Changing Banking for Good - Parliamentary Commission on Banking Standards Contents


7  Bank governance, standards and culture

Introduction

658. In this chapter, we examine the governance and culture of banks, considering successively: shareholders, boards and internal control frameworks, and then wider issues relating to the culture within banks, including bank value statements and the role of whistleblowers.

659. The primary duty for maintaining high standards in banks lies with the banks themselves, and in particular their boards. They operate within a corporate governance framework of rules, guidelines and best practice for public corporations that is designed to ensure that they fulfil this duty. Corporate governance has been found badly wanting in financial institutions in the recent past, particularly in banks. This has been at great cost not just to the shareholders, but to taxpayers. There have been a number of common features of the failures of bank boards, regardless of the structures of those boards. A number of steps have been taken since the onset of the financial crisis to improve governance practice in financial institutions.[1118] The Commission has no wish to turn the clock back or prescribe highly detailed templates. The Commission is also realistic about the limited scope there is for achieving transformational change within banks through changes to structures of governance, but considers that there were considerable defects in corporate governance in banks that can and should be addressed. However, there are some changes we suggest below which we judge are likely to secure significant improvements to banks' governance and which are aligned with our proposals in the previous chapter on a new framework founded on the principle of individual responsibility.

Shareholders: the silent owners

THE UK EQUITY MARKET

660. Shareholders have not been effective in disciplining or constraining banks' behaviour. This section examines why shareholders, or rather those that act for shareholders, have contributed to the crisis of banking standards, and the extent to which shareholders can be expected to be part of the solution.

661. In recent decades, the pattern of UK shareholding has become more fragmented. Insurers, pension funds and individuals have outsourced their investments to fund managers, who have come to dominate equity markets, while financial globalisation has led to a rising proportion of UK equities held by overseas investors. Professor John Kay, in his review of UK equity markets, argued that "This fragmentation has reduced the incentives for engagement and the level of control enjoyed by each shareholder".[1119]In many cases, this process has further weakened active engagement by shareholders, with fund managers and overseas investors typically more interested in the short-term performance of companies than in generating sustainable returns by promoting their long-term success. Any influence they wield over the management of the company is manifested through selling their stock rather than through voting and engaging with the boards of their investee companies, a phenomenon described in the Kay review as "exit over voice".[1120] The table below shows how the proportion of UK-quoted shares held by insurance companies and pension funds has declined in recent decades, while overseas holdings have increased.
Historical Trends in Beneficial Ownership (Percentage Held) 19631975 19811991 20012008 2010
Rest of the world 7 5.6 3.6 12.8 35.7 41.5 41.2
Insurance companies 10 15.9 20.5 20.8 20 13.4 8.6
Pension funds 6.4 16.8 26.7 31.3 16.1 12.8 5.1
Individuals 54 37.5 28.2 19.9 14.8 10.2 11.5
Other 22.6 24.2 21 15.2 13.4 22.1 33.6

Source: The Kay Review of UK Equity Markets and Long-term Decision Making, Final Report, p 31

662. Investors that hold shares for a short period are less likely to be concerned by the long-term prospects of the company they own, other than to the extent that it affects short-term movements in the share price. Because they trade more frequently, short-term investors can exercise an influence on share prices that is disproportionate to their holdings. The rise of shareholder short-termism and disengagement from the responsibilities of ownership has been exacerbated by the growth of intermediaries that have distanced the ultimate beneficial owner of shares from investee companies.

663. The Kay review and Sir David Walker's review of corporate governance in UK banks both considered these developments, and proposed measures to reflect better shareholders' responsibilities as company owners. Among other recommendations, the Walker review proposed a new Stewardship Code setting out best practice in stewardship by institutional investors and fund managers.[1121] The Kay review recommended the inclusion of a commitment to responsible engagement within the investment management industry code.[1122] However, Professor Kay and Sir David both acknowledged in evidence to the Commission that the investment environment that they ultimately sought, in which the "anonymous trader" was replaced by the "concerned investor", remained a long way off.[1123] Professor Kay spoke of "philosophical leaps that are needed to take us to the world we would like",[1124] while Sir David told us that "it will not happen overnight, and it may never happen".[1125]

WHO OWNS THE BANKS AND WHY?

664. The situation facing UK equity markets generally also applies to banks specifically. In Annex 5 we consider further evidence on bank ownership. The main points emerging from that evidence are that:

·  Few entities hold large single stakes in UK banks and many have holdings in each of the large banks;

·  Bank shareholdings are often held for a short time, encouraging short-term risk-taking;

·  There are reasons for scepticism as to whether shareholders could spot the risks which a bank's own leadership misses; and

·  Active investment can lead to higher returns, but potential active investors are wary of seeking insider knowledge.

Institutional shareholders have not done enough to encourage banks to maintain high levels of banking standards.

SHAREHOLDER PRESSURE AND LEVERAGE

665. Where shareholders did engage with banks in recent years, it was sometimes to pressurise them to take on additional risk and increase leverage to boost equity returns. RBS told us that "in some instances investors pressed for what were arguably unsustainable levels of return, creating pressure to increase leverage and take on additional risk".[1126] Lloyds said that:

    Shareholder behaviour "pre-crunch" focused on a drive for growth with emphasis placed on delivering potentially unsustainable returns, without recognition of the downside risks. This was a factor in creating a culture that arguably led to failure in the sector.[1127]

In its evidence, HSBC wrote of a "very strong public call for leverage and structuring from many institutional shareholders",[1128] while its Chairman Douglas Flint told the Treasury Committee that:

    There was a great deal of pressure coming from shareholders who were looking for enhanced returns and were pointing to business models that have, with hindsight, been shown to be flawed and in particular very leveraged business models and saying, "You guys are inefficient. You have a lazy balance sheet. There are people out there that are doing much better than you are", and there was tremendous pressure during 2006/07.[1129]

A number of witnesses noted that this misalignment of interests between shareholders and society was further exacerbated in banks deemed too big to fail because bondholders perceived to be insured against failure did not rein in the more risky instincts of shareholders. As Professor Kay put it:

    banks [...] are unique among large companies in that the equity shareholders in reality only provide 2 per cent or 3 per cent of the capital of a business [...] Much of the capital is[...] in effect employed by bond holders.[1130]

Professors Black and Kershaw drew attention evidence from the US indicating that "direct or indirect shareholder pressure supported by strong shareholder rights [could result] in more risk-taking than in banks with weaker shareholder rights where managers could resist that pressure".[1131]

CONCLUSIONS

666. Institutional shareholders have unlimited upside to their investment, but a downside limited to their equity stake. Shareholders also fund only a tiny proportion of a bank's balance sheet, which can incentivise them to encourage banks to increase short-term risks. In the run-up to the financial crisis, shareholders failed to control risk-taking in banks, and indeed were criticising some for excessive conservatism. Some bank leaderships resisted this pressure, but others did not. The Independent Commission on Banking believed that its proposed ring-fence would create incentives for shareholders to be more mindful of excessive risk. However, we agree with the Kay Review that incentives for institutional investors to engage with companies remain weak. The primary responsibility of institutional investors is to earn returns for their clients, with engagement with company managements only likely to be undertaken by firms that regard it as contributing to that responsibility. The nature of the asset management industry and the financial incentives for key decision-makers in that industry incentivise focus on short-term investment performance, rather than engagement to promote the longer term success of companies, even though the latter may be better aligned with the long-term interests of the ultimate beneficial owners of the shares. Even the largest investors own relatively small holdings in large companies such as banks, limiting their influence. The misalignment between the incentives of asset manager and the long-term interests of a company, coupled with the fact that shareholders contribute only a tiny sliver of a bank's balance sheet, mean it would be a mistake to expect greater empowerment and engagement of shareholders to lead to the exercise of profound and positive influence on the governance of banks.

THE ROLE OF BONDHOLDERS

667. In addition to customer deposits most banks raise money from wholesale markets, including from private investors, institutions and other banks. Although not all strictly in the form of bonds, we use the term bondholder to encompass wholesale market providers of bank funding. The leverage of financial institutions results in bondholders and depositors providing the dominant proportion of bank funding; the sums provided by shareholders are correspondingly substantially smaller. The leverage in the banking system prior to the financial crisis was only possible because of the funding available. The 3% minimum Tier 1 leverage requirement included within the Basel III capital proposals establishes a minimum level for the Tier 1 contribution to the funding of a bank balance sheet of just 3%, with up to 97% from other sources, largely bondholders and depositors.

668. The proportions of funding raised from customer deposits and wholesale markets varies significantly between individual banks. At the end of 2012 Lloyds Banking Group had wholesale funding equivalent to 40% of its customer deposits[1132], down from 90% at the end of 2008[1133]. Barclays had wholesale funding equivalent to 71% of its customer funding at the end of 2012[1134], compared with at the end of 2008. Regardless of this leveraged structure, the legal responsibilities of bank managements are currently similar to those of non-financial companies. The Companies Act obliges managements to manage a company in the interests of its members, which is widely interpreted to be its shareholders. Stephen Hester told us that directors have an:

    obligation to act on behalf of the company's interests, prominent among which are the shareholders who own the company. So you can have any membership you like, but the board of directors will have a duty to the shareholders.[1135]

669. As owners, shareholders have significant powers, including over company governance, such as the right to approve and re-elect directors and in certain circumstances, major corporate initiatives may also require shareholder approval. By contrast, while a bank remains solvent, the formal powers of other creditors, such as bondholders, are much more limited. The terms of some bond issuances may have provisions in situations when the security of the bond may be affected. Secured creditors, such as securitised or covered bond holders, may also have claims against particular asset pools and associated rights to protect the security of those pools. However, bondholders have no general formal powers over a bank's strategy or the appointment of management. It is only in the event of insolvency that creditors assume the rights of ownership of the company, with the power to replace management and dispose of assets and to seek to recoup their exposure from any proceeds in accordance with a determined creditor hierarchy.

670. In practice, the scale of the funding provided by bank creditors means they have much more influence over companies than their formal rights would imply. Most bank funding has a fixed maturity, with only minimal sums currently in the form of irredeemable debt. Consequently, banks have to engage in regular raising of new debt funding, both to refinance maturities of existing debt and to fund new business growth. At the end of 2012, 30% of Lloyds Banking Group's wholesale funding had a remaining maturity of under one year[1136], compared with 42% at Barclays.[1137] As a result banks have strategies to maintain as wide and ready a demand for their paper as possible. For larger banks, this generally includes a broad range of funding sources by currency, structure, maturity, geography and investor type. This process generally involves engagement with a broad range of bond investors, analysts and rating agencies. Bank managements therefore need to respect the views of bond markets and the resulting impact on the appetite for their paper of the actions they take. The attention banks have devoted to funding markets has increased substantially over the financial crisis and subsequently, as liquidity has become much less reliable; there have been periods when liquidity almost completely evaporated and volumes in certain areas, such as mortgage securitisation, have shrunk dramatically from the pre crisis period.

671. The characteristics and interests of bondholders and shareholders are very different. Shareholders' potential upside is unlimited and in return for this, they are prepared to assume greater risk and rank behind all creditors in the case of insolvency. Bondholders are normally more risk averse than shareholders. They rank ahead of shareholders in the case of insolvency and are prepared to forgo the unlimited upside potential of shareholders in return for this additional security. Bondholders generally only expect to receive a return of their investment plus interest for the intervening period. As their upside is largely capped, bondholders are likely to be more cautious of potential risks to the downside. Shareholders' upside ultimately derives from business growth. Bondholders' security relies on the bank's stability.

672. The incentives for bondholders to discipline banks depend on the risks they perceive. Given the substantial leverage maintained by banks, insolvency can still result in significant losses to bondholders, despite the protection of shareholder capital. Fear of such losses can incentivise bondholders to limit the risks banks take. However, if bondholders regard the risks as small, particularly due to the perception of the existence of an implicit or explicit taxpayer guarantee, these incentives are correspondingly reduced. This may particularly apply to banks that are regarded as too big to fail.

673. Proposals for structural reform of the banking industry are set out in Chapter 4 of this Report. Many of these reforms are at least partly aimed at reducing or eliminating the perceived taxpayer guarantee. The reforms include the potential power to 'bail in' categories of bondholders. However, as we also state in this section, there is convincing evidence that the guarantee may not be fully eliminated, even once all the proposed reforms take full effect.

674. The financial crisis has underlined, if this were needed, the importance of effective scrutiny and the exercise of discipline by creditors to the maintenance of banking standards. Such discipline has been lacking, in large part as a result of the perceived taxpayer guarantee. The measures to bear down on the guarantee, which the Commission has already noted should be a priority, would be the most effective way of correcting this, as bondholders, broadly defined, would have a greater incentive properly to assess credit risk. Market discipline from creditors subject to the potential of bail-in should encourage banks and their managements better to balance downside and upside risks. The Commission endorses the good practice adopted by an increasing number of banks of publicly disclosing, and making widely available, the contents of their presentations to bondholders. The Commission encourages bondholders, where they are sufficiently concerned, to raise such issues publicly where practical. The PRA should examine the scope for extending bondholder influence of this type.

Bank boards and governance

INTRODUCTION

675. UK corporate governance has improved in recent years. But when in the case of banks it was tested, it was found wanting. Board failures in the banking sector have been widespread and are not restricted to those banks which required taxpayer support or failed during the financial crisis. Crucially, board governance failures have also been prevalent in some banks which emerged relatively unscathed by that crisis. This section examines the role of the board in the context of wider corporate governance failures in the banking sector. We examine why over the last decade so many banks boards appeared unable to operate effectively; the key factors which underpinned this failure; and whether reforms to the way bank boards are governed are sufficient to ensure they prove more effective in the future.

676. There is no quick single fix to improve banks' governance. Equally, a collection of detailed tweaks is unlikely to prevent serious failures such as the banking industry has experienced. We are cautious about making a great many recommendations in this field which may do little more than create yet more lucrative work for corporate governance professionals. We therefore concentrate on assessing proposals for change against four basic principles, which are connected: ensuring personal responsibility of board members; ensuring that there is adequate challenge within boards; preventing boards from constructing internal firewalls that leave them in wilful ignorance and excuse them from proper accountability for the firm; and reflecting the differences between banks and other public companies arising from the fact that shareholder equity represents only a tiny sliver of the balance sheet.

