7 Bank governance, standards and culture
Introduction
658. In this chapter, we examine the governance and
culture of banks, considering successively: shareholders, boards
and internal control frameworks, and then wider issues relating
to the culture within banks, including bank value statements and
the role of whistleblowers.
659. The primary duty for maintaining high standards
in banks lies with the banks themselves, and in particular their
boards. They operate within a corporate governance framework of
rules, guidelines and best practice for public corporations that
is designed to ensure that they fulfil this duty. Corporate governance
has been found badly wanting in financial institutions in the
recent past, particularly in banks. This has been at great cost
not just to the shareholders, but to taxpayers. There have been
a number of common features of the failures of bank boards, regardless
of the structures of those boards. A number of steps have been
taken since the onset of the financial crisis to improve governance
practice in financial institutions.[1118]
The Commission has no wish to turn the clock back or prescribe
highly detailed templates. The Commission is also realistic about
the limited scope there is for achieving transformational change
within banks through changes to structures of governance, but
considers that there were considerable defects in corporate governance
in banks that can and should be addressed. However, there are
some changes we suggest below which we judge are likely to secure
significant improvements to banks' governance and which are aligned
with our proposals in the previous chapter on a new framework
founded on the principle of individual responsibility.
Shareholders: the silent owners
THE UK EQUITY MARKET
660. Shareholders have not been effective in disciplining
or constraining banks' behaviour. This section examines why shareholders,
or rather those that act for shareholders, have contributed to
the crisis of banking standards, and the extent to which shareholders
can be expected to be part of the solution.
661. In recent decades, the pattern of UK shareholding
has become more fragmented. Insurers, pension funds and individuals
have outsourced their investments to fund managers, who have come
to dominate equity markets, while financial globalisation has
led to a rising proportion of UK equities held by overseas investors.
Professor John Kay, in his review of UK equity markets, argued
that "This fragmentation has reduced the incentives for engagement
and the level of control enjoyed by each shareholder".[1119]In
many cases, this process has further weakened active engagement
by shareholders, with fund managers and overseas investors typically
more interested in the short-term performance of companies than
in generating sustainable returns by promoting their long-term
success. Any influence they wield over the management of the company
is manifested through selling their stock rather than through
voting and engaging with the boards of their investee companies,
a phenomenon described in the Kay review as "exit over voice".[1120]
The table below shows how the proportion of UK-quoted shares held
by insurance companies and pension funds has declined in recent
decades, while overseas holdings have increased.
Historical Trends in Beneficial Ownership (Percentage Held)
| 1963 | 1975
| 1981 | 1991
| 2001 | 2008
| 2010 |
Rest of the world |
7 | 5.6
| 3.6 | 12.8
| 35.7 | 41.5
| 41.2 |
Insurance companies |
10 | 15.9
| 20.5 | 20.8
| 20 | 13.4
| 8.6 |
Pension funds | 6.4
| 16.8 | 26.7
| 31.3 | 16.1
| 12.8 | 5.1
|
Individuals | 54
| 37.5 | 28.2
| 19.9 | 14.8
| 10.2 | 11.5
|
Other | 22.6
| 24.2 | 21
| 15.2 | 13.4
| 22.1 | 33.6
|
Source: The Kay Review of UK Equity Markets and
Long-term Decision Making, Final Report, p 31
662. Investors that hold shares for a short period
are less likely to be concerned by the long-term prospects of
the company they own, other than to the extent that it affects
short-term movements in the share price. Because they trade more
frequently, short-term investors can exercise an influence on
share prices that is disproportionate to their holdings. The rise
of shareholder short-termism and disengagement from the responsibilities
of ownership has been exacerbated by the growth of intermediaries
that have distanced the ultimate beneficial owner of shares from
investee companies.
663. The Kay review and Sir David Walker's review
of corporate governance in UK banks both considered these developments,
and proposed measures to reflect better shareholders' responsibilities
as company owners. Among other recommendations, the Walker review
proposed a new Stewardship Code setting out best practice in stewardship
by institutional investors and fund managers.[1121]
The Kay review recommended the inclusion of a commitment to responsible
engagement within the investment management industry code.[1122]
However, Professor Kay and Sir David both acknowledged in evidence
to the Commission that the investment environment that they ultimately
sought, in which the "anonymous trader" was replaced
by the "concerned investor", remained a long way off.[1123]
Professor Kay spoke of "philosophical leaps that are needed
to take us to the world we would like",[1124]
while Sir David told us that "it will not happen overnight,
and it may never happen".[1125]
WHO OWNS THE BANKS AND WHY?
664. The situation facing UK equity markets generally
also applies to banks specifically. In Annex 5 we consider further
evidence on bank ownership. The main points emerging from that
evidence are that:
· Few entities hold large single stakes
in UK banks and many have holdings in each of the large banks;
· Bank shareholdings are often held for
a short time, encouraging short-term risk-taking;
· There are reasons for scepticism as to
whether shareholders could spot the risks which a bank's own leadership
misses; and
· Active investment can lead to higher returns,
but potential active investors are wary of seeking insider knowledge.
Institutional shareholders have not done enough to
encourage banks to maintain high levels of banking standards.
SHAREHOLDER PRESSURE AND LEVERAGE
665. Where shareholders did engage with banks in
recent years, it was sometimes to pressurise them to take on additional
risk and increase leverage to boost equity returns. RBS told us
that "in some instances investors pressed for what were arguably
unsustainable levels of return, creating pressure to increase
leverage and take on additional risk".[1126]
Lloyds said that:
Shareholder behaviour "pre-crunch"
focused on a drive for growth with emphasis placed on delivering
potentially unsustainable returns, without recognition of the
downside risks. This was a factor in creating a culture that arguably
led to failure in the sector.[1127]
In its evidence, HSBC wrote of a "very strong
public call for leverage and structuring from many institutional
shareholders",[1128]
while its Chairman Douglas Flint told the Treasury Committee that:
There was a great deal of pressure coming from
shareholders who were looking for enhanced returns and were pointing
to business models that have, with hindsight, been shown to be
flawed and in particular very leveraged business models and saying,
"You guys are inefficient. You have a lazy balance sheet.
There are people out there that are doing much better than you
are", and there was tremendous pressure during 2006/07.[1129]
A number of witnesses noted that this misalignment
of interests between shareholders and society was further exacerbated
in banks deemed too big to fail because bondholders perceived
to be insured against failure did not rein in the more risky instincts
of shareholders. As Professor Kay put it:
banks [...] are unique among large companies
in that the equity shareholders in reality only provide 2 per
cent or 3 per cent of the capital of a business [...] Much of
the capital is[...] in effect employed by bond holders.[1130]
Professors Black and Kershaw drew attention evidence
from the US indicating that "direct or indirect shareholder
pressure supported by strong shareholder rights [could result]
in more risk-taking than in banks with weaker shareholder rights
where managers could resist that pressure".[1131]
CONCLUSIONS
666. Institutional shareholders have unlimited
upside to their investment, but a downside limited to their equity
stake. Shareholders also fund only a tiny proportion of a bank's
balance sheet, which can incentivise them to encourage banks to
increase short-term risks. In the run-up to the financial crisis,
shareholders failed to control risk-taking in banks, and indeed
were criticising some for excessive conservatism. Some bank leaderships
resisted this pressure, but others did not. The Independent Commission
on Banking believed that its proposed ring-fence would create
incentives for shareholders to be more mindful of excessive risk.
However, we agree with the Kay Review that incentives for institutional
investors to engage with companies remain weak. The primary responsibility
of institutional investors is to earn returns for their clients,
with engagement with company managements only likely to be undertaken
by firms that regard it as contributing to that responsibility.
The nature of the asset management industry and the financial
incentives for key decision-makers in that industry incentivise
focus on short-term investment performance, rather than engagement
to promote the longer term success of companies, even though the
latter may be better aligned with the long-term interests of the
ultimate beneficial owners of the shares. Even the largest investors
own relatively small holdings in large companies such as banks,
limiting their influence. The misalignment between the incentives
of asset manager and the long-term interests of a company, coupled
with the fact that shareholders contribute only a tiny sliver
of a bank's balance sheet, mean it would be a mistake to expect
greater empowerment and engagement of shareholders to lead to
the exercise of profound and positive influence on the governance
of banks.
THE ROLE OF BONDHOLDERS
667. In addition to customer deposits most banks
raise money from wholesale markets, including from private investors,
institutions and other banks. Although not all strictly in the
form of bonds, we use the term bondholder to encompass wholesale
market providers of bank funding. The leverage of financial institutions
results in bondholders and depositors providing the dominant proportion
of bank funding; the sums provided by shareholders are correspondingly
substantially smaller. The leverage in the banking system prior
to the financial crisis was only possible because of the funding
available. The 3% minimum Tier 1 leverage requirement included
within the Basel III capital proposals establishes a minimum level
for the Tier 1 contribution to the funding of a bank balance sheet
of just 3%, with up to 97% from other sources, largely bondholders
and depositors.
668. The proportions of funding raised from customer
deposits and wholesale markets varies significantly between individual
banks. At the end of 2012 Lloyds Banking Group had wholesale funding
equivalent to 40% of its customer deposits[1132],
down from 90% at the end of 2008[1133].
Barclays had wholesale funding equivalent to 71% of its customer
funding at the end of 2012[1134],
compared with at the end of 2008. Regardless of this leveraged
structure, the legal responsibilities of bank managements are
currently similar to those of non-financial companies. The Companies
Act obliges managements to manage a company in the interests of
its members, which is widely interpreted to be its shareholders.
Stephen Hester told us that directors have an:
obligation to act on behalf of the company's
interests, prominent among which are the shareholders who own
the company. So you can have any membership you like, but the
board of directors will have a duty to the shareholders.[1135]
669. As owners, shareholders have significant powers,
including over company governance, such as the right to approve
and re-elect directors and in certain circumstances, major corporate
initiatives may also require shareholder approval. By contrast,
while a bank remains solvent, the formal powers of other creditors,
such as bondholders, are much more limited. The terms of some
bond issuances may have provisions in situations when the security
of the bond may be affected. Secured creditors, such as securitised
or covered bond holders, may also have claims against particular
asset pools and associated rights to protect the security of those
pools. However, bondholders have no general formal powers over
a bank's strategy or the appointment of management. It is only
in the event of insolvency that creditors assume the rights of
ownership of the company, with the power to replace management
and dispose of assets and to seek to recoup their exposure from
any proceeds in accordance with a determined creditor hierarchy.
670. In practice, the scale of the funding provided
by bank creditors means they have much more influence over companies
than their formal rights would imply. Most bank funding has a
fixed maturity, with only minimal sums currently in the form of
irredeemable debt. Consequently, banks have to engage in regular
raising of new debt funding, both to refinance maturities of existing
debt and to fund new business growth. At the end of 2012, 30%
of Lloyds Banking Group's wholesale funding had a remaining maturity
of under one year[1136],
compared with 42% at Barclays.[1137]
As a result banks have strategies to maintain as wide and ready
a demand for their paper as possible. For larger banks, this generally
includes a broad range of funding sources by currency, structure,
maturity, geography and investor type. This process generally
involves engagement with a broad range of bond investors, analysts
and rating agencies. Bank managements therefore need to respect
the views of bond markets and the resulting impact on the appetite
for their paper of the actions they take. The attention banks
have devoted to funding markets has increased substantially over
the financial crisis and subsequently, as liquidity has become
much less reliable; there have been periods when liquidity almost
completely evaporated and volumes in certain areas, such as mortgage
securitisation, have shrunk dramatically from the pre crisis period.
671. The characteristics and interests of bondholders
and shareholders are very different. Shareholders' potential upside
is unlimited and in return for this, they are prepared to assume
greater risk and rank behind all creditors in the case of insolvency.
Bondholders are normally more risk averse than shareholders. They
rank ahead of shareholders in the case of insolvency and are prepared
to forgo the unlimited upside potential of shareholders in return
for this additional security. Bondholders generally only expect
to receive a return of their investment plus interest for the
intervening period. As their upside is largely capped, bondholders
are likely to be more cautious of potential risks to the downside.
Shareholders' upside ultimately derives from business growth.
Bondholders' security relies on the bank's stability.
672. The incentives for bondholders to discipline
banks depend on the risks they perceive. Given the substantial
leverage maintained by banks, insolvency can still result in significant
losses to bondholders, despite the protection of shareholder capital.
Fear of such losses can incentivise bondholders to limit the risks
banks take. However, if bondholders regard the risks as small,
particularly due to the perception of the existence of an implicit
or explicit taxpayer guarantee, these incentives are correspondingly
reduced. This may particularly apply to banks that are regarded
as too big to fail.
673. Proposals for structural reform of the banking
industry are set out in Chapter 4 of this Report. Many of these
reforms are at least partly aimed at reducing or eliminating the
perceived taxpayer guarantee. The reforms include the potential
power to 'bail in' categories of bondholders. However, as we also
state in this section, there is convincing evidence that the guarantee
may not be fully eliminated, even once all the proposed reforms
take full effect.
674. The financial crisis has underlined, if this
were needed, the importance of effective scrutiny and the exercise
of discipline by creditors to the maintenance of banking standards.
Such discipline has been lacking, in large part as a result of
the perceived taxpayer guarantee. The measures to bear down on
the guarantee, which the Commission has already noted should be
a priority, would be the most effective way of correcting this,
as bondholders, broadly defined, would have a greater incentive
properly to assess credit risk. Market discipline from creditors
subject to the potential of bail-in should encourage banks and
their managements better to balance downside and upside risks.
The Commission endorses the good practice adopted by an increasing
number of banks of publicly disclosing, and making widely available,
the contents of their presentations to bondholders. The Commission
encourages bondholders, where they are sufficiently concerned,
to raise such issues publicly where practical. The PRA should
examine the scope for extending bondholder influence of this type.
Bank boards and governance
INTRODUCTION
675. UK corporate governance has improved in recent
years. But when in the case of banks it was tested, it was found
wanting. Board failures in the banking sector have been widespread
and are not restricted to those banks which required taxpayer
support or failed during the financial crisis. Crucially, board
governance failures have also been prevalent in some banks which
emerged relatively unscathed by that crisis. This section examines
the role of the board in the context of wider corporate governance
failures in the banking sector. We examine why over the last decade
so many banks boards appeared unable to operate effectively; the
key factors which underpinned this failure; and whether reforms
to the way bank boards are governed are sufficient to ensure they
prove more effective in the future.
676. There is no quick single fix to improve banks'
governance. Equally, a collection of detailed tweaks is unlikely
to prevent serious failures such as the banking industry has experienced.
We are cautious about making a great many recommendations in this
field which may do little more than create yet more lucrative
work for corporate governance professionals. We therefore concentrate
on assessing proposals for change against four basic principles,
which are connected: ensuring personal responsibility of board
members; ensuring that there is adequate challenge within boards;
preventing boards from constructing internal firewalls that leave
them in wilful ignorance and excuse them from proper accountability
for the firm; and reflecting the differences between banks and
other public companies arising from the fact that shareholder
equity represents only a tiny sliver of the balance sheet.
677. Box 12 sets out the role of a company board
and the functions of a number of the committees of a board.
