CORRECTED TRANSCRIPT OF ORAL EVIDENCE To be published as HC 706-v

HOUSE OF COMMONS

HOUSE OF LORDS

ORAL EVIDENCE

TAKEN BEFORE THE

PARLIAMENTARY COMMISSION ON BANKING STANDARDS

SUB-COMMITTEE D-PANEL ON CORPORATE GOVERNANCE: BELOW BOARD LEVEL

CORPORATE GOVERNANCE: BELOW BOARD LEVEL

WEDNESDAY 28 NOVEMBER 2012

RICH RICCI, ROBERT LE BLANC, MIKE WALTERS, MICHAEL ROEMER and MICHAEL ALDRED

USE OF THE TRANSCRIPT

Oral Evidence

Taken before the Parliamentary Commission on Banking Standards

Sub-Committee D-Panel on corporate governance: below board level

on Wednesday 28 November 2012

Members present:

Mark Garnier (Chair)

Baroness Kramer

Examination of Witnesses

Witnesses: Rich Ricci, Chief Executive, Corporate and Investment Banking, Barclays, Robert Le Blanc, Group Chief Risk Officer, Barclays, Mike Walters, Group Head of Compliance, Barclays, Michael Roemer, Chief Internal Officer, Barclays, and Michael Aldred, Reward and Performance Director, Barclays, examined.

Q581 Chair: Thank you very much indeed for coming to this morning’s session. This, as you know, is Sub-Committee D of the Parliamentary Commission on Banking Standards. The Commission, as you probably know better than anyone else, was set up as a result of the LIBOR scandal, and a number of your former colleagues came before the Treasury Committee at the time to give evidence, for which we were very grateful.

This is not about revisiting, necessarily, the LIBOR investigations that have gone on. Obviously, we are aware that there has been a Treasury Committee report on this. We are also aware that there are a number of reviews going on internally at Barclays, but this evidence session is more about seeking to understand how the banks control their operating functions, and in particular this panel is looking at the below board-level governance, at how you make sure that your good practice, or otherwise, is delivered or intercepted. Obviously LIBOR will come up, but I do not want to revisit the entire Treasury Committee hearings that we have already had.

Mr Roemer, if I may start with you, you are the third line of defence, as you know. The independent assurance function of the board is one of your prime functions. Does the buck stop with you if anything goes wrong?

Michael Roemer: Generally speaking, it would stop, depending upon the circumstances of what’s occurred as it relates to an issue or a problem at the firm. Clearly, every time there is such an issue I think that I need to understand, "What did we do? How did we do it? Did we have a robust programme of audit coverage around that issue?" Similar probably to other financial service firms, we have three lines of defence, and ultimately the first line is responsible for the operations of the procedures and processes that should be designed to capture the issue and prevent it from happening, or at least keep it very, very small. Ultimately, I think, the buck stops, depending upon the issue, across any one of the lines of defence, but clearly I take responsibility for looking to see whether the audit programme worked appropriately and effectively during that period of time.

Q582 Chair: So as far as you are concerned you will provide an audit function, literally, of the proceedings that were in place, to make sure that a problem did not get through the first line.

Michael Roemer: Absolutely. I would look across how the process worked, what was going right and whether the process was designed effectively. Those would all be things that were part of our programme of coverage.

Q583 Chair: Why did an internal audit fail to see the crisis coming?

Michael Roemer: Again, if you look across the industry, I think that some firms did better than others. Although I wasn’t at Barclays at the time, I believe that there are clearly parts of Barclays that did very well during that period of time, but broadly, as an industry, we should all take responsibility and say-

Q584 Chair: Where were you at the time of the crisis?

Michael Roemer: At the time of the crisis I was at American International Group in the United States-AIG.

Q585 Chair: What did you learn from being at AIG, and what have you brought with you?

Michael Roemer: I have clearly learned from that to keep my mouth closed!

I learned that many different things happened. It is a series of events, combined, that caused quite a few problems across the industry, including at my prior employer. My role there was pushing issues, bringing them to the board’s attention and making sure that there was check and challenge on how companies operate. I learned to be a bit courageous as it relates to issues that you find in a firm.

Q586 Chair: What did you regret about your role at AIG?

Michael Roemer: There is very little that I regret, in fact, as it relates to my performance at AIG, because after the issues that struck AIG took place the regulators in the United States came and spent quite a bit of time, as you would imagine, at AIG, particularly in the audit function, to say, "What happened? Where were you?" and so on. Through a three or four-month exhaustive process they felt very comfortable that the audit function had done what it should do, which is to raise significant issues, bring them to the board’s attention and provide transparency into what was going on at the company at the time. There are certain aspects of what took place at AIG that were systemic across the entire marketplace, but there were other issues that were specific to AIG that were in fact highlighted, reported on, etc. over a period of time.

Q587 Chair: What were the key lessons you learned and that you took away with you?

Michael Roemer: There are probably two or three specifics. One would be, as I already mentioned, to be courageous. It is very difficult when you have to have discussions with the board around the quality of management and specifically transparency of process. AIG at the time had a very federated model. Risk management was inside AIG. It was focused inside every single business. It was not aligned to a centre function as it is today in virtually all financial institutions. So that was clearly something that we walked away from.

We also looked at how pay and performance was managed inside our firm. I am sure you will ask us about this, but in fact, at the time much of what went on in certain parts of AIG was driven by those businesses, as opposed to by the centre, a control function or a governance apparatus that today you would see across virtually every financial services firm.

Chair: I am afraid I missed that. Could you just repeat the third one?

Michael Roemer: The last was that the compensation processes for certain control functions were driven by the specific businesses within AIG. Again, that would be a potential root cause. There were clearly market factors across the entire industry that had an impact.

Q588 Chair: I am asking this because I am very interested to hear how you brought those with you to Barclays and what the response has been at Barclays to your implementing them. Or did you feel you didn’t need to do so because they were already there?

Michael Roemer: Quite a few of them were already there, quite honestly. You carry such lessons from every firm you work at, so from my perspective, heading to Barclays, they were embedded in the process by which I look at an audit function itself.

I arrived at Barclays in January 2012, and I spent the first two to three months learning about the company, the processes, internal audit’s standing in the firm and so on. In fact, there are no issues with where internal audit stands in the firm. It has full access across the board at board level. The quality of the people in the audit function at Barclays is extremely high. Those aspects weren’t issues.

Although there is a pseudo-decentralised model, all of the risk individuals in the firm, as well as compensation, are driven from the centre. So there is a strong governance culture at Barclays, and quite honestly, historically, certain aspects of my prior employers are not there. I applied those lessons learned to everything I looked at on a go-forward basis, because I certainly do not want those issues to pop up again in relation to the firm and the function.

Q589 Chair: We do not want it to happen to any firm. That is why we are asking all these questions. You said it took two to three months to learn the culture of Barclays, but that is an enormous organisation with 130,000 or 140,000 members of staff. How can it take only two to three months to get around the shop?

Michael Roemer: That is the preliminary, where you are better suited to spending time learning about the firm, etc. I have now been there close to a year. Similarly, I visited or tried to visit all the significant locations of the firm. There is a team of 600 auditors around the world, and I interact with all of them. So, if you use a risk-based programme of coverage, you map your entire organisation-from the financials of the firm to its legal entity structure. I am sure I will be learning certain aspects of the firm for quite a while. I would not want you to believe that I know all there is to know about Barclays today, but I would tell you that the first three months were more focused on the audit function itself and its standing in the firm and the governance. Since that period of time, I have been more focused on the business of Barclays and how it operates. Clearly, the events of the summer required us to look at how we audit certain aspects of the firm to make sure that we have learned lessons from those situations, too.

Q590 Chair: What sort of interaction has there been with the Salz review?

Michael Roemer: They spent about two or three hours interviewing me. They are interviewing me again next week. They are independent from the company, and they have stayed very separate. So, although I have given them information, I have not yet had preliminary feedback from them across the firm. They are continuing their work. When they produce their results, I will take those results and map them into any work the company is doing related to the control environment of the firm-how we manage risk, etc. That is part of a broad review the company is doing itself, both in corporate investment banking and broadly across the firm, to improve and ensure that we are in line with regulatory expectations, our customers’ expectations and the market’s expectations.

Q591 Chair: Have you found any part of Barclays that gives you cause for concern?

Michael Roemer: Not cause for concern.

Q592 Chair: To put it another way, do you think there is any part of Barclays where you will be working a bit harder than you will in others?

Michael Roemer: No, I don’t think so. There is an enormous amount of risk to be managed at the firm. As you mentioned, it is a very complicated place with 140,000 people operating in many countries. By the very nature of that kind of financial firm, you have to look at risk across the entire firm. We have a programme of coverage for every single business, for every single function and for the second line of defence, so it is a broad programme. I would not say that I am more concerned about any one specific area. You might see more internal audit reports that come out over a period of time that would tell you, "There’s more negativity here. Why is that? Is it because we have gotten smarter and are using indicators to focus on problems? Or is it because there are just more problems in that area?" Generally speaking, I have not seen any one area that I would say is a broad problem from my perspective, but we look at every business and do a control assessment for the board audit committee.

Q593 Chair: Do you think in any real sense that it is possible or practical to manage the risk in an organisation with 140,000 members of staff in so many different business lines?

Michael Roemer: I absolutely think you can.

Q594 Chair: You would answer that way, but how is it possible to do it? It is a ferociously complex organisation, and risk is an unlimited potential. How on earth can you manage it?

Michael Roemer: You rely on the control architecture and a risk framework, which Barclays has both of. You have to be able to do that. You have to have a firm and a culture that recognises that control is everybody’s responsibility, which I believe we do at Barclays. We are constantly looking at how we do that to ensure that we are learning from everything that we see in the marketplace. We are learning from forward-looking risks that we are thinking about. It requires the internal audit function to be operating effectively. It requires the second lines of defence to be operating effectively. You rely on a control architecture, broadly speaking, that is understandable by the firm and that is simplistic in nature, but it is one that allows you to manage a level of risk. You have to have a strong management team and a board that is engaged from a check and challenge and oversight perspective. I think you can do it.

Q595 Chair: Do you think that the non-executive directors use the internal audit effectively?

Michael Roemer: I do at Barclays, yes. I have a lot of interaction with them.

Q596 Chair: Can you give us an idea of how much? Weekly? Daily?

Michael Roemer: I interact with the board audit committee weekly. We either have phone or e-mail contact. We sit down and meet each other on a more formal basis probably once a month, but there is interaction on a weekly basis. It can be daily, depending on what is going on in the firm. As you would imagine, over the summer it was much more frequent and daily. I have plenty of access to them. I am at every meeting of the board audit committee. I have an executive session at every meeting that I am at, so I have the ability to talk to them privately without management being in the room.

Q597 Chair: What do you get out of these meetings?

Michael Roemer: It is a two-way street, so I believe that we both get things out of it. From my perspective, I want to ensure that they understand what issues the company is currently working on. They want to understand from me whether the company is working on and remediating effectively and aggressively any issues that I identify. The internal audit function at Barclays validates every open issue to ensure that it has been closed appropriately, etc. From my perspective, I get guidance and input from them. I get direction from them from time to time on specific issues.

Q598 Chair: Can you give us an idea of what form that would take?

Michael Roemer: Using LIBOR as an example-not to open that up again-the fact is that as soon as it became public I immediately received a call from the board audit committee chair, who wanted to have a discussion and asked me to do certain things and to go off and look at certain aspects of the current and future processes and things that had been fixed and so on. We, at his direction, did a whole programme of work before we even started to change our entire approach to how we looked at pricing and indices. That is one example where the feedback to go and do certain work for the board audit committee was almost instantaneous.

Q599 Chair: What sort of work? Is this inquiry work? Is it taking action in response to problems?

Michael Roemer: It could be all of the above. In some cases, it is fact-finding. I mean no offence to any of my colleagues on the panel, but the board might hear feedback from management or a part of the company, and the committee might say, "Can you please just confirm that we have all the facts? Can you confirm that the understanding of management is correct?" It is very much in line with an assurance function, but they could also ask us to do very specific work on a specific audit.

Q600 Chair: They have teeth as well as ears.

Michael Roemer: They absolutely do. The board audit committee is very engaged and very much in a check and challenge mode with the company, as well as with my function.

Q601 Baroness Kramer: Mr Aldred, let’s shift the questioning over to you. During the whole range of crisis that we have been through and the discussion that has followed about banking standards-for many people, the failure of banking standards is a key explanation-a question has arisen over the culture within banks: the culture as it impact employees and the incentives for employees to respond to appropriate forms of conducts and standards. If you look back over the HR function, what role could that have played in establishing a rather different culture within Barclays?

Michael Aldred: There are probably three clear areas where I think one can make a difference in terms of culture. The first thing to say is that I don’t think it is just the responsibility of the HR function. It is very, very important that the tone at the top is set correctly in respect of culture. That is probably the most impactful way of all, where colleagues see the leaders of the organisation reflecting the appropriate culture in both what they say and how they act.

Q602 Baroness Kramer: So if that does not work right, in effect, HR is sort of sidelined. Is that what you are saying?

Michael Aldred: The tone at the top is absolutely critical to get right. In terms of the other pieces in respect of culture, it is absolutely important-here, HR has a specific role to play-that the day-to-day interactions and communications with employees are reflective of the right sort of culture. In terms of the employee cycle, that might start with the recruitment process-what you say to employees about the organisation and what the organisation’s culture is-and how you induct them, through to what we say in the staff handbook. It continues through to the process of how we measure an individual’s performance and how we pay them. In the full life cycle of interactions with employees, HR should be doing a critical role to ensure that the culture is reflected in how we interact.

Q603 Baroness Kramer: If you were to look back over the period of the crisis-I know that you have various reviews going down-what have you identified as the places where the HR role did not work in recruitment and performance evaluation?

Michael Aldred: That work is ongoing and, as you say, has not been concluded. We are doing a thorough review of looking at all the different aspects of how we interact with people and colleagues and saying, "Are we really doing enough to ensure that we are emphasising the right culture and behaviours?"

Q604 Baroness Kramer: Do I interpret from this that you have not changed your recruitment processes or, as you say, what you say to people when you recruit, and you have not changed the way in which you do performance evaluation? That is all pending, is it?

Michael Aldred: I think there is a change of emphasis at the moment and a greater awareness that we need to ensure that we emphasise the right behaviours and cultural aspects with employees, but in terms of the review, that is still yet to be concluded, and we will make the changes once that has happened.

Q605 Baroness Kramer: So nothing substantial or root and branch at this point in time.

Let’s try to get a better understanding of how it all pulls together. We are very concerned about how the non-financial standards impact on the culture of employees. Looking at the three lines of defence, Barclays, like many other organisations, has a very different approach to rewarding the players in those three lines of defence, with a big differential-am I not still correct?-between the front line and the individuals involved in control. Do you think that difference in pay, where the focus is very much on financial performance, contributes to the cultural failures?

Michael Aldred: In terms of the drivers of pay, we are very clear when we assess individuals’ performance and follow up with the pay decisions that it is very important to ensure you are measuring both what people do and how they achieve that. That is key to the process at the individual level, and it will continue to be a feature of how we approach those decisions.

