Changing Banking for Good - Parliamentary Commission on Banking Standards

Changing Banking for Good - Parliamentary Commission on Banking Standards Contents

7 Bank governance, standards and culture

Introduction

658. In this chapter, we examine the governance and culture of banks, considering successively: shareholders, boards and internal control frameworks, and then wider issues relating to the culture within banks, including bank value statements and the role of whistleblowers.

659. The primary duty for maintaining high standards in banks lies with the banks themselves, and in particular their boards. They operate within a corporate governance framework of rules, guidelines and best practice for public corporations that is designed to ensure that they fulfil this duty. Corporate governance has been found badly wanting in financial institutions in the recent past, particularly in banks. This has been at great cost not just to the shareholders, but to taxpayers. There have been a number of common features of the failures of bank boards, regardless of the structures of those boards. A number of steps have been taken since the onset of the financial crisis to improve governance practice in financial institutions.[1118] The Commission has no wish to turn the clock back or prescribe highly detailed templates. The Commission is also realistic about the limited scope there is for achieving transformational change within banks through changes to structures of governance, but considers that there were considerable defects in corporate governance in banks that can and should be addressed. However, there are some changes we suggest below which we judge are likely to secure significant improvements to banks' governance and which are aligned with our proposals in the previous chapter on a new framework founded on the principle of individual responsibility.

Shareholders: the silent owners

THE UK EQUITY MARKET

660. Shareholders have not been effective in disciplining or constraining banks' behaviour. This section examines why shareholders, or rather those that act for shareholders, have contributed to the crisis of banking standards, and the extent to which shareholders can be expected to be part of the solution.

661. In recent decades, the pattern of UK shareholding has become more fragmented. Insurers, pension funds and individuals have outsourced their investments to fund managers, who have come to dominate equity markets, while financial globalisation has led to a rising proportion of UK equities held by overseas investors. Professor John Kay, in his review of UK equity markets, argued that "This fragmentation has reduced the incentives for engagement and the level of control enjoyed by each shareholder".[1119]In many cases, this process has further weakened active engagement by shareholders, with fund managers and overseas investors typically more interested in the short-term performance of companies than in generating sustainable returns by promoting their long-term success. Any influence they wield over the management of the company is manifested through selling their stock rather than through voting and engaging with the boards of their investee companies, a phenomenon described in the Kay review as "exit over voice".[1120] The table below shows how the proportion of UK-quoted shares held by insurance companies and pension funds has declined in recent decades, while overseas holdings have increased.

Historical Trends in Beneficial Ownership (Percentage Held) 1963 1975 1981 1991 2001 2008 2010

Rest of the world 7 5.6 3.6 12.8 35.7 41.5 41.2

Insurance companies 10 15.9 20.5 20.8 20 13.4 8.6

Pension funds 6.4 16.8 26.7 31.3 16.1 12.8 5.1

Individuals 54 37.5 28.2 19.9 14.8 10.2 11.5

Other 22.6 24.2 21 15.2 13.4 22.1 33.6

Source: The Kay Review of UK Equity Markets and Long-term Decision Making, Final Report, p 31

662. Investors that hold shares for a short period are less likely to be concerned by the long-term prospects of the company they own, other than to the extent that it affects short-term movements in the share price. Because they trade more frequently, short-term investors can exercise an influence on share prices that is disproportionate to their holdings. The rise of shareholder short-termism and disengagement from the responsibilities of ownership has been exacerbated by the growth of intermediaries that have distanced the ultimate beneficial owner of shares from investee companies.

663. The Kay review and Sir David Walker's review of corporate governance in UK banks both considered these developments, and proposed measures to reflect better shareholders' responsibilities as company owners. Among other recommendations, the Walker review proposed a new Stewardship Code setting out best practice in stewardship by institutional investors and fund managers.[1121] The Kay review recommended the inclusion of a commitment to responsible engagement within the investment management industry code.[1122] However, Professor Kay and Sir David both acknowledged in evidence to the Commission that the investment environment that they ultimately sought, in which the "anonymous trader" was replaced by the "concerned investor", remained a long way off.[1123] Professor Kay spoke of "philosophical leaps that are needed to take us to the world we would like",[1124] while Sir David told us that "it will not happen overnight, and it may never happen".[1125]

WHO OWNS THE BANKS AND WHY?

