Online Event: Down with Privacy, Long live Privacy

Posted on

Join us on Wednesday 14th October – 18:00 – 19:30

REGISTER HERE

This online webinar is hosted by Data Research, Access & Governance Network (DRAG*N) with presentations from Felix Ritchie (UWE Bristol) who will present on the newly formed DRAG*N Research Group and Darian Meacham (Maastricht University, Netherlands) who will present ‘Down with Privacy, Long Live Privacy’.

Privacy remains a central concern in deployment of data-sharing technologies. These concerns have been addressed in various ways, from glib “nothing to fear if nothing to hide” attitudes, to serious undertakings toward the development of privacy preserving technologies in federated learning environments (for example). Privacy is often understood in terms of a trade-off that citizens make in exchange for convenience or other forms of utility. In this presentation, I will look at the meaning of privacy in relation to informational asymmetry and governance. I argue that by examining this key concern through the lens of these related concepts, we can get a better grasp of what’s at stake in caring for privacy. 

More about the speaker:

Darian Meacham is Assistant Professor of Philosophy at Maastricht University in the Netherlands and Principle Investigator for Ethics and Responsible Innovation at the Brightlands Institute for Smart Society (BISS). His research focuses on techno-political change: how technological developments transform our political world and the ideas that we use to describe it. He is editor of the Journal of the British Society for Phenomenology. 

All are welcome to this FREE Webinar, please click the link below to register your interest!

REGISTER HERE


Event Summary: Rules vs Principles-based Regulations, what can we learn from different professions?

Posted on

Bristol Centre for Economics and Finance hosted an online event on 28th May 2020: Rules vs. Principles-based Regulation: What can we learn from different professions? Below is a summary and recording of each session.

Session 1: Data regulation 

Lizzie Green at UWE introduced the principles-based approach to data governance. She noted that protecting data is easy: just hide it in a big metal box. More difficult is protecting it while simultaneously extracting value from it. A rules-based approach offers clarity and consistency, but it can run into problems: humans are good at finding interpreting ambiguity for their own benefit, sometimes just for the pleasure of getting round a restriction. A principles-based approach gets round this, but it introduces uncertainty which can be hard to manage. One way to do this is to map principles to accreditation procedures, using frameworks such as the Five Safes. 

Felix Ritchie, also of UWE, described experiences of regulation in the UK and Australia. In the UK, this has been an evolutionary model, from a ‘default-closed’ perspective at the start of the century in a context set by a law from 1948, through two pieces of legislation and a shift in attitudes towards a default-open model. In contrast, the Australian federal government took a conscious decision to bring in the default-open principles-based models that had evolved slowly elsewhere. As public perceptions and discussion of data governance in these countries differ substantially, the contrast between the Australian and UK approach will be informative to a great many countries.  

Martin Hickley, Director of Martin Hickley Data Solutions, discussed private sector models of regulation. Focused on the Data Protection Impact Assessment carried out for the Covid-19 tracking app being trialled on the Isle of Wight. He argued that the DPIA is significantly flawed, and appears to have been completed as a check-box exercise rather than understanding the risk-based context. This is one of the problems of rules-based regulation. In contrast the principles-based approach calls for transparency, active scrutiny and debate – which are hard but necessary for robust solutions. 

Finally, Luk Arbuckle, Chief Methodologist of Privacy Analytics, discussed US health data regulation. He demonstrated that the HIPAA guidance includes both rules-based and principles-based regulation. The safe harbour regulations are rules based: comprehensive and easy to follow, but, most importantly, with a catch-all of “actual knowledge”. This brings in flexibility, but can lead to uncertainty; but overall, it means that the safe harbour rules are easily applied. In contrast, the ‘expert determination’ of the level of protection in the data is explicitly principles-based, relying on trained experts to make informed judgements based on “generally accepted statistical and scientific principles”.  In contrasting the two models, he noted that the safe harbour model demonstrates one of the problems of rules-based regulation – that it is more likely to become out of date as it reflects the context in which it was written. 

The ensuing discussion initially focused on the expertise needed in a principles-based environment: how for example do you enforce the principle “drive safely” without training people to understand what this means? More deeply, do we over-estimate the value of principles-based models because we are all ‘experts’ in this field in some way? Finally, how do we make sure that we have enough experts to do principles-based? Rules are very efficient in making sure a lot of people carry out a lot of activity adequately, and perhaps expertise isn’t needed all the time. Moreover, evidence suggests that a basic level of ‘expert knowledge’ can be instilled quite easily, in many different environments. 