677. Box 12 sets out the role of a company board and the functions of a number of the committees of a board.

Box 12: The role of the board and the combined code on corporate governance

The UK Corporate Governance Code states that "every company should be headed by an effective board, which is collectively responsible for the success of the company".[1138] Boards typically comprise both executive and non-executive directors, including a chief executive and chairman. Furthermore, as regards "division of responsibilities"[1139] on the board, the code states that:


·  There should be a clear division of responsibilities at the heart of the company between the running of the board and the executive responsibility for the running of the company's business. No one individual should have unfettered powers of decision;


·  The Chairman is responsible for leadership of the board and ensuring its effectiveness on all aspects of its role;


·  As part of their role as members of a unitary board, non-executive directors should constructively challenge and help develop proposals on strategy;

·  With regard to ensuring the "effectiveness" of the board, the code states that:


·  The board and its committees should have the appropriate balance of skills, experience, independence and knowledge of the company to enable them to discharge their respective duties and responsibilities effectively; and


·  All directors should be able to allocate sufficient time to the company to discharge their responsibilities effectively.


Bank board committees


Bank boards tend to typically organise and manage their governance through committee structures. The most common committees at banks are the Audit Committee, Risk Committee, Nomination Committee, and Remuneration Committee.


The main roles and responsibilities of the Audit Committee includes monitoring the integrity of the financial statements, reviewing internal controls, monitoring and reviewing the effectiveness of the internal audit function and overseeing the relationship with the external auditor.


The role of the Risk Committee can differ between institutions. In HSBC, the Group Risk Committee is responsible for 'advising the Board on high level risk-related matters and risk governance and for non-executive oversight of risk management and internal controls (other than financial reporting).'[1140] In Barclays, there are three different risk committees responsible for different aspects of risk: the Board Conduct, Reputation and Operational Risk committee; the Board Financial Risk Committee; and the Board Enterprise Wide Risk Committee.[1141]


The Board Remuneration Committee 'sets the overarching principles and parameters of remuneration policy'[1142], monitors and approves the remuneration arrangements of the executive directors and senior executives and 'ensures that the remuneration policy is appropriate and consistent with effective risk management'[1143].


The Nomination Committee leads the process for Board appointments and identifies and nominates candidates, for the approval of the Board. They are responsible for reviewing the composition of the Board and considers the succession plan for the key Board positions like the Chief Executive and the Chairman. In the case of Barclays, Lloyds Banking Group and RBS, the Nomination Committee is chaired by the Chairman of the board.


THE NATURE OF THE FAILURES

678. The record of board governance failures in the preceding years is well-documented and does not need to be rehearsed again in detail.[1144] A few examples will suffice. The Treasury Committee, in its Report The Run on the Rock, concluded with respect to the Northern Rock board:

    Given that the formulation of that strategy was a fundamental role of the Board of Northern Rock, overseen by some directors who had been there since its demutualisation, the failure of that strategy must also be attributed to the Board. The non-executive members of the Board, and in particular the Chairman of the Board, the Chairman of the Risk Committee and the senior non-executive director, failed in the case of Northern Rock to ensure that it remained liquid as well as solvent, to provide against the risks that it was taking and to act as an effective restraining force on the strategy of the executive members.[1145]

Similarly, this Commission highlighted board failures in its report on the collapse of HBOS:

    The corporate governance of HBOS at board level [...] represents a model of self-delusion, of the triumph of process over purpose.[...] The Board, in its own words, had abrogated and remitted to the executive management the formulation of strategy, a matter for which the Board should properly have been responsible.[1146]

Boards failed to maintain high levels of professional standards and did little to prevent mis-selling scandals such as PPI and IRHP.

WHY BANKS ARE DIFFERENT

679. Bank boards face particular challenges and responsibilities compared to other organisations. These primarily reflect the systemic risks associated with banking, and also specific regulatory requirements to mitigate conduct risk. As a result of their 'too important to fail' status, banks benefit from an implicit subsidy which we have discussed in greater detail previously in this Report. This implicit subsidy—based upon the expectation of taxpayer support—has led to significant taxpayer bail-outs of some banks as well as other forms of support to the banking sector as a whole. Professor Julian Franks summarised why banks were different:

    What is different about banks is that they give rise to tremendous systemic risks. Whereas BP can destroy itself but the taxpayer does not bail the company out, it is the preponderance of leverage and the failure that gives rise to systemic risk that make banks different. [1147]

Dr Peter Hahn focused on risk profile as a key differentiator. He told us that "they (banks) are fundamentally different in an extraordinary way" as, in comparison to other industries, they can change their risk profile very quickly. He said:

    Banks, however, are fundamentally risk management businesses; their business is to try to match risk and return on a daily basis. [...] the challenge is that it is very hard for many large businesses to change their risk profile very quickly, and a bank could take on unbelievable amounts of risk in a few moments.[1148]

680. The complexity of banks led some witnesses to express scepticism that it was possible for a bank board to work as effectively as was the case in other sectors. This was the Governor's stance: certain "institutions were simply too big and complex for anyone to genuinely know exactly what was going on".[1149] Professor Julian Franks told the Commission:

    That adds to my view that banks are complex and if you think that you can fix boards to fix these problems, that is a great mistake. You need structural changes. We can improve boards, but do not lay too much emphasis on that as a way of stopping the problem [...].[1150]

    [large] banks are very complex organizations and increasingly I am coming to the view that bank boards do not have the information to pinpoint problems early enough. Problems of fraud, misselling as well as excessive leverage should tell us that with the best of directors some banks are simply too complex for boards to manage with confidence.[1151]

The importance of the challenge function

681. A key theme to emerge in our work on corporate governance was the importance of non-executive directors exercising a 'challenge' function with respect to executives and acting as an effective check and balance on senior management. This 'challenge' function is set out in the Code, which states that "non-executive directors should constructively challenge and help develop proposals on strategy[1152] [...] [as well as] scrutinise the performance of management in meeting agreed goals and objectives. They should satisfy themselves on the integrity of financial information and ensure that financial controls and systems of risk management are robust and defensible".[1153] However, as the Treasury Committee has previously concluded:

    The current financial crisis has exposed serious flaws and shortcomings in the system of non-executive oversight of bank executives and senior management in the banking sector. In particular, the evidence shows that many non-executive directors—in many cases eminent and highly-regarded individuals with no shortage of experience in the business and banking worlds—failed to act as an effective check on, and challenge to, executive managers. Too often non-executive directors in the banking sector have operated as members of a 'cosy club' rather than viewing their role as being that of providing effective checks and balances on executive members of boards. [1154]

Cevian Capital stressed the importance of 'challenge' in ensuring that boards worked effectively. It stated that "lack of challenge in the boardroom [...] leads to poor decision-making, limited accountability and improper alignment of interests". The consequences, it noted, were "particularly grave in the financial sector—where the job of a non-executive director is especially difficult—given that relative to part-time NEDs, executive directors have a huge informational advantage and benefit asymmetrically from risk-taking". [1155]

682. Sir David Walker pointed out the reactive and passive nature of too many boards:

    Boards driven in many cases by a concern about short-term profit and loss and the quarterly earnings announcement, have in my view been too passive and accepting of what was proposed by the executive.[1156]

In his review of corporate governance arrangements at major financial institutions, Sir David stressed the paramount importance of 'challenge' in the boardroom:

    'The essential challenge' [..]. appears to have been missed in many board situations and needs to be unequivocally clearly recognised and embedded for the future. The most critical need is for an environment in which effective challenge of the executive is expected and achieved in the boardroom before decisions are taken on major risk and strategic issues.[1157]

Sir David, expanded on these points in evidence to the Treasury Committee noting that "one way of characterising corporate governance in financial institutions before the crisis [...] is that certainly in this country—but I believe elsewhere and particularly in the USA—they were far too collegial". As a result, "the word I have been very keen to deploy and promote, greatly irritating some, is 'challenge'".[1158]

683. David Paterson, Head of Corporate Governance at the NAPF, told the Treasury Committee that it was "an enormous challenge" to ensure that non-executive directors acted as an effective check and balance on executives. He argued that it "requires a strong chairman to elicit the views of non-executive directors and to encourage them to speak up, either in the board meeting or privately to him, about concerns they have".[1159] Otto Thorensen, Director General of the ABI, concurred, telling the Treasury Committee that "the role of the Chairman is absolutely critical" in ensuring a well-functioning board where effective challenge takes place. However, Mr Thorensen also stressed the importance of the chief executive in accepting such challenge as well as the role of the "executive team in supplying the right kind of information in a way that people can understand".[1160] The problems of boards which become overly-collegiate was made by Martin Taylor who told us that "the culture you want on a board is a bracing culture", but that the default culture of:

    Collegiality [...] comes from our social habits. Man is a social animal. You have dinner with people the night before and one of them says, "Do you want to borrow my house in Tuscany and the rest of it?" It doesn't happen to me, but you know what it mean. Then the next day at the board meeting, do you say to them, "Look, I have three questions for you and I'm not going to stop until you've answered all three of them properly"? People don't do that.

A bank company secretary told us that, in his view, bank directors prefer driving strategy to acting as a policeman, but they did recognise that it was an important responsibility which was increasingly dominating their time.

684. Both the financial crisis and conduct failures have exposed very serious flaws in the system of board oversight of bank executives and senior management. The corporate governance of large banks was characterised by the creation of Potemkin villages to give the appearance of effective control and oversight, without the reality. In particular, many non-executive directors—in many cases experienced, eminent and highly-regarded individuals—failed to act as an effective check on, and challenge to, executive managers. Our work on HBOS provided considerable evidence of this failure.

Proposals for change

685. Many experts have argued that improving the effectiveness of boards is the key to addressing many of the problems in the banking sector. For example, the corporate governance consultancy PIRC has spoken of the importance of addressing board failures which they suggested had been neglected by policymakers in their examination of the financial crisis. It proposed that:

    consideration is given to the role and responsibility of the boards of banks. Too much commentary on the banking crisis has overlooked or underplayed the primary responsibility that the boards of banks have for their own failures. While it is of course right to consider the role of regulators and central banks, the board members of the banks that have run into difficulties must take their full responsibility too. They approved the business strategies and products that have caused such damage after all.[1161]

686. In the aftermath of the financial crisis, the then Government asked Sir David Walker to examine the issue of corporate governance in large complex financial institutions. He made a series of recommendations to improve governance in such firms, including some which related directly to the role and effectiveness of the board. Amongst the more significant were:

·  providing for dedicated support for NEDs on any matter relevant to the business on which they require advice separately from or additional to that available in the normal board process; and

·  that the overall time commitment of NEDs as a group on a FTSE 100-listed bank or life assurance company board should be greater than has been normal in the past. For several NEDs, a minimum expected time commitment of 30 to 36 days in a major bank board should be clearly indicated in letters of appointment and will in some cases limit the capacity of an individual non-executive director to retain or assume board responsibilities elsewhere.

The implementation of the Walker proposals has taken place in parallel with banks' own initiatives for change in this area.

687. However, some have argued that these amendments to the UK Corporate Governance Code have not gone far enough and that further changes are required to improve the effectiveness of bank boards and, in particular, ensure non-executive directors are both more able and more willing to exercise their crucial challenge function. The Commission has considered a number of these ideas, including:

·  changes to the structure of boards;

·  changes to the size of boards;

·  changes to the composition of boards;

·  changes in the way boards are selected; and

·  a new fiduciary duty on members of bank boards.

Changes to the unitary board structure of UK banks

688. The UK has traditionally operated a unitary board structure.[1162] In other countries such as Germany, however, the supervisory two-board structure has been prevalent. This system consists of a supervisory board of non-executive directors and a separate management board of executive directors. We asked whether one particular construct was superior to the other and whether the UK should consider moving towards a supervisory board structure. This issue had previously been examined by Sir David Walker who concluded against change in this area.[1163] The Treasury Committee has also previously looked at this issue, where the overwhelming majority of responses supported retention of the unitary board, while only a small number of responses argued in favour of the merits of a two-tier or a dual board. However, even those who advocated retention of the present system acknowledged that it had flaws. For example, Board Intelligence argued:

    We wonder whether the unitary structure may be an obstacle to the board's fulfilment of its role as 'supervisor'. [...] The challenge of supervising a peer in the unitary board structure is aggravated by the asymmetry of information between executives and non-executives: with knowledge comes power and given the time they spend in the business, the executive holds the balance.[1164]

689. Crucially, the CBI pointed out that no specific board structure was resistant to the financial crisis:

    The CBI does not believe that adopting a different Board structure in financial institutions in the UK would lead to better governance. No single board structure was resistant to the financial crisis, with unitary, two-tier and alternative Board structures all having the potential to fail.

It argued that the unitary board structure had important benefits:

    [it] promotes collective responsibility for decision-making, and non-executive directors can challenge and develop proposals on strategy. We believe that two-tier boards are susceptible to a lack of consistency, communication gaps and slow decision-making.[1165]

Marcel Rohner, the former CEO of UBS AG, noted that the dual board structure of UBS failed:

    I think this idea of governance in two tiers is a good idea in good times. My personal impression was in a crisis of the magnitude we went through, it is dysfunctional. It does mean that the supervisory board has all the responsibility, but they cannot act operationally.[1166]

690. Much of the evidence suggested that issues to do with board structure were secondary and that the focus needed to be on incentivising the right behaviours. For example, Hermes Equity Ownership Services stated:

    We favour a focus on these behavioural aspects rather than the structural issues; using structural methods to address behaviour is less likely to produce a good outcome than focusing on the behaviour itself.[1167]

Its stance mirrors that of the G30 who concluded that "well implemented governance structures and processes are important, but whether and how well they function are the essential questions".[1168]

Board size

691. Another debate after the financial crisis was whether UK bank boards had become too large and therefore too unwieldy. The Walker review noted research which showed that:

    UK-listed banks have much bigger boards and that the median bank board size has increased from 15 in 2002/03 to 16 in 2007/08, whereas the average board size across the whole of the FTSE 100 has decreased from 11 to 10 over the same period.[1169]

For example, in 2008, Barclays Plc had a 17 member board, with 4 executives and 13 NEDs. Similarly, RBS had an 18 member board.[1170]

692. The Walker review examined this issue, but made no specific recommendations on the ideal size of bank boards. It did, however, note the "widely-held view that the overall effectiveness of the board, outside quite a narrow range, tends to vary inversely with its size. That view would probably tend to converge around an 'ideal' size of 10-12 members".[1171] Post-crisis, bank boards have generally decreased in size. For example, both RBS and Barclays currently have boards with 12 members apiece. Martin Taylor told us:

    I have a personal preference for smaller boards, and arguably, in complex financial companies, more knowledgeable and deeply involved boards (I allow that we seem to have moved since c .2000 in the direction of more knowledgeable directors, and so far it seems to have done no good at all). Having half as many directors paid twice as much and spending twice as much time in the business would seem to me likely to produce less bad results.[1172]

Stilpon Nestor, Managing Director of Nestor Advisers, argued there was a high degree of correlation between performance of banks and the size of their boards:

    In a nutshell, Nestor Advisors 2012 research on the 25 largest European banks suggest that boards of the best-performing banks are on average smaller and more 'mature' [...] we find that large boards are more prevalent among the worst-performing banks, while smaller boards are clearly in the majority in our top two tiers.[1173]

Interestingly, however HSBC and Standard Chartered have maintained relatively large boards of 16 and 19 respectively at the end of 2012.[1174]

Improving the skills and competence of boards

693. Increased scrutiny of the composition of bank boards in the aftermath of the financial crisis has resulted in the argument being advanced that the boards of banks, owing to their complexity and systemic importance, require greater industry representation and sector-specific expertise compared with boards operating in other sectors. A different view was that many bank boards and, in particular, non-executive directors, lacked diversity. This, it was argued, had resulted in 'group think' and the development of a 'herd mentality'.