Box 12: The role of the board and the
combined code on corporate governance
The UK Corporate Governance Code states that "every
company should be headed by an effective board, which is collectively
responsible for the success of the company".[1138]
Boards typically comprise both executive and non-executive directors,
including a chief executive and chairman. Furthermore, as regards
"division of responsibilities"[1139]
on the board, the code states that:
· There should be a clear division of responsibilities
at the heart of the company between the running of the board and
the executive responsibility for the running of the company's
business. No one individual should have unfettered powers of decision;
· The Chairman is responsible for leadership
of the board and ensuring its effectiveness on all aspects of
its role;
· As part of their role as members of a
unitary board, non-executive directors should constructively challenge
and help develop proposals on strategy;
· With regard to ensuring the "effectiveness"
of the board, the code states that:
· The board and its committees should have
the appropriate balance of skills, experience, independence and
knowledge of the company to enable them to discharge their respective
duties and responsibilities effectively; and
· All directors should be able to allocate
sufficient time to the company to discharge their responsibilities
effectively.
Bank board committees
Bank boards tend to typically organise and manage
their governance through committee structures. The most common
committees at banks are the Audit Committee, Risk Committee, Nomination
Committee, and Remuneration Committee.
The main roles and responsibilities of the Audit
Committee includes monitoring the integrity of the financial
statements, reviewing internal controls, monitoring and reviewing
the effectiveness of the internal audit function and overseeing
the relationship with the external auditor.
The role of the Risk Committee can differ
between institutions. In HSBC, the Group Risk Committee is responsible
for 'advising the Board on high level risk-related matters and
risk governance and for non-executive oversight of risk management
and internal controls (other than financial reporting).'[1140]
In Barclays, there are three different risk committees responsible
for different aspects of risk: the Board Conduct, Reputation and
Operational Risk committee; the Board Financial Risk Committee;
and the Board Enterprise Wide Risk Committee.[1141]
The Board Remuneration Committee 'sets the
overarching principles and parameters of remuneration policy'[1142],
monitors and approves the remuneration arrangements of the executive
directors and senior executives and 'ensures that the remuneration
policy is appropriate and consistent with effective risk management'[1143].
The Nomination Committee leads the process
for Board appointments and identifies and nominates candidates,
for the approval of the Board. They are responsible for reviewing
the composition of the Board and considers the succession plan
for the key Board positions like the Chief Executive and the Chairman.
In the case of Barclays, Lloyds Banking Group and RBS, the Nomination
Committee is chaired by the Chairman of the board.
THE NATURE OF THE FAILURES
678. The record of board governance failures in the
preceding years is well-documented and does not need to be rehearsed
again in detail.[1144]
A few examples will suffice. The Treasury Committee, in its Report
The Run on the Rock, concluded with respect to the Northern
Rock board:
Given that the formulation of that strategy was
a fundamental role of the Board of Northern Rock, overseen by
some directors who had been there since its demutualisation, the
failure of that strategy must also be attributed to the Board.
The non-executive members of the Board, and in particular the
Chairman of the Board, the Chairman of the Risk Committee and
the senior non-executive director, failed in the case of Northern
Rock to ensure that it remained liquid as well as solvent, to
provide against the risks that it was taking and to act as an
effective restraining force on the strategy of the executive members.[1145]
Similarly, this Commission highlighted board failures
in its report on the collapse of HBOS:
The corporate governance of HBOS at board level
[...] represents a model of self-delusion, of the triumph of process
over purpose.[...] The Board, in its own words, had abrogated
and remitted to the executive management the formulation of strategy,
a matter for which the Board should properly have been responsible.[1146]
Boards failed to maintain high levels of professional
standards and did little to prevent mis-selling scandals such
as PPI and IRHP.
WHY BANKS ARE DIFFERENT
679. Bank boards face particular challenges and responsibilities
compared to other organisations. These primarily reflect the systemic
risks associated with banking, and also specific regulatory requirements
to mitigate conduct risk. As a result of their 'too important
to fail' status, banks benefit from an implicit subsidy which
we have discussed in greater detail previously in this Report.
This implicit subsidybased upon the expectation of taxpayer
supporthas led to significant taxpayer bail-outs of some
banks as well as other forms of support to the banking sector
as a whole. Professor Julian Franks summarised why banks were
different:
What is different about banks is that they give
rise to tremendous systemic risks. Whereas BP can destroy itself
but the taxpayer does not bail the company out, it is the preponderance
of leverage and the failure that gives rise to systemic risk that
make banks different. [1147]
Dr Peter Hahn focused on risk profile as a key differentiator.
He told us that "they (banks) are fundamentally different
in an extraordinary way" as, in comparison to other industries,
they can change their risk profile very quickly. He said:
Banks, however, are fundamentally risk management
businesses; their business is to try to match risk and return
on a daily basis. [...] the challenge is that it is very hard
for many large businesses to change their risk profile very quickly,
and a bank could take on unbelievable amounts of risk in a few
moments.[1148]
680. The complexity of banks led some witnesses to
express scepticism that it was possible for a bank board to work
as effectively as was the case in other sectors. This was the
Governor's stance: certain "institutions were simply too
big and complex for anyone to genuinely know exactly what was
going on".[1149]
Professor Julian Franks told the Commission:
That adds to my view that banks are complex and
if you think that you can fix boards to fix these problems, that
is a great mistake. You need structural changes. We can improve
boards, but do not lay too much emphasis on that as a way of stopping
the problem [...].[1150]
[large] banks are very complex organizations
and increasingly I am coming to the view that bank boards do not
have the information to pinpoint problems early enough. Problems
of fraud, misselling as well as excessive leverage should tell
us that with the best of directors some banks are simply too complex
for boards to manage with confidence.[1151]
The importance of the challenge function
681. A key theme to emerge in our work on corporate
governance was the importance of non-executive directors exercising
a 'challenge' function with respect to executives and acting as
an effective check and balance on senior management. This 'challenge'
function is set out in the Code, which states that "non-executive
directors should constructively challenge and help develop proposals
on strategy[1152]
[...] [as well as] scrutinise the performance of management in
meeting agreed goals and objectives. They should satisfy themselves
on the integrity of financial information and ensure that financial
controls and systems of risk management are robust and defensible".[1153]
However, as the Treasury Committee has previously concluded:
The current financial crisis has exposed serious
flaws and shortcomings in the system of non-executive oversight
of bank executives and senior management in the banking sector.
In particular, the evidence shows that many non-executive directorsin
many cases eminent and highly-regarded individuals with no shortage
of experience in the business and banking worldsfailed
to act as an effective check on, and challenge to, executive managers.
Too often non-executive directors in the banking sector have operated
as members of a 'cosy club' rather than viewing their role as
being that of providing effective checks and balances on executive
members of boards. [1154]
Cevian Capital stressed the importance of 'challenge'
in ensuring that boards worked effectively. It stated that "lack
of challenge in the boardroom [...] leads to poor decision-making,
limited accountability and improper alignment of interests".
The consequences, it noted, were "particularly grave in the
financial sectorwhere the job of a non-executive director
is especially difficultgiven that relative to part-time
NEDs, executive directors have a huge informational advantage
and benefit asymmetrically from risk-taking". [1155]
682. Sir David Walker pointed out the reactive and
passive nature of too many boards:
Boards driven in many cases by a concern about
short-term profit and loss and the quarterly earnings announcement,
have in my view been too passive and accepting of what was proposed
by the executive.[1156]
In his review of corporate governance arrangements
at major financial institutions, Sir David stressed the paramount
importance of 'challenge' in the boardroom:
'The essential challenge' [..]. appears to have
been missed in many board situations and needs to be unequivocally
clearly recognised and embedded for the future. The most critical
need is for an environment in which effective challenge of the
executive is expected and achieved in the boardroom before decisions
are taken on major risk and strategic issues.[1157]
Sir David, expanded on these points in evidence to
the Treasury Committee noting that "one way of characterising
corporate governance in financial institutions before the crisis
[...] is that certainly in this countrybut I believe elsewhere
and particularly in the USAthey were far too collegial".
As a result, "the word I have been very keen to deploy and
promote, greatly irritating some, is 'challenge'".[1158]
683. David Paterson, Head of Corporate Governance
at the NAPF, told the Treasury Committee that it was "an
enormous challenge" to ensure that non-executive directors
acted as an effective check and balance on executives. He argued
that it "requires a strong chairman to elicit the views of
non-executive directors and to encourage them to speak up, either
in the board meeting or privately to him, about concerns they
have".[1159]
Otto Thorensen, Director General of the ABI, concurred, telling
the Treasury Committee that "the role of the Chairman is
absolutely critical" in ensuring a well-functioning board
where effective challenge takes place. However, Mr Thorensen also
stressed the importance of the chief executive in accepting such
challenge as well as the role of the "executive team in supplying
the right kind of information in a way that people can understand".[1160]
The problems of boards which become overly-collegiate was made
by Martin Taylor who told us that "the culture you want on
a board is a bracing culture", but that the default culture
of:
Collegiality [...] comes from our social habits.
Man is a social animal. You have dinner with people the night
before and one of them says, "Do you want to borrow my house
in Tuscany and the rest of it?" It doesn't happen to me,
but you know what it mean. Then the next day at the board meeting,
do you say to them, "Look, I have three questions for you
and I'm not going to stop until you've answered all three of them
properly"? People don't do that.
A bank company secretary told us that, in his view,
bank directors prefer driving strategy to acting as a policeman,
but they did recognise that it was an important responsibility
which was increasingly dominating their time.
684. Both the financial crisis and conduct failures
have exposed very serious flaws in the system of board oversight
of bank executives and senior management. The corporate governance
of large banks was characterised by the creation of Potemkin villages
to give the appearance of effective control and oversight, without
the reality. In particular, many non-executive directorsin
many cases experienced, eminent and highly-regarded individualsfailed
to act as an effective check on, and challenge to, executive managers.
Our work on HBOS provided considerable evidence of this failure.
Proposals for change
685. Many experts have argued that improving the
effectiveness of boards is the key to addressing many of the problems
in the banking sector. For example, the corporate governance consultancy
PIRC has spoken of the importance of addressing board failures
which they suggested had been neglected by policymakers in their
examination of the financial crisis. It proposed that:
consideration is given to the role and responsibility
of the boards of banks. Too much commentary on the banking crisis
has overlooked or underplayed the primary responsibility that
the boards of banks have for their own failures. While it is of
course right to consider the role of regulators and central banks,
the board members of the banks that have run into difficulties
must take their full responsibility too. They approved the business
strategies and products that have caused such damage after all.[1161]
686. In the aftermath of the financial crisis, the
then Government asked Sir David Walker to examine the issue of
corporate governance in large complex financial institutions.
He made a series of recommendations to improve governance in such
firms, including some which related directly to the role and effectiveness
of the board. Amongst the more significant were:
· providing for dedicated support for NEDs
on any matter relevant to the business on which they require advice
separately from or additional to that available in the normal
board process; and
· that the overall time commitment of NEDs
as a group on a FTSE 100-listed bank or life assurance company
board should be greater than has been normal in the past. For
several NEDs, a minimum expected time commitment of 30 to 36 days
in a major bank board should be clearly indicated in letters of
appointment and will in some cases limit the capacity of an individual
non-executive director to retain or assume board responsibilities
elsewhere.
The implementation of the Walker proposals has taken
place in parallel with banks' own initiatives for change in this
area.
687. However, some have argued that these amendments
to the UK Corporate Governance Code have not gone far enough and
that further changes are required to improve the effectiveness
of bank boards and, in particular, ensure non-executive directors
are both more able and more willing to exercise their crucial
challenge function. The Commission has considered a number of
these ideas, including:
· changes to the structure of boards;
· changes to the size of boards;
· changes to the composition of boards;
· changes in the way boards are selected;
and
· a new fiduciary duty on members of bank
boards.
Changes to the unitary board structure of UK banks
688. The UK has traditionally operated a unitary
board structure.[1162]
In other countries such as Germany, however, the supervisory two-board
structure has been prevalent. This system consists of a supervisory
board of non-executive directors and a separate management board
of executive directors. We asked whether one particular construct
was superior to the other and whether the UK should consider moving
towards a supervisory board structure. This issue had previously
been examined by Sir David Walker who concluded against change
in this area.[1163]
The Treasury Committee has also previously looked at this issue,
where the overwhelming majority of responses supported retention
of the unitary board, while only a small number of responses argued
in favour of the merits of a two-tier or a dual board. However,
even those who advocated retention of the present system acknowledged
that it had flaws. For example, Board Intelligence argued:
We wonder whether the unitary structure may be
an obstacle to the board's fulfilment of its role as 'supervisor'.
[...] The challenge of supervising a peer in the unitary board
structure is aggravated by the asymmetry of information between
executives and non-executives: with knowledge comes power and
given the time they spend in the business, the executive holds
the balance.[1164]
689. Crucially, the CBI pointed out that no specific
board structure was resistant to the financial crisis:
The CBI does not believe that adopting a different
Board structure in financial institutions in the UK would lead
to better governance. No single board structure was resistant
to the financial crisis, with unitary, two-tier and alternative
Board structures all having the potential to fail.
It argued that the unitary board structure had important
benefits:
[it] promotes collective responsibility for decision-making,
and non-executive directors can challenge and develop proposals
on strategy. We believe that two-tier boards are susceptible to
a lack of consistency, communication gaps and slow decision-making.[1165]
Marcel Rohner, the former CEO of UBS AG, noted that
the dual board structure of UBS failed:
I think this idea of governance in two tiers
is a good idea in good times. My personal impression was in a
crisis of the magnitude we went through, it is dysfunctional.
It does mean that the supervisory board has all the responsibility,
but they cannot act operationally.[1166]
690. Much of the evidence suggested that issues to
do with board structure were secondary and that the focus needed
to be on incentivising the right behaviours. For example, Hermes
Equity Ownership Services stated:
We favour a focus on these behavioural aspects
rather than the structural issues; using structural methods to
address behaviour is less likely to produce a good outcome than
focusing on the behaviour itself.[1167]
Its stance mirrors that of the G30 who concluded
that "well implemented governance structures and processes
are important, but whether and how well they function are the
essential questions".[1168]
Board size
691. Another debate after the financial crisis was
whether UK bank boards had become too large and therefore too
unwieldy. The Walker review noted research which showed that:
UK-listed banks have much bigger boards and that
the median bank board size has increased from 15 in 2002/03 to
16 in 2007/08, whereas the average board size across the whole
of the FTSE 100 has decreased from 11 to 10 over the same period.[1169]
For example, in 2008, Barclays Plc had a 17 member
board, with 4 executives and 13 NEDs. Similarly, RBS had an 18
member board.[1170]
692. The Walker review examined this issue, but made
no specific recommendations on the ideal size of bank boards.