Q606 Baroness Kramer: Perhaps I am just being dense, but I do not think I followed that. If I am looking at somebody on the front line, what would be the structure of their performance evaluation?

Michael Aldred: It is a process that occupies the full year. At the beginning of the year, objectives will be set for individuals, and throughout the year they will be evaluated by their line manager against those objectives and will receive feedback on a 360-degree basis. That means that people they work for, their peers, and people who work for them-

Q607 Baroness Kramer: What would be the characteristics of those objectives, and how would they be weighted?

Michael Aldred: They would take a couple of forms. Some of them would be financial. There would also be non-financial objectives. We would also, importantly, look at and be clear about individuals’ compliance with any risk and control frameworks that were relevant to them. That would be a feature of their performance assessment.

Q608 Baroness Kramer: Does that apply at all levels-senior and junior?

Michael Aldred: Yes, it is across the bank.

Q609 Baroness Kramer: Is anything a barrier to either promotion or bonus? I am trying to lead you a bit, because you are really not answering my question to give us any clarity.

Michael Aldred: Correct me if I am not understanding properly, but in terms of people’s compliance with risk and control, if people were not compliant, that would absolutely be reflected into their incentive decisions and how we measured their performance, and it absolutely would be a barrier to promotion within the organisation.

Rich Ricci: May I try and help to answer the question, and add on to what my colleague said? You mentioned a few things there. The first one relates to culture and the recruitment process, and what we have changed. We certainly would admit there were some cultural failings in certain parts of the organisation, but the vast majority of Barclays people, I think, do want to serve customers in the right way, and they come to work to do the right thing. I recognise we do have some issues, and we can talk about those.

The way we run our recruitment process is to try to spend quite a bit of time up-front with candidates to really understand why they are interested in joining Barclays and what kind of a person they are. It is a very structured interview process, and it takes quite a bit of time to go through. You have various people evaluate technical skills. If they are in my business-if they are a trader or a banker-do they have the technical skills to succeed? If they are management people, do they have the right management skills? What are their values and cultures? We talk to them about choices they have made in their lives. It is quite an in-depth process to try to get it right as people come into the institution. We are reinforcing and revisiting that to make sure that it is still fit for purpose, but there is quite a thorough review so the vast majority of people that come to the organisation have the right values and cultures.

Once they are in the organisation and they are working, when it comes to evaluation there are several things we look at. Certainly for people in revenue-generating areas, financial performance is one of those measures. Other measures may be around the control environment that they have in their area. Did they get several unsatisfactory or "needs improvement" audits? Do they have a lot of reconciliation breaks, meaning that it is not the proper control environment? Do they exercise their supervisory controls properly? Do they treat colleagues properly? That all goes into the mix.

I will tell you honestly that I think historically, at least on the investment banking side of the industry, we have been very effective in doing that as you move up the chain. At the top of the house, the industry and, I would say, Barclays at times, may have skewed too much towards financial performance and not enough towards the other areas. One piece of work that we are doing is trying to get that balanced scorecard right around appraisals and reward and to get all those interests aligned properly.

Q610 Baroness Kramer: I understand that this is where the high level is going, but if I were to look at the day-to-day, which is what Mr Aldred reflects back to us, at this point in time, I understand the consequences of that change have not yet fed through to the coal face-

Michael Aldred: No.

Q611 Baroness Kramer: I’m sorry. I thought you were fairly clear that it was all waiting on the review.

Michael Aldred: No. Apologies if I did not make that clear. As Rich was explaining, I think we have a robust process. We are, quite rightly, having a look at all these processes and checking whether we think they are fit for purpose to go forward and whether there are ways that we can improve them.

Q612 Baroness Kramer: In the work that you do in HR, how do you monitor and measure at the moment? I am not terribly clear.

Michael Aldred: On the performance process that we talked about, for example, and the pay process, the decisions that are made at the line manager level are reviewed at more senior level. They are looked at for these issues of fairness. Are we really making sure we are making decisions in a balanced way, taking into account both the financial and the non-financial? That review process is cascaded right up to board level, and it is the board remuneration committee’s responsibility to look at the whole process and its robustness. It is not a matter just of individuals at the coal face making unchallenged decisions. They are subject to very robust review.

Q613 Baroness Kramer: In your written evidence to us, you gave us some interesting information on the performance expectations that you have within the retail bank for your front-line staff. You assess people in reference to three areas: creating advocates, meeting customer needs, and customer relationships. That was very interesting. It was especially interesting since I happened to be looking at that area. Last night I got a phone call-I guess it is a conflict of interest; I have accounts at Barclays-from what I assume was an outsourced team doing a survey.

Michael Aldred: We have survey teams, yes.

Q614 Baroness Kramer: Since I knew in advance what you had written down, it was interesting listening to the survey questions, which match it. They do not deal much with the customer experience, but they match your written criteria, which was interesting. The real interest was very much whether or not I would recommend Barclays to anyone else; that was the measure. I will not tell you what my answer was, as you might not want to know. How important a role does that kind of work play in how you evaluate the performance of your individuals?

Michael Aldred: It is very important to us. Having the customer as a focus is one of the core purposes and values of what Barclays is about. We recognise that that is how we are going to be successful in business. In terms of measuring individuals’ performance and paying individuals in the retail network, we have recently given greater weighting to customer satisfaction in the incentive arrangements for our branch staff. We have remodelled our incentive schemes so that they are less sales-focused. In fact, we are moving the sales link and focusing around the customer experience and customer satisfaction. We think that that is the right way to go.

Q615 Baroness Kramer: I actually found it an uncomfortable survey to respond to, particularly since I had seen the parameters behind it, because it seemed to make the individual the victim of any failure within the product line. That struck me as quite problematic. I would have thought that many people like me, having felt that they were dealt with in a very polite way by an individual but that the product was flawed, would find it very difficult to communicate that information back. I just wondered whether this whole operation is based around this silo thinking which is characteristic of how Barclays performs. I say that as a long-standing customer. Every single thing is in a separate silo. Does anyone work around those issues?

Michael Aldred: It is an important question. I think that one of the important things in the construction of the pay for those individuals who will be responsible for working in the retail network is the balance of pay: how much is geared towards incentive arrangements and how much is fixed. In fact, the incentive component is a relatively small proportion of their overall compensation, but we think that it is important to ensure that there is a link to the customer experience. As in all these things, it is about ensuring that there is an appropriate balance in how the construct works.

Q616 Baroness Kramer: For example, I can see many people who bought a PPI product giving very positive responses on these surveys, since they would not have recognised, until they ran into it in a crisis, that the product was flawed or inappropriate. Is this the core part of testing whether a product is appropriate?

Michael Roemer: Can I interject for a moment? There is a process around products as they are rolled out. We can clearly point to the PPI issue as a component that is flawed. The reason why the surveys are conducted and the feedback is solicited-it is solicited from many customers-is to identify trends or issues either with service and/or product design. As you rightly point out, in the case of PPI, you potentially would not have said anything about the product. You may have been positive about your experience at the time if your credit closed and everything went well, but because of the feedback across many different product sets, we look at what the business does. I have internal auditors who sit on each of those panels to ensure that they hear feedback on whether there are issues with products or whether products have flaws.

On your earlier point, we have a new product approval process with governance and design in it, which allows us to check and challenge the design of the product and whether there are issues with it and so on. When new products are rolled out-I am again speaking from current experience-we look at them to ensure that the incentives built around them do not incentivise the wrong behaviour. Those are all more recent aspects, at least from my experience. I will let Mike comment more about it.

Q617 Baroness Kramer: I think we will pick that up more under risk and compliance. It is an interesting process that you have for the retail side of the bank, but I gather that there is no similar process for the wholesale side. Perhaps you could try to help us understand what you use as a valuation on the wholesale side. You have clear and specific weightings. For example, creating advocates is apparently 51% of variable pay at the aggregate level, whereas customer need is 42%. It is down to a precise formula. Is there an equivalent formula for the wholesale side?

Michael Aldred: In the investment bank, we do not codify the incentives structure in quite the same way. That is because the nature of the business and the activity being carried out is that much more varied, so codifying it in that quite clear way within the retail bank is fit for purpose and enables you to operate structured incentive programmes over a huge population of colleagues. It would be inappropriate to codify it in quite the same way over a much more complex and differentiated set of activities within the investment bank, but we do have a robust process within the investment bank to ensure that, for each business area and for individuals within those areas, we adopt the same sort of principles, where we are looking at both financial performance and the behaviour and how that financial performance has been achieved. So it is similar in terms of overall process, but the details are different, because it is a different sort of business and it would be the wrong thing just to apply the same model to both retail and investment banking.

Q618 Baroness Kramer: So if you are working on the wholesale side-we are obviously discussing the retail side-what is the relationship between front-line and control function in terms of pay and incentives? How great is the disparity between the two? Some banks seem very frank about taking a very different approach to pay and reward within those functions and see them as essentially different.

Michael Aldred: It is the same at Barclays in that there is a different approach for the front line versus the control function. Would you like me to describe the differences?

Q619 Baroness Kramer: I would like to understand the differences.

Michael Aldred: In terms of the control function, for example, those individuals do not have financial objectives in order to achieve, so for the individuals it is very much about ensuring that they do a good job working within their control function. Their individual performance assessment process is very much geared around how they can do a good job as a control function and their behaviour within that. For the investment bank, however, people would have clear financial objectives as well as the requirement to comply with the control framework subject.

Q620 Baroness Kramer: If I was on the front line-I am still trying to get a bit of a grip-would I be judged on both financial and non-financial criteria?

Michael Aldred: Yes.

Q621 Baroness Kramer: Who judges the non-financial criteria? Who makes that input?

Michael Aldred: The process would involve feedback, as I have said, from peers, from superiors and from those working for the employee, as well as from the control function individuals where that was relevant. For example, if there was concern about compliance with any aspect of the risk framework, that would be fed into the process that was used to evaluate the individuals performance.

Q622 Baroness Kramer: Would peer evaluation be a standard process? Everybody would know that Joe at that desk and the person above them or whoever would have input. Are you saying that the risk function would only comment and contribute on an exception basis if some concern was raised?

Michael Aldred: There would be a 360° rather than just a peer process. The risk function and other control functions as well would be commenting on individuals where there were concerns. Where particular themes had been identified, they would ensure that they actively looked at those themes for the relevant individuals.

Q623 Baroness Kramer: So if I was the individual being assessed, I would have a clear idea, as I went through my daily life, that I was going to get rewarded based on performance, but would I have any grasp of how I was going to be rewarded or not rewarded based on non-financial stuff? Would I be there sitting and saying, "360° around me means that I know all those people are going to have input, but I have no idea whether control or compliance will have anything to say about it"?

Michael Aldred: We are really clear with employees, and we tell them that the control functions will be inputting into the process. We describe that process for individuals, so they will be aware that it is not just about what they do, but how they do it.

Q624 Baroness Kramer: Do they have a sense of what the blend is going to be of financial performance versus non-financial issues?

Michael Aldred: In some senses, particularly around control issues, there is a binary impact, so that people will understand that if there are material breaches of control issues, they can expect no variable incentive at all.

Q625 Baroness Kramer: What I am trying to get to a little bit is the power weighting within the organisation and to what extent compliance and risk are things that will be part of your front-line vision, because it will have a significant impact on what you do, and to what extent you have respect for people with the control function. It is quite difficult when there is a big pay differential, isn’t it, for there to be respect going from the front line to control and compliance?

Michael Aldred: It is important to us that all those in the control function are appropriately paid. My experience is a high degree of respect for our colleagues in the control functions.

Robert Le Blanc: This is the third year now we have been operating a very formal process in Barclays. We did it previously more informally, and we felt that it was better to make it a clear and formal process. We looked and have been evolving our practice of looking at, for example, the investment bank for the top group of people who take risks-typically traders and the portfolio or asset managers-to ensure that they understand that we assess their performance not just on the profitability of it, but on their risk management of it, their risk and reward balance and how they have applied qualitative judgments to what they do, and not just hit a financial target. They know that. It is a formal part of our assessment.

We bring it to our executive for discussion. Rich and I would discuss it at the end of the year, and we bring it formally to our board remuneration committee, where I present and have responsibility to go through with the remuneration committee a clear review of the financial results of the firm. I would then add to that and say, "If you look at it from a risk perspective and a control management perspective, what else would we bring to that discussion beyond the simple financial performance?", to help the board and the management understand how we value and assess the qualitative delivery of performance during the year and what factors we suggest should be considered for the pay, remuneration, promotion and career progression of individuals. I believe that that is well understood. We have been doing it formally for three years now. I believe that it has an impact and an influence. I think it helps to build the respect for the control culture in the firm.

Q626 Baroness Kramer: If something were to go wrong and you identify it, whose career gets knocked, the front-line person, or the control and compliance folk, who are deemed to have been part of the process?

Robert Le Blanc: If something goes wrong on the risk side, we would always look at everyone who might be involved. We seldom would say that it was just one person. We find that when things go wrong, it is usually the result of a number of things that have contributed to it. We would also take responsibility, as part of the first and second lines of defence.

Looking at an example-Rich is sitting here next to me-if we had a risk problem and a large loss or a problem in the investment bank, we would look to the manager of that business as responsible for all aspects of that business, including that particular risk problem. We would also look at the risk function and our role and responsibility to see that judgments are taken correctly, that risk and reward are considered well in balance, and that the tools and the capability are present. We would ask, "What went wrong? Was it a bad judgment or process, or bad information? Was something not considered? Were we not looking forward? What went wrong?" We would take responsibility for that together, because we believe that that produces a better control culture and a better ability to see problems coming and deal with those problems. We do not want to have a situation where only the business manager feels responsible and the risk people feel they could duck out of it, nor would we want the opposite, where only the risk people would get blamed and so front office teams would feel that they could do what they liked as long as they were not stopped by someone else. We want both of them to feel they are working together for that and that they will inevitably share the responsibility. I think that is the correct model. It is probably widely accepted in the industry also.

Q627 Baroness Kramer: It suggests a real blurring of the lines to be honest.

Robert Le Blanc: I don’t think it is a blurring of the lines as we operate it. I think it strengthens the control capabilities of the firm. We have a principal risk framework and principal risk policy that sets out very clearly across our important risks who is responsible for which part, what the front office does, what the risk function does and what the other control areas do. We want that to be understood so we have a lot of policies and a lot of controls that we roll out and we are trying constantly to educate people and apply those. We want people to have clear responsibility. It goes back a little bit almost-I was thinking when you were commenting on the survey of your experiences as a retail customer of Barclays and how sometimes it feels siloed to you; I can appreciate how that might feel. Rich and I are on the executive committee and our broad management responsibilities are to look across the whole enterprise and see that all factors are considered importantly: qualitative, quantitative customer experience, reputation risk, many different factors.

Part of how we run a large bank like Barclays with 140,000 people-it may sound incredibly complex and impossible to manage-although it is very large, a lot of what we do is to make it very clear and straightforward what people’s responsibilities are. They know they operate within a clear set of responsibilities and are not meant to go outside that. The down side of that strong control approach is that it can create a silo feeling: someone in the investment bank might help a client on a fixed income or a Government bond question, but he won’t help them on an equities question. If they want to talk about currency then they have to turn to another colleague for that. The customer might feel that that is very siloed and they would just like one person to do everything for them, but we know it is not really in the long-term interest of the customer or of us to allow anybody to do anything. It is an important balance that we have, but no, we don’t have a blurring of responsibilities between the risk takers in the business and the risk managers in the control functions. They are very clear about what their responsibilities are.

