Tackling the hard questions

Speech by Mark Steward, Director of Enforcement and Market Oversight at the FCA, delivered at the Thomson Reuters Annual Compliance & Risk Summit on 26 April 2016, in London. This is the text of the speech as drafted, which may differ from the delivered version.

mark steward speeches 340 180 migration.jpg

Thank you for inviting me this afternoon.

The FCA recently set out its objectives and plans for the next 12 months, identifying seven key themes of work, namely,

financial crime and anti-money laundering:

  • firm culture and governance
  • wholesale financial markets
  • advice
  • treatment of existing customers
  • pensions; and
  • innovation and technology

These priorities will provide sustained strategic direction over the next twelve months, an organisational compass, ensuring we stay pointed in the directions we consider are most important.

The seven key themes of work are, in effect, a game plan of strategic directions.  One of the virtues of strategic direction is that it forces confrontation with the questions that are in most ways the hardest and most challenging to answer, including (without being exhaustive):

  • how to prevent money laundering and detect as early as possible scams and frauds attacking consumers
  • the problem of affordable and reliable advice and how to reduce misselling risks, for both consumers and firms;
  • how to foster fair and competitive wholesale markets, especially given the importance of our capital markets as a safe storehouse of value and therefore savings and wealth; and
  • how to establish stronger and more vigilant firm culture and governance especially as a means of reducing conduct risks in financial services;

But these important questions are not the only things we are focused on.  Most of our work is ongoing business as usual - work that, in programmatic form, is no less important producing regulator, less newsworthy results that in aggregate fulfill our statutory mission.  I want say something more about this work because, although often unnoticed, it should not be invisible.  One of the good things I have noticed about the FCA since I started here is the volume of small, good things that the FCA does every day.  I want to return to this later.

Senior Managers Regime

The Senior Managers and Certification Regime commenced on 7 March 2016. This initiative is central to our work in improving firm culture and governance – one of our seven priorities. 

Initial focus centered on arguments over the so-called reversal of the burden of proof.  The reversal controversy had the potential to distract attention away from what the initiative was really intended to be about.  The reverse burden was itself reversed out of the regime last year and now will proceed with the FCA bearing the evidential burden of proof. Of course we always bore the persuasive burden of proof and so, to my mind at least, the change does not alter in any meaningful way the challenge that already confronted us. 

The clarification restated the essence of the initiative – to introduce a duty of responsibility.  While the exact wording of the new provision remains in Bill form – the 3rd reading in the House of Commons was held last week – there is, in fact, no reference to a duty or to responsibility in the Bill, at least in its current drafting.

Instead, the current wording states that a person is guilty of misconduct if, (and I am paraphrasing),

  • the person has been a senior manager of the firm,
  • there has been a contravention of a requirement by the firm,
  • the senior manager was responsible for the management of the firm’s activities in relation to which the contravention occurred and
  • the senior manager did not take such steps as a person in the senior manager’s position could reasonably be expected to take to avoid the contravention occurring.

Two things arise immediately. First, the person must be the person who has designated responsibility within the firm for those activities in relation to which the contravention occurred. Secondly, the person must have failed to take sufficient steps to avoid the contravention, those steps that objectively constitute steps that a reasonable person in that position could be expected to have taken. 

The nutshell version of this is that it is a duty to take reasonable steps to avoid the firm committing a contravention.

The nature of a duty or obligation to take reasonable steps is a familiar one in company and financial services law.

So who is this person who acts with a duty of responsibility, who takes reasonable steps to ‘mind the shop’ ? What does this person look like ?

It has been said that a person who takes reasonable steps is one who does not exhibit a negligent or reprehensible state of mind, who is conscientious, exhibiting, through diligence, a keen and watchful eye on his or her field of responsibility, observing, asking questions and so informed and informing, being vigilant, deciding, guiding and monitoring, oversighting, delegating when safe to do so to those who are well-placed, and only acting beyond expertise and experience with competent expert advice. Sounds good.  This is not exhaustive and denotes a person not only in terms of qualities - skill and competence - but also in terms of how the person should behave and the behaviour is described with doing words, verbs (these verbs are really the tools of responsibility).

Doing nothing, in circumstances where reasonable steps requires something to be done, will not suffice.

In other words, doing nothing, in circumstances where reasonable steps requires something to be done, will not suffice.

Consistently with notions of duty, the senior managers and certification regime is supported by Conduct Rules which require all senior managers as well as certified staff to act with integrity, to display due skill, care and diligence, to have due regard to customers and treat them fairly and observe proper standards of market conduct.  Additionally, and applying to senior managers only, the Conduct Rules require reasonable steps to ensure the business complies with relevant requirements, to delegate appropriately and to supervise the performance of the delegation.

This is some distance from the director of Cardiff Savings Bank who, over 100 years ago, was sued  in his capacity as chairman of the bank.  His lack of attention to the bank’s business was a key issue in determining whether he was responsible.  In issue was the fact he had not attended a board meeting for 38 years (he was made a director at the age of 6 months).  He was found not to be responsible or liable despite his lack of diligence. This would not be the case now.

