Target Newsletter - Issue 186 February 2023

• Many plans detailed clear arrangements for ongoing scrutiny of their firms’ implementation work by the board, executive and their audit risk functions. For example, by making the Duty a standing agenda item at key governance forums and through plans for independent reviews of implementation work by risk and other compliance or internal audit functions. ◊ The FCA also saw evidence of firms involving risk and compliance and internal audit teams in a timely way, including: ◊ Frank assessments by these teams of current risks to successful and timely delivery. ◊ Assurance of the effectiveness of controls in place over Duty implementation. ◊ Planned assurance work before the deadline on implementation, with immediate and further assurance work planned after the deadline. • Some firms had established central co ordinating forums to drive consistency in interpreting the Duty across different

business functions, or for co-ordinating required changes to systems and technology across workstreams. Areas for improvement • The FCA identified plans that gave little detail on who is leading the overall implementation programme and who was responsible for it. • In some cases, there was more limited evidence that the firms’ boards and committees had properly scrutinised and challenged plans. In one example there was no evidence of engagement with the firms’ Chair or non-executive directors and the board only asked one question before approving the plan. In another example the board minutes showed that the plan was approved without discussion. • Some plans gave no timings to actions required.

Continued on next page...

7 TARGET NEWSLETTER