Q628 Chair: What audit, if any, do you undertake on staff culture?

Michael Roemer: On staff culture, no specific audit on culture itself. It is actually a topic that is getting a lot of discussion in the internal audit industry. We will look at aspects of culture through a series of audits, many of them related to conduct and behaviour and so on. We are currently going through a process to look at how we can get a better sense of culture broadly across the entire firm.. I am not aware today of anyone who is doing it well. I have interaction with my colleagues at other large financial firms here in the City as well as across the ocean. The industry in general is moving that way. Our audits on behaviour, sales practices, suitability, broad conduct risk, the expansion into the conduct risk space, do in fact give you some clear cultural indicators which I think, on a go-forward basis, will be pulling out of those audits and providing them in a clear and transparent basis.

Q629 Chair: You are quite keen on conducting surveys. I see from your written evidence that you undertake a survey twice a year to gauge feedback from the top 200 executives across Barclays on the internal audit. How can you remain independent of these guys when these guys are the ones who are assessing your performance?

Michael Roemer: That is feedback a bit more on the actual audit process itself.

Chair: But it is an important question.

Michael Roemer: Sure.

Q630 Chair: You have to be fiercely independent.

Michael Roemer: Sure, and I am very independent at Barclays. I would let my colleagues comment if they thought otherwise. I report directly to the board audit committee. They are the ones who set my compensation so I am independent-

Q631 Chair: And the chief executive.

Michael Roemer: I have administrative line to the chief executive so he would have some level of input to it. Ultimately, it is the board audit committee’s decision. My performance is assessed by them. We agree on a set of objectives. I have an example here.

Q632 Chair: But that is your personal thing. What about the entire audit department, which is being assessed by 200?

Michael Roemer: It is not their performance being assessed. Our performance is assessed by regulatory partners.

Q633 Chair: Can you talk a bit more about the survey?

Michael Roemer: We are trying to find out how the process worked. Did the auditors know? Did they seem to know what they were talking about? Were you engaged in the audit process? Did you understand what our objectives were, when we started the audit? How long were we there? They are more around how we actually do audits, the performance and the process.

Q634 Chair: Why is that important to them? Surely it is important to you.

Michael Roemer: It is important to me. That is why I am asking for their feedback.

Q635 Chair: What do they know about it?

Michael Roemer: For all intents and purposes, they are the ones who are interacting with the audit team. So we deposit five auditors.

Q636 Chair: To be slightly harsh, and to use a bit of rhetoric to try to make the point, you would not go and ask a criminal if the police were doing a good job, would you?

Michael Roemer: No, you wouldn’t but I would not characterise my colleagues in the firm as criminals.

Q637 Chair: Well, you have read the press, but, seriously, how will your top 200 executives be able to come along with a rational, independent view? Surely, you must be ahead of them, not behind them.

Michael Roemer: I am. I feel very comfortable with that.

Q638 Chair: How do you know you are ahead of them?

Michael Roemer: Based upon my own general view on our audit approach and how we have risk-assessed the business.

Q639 Chair: What other input do you have apart from this 200 executives’ survey?

Michael Roemer: As I mentioned before, the survey has no bearing at all on the performance of the function or how it is paid.

Q640 Chair: But you are asking for their feedback. What other feedback do you get?

Michael Roemer: I get feedback from the board audit committee. I get feedback from the FSA, from the SARB in South Africa and from the Federal Reserve Bank in the United States. We also periodically do a quality assurance review-an outside third party is asked to assess our performance against standards. We do a self-assessment against the Institute of Internal Auditors standards and guidelines, as well as the Basel III guidelines.

Q641 Chair: You chose to raise this in your written evidence. I am not too sure why you chose to raise this particular point about the assessment among your 200 top executives.

Michael Roemer: We were just trying to be fulsome with our response to the questions you asked.

Q642 Chair: I am struggling to understand what benefit it is.

Michael Roemer: From my perspective, it is a benefit to me to see how we are, in fact, doing audits. Do we, in fact, seem to know what we are talking about? Do they appear to be planned? That is one data point; it is not the only data point. We do have a quality assurance function.

Q643 Chair: You did raise one question, which is, "Do your internal auditors understand what big guys are doing?"

Michael Roemer: Yes.

Q644 Chair: Andrew Hilton, the chief executive of the CSFI, in oral evidence to us was talking about internal auditors and said, "They looked at risk in a quantitative way and they certainly bowled over people like myself"-he was talking about the control functions-"who did not have a strongly quantitative background. We could not stand up and argue the toss: we could not talk about fat tails or about whether this kind or that kind of distribution is right. They"-the front-line staff-"effectively steamrolled the qualitative people in the organisations. The general feeling was that there was a widening gap between the top levels of management in financial firms and the people at the bottom, who were actually doing these things."

We all know about the very complex financial instruments, which frankly nobody understood. How is the internal audit going to be ahead of that game? Surely, at the end of the day, an organisation like Barclays or, indeed, any other organisation-those really clever, bright PhD 29-year-olds wearing jeans and t-shirts who sit around in these organisations and who have very, very ferocious intellects will not be going into internal audit. They will be going to the front-line. How do you keep up?

Michael Roemer: That is a challenge. An upgrade of staff across the entire internal audit industry is actually ongoing. It is a focal point for me as it relates to making sure that I am able to hire and bring in folks who can fight and have a conversation with a trader or someone with very technical, complex skills.

Q645 Chair: Well, you have seen the evidence from the UBS experience recently. That did not seem to be very challenging.

Michael Roemer: No, it didn’t.

Q646 Chair: What have you learnt from their experience?

Michael Roemer: Again, we have learned to look at access across all platforms. The trader at UBS, from what I have read in the press, was at the back office, moved to the front office, had access to multiple systems and understood how the process worked from front to back. Our audit approach is, in fact, a front to back to understand who has access to what systems, how did they do that, did they have combinations of access that are incompatible. That is the big thing we have walked away from in terms of UBS.

Q647 Chair: It is quite an important point, but there are people who will be moving from back office to front office and may be vice versa. Do you keep an audit trail of people’s movements within firms and the likely contacts they will have?

Michael Roemer: That is a big learning from the UBS but, in fact, we do. We look across the company to see who is moving where and why. We go back to their access: what did they know how to do before, what were they doing before-all part of an audit approach, which is again the third line of defence. In fact, the company is now moving in that same direction. We are keeping in lockstep with the company to make sure that we understand where people are going. You are quite right in saying that it is an important data point and an important indicator of risk, as well as control. It is a shared responsibility across the entire panel.

Q648 Chair: Which is great, and I am very pleased to hear you say that. Why do you think the City missed the experience from Nick Leeson, when he did exactly the same thing, moving from a back-office function to a front-office function? He used his knowledge of back office in order to be able to gain the system. Obviously completely unsuccessfully, because he lost $800 million. It seems to be a recurring theme. Why was that lesson not learned?

Michael Roemer: It was learned-

Chair: Apparently it wasn’t.

Michael Roemer: If you look at some of the facts associated with Nick and what he was doing etc., you are right that there were some very specific things that have repeated themselves in multiple situations around the globe, from before Nick to after Nick. The size of the bets has gotten bigger as it relates to certain aspects of the exposure, so it has become much more egregious, including and up to the UBS situation. The industry does try to keep in pace with these things, but there is a whole subset in the industry of people who we do not want to work at Barclays-no one wants them to work for them. Their job is to try to figure out ways to beat the company, and try to figure out ways to hide what they are doing, so you have continually to upgrade your staff, continually focus on learning from them and do the best you can in pushing the control process further and further.

Q649 Chair: I do not really feel very happy with that answer. I do not necessarily feel that you are giving me any reassurance. I raised the point about Nick Leeson, which was a blindingly obvious thing. The same sort of mistakes seems to be coming up again. It is not just UBS. There are been others. There is SocGen, endless own goals. A common thread seems to be that people understand the back-office function. If you talk to most of the front-office traders, they do not have much of an understanding. They obviously know the telephone number of their clearing clerks, but they do not necessarily understand the full complexity of it, although some of them do. That is not the case when you do have somebody who has a lot of knowledge about the markets, the back-office functions, the reporting functions and the risk functions-don’t forget that Nick Leeson’s wife was also a settlements agent. I know that because she used to clear my trades when I was at the Swiss Bank Corporation. You had a very, very complete set of knowledge within one individual and his wife in that particular case, who would be able to do a very good job of defrauding the business, and screwing the business up. I do not get the sense that the City has learnt from this, going back to the early 1990s when Nick Leeson did it. Clearly, people are saying that we must not let the latest one happen again, but I bet it will.

Michael Roemer: Again, you should take confidence, based upon what I said as it relates to what we have learned from UBS and what the company is doing broadly to address those risks, and to make sure that we are learning from that process. I think that you should take comfort from that. I apologise if my answer on Nick did not make you feel comfortable-

Q650 Chair: It should make your shareholders feel comfortable, and your customers feel comfortable.

Michael Roemer: Which is what we are trying to do.

Q651 Chair: Okay.

Mr Walters, your turn. You have talked a bit about new products. When do you get involved in the compliance department in new products?

Mike Walters: We have new product approval processes. When a new product reaches the design stage and somebody has an idea, it gets brought together with a team of colleagues with different disciplines, backgrounds and so on, including the compliance function. We will be present, as part of the new product approval process. We will have the ability to put our hand up and say that we do not like an aspect of a product or, indeed, in an extreme case, that we do not like a product at all and either send it back to the drawing board or, effectively, kill it.

Q652 Chair: Does that not make you the first line of defence?

Mike Walters: I don’t think so; it doesn’t really. We are the second line of defence, and we are very clear that we are. The tension, of course, is: what is the best way to operate? One could pull back from having anything to do with the first line of defence and simply seek to quasi-audit them after the event. There may be some advantages to that but, on balance, my view certainly is that we are much better off and more likely to be successful as a compliance function and to protect Barclays if we have the ability to put our hand up and to ask our questions when that debate is happening. It is a somewhat sterile exercise and, therefore, has some inherent risks if you seek to do that on a cold review basis after the event.

Q653 Chair: Presumably, that is a reasonable argument but, if you can get involved earlier on and they are just coming for something that is horrifically illegal, it is just as well that you point that out right at the beginning before they waste too much time.

Mike Walters: I have never seen something horrifically illegal-more likely something that does not accord with our risk appetite, or which perhaps makes a poor case for meeting a customer need.

Q654 Chair: Can you talk us through the process of how a new product is constructed, at what point you get involved and at what point it then gets rolled out to market?

Mike Walters: Our key involvement is at the new product approval stage. However, at an earlier stage it is possible that we would get asked for subject matter expert guidance on a rule.

Q655 Chair: The key question-they are coming to you for expert advice. The product design departments do not have their own experts on compliances.

Mike Walters: No, that’s not right. The reason why I said it was possible is that every banker I’ve met at Barclays has a pretty good understanding of the rules. When it comes to product design, people tend to have a very good understanding of the rules because otherwise it is impossible, in practical terms, to design something that is ever going to fly. That said, it is possible from time to time that specific expertise on a specific area of the regulations is sought. I think that it is absolutely appropriate that we should do that, whilst not compromising our independence and not becoming part of the design process. We need to guard against that.

Q656 Chair: When you have new product approval, you are then brought in in a formal way, and at that point you give the sign-off?

Mike Walters: Yes.

Q657 Chair: So you then take responsibility for the compliance side of that.

Mike Walters: For the compliance aspect, yes.

Q658 Chair: What do you do to monitor that, after the new product has been in place?

Mike Walters: Two things. We have an assurance responsibility in the compliance function, which is different from Mr Roemer’s audit function. We are essentially testing to see that the controls that the first line say are in operation, for example, to manage the risk that a product would be badly sold are, in fact, taking place and with the appropriate degree of rigour. That is one thing that compliance does-sort of monitoring, surveillance and review work.

The other thing we do, which is something we have brought in more recently, is to have, along with Robert’s risk function, an annual product review process. The purpose of this is to recognise that it is all very well being part of an approval process for a product but, as we have seen with a number of products, the environment can change and the customer segment you intended to target, perhaps as part of your new product approval process, can also change over time. We need to be careful that-

Q659 Chair: A customer-creep sort of thing.

Mike Walters: Yes, so we need to be careful that the products are still appropriate for the customers.

Q660 Chair: Are you involved at all in dealing with the interest rate swap debacle or scandal-whatever word you like to use?

Mike Walters: Certainly. The compliance function-

Chair: I am sorry-is Barclays, your organisation, involved in this?

Mike Walters: Yes, we are party to the agreement to carry out a review with the FSA. We are in the pilot stage at the moment.

Q661 Chair: Okay. I must be slightly careful about the questions I ask, because I obviously don’t want to compromise you. One thing that struck me about that was that a perfectly acceptable and very legitimate product for a big organisation that has a Treasury function within it, such as an airline, and is managing quite complex challenges with commodity prices, interest rate movement, currency prices and so on-they would understand interest rate swap. I do not see that a small business or even a micro-business would necessarily understand the same complexities, and it strikes me that that is a blindingly obvious example of customer-creep: where you have taken something that is appropriate for someone who really understands derivatives and the risk involved to someone who does not. I do not want to talk specifically about that, but how would your organisation now stop that kind of customer-creep?

Mike Walters: I will comment, and Rich may want to add something from the business perspective. Certainly the new process is very important to the way we avert that danger. If I look at compliance activities over, say, the last decade, there have been two shifts and two appropriate shifts. One is that compliance gives advice to the business to try to get it right first time, and the other thing we do is give assurance to the board that we have in fact executed the processes correctly. The balance between those two things has, frankly, shifted towards giving assurance that things are okay, so we have increased the amount of resource that we give to that assurance activity which, in answer to your question, would be one way we would seek to pick this up in addition to the annual product cycle review.

The other shift in compliance over this past decade, I would say, is that both compliance functions and regulators in the past have been quite focused on the point of sale as being the key area to focus on to avert problems and to make sure we do not cause our customers detriment. Over time, it has been necessary for us to think somewhat more broadly about whether x is a business we want to be part of, or y is a product we want to provide to our customer base, and I think compliance has a role in those sorts of discussions as well.

Rich Ricci: I think the challenge is right; the question is correct. The one thing I would say is that these products can be suitable for smaller businesses that are worried about interest rate swings, and that want stability in their business. We are not only reinforcing our suitability test now going forward. What we have seen is that when you do make mistakes-not all of these are mistakes, but when you do make mistakes-it is incredibly expensive. Like when you take a step back and say, "Should we just offer a very vanilla, very simple series of products, so that a small customer can come in and say, ‘Yes, I’ll have that product; I understand it’, and if they want something more bespoke, we just don’t it?" Those spectrums are on the table, and that is something we need to consider, given how expensive some of these mistakes are.

Q662 Chair: How many people work in the compliance department, or how many people do you oversee?

Mike Walters: There are about 1,300 people in compliance at Barclays.

Q663 Chair: And over 140,000 members of staff.

Mike Walters: That’s right.