694. The Walker review looked at the case for greater expertise as well as greater diversity and the potential underlying tension between the two. On the one hand, it supported moves towards greater expertise:

    The combination of complexities in setting risk strategy and controlling risk and the potentially massive externalities involved in failure of a major financial entity means that the need for industry experience on BOFI [banks and other financial industry entities] boards is greater than that in non-financial business—such as pharmaceuticals, defence, energy and retailing—where the principal impact of failure will be on shareholders and, possibly, major creditors, rather than society more widely.[1175]

On the other hand, the Walker Review noted that "while a majority of NEDs should be expected to bring materially relevant financial experience [...] there will still be scope and need for diversity in skillsets and different types of skillset and experience".[1176]

695. Much of the evidence stressed the importance of sector-specific expertise. Dr Peter Hahn told us that bank boards dominated by former bankers was to be expected, as complex risk knowledge was required and such expertise was rarely found outside financial institutions.[1177] Some banks also appear to have recognised the need for greater bank experience on boards. For example, Barclays told the Commission that, while it had believed that "the Board needs a diverse range of skills and experience, as well as financial services experience", it has agreed that "50 per cent of NEDs, including the Group Chairman and Chairmen of the principal Board Committees, should have banking/ and or financial services experience."[1178]

696. Otto Thoresen, Director General of the Association of British Insurers, cautioned against allowing the board pendulum to swing too far in favour of expertise and against that of diversity. He told us that an emphasis on industry-specific expertise could mean that "people would be less inclined to step forward for non-executive roles in financial institutions if they felt themselves not to be technically competent enough to carry out their duties". He warned that the result could be "a concentration of non-executives who are drawn from more technical backgrounds, with the consequence that diversity begins to be undermined".[1179] David Paterson, Head of Corporate Governance, National Association of Pension Funds, when asked specifically about gender diversity on boards, said it should be viewed in the context of the wider debate on diversity:

    What we are looking for here is diversity of experience, of skills and so on, on boards and to accept that, as part of that process, more women on boards would be a very important development, frankly. I would like to see more diversity on boards and I think that going down the 'more women on boards' route is a very productive one. That, in itself, will deliver not just gender by diversity, but also by skill base and the rest.[1180]

697. Boards staffed with increased numbers of NEDs with direct banking expertise should not, however, be viewed as a panacea. In its evidence to the Treasury Committee, the Chartered Insurance Institute pointed out that RBS had notable experience on the Board but still failed to conduct the right due diligence in the ABN AMRO acquisition:

    Perhaps the most obvious example of this was RBS's takeover of ABN AMRO which took place without any due diligence of ABN's assets, despite the notable experience of many members of the RBS board.[1181]

698. Martin Taylor appeared sceptical as to the importance of this debate. He cautioned against the view that more expert NEDs would radically transform the governance of such firms:

    On the boards of banks, I have seen bank boards get more professional in the sense that more people on the bank boards have industry experience, and seven or eight years ago, it was felt that that would make them more effective. It hasn't done, or it didn't do. I think it is very difficult to sit on the board of one of these banks as an outsider. You know so little.[1182]

Who should select boards?

699. Cevian Capital, a fund manager, noted that "in the UK, the nomination process for NEDs is typically controlled by company chairmen, and the shareholder approval vote is almost always an empty formality". Consequently, Cevian argued:

    chairmen effectively select their own NEDs. Human nature means most chairmen will avoid selecting 'natural challengers', and most NEDs —having been given their job by the Chairmen— are uncomfortable making waves.[1183]

ShareSoc, an organisation which represents individual shareholders, took a similar view:

    It is clear to us that the existing arrangements for board structure, and particularly the nomination of directors, create major problems. In practice directors solely determine who will be appointed as directors (i.e. they appoint themselves), and also determine their own pay (via Nomination Committees and Remuneration Committees that are not independent but solely consist of the same directors).[1184]

700. Both Cevian Capital and ShareSoc argued that the solution lay in giving shareholders a far more prominent role in selecting the board. Cevian argued that "involving large shareholders directly in the nomination process would directly address the fundamental flaws in the current system", and was "the most tangible and realistic way to comprehensively address poor board performance". It argued that:

    this system operates well in Sweden (as well as in Norway and at most large companies in Finland) and benefits all—shareholders, companies, directors and society at large. While it would be inappropriate to simply take the Swedish system and apply it to the UK, there are important lessons that can be drawn from the Swedish experience.[1185]

701. Both Baroness Hogg and Sir David Walker expressed scepticism about the applicability of the Swedish model to the UK. Sir David Walker spoke of how "the Swedish model of involvement of shareholders in nomination committees is specifically appropriate to Sweden, because there are very few shareholders". Baroness Hogg was unconvinced "that shareholders are going to do a better job than the nominations committee. Shareholders are pretty inclined to like names they know on the boards of other companies".[1186]

FIDUCIARY DUTY

702. Company directors have duties under the Companies Act to promote the success of the company primarily for the benefit of shareholders. A number of witnesses argued that this meant boards placed too much emphasis on achieving this objective to the detriment of other issues. Martin Taylor stated:

    It does rather feel as though bank boards—before the crisis—went along with the idea that their only duty was to shareholders; otherwise they would hardly have countenanced the rapid expansion in balance sheet size, and balance sheet leverage, that in fact took place.[1187]

Lord Turner told us:

    We simply have to get bankers to care more about the downside as well as the upside. They need to strike different risk-return balances from those that are appropriate in some other sectors of the economy.[1188]

In its submission to the Commission, the FSA said:

    society has an interest in ensuring that the executives and directors of banks make different decisions about the balance between risk and return than would be appropriate in other sectors of the economy.[1189]

Davis, Polk Wardwell told us that directors of insured US banks were required to take account of the interests of other parties than just shareholders in discharging their duties.[1190]

CONCLUSIONS ON BOARDS

703. Failures of board governance have taken place in firms with very different models of corporate governance, in banks with two-tier boards as well as those with unitary boards, and in banks whose boards, whether of the US or UK type, differ significantly both in terms of size, composition and the amount of time non-executives devote to their roles. Banks whose board-level governance arrangements could be described on paper as approximating to best practice have run into serious governance problems. There were frequently several common elements to bank governance failures. Some CEOs were overly dominant, which the Board as a whole failed to control. Chairmen proved weak; often they were too close to, and became cheerleaders for, the CEO. NEDs provided insufficient scrutiny of, or challenge to, the executive, and were too often advocates for expansion rather than cautioning of the risks involved. There was insufficient wider banking experience among NEDs and the resources available to them were inadequate. Central functions, including risk and control, had insufficient capability and status to perform their functions and were often regarded as an impediment to the business, rather than essential to its long-term success.

704. We have taken a great deal of evidence advocating a range of measures which witnesses argued would improve the effectiveness of bank boards. Some have suggested a move to a two-tier board structure is necessary. Others have argued in favour of changes to the composition of boards with an emphasis on greater sector-specific expertise or in some instances greater diversity. We have heard arguments in favour of greater prescription in terms of the time devoted by non-executives to their role, the benefits of an enhanced role for shareholders in board appointments or the importance of board effectiveness reviews as a tool to improve board effectiveness.

705. Proponents of corporate governance solutions can be prone to overestimate the benefit that their particular favoured measure will provide. Structural or procedural changes to bank boards would not have prevented the last crisis and will not prevent the next one. Nevertheless, the Commission has a number of proposals which, taken together, we believe will help to bring about a desirable change in the culture and overall approach of boards.

706. The Commission recommends that the Financial Reporting Council publish proposals, within six months of the publication of this Report, designed to address the widespread perception that some 'natural challengers' are sifted out by the nomination process. The nomination process greatly influences the behaviour of non-executive directors and their board careers. Fundamental reform may be needed. The Commission considers that the Financial Reporting Council should examine whether a Nomination Committee should be chaired by the Chairman of a bank or by the Senior Independent Director.

707. There is a danger that the non-executives directors of banks are self-selecting and self-perpetuating. In the interests of transparency, and to ensure that they remain as independent as possible, the Commission recommends that the regulators examine the merits of requiring each non-executive vacancy on the board of a bank above the ring-fence threshold to be publicly advertised.

708. The obligations of directors to shareholders in accordance with the provisions of the Companies Act 2006 create a particular tension between duties to shareholders and financial safety and soundness in the case of banks. For as long as that tension persists, it is important that it be acknowledged and reflected in the UK Corporate Governance Code, in the PRA's Principles of Business and under the Senior Persons Regime. The Commission has several recommendations in the light of this, which should at the very least apply to banks above the ring-fence threshold.

·  The Commission recommends that the UK Corporate Governance Code be amended to require directors of banks to attach the utmost importance to the safety and soundness of the firm and for the duties they owe to customers, taxpayers and others in interpreting their duties as directors;

·  The Commission recommends that the PRA Principles for Businesses be amended to include a requirement that a bank must operate in accordance with the safety and soundness of the firm and that directors' responsibilities to shareholders are to be interpreted in the light of this requirement;

·  The Commission recommends that the responsibilities of Senior Persons who are directors include responsibilities to have proper regard to the safety and soundness of the firm; and

·  The Commission recommends that the Government consult on a proposal to amend section 172 of the Companies Act 2006 to remove shareholder primacy in respect of banks, requiring directors of banks to ensure the financial safety and soundness of the company ahead of the interests of its members.

INDIVIDUAL RESPONSIBILITY

709. As discussed in Chapter 3, a culture exists in banking which diminishes a sense of personal responsibility. What we have referred to as the 'accountability firewall' has developed, which has served to prevent those on boards having a strong sense of personal engagement with and responsibility for failings and misconduct in the firm. Restoring a sense of individual responsibility to members of the board has the potential to improve the effectiveness of board governance and standards within the industry.

710. In Chapter 3 we outlined our proposals for a new Senior Persons Regime, to replace the SIF element of the Approved Persons Regime (APER), addressing the fundamental weaknesses with the past industry and regulatory approach to individual responsibility at the highest level. The Senior Persons Regime is designed to ensure the allocation of specific responsibilities to specific post or office holders that will place beyond doubt what responsibilities are held by whom. We discuss these responsibilities for members of the board in greater detail below, with a particular emphasis on the responsibilities of the Chairman of a bank board, given the particular importance of the role he or she occupies.

Responsibilities of the Chairman

711. The Chairman plays a crucial role. As the UK Corporate Governance Code states, "the Chairman is responsible for leadership of the board and ensuring its effectiveness on all aspects of its role". The Code also states that the Chairman "should also promote a culture of openness and debate by facilitating the effective contribution of non-executive directors in particular and ensuring constructive relations between executive and non-executive directors".[1191] This point has been stressed on numerous occasions. For example, the Financial Reporting Council has stated that "good boards are created by good chairmen. The chairman creates the conditions for overall board and individual director effectiveness".[1192] Similarly the ABI in its report on board effectiveness concluded that:

    The chairman is key to an effective board. There is no 'one size fits all' approach to the role, with different chairmen having different approaches based on what is best for the individual company and board. However there was a significant amount of consensus about the role and responsibilities of the chairman.[1193]

712. The importance of the Chairman's role should be reflected in the post's responsibilities under the proposed Senior Persons Regime. Chairmen should have specific overall responsibility for leadership of the board as well for ensuring, monitoring and assessing its effectiveness. This should include a responsibility for promoting an open exchange of views, challenge and debate and ensuring that other non-executives have the tools, resources and information to carry out their roles effectively, particularly their challenge function. It should be the duty of the Chairman to hold annual meetings with the chairmen of every board sub-committee separate from any attendance at meetings to ensure that he or she has an overview of the subject area within those sub-committees' responsibility. Bank Chairmen should in future have an explicit responsibility for setting standards and providing effective oversight over how they are embedded through the organisation. In addition, it is essential the Chairman has a responsibility to ensure that he or she, together with his or her office, provides a genuine check and balance to the executives.

713. The Walker review concluded that:

    The Chairman of a major bank should be expected to commit a substantial proportion of his or her time, probably around two thirds, to the business of the entity, with clear understanding from the outset that, in the event of need, the bank Chairmanship role would have priority over any other business time commitment. Depending on the balance and nature of their business, the required time commitment should be proportionately less for the Chairman of a less complex or smaller bank, insurance or fund management entity.[1194]

In practice many large banks have moved towards a position where the Chairman is nearly or wholly full-time. For example, HSBC has an executive full time Chairman and the Barclays Chairman is committed to serving at least 4 days a week.[1195]

714. Opponents of the proposal that the Chairman of a large bank should be full-time or nearly full-time have previously argued that there is a risk that this would effectively result in the individual concerned becoming an executive with all the attendant risks of going native and a corresponding loss of independence. Dr Peter Hahn explained that the crucial issue was not whether Chairmen was full time, but rather the role they played:

    Executives and managers, by definition, make the day to day decisions of the bank. That is the distinction. Where an important role, such as chairman of the board committee, requires near full time commitment non-executive status can be maintained. The critical point to maintain non-executive status and function is the maintenance and prioritisation of oversight.[1196]

715. We have received no evidence that a two-thirds time commitment has led chairmen of major banks to 'go native', and believe that the risk of this occurring with a full-time Chairman may have been overstated. In any case, the risks of partial disengagement are likely to be greater. The accountability and personal responsibility of Chairmen will be enhanced if they are engaged on a near full-time basis. In light of the crucial role played by the Chairman of a major financial institution, the Commission recommends that a full-time Chairman should be the norm. The implication of our proposals is that the Chairman of a large bank should usually not hold any other large commercial non-executive, let alone executive, positions.

