Following the banking crash in 2008, there have been consistent calls for increased intervention in the banking sector and in particular on holding senior management both responsible and accountable for the performance and governance of banks.
UK – Senior Management and Certification Regime (“SMCR”)
In the UK, the SMCR has been put in place to pin personal responsibility and accountability on senior management. The regime has been in place for banks, PRA investment firms and some insurers since March 2016, and will now be rolled out to other FCA authorised firms, probably in the second half of 2018. Under the SMCR, it is the bank/financial services business that becomes a new mini regulator, and decides annually which staff must be registered with the FCA as “Certified Persons”. It is the responsibility of the regulated entity to ensure that all such staff are “fit and proper”. Senior managers are still approved by the FCA.
Certain functions, including top management, and senior functions in risk, audit, nominations, compliance and money laundering, must be allocated to individual senior managers. The regulated entity must then prepare and file with the FCA a “Statement of Responsibilities” for each senior manager, setting out in detail the senior management functions that he/she will perform.
Senior managers are subject to the “Duty of Responsibility” and will personally face enforcement action by the FCA if the FCA can prove that the senior manager failed to take reasonable steps to stop the breach from happening or continuing. There are a number of concerns about these responsibilities. Firstly, the senior manager can be held automatically responsible for the failings found when a firm is investigated if he/she was “privy” to the FCA’s investigation against the firm. In relation to the personal liability of a senior manager, the FCA have to prove that the senior manager did not take the steps a person in their position could reasonably be expected to take to avoid the firm’s breach continuing. Secondly, any misconduct findings or similar concerns must be disclosed in references for six years, potentially making the senior manager unemployable.
The FCA has said that individuals should be given the opportunity to comment on any allegations that may be referred to in the reference, but not on the terms of the reference itself, and that firms “should take those views into account so far as appropriate when deciding whether something should be disclosed and how the disclosure is drafted“; however, ultimately the decision on what to include rests with the firm.
Australia – Banking Executive Accountability Regime (BEAR)
Australia is introducing BEAR. This regime is also designed to hold banking executives to account. BEAR will cover ADIs. BEAR also addresses concerns over bankers’ remuneration – the Australian government wants ADI’s focus to be more on the customer/customer service and less on their own revenues. The regime will require senior executives to be registered with APRA before any appointment is made. It will also provide APRA with powers to issue conduct standards for executives, covering: integrity, due skill, care, diligence and acting in a prudent manner. It will introduce civil penalties for ADIs which fail to meet the new expectations by, for example, failing to monitor the suitability of senior executives who are in positions of responsibility (called “Responsible Persons” under BEAR) and/or which fail by hiding the misconduct of senior executives. It will require ADIs to defer 40% of an executive’s variable remuneration for a minimum period of four years, increasing to 60% for certain executives, such as the CEO. APRA will also have powers to require ADIs to review and adjust remuneration policies if it deems them to be inappropriate. Such policies will have to include claw back/malus provisions so that any bonus paid before any harm is discovered can be recouped. (The provisions with regard to variable remuneration and clawback are similar to those already in place in the UK for “material risk takers” at larger financial institutions).
Concerns over BEAR
It is unclear which senior executives will be in scope for BEAR. The expectation is that ADIs will have some flexibility in mapping accountabilities (rather than having to gain the pre-approval of the regulator, as is the case in the UK for those that have to be registered), but there may be a lack of clarity as between those defined as “Responsible Persons” and the broader set of individuals who may be covered by the requirements of the deferred remuneration rules.
BEAR v SMCR
One major concern raised in relation to BEAR was whether senior executives could have any redress/appeal to the Australian courts if, as a consequence of being found unfit by a firm, they effectively lose their livelihood in banking/financial services. APRA have conceded the point and senior executives subject to BEAR will have the right to appeal any decision made against them to the court. This important concession is not available under SMCR.
Conclusions
The risk is that, with the prospect of personal accountability, and possible claw back of remuneration, those most able to fulfil the roles captured by the regimes will not be “up for it” and financial services will face a “brain drain” as talent moves into other areas such as private equity, where the potential rewards (via “sweet equity“) for senior management of portfolio companies are very attractive. This is likely to be even more prevalent in the UK than in Australia, given the lack of redress available to senior managers who fall foul of the regime.