664. The situation facing UK equity markets generally also applies to banks specifically. In Annex 5 we consider further evidence on bank ownership. The main points emerging from that evidence are that:

· Few entities hold large single stakes in UK banks and many have holdings in each of the large banks;

· Bank shareholdings are often held for a short time, encouraging short-term risk-taking;

· There are reasons for scepticism as to whether shareholders could spot the risks which a bank's own leadership misses; and

· Active investment can lead to higher returns, but potential active investors are wary of seeking insider knowledge.

Institutional shareholders have not done enough to encourage banks to maintain high levels of banking standards.

SHAREHOLDER PRESSURE AND LEVERAGE

665. Where shareholders did engage with banks in recent years, it was sometimes to pressurise them to take on additional risk and increase leverage to boost equity returns. RBS told us that "in some instances investors pressed for what were arguably unsustainable levels of return, creating pressure to increase leverage and take on additional risk".[1126] Lloyds said that:

1127

In its evidence, HSBC wrote of a "very strong public call for leverage and structuring from many institutional shareholders",[1128] while its Chairman Douglas Flint told the Treasury Committee that:

1129

A number of witnesses noted that this misalignment of interests between shareholders and society was further exacerbated in banks deemed too big to fail because bondholders perceived to be insured against failure did not rein in the more risky instincts of shareholders. As Professor Kay put it:

1130

Professors Black and Kershaw drew attention evidence from the US indicating that "direct or indirect shareholder pressure supported by strong shareholder rights [could result] in more risk-taking than in banks with weaker shareholder rights where managers could resist that pressure".[1131]

CONCLUSIONS

666. Institutional shareholders have unlimited upside to their investment, but a downside limited to their equity stake. Shareholders also fund only a tiny proportion of a bank's balance sheet, which can incentivise them to encourage banks to increase short-term risks. In the run-up to the financial crisis, shareholders failed to control risk-taking in banks, and indeed were criticising some for excessive conservatism. Some bank leaderships resisted this pressure, but others did not. The Independent Commission on Banking believed that its proposed ring-fence would create incentives for shareholders to be more mindful of excessive risk. However, we agree with the Kay Review that incentives for institutional investors to engage with companies remain weak. The primary responsibility of institutional investors is to earn returns for their clients, with engagement with company managements only likely to be undertaken by firms that regard it as contributing to that responsibility. The nature of the asset management industry and the financial incentives for key decision-makers in that industry incentivise focus on short-term investment performance, rather than engagement to promote the longer term success of companies, even though the latter may be better aligned with the long-term interests of the ultimate beneficial owners of the shares. Even the largest investors own relatively small holdings in large companies such as banks, limiting their influence. The misalignment between the incentives of asset manager and the long-term interests of a company, coupled with the fact that shareholders contribute only a tiny sliver of a bank's balance sheet, mean it would be a mistake to expect greater empowerment and engagement of shareholders to lead to the exercise of profound and positive influence on the governance of banks.

THE ROLE OF BONDHOLDERS

667. In addition to customer deposits most banks raise money from wholesale markets, including from private investors, institutions and other banks. Although not all strictly in the form of bonds, we use the term bondholder to encompass wholesale market providers of bank funding. The leverage of financial institutions results in bondholders and depositors providing the dominant proportion of bank funding; the sums provided by shareholders are correspondingly substantially smaller. The leverage in the banking system prior to the financial crisis was only possible because of the funding available. The 3% minimum Tier 1 leverage requirement included within the Basel III capital proposals establishes a minimum level for the Tier 1 contribution to the funding of a bank balance sheet of just 3%, with up to 97% from other sources, largely bondholders and depositors.

