Global regulators set sights on firm management

Published on 1st February 2021

Corlytics have released analysis comparing global regulator activity from 2020 to 2019. Surprisingly, the levels of large fines levied on financial firms are up on the previous year, despite the Covid pandemic. Specifically, there has been a sharp increase in regulatory enforcements around “firm governance” or “firm management” themes. Corlytics analysis has shown that regulators globally have increased threefold the number of regulatory changes, guidance and other notices on the theme of “firm management”. Both sets of information point to heightened focus of all regulators to key aspects for how financially regulated firms are run, rather than to any specific aspect of conduct.

5 key areas of firm management show big increases in fine levels in 2020: Data privacy, IT governance and cybersecurity, risk management, supervision and systems and controls.

Heavy penalties follow regulatory reform and regulatory notices– An increase of close to 300% in the number of regulatory developments published relating to firm management from 2019 to 2020 sees increased fines in the following year from January 2020 to January 2021 of $1.9bn USD to $3.3bn USD for this category alone.

The data from Corlytics, which specialises in regulatory risk impact, for both regulatory changes and live regulatory announcements confirms the impact of regulators publishing volumes the following year. The actual volume published, specifically in relation to firm management, was over three times that of 2018 putting governance very much front and centre of the concerns of the regulators.

When Corlytics looked at the firm management data in terms of percentage change of published notices year on year 2018/2019, the areas showing the greatest increases are: data privacy, IT governance and cybersecurity, risk management, supervision and systems and controls. Additionally, the failure of firms to meet their obligations on firm management continues to have considerable rates of enforcement.


The information shows that even though many firms have adopted and implemented more robust operational models and new technologies, in order to keep up with regulatory compliance, there is still some way to go to be fully compliant. With regulators continuing to take a tough stance on non-compliance, it would appear that compliance departments will be required to divert greater resources to improve controls in the area of firm management.

Technology solutions to assist in regulatory optimisation have been growing in popularity, but the on-going pandemic has seen many new challenges emerge and these are now running side by side with the already on-going need to manage regulatory efficiency. Regulators will be looking for firms to implement regulatory guidance and implement market best practice, and will be watching to see just how resilient firms are in the face of this turbulent period.

“When there is wrongdoing in a firm today the regulator is not just interested in the wrongdoing, but in the adequacy of the firm’s systems and controls. What were the systems in place around supervision and how robust was the firm’s risk mitigation strategy?” explains John Byrne, CEO Corlytics.

If historic regulatory data regularly reinforces the ‘night follows day’ analogy of a year of published regulatory notices being followed by a year of enforcement of that notice type, we will have to see if it remains the same in 2021 after an extraordinary 2020.


Please contact us if you would like any further information on our data or our solutions.


Click here to see other articles