far more prestigious, far better-funded sister-function, compliance.

Q1. Have you seen government-inspired remuneration reforms making a real difference at private banks and asset management companies?

A: As it stands at the moment, we haven't seen that, no. Obviously the requirement is to remove the direct commission based sales/reward relationship. Most of our clients are wealth management firms and/or private banks that operate a discretion-based variable-remuneration-type structure, so what we have seen is the introduction of new parameters and determining factors in bonuses.

In the last two years there has been a growing reliance on the objective assessment of conduct-related, compliance-related and risk-adjusted key performance indicators (KPIs). That is what HR Comply's system is designed to do. One of our client-firms adjusts bonuses to compliance results. They objectively assess compliant behaviour, which is conduct-driven and quite formulaic. They can base 15% of staff members' bonuses entirely on compliance, i.e. 15% of a bonus is sometimes directly related to whether the recipient's behaviour has been compliant, in terms of conduct, suitability, anti-money-laundering control, etc.

So we help firms to identify KPIs in a number of areas – the quality and suitability of advice they give, the level of adherence to regulations, conduct risk, 'treating customers fairly' (TCF), competence. Some clients have more than 60 KPIs that are based on conduct risk alone. They monitor these through a combination of fixed-cycle assessments and on continuing, real-time live monitoring, pulling data from different systems.

The system is basically a risk dashboard based around conduct, competence and general performance. There are other competitor systems out there – they are all much of a muchness in their overall objective, although very different in the ways in which they get results. These systems can also tell if people are not up-to-date with continuous professional development (CPD), Accredited Body certification and such things as suitability and AML processes and paperwork.

Q2. In November 2013 you wrote: “In so many companies we deal with, we see human resources (HR) and compliance (departments) operating in completely separate silos” - is this still true?

A: D'you know, I think the thing that's really changed that is the Senior Managers' Regime (SMR). We're quoting for a lot of business as a result of the impending SMR. Our clients are usually small-to-medium businesses rather than the Barclays Banks of this world with very deep pockets. They are looking for straightforward cost-effective solutions. They have to identify everybody for senior management functions (SMFs).

Wherever someone who performs an SMF delegates the assigned areas of responsibility to an individual and/or a function they must have appropriate oversight of that function or individual. They need appropriate internal management information and the ability to interrogate and monitor that information. They need an appropriate supervisory infrastructure based on performance competence and conduct assessment – they need to know individuals are appropriately trained. Because it's all been defined now, it's a very clear requirement. Continuing objective assessments are needed and they must be done by people rather than software. In fact it's all based around assessment – that's the key to the SMR. This is performance management, which does belong under the human resources (HR) remit.

It's absolutely not enough any more for HR to give a senior manager at a private bank a score of 5 or 4 for his performance and leave it at that. Firms want to beef up benchmarking, competence monitoring, certification and assessments. That's all HR. It's not particularly complex; they should have been doing it in the first place, but firms want to save money and they haven't been forced to do it before.

Whether your firm is under the SMR or not, if the FCA comes knocking they are going to want to know what processes you have and if you're managing them. That's caused a huge uptick in demand for systems such as ours. HR has now become a 'significant harm' function, which it never was under the approved persons regime (APER).

Q3. What's the difference between compliance and HR pay?

A: All I can tell you is that compliance pay has been hugely driven upwards. I think it's too soon to see that have any effect on HR salaries. You do, however, see more HR people attending compliance conferences for SMR and 'training and competence' ('T&C') purposes these days.

There's another reason for HR pay going up in the near future. HR now carries real strategic and risk-related responsibilities in a way it didn’t before. It can be a significant function – for example it's responsible for ensuring that the SMR is delivered. You, as an HR manager, could be liable! If you start to carry the can for something, it's a change to your employment contract [and an opportunity for a pay rise]. This is true of all SMFs who with their new presumed responsibilities want better defined roles and better pay to compensate for the risk – after all, why would you want a job that could send you to prison? However, when the Treasury watered down the reverse burden of proof it removed the sting in the tail for the new regime in this respect. However, it clearly will be applied in spirit.

Q4. Are HR directors more common at private banks now than in 2013?

