Perhaps the most consequential document in professional regulation in the English-speaking world this century is Right-Touch Regulation published by the UK oversight body, the Professional Standards Authority (PSA). The document outlines how policy makers and regulators should apply risk management principles to devise proportionate strategies to effectively reduce harm to the public. The PSA recently published a major update to the document. While still an incredibly useful document, it may be an example of the PSA trying to tackle too much at once; the document outlines several approaches to right-touch regulation and is less focused than the original guidance.
The rationale for the update includes recent developments, including the impact of the pandemic on human health resources, changes in social attitudes (e.g., increased awareness of the need for equality, diversity, and inclusion, #MeToo), technological advances including artificial intelligence, and more frequent questioning of the value and effectiveness of regulation.
The document begins with a useful summary of right-touch regulation:
Right-touch regulation is about doing enough to mitigate risk to an acceptable level and no more. Recognising that there is no such thing as zero risk, regulators need to determine the appropriate level of risk management in their areas of responsibility and do only enough to achieve it. This should be based on the best evidence available. They should only intervene when other systems closer to a risk cannot manage it effectively.
Regulators need to be clear and transparent about how they have decided what the tolerable level of risk is in any situation. They should show how regulating beyond that level would have other, undesirable consequences. These could include limiting access to services, inhibiting innovation and growth, wasting resources or creating unnecessary burdens on those regulated.
The concept of the types of “harm” being addressed is broad, including to the health and wellbeing of members of the public, financial harm, loss or damage to personal data, disruption to the ability of registrants to provide services, and impairment of the trust and public confidence in the profession and the regulator. Regulators should aim to have a positive influence on registrants, and the organizations they work with, which have the primary ability to limit the risk of harm. Regulators must also recognize that they can mitigate, but not eliminate, the risk of harm. As such there must be a balancing of the advantages of any regulatory activities against the adverse effects of excessive intervention.
As in the original, the updated document features an amazing decision-making tree that can be used in determining how to approach regulatory issues, although it features less prominently at page 32 of the 54-page document. The decision-making tree incorporates the six principles of right-touch regulation, which are not always entirely reconcilable. Namely under the right-touch model, regulation should be:
- Proportionate,
- Consistent,
- Targeted,
- Transparent,
- Accountable, and
- Agile.
Agility, that is regulators anticipating and adapting to change, is emphasized in this update.
In applying the decision-making tree, the document calls for collaboration with “public representative organisations, organisations delivering services, other standard-setting organisations, other regulators concerned with different aspects of a sector, and organisations representing particular interest groups, such as trades unions and professional associations.” The collaboration would involve using constructive consultation concepts (while being efficient).
In terms of equality, diversity, and inclusion, the document says:
Regulators must place considerations of equality, diversity and inclusion at the centre of their decision-making. Within the specific context of right-touch regulation, this includes, for example, assessing differential harms by groups with particular shared characteristics when exploring the impacts of a new risk. It also includes seeking the views of services users, those affected by decisions and those at particular risk of harm.
As part of their ongoing evaluation, regulators must explore the impacts of their interventions and decisions on service users, with a particular focus on differential impacts and outcomes, seeking to understand their underlying causes. This will often require close working with other stakeholders, as any differential impacts of regulatory activities are likely to be complex and may be deeply rooted in discrimination across various social structures, institutions and processes.
In matters of wider societal inequalities, regulators should look to achieve positive influence within the boundaries of their remit, in particular through sharing their insights and intelligence.
Next year the PSA intends to publish further supporting resources.