Q664 Chair: You obviously will have listened attentively to the evidence from HSBC last night, and indeed the other two banks before us, so you know where I am going with this questioning. How do you structure your compliance oversight throughout the organisation?

Mike Walters: We structure the compliance function with three broad activities. One is a forward-looking, regulatory, scanning-the-horizon type of activity. The second broad activity is the advisory aspects, where it is important to have people with real expertise in the business and in products because, on your earlier point, it is important to keep up with the front office on issues. So we have people carrying out advisory activities. The third is the assurance part of what we do. That is quite different, depending on whether you are looking at wholesale markets, where technology can help a lot with surveillance activities, versus retail markets, where reviewing actual sales is more important. We align ourselves additionally to the businesses, and by that I mean I have a head of compliance for each of our key businesses and they have a structure below them.

Q665 Chair: So it is done on a business line basis.

Mike Walters: It is done on a business line basis, although there are some areas-for example, Africa and Europe-where it is important, for obvious reasons, also to have a geographical perspective. North America is another one.

Q666 Chair: It doesn’t sound like a very clear matrix to me. Perhaps I am just not understanding it. So you have the business lines going one way and then within that you have, going across, the-

Mike Walters: Yes. What is important to me is that we are an independent function, but I think we are most effective when we are organised in a way that mirrors the business, so that we can identify easily where we are devoting our resources on a business-by-business basis.

Q667 Chair: You have been at Barclays since 2006.

Mike Walters: Yes, I have.

Q668 Chair: So you have been quite busy since 2008. You are probably relishing the fact that the pressure is off now that the investigation has finished and come to a conclusion. In the course of the investigation and the Treasury Committee meetings, one question that was not sufficiently answered, which you are absolutely in the right place to answer, concerned the compliance oversight of LIBOR. The questions that I was asking-this is prior to the crisis, so this is when the swaps traders in New York were getting a bit hot-blooded and getting carried away and over-exuberant about their ability to make money for themselves. What I completely failed to get any satisfactory answer to was this. Who was overseeing the LIBOR rate-setters in London and why were they not answering back to these swaps traders in New York? Why were they not saying, "Guys, you can’t do this; stop trying to influence the rate setting"?

Mike Walters: It feels like there are a couple of questions there. While I will not go over the ground that is publicised in the FSA and the CFTC’s published settlements, I will make a few general comments, and again Rich may want to contribute as well. The first thing I would say is this. Who is supervising these people? We have supervisors; we have desk supervisors in the first line whose job it is to ensure that we operate in a controlled way and that everybody knows the rules of the road and not just complies with our rulebooks and policies, but operates in accordance with our culture and values. So absolutely the first line is there to do that. I think-

Q669 Chair: So they are supervisors-the rate-setter supervising desk?

Mike Walters: Yes. When I think about the compliance function-you are of course aware that there is a move now to move LIBOR setting into the remit of the UK FSA. I think that is a very important point because-

Q670 Chair: Not one that everyone agrees with that.

Mike Walters: Indeed, but it is important for me because compliance functions generally are set up in a way that is responsive to the key regulators-to the UK FSA, the New York Fed, the SARB or whatever. You may recall Adair Turner’s comment in the summer, when he said that LIBOR setting was simply outside the legal purview of the FSA. That is important because it was also outside the scope of the-

Q671 Chair: It is still market abuse, though, isn’t it? Actually, people were saying that. You were in breach of principles 2, 3 and 5: a firm must conduct its business with due skill, care and diligence; a firm must take reasonable care to organise and control its affairs responsibly and effectively with adequate risk management systems; and a firm must observe proper standards of market conduct. Abusing LIBOR is obviously a gross breach of principle 5.

Mike Walters: It is.

Q672 Chair: Irrespective of whether the FSA has legal sanctions over derivatives and non-asset markets, which is the point Lord Turner was making.

Mike Walters: Indeed. The issues of LIBOR are very regrettable, and we have agreed the settlements and the content of those settlements. When I look at compliance and-

Q673 Chair: But I am still trying to get at this point. Sure, it is regrettable-we have gone over this ground, but the question is specifically this. How did those LIBOR setters not-what was going wrong? How was the compliance function-some of this could be down to the culture of the LIBOR setters-not working? Why did those rate setters not turn round and say, "You can’t do this; we have to be independent"? I get that the swaps traders were stupid, idiotic, hot-blooded alpha males who were trying to make a lot of money. That is something Mr Ricci has to control in terms of the culture of the thing, but it is something you have to get right. It is absolutely inexcusable that these boffins-at least, I hope that they are intelligent people who are much more thoughtful than traders-were sitting there coming up with this. How did you, as head of compliance, allow them to be influenced?

Mike Walters: I do not accept that compliance allowed them to be influenced. We train out our policies and our rules of the road. People are trained to deal with conflicts of interest and to do the right thing. Clearly, in this case, there was a breakdown of not just our compliance with procedures but, more fundamentally, a culture. The culture of doing the right thing clearly broke down in that case.

Q674 Chair: You were in charge of compliance in 2006.

Mike Walters: Well, I was in charge of compliance, but not of culture. That is the responsibility of all of us at Barclays.

Q675 Chair: Yes, but complying is part of the culture.

Mike Walters: Complying is part of the culture, but complying is the responsibility of everybody at Barclays, starting with the front line.

Q676 Chair: Of course it is. But the culture is about looking after your customers, complying with the rules, being nice to people, going beyond the rules and all that kind of stuff. In so far as that culture is to do with compliance, you are in charge of it.

Mike Walters: I am in charge of the compliance function, but the first line of defence has responsibility to run its business in a controlled way. It is compliance’s responsibility to help that happen. Clearly, here it did not, and that is regrettable, but it is not the compliance function’s responsibility to make Barclays compliant.

Q677 Chair: Sorry, say that again: it is not the responsibility of the compliance officer of Barclays to make Barclays compliant.

Mike Walters: Let me use a better word.

Chair: I think you had better. That was not a very good sentence.

Mike Walters: To ensure that-you cannot ensure that the whole of the firm is compliant, not singlehandedly. We have a control framework that involves three lines of defence and all of the people you see here.

Q678 Chair: Whose responsibility is it to make Barclays compliant?

Mike Walters: Compliance clearly is responsible and accountable for the responsibilities of compliance, and those are very clear. We carry out policy setting in the key areas that we are responsible for. We monitor whether those policies are being complied with, and we give advice on matters of the rules.

Q679 Chair: Who was responsible for the compliance at Barclays-to make Barclays compliant?

Mike Walters: I believe that everybody at Barclays has the responsibility to do that.

Q680 Chair: So the compliance officer is not responsible for making Barclays compliant; it is everybody else. Or it is everybody including you.

Mike Walters: Absolutely, it is not singlehandedly the responsibility of compliance.

Rich Ricci: It is-

Q681 Chair: I am sorry, Mr Ricci, I will let you come in in a second. Are you genuinely saying to me that there is no person who takes responsibility for this at Barclays?

Mike Walters: No, that’s not what I am saying.

Q682 Chair: Well, that’s what it sounded like. So where does the buck stop?

Mike Walters: That depends on the situation. You cannot run an organisation of 140,000 people with a compliance function of 1,300 people and expect that every single thing that goes wrong-

Q683 Chair: That sounds like a great argument for the full separation of banks-break them up. If it is not possible to run the compliance of a big organisation with one person taking responsibility for it, should we be breaking up the banks to make them into smaller sizes so that it is possible to run compliance?

Mike Walters: No, I would go back to the fact that we operate a control framework and a risk framework. We do not simply operate a business and a compliance function that is there hopefully to pick up every time it goes wrong. That simply would not work. We operate a matrix of controls and risks, as Robert described earlier, and we believe that that is the best way to ensure that we get the best result.

Rich Ricci: I think the answer to your question, which is on the LIBOR incident and the swaps traders and the setters, is that clearly, the first line of defence failed. It is the responsibility of the first line of defence. We do have responsibility as supervisors in that first line to ensure that all of our practices and people are compliant in their behaviour. It is the second line of defence to ensure that we are doing that. In this case, we certainly had a failure in the first line of defence. Part of the issue from an industry perspective was that LIBOR in those days did not move much. The movements that people were asked to submit were very small. It was a very stable rate. It was not given a lot of attention by the industry or by us, and they were trying purposefully to deceive people by hiding it. It is still a failure of the first line of defence, also not picked up by the second line of defence, nor was it picked up by the third line of defence. In the instance of LIBOR specifically, we had issues and we were holding the people in those supervisory positions accountable.

We have done our exposition on the second line of defence. We have made a lot of changes in the second line of defence, both in personnel and process, to make sure that it does not happen again. As Mr Roemer was explaining, we are shoring up our third line of defence to make sure it does not happen again. The accountability rests in all three places, but certainly starts with the first line of defence.

Q684 Chair: Let me ask a question. Anybody can answer this. What assessment have you made of the market closing prices that can be manipulated, or the market prints that can be manipulated by your traders?

Rich Ricci: We are doing a firm-wide review of everybody.

Q685 Chair: How many do you think there are? How many opportunities on a daily basis do you think there are for any one of your staff to try to manipulate or give a false impression of a printable price?

Rich Ricci: I will answer your question. I would phrase it more positively: how many places do we make prices that could be manipulated rather than what people have the opportunity to do. I would say that most people represent the prices they should have represented or all of the people do. Mike, you might correct me, but it is in the 80s

Mike Roemer: It is in the 80s.

Michael Roemer: The prices are, in fact, in the high 70s, low 80s. We have done a review across the whole company.

Q686 Chair: So you do not look at any of your market-makers or your principal traders doing very strange trades at the close of business in New York, for example, where I believe this practice does go on, in terms of trying to get a certain print of a closing price in a New York stock or a NASDAQ stock.

Rich Ricci: I am sorry; I misunderstood your question. We are also looking at areas across the firm where technically you could have an opportunity to change the closing price before open price by doing that, yes.

Q687 Chair: I was trying to make it as open a question as possible, slightly to trip you up. Sure, the LIBOR thing was manipulated and the reality is that we know it was probably half a basis point or perhaps one basis point. We shall leave aside the crisis, LIBOR and stuff altogether. That is a completely different thing.

It can happen on every single New York listed stock, every NASDAQ stock and presumably it can happen to a certain extent in London, one way or the other, let alone the energy prices, the commodity prices and all the rest of it. There are endless opportunities for this, all of which can have a material impact on the value of a trader’s book. Therefore, by doing this, at the end of the day a trader can have a better P and L than he or she would otherwise have had as a result of price manipulation. The opportunities are absolutely limitless.

What assessment have you done in terms of how you are trying to make sure that that does not go on? Mr Walters, how are you trying to make sure all your traders are compliant and not trying to fiddle closing prices so that, on the close of a quarter’s business, their book looks a bit better, so their bonus is greater?

Mike Walters: As Rich said, we are undertaking a root and branch review of that at the moment. That work is under way, but it absolutely goes to the question you asked. We are going through indices by indices and issue by issue.

Rich Ricci: From a first line of defence, we have heightened supervision of those areas as well, while the review is going on.

Q688 Chair: Only while the review is going on?

Rich Ricci: No. There is the review across the organisation.

Michael Roemer: May I add one thing? There is a desk-level supervision enhancement programme that had started earlier in 2012 across the investment bank. The programme is being run by the investment bank on desk-level supervision, understanding what their roles and responsibilities are, training etc., so, in fact, there has been a programme much to the root of your question as it relates to how every single desk across the globe gets supervised, what the responsibilities are and training. We have added at every single desk that we audit around the globe a correlation back to that programme to make sure that the training was, in fact, delivered to everyone and that the process is, in fact, working. I think that that goes to your question, but I am not sure, Mr Garnier.

Q689 Chair: It helps. Mr Walters, you have said that compliance are assessing, making sure that controls and processes are being followed. Who asks, on behalf of the board, whether these are the right controls and processes that are in place?

Mike Walters: I make a report to the board audit committee, which is made up of a collection of non-executive directors, including the senior independent director at Barclays. In that report I give an explanation as to how the control environment is operating on a business by business basis, and on a compliance risk by compliance risk basis, and I get challenged on that report.

Q690 Chair: Expand on that. When you get challenged, do they come back and say there are too many breaches, or too few well done or something? What do they say?

Mike Walters: Well, often it depends on the nature of the incidents being reported. People often want to know how this has happened, what the root cause is, what we are doing to remediate it, if of course we have discussed it with our regulator and what its response was.

Q691 Chair: So to a certain extent looking at reputational risk.

Mike Walters: Yes.

Q692 Chair: So who is reviewing whether the right controls and processes are in place? Whether they are the right controls.

Mike Walters: We have a principal risk framework, of which compliance risk is part-Robert referred to it earlier-and the compliance function looks together at the compliance risks that we have. We ask the question, what controls are operated in the business? So we assess those with the business to see whether those are the right controls, and we demand different controls, more controls or, sometimes, fewer controls.

Q693 Chair: So it would be from you.

Mike Walters: It would be from me principally, yes.

Q694 Chair: Who is checking your homework?

Mike Walters: My reporting line is to the general counsel of the bank-that is a sort of administrative line-and I make reports to our executive committee of the board, and to the board audit committee. I have reported to the audit committee every quarter since I have been at Barclays.

Q695 Chair: Again, you are reporting on the outcomes and not necessarily the framework itself.

Mike Walters: In addition, the compliance function has had many audits from Mr Roemer’s department over the course of the last few years.

Q696 Chair: Mr Roemer, do you say that this is the wrong structure or that these are the wrong controls?

Michael Roemer: Yes, we do from time to time when we do audit reports, whether it be of the function itself-the second line-or of the first line, so in fact we would highlight those.

Q697 Chair: Okay. So the organisation that is challenging the control structure is you.

Michael Roemer: Yes, sir.

Q698 Chair: And who does it on behalf of the board?

Michael Roemer: I am sorry?

Chair: Who challenges you guys on behalf of the board?

Michael Roemer: The board audit committee challenges me, quite frankly-

Chair: But you challenge-

Michael Roemer: But I challenge. So they are relying on the third line, the independent function, to provide assurance periodically over the control framework, the architecture of the risks-

Mike Walters: May I add that the area of compliance is one in which there is a lot of external input, either from regulators or from external independent consultants, which are habitually used by regulators and by us to challenge us? We have a lot of that.

Q699 Chair: I am still really struggling to find out where the buck stops.

That is a stony silence. So with none of you, obviously. The board, the regulator, where does the buck stop? Who is taking responsibility for compliance? Who ultimately has their head on the block?

Robert Le Blanc: The executive committee of the bank takes responsibility for all aspects of-

Q700 Chair: So there is no individual.

Robert Le Blanc: The individual-let us use risk as an example-

Chair: The fact is that we have been at this for 20 minutes now and no name has come up. Is it the chairman, is it the chief executive, is it the head of compliance?

Robert Le Blanc: Let me use an example that I can relate to personally, if it is any help. If there was a significant risk issue at the bank, I personally would take responsibility for that. I understand that clearly-

Q701 Chair: Is that because you are a good bloke or because that is the structure?

Robert Le Blanc: That is my job, that is my responsibility-as chief risk officer, I take responsibility for that.

Q702 Chair: But as chief compliance officer, you do not take responsibility for compliance infringements.