668. The proportions of funding raised from customer deposits and wholesale markets varies significantly between individual banks. At the end of 2012 Lloyds Banking Group had wholesale funding equivalent to 40% of its customer deposits[1132], down from 90% at the end of 2008[1133]. Barclays had wholesale funding equivalent to 71% of its customer funding at the end of 2012[1134], compared with at the end of 2008. Regardless of this leveraged structure, the legal responsibilities of bank managements are currently similar to those of non-financial companies. The Companies Act obliges managements to manage a company in the interests of its members, which is widely interpreted to be its shareholders. Stephen Hester told us that directors have an:

1135

669. As owners, shareholders have significant powers, including over company governance, such as the right to approve and re-elect directors and in certain circumstances, major corporate initiatives may also require shareholder approval. By contrast, while a bank remains solvent, the formal powers of other creditors, such as bondholders, are much more limited. The terms of some bond issuances may have provisions in situations when the security of the bond may be affected. Secured creditors, such as securitised or covered bond holders, may also have claims against particular asset pools and associated rights to protect the security of those pools. However, bondholders have no general formal powers over a bank's strategy or the appointment of management. It is only in the event of insolvency that creditors assume the rights of ownership of the company, with the power to replace management and dispose of assets and to seek to recoup their exposure from any proceeds in accordance with a determined creditor hierarchy.

670. In practice, the scale of the funding provided by bank creditors means they have much more influence over companies than their formal rights would imply. Most bank funding has a fixed maturity, with only minimal sums currently in the form of irredeemable debt. Consequently, banks have to engage in regular raising of new debt funding, both to refinance maturities of existing debt and to fund new business growth. At the end of 2012, 30% of Lloyds Banking Group's wholesale funding had a remaining maturity of under one year[1136], compared with 42% at Barclays.[1137] As a result banks have strategies to maintain as wide and ready a demand for their paper as possible. For larger banks, this generally includes a broad range of funding sources by currency, structure, maturity, geography and investor type. This process generally involves engagement with a broad range of bond investors, analysts and rating agencies. Bank managements therefore need to respect the views of bond markets and the resulting impact on the appetite for their paper of the actions they take. The attention banks have devoted to funding markets has increased substantially over the financial crisis and subsequently, as liquidity has become much less reliable; there have been periods when liquidity almost completely evaporated and volumes in certain areas, such as mortgage securitisation, have shrunk dramatically from the pre crisis period.

671. The characteristics and interests of bondholders and shareholders are very different. Shareholders' potential upside is unlimited and in return for this, they are prepared to assume greater risk and rank behind all creditors in the case of insolvency. Bondholders are normally more risk averse than shareholders. They rank ahead of shareholders in the case of insolvency and are prepared to forgo the unlimited upside potential of shareholders in return for this additional security. Bondholders generally only expect to receive a return of their investment plus interest for the intervening period. As their upside is largely capped, bondholders are likely to be more cautious of potential risks to the downside. Shareholders' upside ultimately derives from business growth. Bondholders' security relies on the bank's stability.

672. The incentives for bondholders to discipline banks depend on the risks they perceive. Given the substantial leverage maintained by banks, insolvency can still result in significant losses to bondholders, despite the protection of shareholder capital. Fear of such losses can incentivise bondholders to limit the risks banks take. However, if bondholders regard the risks as small, particularly due to the perception of the existence of an implicit or explicit taxpayer guarantee, these incentives are correspondingly reduced. This may particularly apply to banks that are regarded as too big to fail.

673. Proposals for structural reform of the banking industry are set out in Chapter 4 of this Report. Many of these reforms are at least partly aimed at reducing or eliminating the perceived taxpayer guarantee. The reforms include the potential power to 'bail in' categories of bondholders. However, as we also state in this section, there is convincing evidence that the guarantee may not be fully eliminated, even once all the proposed reforms take full effect.