Responsibilities of the Senior Independent Director

716. The Senior Independent Director (SID) plays a pivotal role on the board. In large part, this flows from the SID's role in acting as a check on the Chairman and ensuring that the Chairman is discharging his leadership responsibilities effectively. The Walker review outlined the role of the Senior Independent Director as follows:

    The role of the Senior Independent Director (SID) should be to provide a sounding board for the Chairman, for the evaluation of the Chairman and to serve as a trusted intermediary for the NEDs, when necessary. The SID should be accessible to shareholders in the event that communication with the Chairman becomes difficult or inappropriate.

717. The Commission recommends that the Senior Independent Director should, under the proposed Senior Persons Regime, have specific responsibility for assessing annually the performance of the Chairman of the board and, as part of this, for ensuring that the relationship between the CEO and the Chairman does not become too close and that the Chairman performs his or her leadership and challenge role. We would expect the regulator to maintain a dialogue with the Senior Independent Director on the performance of the Chairman: the Senior Independent Director should meet the PRA and FCA each year to explain how the Senior Independent Director has satisfied himself or herself that the Chairman has held the CEO to account, encouraged meaningful challenge from other independent directors and maintained independence in leading the board.

Role of non-executive directors

718. Non-executive directors (NEDs) potentially have an important role in providing challenge to the executive of a bank. Many of the failures within banks that have come to light could have been prevented or ameliorated had NEDs acted more effectively.

719. The avenues open to them at present, however, are limited. They can make their point at board level, record dissent in the minutes, press their view to a formal vote, report their concerns to the regulator, or resign. None of these, except for insisting on and then winning a vote, may be effective, however, and all may ultimately degenerate into mere back-covering exercises.

720. Non-executive directors in systemically important financial institutions have a particular duty to take a more active role in challenging the risks that businesses are running and the ways that they are being managed. The FSA's report into the failure of RBS demonstrated that this was often not the case in the past. For non-executive directors to be more effective, they may need to make more use of their current powers under the UK Corporate Governance Code to obtain information and professional advice, both internally and externally. In this context, it is essential that the office of the chairman is well-resourced to enable it to provide independent research and support to the non-executive directors.

Internal controls and disciplines

THE PROBLEM

721. The control framework of a bank, how it manages and assesses all of the risks it is responsible for, and how well it assesses its capacity to manage the future risk environment it may be facing, is crucial to the successful running of the organisation. Many banks told us that they used a control framework model called the "three lines of defence".[1197] The first line is front-line staff, who take responsibility for their own day-to-day risks. The second line is specialist risk management, controls and compliance staff. The third line is internal audit.[1198] These are discussed further below. However, it is clear from the evidence we have received that this model, or at least the way the banks applied this model, was unable to prevent the multiple risk failures that occurred across the banking industry, from the collapses of HBOS and RBS to LIBOR, interest rate swaps mis-selling and PPI.

722. In Chapter 3 we described how banks were too big to fail and too complex to manage, and how bank control frameworks have tended to be characterised by confusion and a blurring of departmental responsibilities. Staff in compliance functions were often faced with seemingly impossible challenges, presenting a stark example of the problem discussed in Chapter 3 of banks being too complex to manage. For example, there are 3,500 compliance employees at HSBC who are expected to provide compliance services across a very complex organisational structure.[1199] Stuart Gulliver described how he had felt the need to change the way the bank was organised due to these complexities:

    So in January 2011, I changed the organisational structure of the firm—this is hugely fundamental—from being run by 88 separate country heads who reported to the group CEO to being run with 4 global business heads: commercial banking, global banking and markets, retail banking and wealth management and private banking; 10 global functions, which include: finance, legal, risk and compliance; plus our technology systems people.[1200]

Regardless of a bank's size, evidence suggests that the compliance function was often faced with a multiplicity of tasks, from approving new product launches, to providing a legal-style advisory role on regulatory issues to providing assurance that the bank's systems and controls are working appropriately. Deutsche Bank told us, for example:

    Deutsche Bank has an independent group-wide Compliance function. The role of the Compliance Department includes: advising on ethical conduct and identifying regulatory solutions; safeguarding integrity and reputation; and promoting, in partnership with the business, a culture of compliance.

    As part of these general responsibilities, the role of Compliance includes the following core functions: Advice and training; Monitoring and surveillance; Risk assessments and reporting; Administering anti-money laundering and anti-corruption programmes; Initiating and carrying out investigations; Setting up and managing appropriate information barriers; [and] Engaging with regulators"[1201]

723. Banks have a set of obligations that are externally imposed, through general law and specifically through regulatory requirements. These must be adhered to by everyone in the bank. In addition to the mandatory legal obligations, banks set their own control standards, relating to their overall business strategy, that they also need to ensure are being adhered to. The responsibility for making sure that there are no breaches of any of the internally or externally imposed requirements lies with all who work in the bank. The evidence suggests that the role of compliance is hopelessly confused. As also noted in Chapter 3, this was most starkly demonstrated in two exchanges with Barclays employees. Mike Walters, then Group Head of Compliance, told us that:

    Mike Walters: it is not the compliance function's responsibility to make Barclays compliant. [...]

    Q679 Mark Garnier: Who was responsible for the compliance at Barclays—to make Barclays compliant?

    Mike Walters: I believe that everybody at Barclays has the responsibility to do that.[1202]

Hector Sants, Head of Compliance and Government and Regulatory Relations, told us that:

    The first line of defence for conduct issues has to be the firms themselves and, in particular, it has to be the compliance function, which in general failed woefully in these firms. [...] A good compliance officer ensures that people in the firms do the right thing; it is not about them complying with the detail of the rules.[1203]

In addition, risk and compliance functions have too often been treated as cursory box-ticking exercises to satisfy internal control or regulatory requirements, with limited practical impact on front-line activity. These problems can be exacerbated by the divide between the 'police' and the 'policed' within banks, where the highest status and rewards are afforded to those who raise most revenue for the bank.

724. We also noted in Chapter 3 the fact that in large, complex banks, it is very difficult for compliance functions to have a detailed understanding of the activities being undertaken outside their individual silo as minutely segmented by brutal crosshatching lines of management responsibility, functions, language and geographical location.

725. The Commission recognises that how a bank structures the framework it uses to control risks has to be shaped by its particular business model. However, the wide-spread failure requires a significant shake-up in internal controls. Our recommendations are based on the principles of ensuring personal responsibility and making internal challenge a norm, not an exception.

FRONT-LINE CONTROLS

726. Rich Ricci explained the control function performed by a front-line trading desk supervisor:

    The supervisors' responsibilities would include ensuring that the desk under his watch, and the people under his watch, are complying with all the relevant rules and regulations—also, with the standards of behaviour that the firm demands and aspires to. And he or she is the first line of defence in making sure that those standards are upheld. If there is a problem on the desk, we also then make sure that there are not issues from a supervisory perspective. If there are supervisory issues, we either discipline the supervisor as well or reinforce the education and learning the supervisor needs.[1204]

Barclays' then Group Head of Compliance acknowledged that this process failed in the case of LIBOR manipulation:

    Mark Garnier: Who was overseeing the LIBOR rate-setters in London and why were they not answering back to these swaps traders in New York? Why were they not saying, "Guys, you can't do this; stop trying to influence the rate setting"?

    Mike Walters: [...] we have desk supervisors in the first line whose job it is to ensure that we operate in a controlled way and that everybody knows the rules of the road and not just complies with our rulebooks and policies, but operates in accordance with our culture and values. So absolutely the first line is there to do that.[1205]

The Chief Internal Audit Officer of Barclays told us that the bank had, in the light of the LIBOR investigation, initiated a "desk-level supervision enhancement programme [...] understanding what their roles and responsibilities are, training etc.".[1206]

727. As well as front-line controls, supervisors are also responsible for the financial performance of the trading desk and tend to be remunerated on this basis while risk management was not valued as a basis for remuneration. The Reward and Performance Director of Barclays explained that while the performance and, therefore, variable remuneration of retail bankers at his firm was determined by a formula incorporating non-financial measures, this was not suitable for investment banking:

    In the investment bank, we do not codify the incentives structure in quite the same way. That is because the nature of the business and the activity being carried out is that much more varied, so codifying it in that quite clear way within the retail bank is fit for purpose and enables you to operate structured incentive programmes over a huge population of colleagues. It would be inappropriate to codify it in quite the same way over a much more complex and differentiated set of activities within the investment bank, but we do have a robust process within the investment bank to ensure that, for each business area and for individuals within those areas, we adopt the same sort of principles, where we are looking at both financial performance and the behaviour and how that financial performance has been achieved.[1207]

RISK MANAGEMENT

728. Reporting arrangements for Chief Risk Officers vary between banks. Santander UK told us that, in its structure, the CRO sat on the Board and the CRO's role "reinforces the executive risk responsibility of the Chief Risk Officer for the management and control of all risks". [1208] Barclays told us that "The Group CRO reports jointly to the CEO and the Chairman of the Board Risk Committee".[1209] In our examination of the collapse of HBOS, we found that the main reporting line of the divisional risk functions was to the divisional management rather than to the group risk function. Paul Moore believed that this created an 'us and them' culture between the group risk functions and the divisional risk functions, which was "dysfunctional".[1210]

729. We note the evidence of Sir David Walker that "Certainly, the chief risk officer has to be able to say no to the chief executive. He has to be able to say no, without fear that he will lose his job or that he will not get an adequate bonus. He has to have a direct line to the chairman of the risk committee or the chairman of the board".[1211] We concur. Each bank board should have a separate risk committee chaired by a non-executive director who possesses the banking industry knowledge and strength of character to challenge the executive effectively. The risk committee should be supported by a strong risk function, led by a chief risk officer, with authority over the separate business units. Boards must protect the independence of the Chief Risk Officer, and personal responsibility for this should lie with the chairman of the risk committee. The Chief Risk Officer should not be able to be dismissed or sanctioned without the agreement of the non-executive directors, and his or her remuneration should reflect this requirement for independence. The Chief Risk Officer should be covered by the Senior Persons Regime, and the responsibilities assigned to the holder of that post should make clear that the holder must maintain a voice that is independent of the executive.

COMPLIANCE

730. In Chapter 3, we noted the dangerous combination of blurring between the first and second lines of defence and a status gap between staff in specialist control functions and those in front-line revenue-raising roles. These problems were widespread and reinforced, rather than challenged, by management expectation. Evidence from several banks pointed to ongoing concerns of this nature in the product approvals process. Citigroup told us that the compliance function plays "an integral part of the new product and new business line approval process".[1212] This appears to place compliance in a first line risk management position, when in most cases banks described the function as sitting in the second line of defence. The then Head of Compliance at Barclays outlined a similar arrangement at his bank:

    Mark Garnier: Can you talk us through the process of how a new product is constructed, at what point you get involved and at what point it then gets rolled out to market?

    Mike Walters: Our key involvement is at the new product approval stage. However, at an earlier stage it is possible that we would get asked for subject matter expert guidance on a rule.

    Mark Garnier: The key question—they are coming to you for expert advice. The product design departments do not have their own experts on compliance.

    Mike Walters: No, that's not right. The reason why I said it was possible is that every banker I've met at Barclays has a pretty good understanding of the rules [...] That said, it is possible from time to time that specific expertise on a specific area of the regulations is sought.

    Mark Garnier: When you have new product approval, you are then brought in in a formal way, and at that point you give the sign-off?

    Mike Walters: Yes.

    Mark Garnier: So you then take responsibility for the compliance side of that.

    Mike Walters: For the compliance aspect, yes.[1213]

Mike Walters also told us that "complying is the responsibility of everybody at Barclays, starting with the front line".[1214] The acting Group Head of Compliance at HSBC explained that his staff had a dual role:

    David Shaw: You could have it in a different way, where the business decides on the product, goes through the whole process and submits it up for approval. You could have that, but it is not a very constructive way of dealing with it.

    Mark Garnier: Why not?

    David Shaw: Because basically it is a lot better if the input, "This does not work," comes in during the formulation.

    Mark Garnier: Why? I can see the argument, but we are trying to gather evidence, so what we are really after is clear explanations of those two processes. Why is one better than the other?

    Marc Moses: One of the mantras in risk and compliance is that we are there to enable and protect. The protect bit is where we say no, and the enable bit is to work in partnership with the business to come to the right answer given our risk appetite, given our values and given our reputation.[1215]

731. The CBI told us that "compliance needs to become more independent to avoid conflicts of interest that may arise through an employee's desire to satisfy senior colleagues rather than raise compliance issues".[1216] Mike Walters, explained that LIBOR manipulation in his bank was the result of cultural failure rather than of control frameworks:

    Mark Garnier: How did those LIBOR setters not [know] what was going wrong? [...] Why did those rate setters not turn round and say, "You can't do this; we have to be independent"? [...] How did you, as head of compliance, allow them to be influenced?

    Mike Walters: I do not accept that compliance allowed them to be influenced. We train out our policies and our rules of the road. People are trained to deal with conflicts of interest and to do the right thing. Clearly, in this case, there was a breakdown of not just our compliance with procedures but, more fundamentally, a culture. The culture of doing the right thing clearly broke down in that case.[1217]

732. Rich Ricci said that in certain circumstances, compliance rather than front-line staff might be blamed if a bad deal was signed off at a trading desk:

    the buck stops with the business and I think they expect to feel the heat on the deal. I want to be clear, but obviously there are circumstances where if the advice they got was wrong or if there was an issue with the second line of defence in the execution of the deal, that may be different.[1218]

733. We also examined the interaction between staff in the front line and those in the second line of defence in performance assessment. Several witnesses told us that employees in the second line now contribute to performance assessment for those in revenue-raising roles. Mike Rees of Standard Chartered noted that there is "input from the control functions, compliance and risk" in front-line performance evaluation.[1219] His colleague, Richard Goulding, elaborated:

    The risk function is very directly involved in all individual compensation awards, so for example I have, for my full six years as chief risk officer, chaired our global markets bonus plan allocation committee. We formally have all risk and control internal order reports submitted to that committee so that we can ensure that accountability is taken of that in people's performance ratings and then the decisions that are taken on awards off the back of that. We have an automated system where the people in the risk and control and compliance functions are invited to comment on the behaviour of individual people in the front office which is then also brought out of that committee and used to inform decisions.[1220]

Eddie Ahmed told us that, at Citigroup, the performance assessment of senior staff would include input from risk and compliance functions. However, at trading desk level, assessment would be "in the chain of command, and ultimately signed off by the business head, in conjunction with assessment by human resources".[1221]

734. Michael Lavelle, CEO of Wholesale Banking at CitiGroup, explained that staff in front-line functions could be involved in assessing those in the second line, as well as the other way round:

    Baroness Kramer: And how would each feed into the other's appraisal? Would your risk person have an impact on what the pay levels might be—

    Michael Lavelle: In the assessment, absolutely.

