NORTHERN ROCK: A REVIEW BY THE INTERNAL AUDIT
DIVISION OF THE FINANCIAL SERVICES AUTHORITY
1. The Chief Executive of the FSA, Hector
Sants, has requested a "lessons learned" review of the
supervision of Northern Rock plc. A review team, led by the FSA's
Director of Internal Audit, Rosemary Hilary, has been commissioned
to deliver a report to the Executive by 31 January 2008 and to
the FSA's Board at its meeting dated 28 February 2008.
2. The review will examine the lessons which
the FSA should draw from the Northern Rock events and changes
these suggest for the FSA's risk-assessment and risk-mitigation
practices in general. Where aspects of relevant regulatory practice
or policy are currently already being reviewed or revised, the
internal audit team will take account of that work in reaching
its own conclusions.
3. Internal Audit will review the supervisory
approach for Northern Rock plc during the period 1 January 2005
to 9 August 2007. In particular it will review whether the FSA's
prevailing framework for assessing risk was appropriately applied
such that the supervisory strategy, including the Supervisory
Period and level of resourcing, was in line with Northern Rock's
risk profile. A review of a small sample of other high-impact
firms will be included over the same timeframe in order to provide
a basis for comparison.
4. Internal Audit will then assess:
(i) whether in future the FSA's framework
for assessing risk should place more importance on liquidity,
stress-testing, competence of firms' management and effectiveness
of governing arrangements. In assessing this element Internal
Audit will take into account the emphasis in the More Principles-Based
Regulatory approach on outcomes-based regulation;
(ii) whether the processes or mechanisms
for identifying, sharing and responding to internal and external
intelligence/emerging risks (that may have firm-specific or sectoral
impacts) can be improved; and
(iii) whether improvements can be made in
the adequacy of supervisory resource, both in terms of capacity
and skills, devoted to high-impact deposit-takers.
5. The review team will exclude other areas
of supervisory focus unless deemed appropriate by work emerging
from the review. In framing recommendations for the FSA's Board
on 28 February 2008, this Internal Audit review will not accompany
these with a formal cost-benefit analysis.
6. The conclusions of the review will be
made public and any changes to the FSA's approach will be communicated
and/or be subject to consultation as appropriate.
7. In undertaking this review, the FSA is
seeking to achieve the following outcomes:
(i) to understand whether the application
of the supervisory approach for high-impact deposit-taking firms
(ii) in light of 7(i), to identify what lessons
there are to be learned and to make recommendations that will
enhance the supervisory approach going forward;
(iii) in completing 7(i) and 7(ii), and in
committing to publish its conclusions, to demonstrate to the FSA's
stakeholders (including regulated firms, consumers and staff)
an ongoing commitment, as an organisation, to continuous improvement.