Robert Le Blanc: I might say that. I cannot interpret what you were saying. Perhaps your words were at cross-purposes.

Q703 Chair: Well, please put it right if you think they were.

Robert Le Blanc: I would assume that the head of legal, the head of compliance, the head of risk and the head of other control functions-the head of the operational control functions-take personal responsibility for what they do. We would say that we want to be able to rely on other people and other functions in the bank so that together we provide a more effective set of controls. We do not want to give you the impression that it is only the efforts of the control operation that we think make it work. But the personal responsibility lies with the individual in charge of that function: Mike for compliance, me for risk, Mark Harding-who is not here today-for legal.

Q704 Chair: Mr Roemer, you came from AIG, who blew themselves very spectacularly, and you brought along a lot of lessons. Is one of those lessons that somebody ought to take control of all this stuff, or do you think it is perfectly acceptable to have this rather hazy management structure in an organisation as systemically important as Barclays?

Michael Roemer: I do not believe it is hazy. During the course of the conversation, I understand why you would think it is hazy, but from my perspective, if there is a breakdown, there should be accountability for control functions across the firm. I am responsible. If there is a failure in the internal audit process at Barclays, I would expect that the board audit committee and the management of the company would hold me responsible for that, and I would be accountable for that.

To go back to your original question, I think you started today’s session with me about "the buck stops here". I stand by my response to you. It goes back to the facts and circumstances. If there is a breakdown as it relates to the function of audit, I am responsible. If there is a breakdown in the function of compliance in performing its duties, then Mike is responsible. If there is a failure at business-on the investment bank side-I am sure that Rich would say that he is accountable. There may be a difference depending on what the situation is, but someone should be accountable. That is clearly a lesson learned not just from my prior employers, but many-

Q705 Chair: I do not get the sense that, collectively between you, you can easily turn round and say, "Yes, that’s the guy."

Robert Le Blanc: There have been many cases, again within the risk function, where a mistake was made that resulted in a problem, and we turned and looked at it and said, "Actually, the responsibility was with the individual in the risk function. They gave wrong advice. They did not consider things thoroughly. They made serious errors, and they have been asked to leave the firm as a result." So we do hold people accountable and responsible.

Q706 Chair: Let me turn to something slightly different-the Financial Ombudsman Service. Like any organisation, you have a number of complaints against you from your customers. Over the past two years, the Financial Ombudsman Service has upheld about 40% of complaints against Barclays. Comment.

Mike Walters: Yes. That number is far too high, of course. The numbers are informed by the PPI problem.

Q707 Chair: No, they are not. Do you want me to include PPI, because I can? Some 93% of PPI complaints have been upheld; 99% last year. I was not including PPI. We have taken that out, because we want to make it a clean analysis of what is going on. Let me give you the numbers: banking-40% of complaints against you have been upheld by FOS; home finance-42%; general insurance, not including PPI-32%; life and pensions-34%; investments-50%.

This is the Financial Ombudsman Service, so that shows that not only are you getting complaints against you, but your internal system is not working properly, because by the time they get to FOS they are still upheld. You are falling down on two levels: first, you are falling down on the fact that you are getting these complaints against you in the first place; and secondly, you are falling down on the fact that you are not handling them internally. Why not?

Mike Walters: We have put in place a specific programme to look at this problem. This is something that our chief executive is very focused on.

Q708 Chair: Well, this has been going on since you have been at Barclays. Let us look at banking, going back year on year-40%, 39%, 39%, 45%, 46%, 54%, 67%, so the direction of travel is great, but 40% is still atrocious.

Mike Walters: As I said, we have put in place this programme, which is designed to drive down the underlying level of complaints. Over the past year, the underlying level of complaints has been driven down by almost 9%, I think.

Q709 Chair: Do you mean nine percentage points or 9%?

Mike Walters: By nine percentage points.

We have hired specific people to focus on customer complaints and on driving those down aggressively, but the amount of the overturns is still too high. The amount of complaints is still far too high in Barclays and across the banking industry.

Q710 Chair: What are you doing to sort it out? You are getting people in to have a look at it and all the rest of it, but you have been in this job since 2006-and on it goes. The problems are endemic in this organisation. I thank you for accepting responsibility for that, but it is just very worrying that organisations such as Barclays seem to be outsourcing the complaints department to FOS.

Mike Walters: I don’t think we are outsourcing the complaints department to FOS.

Chair: An awful lot get to FOS.

Mike Walters: We have a very significant focus on complaints handling and on getting that right.

Chair: But obviously not. It is 53% in total, but that includes PPI. Excluding PPI, it is probably around 45%.

Mike Walters: As I said, those numbers are too high. We recognise that.

Chair: But they’ve been too high for a long time, under your watch.

Mike Walters: They have been too high for a long time at Barclays and across the industry, yes.

Q711 Chair: When did you start the process of trying to resolve this?

Mike Walters: Throughout my time at Barclays, we have been conscious of the need to put a lot of focus on this area. Certainly over the last two years, the chief executive has been personally involved in trying to aggressively drive these numbers in the right direction.

Chair: Only in the last two years? In 2009, the banking complaints were 67%.

Mike Walters: The numbers are too high. It’s not just in the last two years; the last two years were when the current chief executive particularly had a focus. Before that, retail banking chief executives have been very aware and have spent a lot of time trying to work out how we improve our processes and our handling to ensure that the numbers go down.

Chair: And yet still 40% of the banking complaints are upheld against you.

Mike Walters: Yes, that is right.

Q712 Chair: If you were dealing with and handling them so they did not get to FOS-if this was 10%-then I could think that this suggests that you are doing something about it and being successful. But this suggests that in far too many cases, you are saying, "We can’t be bothered. FOS, you sort it out, and we will just pay the penalty when it comes through. It is just easier to do that."

Clearly you are going to get vexatious claims and people who are just grumpy because their stock went down when it should have gone up and they are complaining against you when they didn’t read simple warnings, but this is an alarmingly high number. Nearly half of the complaints against you, excluding PPI, were upheld by FOS. How are you letting them get through? To me, that spells absolutely an attitude of arrogance at a front-line level: "Well, we can’t be bothered. It’s just as easy to let FOS do it rather than go through the hassle of sorting these complaints out ourselves."

Mike Walters: No, that is really not right. The front-line level people work very hard to ensure that our customers get a good experience-

Chair: Apparently not.

Mike Walters: -and that we deal with complaints appropriately and efficiently. We have not outsourced complaints handling to the FOS. The numbers are too high, but we are working very hard to get them down.

Some of the flow that goes to the FOS are not just simple cases. Some of them are more complicated. A FOS ruling is then taken on board by us.

Q713 Chair: So for example, investments might be a more complex one?

Mike Walters: It might be, yes.

Chair: And 50% of those were upheld by FOS.

Rich Ricci: Mr Garnier, maybe I can add something. While I do not run the retail business, I have some experience in the interest rate swaps area, which I started running in 2009. I think part of the issue-again, this could be cultural-is how we look at complaints. Often, when a complaint comes in, you may defend it rigorously on the basis of the rule of the law, and not maybe necessarily take it from the client perspective consistently. The FOS may rule with you or against you, because it may take a different view.

In the case of interest rate swaps, interestingly, before the remediation effort that we began in the agreement with the FSA, the FOS was upholding 92% of our defences in the interest rate swaps space. That doesn’t necessarily mean that there might not have been issues-that is why we are looking at it-but it might be this client-centric point.

Q714 Chair: Interest rate swaps are slightly difficult to talk about with this, because obviously there is a limit on the size of the organisation that can use FOS, as I understand it. So it is not necessarily the best example.

But you will completely understand my point on this. A huge number of these things have been upheld. It is the upholding rate that is the alarming part, and allowing them to go forward. FOS is there to give reassurance to people and also to provide what amounts to a legal arbiter for people who cannot necessarily afford legal advice. What this does not take into account is people like those who have interest rate swaps. Obviously, that is a slightly different thing because there is a lot going on with that, but small businesses that go above the minimum levels cannot use FOS. They have to their own legal advice. In many cases, you will find there are businesses that cannot afford legal advice because they are being basically screwed by the banks-in some cases, you. What does that say about how many businesses are losing out? Potentially, 40% of business could win a legal case if they had the nerve to get legal advice and take on an enormous organisation with a balance sheet the size of Britain’s GDP. That is quite scary.

Rich Ricci: There is now a team of 1,200 people internally at Barclays that is working on the complaints on the retail side of the house to try to alleviate that issue. We are not proud of that issue.

Q715 Chair: That is nearly the size of the compliance department. There are 1,200 looking at complaints, and the compliance department is 1,300.

Rich Ricci: But I think, on your point around making sure we are dealing with the issue up front and trying to solve it for the long term, not just having people go to the FOS, we are trying to get to the root cause of what these issues relate to. Again, I apologise to retail business on my side of the house. But I am aware that there are 1,200 people doing it.

Chair: This is my final question, you will probably be relieved to hear. The Basel Committee said, "Compliance laws, rules and standards generally cover matters such as observing proper standards of market conduct, managing conflicts of interest, treating customers fairly, and ensuring the suitability of customer advice…These are likely to go beyond what is legally binding and embrace broader standards of integrity and ethical conduct." How do you ensure you have broader standards of ethical conduct within Barclays?

Mike Walters: Shall I start? Others may have a view. We set a series of compliance standards for the organisation and, as you have heard before from others, we make sure those a long way beyond the regulations. We have a significant buffer in all of our policies and standards to ensure that people comply, so we are a long way beyond the minimum standard required by the rules. We promulgate those to the organisation and we check that they are being complied with. In doing so, that is a significant contribution to the way that the culture gets rolled out into the organisation. Compliance has a big role to play in that.

Rich Ricci: I think particularly given the events of LIBOR, and some of the other instances, this issue of broader values and integrity is an important one. In reaction to LIBOR, across the corporate investment bank the firm is doing lots of things, including defining a new set of core values that the organisation will have, which will be part of the balanced book scorecard I was alluding to, and will certainly fit in with that framework. We have stated our values; we have had them for a while. They are about being client-centric and putting your customers’ needs ahead of the firm, building things to last, treating colleagues fairly and controls.

How do you then drive the behaviours that hang off that-integrity in raising issues and feeling comfortable raising issues-through an organisation? The three principles of the framework-I am going to use buzz words, but I promise I will give examples in a minute-are around stating very clearly what we condone, how you embed that in the organisation, and how you uphold those. So what we have done is redesigned our governance. It all starts with the board, the executive committee and the executive committees of the businesses. We say, "These are the behaviours we are going to hold you accountable for; this is how we are going to measure those behaviours; this is what you are expected to do in terms of driving that into your business, and we are going to make sure we drive that into your business. As the first line of defence, we are going to check all that." The business then further pushes that down into the organisation, they lay out their individual assessments and how they are going to measure those for people-that is the embed part. Then there is the uphold bit, which becomes, "Okay, once you have stated all that, how then do you measure, and whose responsibility is that?" The upholding part of that then works its way back up through the organisation, through the supervisor responsibilities of desks saying, "Yes, you’re within your trader mandate. Yes, you’re within your proper behaviours. Oh, no, by the way, you didn’t behave properly; here’s what the penalty for that is." That then moves up into management-the supervisors of the supervisors-and then up into the executive committee. The upholding of those values is also being monitored by the second line of defence-the risk control, product control and compliance functions-as it works its way up the organisation. You have to have these clearly defined principles all the way through the organisation, and you have to punish and reward when you see behaviours that reflect that and when they do not. That’s what it’s about.

Q716 Chair: In the wholesale side, do you take on specialist teams to come along and grab market share? You must have done.

Rich Ricci: We have historically. Lehman is probably the best example of that for an institution, but yes, we have historically, on occasion.

Q717 Chair: How do you drive the standard of excellence through a complete unit that has come on board?

Rich Ricci: I will give you an example of a small team.

Chair: Yes, I suppose it is easier with a small team.

Rich Ricci: Then we can talk about Lehman, because that is interesting as well. You just do not hire teams to drive market share. Quite frankly, I can remember an example from back in 2001, when we were trying to take a very large team from another institution to come and work for us. It grew from trying to recruit 10 people, who I felt very comfortable with in terms of understanding their values and criteria because I had spent a lot of time with them, to a team of 150. Ultimately, that failed, because, interestingly, they shopped themselves back to the organisation they were going to leave for a lot more money. That is what we do not want to do. When you are taking that group of 10-or five, or one-you need to make sure that you spend time with them to understand what makes them tick, how they operate their business and what their view is on controls. Yes, you want to see their capabilities in terms of what they do in the market. In some instances, you want to talk to their clients. But you need to spend that time up front doing that, or, I think, organisations fail. In our industry, on a larger basis, a lot of mergers and acquisitions failed because they did not spend enough time on that, they just thought they were buying larger market share.

Q718 Chair: But having taken on that team-I completely accept your point, but none the less, you are taking on a team. One of the recurring themes that has come up through these investigations is that you will have an ethos where people in your organisation do not say, "I work for Barclays and love it." They say, "I am a banker and I work at Barclays." They see themselves merely as franchise holders for as long as Barclays or whoever can supply whatever they need in order to maximise their opportunity, be it as oil traders or whatever it happens to be. How do you drive that ethos into a team you have taken on, no matter how small or how big? They will already come with a stronger sense of loyalty to their team players, and they will also come with an ethos and a set of standards that come from a previous institution, which may not be the same as what you want.

Rich Ricci: What we would do, and what we have done historically in those instances where we have got a team, is that you heighten supervision. You would start with the appropriate training, but also heighten supervision. Then, we had a policy where, six months later, we would take a pulse check. We would ask people around the organisation who interacted with them, "What do you think of the team? What do you think of the individuals?" We would then either make corrective behaviour, or, in some instances, we would exit people. But, to answer your point, once they get in, you cannot just assume that it is going to work. You have got to make sure that you assure yourselves. Hopefully, you get it on the way in, but you have to have heightened supervision, and then this pulse check concept to make sure they are adjusting and behaving in the way that you want them to.

Q719 Chair: When you have new teams coming on, you also get-I have certainly seen this when I have worked in dealing rooms-quite a lot of resentment from people nearby, who may see that the new team have higher salaries or whatever. How do you deal with that?

Rich Ricci: When we were building up the investment bank at Barclays, we had a philosophy, which said that we would not treat existing employees any different than new joiners. That meant in terms of the promotion process and in terms of compensation. We adhere to that, and people then either buy into it or they do not. You are right that, oftentimes, when you do that you can create resentment on the desk. We thought that that policy was the right one. Frankly, we tried to avoid hiring teams-there were probably a handful-but we had that policy of treating people the same whether they were here or came in.

Chair: Okay. Does anybody have anything to add?

Q720 Baroness Kramer: We talked earlier about customer service. One of the things that you do not do at Barclays is praise people who do well, which is one of my frustrations, having written three times to report how well a particular individual among the most junior helped resolve a major problem that I had with the bank. As of the last time I saw the individual, not one of those letters has ever made it into their personnel file. Talking to people on your various desks, I gather that is the norm. When I have asked, "Shall I write in?", they have said, "I really wouldn’t bother. It never goes back to a supervisor and it never comes to us."

Rich Ricci: Point noted, Baroness. As we move to this new era of a balanced scorecard, and in the retail bank, looking at customer service as the primary driver of remuneration, hopefully that will change.