    Baroness Kramer: What about the other direction?

    Michael Lavelle: If it was specifically requested, of course. We would expect our professionals to be assessed by risk. It is not absolutely necessary that risk professionals be assessed by people in the business. More often than not, they would ask for that to happen, of course. You can provide both formal feedback on individuals and informal feedback, depending on the role.[1222]

735. It is important that banks have clear lines of accountability for the assurance of overall regulatory compliance. A blurring of responsibility between the front line and compliance staff risks absolving the front line from responsibility for risk. Compliance involvement in product development can make it more difficult for compliance staff subsequently to perform their independent control duties. Their involvement needs careful handling. Responsibility for acting in accordance with the letter and spirit of regulation should lie with every individual in a bank. This responsibility should not be outsourced to a compliance function, any more than to the regulator itself, particularly in the light of the fact that, owing to the complexity of banks, the compliance function would face a very difficult task were this responsibility to lie solely with it.

736. The Commission notes with approval measures taken by banks to involve control functions in the performance assessment of senior and front-line staff. There is a strong case for extending this further. To have a strong impact on behaviour, clarity in how such mechanisms operate is desirable. The involvement of the front-line in assessing second-line performance threatens to further undermine the independence of the second line. This effect can be exacerbated by ingrained status differences between staff in different functions.

737. We do not wish to be prescriptive about the role of the Head of Compliance. We see parallels with the role of the Chief Risk Officer, insofar as protecting the independence of the Head of Compliance role is paramount. This should be a particular responsibility of a named individual non-executive director. The Commission recommends, as with the Chief Risk Officer, that dismissal or sanctions against the Head of Compliance should only follow agreement by the non-executive directors. Such an action would, under existing arrangements, also need to be disclosed to the regulator.

INTERNAL AUDIT

738. The Group Head of Internal Audit at HSBC acknowledged that the work of his division had been characterised by a rules-based approach:

    Baroness Kramer: In a sense, you were not looking at judgement; you were only looking as to whether people had taken the procedural step. Is that what you are saying?

    Paul Lawrence: I think that is a fair comment. It is actually very difficult for an audit unit, based on the skill sets it had and where it traditionally was in the organisation, to pass an opinion on judgements or issues of strategy. I think your observation is correct, but we are in a better place now.[1223]

739. Roger Marshall explained how he saw the relationship of internal audit with the other parts of the business:

    "That is the risk I was talking about. In a well run organisation, the first line has to say, 'We are responsible for all our decisions.' The second line, particularly risk management, are there to make sure that the first line are keeping to their limits, basically. The blurring comes when the first line wants to do something which is outside their normal limits and the second line gets involved in agreeing that; then, suddenly, the second line are part of the decision-making process, not outside it. That is why it is particularly important that internal audit looks at those sorts of thing, completely independently".[1224]

This "complete independence" as Roger Marshall described it, reinforces again the need for this function to be protected by the non-executives to ensure their own independent challenge is informed by analysis that is also independent of the executive. Roger Marshall went on to describe a broad remit for internal audit "Internal audit should—and, by and large does, in UK banking—have an unrestricted remit. It should look at governance, it should look at culture, it should look at the way that the risk management departments manage risk, and it should look at compliance and how they are doing things.[1225]

740. Anthony Hilton said that "Internal audit is a way for top management, whatever it is—the risk committee or the audit committee—effectively to circumvent several layers of middle management and find out what is happening on the shop floor".[1226]The Head of Internal Audit at Standard Chartered Bank confirmed that the breadth of scope:

    Baroness Kramer: So how broad would your scope be, Mr Wynter? Would it include product suitability, HR policies for recruitment, business strategy or perception? How wide-ranging is it?

    Julian Wynter: It is everything, really. We have unrestricted access to all of the bank's activities and all of the information."[1227]

The CBI said that internal audit should not be restricted to historic analysis, but elevated to a role in decision-making processes.[1228]

741. Internal audit's independence is as important as that of the Chief Risk Officer and the Head of Group Compliance, and its preservation should similarly be the responsibility of a named individual non-executive director, usually the chairman of the audit committee. Dismissal or sanctions against the head of internal audit should also require the agreement of the non-executive directors.

CONCLUSION ON INTERNAL CONTROLS

742. The "three lines of defence" have not prevented banks' control frameworks failing in the past in part because the lines were blurred and the status of the front-line, remunerated for revenue generation, was dominant over the compliance, risk and audit apparatus. Mere organisational change is very unlikely, on its own, to ensure success in future. Our recommendations provide for these lines to be separate, with distinct authority given to internal control and give particular non-executive directors individual personal responsibility for protecting the independence of those responsible for key internal controls. This needs to be buttressed with rigorous scrutiny by the new regulators of the adequacy of firms' control frameworks.

Standards and culture

INTRODUCTION

743. Our witnesses were united in agreement that a change in banking culture was necessary. Antonio Horta-Osório said that the banking industry was facing a "deep crisis of confidence and trust" and "needed cultural change".[1229] Stephen Hester agreed that "there are cultural changes that we should make across banking",[1230] while Antony Jenkins told us that it was necessary to "change the culture" at Barclays.[1231] The Chartered Banker Institute said that "extensive cultural change" was required in banking.[1232] The CBI submitted that such change was "key to ensuring banking can support business' needs",[1233] while the ABI said it was "the key to further change in banks".[1234]

744. In this section, we argue that standalone programmes of cultural change, however well-intentioned, are unlikely to succeed. Worthy statements of direction or a reshuffling of faces at the top may change the outward image of an organisation. However, if they leave the underlying causes of cultural malaise intact, they are ultimately doomed to failure.

PROSPECTS FOR RAPID CHANGE

745. In our first oral evidence session, Sir David Walker, the then prospective Chairman of Barclays, was bullish about the prospects of achieving quick cultural change in his company:

    Can all that be done, and quickly? My answer is a resounding affirmative. If I may say so, if I didn't have confidence about that, I think I would have been very unwise to take on the role I have in one of the major banks.[1235]

He explained that the crisis in UK banking offered an opportunity for unusually rapid cultural change:

    Cultural changes can tend to happen over a long period of time. However, in the present environment, there is an important question about reparability. Can the present cultural changes be accomplished rapidly? My pretty confident answer is, "Yes, and of course they have to be."[1236]

746. The Salz Review of Barclays was less confident that cultural change could be achieved quickly:

    Transforming the culture will require a new sense of purpose beyond the need to perform financially. It will require establishing shared values, supported by a code of conduct, that create a foundation for improving behaviours while accommodating the particular characteristics of the bank's different businesses. It will require a public commitment, with clear milestones and regular reporting on progress. It will require Barclays to listen to stakeholders, serve its customers and clients well get on with the work to implement its plans and stay out of trouble. The complexity of Barclays' businesses makes this a particular challenge for its leaders. It will take time before it is clear that sustainable change is being achieved.[1237]

Others respondents took a similar viewpoint. António Horta-Osório cautioned that "changing the culture of an organisation of 100,000 people takes time",[1238] while RBS wrote that enduring change would be "the product of a slow, deliberate and sustained march with many small steps".[1239]

747. In his second appearance before the Commission, Sir David Walker reiterated his confidence that the culture of Barclays could be changed quickly.[1240] However, he suggested that progress in the short-term would be restricted to highlighting the need for change and putting appropriate frameworks in place:

    there are two dimensions: there is what we need to do immediately, which is to talk about it and to put in place the programme of work that has been described, then there is embedding something for the long term. We have to have a short-term as well as a long-term agenda.[1241]

748. Profound cultural change in institutions as large and complex as the main UK banks is unlikely to be achieved quickly. Bank leaders will need to commit themselves to working hard at the unglamorous task of implementing such change for many years to come.

BANK CODES OF CONDUCT

749. The primary vehicle the new Chairman and Chief Executive of Barclays have used to try to effect rapid cultural change in Barclays is the "Transform Programme".[1242] A prominent element of this is the adoption of a Statement of Purpose and Values. This was explained in the bank's response to the Salz Review:

    Barclays' Purpose (Helping people achieve their ambitions - in the right way) and Values (Respect, Integrity, Service, Excellence and Stewardship) are standards which will guide our decision-making and against which all employees will be assessed and rewarded. We believe that building a sustainable, values-based culture will form the foundation of our long-term success.[1243]

750. In evidence to the Commission, Antony Jenkins explained that Barclays had not previously had "a set of values and behaviours that are operative across the whole Group" which defined "what the Barclays culture should be".[1244] However, the then Chief Executive, John Varley, attempted to establish five similar Group-wide values in 2005: 'customer focus', 'winning together', 'best people', 'pioneering' and 'trusted'. This was intended to allow the Group to be overseen through one set of values. In 2007 they were embedded in a refreshed Group Statement on Corporate Conduct and Ethics.[1245] Writing in The Financial Times, Philip Augar remarked:

    [...] as Barclays' recent history shows, the problem with values statements is making them stick. For, even as some employees were fiddling the London interbank offered rate and selling customers interest rate swaps and unnecessary payment protection insurance, the bank already had an apparently robust code of conduct.[1246]

The Salz Review observed that the five Guiding Principles had not "percolated into the consciousness of the Group",[1247] partly because of the "significant challenge to instilling shared values in a universal bank like Barclays".[1248]

751. Statements of values and corporate codes are not restricted to Barclays. The word cloud below shows the distribution of words used by a selection of banks in their corporate statements:[1249]


Which? told us that "superficially the major British banks have good cultures. They publish codes that are difficult to fault as statements of intent".[1250] Gavin Shreeve, Principal, ifs School of Finance, told us that "all the banks, all the professional bodies, were awash with codes, but that does not stop bad behaviour".[1251] The risks of placing too much reliance on the stated values of a firm are demonstrated by the case of Enron, whose values were remarkably similar to those of Barclays (Box 13).

Box 13: Enron's Values

Enron's Annual Report in 2000, the year before it filed for bankruptcy following the emergence of systematic accounting fraud, set out its corporate values:


Communication: We have an obligation to communicate. Here, we take the time to talk with one another… and to listen. We believe that information is meant to move and that information moves people.


Respect: We treat others as we would like to be treated ourselves. We do not tolerate abusive or disrespectful treatment.


Integrity: We work with customers and prospects openly, honestly and sincerely. When we say we will do something, we will do it; when we say we cannot or will not do something, then we won't do it.


Excellence: We are satisfied with nothing less than the very best in everything we do. We will continue to raise the bar for everyone. The great fun here will be for all of us to discover just how good we can really be.[1252]


752. Which? wrote that many of the most egregious conduct failings "involved banks where the top management appeared to have set explicit and impeccable cultural standards for employees".[1253] The 2009 Goldman Sachs Code of Business Conduct and Ethics championed "integrity and honesty" as being "at the heart of our business", but contained a caveat that "from time to time, the firm may waive certain provisions of this Code".[1254] Others claimed that cultural codes were not taken seriously. The Chartered Institute for Securities & Investment (CISI) said that "it is one thing to have a code and quite another to monitor and measure the extent to which any person follows it with a professional pride that goes beyond cursory compliance".[1255] Ken Costa told us that "mission statements and all the various statements that are made are very often merely bolt-ons".[1256]

753. Several witnesses told us of the importance of the ways in which corporate values were embedded throughout an organisation. CFA UK wrote that "it appears that some banks have paid lip service to professional standards and culture within their marketing communications, but have not embedded those ideals and behaviours within their firms. Anthony Browne said that codes "do not mean anything if they are just bits of paper that people tick. […] they need to be embedded within organisations".[1257] RBS told the Commission that:

    We believe that the delivery of real cultural change is more likely to be a consequence of having created a good company that serves its customers well than of having implemented a standalone programme of cultural change.[1258]

Sir David Walker told us:

    there needs to be a clear statement of values. Most banks actually have them, but the problem is not with the values but how they are embedded from top to bottom.

The means of embedding change are considered in the following sections.

754. Poor standards in banking are not the consequence of absent or deficient company value statements. Nor are they the result of the inadequate deployment of the latest management jargon to promulgate concepts of shared values. They are, at least in part, a reflection of the flagrant disregard for the numerous sensible codes that already existed. Corporate statements of values can play a useful role in communicating reformist intent and supplementing our more fundamental measures to address problems of standards and culture. But they should not be confused with solutions to those problems.

TONE AT THE TOP, MIDDLE AND BOTTOM

755. The phrase "tone at the top", or "tone from the top" rose to prominence in the aftermath of the Barclays LIBOR settlement in 2012. The regulator, the FSA, had become concerned at the aggressive pattern of behaviour of Barclays towards regulatory issues. This was of sufficient importance that the then head of its Prudential Business Unit, Andrew Bailey, went to the Barclays board in person to express the FSA's concerns about the firm, and the Chairman of the FSA, Lord Turner, subsequently wrote to the Chairman of Barclays, Marcus Agius. Andrew Bailey told the Treasury Committee that he had said to the board that the tone at the top was of concern to the FSA, and also told the Committee that "the culture of this organisation was coming from the top".[1259]

756. The importance of setting the appropriate tone from the top of banks in attempting to improve culture was highlighted by a large number of respondents. The FSA said that the standards, culture and values of banks depended on "the tone set by top management".[1260] Lloyds Banking Group wrote "the tone and example needs to come from the top—having leaders with the highest integrity and values, who think and act for the long-term".[1261] The Institute of Operational Risk, arguing that "codes of conduct alone are not sufficient to change risk cultures", said that senior management needed to set the example by exhibiting "integrity, fitness, propriety and suitability for their roles".[1262] The FSA Financial Services Consumer Panel stressed the role of the personality of leaders in driving cultural change:

    "tone from the top" is extremely important within any organisation. This is because culture inevitably reflects the ethos or philosophy of the leader to a degree. Hence, the character of leadership is particularly important in ensuring good cultural values are permeated throughout financial services firms.[1263]

757. The ABI said that the Commission would be most effective if we focused on "changes of culture that are already underway, and on encouraging those who are trying to lead this".[1264] Ken Costa said that though the need for a cultural shift was starting to be recognised among bank leaders, this was yet to be understood at lower levels:

    I think the penny is beginning to drop; I don't think it has dropped lower down. We are still at the process where, even at senior levels, we are trying to grasp just the magnitude of what has gone on, and how it is that one can reposition the culture of a bank for the next phase of learning the lessons of what went wrong.[1265]

758. In a recent speech, the incoming Governor of the Bank of England, Dr Mark Carney, argued that to change the culture of banks, tone from the top needed to be supplemented by an appropriate sense of purpose throughout firms:

    For companies, this responsibility begins with their boards and senior management. They need to define clearly the purpose of their organisations and promote a culture of ethical business throughout them.