674. The financial crisis has underlined, if this were needed, the importance of effective scrutiny and the exercise of discipline by creditors to the maintenance of banking standards. Such discipline has been lacking, in large part as a result of the perceived taxpayer guarantee. The measures to bear down on the guarantee, which the Commission has already noted should be a priority, would be the most effective way of correcting this, as bondholders, broadly defined, would have a greater incentive properly to assess credit risk. Market discipline from creditors subject to the potential of bail-in should encourage banks and their managements better to balance downside and upside risks. The Commission endorses the good practice adopted by an increasing number of banks of publicly disclosing, and making widely available, the contents of their presentations to bondholders. The Commission encourages bondholders, where they are sufficiently concerned, to raise such issues publicly where practical. The PRA should examine the scope for extending bondholder influence of this type.

Bank boards and governance

INTRODUCTION

675. UK corporate governance has improved in recent years. But when in the case of banks it was tested, it was found wanting. Board failures in the banking sector have been widespread and are not restricted to those banks which required taxpayer support or failed during the financial crisis. Crucially, board governance failures have also been prevalent in some banks which emerged relatively unscathed by that crisis. This section examines the role of the board in the context of wider corporate governance failures in the banking sector. We examine why over the last decade so many banks boards appeared unable to operate effectively; the key factors which underpinned this failure; and whether reforms to the way bank boards are governed are sufficient to ensure they prove more effective in the future.

676. There is no quick single fix to improve banks' governance. Equally, a collection of detailed tweaks is unlikely to prevent serious failures such as the banking industry has experienced. We are cautious about making a great many recommendations in this field which may do little more than create yet more lucrative work for corporate governance professionals. We therefore concentrate on assessing proposals for change against four basic principles, which are connected: ensuring personal responsibility of board members; ensuring that there is adequate challenge within boards; preventing boards from constructing internal firewalls that leave them in wilful ignorance and excuse them from proper accountability for the firm; and reflecting the differences between banks and other public companies arising from the fact that shareholder equity represents only a tiny sliver of the balance sheet.

677. Box 12 sets out the role of a company board and the functions of a number of the committees of a board.

Box 12: The role of the board and the combined code on corporate governance

The UK Corporate Governance Code states that "every company should be headed by an effective board, which is collectively responsible for the success of the company".[1138] Boards typically comprise both executive and non-executive directors, including a chief executive and chairman. Furthermore, as regards "division of responsibilities"[1139] on the board, the code states that:

· There should be a clear division of responsibilities at the heart of the company between the running of the board and the executive responsibility for the running of the company's business. No one individual should have unfettered powers of decision;

· The Chairman is responsible for leadership of the board and ensuring its effectiveness on all aspects of its role;

· As part of their role as members of a unitary board, non-executive directors should constructively challenge and help develop proposals on strategy;

· With regard to ensuring the "effectiveness" of the board, the code states that:

· The board and its committees should have the appropriate balance of skills, experience, independence and knowledge of the company to enable them to discharge their respective duties and responsibilities effectively; and

· All directors should be able to allocate sufficient time to the company to discharge their responsibilities effectively.

Bank board committees

Bank boards tend to typically organise and manage their governance through committee structures. The most common committees at banks are the Audit Committee, Risk Committee, Nomination Committee, and Remuneration Committee.

The main roles and responsibilities of the Audit Committee includes monitoring the integrity of the financial statements, reviewing internal controls, monitoring and reviewing the effectiveness of the internal audit function and overseeing the relationship with the external auditor.

The role of the Risk Committee can differ between institutions. In HSBC, the Group Risk Committee is responsible for 'advising the Board on high level risk-related matters and risk governance and for non-executive oversight of risk management and internal controls (other than financial reporting).'[1140] In Barclays, there are three different risk committees responsible for different aspects of risk: the Board Conduct, Reputation and Operational Risk committee; the Board Financial Risk Committee; and the Board Enterprise Wide Risk Committee.[1141]

The Board Remuneration Committee 'sets the overarching principles and parameters of remuneration policy'[1142], monitors and approves the remuneration arrangements of the executive directors and senior executives and 'ensures that the remuneration policy is appropriate and consistent with effective risk management'[1143].

