Individual accountability – a maturing of financial regulation - Speech by Gerry Cross, Director of Financial Regulation: Policy and Risk, at Arthur Cox Client Seminar
24 June 2022
Speech
Speech to Arthur Cox Client Seminar, 23 June 2022
Good afternoon. It is a pleasure to be here. Many thanks to Arthur Cox for inviting me to speak with you today.
The focus of my remarks is the new Individual and Senior Executive Accountability framework which will come into effect next year1. I will consider some key aspects of the new framework including the Central Bank’s approach to the regulations and guidelines that will implement the primary legislation.
Central Bank Strategy
First, however, let me say a little bit about how the new Individual Accountability Framework fits within the Central Bank’s overall framework of financial regulation at its current stage of development.
In one sense the Individual Accountability Framework represents a straightforward response to the deficiencies of governance, culture and accountability that were revealed by the tracker mortgage scandal. In our report into behaviour and culture in the retail banking sector arising out of those events that we proposed the introduction of such a framework.
But there is a wider regulatory story here. One that is reflected in the Central Bank’s multi-year Strategy published towards the end of last year. In our Strategy, safeguarding is one of the four strategic themes identified. Safeguarding includes protecting the interests of consumers and the stability of the financial system.
This safeguarding theme sits surrounded by three other strategic themes that deeply inform it and indicate how we will approach our responsibilities. They are (i) future focus; (ii) transformation; and (iii) open and engaged.
By being future focused, we will be regulating for a rapidly evolving financial system so that the opportunities presented by the current unprecedented period of change and innovation can be realised for citizens and the economy. Under transformation, we will significantly evolve the way we regulate and supervise so that we continue to be, and become even more, a leading international regulator in a global financial services jurisdiction. And under open and engaged, we will seek to operate in a manner whereby transparency and two-way engagement become an even more ingrained part of our DNA. This on the view that regulatory quality and success are determined as much by clarity and mutual understanding as by direction and enforcement – though both are necessary depending upon the circumstances.
Recognising progress
In terms of the evolution of our regulatory and supervisory approach, much of the past decade has been spent addressing the failures and weaknesses that led to the disaster that was the Great Financial Crisis. And this is exactly as it should have been. As a financial industry and as financial regulators we must never again allow the failures and damage to arise that occurred during those events.
It is also the case that, while we should and will continue to incorporate in our work the lessons we learned from that period, it is important to recognise the significant progress that has been made. We should leverage that progress to enhance the way we regulate and supervise. In regulating and supervising for the future, we need to develop a more integrated and holistic approach founded in what has already been achieved. We should avoid a purely additive approach, whereby every problem identified requires a new bolt-on regulatory solution.
What does this mean in practice? First of all, we need to get better at being clear about the outcomes that we are seeking to achieve and then ensuring that regulation targets those outcomes as accurately and proportionately as possible and without indulging a tendency to err unduly on the side of conservatism.
We need to do better at setting out and weighing the costs and the benefits of our proposals. In the post-crisis period on many occasions this was a relatively straightforward calculation given the glaring gaps that had become evident. Now however, with so much having been achieved, we need to be clearer as to how the constraints and costs that come with further regulation are justified.
We need to be clear how new proposed regulation is aligned with the better functioning of the financial system, and its support for consumers and the economy. It should be consistent with good quality competition and with the sustainable, reasonable profitability of well-run financial firms.
We need to have a strong focus on proportionality so that regulatory requirements are consistent with the risks involved, including the lower risk profile of smaller firms. And we need to enhance predictability – both customers and firm are entitled to have a clear sense of what is expected of them and what is not.
“With-the-grain” regulation
An approach which is very consistent with this idea of high quality regulation is that which seeks to ground itself in, and leverage to the fullest extent possible, the governance and practices that already exist within financial firms. You might call this a “with the grain” regulatory approach as compared to other more separate standing regulatory approaches.