    But a top-down approach is insufficient. Employees need a sense of broader purpose, grounded in strong connections to their clients and their communities. To move to a world that once again values the future, bankers need to see themselves as custodians of their institutions, improving them before passing them along to their successors.[1266]

Simon Thompson made a similar point, suggesting that while the role of senior management in culture was "absolutely key", "tone at the middle and the tone at the bottom" were also important as "you need to have individuals surrounded by a culture of professionalism".[1267]

759. Dr Adam Posen warned against the assumption "that if banks simply sign up enough compliance officers, that constitutes a change of culture, rather than constitutes a tax that they are paying to make sure that they are not legally liable."[1268] Professors Black and Kershaw argued that cultural change had "to be "mainstreamed" throughout the organisation, not siloed off into "compliance" or "risk" divisions".[1269]

760. The CBI told us that, to achieve cultural change, "systems and procedures within firms must drive values throughout the organisation" and "individuals need to understand the behaviours expected of them and be held accountable for their actions".[1270] These sentiments were reflected by Antony Jenkins in his explanation of how he intended to embed cultural change in Barclays:

    we have trained over 1,000 values leaders from all different parts of the organisation and all different levels to go out across Barclays and explain to their colleagues how these things are going to work. We have created a training programme for all our senior leaders so that they will be better equipped to operate the system. The most senior people in the organisation—the top 150—will have a different training programme, which will allow them to enable this. So it is a total system to change the culture at Barclays. It has many elements, but they all come together to set a different standard in the organisation, to be able to identify when people are delivering against that standard and to deploy the appropriate consequences, positive or negative.[1271]

761. Professor Nicholas Dorn stressed the importance of incentives in driving cultural change throughout bank staff hierarchies:

    While attention has been drawn to "the tone at the top", "the tone in the middle" and "the tone at the bottom" are as important. Collectively, mid- and lower-level staff see and know more than chief executives or boards. To reform culture, all levels need to be properly incentivised.[1272]

    The role of these incentives is considered in the next section.

762. The appropriate tone and standard of behaviour at the top of a bank is a necessary condition for sustained improvements in standards and culture. However, it is far from sufficient. Improving standards and culture of major institutions, and sustaining the improvements, is a task for the long term. For lasting change, the tone in the middle and at the bottom are also important. Unless measures are taken to ensure that the intentions of those at the top are reflected in behaviour at all employee levels, fine words from the post-crisis new guard will do little to alter the fundamental nature of the organisations they run. There are some signs that the leaderships of the banks are moving in the right direction. The danger is that admirable intentions, a more considered approach, and some early improvements, driven by those now in charge, are mistaken for lasting change throughout the organisation.

763. We believe that the influence of a professional body for banking could assist the development of the culture within the industry by introducing non-financial incentives, which nonetheless have financial implications, such as peer pressure and the potential to shame and discipline miscreants. Such a body could, by its very existence, be a major force for cultural change and we have already recommended that its establishment should be pursued as a medium to long term goal alongside other measures such as new regulatory provisions.

INDIVIDUAL INCENTIVES FOR IMPROVEMENTS TO STANDARDS AND CULTURE

764. Dr Adam Posen argued that the culture of banks reflected the accumulated consequences of a wide range of economic incentives:

    I tend to believe that a lot of what we call culture does respond—at least in commercial areas—to incentives. Part of the issue is that when capital is impeded at these banks, when these banks have compensation schemes that reward deal-making and international deal-making over high street lending, and when they have short-term objectives and compensation schemes that emphasise short-term trading, those things produce a certain culture. The swaggering, macho, somewhat nasty fraudulent culture that emerges reinforces it.[1273]

765. Martin Taylor told us that codes of conduct were unlikely to succeed in improving standards if financial incentive worked in the opposite direction:

    Simply introducing a code of conduct and making everybody sign it would be the wrong way round. [...] It cannot be done […] by propaganda and PR. It must be deeply grounded and deeply grounded in behaviours. You cannot tell people to operate to professional standards on Monday and then, on Tuesday, give them the kind of sales target that requires them not to operate to such standards.[1274]

    Professor David Kershaw also argued that incentives tended to trump other considerations:

    If the focus is upon cultural change and generating more ethical culture in banks, we think there are some things you can do, but you need to start with the basic incentives, because the basic incentives of senior managers and directors, and therefore of lower-level employees, are at odds with the sorts of cultural objectives you want to achieve, and you are not going to effect cultural change, no matter how strong your sanctions, no matter how well resourced the regulator is; it is just not going to happen.[1275]

Which? concurred that in order to embed genuine change, staff needed to be "given the proper incentives to maintain high levels of professional standards."[1276]

766. Commenting on their internal reform programme, RBS argued that specific programmes aimed at rapid cultural change were unlikely to be successful while wider frameworks remained untouched:

    While we consider these measures to be important, we have no illusions about their ability to effect instant cultural change. We fully anticipate that it will take years to follow through on this programme and that the effects may not be immediately visible. Moreover, we believe that the delivery of real cultural change is more likely to be a consequence of having created a good company that serves its customers well than of having implemented a programme of cultural change.[1277]

767. Media coverage of Antony Jenkins' announcement of the new Barclays Statement of Purpose and Values suggests that it was met with, at best, mixed feelings among the traders in his company.[1278]

768. There is little point in senior executives talking about the importance of the customer and then putting in place incentive and performance management schemes which focus on sales which are not in the interests of the customer. As long as the incentives to break codes of conduct exceed those to comply, codes are likely to be broken. Where that gap is widest, such as on trading floors, codes of conduct have gained least traction. This betrays a wider problem with stand-alone programmes to raise standards and improve culture. Attempts to fix them independently of the causes are well-intentioned and superficially attractive, but are likely to fail.

769. There is still much to do in promoting diversity within banks. There is a need to hold banks' feet to the fire in encouraging the gender diversity of their workforce. The culture on the trading floor is overwhelmingly male. The Government has taken a view on having more women in the boardroom through the review carried out by Lord Davies of Abersoch and his recommendations that FTSE 100 companies increase the number of women directors who serve on their boards. If that is beneficial in the boardroom so it should be on the trading floor. The people who work in an industry have an impact on the culture of that industry. More women on the trading floor would be beneficial for banks. The main UK-based banks should publish the gender breakdown of their trading operations and, where there is a significant imbalance, what they are going to do to address the issue within six months of the publication of this Report and thereafter in their annual reports.

INDICATORS OF CHANGED CULTURE

770. In order for banks to demonstrate to the public that they have changed their standards and culture, they will need to provide clear evidence of such change. Banks are well aware of their past failings. They should acknowledge them. Further opportunity to demonstrate change is offered by ongoing concerns, such as approaches taken to customer redress or involvement in activities inconsistent with a customer service ethos. The clearest demonstration of change will come with the avoidance of further standards failings of the sort that led to the creation of the Commission.

Driving out fear

INTRODUCTION

771. The banking scandals which we have examined occurred even though the institutions concerned had formal internal compliance and control structures which ought to have prevented wrongdoing. But these systems failed to function effectively. For example, in HSBC, despite repeated internal and external warnings, failings in anti-money laundering systems that made the bank "very attractive to transnational criminal organisations, whether they are terrorist or criminal in origin," were allowed to persist.[1279] In Barclays, UBS and RBS, the manipulation of LIBOR submissions for individual profit continued unrestrained for years, without internal compliance preventing it.

772. As well as this failure of formal control systems, the firms concerned were also apparently not tipped off about wrongdoing by their own employees. Had this occurred, the firms might have been able to shut down the wrongdoing much earlier and prevent much of the penalties and reputational damage they incurred. Why did this not happen? Huw Jenkins, former CEO of UBS investment bank, acknowledged that this clearly demonstrated "a failing in our systems and controls and in our culture."[1280]

REASONS THE BANKS WERE NOT TOLD BY THEIR OWN EMPLOYEES

773. A number of different reasons have been given to us. The common factor is that employees feared the consequences of speaking out.

Fear in banking culture

774. An internal investigation into Barclays Wealth America found that it had a "culture of fear" that was "actively hostile to compliance" and "ruled with an iron fist to remove any intervention from those who speak up in opposition". Issues with the "revenue at all costs strategy" were not escalated up the management chain, but "buried, stopping any solution ever coming to light".[1281] A whistleblower writing in The Independent claimed that the Barclays investment bank was run "through a culture of fear. You fear for your job and you fear for your bonus".[1282] The Salz Review reported that similar problems remain:

    There is also evidence from Barclays' internal Employee Opinion Survey of a cultural unwillingness to escalate issues. A significant proportion of employees in the investment bank, for example, said that they were "reluctant to report problems to management", and that they did not feel able to "report unethical behaviour without fear of reprisal". This is not isolated to the investment bank—as our own staff survey showed.[1283]

The same charge has been made of the culture of RBS during Fred Goodwin's tenure as Chief Executive:

    the former chief executive's "aggressive, macho management style" [...] created a culture where staff were locked in constant fear of losing their jobs, and his lieutenants were said to have stopped employees speaking out about problems.[1284]

In addition, the way in which banks suddenly dismiss employees, without colleagues being told, can deter employees from raising concerns:

    […] the callousness with which people are laid off, and the code of silence that immediately surrounds this person, means that if, say, you have noticed wrongdoing or a risk and you want to take that up, you know that there is the regular culling of the herd. You know that there are alliances that you may have struck up with colleagues who have promised to stand with you, but they may be gone the next day, for a completely unrelated reason.[1285]

775. These concerns are not unique to banking. A recent review of the BBC, found "a strong undercurrent of fear". It observed that many freelancers felt that "getting a reputation for speaking out or as a troublemaker is considered by many to be one form of 'career suicide'."[1286] The Francis Report on Mid-Staffordshire NHS Trust found that "It is clear that there is a very real reluctance on the part of staff at all levels of seniority to persist in raising concerns about unsafe or substandard services, colleagues' capability and conduct, and similarly important issues. There is a widespread belief that the protections offered are theoretical rather than real."[1287]

776. These fears may be justified: employees who express concerns about questionable practices in a bank may suffer as a result. In the worst cases, individuals who expressed concern may have been moved on.

Fear from sales pressures

777. We heard evidence from Citizen's Advice and Which? about the pressures staff felt under to sell products:

    Q47 Mr McFadden: Were the kind of front line sales service staff that I am talking about given specific targets per month or per week for the number of PPI products that they had to sell?

    Sue Edwards: When we did our super-complaint, we talked to Amicus—now Unite—about whether they had any evidence of their bank staff being put under pressure to sell PPI. They said they did not have any specific evidence about PPI, but they were dealing with a lot of cases of members who were put under pressure to sell a very high number of products, which they could not achieve and were facing disciplinary action as a result.

    Peter Vicary-Smith: I think we circulated this to the Committee. Certainly if we have not, we can do so. We did research recently among 500 bank staff to see whether things have changed. In that, we found—this is bank staff reporting to us privately about the pressure to sell—that I think 83 per cent said that they felt under the same or greater pressure to sell, and 40 per cent of bank staff were saying that they knew a colleague who had mis-sold in order to meet a sales target. It goes on through, and that is true throughout the industry. That says to me that there are some great changes being made by some institutions—we talked before about Barclays and Co-op having made significant changes to the remuneration structure to remove incentivisation from front-line sales—but the culture needs to change. It is not just the structure of remuneration; it is what you feel pressured to do. That needs to change as well if it is going to impact on consumers.[1288]

    Stuart Davies, regional officer of Unite, told us that:

    The treatment of our members on a day-to-day basis within the banks feeds into the treatment of customers on a day-to-day basis. Our concern sits around a very, very aggressive sales culture that sits in the banks and a very aggressive performance-management culture that exists in the banks, to the extent of e-mail trails that go round and round individual performance on performance targets and whiteboards that contain information on individual performance. That feeds into increased pressure on staff, which feeds into, perhaps, some dysfunctional selling to customers, because they are concerned for their jobs.[1289]

Fear of damage to reputation and career

778. Employees in the financial services industry, because of its particular characteristics, may fear for their employability and reputation if they complain about wrongdoing of all sorts:

    It is certainly the case that if you blow the whistle, it is not only about risk taking or rogue trading and that sort of thing, but sexual harassment. I have spoken to a lot of women who have been through incidents of sexual harassment who did not report it. All of them would say, "My career in finance in general would be over." Even though it is so large—250,000 people—there are all these little niches. Usually your competence stretches to that niche plus a few adjacent niches. If you step out of the family and you report somebody and you blow the whistle, basically you step out of the code of the entire sector. That has stopped these women reporting things that were truly shocking.[1290]

ENCOURAGING ESCALATION AND WHISTLEBLOWING

779. Fear of the consequences, even if misplaced, deters bank employees from raising wrongdoing with their manager or firm. The numbers of successful whistleblowers in banks is understood to be very low. This is not in the interest of banks themselves. The people best placed to flag up emerging failings in culture and standards are a bank's own employees. Despite the widespread knowledge of LIBOR-rigging on the trading floor, no employee apparently felt sufficiently concerned, or sufficiently confident, to 'whistleblow' by escalating the problem internally, or informing the regulator. As we have said, had staff come forward at an early stage, even at one firm, and had their concerns been acted on with appropriate reporting to the regulator, much of the damage caused by the LIBOR-rigging scandal might have been avoided.

780. Dr Andrew Hilton of the CSFI described the positive impact that whistleblowers could have, saying that an effective internal whistleblowing system:

    can actually operate rather like an internal audit function and can be genuinely, extraordinarily useful to the companies, because it enables the top management to circumvent all sorts of problems in the middle management and get down to what is really happening at the rock face.[1291]

781. Rich Ricci of Barclays showed a marked appreciation of the scale of what went wrong. He admitted that the bank's culture may have been an impediment to effective internal whistleblowing:

    You want an environment where people feel safe [...] we were a culture that did not like people who admired problems; we liked people who drove solutions. I think that shift may have been too much. People have to be encouraged to raise problems, and not to be afraid to say, "This is an issue," without having a solution, so that everyone can fix it. That is a learning that we in the investment bank need to reinforce.[1292]

The ICAEW told us that:

    In addition to personal integrity, and the correct tone from the top, there is a need for an organisational structure that encourages and rewards people for acting with integrity, and which seeks to avoid creating conflicts among staff.[1293]

Ali Parsa, Chief Executive, Circle Partnership, said that:

    Our organisations are still stuck in the era of, "What processes can I put in place in order to manage you to do your job?" We need to think about what values to put in place, and what values do I judge you by and trust you to get on and do it? You then create an environment in which you self-regulate and self-police each other to make sure you stick to that set of values.[1294]

Whistleblower Martin Woods commented that "Ultimately it is all about culture [...] a culture which encourages people to speak out and rewards them for doing so."[1295]

782. Whistleblowing in the financial services sector needs to be treated by firms not as inconvenient and potentially damaging, but as a valuable source of information for senior management. We set out below some of the practical steps that we expect banks to take to provide greater encouragement and protection for internal whistleblowers. Procedural and practical solutions will only be effective if they are underpinned by a significant change in bank standards and culture.