A number of participants also suggested that the implementation matters. Some organisations claimed to be principles-based and but are actually rules-based, and there is always an incentive to turn compliance into a tick-box exercise. Perhaps there is a need to accept that encouraging positive behaviour via checkboxes might be a less-worst option than over-estimating people’s willingness to become experts. Understanding the threat environment is key, because all options are a subjective balance of risks. A mix of rules implementing overarching principles may be the preferred outcome. Conceptual frameworks have an important role to play in   developing the context. 

Finally, the discussion considered whether there is a difference between the public and private sector. There do seem to be different incentives (what is important) as well as different disincentives (what punishments are being avoided), and perhaps also a different way of assessing costs and benefits. However, there wasn’t a consensus as to whether this limits the options for public-private co-operative projects. 

Overall, the session concluded that while the principles-based models has many advantages (principally, flexibility in context and application, and efficiency), it does pre-suppose an ability to get agreement on /train individuals in those principles. Moreover, a badly-designed principles-based system doesn’t avoid box-ticking, especially for untrained users. In practice, an element of rules within an overall principles-based approach can offer efficiency gains, whilst not sacrificing the gains from a recognition of principles. Ultimately this is a balance-of-risks decision, and so understanding the risk environment (including human behaviour) is central to a well-designed system. 

WATCH RECORDING OF SESSION 1 HERE

Session 2: Regulation in UK financial markets and accounting 

Paul Keenan, of Keenan Regulatory Consulting and visiting Professor at UWE, introduced the two-pronged approach in UK financial markets. Following on from an initial simple principle (‘My word is my bond’) an extensive rulebook has been developed, leading to the current system of higher-level principles backed up by rules. In practice, he explained, when the regulator takes actions against market participants, they look at rule breaches and whether the interpretation of the rule led to a breach of a principle. Essentially, the regulator considers the firm’s understanding and interpretation of the rules to be in breach of the principles. So even if the rules have been broken the action taken, i.e. the fine imposed, is based on the principles. 

Bryan Foss, Digital Non-Executive Director, Risk & Audit Chair, and also visiting Professor at UWE, reflected on the need for, and implementation of, regulation. He argued that regulators should work with stakeholders to develop effective regulation, and that flexibility to change with circumstances over time is a key point for adequate regulation. Principles are therefore generally better suited by allowing scope for differences, innovation, easier revision or withdrawal. Fundamentally, however, both approaches require transparency, accountability, and stakeholder oversight to make them work. He also noted that there tends to be a lot of social pressure at the moment to increase the rules, and the UK regulator looking to bring in aspects of US rules-based elements, despite practitioners recognising the advantages of principles. 

Florian Meier of UWE discussed the self-regulation and enforcement approach used by UK professional accounting bodies. Members are subject to both professional regulations and principles-based codes of ethics, with the key component being the ethical principles. Self-regulation, however, raises a number of challenges which do cast some doubt on the effectiveness of enforcement. Ismail Adelopo, also of UWE, highlighted how corporate governance exhibits a clear split along a geographical line: The UK uses principles and the US uses rules, each having evolved from their historical contexts over time to each address specific situations and needs. The UK approach relies heavily on investors’ active involvement as a key factor in ensuring compliance and enforcement, but this leads to challenges such as: What if investors don’t play along and simply sell non-compliant firms instead of engaging with them? Who enforces compliance if everybody sells, or the market simply doesn’t care? 

The discussion focused largely on questions surrounding enforcement and effectiveness of approaches. Starting with the area of financial market regulations, the initial debate around appropriateness of fines quickly turned to looking at the broader aspect of penalties: As firms seem to increasingly consider fines as cost of doing business, maybe the focus then should be much more on the personal accountability of individuals? In this context the measure of imposing a ‘stop trading’ order on an individual or firm was brought up. Those can be more important than a simple fine since they may even lead to the closing of a firm or ending a career. Given those potentially severe consequences, robust processes to defend yourself or the firm against the regulator (if the regulator is wrong) are therefore seen as essential.  

Another interesting point brought up was that the market regulator’s approach seems to have shifted over the years from being rather heavy-handed and punitive in the past to a much more constructive approach: They are increasingly working with firms and affected individuals to help them improve and change to become better.  