It did, however, note the "widely-held view that the overall
effectiveness of the board, outside quite a narrow range, tends
to vary inversely with its size. That view would probably tend
to converge around an 'ideal' size of 10-12 members".[1171]
Post-crisis, bank boards have generally decreased in size. For
example, both RBS and Barclays currently have boards with 12 members
apiece. Martin Taylor told us:
I have a personal preference for smaller boards,
and arguably, in complex financial companies, more knowledgeable
and deeply involved boards (I allow that we seem to have moved
since c .2000 in the direction of more knowledgeable directors,
and so far it seems to have done no good at all). Having half
as many directors paid twice as much and spending twice as much
time in the business would seem to me likely to produce less bad
results.[1172]
Stilpon Nestor, Managing Director of Nestor Advisers,
argued there was a high degree of correlation between performance
of banks and the size of their boards:
In a nutshell, Nestor Advisors 2012 research
on the 25 largest European banks suggest that boards of the best-performing
banks are on average smaller and more 'mature' [...] we find that
large boards are more prevalent among the worst-performing banks,
while smaller boards are clearly in the majority in our top two
tiers.[1173]
Interestingly, however HSBC and Standard Chartered
have maintained relatively large boards of 16 and 19 respectively
at the end of 2012.[1174]
Improving the skills and competence of boards
693. Increased scrutiny of the composition of bank
boards in the aftermath of the financial crisis has resulted in
the argument being advanced that the boards of banks, owing to
their complexity and systemic importance, require greater industry
representation and sector-specific expertise compared with boards
operating in other sectors. A different view was that many bank
boards and, in particular, non-executive directors, lacked diversity.
This, it was argued, had resulted in 'group think' and the development
of a 'herd mentality'.
694. The Walker review looked at the case for greater
expertise as well as greater diversity and the potential underlying
tension between the two. On the one hand, it supported moves towards
greater expertise:
The combination of complexities in setting risk
strategy and controlling risk and the potentially massive externalities
involved in failure of a major financial entity means that the
need for industry experience on BOFI [banks and other financial
industry entities] boards is greater than that in non-financial
businesssuch as pharmaceuticals, defence, energy and retailingwhere
the principal impact of failure will be on shareholders and, possibly,
major creditors, rather than society more widely.[1175]
On the other hand, the Walker Review noted that "while
a majority of NEDs should be expected to bring materially relevant
financial experience [...] there will still be scope and need
for diversity in skillsets and different types of skillset and
experience".[1176]
695. Much of the evidence stressed the importance
of sector-specific expertise. Dr Peter Hahn told us that bank
boards dominated by former bankers was to be expected, as complex
risk knowledge was required and such expertise was rarely found
outside financial institutions.[1177]
Some banks also appear to have recognised the need for greater
bank experience on boards. For example, Barclays told the Commission
that, while it had believed that "the Board needs a diverse
range of skills and experience, as well as financial services
experience", it has agreed that "50 per cent of NEDs,
including the Group Chairman and Chairmen of the principal Board
Committees, should have banking/ and or financial services experience."[1178]
696. Otto Thoresen, Director General of the Association
of British Insurers, cautioned against allowing the board pendulum
to swing too far in favour of expertise and against that of diversity.
He told us that an emphasis on industry-specific expertise could
mean that "people would be less inclined to step forward
for non-executive roles in financial institutions if they felt
themselves not to be technically competent enough to carry out
their duties". He warned that the result could be "a
concentration of non-executives who are drawn from more technical
backgrounds, with the consequence that diversity begins to be
undermined".[1179]
David Paterson, Head of Corporate Governance, National Association
of Pension Funds, when asked specifically about gender diversity
on boards, said it should be viewed in the context of the wider
debate on diversity:
What we are looking for here is diversity of
experience, of skills and so on, on boards and to accept that,
as part of that process, more women on boards would be a very
important development, frankly. I would like to see more diversity
on boards and I think that going down the 'more women on boards'
route is a very productive one. That, in itself, will deliver
not just gender by diversity, but also by skill base and the rest.[1180]
697. Boards staffed with increased numbers of NEDs
with direct banking expertise should not, however, be viewed as
a panacea. In its evidence to the Treasury Committee, the Chartered
Insurance Institute pointed out that RBS had notable experience
on the Board but still failed to conduct the right due diligence
in the ABN AMRO acquisition:
Perhaps the most obvious example of this was
RBS's takeover of ABN AMRO which took place without any due diligence
of ABN's assets, despite the notable experience of many members
of the RBS board.[1181]
698. Martin Taylor appeared sceptical as to the importance
of this debate. He cautioned against the view that more expert
NEDs would radically transform the governance of such firms:
On the boards of banks, I have seen bank boards
get more professional in the sense that more people on the bank
boards have industry experience, and seven or eight years ago,
it was felt that that would make them more effective. It hasn't
done, or it didn't do. I think it is very difficult to sit on
the board of one of these banks as an outsider. You know so little.[1182]
Who should select boards?
699. Cevian Capital, a fund manager, noted that "in
the UK, the nomination process for NEDs is typically controlled
by company chairmen, and the shareholder approval vote is almost
always an empty formality". Consequently, Cevian argued:
chairmen effectively select their own NEDs. Human
nature means most chairmen will avoid selecting 'natural challengers',
and most NEDs having been given their job by the Chairmen
are uncomfortable making waves.[1183]
ShareSoc, an organisation which represents individual
shareholders, took a similar view:
It is clear to us that the existing arrangements
for board structure, and particularly the nomination of directors,
create major problems. In practice directors solely determine
who will be appointed as directors (i.e. they appoint themselves),
and also determine their own pay (via Nomination Committees and
Remuneration Committees that are not independent but solely consist
of the same directors).[1184]
700. Both Cevian Capital and ShareSoc argued that
the solution lay in giving shareholders a far more prominent role
in selecting the board. Cevian argued that "involving large
shareholders directly in the nomination process would directly
address the fundamental flaws in the current system", and
was "the most tangible and realistic way to comprehensively
address poor board performance". It argued that:
this system operates well in Sweden (as well
as in Norway and at most large companies in Finland) and benefits
allshareholders, companies, directors and society at large.
While it would be inappropriate to simply take the Swedish system
and apply it to the UK, there are important lessons that can be
drawn from the Swedish experience.[1185]
701. Both Baroness Hogg and Sir David Walker expressed
scepticism about the applicability of the Swedish model to the
UK. Sir David Walker spoke of how "the Swedish model of involvement
of shareholders in nomination committees is specifically appropriate
to Sweden, because there are very few shareholders". Baroness
Hogg was unconvinced "that shareholders are going to do a
better job than the nominations committee. Shareholders are pretty
inclined to like names they know on the boards of other companies".[1186]
FIDUCIARY DUTY
702. Company directors have duties under the Companies
Act to promote the success of the company primarily for the benefit
of shareholders. A number of witnesses argued that this meant
boards placed too much emphasis on achieving this objective to
the detriment of other issues. Martin Taylor stated:
It does rather feel as though bank boardsbefore
the crisiswent along with the idea that their only duty
was to shareholders; otherwise they would hardly have countenanced
the rapid expansion in balance sheet size, and balance sheet leverage,
that in fact took place.[1187]
Lord Turner told us:
We simply have to get bankers to care more about
the downside as well as the upside. They need to strike different
risk-return balances from those that are appropriate in some other
sectors of the economy.[1188]
In its submission to the Commission, the FSA said:
society has an interest in ensuring that the
executives and directors of banks make different decisions about
the balance between risk and return than would be appropriate
in other sectors of the economy.[1189]
Davis, Polk Wardwell told us that directors of insured
US banks were required to take account of the interests of other
parties than just shareholders in discharging their duties.[1190]
CONCLUSIONS ON BOARDS
703. Failures of board governance have taken place
in firms with very different models of corporate governance, in
banks with two-tier boards as well as those with unitary boards,
and in banks whose boards, whether of the US or UK type, differ
significantly both in terms of size, composition and the amount
of time non-executives devote to their roles. Banks whose board-level
governance arrangements could be described on paper as approximating
to best practice have run into serious governance problems. There
were frequently several common elements to bank governance failures.
Some CEOs were overly dominant, which the Board as a whole failed
to control. Chairmen proved weak; often they were too close to,
and became cheerleaders for, the CEO. NEDs provided insufficient
scrutiny of, or challenge to, the executive, and were too often
advocates for expansion rather than cautioning of the risks involved.
There was insufficient wider banking experience among NEDs and
the resources available to them were inadequate. Central functions,
including risk and control, had insufficient capability and status
to perform their functions and were often regarded as an impediment
to the business, rather than essential to its long-term success.
704. We have taken a great deal of evidence advocating
a range of measures which witnesses argued would improve the effectiveness
of bank boards. Some have suggested a move to a two-tier board
structure is necessary. Others have argued in favour of changes
to the composition of boards with an emphasis on greater sector-specific
expertise or in some instances greater diversity. We have heard
arguments in favour of greater prescription in terms of the time
devoted by non-executives to their role, the benefits of an enhanced
role for shareholders in board appointments or the importance
of board effectiveness reviews as a tool to improve board effectiveness.
705. Proponents of corporate governance solutions
can be prone to overestimate the benefit that their particular
favoured measure will provide. Structural or procedural changes
to bank boards would not have prevented the last crisis and will
not prevent the next one. Nevertheless, the Commission has a number
of proposals which, taken together, we believe will help to bring
about a desirable change in the culture and overall approach of
boards.
706. The Commission recommends that the Financial
Reporting Council publish proposals, within six months of the
publication of this Report, designed to address the widespread
perception that some 'natural challengers' are sifted out by the
nomination process. The nomination process greatly influences
the behaviour of non-executive directors and their board careers.
Fundamental reform may be needed. The Commission considers that
the Financial Reporting Council should examine whether a Nomination
Committee should be chaired by the Chairman of a bank or by the
Senior Independent Director.
707. There is a danger that the non-executives
directors of banks are self-selecting and self-perpetuating. In
the interests of transparency, and to ensure that they remain
as independent as possible, the Commission recommends that the
regulators examine the merits of requiring each non-executive
vacancy on the board of a bank above the ring-fence threshold
to be publicly advertised.
708. The obligations of directors to shareholders
in accordance with the provisions of the Companies Act 2006 create
a particular tension between duties to shareholders and financial
safety and soundness in the case of banks. For as long as that
tension persists, it is important that it be acknowledged and
reflected in the UK Corporate Governance Code, in the PRA's Principles
of Business and under the Senior Persons Regime. The Commission
has several recommendations in the light of this, which should
at the very least apply to banks above the ring-fence threshold.
· The Commission recommends that the
UK Corporate Governance Code be amended to require directors of
banks to attach the utmost importance to the safety and soundness
of the firm and for the duties they owe to customers, taxpayers
and others in interpreting their duties as directors;
· The Commission recommends that the
PRA Principles for Businesses be amended to include a requirement
that a bank must operate in accordance with the safety and soundness
of the firm and that directors' responsibilities to shareholders
are to be interpreted in the light of this requirement;
· The Commission recommends that the
responsibilities of Senior Persons who are directors include responsibilities
to have proper regard to the safety and soundness of the firm;
and
· The Commission recommends that the
Government consult on a proposal to amend section 172 of the Companies
Act 2006 to remove shareholder primacy in respect of banks, requiring
directors of banks to ensure the financial safety and soundness
of the company ahead of the interests of its members.
INDIVIDUAL RESPONSIBILITY
709. As discussed in Chapter 3, a culture exists
in banking which diminishes a sense of personal responsibility.
What we have referred to as the 'accountability firewall' has
developed, which has served to prevent those on boards having
a strong sense of personal engagement with and responsibility
for failings and misconduct in the firm. Restoring a sense of
individual responsibility to members of the board has the potential
to improve the effectiveness of board governance and standards
within the industry.
710. In Chapter 3 we outlined our proposals for a
new Senior Persons Regime, to replace the SIF element of the Approved
Persons Regime (APER), addressing the fundamental weaknesses with
the past industry and regulatory approach to individual responsibility
at the highest level. The Senior Persons Regime is designed to
ensure the allocation of specific responsibilities to specific
post or office holders that will place beyond doubt what responsibilities
are held by whom. We discuss these responsibilities for members
of the board in greater detail below, with a particular emphasis
on the responsibilities of the Chairman of a bank board, given
the particular importance of the role he or she occupies.
Responsibilities of the Chairman
711. The Chairman plays a crucial role. As the UK
Corporate Governance Code states, "the Chairman is responsible
for leadership of the board and ensuring its effectiveness on
all aspects of its role". The Code also states that the Chairman
"should also promote a culture of openness and debate by
facilitating the effective contribution of non-executive directors
in particular and ensuring constructive relations between executive
and non-executive directors".[1191]
This point has been stressed on numerous occasions. For example,
the Financial Reporting Council has stated that "good boards
are created by good chairmen. The chairman creates the conditions
for overall board and individual director effectiveness".[1192]
Similarly the ABI in its report on board effectiveness concluded
that:
The chairman is key to an effective board. There
is no 'one size fits all' approach to the role, with different
chairmen having different approaches based on what is best for
the individual company and board. However there was a significant
amount of consensus about the role and responsibilities of the
chairman.[1193]
712. The importance of the Chairman's role should
be reflected in the post's responsibilities under the proposed
Senior Persons Regime. Chairmen should have specific overall responsibility
for leadership of the board as well for ensuring, monitoring and
assessing its effectiveness. This should include a responsibility
for promoting an open exchange of views, challenge and debate
and ensuring that other non-executives have the tools, resources
and information to carry out their roles effectively, particularly
their challenge function. It should be the duty of the Chairman
to hold annual meetings with the chairmen of every board sub-committee
separate from any attendance at meetings to ensure that he or
she has an overview of the subject area within those sub-committees'
responsibility. Bank Chairmen should in future have an explicit
responsibility for setting standards and providing effective oversight
over how they are embedded through the organisation. In addition,
it is essential the Chairman has a responsibility to ensure that
he or she, together with his or her office, provides a genuine
check and balance to the executives.
713. The Walker review concluded that:
The Chairman of a major bank should be expected
to commit a substantial proportion of his or her time, probably
around two thirds, to the business of the entity, with clear understanding
from the outset that, in the event of need, the bank Chairmanship
role would have priority over any other business time commitment.
Depending on the balance and nature of their business, the required
time commitment should be proportionately less for the Chairman
of a less complex or smaller bank, insurance or fund management
entity.[1194]
In practice many large banks have moved towards a
position where the Chairman is nearly or wholly full-time. For
example, HSBC has an executive full time Chairman and the Barclays
Chairman is committed to serving at least 4 days a week.[1195]
714. Opponents of the proposal that the Chairman
of a large bank should be full-time or nearly full-time have previously
argued that there is a risk that this would effectively result
in the individual concerned becoming an executive with all the
attendant risks of going native and a corresponding loss of independence.
Dr Peter Hahn explained that the crucial issue was not whether
Chairmen was full time, but rather the role they played:
Executives and managers, by definition, make
the day to day decisions of the bank. That is the distinction.
Where an important role, such as chairman of the board committee,
requires near full time commitment non-executive status can be
maintained. The critical point to maintain non-executive status
and function is the maintenance and prioritisation of oversight.[1196]
715. We have received no evidence that a two-thirds
time commitment has led chairmen of major banks to 'go native',
and believe that the risk of this occurring with a full-time Chairman
may have been overstated. In any case, the risks of partial disengagement
are likely to be greater. The accountability and personal responsibility
of Chairmen will be enhanced if they are engaged on a near full-time
basis. In light of the crucial role played by the Chairman of
a major financial institution, the Commission recommends that
a full-time Chairman should be the norm. The implication of our
proposals is that the Chairman of a large bank should usually
not hold any other large commercial non-executive, let alone executive,
positions.