A: Interesting question. In most companies or banks we deal with, and this is the same at both wholesale and retail banks, HR has historically been seen as a rather 'lower tier' management function but, with its critical responsibility for T&C and conduct risk, this is changing. No matter whether HR or compliance people are looking after these areas, the quality and level of seniority of these people is going up. Firms are increasingly trying to hire director-level strategic HR professionals. They've had to run to catch up because sometimes the incumbent HR function may not have the expertise or experience to take on the required responsibilities. I've not seen a corresponding shake-out of mediocre people so far, but they are now looking for strategic HR directors who can shoulder responsibility for business risk rather than the old-style HR managers.

I once worked at an investment bank and the CEO used to refer to me as "that bloke from health and safety"! He had little respect for the HR function, it seemed! Nowadays, he's gone and they probably have an HR director on the senior management team. I think that people like him are becoming the dinosaurs of the financial services industry. However, I'm still surprised by the lack of importance that some clients still attach to T&C, conduct and performance assessment – i.e. HR roles.

Q5. What's happened to conduct risk in recent months?

A: There is a clear trend to take this very seriously indeed. Conduct risk has always been a primary strategic risk to any business, but it now has a centrality that it lacked before. One of our clients has commissioned a completely new system that contains more than 50 conduct risk benchmarks. It wants it to do live tracking daily. Nowadays, also, I get invited to a conduct risk event every week! This takes in subjects such as financial crime, TCF, market abuse, mis-selling etc...

Q6. In 2013 you wrote: "Too many firms are, in essence, outsourcing staff CPD logging to accredited bodies and doing little else, beyond the appointment of one ‘super user’ from each firm to keep an eye on things." Is that still the case?

A: I think a lot of firms (under the RDR regime, primarily) think that as long as the staff still log their training at their relevant accredited body or AB (especially the Chartered Institute for Securities & Investment/CISI) – they can assume that their competence and conduct is all being taken care of. The boxes are ticked. They often don’t thoroughly assess and audit the quality of the training nor assess its impact in delivery of roles and responsibilities – in levels of competence and conduct. That’s simply not good enough any more.

Firms aren't connecting the CPD that their staff have to do with the delivery of their roles the work that they are actually doing themselves and the way in which they deal with their own clients, conduct themselves in the markets etc. If you're not linking the lessons of CPD to delivery, you are not completing the circle. To be honest, I still see that quite a lot. They use the CISI primarily for logging purposes – it delivers the required logs their SPS’s. But the CISI aren’t responsible for assessing performance competence or conduct of Advisers in their own roles – that's not their role and it never will be. That is down to the firm to set clear benchmarks and to assess and monitor effectively identifying shortfalls and attached risks and then remediating them.

Q7. What are the HR/compliance trends this year?

A: The SMR is a big driver but it doesn't affect all wealth management firms. The job of looking after it, however, has fallen in significant part to HR. Compliance is usually responsible for sign-offs and certifications – all the box-ticking, in other words. HR is responsible for driving and analysing CPD and finding out whether people are both competent to manage their delegated areas of responsibility and are doing so effectively.

Q8. What do you think of the 'reverse burden of proof' that they've abandoned? Do you think it's a betrayal or common sense because it always was an alarming and sinister suggestion?

A: In my opinion, it was going to be unworkable. The FCA is not required to adhere to the common principles of law anyway. However, a prosecution based on a presumption of guilt, along the lines of "we are finding you guilty until you prove you're innocent," would be contrary to all principles of justice and human rights – it just wasn’t going to stick.

There have been reports of banks already struggling to appoint people to their boards because who wants to take on that level responsibility? Particularly if the bonuses are being deferred longer and the rewards are simply less than they were. I think the original idea of the reverse burden of proof sprang largely from the political imperative to appear tough towards bankers. I have noticed that the trend in favour of banker-bashing has subsided somewhat these days. I think that the SMR, even minus the reverse burden of proof, is going to be effective and help the reform process along in a good way.

* Neil Herbert is the director of the 'training and competence' (T&C) software firm, HRComply. He can be reached on +44 (0)20 3176 7859 or at neil.herbert@hrcomply.co.uk