We are enhancing our approach to risk-based supervision so that we allocate our resources to areas or firms which are higher risk.
We do not seek to eliminate risk completely, but to make the best use of our limited resources to proactively reduce risk to an acceptable level.
We also take an explicitly non-zero failure approach to regulation, meaning we do not seek to prevent every harm from occurring, choosing instead to allow greater flexibility for firms to operate freely, and in the best economic interests of Jersey as long as risks remain within tolerable levels.
In the course of letting firms operate freely, risks will crystalise that fall both within and outside our tolerance. When they occur our focus will be recovery, prevention of repetition and action in respect of any regulatory breach.
These are the risks that relate to a firms’ operations and arise from its people, policies, processes and systems. Although they can be a regulatory breach, causal risks are not always associated with any harm that can impact on the Guiding Principles.
Example: a firm may be in financial distress for some time, without any direct harm to its customers, and may eventually trade its way out of difficulty.
We assess risk by the combination of impact (the potential harm that could be caused) and probability (the likelihood of a particular risk occurring).
In our risk-based approach, impact and probability are combined to give a measure of the overall risk posed to our Guiding Principles. We then compare this assessment to our appetite for risk to prioritise and select the appropriate response.
We typically consider risk at an individual, entity and thematic level. In some cases, risks may already have occurred, meaning that we actually assess and respond to the consequences rather than the potential harm posed by a risk.
A key advantage to taking a risk-based approach is that it enables us to become much more proactive, identifying and tackling risks before they occur, rather than acting retrospectively once harm has arisen.
Consistent assessment, across the broad spectrum of risks that we monitor, is essential to ensure that our action is targeted proportionately at controlling the risks that we will not tolerate.