In the area of corporate governance, the discussion touched upon shortcomings of the current UK approach and brought up ideas for improvement. For instance, it questioned the reliance of UK enforcement on investors and pointed to significant shortcomings. For one, the fact that it is essentially being left to the major shareholders to hold the firms to account or take them to the courts was raised as a concern. Unless in line with the majority, the minority shareholders’ interests get disregarded. They lack the resources to fight for their interests, so what recourse do they have other than either accepting this or selling the shares?  

Another concern of growing future significance was raised about pension funds and them increasingly making big investments in private firms. The corporate governance code does not apply to unlisted firms, and as such firms are not easy to divest from, pension funds are therefore probably even more dependent on good corporate governance. The question then becomes: How effective can those investors’ interests be protected, which are ultimately future pensioners? Further, the issue of what constitutes an appropriate penalty was raised and whether the UK has reached an appropriate balance. Especially as firms are often repeat offenders, doubts were expressed whether this can be solved without having a major overhaul to implement a robust regime. On that note, a suggestion was made to maybe learn from other countries, e.g. Australia, where the regulator has powers in regards to corporate governance and can intervene (unlike the UK). 

WATCH RECORDING OF SESSION 2 HERE

Session 3: Legal perspective and non-financial regulation 

Nicholas Ryder of UWE introduced the area of terrorism financing and the successful UK approach to combat it. He first described the current Anti Money Laundering (AML) regulations as fundamentally flawed to deal with terrorism financing, as the legal framework and international banks’ practice (‘soft law recommendations’) target the proceeds of crime, whereas terrorism financing is ‘reverse money laundering’ where no profits are made. By contrast, the more recent UK Joint Money Laundering Intelligence Task Force, a public/private partnership (PPP) with the financial sector, has been quite successful in detecting illegal fund flows and identifying funding patterns. Having been recognised as one of the best international examples of public and private cooperation, other countries have now adopted a similar model. Nicholas suggested that a PPP as opposed to a legal principles-based approach this task force could possibly be the way forward. 

Jaya Chakrabarti, CEO of Semantrica (tiscreport), introduced the TISC report (Transparency In Supply Chains) as a repository for measuring compliance with the UK Modern Slavery Act, along with numerous other financial risk and compliance datasets. She pointed out that, despite the level of compliance required being very low, a lot of companies still don’t provide a statement, and only a fraction of all organisations meet all of the minimum compliance criteria. The frequently observed low quality of data provided by firms poses a challenge to effective reporting. It makes acting on it difficult and thereby enables continued corporate misbehaviour. Further, enforcement seems to be largely non-existent despite potentially severe consequences for non-compliance, thus giving firms no ‘incentive’ to comply. As a way forward, while proper enforcement would be a key pillar for better effectiveness, she also presented some suggestions for modifying corporate behaviour that do not require government regulations and enforcement.  

The discussion mainly centred around enforcement and detection of illegal behaviour. The initial debate on the potential future role of Blockchain applications to certify and trace supply chains to aid transparency quickly turned to the key importance of getting the public sector and the key stakeholders on board to actively pursue enforcement. The public sector was lauded for already actively tracking their suppliers and ensuring compliance, with in particular local governments being very active and frequently working with their suppliers to increase levels of compliance. It was argued that a stumbling block to better enforcement was public bodies’ frequent inaction, even if they have the data, because they don’t know how to deal with it in their enforcement. Further, a general lack of enforcement and disinterest shown by the major stakeholders in various areas of regulation was flagged as a key problem. Using insurers as leverage to enforce better compliance was floated as an idea: that is, refusing professional indemnity insurance for cases of illegal company illegal behaviour, although doubts were also expressed about insurers’ willingness to get involved.  

The discussion then moved on to financial crime and the detection of illegal behaviour. First, the big problem of increasing so-called ‘micro-terrorism’ relying on very simple methods and small amounts which makes identifying individuals and prevent small attacks almost impossible, was pointed out. Regardless of approach (rules or principles), the view was that you can never stop all money laundering or financial crime, comparing it to ‘plugging a hole in a dam with plasticine’. The ‘risk-based approach’, as embodied in international laws and international best practice, to try to identify which businesses are more susceptible to fraud or money laundering, was seen as the best option. On fraud detection, the inability of the current self-reporting nature of verifying compliance with both the slavery act and the bribery act was flagged as a major weakness, with ample evidence from banking regulation showing the approach is not working. Examples from financial services were suggested to introduce accountability as a potential solution to the problem: In some roles, such as money laundering officers, individuals are accountable for self-reporting, so they take it very seriously. Hence non-reporting by the firm puts heavy pressure on that person, which may turn them into ‘whistle-blowers’.  