The Nomination Committee leads the process for Board appointments and identifies and nominates candidates, for the approval of the Board. They are responsible for reviewing the composition of the Board and considers the succession plan for the key Board positions like the Chief Executive and the Chairman. In the case of Barclays, Lloyds Banking Group and RBS, the Nomination Committee is chaired by the Chairman of the board.

THE NATURE OF THE FAILURES

678. The record of board governance failures in the preceding years is well-documented and does not need to be rehearsed again in detail.[1144] A few examples will suffice. The Treasury Committee, in its Report The Run on the Rock, concluded with respect to the Northern Rock board:

1145

Similarly, this Commission highlighted board failures in its report on the collapse of HBOS:

1146

Boards failed to maintain high levels of professional standards and did little to prevent mis-selling scandals such as PPI and IRHP.

WHY BANKS ARE DIFFERENT

679. Bank boards face particular challenges and responsibilities compared to other organisations. These primarily reflect the systemic risks associated with banking, and also specific regulatory requirements to mitigate conduct risk. As a result of their 'too important to fail' status, banks benefit from an implicit subsidy which we have discussed in greater detail previously in this Report. This implicit subsidy—based upon the expectation of taxpayer support—has led to significant taxpayer bail-outs of some banks as well as other forms of support to the banking sector as a whole. Professor Julian Franks summarised why banks were different:

1147

Dr Peter Hahn focused on risk profile as a key differentiator. He told us that "they (banks) are fundamentally different in an extraordinary way" as, in comparison to other industries, they can change their risk profile very quickly. He said:

1148

680. The complexity of banks led some witnesses to express scepticism that it was possible for a bank board to work as effectively as was the case in other sectors. This was the Governor's stance: certain "institutions were simply too big and complex for anyone to genuinely know exactly what was going on".[1149] Professor Julian Franks told the Commission:

1150

1151

The importance of the challenge function

681. A key theme to emerge in our work on corporate governance was the importance of non-executive directors exercising a 'challenge' function with respect to executives and acting as an effective check and balance on senior management. This 'challenge' function is set out in the Code, which states that "non-executive directors should constructively challenge and help develop proposals on strategy[1152] [...] [as well as] scrutinise the performance of management in meeting agreed goals and objectives. They should satisfy themselves on the integrity of financial information and ensure that financial controls and systems of risk management are robust and defensible".[1153] However, as the Treasury Committee has previously concluded:

1154

Cevian Capital stressed the importance of 'challenge' in ensuring that boards worked effectively. It stated that "lack of challenge in the boardroom [...] leads to poor decision-making, limited accountability and improper alignment of interests". The consequences, it noted, were "particularly grave in the financial sector—where the job of a non-executive director is especially difficult—given that relative to part-time NEDs, executive directors have a huge informational advantage and benefit asymmetrically from risk-taking". [1155]

682. Sir David Walker pointed out the reactive and passive nature of too many boards:

1156

In his review of corporate governance arrangements at major financial institutions, Sir David stressed the paramount importance of 'challenge' in the boardroom:

1157

Sir David, expanded on these points in evidence to the Treasury Committee noting that "one way of characterising corporate governance in financial institutions before the crisis [...] is that certainly in this country—but I believe elsewhere and particularly in the USA—they were far too collegial". As a result, "the word I have been very keen to deploy and promote, greatly irritating some, is 'challenge'".[1158]

683. David Paterson, Head of Corporate Governance at the NAPF, told the Treasury Committee that it was "an enormous challenge" to ensure that non-executive directors acted as an effective check and balance on executives. He argued that it "requires a strong chairman to elicit the views of non-executive directors and to encourage them to speak up, either in the board meeting or privately to him, about concerns they have".[1159] Otto Thorensen, Director General of the ABI, concurred, telling the Treasury Committee that "the role of the Chairman is absolutely critical" in ensuring a well-functioning board where effective challenge takes place. However, Mr Thorensen also stressed the importance of the chief executive in accepting such challenge as well as the role of the "executive team in supplying the right kind of information in a way that people can understand".[1160] The problems of boards which become overly-collegiate was made by Martin Taylor who told us that "the culture you want on a board is a bracing culture", but that the default culture of:

Collegiality [...] comes from our social habits. Man is a social animal. You have dinner with people the night before and one of them says, "Do you want to borrow my house in Tuscany and the rest of it?" It doesn't happen to me, but you know what it mean. Then the next day at the board meeting, do you say to them, "Look, I have three questions for you and I'm not going to stop until you've answered all three of them properly"? People don't do that.