To take an example in the area of capital requirements regulation: where firms’ internal models can be effectively used as the basis for calculating capital requirements – that is where the social risk internalisation can be achieved directly through building regulatory features into firms’ modelling and risk calculations – then the results are both better and more efficient. Better in that they are more risk-relevant and more efficient as imposing fewer purely regulatory-driven costs on firms. In those cases where internal models cannot be made to work for regulatory purposes, then the alternative more standardised approaches, although necessary, are less efficient because less risk aligned.
What this means is that to the extent that, as we mature further our regulatory approach, we can develop and deliver more “with the grain” regulation the better our regulatory approach will have become. This always requires of course ensuring that such regulation fully captures the “external social costs” that would not otherwise be reflected – a central failing in the run up to the Great Financial Crisis.
Individual accountability – a mature approach
A key feature of the new Individual Accountability framework is that it is in the mode of such “with the grain” regulation – both in design and in our approach to its implementation. It is designed to map directly onto and leverage closely the governance and management structure adopted by the individual firm.
Rather than seek to dictate what those structures should be or to set out a detailed lists of dos and don’ts, the approach is a simple and parsimonious one: decide how you want to organise yourselves, be clear who is responsible for what, and so that we achieve good levels of predictability and quality, adhere to a small number of common conduct standards which apply widely, and to a small number of additional management standards that senior executives must comply with.
We can think of it like this: if it is clear what the obligations are, what the expectations are, and who is responsible for what as regards running the firm, then it is really plausible to move to a more mature approach to regulation and supervision. In particular, it becomes possible to imagine that supervision evolves from an approach relying more on prescription, direction, compliance and checking; to one of requirement, responsibility, and holding to account.
It is worth mentioning, that at roughly the same time that we will be rolling out our implementation of the new Individual Accountability framework we will also be implementing our enhanced supervisory approach to culture and behaviour within firms. This will be a holistic approach which will embed our assessment of firms’ culture and behaviour in all of our supervisory activities in line with relevant guidance and expectations.
This can be seen as a very coherent regulatory approach whereby as regulators we place increased focus on firms’ culture, behaviour and approach and on how they are run so that where we can be satisfied that high standards are met in this regard then the need for detailed supervisory intervention is plausibly reduced.
Sound practice alignment
Experience has shown that in order for a regulatory framework to work well, it should stimulate high quality governance and behaviours within firms. Firms need to be effectively managed and organised, individuals need to be clear what they are responsible for, and both need to be accountable if they fall short of expected standards.
The framework is aligned with what will already be sound practices at well-governed firms and as such will not generate significant additional costs in the majority of firms, which are well organised and run with a view to meeting the needs of key stakeholders – customers, shareholders, employees and wider society. This assessment of cost is borne out in the Regulatory Impact Assessment carried out by the Department of Finance at the time of publication of the General Scheme which noted that that, for many firms, the measures required to comply with the legislation are already largely part of their existing governance controls and concluding that in the long term positive outcomes from the framework will prevent poor behaviour arising which has in the past had negative financial impacts for customers and for financial institutions.
The framework is, and our approach to its development and implementation will be, firmly founded in proportionality and what is reasonable. It is worth taking a closer look at some examples in our development of the key components of the IAF, including the SEAR that evidences this carefully considered approach.
SEAR
Under the Senior Executive Accountability Regime (SEAR) firms will need to set out clearly the responsibilities of each senior executive in their Statement of Responsibilities. This will then allow firms to develop a Management Responsibility Map for the firm documenting key management and governance arrangements.
SEAR will support senior management in implementing an effective governance framework by identifying how the business and its risks are being managed and any gaps which may arise. This has been the experience in the UK whereby the Senior Manager and Certification Regime has been credited by firms as providing a sound framework for enhancing governance.
The Central Bank is currently finalising the relevant regulations and guidance to aid firms in their implementation of the regime. These will form part of our consultation package to be published immediately after the legislation is adopted.