WATCH RECORDING OF SESSION 3 HERE

‘Five Safes’ or ‘One Plus Four Safes’? Musing on project purpose

Posted on

by Felix Ritchie and Francesco Tava

A recent working paper discusses the ‘Fives Safes’ framework for confidential data governance and management. This splits planning into a number of separate but related topics:

  • safe project: is this an appropriate use of the data? Is there a public benefit, or excessive risk?
  • safe people: who will be using the data? What skills do they have?
  • safe setting: how will the data be accessed? Are there limits on transferring it?
  • safe data: can the detail in the data be reduced without excessively limiting its usefulness?
  • safe outputs: is confidentiality protected in products such as tables of statistics?

This framework has been widely adopted, particularly in government, both as a practical guide (eg  this one ) and as a basis for legislation (eg the UK Digital Economy Act or the South Australia data sharing legislation

As a practical guide, there is one obvious limitation. There is no hierarchy among the ‘safes’, and they are all interrelated; so which should you put most emphasis on?

We use the Five Safes to structure courses in confidential data management. One of the exercises asks the attendees to rank them as ‘what should we be most/least concerned with?’ The point of the exercise is not to come up with a definitive ranking, but to get the attendees to think about how different elements might matter in different circumstances.

This exercise generates much discussion. Over the years, we have had participants putting forward good arguments for each of the Five Safes as being the most important. Traditionally, and in the academic literature, Safe Data is seen as the most important: reduce inherent risk in the data, and all your problems go away. In contrast, in the ‘user centred’ planning we now advocate (eg here], Safe People is key: know who your users are, and design ethical processes, IT systems, training and procedures for them.

When training, this is the line we usually take, because we are training people to use systems which have already been designed. The aim of the training is to help people understand the community they are part of. Our views are therefore coloured by the need to work within existing systems.

Our thinking on this has been challenged by the developments in Australia. The Australian federal government is proposing a cross-government data sharing strategy based on the ‘Australian Data Sharing Principles’ (ADSPs). The ADSPs are based on the Five Safes but designed as a detailed practical guide to Australian government departments looking to share data for analysis. As part of the legislative process, the Australian government has engaged in an extensive consultation since 2018, including public user groups, privacy advocates, IT specialists, the security services, lawyers, academic researchers, health services, the Information Commissioner, and the media.

Most of the concerns about data sharing arising in the consultation centre on the ‘safe project’ aspect. Typical questions that cropped up frequently included:

  • How do we know the data sharing will be legal/appropriate/ethical?
  • Who decides what is in the ‘public interest’?
  • How do you prevent shared data, approved for one purpose, being passed on or re-used for another purpose without approval?
  • What sort of people will we allow to use the data? Should we trust them?
  • What will happen to the data once the sharing is no longer necessary? How is legacy data managed?
  • Do we need to lay down detailed rules, or can we allow for flexible adherence to principles?
  • Where are the checks and balances for all these processes?

These are all questions which need to be addressed at the design stage: define the project scope, users and duration, and then assess whether the likely benefits outweigh costs and reasonable risks. If this can’t be done… why would you take the project any further?

Similarly, in recent correspondence with a consulting firm, it emerged that a key part of their advice to firms on data sharing is about use: the lawfulness of the data sharing is relatively easy to establish – once you have established the uses to which that shared data will be put. Some organisations have argued that there should be an additional ‘safe’ just to highlight the legal obligations.

This is particularly pertinent for data sharing in the public sector, where organisations face continual scrutiny over the appropriate use of public money. A clear statement of purpose and net benefits at the beginning of any project can make a substantial difference to the acceptability of the project. And whilst well-designed and well-run projects tend to be ignored by people not involved, failures in public data sharing (eg Robodebt or care.data) tend to have negative repercussions far beyond the original problems.

This is not the only concern facing data holders in a digital age of multi-source data. Handling confidential data always involves costs and benefits. Traditional approaches that focus on Safe Data identify the data holder as the relevant metric for these costs and benefit. A recent paper shows how this vision is at odds with the most recent developments in the information society that we live in. Consider the use of social media in research: is any of the actions by the author, the distributor or the researcher sufficient in itself to establish the moral authority of an end use? In this modified context, traditional ethical notions such as individual agency and moral responsibility are gradually substituted by a framework of distributed morality, whereby multiagent systems (multiple human interactions, filtered and possibly extended by technology) are responsible for big morally-loaded actions that take place in today’s society (see on this).