Responsibilities of the Senior Independent Director
716. The Senior Independent Director (SID) plays
a pivotal role on the board. In large part, this flows from the
SID's role in acting as a check on the Chairman and ensuring that
the Chairman is discharging his leadership responsibilities effectively.
The Walker review outlined the role of the Senior Independent
Director as follows:
The role of the Senior Independent Director (SID)
should be to provide a sounding board for the Chairman, for the
evaluation of the Chairman and to serve as a trusted intermediary
for the NEDs, when necessary. The SID should be accessible to
shareholders in the event that communication with the Chairman
becomes difficult or inappropriate.
717. The Commission recommends that the Senior
Independent Director should, under the proposed Senior Persons
Regime, have specific responsibility for assessing annually the
performance of the Chairman of the board and, as part of this,
for ensuring that the relationship between the CEO and the Chairman
does not become too close and that the Chairman performs his or
her leadership and challenge role. We would expect the regulator
to maintain a dialogue with the Senior Independent Director on
the performance of the Chairman: the Senior Independent Director
should meet the PRA and FCA each year to explain how the Senior
Independent Director has satisfied himself or herself that the
Chairman has held the CEO to account, encouraged meaningful challenge
from other independent directors and maintained independence in
leading the board.
Role of non-executive directors
718. Non-executive directors (NEDs) potentially have
an important role in providing challenge to the executive of a
bank. Many of the failures within banks that have come to light
could have been prevented or ameliorated had NEDs acted more effectively.
719. The avenues open to them at present, however,
are limited. They can make their point at board level, record
dissent in the minutes, press their view to a formal vote, report
their concerns to the regulator, or resign. None of these, except
for insisting on and then winning a vote, may be effective, however,
and all may ultimately degenerate into mere back-covering exercises.
720. Non-executive directors in systemically important
financial institutions have a particular duty to take a more active
role in challenging the risks that businesses are running and
the ways that they are being managed. The FSA's report into the
failure of RBS demonstrated that this was often not the case in
the past. For non-executive directors to be more effective, they
may need to make more use of their current powers under the UK
Corporate Governance Code to obtain information and professional
advice, both internally and externally. In this context, it is
essential that the office of the chairman is well-resourced to
enable it to provide independent research and support to the non-executive
directors.
Internal controls and disciplines
THE PROBLEM
721. The control framework of a bank, how it manages
and assesses all of the risks it is responsible for, and how well
it assesses its capacity to manage the future risk environment
it may be facing, is crucial to the successful running of the
organisation. Many banks told us that they used a control framework
model called the "three lines of defence".[1197]
The first line is front-line staff, who take responsibility for
their own day-to-day risks. The second line is specialist risk
management, controls and compliance staff. The third line is internal
audit.[1198] These
are discussed further below. However, it is clear from the evidence
we have received that this model, or at least the way the banks
applied this model, was unable to prevent the multiple risk failures
that occurred across the banking industry, from the collapses
of HBOS and RBS to LIBOR, interest rate swaps mis-selling and
PPI.
722. In Chapter 3 we described how banks were too
big to fail and too complex to manage, and how bank control frameworks
have tended to be characterised by confusion and a blurring of
departmental responsibilities. Staff in compliance functions were
often faced with seemingly impossible challenges, presenting a
stark example of the problem discussed in Chapter 3 of banks being
too complex to manage. For example, there are 3,500 compliance
employees at HSBC who are expected to provide compliance services
across a very complex organisational structure.[1199]
Stuart Gulliver described how he had felt the need to change the
way the bank was organised due to these complexities:
So in January 2011, I changed the organisational
structure of the firmthis is hugely fundamentalfrom
being run by 88 separate country heads who reported to the group
CEO to being run with 4 global business heads: commercial banking,
global banking and markets, retail banking and wealth management
and private banking; 10 global functions, which include: finance,
legal, risk and compliance; plus our technology systems people.[1200]
Regardless of a bank's size, evidence suggests that
the compliance function was often faced with a multiplicity of
tasks, from approving new product launches, to providing a legal-style
advisory role on regulatory issues to providing assurance that
the bank's systems and controls are working appropriately. Deutsche
Bank told us, for example:
Deutsche Bank has an independent group-wide Compliance
function. The role of the Compliance Department includes: advising
on ethical conduct and identifying regulatory solutions; safeguarding
integrity and reputation; and promoting, in partnership with the
business, a culture of compliance.
As part of these general responsibilities, the
role of Compliance includes the following core functions: Advice
and training; Monitoring and surveillance; Risk assessments and
reporting; Administering anti-money laundering and anti-corruption
programmes; Initiating and carrying out investigations; Setting
up and managing appropriate information barriers; [and] Engaging
with regulators"[1201]
723. Banks have a set of obligations that are externally
imposed, through general law and specifically through regulatory
requirements. These must be adhered to by everyone in the bank.
In addition to the mandatory legal obligations, banks set their
own control standards, relating to their overall business strategy,
that they also need to ensure are being adhered to. The responsibility
for making sure that there are no breaches of any of the internally
or externally imposed requirements lies with all who work in the
bank. The evidence suggests that the role of compliance is hopelessly
confused. As also noted in Chapter 3, this was most starkly demonstrated
in two exchanges with Barclays employees. Mike Walters, then Group
Head of Compliance, told us that:
Mike Walters: it is not the compliance function's
responsibility to make Barclays compliant. [...]
Q679 Mark Garnier: Who was responsible for the
compliance at Barclaysto make Barclays compliant?
Mike Walters: I believe that everybody at Barclays
has the responsibility to do that.[1202]
Hector Sants, Head of Compliance and Government and
Regulatory Relations, told us that:
The first line of defence for conduct issues
has to be the firms themselves and, in particular, it has to be
the compliance function, which in general failed woefully in these
firms. [...] A good compliance officer ensures that people in
the firms do the right thing; it is not about them complying with
the detail of the rules.[1203]
In addition, risk and compliance functions have too
often been treated as cursory box-ticking exercises to satisfy
internal control or regulatory requirements, with limited practical
impact on front-line activity. These problems can be exacerbated
by the divide between the 'police' and the 'policed' within banks,
where the highest status and rewards are afforded to those who
raise most revenue for the bank.
724. We also noted in Chapter 3 the fact that in
large, complex banks, it is very difficult for compliance functions
to have a detailed understanding of the activities being undertaken
outside their individual silo as minutely segmented by brutal
crosshatching lines of management responsibility, functions, language
and geographical location.
725. The Commission recognises that how a bank structures
the framework it uses to control risks has to be shaped by its
particular business model. However, the wide-spread failure requires
a significant shake-up in internal controls. Our recommendations
are based on the principles of ensuring personal responsibility
and making internal challenge a norm, not an exception.
FRONT-LINE CONTROLS
726. Rich Ricci explained the control function performed
by a front-line trading desk supervisor:
The supervisors' responsibilities would include
ensuring that the desk under his watch, and the people under his
watch, are complying with all the relevant rules and regulationsalso,
with the standards of behaviour that the firm demands and aspires
to. And he or she is the first line of defence in making sure
that those standards are upheld. If there is a problem on the
desk, we also then make sure that there are not issues from a
supervisory perspective. If there are supervisory issues, we either
discipline the supervisor as well or reinforce the education and
learning the supervisor needs.[1204]
Barclays' then Group Head of Compliance acknowledged
that this process failed in the case of LIBOR manipulation:
Mark Garnier: Who was overseeing the LIBOR rate-setters
in London and why were they not answering back to these swaps
traders in New York? Why were they not saying, "Guys, you
can't do this; stop trying to influence the rate setting"?
Mike Walters: [...] we have desk supervisors
in the first line whose job it is to ensure that we operate in
a controlled way and that everybody knows the rules of the road
and not just complies with our rulebooks and policies, but operates
in accordance with our culture and values. So absolutely the first
line is there to do that.[1205]
The Chief Internal Audit Officer of Barclays told
us that the bank had, in the light of the LIBOR investigation,
initiated a "desk-level supervision enhancement programme
[...] understanding what their roles and responsibilities are,
training etc.".[1206]
727. As well as front-line controls, supervisors
are also responsible for the financial performance of the trading
desk and tend to be remunerated on this basis while risk management
was not valued as a basis for remuneration. The Reward and Performance
Director of Barclays explained that while the performance and,
therefore, variable remuneration of retail bankers at his firm
was determined by a formula incorporating non-financial measures,
this was not suitable for investment banking:
In the investment bank, we do not codify the
incentives structure in quite the same way. That is because the
nature of the business and the activity being carried out is that
much more varied, so codifying it in that quite clear way within
the retail bank is fit for purpose and enables you to operate
structured incentive programmes over a huge population of colleagues.
It would be inappropriate to codify it in quite the same way over
a much more complex and differentiated set of activities within
the investment bank, but we do have a robust process within the
investment bank to ensure that, for each business area and for
individuals within those areas, we adopt the same sort of principles,
where we are looking at both financial performance and the behaviour
and how that financial performance has been achieved.[1207]
RISK MANAGEMENT
728. Reporting arrangements for Chief Risk Officers
vary between banks. Santander UK told us that, in its structure,
the CRO sat on the Board and the CRO's role "reinforces the
executive risk responsibility of the Chief Risk Officer for the
management and control of all risks". [1208]
Barclays told us that "The Group CRO reports jointly to the
CEO and the Chairman of the Board Risk Committee".[1209]
In our examination of the collapse of HBOS, we found that the
main reporting line of the divisional risk functions was to the
divisional management rather than to the group risk function.
Paul Moore believed that this created an 'us and them' culture
between the group risk functions and the divisional risk functions,
which was "dysfunctional".[1210]
729. We note the evidence of Sir David Walker that
"Certainly, the chief risk officer has to be able to say
no to the chief executive. He has to be able to say no, without
fear that he will lose his job or that he will not get an adequate
bonus. He has to have a direct line to the chairman of the risk
committee or the chairman of the board".[1211]
We concur. Each bank board should have a separate risk committee
chaired by a non-executive director who possesses the banking
industry knowledge and strength of character to challenge the
executive effectively. The risk committee should be supported
by a strong risk function, led by a chief risk officer, with authority
over the separate business units. Boards must protect the independence
of the Chief Risk Officer, and personal responsibility for this
should lie with the chairman of the risk committee. The Chief
Risk Officer should not be able to be dismissed or sanctioned
without the agreement of the non-executive directors, and his
or her remuneration should reflect this requirement for independence.
The Chief Risk Officer should be covered by the Senior Persons
Regime, and the responsibilities assigned to the holder of that
post should make clear that the holder must maintain a voice that
is independent of the executive.
COMPLIANCE
730. In Chapter 3, we noted the dangerous combination
of blurring between the first and second lines of defence and
a status gap between staff in specialist control functions and
those in front-line revenue-raising roles. These problems were
widespread and reinforced, rather than challenged, by management
expectation. Evidence from several banks pointed to ongoing concerns
of this nature in the product approvals process. Citigroup told
us that the compliance function plays "an integral part of
the new product and new business line approval process".[1212]
This appears to place compliance in a first line risk management
position, when in most cases banks described the function as sitting
in the second line of defence. The then Head of Compliance at
Barclays outlined a similar arrangement at his bank:
Mark Garnier: Can you talk us through the process
of how a new product is constructed, at what point you get involved
and at what point it then gets rolled out to market?
Mike Walters: Our key involvement is at the new
product approval stage. However, at an earlier stage it is possible
that we would get asked for subject matter expert guidance on
a rule.
Mark Garnier: The key questionthey are
coming to you for expert advice. The product design departments
do not have their own experts on compliance.
Mike Walters: No, that's not right. The reason
why I said it was possible is that every banker I've met at Barclays
has a pretty good understanding of the rules [...] That said,
it is possible from time to time that specific expertise on a
specific area of the regulations is sought.
Mark Garnier: When you have new product approval,
you are then brought in in a formal way, and at that point you
give the sign-off?
Mark Garnier: So you then take responsibility
for the compliance side of that.
Mike Walters: For the compliance aspect, yes.[1213]
Mike Walters also told us that "complying is
the responsibility of everybody at Barclays, starting with the
front line".[1214]
The acting Group Head of Compliance at HSBC explained that his
staff had a dual role:
David Shaw: You could have it in a different
way, where the business decides on the product, goes through the
whole process and submits it up for approval. You could have that,
but it is not a very constructive way of dealing with it.
David Shaw: Because basically it is a lot better
if the input, "This does not work," comes in during
the formulation.
Mark Garnier: Why? I can see the argument, but
we are trying to gather evidence, so what we are really after
is clear explanations of those two processes. Why is one better
than the other?
Marc Moses: One of the mantras in risk and compliance
is that we are there to enable and protect. The protect bit is
where we say no, and the enable bit is to work in partnership
with the business to come to the right answer given our risk appetite,
given our values and given our reputation.[1215]
731. The CBI told us that "compliance needs
to become more independent to avoid conflicts of interest that
may arise through an employee's desire to satisfy senior colleagues
rather than raise compliance issues".[1216]
Mike Walters, explained that LIBOR manipulation in his bank was
the result of cultural failure rather than of control frameworks:
Mark Garnier: How did those LIBOR setters not
[know] what was going wrong? [...] Why did those rate setters
not turn round and say, "You can't do this; we have to be
independent"? [...] How did you, as head of compliance, allow
them to be influenced?
Mike Walters: I do not accept that compliance
allowed them to be influenced. We train out our policies and our
rules of the road. People are trained to deal with conflicts of
interest and to do the right thing. Clearly, in this case, there
was a breakdown of not just our compliance with procedures but,
more fundamentally, a culture. The culture of doing the right
thing clearly broke down in that case.[1217]
732. Rich Ricci said that in certain circumstances,
compliance rather than front-line staff might be blamed if a bad
deal was signed off at a trading desk:
the buck stops with the business and I think
they expect to feel the heat on the deal. I want to be clear,
but obviously there are circumstances where if the advice they
got was wrong or if there was an issue with the second line of
defence in the execution of the deal, that may be different.[1218]
733. We also examined the interaction between staff
in the front line and those in the second line of defence in performance
assessment. Several witnesses told us that employees in the second
line now contribute to performance assessment for those in revenue-raising
roles. Mike Rees of Standard Chartered noted that there is "input
from the control functions, compliance and risk" in front-line
performance evaluation.[1219]
His colleague, Richard Goulding, elaborated:
The risk function is very directly involved in
all individual compensation awards, so for example I have, for
my full six years as chief risk officer, chaired our global markets
bonus plan allocation committee. We formally have all risk and
control internal order reports submitted to that committee so
that we can ensure that accountability is taken of that in people's
performance ratings and then the decisions that are taken on awards
off the back of that. We have an automated system where the people
in the risk and control and compliance functions are invited to
comment on the behaviour of individual people in the front office
which is then also brought out of that committee and used to inform
decisions.[1220]
Eddie Ahmed told us that, at Citigroup, the performance
assessment of senior staff would include input from risk and compliance
functions. However, at trading desk level, assessment would be
"in the chain of command, and ultimately signed off by the
business head, in conjunction with assessment by human resources".[1221]
734. Michael Lavelle, CEO of Wholesale Banking at
CitiGroup, explained that staff in front-line functions could
be involved in assessing those in the second line, as well as
the other way round:
Baroness Kramer: And how would each feed into
the other's appraisal? Would your risk person have an impact on
what the pay levels might be
Michael Lavelle: In the assessment, absolutely.
