NOTE: This article originally appeared on Law360.com on February 28, 2017.

On Feb. 13, 2017, John Griffith-Jones, chairman of the U.K. Financial Conduct Authority, delivered a speech to the Cambridge Judge Business School at the University of Cambridge entitled "What makes good conduct regulation?"

For the head of an organization itself charged with regulating conduct, this was a tricky brief. As it happened, Griffith-Jones’ speech avoided straying too far into an appraisal of the FCA’s own successes and failures as a regulator, and remained fairly high level. However there were still one or two areas in which he provided some insight into what role the FCA will play in "good conduct regulation" in the future.

Griffith-Jones identified five "building blocks" for good conduct regulation, which apply more widely than just in the financial services industry:

• government policy
• a clear set of objectives for the regulator, and a clear perimeter of coverage
• a well-developed and shared understanding of risk tolerance
• operational excellence
• measurement of inputs, outputs and outcomes, and transparency of results

Taking each of these building blocks in turn, on government policy, Griffith-Jones acknowledged that the U.K.’s decision to leave the European Union would require both government and regulator to "step back to reflect on what we have, and to step forward with what we need." However, his thoughts on the division of this labor were clear: "[p]olicy is for elected government not for the regulator." In this section of the speech, he was clearly casting the regulator in a supporting role, in which it implements but does not devise policy. The consequence of this, as Griffith-Jones points out, is that regulators need clear policy in order to be effective.

The section of the speech devoted to "objectives and perimeters" hinted at the FCA’s ever-expanding scope of work, apparently made worse in light of (to borrow Griffith-Jones’ dramatic turn of phrase) the "remorseless march of technology." He uses the examples of the Libor-setting process falling outside the then-FSA’s perimeter to demonstrate this (although given the fact that Libor spent several decades outside the remit of any conduct regulator, it is questionable how "remorseless" this development really was), as well as more exotic new technology in financial services such as the use of artificial intelligence, and "robo-advice." This message is not a new one, and points to the perennial problem for the regulator more generally: how to prevent a problem before it happens, rather than papering over the cracks retrospectively with more regulation.

Griffith-Jones struck an apologetic tone on the subject of "risk tolerance," acknowledging that conduct regulation will inevitably involve a certain amount of "acceptable" detriment: "for some regulation there is a natural zero tolerance regime ... but this cannot be the case for conduct regulation." He described efforts by the FCA to address issues both ex ante and ex post, citing PPI as a costly example of the former’s superiority over the latter.

Griffith-Jones identified "effective deterrence" as the key to his fourth building block of "operational excellence." He was cautiously positive about the success of the FCA’s senior managers regime (“SMR”), and in particular the way in which it purportedly aligns the interest of senior managers with those of the regulator. This might point to similar models being introduced in the future in other sectors, encouraging the individual or the firm to become more "self-regulating" by aligning interests in a similar way with those of the regulator. This should, as Griffith-Jones points out, decrease the increasingly significant burden on regulators to monitor and supervise conduct, at a relatively low cost. This sounds promising in theory, although the FCA will want to give SMR longer to bed in before declaring this kind of self-monitoring in the financial services industry an unqualified triumph. In particular, the scheme has not been tested in any meaningful way through an enforcement action. It therefore remains to be seen whether the challenges of attributing responsibility, as revealed in the case of John Pottage v. FSA, have practically and robustly been addressed.

Griffith-Jones rounded off his speech with his final building block: "measurement and transparency." He cited the three key principles for measuring regulators’ success from a National Audit Office paper — economy efficiency and effectiveness — and concluded somewhat timidly that it is too early to tell if the FCA has, in its lifetime, been successful by any of these measures.

Reading between the lines, Griffith-Jones hints at the FCA’s possible direction of travel: an increased focus on effective deterrence through individual responsibility, an emphasis on preventative action, a clearer set of objectives and boundaries for the regulator, and a government policy framework on which effective regulation can be implemented. These are grand ambitions, but in concrete terms Griffith-Jones has promised very little, instead cautioning that "[w]e should be ambitious for our future, if a little patient with our rate of progress." Arguably, as the FCA enters its fifth year of existence, the time for patience has come and gone, and the time for "measurement and transparency" has arrived.