Emerging trends in Guernsey regulatory enforcement:

Regulatory enforcement in Guernsey has evolved markedly over recent years. While the underlying principles of supervision and compliance remain familiar, the way in which enforcement action is framed, investigated and pursued has shifted.

At a recent seminar attended by professionals from across Guernsey’s financial services sectors, Abel Lyall and Christopher Edwards of Mourant outlined recent cases which demonstrated an increasingly forensic focus on governance, operating models and decision making, rather than isolated technical breaches.

The event also highlighted that understanding these trends is essential for boards, senior management and compliance professionals, not only to reduce regulatory risk but also to respond effectively if enforcement action arises.

From Technical Breach to Structural Failure

One of the most striking recent trends is that the Guernsey Financial Services Commission (GFSC) continues to move away from viewing noncompliance as an individual or series of isolated failings.

Enforcement action increasingly examines whether a firm’s operating model was ever capable of meeting regulatory requirements. The question is no longer simply “were the rules followed”, but “was the firm set up in a way that made compliance achievable?”

A recurring theme is misalignment between how firms view their own risk profile versus how the regulator views it. This includes the regulated business’ understanding of their products, risks associated with outsourcing, and whether risk management processes are adequately resourced.

Where this misalignment exists, even well intentioned controls may be judged insufficient because they are built on the what the regulator would view as an inadequate assessment of risk.

Outsourcing continues to feature prominently in enforcement action. While outsourcing is not inherently problematic, regulators are increasingly critical where key regulated functions are delegated without sufficient oversight, understanding or retained control.

The goal for the regulator is to ensure that licensed businesses did not become empty shells relying on group entities or third parties for compliance, client due diligence or investment decisions without proper oversight or influence.

Firms must be able to explain, evidence and defend how outsourced functions operate.  Documenting the decision to outsource and the processes followed is key to avoiding escalation of regulatory intervention.

AML failings remain a central enforcement focus, but again the emphasis has shifted from isolated errors to systemic weaknesses. Late or inadequate suspicious activity reports (SARs), poor narratives and weak documentation are increasingly viewed as symptoms of a flawed AML framework rather than standalone lapses.

Similarly, client take on failures, such as incomplete client due diligence, delayed verification or absence of proper risk assessments, are treated as indicators of structural weakness. A ‘CDD later’ approach, even where eventually rectified, is unlikely to find regulatory sympathy.

Governance has emerged as the multiplier that turns technical failings into enforcement action. Boards that fail to understand the business they oversee, rely uncritically on historic practices or ‘soft’ reporting, or defer to dominant individuals expose themselves to heightened regulatory risk.

Avoiding Regulatory Enforcement

The only surefire way to successfully manage enforcement is to avoid it all together. Edwards gave the audience the following advice:

• Documentation is essential. If a decision can be evidenced it is more likely to be defensible, even years later. Regulators routinely assess conduct from five to ten years prior, often after key individuals have left.
• Invest in appropriate training. While efficient, generic or online training often fails to change behaviour. Regulators increasingly expect evidence that staff understand and apply policies in practice. In-person training is essential in this case.
• Get an external perspective. A review by an external expert can give insight into processes and interrogate decisions objectively, before issues are allowed to take hold. It is also possible to benchmark procedures against the rest of the industry.
• Resource effectively. A strong assurance framework is only as strong as it is well-resourced. Ensuring the right controls are in place, and that they are adhered to is key.

Managing the Enforcement Process

Despite best efforts, some firms will find themselves subject to enforcement action. How that process is managed can materially affect outcomes.

The earliest stage, when the process is still within supervision rather than enforcement, is critical. Firms should engage proactively, demonstrate they understand the issue, and present a credible plan with appropriate resources. Regulators respond far more positively to licenced businesses that can say ‘we have identified the problem and here is how we are fixing it’, rather than simply reporting an issue without a solution, or worse, waiting for the issue to become unfixable.

Once a matter is referred to enforcement, it should be approached with the seriousness of court proceedings. Information requests are increasingly broad and intrusive, often extending to full email inboxes of current and former employees. First impressions matter, and enforcement teams can form preliminary views based on these materials. It can be difficult to change this view, requiring concerted effort at the interview stage.

This is where specialist advisers add significant value. Firms such as Mourant combine deep regulatory knowledge with litigation expertise, enabling clients to manage disclosure strategically, prepare employees for interviews effectively and protect both corporate and individual interests throughout the process.

Cooperation is essential. After all, in almost all cases there is an underlying reason a business has ended up in this situation and therefore there will be an issue that needs to be dealt with. However, cooperation does not mean accepting everything the regulator requests or suggests without challenge.

One of the most difficult aspects of enforcement is resisting pressure to proceed informally or without legal support. Having advisers who understand the regulator’s approach, expectations and internal dynamics is a significant advantage and will ensure that the firm is in the best position to remedy the issue.

The remediation phase is then just as important. Many enforcement cases result in well intentioned remediation plans which then lose momentum. If regulators revisit the same issues years later, the narrative will inevitably shift from capability gaps to governance and integrity concerns.

Plan for the future

Regulatory enforcement is unlikely to become less demanding.

Firms that understand emerging trends, and work with advisers who do, will be far better positioned to navigate the risks and protect their business, reputation and people.

Mourant’s approach is not limited to reactive defence. The firm regularly advises boards and compliance teams on governance frameworks, outsourcing models, AML systems and remediation programmes, helping clients identify and address issues before they escalate into enforcement.