Baroness Kramer: What about the other direction?
Michael Lavelle: If it was specifically requested,
of course. We would expect our professionals to be assessed by
risk. It is not absolutely necessary that risk professionals be
assessed by people in the business. More often than not, they
would ask for that to happen, of course. You can provide both
formal feedback on individuals and informal feedback, depending
on the role.[1222]
735. It is important that banks have clear lines
of accountability for the assurance of overall regulatory compliance.
A blurring of responsibility between the front line and compliance
staff risks absolving the front line from responsibility for risk.
Compliance involvement in product development can make it more
difficult for compliance staff subsequently to perform their independent
control duties. Their involvement needs careful handling. Responsibility
for acting in accordance with the letter and spirit of regulation
should lie with every individual in a bank. This responsibility
should not be outsourced to a compliance function, any more than
to the regulator itself, particularly in the light of the fact
that, owing to the complexity of banks, the compliance function
would face a very difficult task were this responsibility to lie
solely with it.
736. The Commission notes with approval measures
taken by banks to involve control functions in the performance
assessment of senior and front-line staff. There is a strong case
for extending this further. To have a strong impact on behaviour,
clarity in how such mechanisms operate is desirable. The involvement
of the front-line in assessing second-line performance threatens
to further undermine the independence of the second line. This
effect can be exacerbated by ingrained status differences between
staff in different functions.
737. We do not wish to be prescriptive about the
role of the Head of Compliance. We see parallels with the role
of the Chief Risk Officer, insofar as protecting the independence
of the Head of Compliance role is paramount. This should be a
particular responsibility of a named individual non-executive
director. The Commission recommends, as with the Chief Risk Officer,
that dismissal or sanctions against the Head of Compliance should
only follow agreement by the non-executive directors. Such an
action would, under existing arrangements, also need to be disclosed
to the regulator.
INTERNAL AUDIT
738. The Group Head of Internal Audit at HSBC acknowledged
that the work of his division had been characterised by a rules-based
approach:
Baroness Kramer: In a sense, you were not looking
at judgement; you were only looking as to whether people had taken
the procedural step. Is that what you are saying?
Paul Lawrence: I think that is a fair comment.
It is actually very difficult for an audit unit, based on the
skill sets it had and where it traditionally was in the organisation,
to pass an opinion on judgements or issues of strategy. I think
your observation is correct, but we are in a better place now.[1223]
739. Roger Marshall explained how he saw the relationship
of internal audit with the other parts of the business:
"That is the risk I was talking about. In
a well run organisation, the first line has to say, 'We are responsible
for all our decisions.' The second line, particularly risk management,
are there to make sure that the first line are keeping to their
limits, basically. The blurring comes when the first line wants
to do something which is outside their normal limits and the second
line gets involved in agreeing that; then, suddenly, the second
line are part of the decision-making process, not outside it.
That is why it is particularly important that internal audit looks
at those sorts of thing, completely independently".[1224]
This "complete independence" as Roger Marshall
described it, reinforces again the need for this function to be
protected by the non-executives to ensure their own independent
challenge is informed by analysis that is also independent of
the executive. Roger Marshall went on to describe a broad remit
for internal audit "Internal audit shouldand, by and
large does, in UK bankinghave an unrestricted remit. It
should look at governance, it should look at culture, it should
look at the way that the risk management departments manage risk,
and it should look at compliance and how they are doing things.[1225]
740. Anthony Hilton said that "Internal audit
is a way for top management, whatever it isthe risk committee
or the audit committeeeffectively to circumvent several
layers of middle management and find out what is happening on
the shop floor".[1226]The
Head of Internal Audit at Standard Chartered Bank confirmed that
the breadth of scope:
Baroness Kramer: So how broad would your scope
be, Mr Wynter? Would it include product suitability, HR policies
for recruitment, business strategy or perception? How wide-ranging
is it?
Julian Wynter: It is everything, really. We have
unrestricted access to all of the bank's activities and all of
the information."[1227]
The CBI said that internal audit should not be restricted
to historic analysis, but elevated to a role in decision-making
processes.[1228]
741. Internal audit's independence is as important
as that of the Chief Risk Officer and the Head of Group Compliance,
and its preservation should similarly be the responsibility of
a named individual non-executive director, usually the chairman
of the audit committee. Dismissal or sanctions against the head
of internal audit should also require the agreement of the non-executive
directors.
CONCLUSION ON INTERNAL CONTROLS
742. The "three lines of defence" have
not prevented banks' control frameworks failing in the past in
part because the lines were blurred and the status of the front-line,
remunerated for revenue generation, was dominant over the compliance,
risk and audit apparatus. Mere organisational change is very unlikely,
on its own, to ensure success in future. Our recommendations provide
for these lines to be separate, with distinct authority given
to internal control and give particular non-executive directors
individual personal responsibility for protecting the independence
of those responsible for key internal controls. This needs to
be buttressed with rigorous scrutiny by the new regulators of
the adequacy of firms' control frameworks.
Standards and culture
INTRODUCTION
743. Our witnesses were united in agreement that
a change in banking culture was necessary. Antonio Horta-Osório
said that the banking industry was facing a "deep crisis
of confidence and trust" and "needed cultural change".[1229]
Stephen Hester agreed that "there are cultural changes that
we should make across banking",[1230]
while Antony Jenkins told us that it was necessary to "change
the culture" at Barclays.[1231]
The Chartered Banker Institute said that "extensive cultural
change" was required in banking.[1232]
The CBI submitted that such change was "key to ensuring banking
can support business' needs",[1233]
while the ABI said it was "the key to further change in banks".[1234]
744. In this section, we argue that standalone programmes
of cultural change, however well-intentioned, are unlikely to
succeed. Worthy statements of direction or a reshuffling of faces
at the top may change the outward image of an organisation. However,
if they leave the underlying causes of cultural malaise intact,
they are ultimately doomed to failure.
PROSPECTS FOR RAPID CHANGE
745. In our first oral evidence session, Sir David
Walker, the then prospective Chairman of Barclays, was bullish
about the prospects of achieving quick cultural change in his
company:
Can all that be done, and quickly? My answer
is a resounding affirmative. If I may say so, if I didn't have
confidence about that, I think I would have been very unwise to
take on the role I have in one of the major banks.[1235]
He explained that the crisis in UK banking offered
an opportunity for unusually rapid cultural change:
Cultural changes can tend to happen over a long
period of time. However, in the present environment, there is
an important question about reparability. Can the present cultural
changes be accomplished rapidly? My pretty confident answer is,
"Yes, and of course they have to be."[1236]
746. The Salz Review of Barclays was less confident
that cultural change could be achieved quickly:
Transforming the culture will require a new sense
of purpose beyond the need to perform financially. It will require
establishing shared values, supported by a code of conduct, that
create a foundation for improving behaviours while accommodating
the particular characteristics of the bank's different businesses.
It will require a public commitment, with clear milestones and
regular reporting on progress. It will require Barclays to listen
to stakeholders, serve its customers and clients well get on with
the work to implement its plans and stay out of trouble. The complexity
of Barclays' businesses makes this a particular challenge for
its leaders. It will take time before it is clear that sustainable
change is being achieved.[1237]
Others respondents took a similar viewpoint. António
Horta-Osório cautioned that "changing the culture
of an organisation of 100,000 people takes time",[1238]
while RBS wrote that enduring change would be "the product
of a slow, deliberate and sustained march with many small steps".[1239]
747. In his second appearance before the Commission,
Sir David Walker reiterated his confidence that the culture of
Barclays could be changed quickly.[1240]
However, he suggested that progress in the short-term would be
restricted to highlighting the need for change and putting appropriate
frameworks in place:
there are two dimensions: there is what we need
to do immediately, which is to talk about it and to put in place
the programme of work that has been described, then there is embedding
something for the long term. We have to have a short-term as well
as a long-term agenda.[1241]
748. Profound cultural change in institutions
as large and complex as the main UK banks is unlikely to be achieved
quickly. Bank leaders will need to commit themselves to working
hard at the unglamorous task of implementing such change for many
years to come.
BANK CODES OF CONDUCT
749. The primary vehicle the new Chairman and Chief
Executive of Barclays have used to try to effect rapid cultural
change in Barclays is the "Transform Programme".[1242]
A prominent element of this is the adoption of a Statement of
Purpose and Values. This was explained in the bank's response
to the Salz Review:
Barclays' Purpose (Helping people achieve their
ambitions - in the right way) and Values (Respect, Integrity,
Service, Excellence and Stewardship) are standards which will
guide our decision-making and against which all employees will
be assessed and rewarded. We believe that building a sustainable,
values-based culture will form the foundation of our long-term
success.[1243]
750. In evidence to the Commission, Antony Jenkins
explained that Barclays had not previously had "a set of
values and behaviours that are operative across the whole Group"
which defined "what the Barclays culture should be".[1244]
However, the then Chief Executive, John Varley, attempted to establish
five similar Group-wide values in 2005: 'customer focus', 'winning
together', 'best people', 'pioneering' and 'trusted'. This was
intended to allow the Group to be overseen through one set of
values. In 2007 they were embedded in a refreshed Group Statement
on Corporate Conduct and Ethics.[1245]
Writing in The Financial Times, Philip Augar remarked:
[...] as Barclays' recent history shows, the
problem with values statements is making them stick. For, even
as some employees were fiddling the London interbank offered rate
and selling customers interest rate swaps and unnecessary payment
protection insurance, the bank already had an apparently robust
code of conduct.[1246]
The Salz Review observed that the five Guiding Principles
had not "percolated into the consciousness of the Group",[1247]
partly because of the "significant challenge to instilling
shared values in a universal bank like Barclays".[1248]
751. Statements of values and corporate codes are
not restricted to Barclays. The word cloud below shows the distribution
of words used by a selection of banks in their corporate statements:[1249]

Which? told us that "superficially the major
British banks have good cultures. They publish codes that are
difficult to fault as statements of intent".[1250]
Gavin Shreeve, Principal, ifs School of Finance, told us
that "all the banks, all the professional bodies, were awash
with codes, but that does not stop bad behaviour".[1251]
The risks of placing too much reliance on the stated values of
a firm are demonstrated by the case of Enron, whose values were
remarkably similar to those of Barclays (Box 13).
Box 13: Enron's Values
Enron's Annual Report in 2000, the year before
it filed for bankruptcy following the emergence of systematic
accounting fraud, set out its corporate values:
Communication: We have
an obligation to communicate. Here, we take the time to talk with
one another
and to listen. We believe that information is
meant to move and that information moves people.
Respect: We treat others
as we would like to be treated ourselves. We do not tolerate abusive
or disrespectful treatment.
Integrity: We work with
customers and prospects openly, honestly and sincerely. When we
say we will do something, we will do it; when we say we cannot
or will not do something, then we won't do it.
Excellence: We are satisfied
with nothing less than the very best in everything we do. We will
continue to raise the bar for everyone. The great fun here will
be for all of us to discover just how good we can really be.[1252]
752. Which? wrote that many of the most egregious
conduct failings "involved banks where the top management
appeared to have set explicit and impeccable cultural standards
for employees".[1253]
The 2009 Goldman Sachs Code of Business Conduct and Ethics championed
"integrity and honesty" as being "at the heart
of our business", but contained a caveat that "from
time to time, the firm may waive certain provisions of this Code".[1254]
Others claimed that cultural codes were not taken seriously. The
Chartered Institute for Securities & Investment (CISI) said
that "it is one thing to have a code and quite another to
monitor and measure the extent to which any person follows it
with a professional pride that goes beyond cursory compliance".[1255]
Ken Costa told us that "mission statements and all the various
statements that are made are very often merely bolt-ons".[1256]
753. Several witnesses told us of the importance
of the ways in which corporate values were embedded throughout
an organisation. CFA UK wrote that "it appears that some
banks have paid lip service to professional standards and culture
within their marketing communications, but have not embedded those
ideals and behaviours within their firms. Anthony Browne said
that codes "do not mean anything if they are just bits of
paper that people tick. [
] they need to be embedded within
organisations".[1257]
RBS told the Commission that:
We believe that the delivery of real cultural
change is more likely to be a consequence of having created a
good company that serves its customers well than of having implemented
a standalone programme of cultural change.[1258]
Sir David Walker told us:
there needs to be a clear statement of values.
Most banks actually have them, but the problem is not with the
values but how they are embedded from top to bottom.
The means of embedding change are considered in the
following sections.
754. Poor standards in banking are not the consequence
of absent or deficient company value statements. Nor are they
the result of the inadequate deployment of the latest management
jargon to promulgate concepts of shared values. They are, at least
in part, a reflection of the flagrant disregard for the numerous
sensible codes that already existed. Corporate statements of values
can play a useful role in communicating reformist intent and supplementing
our more fundamental measures to address problems of standards
and culture. But they should not be confused with solutions to
those problems.
TONE AT THE TOP, MIDDLE AND BOTTOM
755. The phrase "tone at the top", or "tone
from the top" rose to prominence in the aftermath of the
Barclays LIBOR settlement in 2012. The regulator, the FSA, had
become concerned at the aggressive pattern of behaviour of Barclays
towards regulatory issues. This was of sufficient importance that
the then head of its Prudential Business Unit, Andrew Bailey,
went to the Barclays board in person to express the FSA's concerns
about the firm, and the Chairman of the FSA, Lord Turner, subsequently
wrote to the Chairman of Barclays, Marcus Agius. Andrew Bailey
told the Treasury Committee that he had said to the board that
the tone at the top was of concern to the FSA, and also told the
Committee that "the culture of this organisation was coming
from the top".[1259]
756. The importance of setting the appropriate tone
from the top of banks in attempting to improve culture was highlighted
by a large number of respondents. The FSA said that the standards,
culture and values of banks depended on "the tone set by
top management".[1260]
Lloyds Banking Group wrote "the tone and example needs to
come from the tophaving leaders with the highest integrity
and values, who think and act for the long-term".[1261]
The Institute of Operational Risk, arguing that "codes of
conduct alone are not sufficient to change risk cultures",
said that senior management needed to set the example by exhibiting
"integrity, fitness, propriety and suitability for their
roles".[1262]
The FSA Financial Services Consumer Panel stressed the role of
the personality of leaders in driving cultural change:
"tone from the top" is extremely important
within any organisation. This is because culture inevitably reflects
the ethos or philosophy of the leader to a degree. Hence, the
character of leadership is particularly important in ensuring
good cultural values are permeated throughout financial services
firms.[1263]
757. The ABI said that the Commission would be most
effective if we focused on "changes of culture that are already
underway, and on encouraging those who are trying to lead this".[1264]
Ken Costa said that though the need for a cultural shift was starting
to be recognised among bank leaders, this was yet to be understood
at lower levels:
I think the penny is beginning to drop; I don't
think it has dropped lower down. We are still at the process where,
even at senior levels, we are trying to grasp just the magnitude
of what has gone on, and how it is that one can reposition the
culture of a bank for the next phase of learning the lessons of
what went wrong.[1265]
758. In a recent speech, the incoming Governor of
the Bank of England, Dr Mark Carney, argued that to change the
culture of banks, tone from the top needed to be supplemented
by an appropriate sense of purpose throughout firms:
For companies, this responsibility begins with
their boards and senior management. They need to define clearly
the purpose of their organisations and promote a culture of ethical
business throughout them.