Scope
In respect of the sectors in scope for SEAR our approach is to implement the SEAR in a manner that is proportionate and flexible enough to accommodate the different business models and governance structures of firms.
In line with approaches adopted elsewhere, and recognising the need to proceed with momentum but also with focus, it is proposed that SEAR will initially apply to a defined range of regulated financial firms. The initial scope will include credit institutions, insurance undertakings (other than certain specific categories), and higher risk activity investment firms – amounting in total to approximately 150 firms.
The recent publication, by the Joint Committee on Finance, Public Expenditure and Reform and Taoiseach, of the Report on its pre-legislative scrutiny of the General Scheme of the Bill noted the importance of the question of scope (and proposed exclusions) and its further extension. The proposed future scope of the SEAR was also the focus of recent discussions with the IMF during the Financial Sector Assessment Programs.
We have been clear that it is our intention to increase the scope of application of the regime over time. It is likely that there will be learnings from the initial roll out that can be incorporated as the scope is extended. In the meantime while not legally applied, there is much in the spirit of the SEAR that firms not initially falling within scope should consider as aligned with good quality governance.
Senior Executive Functions (SEFs)
For consistency and coherence, we propose to align the roles to which the SEAR applies (so-called “Senior Executive Functions” (SEFs)) with those Pre-approved Control Functions (PCFs) to which the Fitness and Probity (F&P) Regime applies.
It will be for the firm to identify its PCF/SEF roles. In doing so, they will be expected to apply substance over form, noting that it is the function rather than the job title of the person performing that function that determines which PCF/SEF category, if any, it falls under. As is the case under the F&P Regime, firms will not be required to create new roles, and therefore the regime should not alter the existing governance structures of a firm and reflects the measured nature of the approach.
Responsibilities
Responsibilities are at the core of the SEAR, each SEF will have responsibilities, which will generally fall into the categories “inherent” or “prescribed”. Inherent responsibilities are those responsibilities that are inherent, inseparable from and intrinsically built into the definition of a specific SEF. For example, you could expect the inherent responsibility for the Head of Finance to cover responsibility for managing the operation of the finance function and for providing comprehensive and timely reporting to senior management and to the board in relation to the function's performance and affairs. Such inherent responsibilities are core to the SEAR and will be set out in our regulations.
We will also set out a number of prescribed responsibilities in the regulations. These are responsibilities that firms must ensure are allocated to individuals carrying our SEF roles. The purpose of prescribed responsibilities is to provide clarity, both within the firm itself and to the Central Bank, as to who is responsible for key activities of the firm, including the management or oversight of specific conduct and prudential risks. So, for example, it will be proposed to have a prescribed responsibility related to Environmental, Social and Governance matters in the firm. As such the responsibility for effectively managing the firm’s approach to identifying, assessing and managing climate-related and environmental risks. Or, for example, in relation to the culture of the firm we will propose that the responsibility for overseeing the development of, and embedding positive culture, consumer protection and conduct risk in the firm also needs to be allocated to somebody carrying out an SEF function.
Recognising that not all prescribed responsibilities will be relevant to every firm, there will be a general list of prescribed responsibilities applicable to all firms, with tailored lists for industry sectors and based on firms’ scale and complexity. While RFSPs must allocate all applicable prescribed responsibilities among SEFs, the Central Bank does not intend to be overly prescriptive in terms of the allocation of prescribed responsibilities to specific SEFs. This approach gives RFSPs the flexibility to allocate responsibilities in a manner that accommodates different business models and organisational structures.
Finally firms must also consider 'other responsibilities' which may have been allocated to an SEF, this will include any additional functions, business areas or projects for which an SEF is responsible to the extent that they are not captured by the inherent and prescribed responsibilities.