Q721 Baroness Kramer: Well, hopefully you will have some sort of mechanism that is not just the telephone surveys that are outsourced to somebody else who goes through a rigid set of questions, to which you have to answer on a scale of either 1 to 5 or 1 to 10, which does not let you say very much, frankly, about most of those situations.

Let us put that aside. I’m beginning to get a grip slowly on the silo culture as it exists at Barclays. If I understand it correctly, Mr Walters, who was in charge of compliance and who was being very honest with us-I am not criticising someone who was being very honest-essentially is facing off against the regulator and what the regulator is responsible for and therefore, in a narrow sense, is expecting to happen in the organisation. The silo ends there, so when we have a situation such as LIBOR, which was not a regulated activity and fell outside that narrow competence, there is no one to pick it up because everybody is operating on a silo basis, which, from what I understand from what you said earlier, is a fundamental part of the structure. People work within a narrow silo arrangement.

Mr Le Blanc, you have been one of the chief risk officers since 2004. The three lines of defence did not work in the case of LIBOR. We are talking about the rogue LIBOR submissions; I am covering the same ground as the Chairman. The three lines of defence could not have worked, in many ways-or at least, lines two and three could not possibly have worked, because they were essentially flowing from the perceived responsibility of the regulator and not from a broader set. Is it a correct analysis that in effect, in that situation, there is one line of defence only?

Robert Le Blanc: With respect, I do not think it is correct, because we do not work on the basis of the flow from the regulator. We are obviously required and we want to-

Q722 Baroness Kramer: Mr Walters was very clear that that is how his structure operates. That is where your alerts are and whatever-does it meet what the regulator is looking for?

Robert Le Blanc: I think-I won’t spend too much time picking on compliance.

Baroness Kramer: They have been picked on enough.

Robert Le Blanc: But I will say that compliance is required to be mindful of the regulations and laws under which Barclays operates. I suppose that is partly why it is called compliance, but as Mike said, we do not simply try to achieve the minimum standard, the bare legal requirement, or the regulatory guidance to the letter and then stop there. We don’t do that at all and certainly from a risk point of view, Barclays has been in business and running risk for many more years than we have had a regulator, and at no point in the time that I have been chief risk officer have I felt that my objective is to meet a regulatory requirement. My objective is to help protect Barclays and prevent mistakes and errors that, from a risk point of view, would be wrong for us. I do not get my guidance from the regulator on how we do that.

We work very hard, in exco and through the firm, not to have silos. We need to have accountability, responsibility and specific areas of control that are conducted by individual people to make the bank effective, but we spend a lot of time and take a lot of trouble to promote the responsibility to use broad perspective, judgment, and qualitative thinking, and not to follow rules or quantitative tools and methods. We have those and they help us, but they are not the basis or the foundation of what we are trying to do.

Let me use a very simple example on the retail side. There are products available, which we offer, that are-let’s call it a flexible mortgage. Barclays mortgage book, as you might know, is constructed fairly conservatively. We have the lowest impairment rate of any of the UK banks on our mortgage book and we have the lowest loan to value. We have a 42% loan to value across £110 billion of mortgages, so there are many retail customers of ours who might have, let’s say, for the sake of an example, a £50,000 mortgage on a £100,000 home. Over time, they start to pay that down and the mortgage becomes a £40,000 mortgage. Now, if they wanted to increase that again back to £50,000, from a pure credit point of view we would be happy, because of all the credit tools we would apply: not just the loan to value, but the affordability, their debt service history, their financial position and income-we would be considering all those things.

So, there is a variable or flexible mortgage product that says if someone pays their mortgage down perhaps they can just draw that back up again to the original £50,000, when they have paid it down to £40,000; now, should they be able to go ahead and do that at any time they want, for ever? From the pure silo point of view, if you looked at it only from a credit risk point of view, we would be comfortable with that; but we always ask ourselves, "Let’s sit and imagine under what circumstances that person wants to do that: might they be using that money to pay off credit card debt they ran up and can’t afford? Might this be a sign of them being stretched in some way?" We are trying to build a process that specifically takes us outside of any individual silo approach, to try to have a more holistic view and a more qualitative-judgmental view about what the right thing is to do for the client.

We want our clients to stay with us and recommend us. By the way, as a quick sidebar, when you get a survey question like, "Would you recommend Barclays?", we think that is actually a very broad question, and better than asking you, "Were you happy with your mortgage application form?" If you are willing to recommend us to other people, that tells us a lot about the overall non-silo approach that we are providing to you. If you tell us that you are not willing to recommend us-you might have been perfectly happy with your mortgage form, but there is something about the service and the experience you get from Barclays that you do not like-we care about that. That is why that is our survey question, and that is why we work very hard in all we do in risk management to get away from quantitative and towards qualitative in understanding the overall picture. I would really say that we do not have a silo approach.

Q723 Baroness Kramer: Okay. So try to explain to me what has changed that. I can perfectly understand that you are telling me that, where you have identified that there is a specific set of risks that you want to pay attention to, that works its way down through your procedures. But LIBOR was obviously something that you missed. It is the kind of thing that is, if you like, dependent on, or occurs more easily in a situation where people basically look down the chain and say, "Look, that risk they are going to pay attention to, and this one, and this one; the rest is basically territory over which we can range pretty freely." How are you dealing with that issue, given this very, very hierarchical and vertical thought process that seems to drive the decision making, and the monitoring and supervision?

Robert Le Blanc: I don’t believe we have a very strict hierarchical, vertical decision process. Mike described, for example, the new product approval process. We intentionally bring a lot of people together in the firm to look at things, turn them over, make broad judgments, ask, "What if?" and try to imagine different situations where it might not work for us or for the client. We do not just allow sequential sign-off; we get people in a room talking about it, and trying to understand it from a broad point of view.

LIBOR was an example of controls that failed. It was an example of controls not being adequate at the time. It was an example of poor escalation. Barclays, as you know, is not perfect and we failed in those areas. There are many, many examples of situations where we have been successful and where it does work, because we look across the boundaries and try to understand the effects of market risk and credit risk on households, for example, and try to relate those.

Having had a failure like LIBOR means we want to look at it and learn from that, and train people to take a broader perspective and to understand the culture and the tone. At the end of the day, this business is about people and how they behave. Our board set our strategy and our business plan. They want us to set, and they themselves set, the tone and the culture. Our job is to drive that down through 140,000 people in the firm. We believe we are successful most of the time. Obviously, there are times when we are not. We learn from that and can try to improve it. That does not mean that we have a faulty organisation or that we are doomed to fail because we have a silo. I do not think that is the case.

Q724 Baroness Kramer: What changes have you made within your risk operation?

Robert Le Blanc: We have made changes to reinforce our control structure. We have done a lot of work on and have almost concluded a redesign of the overall governance structure of the whole bank, to strengthen conduct risk, to strengthen reputation risk and to strengthen controls through the firm. We recognise that there were areas that were not as strong as they should have been. That will involve, ultimately, training, education, compliance for people and strengthening as well. Our own way of strengthening controls within risk is the extent of conformance testing that we do to see whether the control functions are operating properly through the firm.

Q725 Baroness Kramer: And that is a work in progress is it?

Robert Le Blanc: The conformance testing has been in progress for about four years and we continue to push and evolve that. What I mean by that, for example, is that we will have policies and standards on how risk management must be conducted through the firm. For example, we ourselves will go and check, and have different teams of people within risk go and check the other teams, so that we have support and criticism and challenge from colleagues within the risk function, to help each other to learn lessons, to encourage broader thinking, to take advantage of experience in different areas, different geographies and different client bases, to strengthen that process. That is an example of what we have done to strengthen our control process on a continuous basis.

Q726 Baroness Kramer: I have asked this question of other CROs. How would you describe your top three issues or objectives?

Robert Le Blanc: Let me give you the context of what we are trying to do. It will only take a moment and will help understand where the top issues and priorities come from. I have already mentioned briefly that we are trying to set a strategy and plans for the firm, and implement and execute them. I believe how we do that is around people forming judgments and making qualitative decisions to make the bank work properly for itself, customers and stakeholders. The biggest concern for me is: am I, in my role, developing and driving a really strong practice of risk and reward, balanced decision making, broad-thinking perspective, and therefore good risk-management decisions? An important part of banking is taking risk. We know it is critical to what we do for ourselves and our clients. For me, the single most important thing that I worry about is whether we are being successful in training, driving and encouraging our front office and our risk managers to take those broad decisions and make those risk-management decisions well and correctly. That is not a matter of box-ticking or getting through the quantitative measure or the computer advice. It is to ensure that we are making good judgmental decisions. That is our largest priority.

I will use a simple example from outside the banking industry. Any car you drive has a speedometer and fuel gauge. They will tell you some important information about that car but they will not tell you how fast you should drive on a dark night when it is raining. They don’t tell you how long to wait before you buy fuel. Some people wait until the end, other people like to have a lot of fuel in the tank.

We are trying to make people take responsibility, have a broad perspective and make good qualitative judgments about what they do, using the instruments, the measurements, the tools and the quantitative techniques we have to help, but telling them consistently that it is about the personal judgments that they make. That is what the risk-management process is about. The greatest worry I have ever had and continually have is: are we doing that well, how do I know that we are doing that well, and what can we do to make that work better?

If you ask me what my outside concerns are, the macro environment would obviously continue to be a major concern, but I won’t get into that sort of external risk.

Q727 Baroness Kramer: None of us can probably control that. We are not being terribly modest in saying that.

Robert Le Blanc: We try to control its effect on us, rather than the macro itself.

Q728 Baroness Kramer: How do you drive these standards down through your organisation? It didn’t sound like there had been much change over in what HR was doing, or evaluation. How do you monitor it?

Robert Le Blanc: There has been change in HR. For example, we have pushed very hard to ensure that business areas understand that it is a risk-return balance. We have strengthened that. As I mentioned earlier, this is the third year that we have taken a formal process to our remuneration committee.

Throughout the year in evaluating people and giving them feedback, we don’t wait until a certain particular day at the end of the year, when we give someone a performance review, for them to get feedback from us about how things work. Every credit committee that we conduct is, for me, an opportunity to give culture and tone from the top, to give the message of what we expect for the kind of lending proposals that we see. For example, we have at our credit committee a very low decline rate. The declines that come to credit committee would typically be 5% or 10%, and some people might look at that and say we are being too easy, because 90% or 95% of, let us say, large corporate significant credit exposures are approved. From my point of view, I consider that a success, because what it means is that the front office, the deal originators and the people who are covering clients have learned and assimilated our culture and risk appetite for what we will accept on our balance sheet and what we think is appropriate. They are not offering products or structures to clients that we will not do; they are listening to what we want to achieve. There are a few cases where it is perhaps not an easy decision, and they might come to the credit committee and be declined, but what we are trying to do in all cases is convey to people the kind of business we want to do, the quality of business and the considerations from a very broad perspective. There is not a simple reliance on the quantitative tools. That has been an ongoing change process for us over the past several years.

Q729 Baroness Kramer: The alternative interpretation is that your credit committee is just constantly outsmarted by its originators.

Robert Le Blanc: You might say, "Robert, you would say that," but there is a lot of respect for the originators. Some of the most sophisticated, technical financial minds work in the risk department at Barclays. They are able to understand the businesses, the models and the correlations. The question of whether a credit passes muster is an important question for Barclays, and I think we have a good track record at that, even through the financial crisis. It is recognised that that is an edge that the risk people have over the front office. That is recognised, and there is a core of professional risk people in Barclays who are as well respected and as well paid as front office people because that is part of the culture of Barclays.

Q730 Baroness Kramer: When you say they are as well paid, are they rewarded, for example, by, "You saved the bank £x, so here is an equivalent reward to if you had made the bank £x"?

Robert Le Blanc: I have recommended and paid executives in the risk function based on what they have saved, rather than what they have made. I will use a clear example: if you look back over the period of the financial crisis at the experience in the UK banking industry of commercial lending losses, of the big four UK banks, Barclays-I think the financials are public and can be seen-had a lower loss rate than the other major banks, partly because we had quite strongly controlled commercial property lending practices. In other cases, the commercial property lending problems were very significant. The people who ran that practice in Barclays were very well paid during the crisis because we recognised they had saved the bank a lot of money. We made heroes of them, and we put them up on a pedestal. I said publicly in many presentations within the firm where several hundred people would have been listening, "These people are successful because they stopped us making mistakes, and they stopped us losing a lot of money. We should be willing to take a tough stand and turn business away." We turned away a lot of business because we believed it was not the right thing to do from a broad perspective.

Not everything we do is perfect, and we are not claiming success in every department. The culture was like that when I came to Barclays 10 years ago, and I felt that culture, but we have worked very hard to reinforce it because, as I said, I feel that people make the difference. Every major bank in the world has the economic resources and the availability to build the same technical risk systems. They can hire the same consultants to build it if they want to. Or they could use the same Basel II mechanisms and credit-scoring models, which are widely available. You ask yourself why some do it better than others and in which cases, and it must be about the management, the people, the culture and how you make the qualitative judgments. I feel that is the most important thing I do, and that is what we try very hard to do.

Q731 Baroness Kramer: That is interesting, because you make a very enthusiastic and strong argument that Barclays understands credit risk.

Robert Le Blanc: I said that as an example. There are many other areas of risk-reputation risk, conduct risk and operational risk-that we value just as highly.

Q732 Baroness Kramer: If you value them just as highly, why are we where we are?

Robert Le Blanc: Because mistakes were made, controls were inadequate, behaviours were wrong and the culture and tone were not in place and were not working. We recognise that and we are trying to fix it. What I am trying to say is that I believe that the overall culture and tone at Barclays is correct and is a strong culture. Many of us here I do not think would want to work at Barclays if we felt that it was the wrong way around, but we recognise that it has not worked. It very clearly has not worked in every case. In some very important places, it did not work, and that caused us a lot of reputation damage and potential problems for our clients and it showed where our controls were weak. We are in the business of seeing those things, recognising them and trying to fix them.

Q733 Baroness Kramer: I suppose I am still slightly struggling. I can really understand how the credit and the financial aspects of this drive their way through the process, but I am still struggling to understand how you have taken that system and adapted it to bring in the non-financial aspects. It does not seem particularly amenable to it.

Robert Le Blanc: It is. It receives just as must focus from us. I use the credit example because it is an easy example to communicate quickly, but if we look at reputation risk, we have the same strength of governance on reputation risk. We have a reputation risk committee in each of our major businesses. They have a responsibility to understand, to identify, to assess and to control reputational risk in the same way that we do for credit risk.

Q734 Baroness Kramer: Is that new?

Robert Le Blanc: In each business, there is a reputation risk committee that is overseen at the group level by what we call the reputation council, of which I am a member and which is chaired by Mark Harding, our general counsel. There is also a board-level committee that would look at reputation issues. So the same processes are there and the same governance is there. It does not work on financial numbers. Obviously, reputation risk is not a financial number-driven process like credit risk, but it has equal importance and receives equal focus. We know how important reputation is to how we operate, because we have to be relevant and acceptable to our clients and to our regulators, so we care about it. It is less easy to define with quantitative tools, but it is equally important to manage.

Q735 Baroness Kramer: And this structure has been in place since roughly when?