But a top-down approach is insufficient. Employees
need a sense of broader purpose, grounded in strong connections
to their clients and their communities. To move to a world that
once again values the future, bankers need to see themselves as
custodians of their institutions, improving them before passing
them along to their successors.[1266]
Simon Thompson made a similar point, suggesting that
while the role of senior management in culture was "absolutely
key", "tone at the middle and the tone at the bottom"
were also important as "you need to have individuals surrounded
by a culture of professionalism".[1267]
759. Dr Adam Posen warned against the assumption
"that if banks simply sign up enough compliance officers,
that constitutes a change of culture, rather than constitutes
a tax that they are paying to make sure that they are not legally
liable."[1268]
Professors Black and Kershaw argued that cultural change had "to
be "mainstreamed" throughout the organisation, not siloed
off into "compliance" or "risk" divisions".[1269]
760. The CBI told us that, to achieve cultural change,
"systems and procedures within firms must drive values throughout
the organisation" and "individuals need to understand
the behaviours expected of them and be held accountable for their
actions".[1270]
These sentiments were reflected by Antony Jenkins in his explanation
of how he intended to embed cultural change in Barclays:
we have trained over 1,000 values leaders from
all different parts of the organisation and all different levels
to go out across Barclays and explain to their colleagues how
these things are going to work. We have created a training programme
for all our senior leaders so that they will be better equipped
to operate the system. The most senior people in the organisationthe
top 150will have a different training programme, which
will allow them to enable this. So it is a total system to change
the culture at Barclays. It has many elements, but they all come
together to set a different standard in the organisation, to be
able to identify when people are delivering against that standard
and to deploy the appropriate consequences, positive or negative.[1271]
761. Professor Nicholas Dorn stressed the importance
of incentives in driving cultural change throughout bank staff
hierarchies:
While attention has been drawn to "the tone
at the top", "the tone in the middle" and "the
tone at the bottom" are as important. Collectively, mid-
and lower-level staff see and know more than chief executives
or boards. To reform culture, all levels need to be properly incentivised.[1272]
The role of these incentives is considered in
the next section.
762. The appropriate tone and standard of behaviour
at the top of a bank is a necessary condition for sustained improvements
in standards and culture. However, it is far from sufficient.
Improving standards and culture of major institutions, and sustaining
the improvements, is a task for the long term. For lasting change,
the tone in the middle and at the bottom are also important. Unless
measures are taken to ensure that the intentions of those at the
top are reflected in behaviour at all employee levels, fine words
from the post-crisis new guard will do little to alter the fundamental
nature of the organisations they run. There are some signs that
the leaderships of the banks are moving in the right direction.
The danger is that admirable intentions, a more considered approach,
and some early improvements, driven by those now in charge, are
mistaken for lasting change throughout the organisation.
763. We believe that the influence of a professional
body for banking could assist the development of the culture within
the industry by introducing non-financial incentives, which nonetheless
have financial implications, such as peer pressure and the potential
to shame and discipline miscreants. Such a body could, by its
very existence, be a major force for cultural change and we have
already recommended that its establishment should be pursued as
a medium to long term goal alongside other measures such as new
regulatory provisions.
INDIVIDUAL INCENTIVES FOR IMPROVEMENTS
TO STANDARDS AND CULTURE
764. Dr Adam Posen argued that the culture of banks
reflected the accumulated consequences of a wide range of economic
incentives:
I tend to believe that a lot of what we call
culture does respondat least in commercial areasto
incentives. Part of the issue is that when capital is impeded
at these banks, when these banks have compensation schemes that
reward deal-making and international deal-making over high street
lending, and when they have short-term objectives and compensation
schemes that emphasise short-term trading, those things produce
a certain culture. The swaggering, macho, somewhat nasty fraudulent
culture that emerges reinforces it.[1273]
765. Martin Taylor told us that codes of conduct
were unlikely to succeed in improving standards if financial incentive
worked in the opposite direction:
Simply introducing a code of conduct and making
everybody sign it would be the wrong way round. [...] It cannot
be done [
] by propaganda and PR. It must be deeply grounded
and deeply grounded in behaviours. You cannot tell people to operate
to professional standards on Monday and then, on Tuesday, give
them the kind of sales target that requires them not to operate
to such standards.[1274]
Professor David Kershaw also argued that incentives
tended to trump other considerations:
If the focus is upon cultural change and generating
more ethical culture in banks, we think there are some things
you can do, but you need to start with the basic incentives, because
the basic incentives of senior managers and directors, and therefore
of lower-level employees, are at odds with the sorts of cultural
objectives you want to achieve, and you are not going to effect
cultural change, no matter how strong your sanctions, no matter
how well resourced the regulator is; it is just not going to happen.[1275]
Which? concurred that in order to embed genuine change,
staff needed to be "given the proper incentives to maintain
high levels of professional standards."[1276]
766. Commenting on their internal reform programme,
RBS argued that specific programmes aimed at rapid cultural change
were unlikely to be successful while wider frameworks remained
untouched:
While we consider these measures to be important,
we have no illusions about their ability to effect instant cultural
change. We fully anticipate that it will take years to follow
through on this programme and that the effects may not be immediately
visible. Moreover, we believe that the delivery of real cultural
change is more likely to be a consequence of having created a
good company that serves its customers well than of having implemented
a programme of cultural change.[1277]
767. Media coverage of Antony Jenkins' announcement
of the new Barclays Statement of Purpose and Values suggests that
it was met with, at best, mixed feelings among the traders in
his company.[1278]
768. There is little point in senior executives
talking about the importance of the customer and then putting
in place incentive and performance management schemes which focus
on sales which are not in the interests of the customer. As long
as the incentives to break codes of conduct exceed those to comply,
codes are likely to be broken. Where that gap is widest, such
as on trading floors, codes of conduct have gained least traction.
This betrays a wider problem with stand-alone programmes to raise
standards and improve culture. Attempts to fix them independently
of the causes are well-intentioned and superficially attractive,
but are likely to fail.
769. There is still much to do in promoting diversity
within banks. There is a need to hold banks' feet to the fire
in encouraging the gender diversity of their workforce. The
culture on the trading floor is overwhelmingly male. The Government
has taken a view on having more women in the boardroom through
the review carried out by Lord Davies of Abersoch and his recommendations
that FTSE 100 companies increase the number of women directors
who serve on their boards. If that is beneficial in the boardroom
so it should be on the trading floor. The people who work in an
industry have an impact on the culture of that industry. More
women on the trading floor would be beneficial for banks. The
main UK-based banks should publish the gender breakdown of their
trading operations and, where there is a significant imbalance,
what they are going to do to address the issue within six months
of the publication of this Report and thereafter in their annual
reports.
INDICATORS OF CHANGED CULTURE
770. In order for banks to demonstrate to the
public that they have changed their standards and culture, they
will need to provide clear evidence of such change. Banks are
well aware of their past failings. They should acknowledge them.
Further opportunity to demonstrate change is offered by ongoing
concerns, such as approaches taken to customer redress or involvement
in activities inconsistent with a customer service ethos. The
clearest demonstration of change will come with the avoidance
of further standards failings of the sort that led to the creation
of the Commission.
Driving out fear
INTRODUCTION
771. The banking scandals which we have examined
occurred even though the institutions concerned had formal internal
compliance and control structures which ought to have prevented
wrongdoing. But these systems failed to function effectively.
For example, in HSBC, despite repeated internal and external warnings,
failings in anti-money laundering systems that made the bank "very
attractive to transnational criminal organisations, whether they
are terrorist or criminal in origin," were allowed to persist.[1279]
In Barclays, UBS and RBS, the manipulation of LIBOR submissions
for individual profit continued unrestrained for years, without
internal compliance preventing it.
772. As well as this failure of formal control systems,
the firms concerned were also apparently not tipped off about
wrongdoing by their own employees. Had this occurred, the firms
might have been able to shut down the wrongdoing much earlier
and prevent much of the penalties and reputational damage they
incurred. Why did this not happen? Huw Jenkins, former CEO of
UBS investment bank, acknowledged that this clearly demonstrated
"a failing in our systems and controls and in our culture."[1280]
REASONS THE BANKS WERE NOT TOLD
BY THEIR OWN EMPLOYEES
773. A number of different reasons have been given
to us. The common factor is that employees feared the consequences
of speaking out.
Fear in banking culture
774. An internal investigation into Barclays Wealth
America found that it had a "culture of fear" that was
"actively hostile to compliance" and "ruled with
an iron fist to remove any intervention from those who speak up
in opposition". Issues with the "revenue at all costs
strategy" were not escalated up the management chain, but
"buried, stopping any solution ever coming to light".[1281]
A whistleblower writing in The Independent claimed that
the Barclays investment bank was run "through a culture of
fear. You fear for your job and you fear for your bonus".[1282]
The Salz Review reported that similar problems remain:
There is also evidence from Barclays' internal
Employee Opinion Survey of a cultural unwillingness to escalate
issues. A significant proportion of employees in the investment
bank, for example, said that they were "reluctant to report
problems to management", and that they did not feel able
to "report unethical behaviour without fear of reprisal".
This is not isolated to the investment bankas our own staff
survey showed.[1283]
The same charge has been made of the culture of RBS
during Fred Goodwin's tenure as Chief Executive:
the former chief executive's "aggressive,
macho management style" [...] created a culture where staff
were locked in constant fear of losing their jobs, and his lieutenants
were said to have stopped employees speaking out about problems.[1284]
In addition, the way in which banks suddenly dismiss
employees, without colleagues being told, can deter employees
from raising concerns:
[
] the callousness with which people are
laid off, and the code of silence that immediately surrounds this
person, means that if, say, you have noticed wrongdoing or a risk
and you want to take that up, you know that there is the regular
culling of the herd. You know that there are alliances that you
may have struck up with colleagues who have promised to stand
with you, but they may be gone the next day, for a completely
unrelated reason.[1285]
775. These concerns are not unique to banking. A
recent review of the BBC, found "a strong undercurrent of
fear". It observed that many freelancers felt that "getting
a reputation for speaking out or as a troublemaker is considered
by many to be one form of 'career suicide'."[1286]
The Francis Report on Mid-Staffordshire NHS Trust found that "It
is clear that there is a very real reluctance on the part of staff
at all levels of seniority to persist in raising concerns about
unsafe or substandard services, colleagues' capability and conduct,
and similarly important issues. There is a widespread belief that
the protections offered are theoretical rather than real."[1287]
776. These fears may be justified: employees who
express concerns about questionable practices in a bank may suffer
as a result. In the worst cases, individuals who expressed concern
may have been moved on.
Fear from sales pressures
777. We heard evidence from Citizen's Advice and
Which? about the pressures staff felt under to sell products:
Q47 Mr McFadden: Were the kind of front line
sales service staff that I am talking about given specific targets
per month or per week for the number of PPI products that they
had to sell?
Sue Edwards: When we did our super-complaint,
we talked to Amicusnow Uniteabout whether they had
any evidence of their bank staff being put under pressure to sell
PPI. They said they did not have any specific evidence about PPI,
but they were dealing with a lot of cases of members who were
put under pressure to sell a very high number of products, which
they could not achieve and were facing disciplinary action as
a result.
Peter Vicary-Smith: I think we circulated this
to the Committee. Certainly if we have not, we can do so. We did
research recently among 500 bank staff to see whether things have
changed. In that, we foundthis is bank staff reporting
to us privately about the pressure to sellthat I think
83 per cent said that they felt under the same or greater pressure
to sell, and 40 per cent of bank staff were saying that they knew
a colleague who had mis-sold in order to meet a sales target.
It goes on through, and that is true throughout the industry.
That says to me that there are some great changes being made by
some institutionswe talked before about Barclays and Co-op
having made significant changes to the remuneration structure
to remove incentivisation from front-line salesbut the
culture needs to change. It is not just the structure of remuneration;
it is what you feel pressured to do. That needs to change as well
if it is going to impact on consumers.[1288]
Stuart Davies, regional officer of Unite, told
us that:
The treatment of our members on a day-to-day
basis within the banks feeds into the treatment of customers on
a day-to-day basis. Our concern sits around a very, very aggressive
sales culture that sits in the banks and a very aggressive performance-management
culture that exists in the banks, to the extent of e-mail trails
that go round and round individual performance on performance
targets and whiteboards that contain information on individual
performance. That feeds into increased pressure on staff, which
feeds into, perhaps, some dysfunctional selling to customers,
because they are concerned for their jobs.[1289]
Fear of damage to reputation and career
778. Employees in the financial services industry,
because of its particular characteristics, may fear for their
employability and reputation if they complain about wrongdoing
of all sorts:
It is certainly the case that if you blow the
whistle, it is not only about risk taking or rogue trading and
that sort of thing, but sexual harassment. I have spoken to a
lot of women who have been through incidents of sexual harassment
who did not report it. All of them would say, "My career
in finance in general would be over." Even though it is so
large250,000 peoplethere are all these little niches.
Usually your competence stretches to that niche plus a few adjacent
niches. If you step out of the family and you report somebody
and you blow the whistle, basically you step out of the code of
the entire sector. That has stopped these women reporting things
that were truly shocking.[1290]
ENCOURAGING ESCALATION AND WHISTLEBLOWING
779. Fear of the consequences, even if misplaced,
deters bank employees from raising wrongdoing with their manager
or firm. The numbers of successful whistleblowers in banks is
understood to be very low. This is not in the interest of banks
themselves. The people best placed to flag up emerging failings
in culture and standards are a bank's own employees. Despite the
widespread knowledge of LIBOR-rigging on the trading floor, no
employee apparently felt sufficiently concerned, or sufficiently
confident, to 'whistleblow' by escalating the problem internally,
or informing the regulator. As we have said, had staff come forward
at an early stage, even at one firm, and had their concerns been
acted on with appropriate reporting to the regulator, much of
the damage caused by the LIBOR-rigging scandal might have been
avoided.
780. Dr Andrew Hilton of the CSFI described the positive
impact that whistleblowers could have, saying that an effective
internal whistleblowing system:
can actually operate rather like an internal
audit function and can be genuinely, extraordinarily useful to
the companies, because it enables the top management to circumvent
all sorts of problems in the middle management and get down to
what is really happening at the rock face.[1291]
781. Rich Ricci of Barclays showed a marked appreciation
of the scale of what went wrong. He admitted that the bank's culture
may have been an impediment to effective internal whistleblowing:
You want an environment where people feel safe
[...] we were a culture that did not like people who admired problems;
we liked people who drove solutions. I think that shift may have
been too much. People have to be encouraged to raise problems,
and not to be afraid to say, "This is an issue," without
having a solution, so that everyone can fix it. That is a learning
that we in the investment bank need to reinforce.[1292]
The ICAEW told us that:
In addition to personal integrity, and the correct
tone from the top, there is a need for an organisational structure
that encourages and rewards people for acting with integrity,
and which seeks to avoid creating conflicts among staff.[1293]
Ali Parsa, Chief Executive, Circle Partnership, said
that:
Our organisations are still stuck in the era
of, "What processes can I put in place in order to manage
you to do your job?" We need to think about what values to
put in place, and what values do I judge you by and trust you
to get on and do it? You then create an environment in which you
self-regulate and self-police each other to make sure you stick
to that set of values.[1294]
Whistleblower Martin Woods commented that "Ultimately
it is all about culture [...] a culture which encourages people
to speak out and rewards them for doing so."[1295]
782. Whistleblowing in the financial services sector
needs to be treated by firms not as inconvenient and potentially
damaging, but as a valuable source of information for senior management.
