Panel on HBOS

Written Submission from Paul Moore

 

In relation to the questions in the Annexe, I have no additional written evidence to add to what I have already provided in writing to The Treasury Select Committee. However, I do need to make it clear that before I was dismissed by James Crosby as Head of Group Regulatory Risk at HBOS at the end of December 2004 my focus (as was required at the time by the FSA) was almost entirely on The Retail and The Insurance and Investment Divisions at HBOS and not directly on Corporate, Treasury or International. Consequently, many of the questions which relate specifically to the activities of the other Divisions after I was  dismissed are not directly within my knowledge to give evidence.

 

However, I can and have given useful evidence, in general terms relating to HBOS’s overall approach to risk management and corporate governance about which I was very familiar and which I submit was the central cause of its failure. In particular, I have given evidence in relation to the way the sales culture at HBOS (designed to drive short  term growth) was markedly out of balance with its systems and controls (risk management, regulatory compliance and internal audit).

 

In my case, this was directly evidenced by the fact that James Crosby dismissed me after I explicitly raised this as a serious risk at Board level and by the extraordinary fact that he replaced me with a new Group Risk Director (also approved by the FSA) who had absolutely no experience of advising on risk management, regulatory affairs or corporate governance. In fact, the person he appointed had spent most of her career as a sales manager. This, by itself, was clear evidence that James Crosby and the HBOS Board (including the non-executives) paid mere lip-service to risk management and proper corporate governance.

 

In my view, what happened at HBOS provides important general policy lessons for the standards that should apply to Banks’ corporate governance (by which I include risk management, regulatory compliance, non-executive directors, auditing, regulatory supervision etc), as I have written about, at length, in my submissions to The Walker Review, The FSA and The Treasury Select Committee.

 

In my opinion, the most important point is that it demonstrates that, to ensure an adequate separation and balance of power in the Boardroom of large banks and other financial institutions, the control functions (risk management, regulatory compliance and internal audit) should never report to the executive for the obvious reason that this makes it extremely difficult and risky for individuals doing those jobs to raise challenges with which the executive do not agree. Of course, it is the primary role of control functions to raise challenge / "blow the whistle" / "raise the red flag" when things get out of control. If they report to the executive, the control functions could be described as "attempting to do their job with one arm tied behind their back". This creates enormous risk for the entire financial system when the very people whose primary role is to provide the checks and balances at the crucial time are not truly in a position to do so because of the personal risk it entails. My latest evidence to the TSC (June 2012) includes the report from a global survey of risk managers (563) which demonstrates that the majority expected a major financial crisis well in advance of when it occurred but that the cultures in which the operated inhibited effective challenge and that the executive prioritised sales.

 

It has been my recommendation that control functions in large banks should now ONLY report to the non-executive. In my view, they should report to a new expert and dedicated non-executive of oversight, assurance and ethics who spends no less than two days a week carrying out the role. I have explained this role in some detail in my latest submission (June 2012) to the TSC. In addition, I have recommended that there should be additional "whistleblowing" protections for heads of risk, compliance and internal audit over and above standard whistleblowers’ employment protections. New policy must provide protection for these roles BEFORE any dismissal is allowed to take effect as opposed to the post facts protections that currently apply for standard cases of whistleblowing. These protections should require a much more rigorous dismissal process involving all non-executives, rights of representation for the individual whom it is proposed to dismiss and the involvement of the regulators supervising the firm. In my own case, I had received positive feedback from external consultants, non-executives as well as the FSA prior to being dismissed by Crosby who subsequently wrote to me that "...the decision was mine and mine alone..". And yet I was provided with no protection either by the non-executive or the FSA.

 

There are also other very important lessons to be learned from my long term practitioner’s experience at HBOS and elsewhere about other aspects of corporate governance which I have written about e.g. fiduciary duties of directors, the competence and independence of non-executive directors, professional qualifications for control functions, audit and accounting, regulatory oversight etc.

 

Of course, I am willing and able to re-visit and explain my views on all these areas to the Parliamentary Commission orally. Indeed, I am sure that doing this would be helpful for Members and for the process generally. However, I also strongly recommend that members read the evidence that I have already provided to The Treasury Select Committee in advance. It is long but I am afraid that there is really no substitute for reading it in full if they want to obtain the perspective of a long term practitioner like myself.

 

Please feel free to provide this email to anyone else you think may benefit from its contents including Members of the Commission.

 

16 October 2012