What I like about the senior manager’s regime is that it focuses on the people who can make a difference, the senior management and it is top down rather than bottom up, which seems to start the inquiry into firm culpability in the right place.  While that may not be where such an inquiry ends, |I think it reinforces the real responsibility that we, as regulators and as members of the community expect.  And I think it is important that senior managers also appreciate the expectations on them are ones that are held not only by us, as the regulator, but also by the broader community as well.

It is important to make clear that the regime is not a means for making senior managers strictly or even vicariously liable for contraventions by firms. Nor is it a mechanism for not holding firms to account as well.  

It is also important to make clear that the regime is not a means for making senior managers strictly or even vicariously liable for contraventions by firms. Nor is it a mechanism for not holding firms to account as well.  It goes without saying that the FCA will not be taking a punctilious approach to this new regime. We will be looking at cases involving real fault elements, real culpability, and this is how it should be.

Skill Care & Diligence

The requirement of skill, care and diligence forms part of the Conduct Rules and is not a new formulation.  Firms are also required to act with skill, care and diligence.  A recent example, is the so-called elephant deal case involving Barclays. The case is important and remains topical because it concerns anti-money laundering systems and controls in a major institution which sits squarely within our financial crime strategy.

The case concerned a complex structured transaction valued at £1.88 billion arranged by Barclays during 2011 and 2012 for a number of ultra-high net worth politically exposed persons.  A number of companies were used to make the investments and the proceeds of the investments were held in a trust of which the clients were beneficiaries. The investment objective for the transaction was a specified rate of income with full capital guarantee over a number of decades. The transaction was the largest of its kind that Barclays had executed for natural persons. Deals over £20 million were commonly referred to within Barclays as “elephant deals” because of their size and the transaction, which was for an amount of £1.88 billion, was also referred to as an ‘elephant deal’ or the ‘deal of the century’ as one senior manager referred to it

In such circumstances, Barclays was obliged to vet the transaction to ensure it was free of financial crime and money laundering risks, especially given the clients in question were PEPs, or politically exposed persons.  However, Barclays applied a lower level of due diligence than its policies required, in part because of unusual stipulations that required the identity of the clients to remain confidential even within Barclays. 

Barclays were not ignorant of the risk of financial crime in undertaking this transaction – and the FCA did not find evidence that the transaction in fact involved any financial crime. However, Barclays overlooked a number of red flags, including the exceptional size of the transaction, the request for confidentiality and the client’s status as PEPs, addressing these risks in an ad hoc way, inconsistently with its normal policy and practice.  In effect, Barclays failed to apply appropriate skill, care and diligence in undertaking the transaction, thereby exposing the bank and, by implication, the UK, to risks of financial crime and money laundering.  Given the ad hoc approach and the confidentiality involved, it was unclear which senior managers were ultimately in charge of decision-making and this lack of clarity caused confusion and resulted in a number of additional serious failures.  Specifically:

  • Barclays senior management were concerned about the speed at which the due diligence process could be completed, with one manager expressing a desire to ‘race this through’. In other words, staff involved was not well equipped or provided with adequate opportunity to answer the questions relating to the risks of financial crime and money laundering that the transaction self-evidently raised.
  • Secondly, having classified the clients as PEPs, Barclays should have been particularly vigilant to guard against the risk of it being used to facilitate financial crime in view of such higher risk features.
  • Barclays failed to establish adequately the purpose and nature of the transaction and did not sufficiently corroborate the clients’ stated source of wealth and source of funds for the transaction. These were fundamental due diligence checks which Barclays should have carried out.
  • Barclays failed to monitor appropriately the financial crime risks associated with the business relationship on an ongoing basis and missed opportunities to identify and remedy gaps in its understanding of these risks; and
  • Barclays failed to maintain adequate records of the due diligence it undertook in connection with the business relationship and to ensure that that those records were readily identifiable and capable of retrieval. Indeed, it was only after the FCA entered into discussions with Barclays about the transaction that Barclays carried out further work to gather additional information in relation to the business relationship.

One can speculate what difference there would have been in the way we handled this case if the Senior Managers’ Regime had been in place at the time of these events.  Indeed, I hope those in charge of Barclays have done or are doing exactly that – a true sliding doors counter-factual assessment of what might have been the case if the same set of circumstances had occurred with the senior managers regime in operation.  One difference at least is that the senior managers regime introduces a new responsibility for oversight of a firm’s financial crime control which in addition to the money laundering reporting officer function (MLRO).  Perhaps all firms who have been held to account over the last few years should conduct the same exercise, if they haven’t already, to ensure the introduction of the senior managers regime is as salutary as possible.

Enforcement Decision-making

Let me change tack and say a few words about enforcement decision-making.  We have recently released a consultation paper that sets out our response to the HMT Review on enforcement decision-making as well as measures that also arise from the recent HBOS Report.