We set out below some of the practical steps that we expect banks
to take to provide greater encouragement and protection for internal
whistleblowers. Procedural and practical solutions will only be
effective if they are underpinned by a significant change in bank
standards and culture.
BANKS' OWN WHISTLEBLOWING POLICIES
783. Whistleblowing policies and procedures do exist
within banks, but they failed. In evidence they were criticised
for being insufficiently clear, well-publicised, and robust. Whistleblowing
charity Public Concern at Work commented that:
Many policies are too legalistic, complicated,
fail to give options outside line management, do not provide adequate
(or any) assurances to the individual, place the duty of fidelity
above all else, and contain contradictory and/ or poor reassurances
on confidentiality.[1296]
In oral evidence to us, HSBC told us that it rewarded
staff who drew attention to wrong behaviour of different kinds,
but struggled to demonstrate how its internal guidance documents
clearly set out the expectation for staff to escalate matters
if they became aware of wrongdoing.[1297]
Professor Nicholas Dorn told us that:
A significant (quite high) level of clawback
would be appropriate for those working alongside or near the locus
of undesirable behaviour. In the absence of such an incentive,
nearby staff might possibly disapprove of the behaviour but shrug
it off (on the basis that it is not really their business, since
they themselves are not directly involved and hence would not
be held to account); or they might observe the behaviour with
some amusement or excitement ("so that's how it works!");
or they might even facilitate it in small ways (carrying out tasks
on request).[1298]
784. The Commission was shocked by the evidence
it heard that so many people turned a blind eye to misbehaviour
and failed to report it. Institutions must ensure that their staff
have a clear understanding of their duty to report an instance
of wrongdoing, or 'whistleblow', within the firm. This should
include clear information for staff on what to do. Employee contracts
and codes of conduct should include clear references to the duty
to whistleblow and the circumstances in which they would be expected
to do so.
785. Concerns reported by employees may be less specific
than those typically associated with whistleblowing. Employees
may feel a sense of unease about a practice or a product without
necessarily understanding or anticipating the scale of the problem.
Stuart Davis, from Unite Union, told us that bank staff had concerns
about PPI long before it emerged as a scandal: "Clearly,
there was growing discomfort among our members that perhaps the
products they were selling were not all they were cracked up to
be".[1299] We
noted earlier in this chapter the enormous pressure front-line
staff were under to sell products, not just as a result of financial
incentive structures, but also as a result of less formal cultural
influences. Jayne-Anne Gadhia, now CEO of Virgin Money, told us
of her struggle with her previous employer to get them to address
problems relating to PPI:
I used to work at RBS until about seven years
ago, and at the time I was working in an area that was selling
PPI. I spoke to a senior person at RBS about the need to withdraw
PPI at that time from our - from RBS's- marketing, and the reply
I got was, "Yes, it is clear that that should be withdrawn
but we can't be the first people to do it because we would be
the ones who lose profit first.".[1300]
786. In addition to procedures for formal whistleblowing,
banks must have in place mechanisms for employees to raise concerns
when they feel discomfort about products or practices, even where
they are not making a specific allegation of wrongdoing. It is
in the long-term interest of banks to have mechanisms in place
for ensuring that any accumulation of concerns in a particular
area is acted on. Accountability for ensuring such safeguards
are in place should rest with the non-executive director responsible
for whistleblowing.
Senior responsibility
787. If whistleblowers are to have the confidence
to come forward within firms, they need to be reassured that their
reports will be dealt with appropriately and that they will be
protected from detrimental treatment by their employer. Professor
Nicholas Dorn said that:
It is clear that positive whistleblowing policies
must be a key element in establishing the right tone and culture
throughout an organisation. Internal audit plays a central role
in this, eg as a first point of contact for whistleblowers, as
an instrument to deal with information given by whistleblowers
to the board, its chair, or its audit committee, or as a whistleblower
itself. It is not clear whether the whistleblowing arrangements
themselves were inadequate in the run-up to the financial crisis
or whether warning voices were drowned out because the prevailing
culture, led from the top, did not support questioning the overall
risk strategy.[1301]
788. Internal whistleblowing processes must be overseen
by an individual with the authority and seniority both to ensure
that whistleblowing reports are acted upon and to protect the
whistleblower. A non-executive board memberpreferably
the Chairmanshould be given specific responsibility under
the Senior Persons Regime for the effective operation of the firm's
whistleblowing regime. That Board member must be satisfied that
there are robust and effective whistleblowing procedures in place
and that complaints are dealt with and escalated appropriately.
It should be his or her personal responsibility to see that they
are. This reporting framework should provide greater confidence
that wider problems, as well as individual complaints, will be
appropriately identified and handled.
What firms' whistleblowing regimes should contain
789. We do not propose a one-size-fits-all approach
to establishing appropriate whistleblowing procedures. There already
exists a wealth of best practice guidance and, as we have already
made clear, the success of a whistleblowing regime will owe more
to an institution's overall culture than the minutiae of its procedures.
Nonetheless, we believe that there are some elements of a successful
whistleblowing policy which are sufficiently important that they
should be incorporated into every institution's whistleblowing
processes, and we outline these below. Beyond this, it is for
the Chairman or other responsible board member to ensure that
the whistleblowing procedure at the firm is fit for purpose, as
outlined above.
Protection
790. In many cases whistleblowers will act anonymously,
but where whistleblowers are not anonymous they need particular
protection, because a key barrier to effective whistleblowing
is the fear that staff will face repercussions from their employer
for having drawn attention to wrongdoing. We note that legal protection
for whistleblowers does already exist in the form of the Public
Interest Disclosure Act 1998 (PIDA). A person making a "protected
disclosure" which falls within the terms of PIDA (including
an allegation of criminality or failure to comply with a legal
obligation) and who is subsequently detrimentally treated by his
or her employer can take their case to an employment tribunal
and seek damages. But in spite of this legal protection, blowing
the whistle remains daunting. Martin Woods commented that "when
an individual blows the whistle in a bank, he/she is blowing the
whistle against some very powerful and very strong people."[1302]
Ian Taplin described the pressure not to whistleblow as "immense"
and argued that whistleblowers within the banking sector can face
intimidation and obstruction.[1303]
791. As part of a robust whistleblowing procedure,
institutions must have effective systems in place to protect whistleblowers
against detrimental treatment. The Commission recommends that
the Board member responsible for the institution's whistleblowing
procedures be held personally accountable for protecting whistleblowers
against detrimental treatment. It will be for each firm to decide
how to operate this protection in practice, but, by way of example,
the Board member might be required to approve significant employment
decisions relating to the whistleblower (such as changes to remuneration,
change of role, career progression, disciplinary action), and
to satisfy him or herself that the decisions made do not constitute
detrimental treatment as a result of whistleblowing. Should a
whistleblower later allege detrimental treatment to the regulator,
it will be for that Board member to satisfy the regulator that
the firm acted appropriately.
Record keeping
792. Existing guidance from the regulator encourages
whistleblowers to raise their concerns internally in the first
instance. We received evidence that many complaints that are framed
as whistleblowing reports are in fact more appropriately categorised
as individual grievances or disagreement with legitimate management
decisions,[1304]
and we recognise that this may sometimes be the case. Whistleblowing
reports should be subjected to an internal 'filter' by the bank
to identify those which should be treated as grievances. Banks
should be given an opportunity to conduct and resolve their own
investigations of substantive whistleblowing allegations. We note
claims that 'whistleblowing' being treated as individual grievances
could discourage legitimate concerns from being raised.
793. The Commission does, however, believe that it
is important that a contemporaneous and independent record of
every whistleblowing complaint exists, regardless of its eventual
outcome. The regulator should periodically examine a firm's
whistleblowing records, both in order to inform itself about possible
matters of concern, and to ensure that firms are treating whistleblowers'
concerns appropriately. The regulators should determine the information
that banks should report on whistleblowing within their organisation
in their annual report.
THE ROLE OF THE REGULATOR
Benefiting from whistleblowers
794. As explained above, one of the challenges facing
regulators is that they are not as well placed as those within
banks to spot problems. Whistleblowers therefore play an important
role in bringing concerns to the attention of regulators. Banks
must implement and administer appropriate and robust whistleblowing
procedures. Nonetheless, there is also an important role for the
regulator to play in overseeing the operation of banks' internal
whistleblowing procedures, in providing an alternative route for
whistleblowing, and in providing support and encouragement to
whistleblowers. The evidence that we received from whistleblowers
demonstrated a lack of confidence in the regulator's willingness
and ability to support them and to act upon their concerns. Whistleblowers
UK said that whistleblowers "have no confidence in the FSA".[1305]
Martin Woods, whose actions in disclosing wrongdoing at Wachovia
were commended by the US Comptroller of the Currency, said that
his experience with the FSA "should have been a better one".[1306]
795. Approved Persons are currently obliged to "deal
with the FSA and with other regulators in an open and cooperative
way and must disclose appropriately any information of which the
FSA would reasonably expect notice." (Principle 4 of the
Statement of Principles for Approved Persons). Tracey McDermott
described this Principle as providing an "obligation to whistleblow",[1307]
but acknowledged that it was questionable whether the FSA had
been sufficiently assertive in enforcing it. She suggested that
in many cases where wrongdoing was uncovered, the FSA had tended
to focus on enforcement action for the wrongdoing itself rather
than considering whether a breach of Principle 4 had also occurred.
796. All Senior Persons should have an explicit
duty to be open with the regulators, not least in cases where
the Senior Person becomes aware of possible wrongdoing, regardless
of whether the Senior Person in question has a direct responsibility
for interacting with the regulators.
Encouraging whistleblowers
797. Regulators should be responsible for ensuring
that firms have put in place an appropriate whistleblowing system.
However, Martin Wheatley did not appear to believe that the FCA
needed to do anything more to address the problems that whistleblowers
may face:
The truth is, absent the question about incentives,
that I am not sure that there is anything that we would need to
add to the current structure. There is a high degree of protection
for whistleblowers. They will sometimes need counselling if they
are facing particular problems in a firm, and we would suggest
areas that they can go to. We cannot provide that level of counselling.
Our primary responsibility is to protect the identity of a whistleblower
and to protect the source of information that comes to us.[1308]
while protecting the anonymity of whistleblowers
is important, this attitude gave support to Martin Woods's evidence
of his experience:
At the end of the meeting the FSA gave me the
telephone number of Public Concern at Work [...] and the FSA advised
me to call them should I encounter any difficulties. This was
the FSA's welfare programme for whistleblowers. The whole episode
left me with a sense of emptiness and even further isolation.[1309]
He told us that he later submitted a complaint to
the FSA that he had been detrimentally treated by his employer
for his whistleblowing, but did not receive any feedback from
the FSA.[1310]
798. The FSA Handbook states that it "would
regard as a serious matter any evidence that a firm had acted
to the detriment of a worker because he had made a protected disclosure
about matters which are relevant to the functions of the FSA.
Such evidence could call into question the fitness and propriety
of the firm or relevant members of its staff, and could therefore,
if relevant, affect the firm's continuing satisfaction of threshold
condition 5 (Suitability) or, for an Approved Person, his status
as such."[1311]
The FSA told us that it
[...] would take seriously the suggestion that
an FSA-regulated firm breached the requirements of the Public
Interest Disclosure Act by penalising a member of staff who had
made a protected disclosure. [...] There have been cases where
whistleblowers have informed us that they believe their employer
acted in a manner that led to the whistleblower suffering detriment
as a consequence of making a protected disclosure. [...] To date,
we have not undertaken detailed investigatory work or enforcement
action against firms we regulate as a consequence of receiving
accusations they mistreated a whistleblower.[1312]
The FSA also said that actively monitoring employment
tribunal cases brought by bank employees alleging detrimental
treatment would not be cost-effective, large number of such cases
brought each year.[1313]
799. The FCA's evidence appeared to show little
appreciation of the personal dilemma that whistleblowers may face.
The FCA should regard it as its responsibility to support whistleblowers.
It should also provide feedback to the whistleblower about how
the regulator has investigated their concerns and the ultimate
conclusion it reached as to whether or not to take enforcement
action against the firm and the reasons for its decision. The
Commission recommends that the regulator require banks to inform
it of any employment tribunal cases brought by employees relying
on the Public Interest Disclosure Act where the tribunal finds
in the employee's favour. The regulator can then consider whether
to take enforcement action against individuals or firms who are
found to have acted in a manner inconsistent with regulatory requirements
set out in the regulator's handbook. In such investigations the
onus should be on the individuals concerned, and the non-executive
director responsible within a firm for protecting whistleblowers
from detriment, to show that they have acted appropriately.
800. The FSA told us that "if someone provides
us with information which indicates that their fitness and propriety
is in question then we have taken the view that we cannot, as
the regulator, ignore that. So the consequences may be that an
individual who comes forward is prohibited from working in the
industry".[1314]
The FSA acknowledged that this approach "acts as a further
disincentive to report misbehaviour" and suggested that it
could adopt a more lenient approach to whistleblowers who bring
misconduct to its attention (with appropriate safeguards to ensure
that other market users or customers were not put at risk). It
said that it did operate leniency provisions in connection with
insider dealing.[1315]
The PRA and the FCA have, however, now stated that a mitigating
factor in deciding on any financial penalty can be the conduct
of the individual in bringing the breach to the regulators' attention.[1316]
801. One of the more controversial proposals to encourage
whistleblowing is the use of financial incentives, as found in
the United States. The most recent US scheme, introduced under
the Dodd-Frank Act, provides for whistleblowers to be rewarded
with a proportion of any fine levied on a company as a result
of the information they have provided. Some of the evidence we
received pressed strongly for the introduction of a similar scheme
here. Erika Kelton, a US lawyer dealing with whistleblowing cases,
described the impact of the US whistleblowing incentive schemes:
Tens of billions of dollars otherwise lost to
illegal practices that cheat the public fisc have been recovered
as a direct result of whistleblower information. But the impact
and importance of whistleblower matters goes far beyond the large
dollar amounts recovered for US taxpayers. Whistleblowers have
exposed grave wrongdoing, leading to changes that promote integrity
and transparency in financial markets. Whistleblowers have helped
stop massive mortgage frauds, gross mischarging practices, commodity
price manipulation, and sophisticated money laundering schemes,
among other misdeeds.[1317]
She argued that "meaningful, non-discretionary
financial incentives are critical to establishing robust and successful
whistleblower programs."[1318]
802. The FSA had some serious reservations about
the use of financial incentives, particularly in relation to the
associated "moral hazards". It argued that the prospect
of already highly-paid individuals receiving a "reward"
for doing what was arguably their duty could lead to public disquiet.
