More than half of all the fines handed out to financial services firms by the Financial Services Authority last year were a result of weak risk management systems, according to the Chartered Institute of Internal Auditors.
Research published by the professional body this week shows that 60% of the fines levied by the regulator in 2011 were either entirely or substantially due to weaknesses in the risk management of those businesses. This compares to 55% in 2010.
According to the CIIA's research, lapses in risk management and internal control systems cost financial firms £38.5m in fines last year.
The CIIA's figures represent a proportion of the total fines levied by the FSA by number where breaches of Principle Three were cited as the only or contributing factor. Principle Three requires financial services firms to have proper controls and risk management systems in place.
Dr Ian Peters, chief executive of the institute, said the scale of the fines in this area was intended to send a 'clear signal' to the market that the management of risk by financial services firms was a key issue for the FSA.
'The message for
firms is that ineffective risk management and systems of internal control will
be taken very seriously by the regulator,' he said.
According to the CIIA, regulatory bodies are asking financial services firms to
make better use of their internal audit function in order to help manage the
sector's risks. Internal auditors help organisations to manage all the risks
facing them, and aim to identify risk issues before they become a problem.
'Regulators and politicians are demanding far higher standards of risk management, internal control and corporate governance within the financial services sector in order to rebuild consumer confidence and lessen the risk to the public finances.'
Among the areas where the FSA has reviewed for weak risk management systems are anti-money laundering controls, the ring fencing of client assets and the provision of advice on products to customers.