Robert Le Blanc: I am not sure precisely, but we have had a reputation risk committee for many years. I have been a member of it for many years. It has been called different things. Previously, the board committee was called the brand and reputation committee, but it has been in existence for many years. We are constantly evolving-

Q736 Baroness Kramer: Is its status any different from that which it has been in the past? Are you saying that it is the same strength of player today that it has been historically?

Robert Le Blanc: The visibility of it has always been there. The importance of it as one of the fundamental risk areas that we wish to manage has always been there. We hope our ability to manage it is improving, because it is a difficult area to manage. It is less subject to conventional risk management techniques, but its visibility and profile are just as important, as is conduct risk for us.

Rich Ricci: I would also add that our risk appetite has changed on reputational risk. It has certainly changed.

Q737 Baroness Kramer: So you are saying that it is driven down from the board level that there is a shift in the risk appetite.

Rich Ricci: At the executive level also.

Q738 Baroness Kramer: So how is that message being conveyed through? Apparently, most people would have perhaps regarded themselves as working within Barclays’ tolerance for reputational risk historically, and yet that was an environment that has allowed a hell of a lot to happen that, in retrospect, many people would wish had not happened. I am trying to work out what is different. Apparently, there has been a very strong committee and it continues to be. It does not fit together as a picture.

Rich Ricci: May I add a few thoughts? I have said this publicly before. For the corporate investment bank, what we did in reaction to the LIBOR incident this summer was really start a strategic review of three areas. One was all our business lines and looking at those business lines specifically through a reputational risk lens. Historically, reputational risk would always have been a factor in looking at our businesses and what we wanted to pursue and not pursue, but what is different is that, instead of that being part of the analysis, it was the primary lens through which we are looking at how we conduct our businesses in the corporate and investment bank. Antony Jenkins is now doing something across the group to reflect a similar situation.

Within the investment bank, for instance, I have been public about saying we want to look at our tax advisory business. There are things that historically may have been at the aggressive end or are not fit for purpose any more. Simply because of reputational risk, not because of any legal risk, and even if they comply with the spirit of the tax code, there are things that we just do not want to do any more, because we have seen the damage that reputational risk has. It is a very good business for us.

Another good business for us is agricultural commodity trading. Are there elements of that business, from a reputational risk perspective, that we simply want to consider and think about whether we want to pursue them or not? We have split the corporate and investment banking into 54 different businesses and we are looking at them first through a reputational lens. Are there things that we want to do or not want to do any more-driven by reputational risk-or should we mitigate those businesses to defend against a lower reputational risk appetite? We will look at the culture and leadership of the businesses to make sure that they are fit for purpose going forward, and only then will we look at the return profile of that business. We have kind of turned the analysis on its head, putting that reputational risk lens very front and centre.

The second thing we are doing in the corporate investment bank is around conduct. We have set up a business conduct review and we are looking at how we do things such as conflict management. How do we deal with things when issues are raised? What are the cultural things that we need to do to ensure that when people have an issue they feel safe and comfortable in raising it? Are we doing the appropriate leadership and training? Is there a place, with this business conduct review group, where employees can come and state a view that they have concerns about? Will it be addressed? That is another area.

The third area is a reward stream where we are looking at reward-both remuneration and performance appraisals-to ensure that practices that we have done historically are still fit for purpose. So are there things that we have done that either induce wrong behaviours or did not reinforce the right behaviours? This has been embraced by the organisation. There is a real tangible change of tone and transparency around these issues driven by, in large part, reputational risk and the issue of culture. We have said that we will come to market in early February and announce those results, but the actual piece within the investment bank is almost complete. So there is real demonstrable change, and there will be.

Robert Le Blanc: I have another simple example, if I may, on the retail side. Up until a few years ago, we had about 1,200 personal financial advisers working throughout our retail branch system available to help retail customers with concerns and questions that they might have had. We have stopped providing that service.

Baroness Kramer: Very sadly, yes.

Robert Le Blanc: Yes, because of the reputation risk. We believed that we were in a situation in which it would be hard to be successful over time. If we gave someone advice, we felt that if that turned out to be, in their view later on, something that they wished they had not done, that we would bear the reputation risk, even though it might have been a good decision at the time.

Q739 Baroness Kramer: Surely it was the change to a fees structure rather than a commission structure that drove that. I was literally sitting in one of your offices when the team were called in and told they were fired as of the following week. I am very conscious of the role that the change of payment structure played in that. Pull the other one on reputational risk.

Robert Le Blanc: I am not trying to pull your leg. We provide most of our clients with free current accounts, for example. There is no fee there. We do a lot of things without a direct fee.

Q740 Baroness Kramer: That is a competitive pressure.

Robert Le Blanc: Maybe, but we do things and we look at the profitability of our business overall. If we thought it was smart, safe and sensible to provide financial advice, we would do it. If we thought customers would value it, it would be in our and their long-term interests. What I am saying honestly to you is that we are not sure how much upside there is in giving advice. I think Mr Garnier made a comment about that. There was another example recently. If the customer is not happy with it, they will come back and complain, depending on what the outcome is.

Q741 Baroness Kramer: I am questioning whether reputational risk is at the core of that. A lot of banks made the decision that when people would have to pay fees for it, that was not going to be a viable business any more. I can understand it, but-

Robert Le Blanc: I think there will be less product innovation available for retail customers in the UK, because of reputational risk and things that have happened, than there will have been otherwise. We are very conscious of that.

Q742 Chair: Mr Ricci, you do not like mangoes.

Rich Ricci: No, I do not like mangoes.

Q743 Chair: But you have instigated Project Mango.

Rich Ricci: Yes.

Q744 Chair: A recent Financial Times article talks about a speech that you made, I think, on 3 September. In that speech, you said, "We have always scrutinised our businesses based on their ability to generate returns…Now however, I feel it is appropriate to modify that assessment by explicitly looking at reputational risk". Why only this year?

Rich Ricci: As I said earlier, we have always considered reputational risk as part of the business review process. We would look at return profile, the control functions of business, the market opportunity and our risk appetite across a spectrum of risks that included reputational risk. The difference now is that we are moving reputational risk to the top of the tree and looking solely through that lens with that being the primary search. Only then will we consider the other factors.

Q745 Chair: Quantify what reputational risk actually means.

Rich Ricci: Quantify or define-

Q746 Chair: Or define.

Rich Ricci: A definition would be: would a product or a series of activities or behaviours pass a range of tests? First of all, you should ask whether they would they pass the tabloid test, so if you read about it in a newspaper-it does not have to be a tabloid-would you be proud of your activity? The tests would range all the way through to whether there are second-order impacts to what you are doing that may have a knock-on impact that would put the bank in a situation where it would be not proud of that knock-on effect-a double dupe thinking effect.

Therefore, the first point is the simple question of whether the activity in itself is something that we would be proud to do and read about in a newspaper. The second is whether the activity may lead to something that would lead you to ask that same question.

Q747 Chair: Ultimately, it comes down to commercial risk because your reputation determines how much return you can get for your shareholders, doesn’t it? It has to be that. Is it not simply the case that what we see now is a different approach to looking at how you can best benefit your shareholders?

I do not disagree with some of your noble intent to try to look after your customers, but the fact of the matter is, over the last few years, and certainly since the banking crisis, the real issue at stake for the big banks is that their reputation has been absolutely shot to pieces. Now, the competitive edge for banks is who has the best reputation. What that is about is not necessarily just looking at whether products are competitive, but who can be the most virtuous bank, because you know that if you are seen to be the most virtuous bank-I emphasise the point of being seen to be the most virtuous-then you will win the most customers. Ultimately, this is merely a cynical attempt to win more customers.

Rich Ricci: No, I would disagree with that. I think that there is a real sense of stewardship in Barclays about an institution that has been around for longer than the United States. There is a willingness and desire to see it right, and actually-

Q748 Chair: A lot of banks have been around for longer than the United States.

Rich Ricci: Well, it has been 320 years. This is about looking at reputation first-it is not about shareholders. I could argue that some of the activities that we are going to stop generate significant revenues, and I am not sure whether that is necessarily in the shareholders’ interests.

Q749 Chair: I am not sure that I buy that. We can go back to Baroness Kramer’s point about independent financial advice: this is a response to a retail distribution review, and reported as a response to the RDR. It is not about avoiding potential reputational risk; it is simply a business decision that it becomes much more difficult to run an independent financial advice business under RDR.

Rich Ricci: As an example, if I decided to stop trading soft agricultural products, that is not driven by regulation but because it does not sit socially well with a large constituent of our customers.

Q750 Chair: You are still selling investments.

Rich Ricci: In other parts of the institution, yes.

Q751 Chair: You are still selling your own products in branches; you are just not giving the advice that goes with it.

Rich Ricci: I beg your pardon; I am not sure what the question is.

Q752 Chair: It is the independent financial adviser point. So, you step back from independent financial advice but you are still creating and selling investments, aren’t you?

Robert Le Blanc: Investments are offered and are available to our wealth customers as well as our retail customers.

Q753 Chair: But you are not providing advice now. So what you have done is you have assessed that there is a risk associated with providing advice but not a risk associated with selling an investment. So you are happy to sell the investment but you’re not happy to provide the advice that goes with it. That, to me, comes over as a very cynical attempt to avoid any potential risk, while absolving yourself from any responsibility.

Rich Ricci: I see the point. Let me give a different example. As I mentioned earlier, on the point you made about the suitability of certain products for SMEs, I would say that making sure we have a very simple set of products that will serve those needs of those small customers, whether it be interest rate protection or currency protection, is a good thing to have, and just to have it very simple and very clear and say, "This is the product set we offer. We understand the reputational risk and are not willing to take it, to do anything more complex beyond that. We are trying to service your needs, but the reputational risk will prevent us from maybe getting too exotic with things or pushing it beyond the bounds of what may be appropriate."

In that instance, I am trying to serve the client need. I am not trying to cop out on the responsibility of the product. I am just saying, "I’ve got a product here that we can understand and is simple," rather than trying to have my cake and eat it too, as you were describing possibly in the investment situation.

Q754 Chair: What it sounds like though, with this investment situation, is that you have identified a risk and you are passing that risk on to the consumer. By not providing advice, you are essentially saying to the consumer, "You now have that risk. It is not our responsibility. Buy it-caveat emptor-you get on and do it," but you are not prepared to provide the advice because there is a risk that your reputation might be damaged if at some point in the future someone comes back and says, "You’ve been legged over". That could be one of the 50% of people, perhaps, whose complaints at FOS have been upheld on the investment side.

Rich Ricci: The retail area is not my area of expertise. Maybe one of my colleagues can help, but I am certain that there would be a product suitability review and requirement for those products.

Q755 Chair: Of course there will, absolutely. None the less, advising customers is what a traditional bank looks like. That is what people are looking for from their bank, and you step back from giving financial advice.

Robert Le Blanc: We have stepped back from providing the personal financial advisers within the branch system. That is a decision that was taken over the past couple of years.

Q756 Chair: How are you assessing reputational risk? How do you distinguish it from compliance and from "being caught" risk?

Rich Ricci: As I think I said, it’s a much broader picture. First of all, it differs from compliance in the sense that it is not just complying with the law-the spirit of the law. The "just getting caught" bit is a narrow definition that I would hope everyone who respects the rule of law would recognise as something that should be part of their ethos and the way they work. Reputational risk is beyond that. It is: how would the client see this behaviour? How would society at large see this behaviour? How would my friends and colleagues see this behaviour?

It is a very broad definition. It is hard to quantify from a mathematical perspective, but I think it is embedded in a set of values that we are agreeing as an organisation, and you have to look through those lenses to ensure that what you are doing is compliant with that, beyond just a standard test of: is it compliant or is it against the law?

Q757 Chair: One of the things that struck me about these sessions-meeting with the banks-is that there is very much a mentality by all the banks. Each bank has its own unique mentality, but none the less that is very much an inward-looking mentality. I completely accept that a lot of people, such as yourselves, are trying to look outside what’s happening within your organisation, but time and again we are coming back and we are seeing exactly the same issue, which is that you are seeing this from the point of view of being a banker of one description or another. It can be a risk officer as a banker, or a compliance officer as a banker, but you are, without a shadow of a doubt to my mind, very insular from the outside world. Even the surveys that you do when you go out to customers are done from the point of view of being a banker.

What I am failing to understand, or failing to get any grasp of, is that there is an openness to try to get some type of fresh thinking-completely different thinking-into this. I will give you an example of how we did this-because we have tried to do exactly the same: we got in Ali Parsa from Circle group, who was running a hospital, to see if he could give us advice on the sort of questions that we should be asking. What have you done to try to get people to come in and sit with you and say, "The reason everybody hates you is because of the way you are thinking"?

Rich Ricci: Last week 125 of our senior leaders spent two days at an off-site, where we did just that. We looked at other companies that have had issues around values. One of them was Barings. We looked at other companies who may have been very good companies at some point, but something went wrong. It could have been reputationally-

Q758 Chair: Give me an example.

Rich Ricci: Kodak was the example.

Q759 Chair: Well, their big problem was that they sort of missed the move to digital.

Rich Ricci: They did, but the challenge there was why did they miss that-particularly when they invented the first digital camera.

Q760 Chair: That does not have much to do with reputation. That is just not being in tune with the market.

Rich Ricci: No, I don’t think that’s right. It was insular and not listening to-you know, we looked at zoos and how they have been able to change by looking at ecosystems, rather than just zoology-animal things, so we did a lot of that consideration. We had a group come in called ?What If!, who have done a lot of work with other firms-non-financial institutions-on trying to define values: what is your purpose as an institution? How does that then flow into cultural values and how do those values embed themselves in behaviours for the firm; and then how are those behaviours measured and rewarded? I think we are taking the outside advice. I think that is one of the things that Mr Jenkins has brought to the organisation-going outside and not just looking at banks.

It is going to take some time and I am sure there are sceptics around who will query whether bankers can get it; but I think it does take some time, and we as an organisation are open to it.

Q761 Chair: Why is Project Mango restricted to wholesale, particularly given the PPI misselling? I realise, obviously, it was instigated by you, and you are head of wholesale, but why has not the retail side of the bank picked up on it?

Rich Ricci: I think through the TRANSFORM project, which Mr Jenkins is leading, he is picking that up in his work streams as well. I think we were out front, Mr Garnier, only because at the time there was not a chief executive, I did not feel we could wait. That is now being absorbed and being driven across the group, and a lot of the principles that we are using in Mango have been adopted by the TRANSFORM project, looking across the group.

Q762 Chair: There are quite a lot of reviews that are going on: Project Mango, we have got this latest one, we have got the Salz review and all the rest of it. What I find slightly alarming about this is that it seems that these reviews have really come about as a result of the LIBOR scandal. Why has it taken the press to prompt you into getting on with this? Michael Roemer, you might want to answer this as well.

Rich Ricci: We have not been waiting. The issue with LIBOR-it might help if I just give you some context. LIBOR was a very closely held investigation, so it was not made public, nor was it made public internally in the bank for legal listings, for reasons which you will understand; but I was part of the team that was on the investigation team, and as we were uncovering problems associated with LIBOR we were remediating actions. So we were not waiting to initiate big, broader things, but we were doing what we could.