Responsibility Map
As I mentioned, firms in scope of SEAR will be required to maintain a Responsibility Map detailing the allocation of responsibilities across the firm, including the key management and governance arrangements, in a comprehensive, accessible and clear single source of reference. We will provide guidance on the compilation of these maps. They will need to include, inter alia, matters reserved to the board, terms of reference for key board committees, and reporting lines of SEFs to individuals, committees and, if applicable, within the wider group. Of course, and crucially, such maps should not to be regarded simply as a regulatory requirement, but as part of a firm’s ongoing documentation, implementation, and enhancement of their internal governance structures. Requirements in respect of Statements of Responsibilities and Responsibility Maps will be set out in regulations.
Branches
The approach to branches under the SEAR is an aspect that we have been asked about quite a bit. As regards incoming branches, the need for coherence and fair competition underpins our proposal to apply SEAR to incoming third country branches. In line with the EU approach of home state responsibility for such matters we will not apply the rules to incoming EEA branches.
In respect of outgoing branches the ‘EU passport’ gives financial services firms in the EU the right to provide services throughout the EU, under the authorisation granted by the home competent authority. Branches (unlike subsidiaries) are legally part of the regulated entity. If an issue arises in the branch of an Irish authorised institution, it is important that the Central Bank as responsible authority has clear line of sight on that issue, knows who is accountable, and is in a position to hold those responsible to account. SEAR will accordingly apply to outgoing branches as an integral part of the regulated entity, with the Branch Manager role in such branches continuing, as is currently the case under the F&P regime, to be a PCF/SEF function.
Non-Executive Directors
The proposed approach to Non-Executive Directors has also been a subject of interest. We seek to be clear and proportionate in this regard. Factoring in the significant importance that attaches to the role of NEDs, and Independent Non Executive Directors (INEDs) in particular, as an integral component of the board of the firm and a fundamental safeguard within an firm’s governance framework, it is proposed that all (I)NEDs will be SEFs under the SEAR. The responsibilities for which NEDs and INEDs are accountable are of course limited to non-executive responsibilities.
Substance over Form
During the consultation exercise undertaken by the Department of Finance, the interface between substance and form gave rise to a number of questions. For example, what will happen when one SEF under the regime reports to another? How will the regime cope if a formal title is applied to a less senior executive while the more senior person seeks to stay out of the regulatory picture? In a similar vein, we have been asked about the outsourcing of senior executive roles.
The answer to these questions is that the new framework has at its heart the responsibilities of different senior manager roles and is focused on the substance of those roles and not their titles. Fundamentally, it is about substance, not form and the onus will be on firms to implement the regime in this spirit. This is where firms taking real ownership of the SEAR will make a major difference.
On the question of outsourcing in the context of SEAR, to ensure transparency and accountability, the Bank expects that where outsourcing arrangements are in place then there will be a Senior Executive Function in the regulated firm with responsibility for outsourcing arrangements. Moreover, the outsourced role-holder will fall under the oversight of a PCF role holder within the entity. This will need to be reflected in the relevant Statement of Responsibilities and Responsibility Maps. This will ensure that the overall responsibility and related individual accountability is retained within the regulated firm.
Duty of Responsibility
The SEAR introduces a statutory duty of responsibility which provides that an individual will breach their legal duty in the following circumstances: they were performing a SEF role, the regulated firm committed a prescribed contravention, the individual was responsible for the relevant business area, and the individual did not take reasonable steps to avoid the prescribed contravention occurring or continuing.
Importantly the General Scheme includes a non-exhaustive list of factors to be considered in assessing whether an individual has taken reasonable steps to avoid a prescribed contravention including the nature, scale and complexity of the firm’s business, the relevant SEF and their responsibilities, knowledge and experience; and whether the SEF took such steps as a person in their position could reasonably have been expected to take to ensure there were appropriate and effective systems controls and governance arrangements in place and effective oversight of any delegation of responsibilities.
We intend to provide further clarity via guidance on our expectations as to the behaviour of SEFs and what steps may be considered reasonable. This guidance will need to be finely balanced, on the one hand providing sufficient clarity to firms and individuals regarding our expectations whilst at the same time ensuring that the regime is flexible enough to accommodate different governance structures, business models, and situations.