BANKS' OWN WHISTLEBLOWING POLICIES

783. Whistleblowing policies and procedures do exist within banks, but they failed. In evidence they were criticised for being insufficiently clear, well-publicised, and robust. Whistleblowing charity Public Concern at Work commented that:

    Many policies are too legalistic, complicated, fail to give options outside line management, do not provide adequate (or any) assurances to the individual, place the duty of fidelity above all else, and contain contradictory and/ or poor reassurances on confidentiality.[1296]

In oral evidence to us, HSBC told us that it rewarded staff who drew attention to wrong behaviour of different kinds, but struggled to demonstrate how its internal guidance documents clearly set out the expectation for staff to escalate matters if they became aware of wrongdoing.[1297] Professor Nicholas Dorn told us that:

    A significant (quite high) level of clawback would be appropriate for those working alongside or near the locus of undesirable behaviour. In the absence of such an incentive, nearby staff might possibly disapprove of the behaviour but shrug it off (on the basis that it is not really their business, since they themselves are not directly involved and hence would not be held to account); or they might observe the behaviour with some amusement or excitement ("so that's how it works!"); or they might even facilitate it in small ways (carrying out tasks on request).[1298]

784. The Commission was shocked by the evidence it heard that so many people turned a blind eye to misbehaviour and failed to report it. Institutions must ensure that their staff have a clear understanding of their duty to report an instance of wrongdoing, or 'whistleblow', within the firm. This should include clear information for staff on what to do. Employee contracts and codes of conduct should include clear references to the duty to whistleblow and the circumstances in which they would be expected to do so.

785. Concerns reported by employees may be less specific than those typically associated with whistleblowing. Employees may feel a sense of unease about a practice or a product without necessarily understanding or anticipating the scale of the problem. Stuart Davis, from Unite Union, told us that bank staff had concerns about PPI long before it emerged as a scandal: "Clearly, there was growing discomfort among our members that perhaps the products they were selling were not all they were cracked up to be".[1299] We noted earlier in this chapter the enormous pressure front-line staff were under to sell products, not just as a result of financial incentive structures, but also as a result of less formal cultural influences. Jayne-Anne Gadhia, now CEO of Virgin Money, told us of her struggle with her previous employer to get them to address problems relating to PPI:

    I used to work at RBS until about seven years ago, and at the time I was working in an area that was selling PPI. I spoke to a senior person at RBS about the need to withdraw PPI at that time from our - from RBS's- marketing, and the reply I got was, "Yes, it is clear that that should be withdrawn but we can't be the first people to do it because we would be the ones who lose profit first.".[1300]

786. In addition to procedures for formal whistleblowing, banks must have in place mechanisms for employees to raise concerns when they feel discomfort about products or practices, even where they are not making a specific allegation of wrongdoing. It is in the long-term interest of banks to have mechanisms in place for ensuring that any accumulation of concerns in a particular area is acted on. Accountability for ensuring such safeguards are in place should rest with the non-executive director responsible for whistleblowing.

Senior responsibility

787. If whistleblowers are to have the confidence to come forward within firms, they need to be reassured that their reports will be dealt with appropriately and that they will be protected from detrimental treatment by their employer. Professor Nicholas Dorn said that:

    It is clear that positive whistleblowing policies must be a key element in establishing the right tone and culture throughout an organisation. Internal audit plays a central role in this, eg as a first point of contact for whistleblowers, as an instrument to deal with information given by whistleblowers to the board, its chair, or its audit committee, or as a whistleblower itself. It is not clear whether the whistleblowing arrangements themselves were inadequate in the run-up to the financial crisis or whether warning voices were drowned out because the prevailing culture, led from the top, did not support questioning the overall risk strategy.[1301]

788. Internal whistleblowing processes must be overseen by an individual with the authority and seniority both to ensure that whistleblowing reports are acted upon and to protect the whistleblower. A non-executive board member—preferably the Chairman—should be given specific responsibility under the Senior Persons Regime for the effective operation of the firm's whistleblowing regime. That Board member must be satisfied that there are robust and effective whistleblowing procedures in place and that complaints are dealt with and escalated appropriately. It should be his or her personal responsibility to see that they are. This reporting framework should provide greater confidence that wider problems, as well as individual complaints, will be appropriately identified and handled.

What firms' whistleblowing regimes should contain

789. We do not propose a one-size-fits-all approach to establishing appropriate whistleblowing procedures. There already exists a wealth of best practice guidance and, as we have already made clear, the success of a whistleblowing regime will owe more to an institution's overall culture than the minutiae of its procedures. Nonetheless, we believe that there are some elements of a successful whistleblowing policy which are sufficiently important that they should be incorporated into every institution's whistleblowing processes, and we outline these below. Beyond this, it is for the Chairman or other responsible board member to ensure that the whistleblowing procedure at the firm is fit for purpose, as outlined above.

Protection

790. In many cases whistleblowers will act anonymously, but where whistleblowers are not anonymous they need particular protection, because a key barrier to effective whistleblowing is the fear that staff will face repercussions from their employer for having drawn attention to wrongdoing. We note that legal protection for whistleblowers does already exist in the form of the Public Interest Disclosure Act 1998 (PIDA). A person making a "protected disclosure" which falls within the terms of PIDA (including an allegation of criminality or failure to comply with a legal obligation) and who is subsequently detrimentally treated by his or her employer can take their case to an employment tribunal and seek damages. But in spite of this legal protection, blowing the whistle remains daunting. Martin Woods commented that "when an individual blows the whistle in a bank, he/she is blowing the whistle against some very powerful and very strong people."[1302] Ian Taplin described the pressure not to whistleblow as "immense" and argued that whistleblowers within the banking sector can face intimidation and obstruction.[1303]

791. As part of a robust whistleblowing procedure, institutions must have effective systems in place to protect whistleblowers against detrimental treatment. The Commission recommends that the Board member responsible for the institution's whistleblowing procedures be held personally accountable for protecting whistleblowers against detrimental treatment. It will be for each firm to decide how to operate this protection in practice, but, by way of example, the Board member might be required to approve significant employment decisions relating to the whistleblower (such as changes to remuneration, change of role, career progression, disciplinary action), and to satisfy him or herself that the decisions made do not constitute detrimental treatment as a result of whistleblowing. Should a whistleblower later allege detrimental treatment to the regulator, it will be for that Board member to satisfy the regulator that the firm acted appropriately.

Record keeping

792. Existing guidance from the regulator encourages whistleblowers to raise their concerns internally in the first instance. We received evidence that many complaints that are framed as whistleblowing reports are in fact more appropriately categorised as individual grievances or disagreement with legitimate management decisions,[1304] and we recognise that this may sometimes be the case. Whistleblowing reports should be subjected to an internal 'filter' by the bank to identify those which should be treated as grievances. Banks should be given an opportunity to conduct and resolve their own investigations of substantive whistleblowing allegations. We note claims that 'whistleblowing' being treated as individual grievances could discourage legitimate concerns from being raised.

793. The Commission does, however, believe that it is important that a contemporaneous and independent record of every whistleblowing complaint exists, regardless of its eventual outcome. The regulator should periodically examine a firm's whistleblowing records, both in order to inform itself about possible matters of concern, and to ensure that firms are treating whistleblowers' concerns appropriately. The regulators should determine the information that banks should report on whistleblowing within their organisation in their annual report.

THE ROLE OF THE REGULATOR

Benefiting from whistleblowers

794. As explained above, one of the challenges facing regulators is that they are not as well placed as those within banks to spot problems. Whistleblowers therefore play an important role in bringing concerns to the attention of regulators. Banks must implement and administer appropriate and robust whistleblowing procedures. Nonetheless, there is also an important role for the regulator to play in overseeing the operation of banks' internal whistleblowing procedures, in providing an alternative route for whistleblowing, and in providing support and encouragement to whistleblowers. The evidence that we received from whistleblowers demonstrated a lack of confidence in the regulator's willingness and ability to support them and to act upon their concerns. Whistleblowers UK said that whistleblowers "have no confidence in the FSA".[1305] Martin Woods, whose actions in disclosing wrongdoing at Wachovia were commended by the US Comptroller of the Currency, said that his experience with the FSA "should have been a better one".[1306]

795. Approved Persons are currently obliged to "deal with the FSA and with other regulators in an open and cooperative way and must disclose appropriately any information of which the FSA would reasonably expect notice." (Principle 4 of the Statement of Principles for Approved Persons). Tracey McDermott described this Principle as providing an "obligation to whistleblow",[1307] but acknowledged that it was questionable whether the FSA had been sufficiently assertive in enforcing it. She suggested that in many cases where wrongdoing was uncovered, the FSA had tended to focus on enforcement action for the wrongdoing itself rather than considering whether a breach of Principle 4 had also occurred.

796. All Senior Persons should have an explicit duty to be open with the regulators, not least in cases where the Senior Person becomes aware of possible wrongdoing, regardless of whether the Senior Person in question has a direct responsibility for interacting with the regulators.

Encouraging whistleblowers

797. Regulators should be responsible for ensuring that firms have put in place an appropriate whistleblowing system. However, Martin Wheatley did not appear to believe that the FCA needed to do anything more to address the problems that whistleblowers may face:

    The truth is, absent the question about incentives, that I am not sure that there is anything that we would need to add to the current structure. There is a high degree of protection for whistleblowers. They will sometimes need counselling if they are facing particular problems in a firm, and we would suggest areas that they can go to. We cannot provide that level of counselling. Our primary responsibility is to protect the identity of a whistleblower and to protect the source of information that comes to us.[1308]

while protecting the anonymity of whistleblowers is important, this attitude gave support to Martin Woods's evidence of his experience:

    At the end of the meeting the FSA gave me the telephone number of Public Concern at Work [...] and the FSA advised me to call them should I encounter any difficulties. This was the FSA's welfare programme for whistleblowers. The whole episode left me with a sense of emptiness and even further isolation.[1309]

He told us that he later submitted a complaint to the FSA that he had been detrimentally treated by his employer for his whistleblowing, but did not receive any feedback from the FSA.[1310]

798. The FSA Handbook states that it "would regard as a serious matter any evidence that a firm had acted to the detriment of a worker because he had made a protected disclosure about matters which are relevant to the functions of the FSA. Such evidence could call into question the fitness and propriety of the firm or relevant members of its staff, and could therefore, if relevant, affect the firm's continuing satisfaction of threshold condition 5 (Suitability) or, for an Approved Person, his status as such."[1311] The FSA told us that it

    [...] would take seriously the suggestion that an FSA-regulated firm breached the requirements of the Public Interest Disclosure Act by penalising a member of staff who had made a protected disclosure. [...] There have been cases where whistleblowers have informed us that they believe their employer acted in a manner that led to the whistleblower suffering detriment as a consequence of making a protected disclosure. [...] To date, we have not undertaken detailed investigatory work or enforcement action against firms we regulate as a consequence of receiving accusations they mistreated a whistleblower.[1312]

The FSA also said that actively monitoring employment tribunal cases brought by bank employees alleging detrimental treatment would not be cost-effective, large number of such cases brought each year.[1313]

799. The FCA's evidence appeared to show little appreciation of the personal dilemma that whistleblowers may face. The FCA should regard it as its responsibility to support whistleblowers. It should also provide feedback to the whistleblower about how the regulator has investigated their concerns and the ultimate conclusion it reached as to whether or not to take enforcement action against the firm and the reasons for its decision. The Commission recommends that the regulator require banks to inform it of any employment tribunal cases brought by employees relying on the Public Interest Disclosure Act where the tribunal finds in the employee's favour. The regulator can then consider whether to take enforcement action against individuals or firms who are found to have acted in a manner inconsistent with regulatory requirements set out in the regulator's handbook. In such investigations the onus should be on the individuals concerned, and the non-executive director responsible within a firm for protecting whistleblowers from detriment, to show that they have acted appropriately.

800. The FSA told us that "if someone provides us with information which indicates that their fitness and propriety is in question then we have taken the view that we cannot, as the regulator, ignore that. So the consequences may be that an individual who comes forward is prohibited from working in the industry".[1314] The FSA acknowledged that this approach "acts as a further disincentive to report misbehaviour" and suggested that it could adopt a more lenient approach to whistleblowers who bring misconduct to its attention (with appropriate safeguards to ensure that other market users or customers were not put at risk). It said that it did operate leniency provisions in connection with insider dealing.[1315] The PRA and the FCA have, however, now stated that a mitigating factor in deciding on any financial penalty can be the conduct of the individual in bringing the breach to the regulators' attention.[1316]

801. One of the more controversial proposals to encourage whistleblowing is the use of financial incentives, as found in the United States. The most recent US scheme, introduced under the Dodd-Frank Act, provides for whistleblowers to be rewarded with a proportion of any fine levied on a company as a result of the information they have provided. Some of the evidence we received pressed strongly for the introduction of a similar scheme here. Erika Kelton, a US lawyer dealing with whistleblowing cases, described the impact of the US whistleblowing incentive schemes:

    Tens of billions of dollars otherwise lost to illegal practices that cheat the public fisc have been recovered as a direct result of whistleblower information. But the impact and importance of whistleblower matters goes far beyond the large dollar amounts recovered for US taxpayers. Whistleblowers have exposed grave wrongdoing, leading to changes that promote integrity and transparency in financial markets. Whistleblowers have helped stop massive mortgage frauds, gross mischarging practices, commodity price manipulation, and sophisticated money laundering schemes, among other misdeeds.[1317]

She argued that "meaningful, non-discretionary financial incentives are critical to establishing robust and successful whistleblower programs."[1318]

802. The FSA had some serious reservations about the use of financial incentives, particularly in relation to the associated "moral hazards". It argued that the prospect of already highly-paid individuals receiving a "reward" for doing what was arguably their duty could lead to public disquiet. Carol Sergeant, Chairman of the whistleblowing charity Public Concern at Work, also had reservations and suggested that financial incentives could encourage whistleblowers to delay reporting wrongdoing in order to maximise their reward.[1319] Whistleblowers UK recognised the potential pitfalls of financial incentives, but argued that an incentive system based on a principle of compensation rather than reward would act as a recognition of the risks that a whistleblower undertook, while avoiding some of the associated moral hazard.[1320]

803. We note the regulator's disquiet about the prospect of financially incentivising whistleblowing. The Commission calls on the regulator to undertake research into the impact of financial incentives in the US in encouraging whistleblowing, exposing wrongdoing and promoting integrity and transparency in financial markets.