Q763 Chair: At what point did you know the investigation was going on into LIBOR?

Rich Ricci: I was originally a witness in the LIBOR situation, and then I was cleared to become one of the investigative panel, so I think I must have given testimony, I guess I probably realised the LIBOR investigation started in-I can write to you with a specific answer-but I think it was 2009.

Q764 Chair: So you knew; the reason I ask is because there are certain issues with certain senior members-I think Bob Diamond did not know that it was going on, for completely correct reasons, until quite soon before the announcement. Is that right?

Rich Ricci: That is correct.

Q765 Chair: So it is not unreasonable that, given the secrecy of the internal investigation that was going on into LIBOR, by the regulators on both sides of the Atlantic, and internal audit, presumably, as well, it would have been inappropriate to start some of these investigations.

Rich Ricci: Yes. Where we could-in settings and supervision of the desk-we were doing things. Where we could do things, we could. Some of the other things, it was probably inappropriate to start prior to it becoming public.

Q766 Chair: Fair enough. It is an important point and it was right to highlight it. Basically, you have now got an awful lot of reviews, but none the less I would question whether some of them have been quite rightly instigated by the fact that you want to do some soul searching on LIBOR, and some of them may also have been instigated by the fact that there is an awful lot of bad press coming out about Barclays and may just be a cynical response to that.

Rich Ricci: Clearly, the media coverage of the industry and of Barclays in particular is a factor that weighs on our thinking, but as an organisation we recognise that reputation goes beyond the media. We are taking the reviews very seriously and doing them for all the right reasons, not just in response to media pressure.

Q767 Chair: Just going back to the operational way you run your business and the first line of defence. When was the last time that you, as a CEO of the wholesale business, went to the board with a summary of the key risks, including the reputational risk, of your business? When did you last have a long conversation with the board about that?

Rich Ricci: I don’t know whether I have gone to the board with a specific set of risks that I worry about, but I engage regularly, sometimes weekly, sometimes monthly, depending on the issue, with the chairman of the board risk committee, with the chairman of the board himself, with the chairman of the audit committee and with individual board members, and we talk about a large series of issues. They have been given the opportunity and all the information related to Project Mango and all the risks associated with that, and that happens every two weeks.

Q768 Chair: Is that a two-way flow? Is it just you informing the board? I asked this question earlier: do the board just have good ears, or do they have teeth as well? Are they telling you what to do?

Rich Ricci: The board is very actively engaged on a number of things, including, for example, leverage in the investment bank. Clearly they also took a large interest in some of these investigations that are not LIBOR. It is definitely a very proactive board conversation with the business.

Michael Roemer: Each of the businesses comes to the board audit committee at least once a year, sometimes more frequently, to discuss their control environment as well as how they are managing risks and the issues that are there. I am happy to write back to you, but the corporate investment bank has been there since my arrival, with the board audit committee doing a deep dive in each one of those businesses and similarly, the board risk committee reviews the risks of the firm, how they are managed and where they may or may not be managed well.

Q769 Chair: Can I dig down a bit to your front-line staff in the wholesale investment banking side? What proportion of your front-line staff are risk or compliance specialists and are reportable to you, as opposed to reportable to the risk function or the compliance function?

Rich Ricci: We have a matrix management system, so we would have the risk professionals reporting to a head of risk for the corporate bank, and for the investment bank it is the co-heads of risk. They would also report into Robert. It would work the same way for compliance: it would report into our General counsel, which would report into the general council of the institution. On the control function, we have about 24,000 people in the investment bank, and roughly 6,000 or 7,000 people in the front office-8,000, maybe-and the rest would be in the back office. It is about a 2:1 ratio of back office/control functions to front office.

Q770 Chair: That is quite interesting. You therefore have 7,000 staff who are the front line of defence. It is slightly difficult to ask the question, but to what extent do your front-line staff unwittingly devolve responsibility for compliance to the compliance function, thereby thinking, "It is not my responsibility, it is somebody else’s", and just getting on with the business. How do you ensure that they do not do that?

Rich Ricci: First of all they should not be doing that.

Q771 Chair: We are all aware that they should not, but they do, don’t they?

Rich Ricci: The way that that would crop up would be if there was a compliance breach. We recently had a compliance breach where a conflict of interest policy was not exercised appropriately. We caught that through our second line of defence, brought it to the attention of the first line of defence supervisor and interviewed the individuals involved. In the instance of the individual, the attitude towards their compliance responsibilities did not meet the standard of the firm, and so we have decided to part company with that individual. It is the reinforcement of it. You drive it and people sign off that they follow the rules of the road, but the way you normally catch it is through a breach. People make mistakes, but if the breach is through carelessness or lack of regard, they should not be in the firm. That is how you reinforce it.

Q772 Chair: Do you have any way of monitoring how successful the first line of defence is?

Rich Ricci: Yes. We would look at the number of breaches on a desk. Have you breached your mandate? Have you breached your responsibilities? We would look at the number of reconciliation issues a particular desk may have. We may look at the variance between where a trader marks his book at the end of the day and where the independent valuation comes, and whether that is causing concern. There are various methods and controls we use to evaluate our effectiveness.

Q773 Chair: Is there ever any perception among front-line staff that the control employee-the second line of defence-who approved a bad deal is the more likely to be sacked of the two people than the person who did the deal?

Rich Ricci: No. If there is a bad deal, I think that the buck stops with the business and I think they expect to feel the heat on the deal. I want to be clear, but obviously there are circumstances where if the advice they got was wrong or if there was an issue with the second line of defence in the execution of the deal, that may be different. If it was just a deal that had gone bad-bad judgment, bad risk, bad execution-the buck stops with the front office. They are not looking to pass the buck to the support staff.

Q774 Chair: So the guy who entered into that deal would be sacked if there was a sackable offence.

Rich Ricci: Yes.

Q775 Chair: Getting back to your hotheaded swaps traders in New York, back in 2006-07, how have you dealt with them? What have you done with those guys and that team?

Rich Ricci: We carried out a very thorough investigation, as you will have seen from the reports of the authorities. We have subsequently held an internal review as well, and a disciplinary process for all those individuals. A lot of the individuals who would have been in that disciplinary process had left by the time we uncovered the process.

Q776 Chair: Where did they go?

Rich Ricci: Other institutions.

Q777 Chair: And in many cases, they came to you from other institutions?

Rich Ricci: I do not know if it is many, but yes, in quite a few situations, they did come from other institutions.

Q778 Chair: Have you informed those other institutions of your findings on those individuals?

Rich Ricci: Yes, we would have followed up with the institutions and the authorities-or through the authorities to the institutions.

Chair: Okay.

Rich Ricci: Internally, we have conducted our process. There were 13 people who have been disciplined. Of those who remained, five have been terminated and there is an appeal process for some other terminations. We are in the process of concluding the investigation.

Q779 Chair: Just out of interest, between all of you, how often do you talk to other firms-other banks-about members of staff and potential breaches of risk, compliance or whatever? Who wants to go first? You have been on the reserve bench for a long time, Mr Aldred.

Michael Aldred: About specific individuals?

Chair: Yes.

Michael Aldred: There is a duty of privacy that we obviously have to be mindful of. The process in respect of individuals is to go via the regulators rather than just share names.

Q780 Chair: If you are worried about somebody who has come from another firm, your only course of redress is a conversation with the regulator as opposed to phoning their previous employer?

Michael Aldred: There would be a referencing process that we would use, yes. Obviously, we would-

Q781 Chair: But if you subsequently find that somebody is not quite what you thought there were, for one reason or another, can you phone anybody at the previous organisation?

Michael Aldred: Proactively, no. That is not something we would do, except via the regulatory authorities.

Q782 Chair: Mr Roemer, what about phoning around to find out? If you do not understand something, do you ever talk to other banks and say, "We’ve got a bit of a problem", with a team, staff or a product?

Michael Roemer: We share. I am part of a group called the Group of 25, which comprises the chief auditors of the largest 25 financial service firms in the world and includes some of the other firms here in the City as well as those around the world. We meet periodically. There is also the Institute of Internal Auditors, a group that meets. Basically, we would share, at a high level, generic information that we would be permitted to share. We would talk about issues, etc. So client assets, as an example. When MF Global had problems, there was a broad discussion around how do you audit it. Very generic things. But there would not be anything specific.

On people, we would not generally. There might be a little bit about the hiring process, but-

Q783 Chair: Mr Walters, obviously, your compliance officers-you talk to the regulator anyway pretty regularly.

Mike Walters: We talk to the regulators. We also talk among the compliance officers, to the extent that we are able to. There is also a thing called the Wolfsberg Group, of which Barclays is a founding member, which is specifically looking at the financial crime area. That is an area where being aware of a particular name that may be problematic but not yet notified to us as problematic by a regulator-that is an informal channel that is important.

Michael Roemer: One point of clarity. The regulators do invite the auditors from many of the firms together to share information, etc., and I meet with regulators one on one at least monthly.

Q784 Chair: This is quite useful. It may be helpful, actually, if the five of you got together and worked out who these informal groups are, just so we have got a bit of an idea of how best practice-a positive thing-is being shared among the big organisations.

Q785 Baroness Kramer: Just a couple of questions. I may be being thick, but I do not quite understand the role that your various desk heads play in upholding standards. Obviously, there has been an example of people who were involved in the LIBOR scandal, and examples are exceedingly useful, but they are forgotten rapidly. I do not understand what role they are playing. Could you help me with that, in terms of sharing good practice and appropriate conduct, and those kinds of issues?

Rich Ricci: The supervisors’ responsibilities would include ensuring that the desk under his watch, and the people under his watch, are complying with all the relevant rules and regulations-also, with the standards of behaviour that the firm demands and aspires to. And he or she is the first line of defence in making sure that those standards are upheld. If there is a problem on the desk, we also then make sure that there are not issues from a supervisory perspective. If there are supervisory issues, we either discipline the supervisor as well or reinforce the education and learning the supervisor needs. So the supervisor plays a key role in the first line of defence.

Q786 Baroness Kramer: Otherwise it would be the second or third line of defence coming in.

Rich Ricci: You would have a chain.

Q787 Baroness Kramer: Okay.

Rich Ricci: You would have desk supervisors, product heads, and you would go up their chain. But there is also a separate monitoring process from the second line of defence.

Q788 Baroness Kramer: Okay. On the culture, which is the one that you instil through your training of people who come in and learn the Barclays way, you talked earlier about people coming in from the outside. I am unclear about that. If I am looking within the wholesale business, what percentage am I looking at of people who came in from the outside versus those who grew up through your system?

Rich Ricci: For us, it is a hard question to answer. I do not know if we can even calculate it, because we are really only-I guess the latest incarnation of the investment bank is only 15 years old. If you recall that chapter in our history when we split up BZW and we were left with kind of a core group of 6,000 people, as we expanded the business, we brought a lot of new people in. What is interesting is that the average life of an employee in the investment bank is around four and a half years, and that is reflecting the fact that we are building out equities and banking which were new to us in the last five years. If you just look at the core trading people, it is about five and a half years. This is a really complicated answer to your question, but if you also factor in that we started with 6,000 and are 24,000 today, by definition, a lot of them would have come from outside the investment bank, but a lot of them have been here for a while.

Q789 Chair: I am aware that we have been going for nearly three hours now. Are you happy to carry on for another 10 minutes before we wind it up?

Rich Ricci: Certainly.

Q790 Baroness Kramer: I wanted to pick up on the issue of whistleblowing. We have heard from internal audit, but the parallel in the formal audit system comes from within your own organisation. Obviously, we have examples of key areas where whistleblowing did not appear to function. How is it organised within the organisation? What role does it play within Barclays?

Mike Walters: It plays a central role in our set-up. We have a whistleblowing policy. We actually do not call it whistleblowing; we call it raising concerns, because we want to set the bar low enough to make sure that nobody disqualifies themselves because of some label like "whistleblowing". We very much encourage it. Our policy provides all the protections that you would expect for whistleblowers.

We say to people that each employee has a responsibility to put up their hand and raise concerns where they think that something is wrong. We have campaigns to make people aware of the facilities for whistleblowing, which include anonymous e-mail accounts and telephone hotlines. There is an ability to raise concerns not only with managers but with compliance, legal and risk. Everybody does that, either anonymously or by disclosing who they are, in the knowledge that-

Q791 Baroness Kramer: How typically is it anonymous, rather than with a name disclosed?

Mike Walters: Sometimes people ring up and say, "I don’t want to give you my name. I want to remain anonymous," which we obviously respect. Quite often, people set up Yahoo! accounts, for example, and send an e-mail to our whistleblowing e-mail account. Then you cannot tell who they are. We acknowledge that and send an e-mail back to them.

Q792 Baroness Kramer: I can understand why that process is used, but it does suggest that people do not expect ever to be rewarded for being a whistleblower, doesn’t it? In other words, they do not want their name associated with it. They are afraid there is a downside and that they will be castigated or seen as disloyal. It does not look as though they think it will ever do their career any good.

Mike Walters: Many people are not anonymous, so it is not a consistent thing. What matters to us is to get concerns raised so that we can do something about them. With every single concern that gets raised in this way, we carry out a thorough investigation, and where we need to take action because there is a problem, we do so. We do not hold it against any employee who blows the whistle or raises a concern. It is a critical part of what we do that people should feel safe to do that.

Rich Ricci: That is a really important point. I thought a lot about this over the last few years, learning of these events and things. You want an environment where people feel safe. You question whether there is something about your culture that is not doing that. One thing that I thought about a lot is that we were a culture that really valued fixing problems. We were a culture that did not like people who admired problems; we liked people who drove solutions. I think that shift may have been too much. People have to be encouraged to raise problems, and not to be afraid to say, "This is an issue," without having a solution, so that everyone can fix it. That is a learning that we in the investment bank need to reinforce.

Q793 Chair: Just a couple of quick last questions. Standard Chartered and Citigroup both spoke to us earlier or last week about control functions grading senior staff as part of appraisal and compensation reviews. Do you think this could be applied also to front-line staff, creating a market for good performance?

Robert Le Blanc: The risk function participates in the review of the performance of, for example, the investment bank trading areas to understand how they have performed on a risk-return balance and provide independent challenge and assessment of that performance, as we were saying a little earlier, separate from the pure financial measure of that performance. It is an important area to bring that balance of risk and return into the compensation equation.

Q794 Chair: You will be pleased to hear that this is my last question In your initial submissions to the Commission, Mr Ricci and Mr Le Blanc, you suggested a new chartered institute for bankers, which has certainly been talked about a lot. You looked at some of the duties of the new body being additional obligations for regulators and staff, but nothing necessarily for the banks. Why do you think it is important to have such a body, and do you think it will improve standards any more than the current FSA approved persons regime?

Rich Ricci: When you get industry people together in conjunction with the approved persons process, it can enhance the power of self-regulation. You see the impact in other businesses. If there is a chartered institute of accountants, for instance, there is a standard and peer pressure. That means something. It is a wider body than just approved persons. The thinking is that if you can expand it, leverage some of the good processes in place already and bring that peer pride and challenge into the process, it will be a better system.

Q795Chair: Fantastic. It has been three hours. Thank you very much for coming in. It has been very useful, and I hope you feel you have had a good hearing. The nearest loo is at the end of the corridor on the left.