Aiming at different targets? An update on ARROW outcomes

The FSA's recent Smaller Wholesale Insurance Intermediaries newsletter contains some interesting observations on ARROW visits it has carried out recently.

But most surprising is the selection of key issues on which the FSA has focussed: business continuity planning, data security, business transformation programmes and persons of good repute.

It's not that these topics are strangers to legal and compliance teams in the industry. With the impending Olympic Games, London-based firms will inevitably be thinking about the impact on business continuity next summer. To that end, firms with computer systems which are currently capable of accommodating just a small proportion of staff working off site may need to reconsider their network requirements. But business continuity planning has not otherwise been seen as a particularly hot topic in recent times.  The same can be said for data security (notwithstanding a number of high profile data breaches over the past year). Regulated firms should by now have adequate systems and controls in place to cover all of these risks.

In contrast, from our own experiences in preparing firms for their ARROW visits this year, the FSA has instead been far more focused on issues of corporate governance, capital adequacy and preparations for Solvency II. Questions posed at interviews with a range of individuals across the firms have demonstrated the FSA's desire to see real depth of understanding in these areas. We have seen very few questions asked on the topics set out in the newsletter.