Carol Sergeant, Chairman of the whistleblowing charity Public
Concern at Work, also had reservations and suggested that financial
incentives could encourage whistleblowers to delay reporting wrongdoing
in order to maximise their reward.[1319]
Whistleblowers UK recognised the potential pitfalls of financial
incentives, but argued that an incentive system based on a principle
of compensation rather than reward would act as a recognition
of the risks that a whistleblower undertook, while avoiding some
of the associated moral hazard.[1320]
803. We note the regulator's disquiet about the
prospect of financially incentivising whistleblowing. The Commission
calls on the regulator to undertake research into the impact of
financial incentives in the US in encouraging whistleblowing,
exposing wrongdoing and promoting integrity and transparency in
financial markets.
804. We have said earlier in this Report that
the financial sector must undergo a significant shift in cultural
attitudes towards whistleblowing, from it being viewed with distrust
and hostility to one being recognised as an essential element
of an effective compliance and audit regime. Attention should
focus on achieving this shift of attitude.
805. A poorly designed whistleblowing regime could
be disruptive for a firm but well designed schemes can be a valuable
addition to its internal controls. The regulator should be empowered
in cases where as a result of an enforcement action it is satisfied
that a whistleblower has not been properly treated by a firm,
to require firms to provide a compensatory payment for that treatment
without the person concerned having to go to an employment tribunal.
1118 Group of Thirty, Toward Effective Governance
of Financial Institutions, 12 April 2012, p 5, www.group30.org Back
1119
John Kay, The Kay Review of UK Equity Markets and Long-term
Decision Making: Final Report, 23 July 2012, p 10,
www.gov.uk Back
1120
John Kay, The Kay Review of UK Equity Markets and Long-term
Decision Making: Final Report, 23 July 2012, p 21,
www.gov.uk Back
1121
Sir David Walker, A review of corporate governance in UK banks
and other financial industry entities, Final recommendations,
November 2009, p 17 Back
1122
John Kay, The Kay Review of UK Equity Markets and Long-term
Decision Making: Final Report, 23 July 2012, p 45,
www.gov.uk Back
1123
Ibid. P 10 Back
1124
Q 326 Back
1125
Q 3628 Back
1126
Ev 1324 Back
1127
Ev 1222 Back
1128
Ev 1119 Back
1129
Treasury Committee, Ninth Report of Session 2010-11, Competition
and choice in retail banking, HC 612, Qq 833-835 Back
1130
Q 344 Back
1131 Ev
832 Back
1132
Lloyds Banking Group, Annual Report and Accounts 2012, p 50, www.lloydsbankinggroup.com Back
1133
Lloyds Banking Group, Annual Report and Accounts 2009, p 84, www.lloydsbankinggroup.com Back
1134
Barclays, Annual Report and Accounts 2012, p 176, www.barclays.com Back
1135
Q 870 Back
1136
Lloyds Banking Group, Annual Report and Accounts 2012,
p 50, www.lloydsbankinggroup.com Back
1137
Barclays, Annual Report and Accounts 2012, p 176, www.barclays.com Back
1138
Financial Reporting Council, The UK Corporate Governance Code,
September 2012, p 7, www.frc.org.uk Back
1139
Financial Reporting Council, The UK Corporate Governance Code,
September 2012, p 9, www.frc.org.uk Back
1140
"Board committees", HSBC, 2013, www.hsbc.com Back
1141
"The Board Committees", Barclays, 2013, www.barclays.com Back
1142
"Remuneration Committee - Terms of Reference", Lloyds
Banking Group, 2013, www.lloydsbankinggroup.com Back
1143
Standard Chartered, Annual Report and Accounts 2012, www.reports.standardchartered.com Back
1144
Group of Thirty, Toward Effective Governance of Financial Institutions,
12 April 2012, p 12, www.group30.org; Sir David Walker, A review
of corporate governance in UK banks and other financial industry
entities, Final recommendations, November 2009, paras 1.8
and 1.10 Back
1145
Treasury Committee, Fifth Report of Session 2007-08, The run
on the Rock, HC 56-I, para 31 Back
1146
Fourth Report, paras 91 and 92 Back
1147
CQ 1 Back
1148
CQ 2 Back
1149
Q 4554 Back
1150
CQ 9 Back
1151
C Ev 139 Back
1152
Financial Reporting Council, The UK Corporate Governance Code,
September 2012, p 6, www.frc.org.uk Back
1153
Ibid. p 10 Back
1154
Treasury Committee, Ninth Report of Session 2008-09, Banking
Crisis: reforming corporate governance and pay in the City,
HC 519, para 151 Back
1155
Written evidence from Cevian Capital to the Treasury Committee,
May 2012(CGR 31) [not printed], www.parliament.uk/treascom Back
1156
Q 17 Back
1157
Sir David Walker, A review of corporate governance in UK banks
and other financial industry entities, Final recommendations,
November 2009, p 9
Back
1158
Uncorrected transcript of oral evidence taken before the Treasury
Committee on 22 May 2012, HC (2012-13) 72-i, Q22 Back
1159
Uncorrected transcript of oral evidence taken before the Treasury
Committee on 19 June 2012, HC (2012-13) 72-iii, Q 139 Back
1160
Ibid. Q 141 Back
1161
Treasury Committee, Ninth Report of Session 2008-09, Banking
Crisis: reforming corporate governance and pay in the City,
HC519, Ev 252 Back
1162
The two-tier board model is already an optional alternative in
the UK since company law does not exclude it. Back
1163
Sir David Walker, A review of corporate governance in UK banks
and other financial industry entities, Final recommendations,
November 2009 Back
1164
Ev 836 Back
1165
Written evidence from the Confederation of British Industry to
the Treasury Committee (CGR 16), May 2012 [not printed], www.parliament.uk/treascom Back
1166
Q 2137 Back
1167
Written evidence from Hermes Equity Ownership Services to the
Treasury Committee (CGR 20), May 2012 [not printed], www.parliament.uk/treascom Back
1168
Group of Thirty, Toward Effective Governance of Financial Institutions,
12 April 2012, p 13, www.group30.org Back
1169
Sir David Walker, A review of corporate governance in UK banks
and other financial industry entities, Final recommendations,
November 2009, p 41 Back
1170
RBS, Annual Report and Accounts 2008, p 155, www.investors.rbs.com Back
1171
Sir David Walker, A review of corporate governance in UK banks
and other financial industry entities, Final recommendations,
November 2009, p 41 Back
1172
C Ev 148 Back
1173
C Ev 131 Back
1174
HSBC, Annual Report and Accounts 2012, p 310, www.hsbc.co.uk;
Standards Chartered, Annual Report and Accounts 2012, p
137, www.standardchartered.com Back
1175
Sir David Walker, A Review of corporate governance in UK banks
and other financial industry entities, 26 November 2009, p
43 Back
1176
Sir David Walker, A Review of corporate governance in UK banks
and other financial industry entities, 26 November 2009, p
45 Back
1177
C Ev 137 Back
1178
C Ev 37 Back
1179
Uncorrected transcript of oral evidence taken before the Treasury
Committee on 19 June 2012, HC (2012-13) 72-iii, Q 144 Back
1180
Ibid., Q 157 Back
1181
Written evidence from Chartered Insurance Institute to the Treasury
Committee, May 2012 (CGR 09) [not printed], www.parliament.uk/treascom Back
1182
Q 408 Back
1183
Written evidence from Cevian Capital to the Treasury Committee,
May 2012 (CGR 31) [not printed], www.parliament.uk/treascom Back
1184
Written evidence from ShareSoc to the Treasury Committee, May
2012 (CGR 15) [not printed], www.parliament.uk/treascom Back
1185
Written evidence from Cevian Capital to the Treasury Committee,
May 2012 (CGR 31) [not printed], www.parliament.uk/treascom Back
1186
Uncorrected transcript of oral evidence taken before the Treasury
Committee on 22 May 2012, HC (2012-13) 72-i, Q33 Back
1187
C Ev 148 Back
1188
Q 1014 Back
1189
Ev 1039 Back
1190
FR Ev 46 Back
1191
Financial Reporting Council, The UK Corporate Governance Code,
September 2012, p 9, www.frc.org.uk Back
1192
Financial Reporting Council, Guidance on Board Effectiveness,
March 2011, p 2, www.frc.org.uk Back
1193
ABI, Report on Board effectiveness, December 2012, p 5 Back
1194
Sir David Walker, A review of corporate governance in UK banks
and other financial industry entities, Final recommendations,
November 2009, p 58 Back
1195
C Ev 51 Back
1196
C Ev 137-138 Back
1197
See, for example, DQq 177, 581, 3838 Back
1198
Ev 943 Back
1199
DQ 436 Back
1200
Q 3778 Back
1201
C Ev 88 Back
1202
DQq 678-679 Back
1203
Q 2245 Back
1204
DQ 785 Back
1205
DQ 668 Back
1206
Ibid. Back
1207
DQ 617 Back
1208
C Ev 18 Back
1209
C Ev 41 Back
1210
BQ 7 Back
1211
Q 32 Back
1212
C Ev 64 Back
1213
Qq 654-7 Back
1214
DQ 674 Back
1215
Qq 460-2 Back
1216
Ev 916 Back
1217
DQ 673 Back
1218
DQ 773 Back
1219
DQ 139 Back
1220
Ibid. Back
1221
DQ 298 Back
1222
DQq 323-4 Back
1223
DQ 408 Back
1224
DQ 46 Back
1225
DQ 54 Back
1226
DQ 71 Back
1227
DQ 196 Back
1228
Ev 916 Back
1229
"Lloyds looks beyond PPI and LIBOR", The Financial
Times, 26 July 2012, www.ft.com Back
1230
Q 880 Back
1231
Q 3560 Back
1232
Ev 932 Back
1233
Ev 914 Back
1234
Ev 743 Back
1235
Q 17 Back
1236
Ibid. Back
1237
Salz review: An independent Review of Barclays' Business Practices,
April 2013, para 2.20 Back
1238
Q 3474 Back
1239
Ev 1324 Back
1240
Q 3666 Back
1241
Qq 3666-7 Back
1242
"Becoming the 'Go-To' bank", Barclays, 2013,
www.group.barclays.com Back
1243
Barclays, Barclays' response to the Salz Review, 25 April
2013, p 5, www.group.barclays.com Back
1244
Q 3542 Back
1245
Salz review: An independent Review of Barclays' Business Practices,
April 2013, para 8.14 Back
1246
"The cost of making bankers behave", The Financial
Times, 28 January 2013, www.ft.com Back
1247
Salz review: An independent Review of Barclays' Business Practices,
April 2013, para 8.17 Back
1248
Ibid., para 8.16 Back
1249
Word cloud created with the company values of Barclays, Citigroup,
Deutsche Bank, Goldman Sachs, HSBC, JP Morgan, Lloyds Banking
Group, Merrill Lynch, RBS, Standard Chartered and UBS as set out
on their websites. Back
1250
Ev 1456 Back
1251
Q 2418 Back
1252
Enron, Annual Report 2000, p53 Back
1253
Ev 1456 Back
1254
William D. Cohen, Money and Power: How Goldman Sachs Came to
Rule the World, (UK, 2012) Back
1255
Ev 938 Back
1256
Q 2732 Back
1257
Qq 2488-90 Back
1258
Ev 1321; see also Ev 890, 1367 Back
1259
Treasury Committee, Second Report of Session 2012-13, Fixing
LIBOR: some preliminary findings, HC 481-I, pp 59-83 Back
1260
Ev 1042 Back
1261
Ev 1216 Back
1262
Ev 1136 Back
1263
Ev 1037 Back
1264
Ev 743 Back
1265
Q 2729 Back
1266
Bank of Canada, Rebuilding Trust in Global Banking speech,
Mark Carney, 25 February 2013, www.bankofcanada.ca Back
1267
Q 2437 Back
1268
Q 2698 Back
1269
Ev 833 Back
1270
Ev 914 Back
1271
Q 3557 Back
1272
Ev 983 Back
1273
Q 2698 Back
1274
Q 416 Back
1275
Q 2686 Back
1276
Ev 1445 Back
1277
Ev 1321 Back
1278
See, for example, "Antony Jenkins to staff: adopt new values
or leave Barclays", Daily Telegraph, 17 January 2013,
www.telegraph.co.uk and "City Life: Traders mock as Barclays'
new boss tries out Jerry Maguire-style gamble", Evening
Standard, 18 January 2013, www.standard.co.uk Back
1279
Q 3778 Back
1280
Q 2038 Back
1281
Genesis Ventures report into Barclays Wealth, cited in "Exposed:
The regime of fear inside Barclays - and how the boss lied and
shredded the evidence", Mail on Sunday, 20 January
2013, www.dailymail.co.uk Back
1282
"Whistleblower: 'The culture ultimately comes from the top",
The Independent, 7 July 2012, www.independent.co.uk Back
1283
Salz review: An independent Review of Barclays' Business Practices,
April 2013, para 12.41 Back
1284
"RBS collapse down to Fred Goodwin's 'culture of fear",
The Scotsman, 22 June 2012, www.scotsman.com, 22 June 2012,
reporting on Ron Kerr and Sarah Robinson's analysis, "From
Symbolic Violence to Economic Violence: The Globalizing of the
Scottish Banking Elite", Organization Studies, vol
33, issue 2 (2012), pp 247-266 Back
1285
DQ 90 Back
1286
BBC, Respect at Work Review, 2 May 2013, pp 19-21, www.bbc.co.uk Back
1287
The Mid Staffordshire NHS Foundation Trust Inquiry, Independent
inquiry into care provided by the Mid-Staffordshire NHS Foundation
trust January 2005-March 2009, HC 375, p 409 Back
1288
JQ 47 Back
1289
JQ 276 Back
1290
DQ 105 Back
1291
DQ 52 Back
1292
DQ 792 Back
1293
Ev 1131 Back
1294
DQ 8 Back
1295
Ev 1633 Back
1296
Ev 1300 Back
1297
DQq 549-53 Back
1298
Ev 984 Back
1299
JQ 279 Back
1300
FQ 37 Back
1301
Ev 945 Back
1302
Ev 1631 Back
1303
Ev 1345 Back
1304
DQq 147, 363, 561 Back
1305
Ev 1348 Back
1306
Ev 1632 Back
1307
Q 3058 Back
1308
Q 4472 Back
1309
Ev 1632 Back
1310
Ibid. Back
1311
FSA, Senior Management Arrangements, Systems and Controls Sourcebook,
June 2013.p 18, www.fsahandbook.info Back
1312 Ev
1059-1060 Back
1313
Ev 1059 Back
1314
Ev 1058 Back
1315
Ibid. Back
1316
Bank of England, Prudential Regulation Authority, The PRA's
approach to enforcement: statutory statements of policy and procedure,
April 2013, Appendix 2, para 25, www.bankofengland.co.uk; PRA
and FSA Handbook, DEPP 6.5B, www.fshandbook.info Back
1317
Ev 1185 Back
1318
Ev 1186 Back
1319
EQ 113 Back
1320
Ev 1354 Back
|