804. We have said earlier in this Report that the financial sector must undergo a significant shift in cultural attitudes towards whistleblowing, from it being viewed with distrust and hostility to one being recognised as an essential element of an effective compliance and audit regime. Attention should focus on achieving this shift of attitude.

805. A poorly designed whistleblowing regime could be disruptive for a firm but well designed schemes can be a valuable addition to its internal controls. The regulator should be empowered in cases where as a result of an enforcement action it is satisfied that a whistleblower has not been properly treated by a firm, to require firms to provide a compensatory payment for that treatment without the person concerned having to go to an employment tribunal.


1118   Group of Thirty, Toward Effective Governance of Financial Institutions, 12 April 2012, p 5, www.group30.org Back

1119   John Kay, The Kay Review of UK Equity Markets and Long-term Decision Making: Final Report, 23 July 2012, p 10, www.gov.uk Back

1120   John Kay, The Kay Review of UK Equity Markets and Long-term Decision Making: Final Report, 23 July 2012, p 21, www.gov.uk Back

1121   Sir David Walker, A review of corporate governance in UK banks and other financial industry entities, Final recommendations, November 2009, p 17 Back

1122   John Kay, The Kay Review of UK Equity Markets and Long-term Decision Making: Final Report, 23 July 2012, p 45, www.gov.uk Back

1123   Ibid. P 10 Back

1124   Q 326 Back

1125   Q 3628 Back

1126   Ev 1324 Back

1127   Ev 1222 Back

1128   Ev 1119 Back

1129   Treasury Committee, Ninth Report of Session 2010-11, Competition and choice in retail banking, HC 612, Qq 833-835 Back

1130   Q 344 Back

1131  Ev 832 Back

1132   Lloyds Banking Group, Annual Report and Accounts 2012, p 50, www.lloydsbankinggroup.com Back

1133   Lloyds Banking Group, Annual Report and Accounts 2009, p 84, www.lloydsbankinggroup.com Back

1134   Barclays, Annual Report and Accounts 2012, p 176, www.barclays.com Back

1135   Q 870 Back

1136   Lloyds Banking Group, Annual Report and Accounts 2012, p 50, www.lloydsbankinggroup.com Back

1137   Barclays, Annual Report and Accounts 2012, p 176, www.barclays.com Back

1138   Financial Reporting Council, The UK Corporate Governance Code, September 2012, p 7, www.frc.org.uk Back

1139   Financial Reporting Council, The UK Corporate Governance Code, September 2012, p 9, www.frc.org.uk Back

1140   "Board committees", HSBC, 2013, www.hsbc.com Back

1141   "The Board Committees", Barclays, 2013, www.barclays.com Back

1142   "Remuneration Committee - Terms of Reference", Lloyds Banking Group, 2013, www.lloydsbankinggroup.com Back

1143   Standard Chartered, Annual Report and Accounts 2012, www.reports.standardchartered.com Back

1144   Group of Thirty, Toward Effective Governance of Financial Institutions, 12 April 2012, p 12, www.group30.org; Sir David Walker, A review of corporate governance in UK banks and other financial industry entities, Final recommendations, November 2009, paras 1.8 and 1.10 Back

1145   Treasury Committee, Fifth Report of Session 2007-08, The run on the Rock, HC 56-I, para 31 Back

1146   Fourth Report, paras 91 and 92 Back

1147   CQ 1 Back

1148   CQ 2 Back

1149   Q 4554 Back

1150   CQ 9 Back

1151   C Ev 139 Back

1152   Financial Reporting Council, The UK Corporate Governance Code, September 2012, p 6, www.frc.org.uk Back

1153   Ibid. p 10 Back

1154   Treasury Committee, Ninth Report of Session 2008-09, Banking Crisis: reforming corporate governance and pay in the City, HC 519, para 151 Back

1155   Written evidence from Cevian Capital to the Treasury Committee, May 2012(CGR 31) [not printed], www.parliament.uk/treascom Back

1156   Q 17 Back

1157   Sir David Walker, A review of corporate governance in UK banks and other financial industry entities, Final recommendations, November 2009, p 9

 Back

1158   Uncorrected transcript of oral evidence taken before the Treasury Committee on 22 May 2012, HC (2012-13) 72-i, Q22 Back

1159   Uncorrected transcript of oral evidence taken before the Treasury Committee on 19 June 2012, HC (2012-13) 72-iii, Q 139  Back

1160   Ibid. Q 141 Back

1161   Treasury Committee, Ninth Report of Session 2008-09, Banking Crisis: reforming corporate governance and pay in the City, HC519, Ev 252 Back

1162   The two-tier board model is already an optional alternative in the UK since company law does not exclude it. Back

1163   Sir David Walker, A review of corporate governance in UK banks and other financial industry entities, Final recommendations, November 2009 Back

1164   Ev 836 Back

1165   Written evidence from the Confederation of British Industry to the Treasury Committee (CGR 16), May 2012 [not printed], www.parliament.uk/treascom Back

1166   Q 2137 Back

1167   Written evidence from Hermes Equity Ownership Services to the Treasury Committee (CGR 20), May 2012 [not printed], www.parliament.uk/treascom Back

1168   Group of Thirty, Toward Effective Governance of Financial Institutions, 12 April 2012, p 13, www.group30.org Back

1169   Sir David Walker, A review of corporate governance in UK banks and other financial industry entities, Final recommendations, November 2009, p 41 Back

1170   RBS, Annual Report and Accounts 2008, p 155, www.investors.rbs.com Back

1171   Sir David Walker, A review of corporate governance in UK banks and other financial industry entities, Final recommendations, November 2009, p 41 Back

1172   C Ev 148 Back

1173   C Ev 131 Back

1174   HSBC, Annual Report and Accounts 2012, p 310, www.hsbc.co.uk; Standards Chartered, Annual Report and Accounts 2012, p 137, www.standardchartered.com Back

1175   Sir David Walker, A Review of corporate governance in UK banks and other financial industry entities, 26 November 2009, p 43 Back

1176   Sir David Walker, A Review of corporate governance in UK banks and other financial industry entities, 26 November 2009, p 45 Back

1177   C Ev 137  Back

1178   C Ev 37 Back

1179   Uncorrected transcript of oral evidence taken before the Treasury Committee on 19 June 2012, HC (2012-13) 72-iii, Q 144 Back

1180   Ibid., Q 157 Back

1181   Written evidence from Chartered Insurance Institute to the Treasury Committee, May 2012 (CGR 09) [not printed], www.parliament.uk/treascom Back

1182   Q 408 Back

1183   Written evidence from Cevian Capital to the Treasury Committee, May 2012 (CGR 31) [not printed], www.parliament.uk/treascom Back

1184   Written evidence from ShareSoc to the Treasury Committee, May 2012 (CGR 15) [not printed], www.parliament.uk/treascom Back

1185   Written evidence from Cevian Capital to the Treasury Committee, May 2012 (CGR 31) [not printed], www.parliament.uk/treascom Back

1186   Uncorrected transcript of oral evidence taken before the Treasury Committee on 22 May 2012, HC (2012-13) 72-i, Q33 Back

1187   C Ev 148 Back

1188   Q 1014 Back

1189   Ev 1039 Back

1190   FR Ev 46 Back

1191   Financial Reporting Council, The UK Corporate Governance Code, September 2012, p 9, www.frc.org.uk Back

1192   Financial Reporting Council, Guidance on Board Effectiveness, March 2011, p 2, www.frc.org.uk Back

1193   ABI, Report on Board effectiveness, December 2012, p 5 Back

1194   Sir David Walker, A review of corporate governance in UK banks and other financial industry entities, Final recommendations, November 2009, p 58 Back

1195   C Ev 51 Back

1196   C Ev 137-138 Back

1197   See, for example, DQq 177, 581, 3838 Back

1198   Ev 943 Back

1199   DQ 436 Back

1200   Q 3778 Back

1201   C Ev 88 Back

1202   DQq 678-679 Back

1203   Q 2245 Back

1204   DQ 785 Back

1205   DQ 668 Back

1206   Ibid. Back

1207   DQ 617 Back

1208   C Ev 18 Back

1209   C Ev 41 Back

1210   BQ 7 Back

1211   Q 32 Back

1212   C Ev 64 Back

1213   Qq 654-7 Back

1214   DQ 674 Back

1215   Qq 460-2 Back

1216   Ev 916 Back

1217   DQ 673 Back

1218   DQ 773 Back

1219   DQ 139 Back

1220   Ibid. Back

1221   DQ 298 Back

1222   DQq 323-4 Back

1223   DQ 408 Back

1224   DQ 46 Back

1225   DQ 54 Back

1226   DQ 71 Back

1227   DQ 196 Back

1228   Ev 916 Back

1229   "Lloyds looks beyond PPI and LIBOR", The Financial Times, 26 July 2012, www.ft.com Back

1230   Q 880 Back

1231   Q 3560 Back

1232   Ev 932 Back

1233   Ev 914 Back

1234   Ev 743 Back

1235   Q 17 Back

1236   Ibid. Back

1237   Salz review: An independent Review of Barclays' Business Practices, April 2013, para 2.20 Back

1238   Q 3474 Back

1239   Ev 1324 Back

1240   Q 3666 Back

1241   Qq 3666-7 Back

1242   "Becoming the 'Go-To' bank", Barclays, 2013, www.group.barclays.com Back

1243   Barclays, Barclays' response to the Salz Review, 25 April 2013, p 5, www.group.barclays.com Back

1244   Q 3542 Back

1245   Salz review: An independent Review of Barclays' Business Practices, April 2013, para 8.14 Back

1246   "The cost of making bankers behave", The Financial Times, 28 January 2013, www.ft.com Back

1247   Salz review: An independent Review of Barclays' Business Practices, April 2013, para 8.17 Back

1248   Ibid., para 8.16 Back

1249   Word cloud created with the company values of Barclays, Citigroup, Deutsche Bank, Goldman Sachs, HSBC, JP Morgan, Lloyds Banking Group, Merrill Lynch, RBS, Standard Chartered and UBS as set out on their websites. Back

1250   Ev 1456 Back

1251   Q 2418 Back

1252   Enron, Annual Report 2000, p53 Back

1253   Ev 1456 Back

1254   William D. Cohen, Money and Power: How Goldman Sachs Came to Rule the World, (UK, 2012)  Back

1255   Ev 938 Back

1256   Q 2732 Back

1257   Qq 2488-90 Back

1258   Ev 1321; see also Ev 890, 1367 Back

1259   Treasury Committee, Second Report of Session 2012-13, Fixing LIBOR: some preliminary findings, HC 481-I, pp 59-83 Back

1260   Ev 1042 Back

1261   Ev 1216 Back

1262   Ev 1136 Back

1263   Ev 1037 Back

1264   Ev 743 Back

1265   Q 2729 Back

1266   Bank of Canada, Rebuilding Trust in Global Banking speech, Mark Carney, 25 February 2013, www.bankofcanada.ca Back

1267   Q 2437 Back

1268   Q 2698 Back

1269   Ev 833 Back

1270   Ev 914 Back

1271   Q 3557 Back

1272   Ev 983 Back

1273   Q 2698 Back

1274   Q 416 Back

1275   Q 2686 Back

1276   Ev 1445 Back

1277   Ev 1321 Back

1278   See, for example, "Antony Jenkins to staff: adopt new values or leave Barclays", Daily Telegraph, 17 January 2013, www.telegraph.co.uk and "City Life: Traders mock as Barclays' new boss tries out Jerry Maguire-style gamble", Evening Standard, 18 January 2013, www.standard.co.uk Back

1279   Q 3778 Back

1280   Q 2038 Back

1281   Genesis Ventures report into Barclays Wealth, cited in "Exposed: The regime of fear inside Barclays - and how the boss lied and shredded the evidence", Mail on Sunday, 20 January 2013, www.dailymail.co.uk Back

1282   "Whistleblower: 'The culture ultimately comes from the top", The Independent, 7 July 2012, www.independent.co.uk Back

1283   Salz review: An independent Review of Barclays' Business Practices, April 2013, para 12.41 Back

1284   "RBS collapse down to Fred Goodwin's 'culture of fear", The Scotsman, 22 June 2012, www.scotsman.com, 22 June 2012, reporting on Ron Kerr and Sarah Robinson's analysis, "From Symbolic Violence to Economic Violence: The Globalizing of the Scottish Banking Elite", Organization Studies, vol 33, issue 2 (2012), pp 247-266 Back

1285   DQ 90 Back

1286   BBC, Respect at Work Review, 2 May 2013, pp 19-21, www.bbc.co.uk Back

1287   The Mid Staffordshire NHS Foundation Trust Inquiry, Independent inquiry into care provided by the Mid-Staffordshire NHS Foundation trust January 2005-March 2009, HC 375, p 409 Back

1288   JQ 47 Back

1289   JQ 276 Back

1290   DQ 105 Back

1291   DQ 52 Back

1292   DQ 792 Back

1293   Ev 1131 Back

1294   DQ 8 Back

1295   Ev 1633 Back

1296   Ev 1300 Back

1297   DQq 549-53 Back

1298   Ev 984 Back

1299   JQ 279 Back

1300   FQ 37 Back

1301   Ev 945 Back

1302   Ev 1631 Back

1303   Ev 1345 Back

1304   DQq 147, 363, 561 Back

1305   Ev 1348 Back

1306   Ev 1632 Back

1307   Q 3058 Back

1308   Q 4472 Back

1309   Ev 1632 Back

1310   Ibid. Back

1311   FSA, Senior Management Arrangements, Systems and Controls Sourcebook, June 2013.p 18, www.fsahandbook.info Back

1312  Ev 1059-1060 Back

1313   Ev 1059 Back

1314   Ev 1058 Back

1315   Ibid. Back

1316   Bank of England, Prudential Regulation Authority, The PRA's approach to enforcement: statutory statements of policy and procedure, April 2013, Appendix 2, para 25, www.bankofengland.co.uk; PRA and FSA Handbook, DEPP 6.5B, www.fshandbook.info Back

1317   Ev 1185 Back

1318   Ev 1186 Back

1319   EQ 113 Back

1320   Ev 1354 Back


 
previous page contents next page


© Parliamentary copyright 2013
Prepared 19 June 2013