Conduct Standards
The conduct standards will apply to all regulated firms. The standards comprise Common Conduct Standards for individuals carrying out controlled functions (CFs), Additional Conduct Standards for senior executives, and the Standards for Businesses.
The Common Conduct Standards set out the basic behaviour standards expected of firms and their staff, including obligations to conduct themselves with honesty and integrity, to act with due skill, care and diligence, and in the interest of consumers. We consider these to be the basic standards that should underpin the provision of financial services and the relationships of trust that are central in this area. We also believe they are the standards to which most firms and individuals already hold themselves. While we recognise the importance of guidance on the Common Conduct Standards to ensure our expectations are clear, we are also mindful that such guidance cannot be overly prescriptive and needs to be appropriate to different sectors and take into account the nature, scale and complexity of individual firms and roles.
In developing the IAF, we have paid close attention to the need to maintain the central importance of collective decision-making and collective responsibility in the running of firms. This must not be undermined as an unintended consequence of placing increased focus on individual accountability. The framework will contain an obligation on individuals to participate effectively in the relevant collective decision making of firms. In this way, far from undermining it, the IAF will in fact buttress the concept of collective responsibility as a core aspect of well-functioning firms.
The Additional Conduct Standards will be applied to senior executives (as well as to any other individuals exercising significant influence on the firm). The standards require that persons in senior roles ensure that the business of the firm for which they are responsible is controlled effectively, that it complies with regulatory requirements, that any delegation of responsibilities is appropriate and properly overseen, and that relevant information of which the Central Bank would reasonably expect notice is disclosed promptly and appropriately. Similar to the SEAR, the standards include the concept of “reasonable steps” and we will provide guidance on this, including a non-exhaustive list of what may be relevant to assessing whether a person took such reasonable steps.
Consultation and Implementation
Following the pre-legislative scrutiny that concluded earlier in the year, we expect the Bill to be published very shortly and enacted into law during the course of the months ahead. The legislation, while setting out the key components and features of the new framework, is also expected to provide the Central Bank with regulation- and guidance-making powers. We have been working in parallel on the draft regulations and guidance, which – of course subject to the final requirements of the legislation - will complete the details of the new framework.
Once the Bill has been enacted, we will move quickly to consult and engage with key stakeholders on the operationalisation of the IAF. You can expect this consultation to include draft regulations and accompanying guidance on these key components to ensure the proposed policy measures and guidance are clear and proportionate to support firms in achieving an effective and consistent implementation of the new framework.
When implemented, which we expect to be later next year based on current timelines, the initial focus from a supervisory perspective will be embedding the IAF into our processes and approach and ensuring that firms embed it effectively into theirs.
Preparation for the implementation
I would encourage firms to use this time to prepare to implement the new framework by understanding their obligations and assessing their current governance structures in order to identify clearly who is responsible for what within the firm. Firms will need to clearly define the roles and responsibilities of the SEFs and ensure clarity over reporting lines and any delegation of tasks. Firms should review their current Fitness and Probity processes to assess any enhancements required to meet the annual certification requirements. Firms should also examine their internal culture and values as compared to the IAF principles and identify areas of focus. Education and training will also play an important part in the success of this framework. These steps will help firms to assess gaps and identify the key changes needed on a timely basis.
Conclusion
Let me finish here. I hope you have found it useful to hear how the new Framework of Individual Accountability fits within an approach to regulation which seeks to be proportionate, very well aligned with the outcomes sought, and reflecting a “with-the-grain” approach which leverages the firms’ own good practices and approaches. And also that it has been helpful to hear about how we are thinking about some of the key aspects of the regime and their implementation. I look forward to your questions.
_______________________________
1 See also speech of Derville Rowland, Director General, Financial Conduct, Central Bank of Ireland on this topic of 9 March 2022