There is also an important additional consultation within this package of largely well-anticipated reforms which one commentator termed a ‘striking’ change.

We are proposing that firms and individuals who:

  • find themselves at the wrong end of an FCA enforcement case;
  • do not dispute their liability and wish to resolve the case by agreement;
  • but disagree with the penalty proposed by FCA staff;

will be able to seek a hearing on penalty before independent FCA decision-makers (i.e. the Regulatory Decisions Committee or RDC) without losing the credit for cooperation they might otherwise get if they accepted the penalty proposed by FCA staff.  At the moment, if a firm or individual objects to the proposed penalty but agrees with everything else, the case proceeds to the RDC and the firm or individual loses the automatic credit for cooperation or one third discount.  Some may say, well that’s the way it goes. Others might say it creates a problematic disincentive for firms and individuals to approach the RDC, a body of decision-makers (effectively a committee of the FCA board) whose role is to provide statutory decision-making for the FCA that is separate from the investigation team that has been working on the case. 

In essence, in these circumstances, firms or individuals will receive a more transparent ‘’fair crack of the whip” in setting out their position on penalty.

This proposal has not been the result of any suggestion made to the FCA nor by the HMT recommendations.  It is one that has been developed in-house in an effort to provide greater transparency in the enforcement decision-making process for firms and individuals who are involved in it. 

To my mind, what is proposed is very much like what typically happens in criminal proceedings when a defendant decides, at an early stage, to plead guilty. 

For the FCA, what this means is that decisions under this approach will be accompanied by detailed statements of agreed facts that must contain all the essential facts enabling the RDC to understand properly what has occurred. My expectation is that more cogent detail may become available through this process and so the transparency will also benefit the wider community as well.  The agreed statement of facts will be published with the decision notice which will also contain a reasoned decision on penalty setting out the way in which the penalty has been set. Again, more transparency.

The proposal also addresses perceptions of a transactional approach to enforcement where, to an outsider, the settlement process can seem, in effect, a process of arriving at a price that a firm or individual will agree to pay and the settlement agreement is akin to yet another deal. 

The enforcement of important public and regulatory requirements is and should not resemble a bargaining process. I am not suggesting that it does. But I know there are perceptions to the contrary. The public must have confidence that outcomes are achieved by reference to proper principles and through a process that has fairness, if not justice, at heart.  When the law is enforced, it involves, in reality, a positive affirmation of the moral or ethical value of the rule or requirement in question, that it is worthy of obedience with the sanction process being the way in which the wrongdoer expresses contrition or, the imposition of sanctions (and, if applicable, remediation) there is a proper and public vindication for those who have been affected as well as an expiation of the wrongdoing and its consequences.  This is no commercial deal.

We are also consulting on variations of this proposal where most but not all the facts have been agreed by the firm or individual, so there has been a substantial narrowing of the dispute. In those circumstances, it may be reasonable that the firm or individual should be able to earn credit for cooperation, albeit not a full one third discount.

In making this proposal, we are not abolishing the existing way in which resolutions can be agreed.  Indeed, there is much to be admired about firms and individuals who quickly accept their culpability and are prepared to agree the consequences.  The immediate one third discount for such cooperation will also continue.

Broad Span of Work

I mentioned at the outset the volume of small, largely unnoticed good things that the FCA achieves.  In closing, I want to return to that with an example – but it is only one example of what I think are a myriad of small, good, unnoticed things achieved by all parts of the FCA every day.  So this is but one example.

Within our enforcement work, we have a small team that focusses exclusively on what we call the threshold conditions.  These are the minimum conditions of financial viability and competence that firms must have in place at all times to remain authorized.  All firms – both big and small – must meet the threshold conditions at all times. The threshold conditions underwrite a minimum standard that is designed to protect not only the integrity of their operations but also those customers with whom they deal.  It is absolutely essential work.  Just in the last quarter of 2015/16, this team has completed cases involving 187 firms, taking public action in 27 cases and securing remedial outcomes i.e. oversighting steps in which potential breaches of the threshold conditions were remediated in 154 separate occasions.

This work is largely unheralded and takes place day in and day out; has done for many years and will continue to do so.  At the same time, over the years, tens of thousands of firms and their customers have been kept safe and sound with a myriad of problems and issues addressed, remediated and nipped in the bud.

I often think the real measure of success is not how effective we are at landing the elephant deal cases, but how quickly we are able to detect problems and nip them in the bud.

I often think the real measure of success is not how effective we are at landing the elephant deal cases, but how quickly we are able to detect problems and nip them in the bud. That does not mean investigation and enforcement is not necessary. If anything, our investigation powers are the things that are designed to enable us to get to the heart of things quickly.  What I do mean is if we are really good at what we do, then enforcement cases should get smaller rather than bigger – nipping things in the bud before they grow into elephants (to mix metaphors).  This is very idealistic.  But that’s not a reason for not aiming for it.

On that note I will close. Thank you for listening to me.