In this complex scenario, taking the data holder as the only arbiter of data governance might be counterproductive, insofar as practices that are morally neutral for the data holder (for example, refusing to consider data sharing) could damage the multiagent infrastructure which that data holder is part of (eg limiting incentives to participate). On the other hand, practices that can cause a minor damage to one of the agents (such as reputational risk for the data holder) could lead to major collective advantages, whose attainment would justify that minor damage, and make acceptable on a societal basis.

In order to minimise the risks, an innovative data management approach should look at the web of collective and societal bonds that links together data owners and users. In practice, this means that decision-making regarding confidential data management will not be grounded on the individual agency and responsibility of individual agents, but will rather correspond to a balance of subjective probabilities. On these premises, focusing on the Safe Project makes pre-eminent the notion that data should be made available for research purposes if the expected benefit to society outweighs the potential loss of privacy for the individual. The most challenging question is, of course, how to calculate this benefit, when so many of the costs and benefits are unmeasurable.

And this is the difference between Safe Projects and the others. ‘Safe projects’ addresses the big conceptual questions. Safe people, safe settings and safe outputs are about the systems and procedure to implement those concepts, whilst Safe Data is the residual (select an appropriate level of detail once the context is defined). So rather than Five Safes perhaps there should be One Plus Four Safes…

About the authors

Felix Ritchie is Professor of Applied Economics in the department of Accounting Economics and Finance

Francesco Tava is Senior Lecturer in Philosophy in the Department of Health and Applied Social Sciences

Invitation to sit with the Wage & Employment Dynamics (WED) Team

Posted on

You’re invited to sit with the Wage & Employment Dynamics (WED) team on
27 July 2020 at 10:30 am – 11:00 am.

The WED project is building new data that will increase our understanding of how people’s wages progress through their career. At the project’s core is the development of a new version of the Annual Survey of Hours and Earnings (ASHE) dataset, which is being linked to various other official datasets (e.g. Census) for public use. The linked dataset will enable new research on a wide range of wage and employment issues, from labour market entry, through job mobility and career progression to retirement. In this introduction, Professor Felix Ritchie will outline the intended outputs from the project and explain how researchers and analysts will be able to access the resulting data.

Register your interest in attending here.

Energy Contagion in the COVID-19 Crisis

Posted on

By Reinhold Heinlein

At the time of the COVID-19 crisis, the oil market has suffered an unprecedented crisis, with the WTI crude oil price dropping into negative territory (-$37.63 per barrel) in April 2020. At the same time, the oil/stock market nexus is not clear cut and limited studies have considered the impact of crises in the oil market. A new working paper by researchers at UWE, Keele and Portsmouth investigates this unique situation.

Using a high frequency dataset (collected at intervals of 5 minutes), for a selected sample of oil importing and exporting countries across G7, BRICS and Scandinavian economies, we demonstrate the existence of an energy contagion, in terms of a consistently higher interdependence between stock markets and the crude-oil market during the COVID-19 driven oil crisis. Such results applies to all countries in our sample, although oil exporters are shown to have been hit more heavily, with Russia exhibiting the highest contagion.

Overall, our results confirm the importance of crude oil on stock markets, which have been shown to behave as a market of one during the recent crisis.

Reference and link: Reinhold Heinlein (Bristol Business School) is currently researching on the link between crude oil prices and stock markets during the COVID-19 pandemic, in a new paper, “Energy Contagion in the COVID-19 Crisis” written with Gabriella Legrenzi (Keele University) and Scott Mahadeo (Portsmouth University) and published in the CESifo Working Paper series No. 8345.

View the full working paper here.

Bringing Together Data to provide insights into Earnings & Employment

Posted on

The Wage and Employment Dynamics (WED) project aims to bring together data to provide insights into the dynamics of earnings and employment. The aim is to do this by integrating data across individuals across years, jobs, income sources and employers. This is a large project, with significant potential to improve our understanding of wage and employment issues from labour market entry, through job mobility and career progression to retirement decisions.

A team of researchers from UWE, University of London (CUL), UCL, and the National Institute of Economic and Social Research (NIESR) will create a wage and employment spine to do just this. We will train users on the spine and generate research findings of direct interest to policy makers. 

This will entail analysis of:

  • Employment: focusing on the drivers of hourly wages, part- and full-time employment, self-employment, underemployment, and retirement decisions
  • Households: focusing on the structure of households and household resources and the way they affect participation in the labour market, including child care, retirement decisions, and the impact of Universal Credit (UC)
  • Employer perspectives: focusing on how workers achieve wage growth both within and across firms, and how employers react to changing labour market conditions, such as shifts in skills, demand, technology and minimum wages.

At the heart of the project is the Annual Survey of Hours and Earnings (ASHE) and New Earnings Survey (NES). These survey datasets derive from a 1% sample of all employees in employment and will be developed to provide a truly longitudinal research resource. An ASHE/NES dataset which has longitudinal integrity across workers and jobs, with consistent referencing across data sets and time, will constitute a valuable research asset in its own right.

In addition, we aim to undertake six major linkage projects, in which we will create robust, documented linkages between the employee records contained in ASHE and data on:

  • enterprises and establishments – contained in the Interdepartmental Business Register, (IDBR);
  • personal and household characteristics – contained in the 2011 Census;
  • educational attainment – contained in HESA (Higher Education Student data);
  • benefit history – contained in DWP benefit records;
  • pay records – contained in HMRC PAYE data;
  • self-employment income – contained in HMRC Self Assessment (SA) records.

Through these various linking projects, we aim to create a core data set which allows integrated analysis of all forms of income across working lives, with the capacity to address a wide range of future analytical requirements. The end goal of the project is to turn this fully-linked dataset into a sustainable ‘wage and employment spine’ (WES), so that researchers no longer need to create new linkages each time. The linked data will be used for research purposes within the project itself, but the spine will form an ongoing resource for researchers. The intention is for the WES to form the basis for linked-data projects beyond 2022, both for academics and government agencies.

To find out more visit the WED website or sign up to their newsletter.

Online Event: Rules vs. Principles-based Regulation: What can we learn from different professions?

Posted on

Bristol Centre for Economics and Finance is hosting an online event on 28th May 2020: Rules vs. Principles-based Regulation: What can we learn from different professions?

There is an active debate in many disciplines about the most appropriate approach to regulation and enforcement. The workshop intends to bring together participants from different disciplines to provide an overview of the predominant approaches, along with the respective debates, experiences, and challenges. Common experiences and core issues can be identified.

The workshop aims to spark debate about regulation and whether we, across disciplines, could respond differently to the challenges we face and find novel ways to more efficient regulation.

Obtaining insight into other disciplines’ experiences shall enable us to rethink the predominant approaches. By learning from each other we can ask: Can we do better, both in our own disciplines and the common regulatory landscape? Might there be a better way?

The event is of interest to both public and private sector participants: Policy-makers, government enforcement agencies, academics, and industry professionals in the area of, and affected by, regulation, in various disciplines.

Sign up for this free event here

Workshop programme

13:00 – 13:05 Welcome Professor Felix Ritchie
  Cluster 1 Presentations: Data regulation in the public and private sector
13:05 – 13:15 Data in the public/private sector Design of incentive systems/evidence base Professor Felix Ritchie/Elizabeth Green
13:15 – 13:25 Data in the public sector Organisational trust Andrew Engeli – Office for National Statistics
13:25 – 13:35 Data in the private sector (I) Data Protection & Privacy Martin Hickley – Director Martin Hickley Data Solutions Limited
13:35 – 13:45 Data in the private sector (II) Data Analytics & Privacy Luk Arbuckle – Chief Methodologist Privacy Analytics
13:45 – 14:15 Cluster 1 Discussion
14:15 – 14:25 Break
  Cluster 2 Presentations: Financial markets and accounting
14:25 – 14:35 Rules vs principles in financial markets Financial Regulation & Compliance Expert witness Paul Keenan – Visiting Practitioner Professor in Financial Regulation in the Business and Law Faculty of the University of the West of England (UWE)
14:35 – 14:45 Rules vs principles in accounting (I) Practical accounting & Regulator Perspective Bryan Foss – Digital Non-Executive Director, Risk & Audit Chair, Visiting Professor and Board Readiness Coach
14:45 – 14:55 Rules vs principles in accounting (II) Auditing & Corporate Governance Ismail Adelopo/Florian Meier
14:55 – 15:25 Cluster 2 Discussion
15:25 – 15:35 Break
  Cluster 3 Presentations: Legal perspective and non-financial regulation
15:35 – 15:45 Legal perspective Financial crime Nicholas Ryder – Professor in Financial Crime
15:45 – 15:55 Non-financial regulation Modern slavery and other required reporting Jaya Chakrabarti – CEO Semantrica Ltd (tiscreport)
15:55 – 16:25 Cluster 3 Discussion
16:25 – 16:55 Summary and Closing remarks Nicholas Ryder Professor in Financial Crime