A bank company secretary told us that, in his view, bank directors prefer driving strategy to acting as a policeman, but they did recognise that it was an important responsibility which was increasingly dominating their time.

684. Both the financial crisis and conduct failures have exposed very serious flaws in the system of board oversight of bank executives and senior management. The corporate governance of large banks was characterised by the creation of Potemkin villages to give the appearance of effective control and oversight, without the reality. In particular, many non-executive directors—in many cases experienced, eminent and highly-regarded individuals—failed to act as an effective check on, and challenge to, executive managers. Our work on HBOS provided considerable evidence of this failure.

Proposals for change

685. Many experts have argued that improving the effectiveness of boards is the key to addressing many of the problems in the banking sector. For example, the corporate governance consultancy PIRC has spoken of the importance of addressing board failures which they suggested had been neglected by policymakers in their examination of the financial crisis. It proposed that:

1161

686. In the aftermath of the financial crisis, the then Government asked Sir David Walker to examine the issue of corporate governance in large complex financial institutions. He made a series of recommendations to improve governance in such firms, including some which related directly to the role and effectiveness of the board. Amongst the more significant were:

· providing for dedicated support for NEDs on any matter relevant to the business on which they require advice separately from or additional to that available in the normal board process; and

· that the overall time commitment of NEDs as a group on a FTSE 100-listed bank or life assurance company board should be greater than has been normal in the past. For several NEDs, a minimum expected time commitment of 30 to 36 days in a major bank board should be clearly indicated in letters of appointment and will in some cases limit the capacity of an individual non-executive director to retain or assume board responsibilities elsewhere.

The implementation of the Walker proposals has taken place in parallel with banks' own initiatives for change in this area.

687. However, some have argued that these amendments to the UK Corporate Governance Code have not gone far enough and that further changes are required to improve the effectiveness of bank boards and, in particular, ensure non-executive directors are both more able and more willing to exercise their crucial challenge function. The Commission has considered a number of these ideas, including:

· changes to the structure of boards;

· changes to the size of boards;

· changes to the composition of boards;

· changes in the way boards are selected; and

· a new fiduciary duty on members of bank boards.

Changes to the unitary board structure of UK banks

688. The UK has traditionally operated a unitary board structure.[1162] In other countries such as Germany, however, the supervisory two-board structure has been prevalent. This system consists of a supervisory board of non-executive directors and a separate management board of executive directors. We asked whether one particular construct was superior to the other and whether the UK should consider moving towards a supervisory board structure. This issue had previously been examined by Sir David Walker who concluded against change in this area.[1163] The Treasury Committee has also previously looked at this issue, where the overwhelming majority of responses supported retention of the unitary board, while only a small number of responses argued in favour of the merits of a two-tier or a dual board. However, even those who advocated retention of the present system acknowledged that it had flaws. For example, Board Intelligence argued:

1164

689. Crucially, the CBI pointed out that no specific board structure was resistant to the financial crisis:

The CBI does not believe that adopting a different Board structure in financial institutions in the UK would lead to better governance. No single board structure was resistant to the financial crisis, with unitary, two-tier and alternative Board structures all having the potential to fail.

It argued that the unitary board structure had important benefits:

1165

Marcel Rohner, the former CEO of UBS AG, noted that the dual board structure of UBS failed:

1166

690. Much of the evidence suggested that issues to do with board structure were secondary and that the focus needed to be on incentivising the right behaviours. For example, Hermes Equity Ownership Services stated:

1167

Its stance mirrors that of the G30 who concluded that "well implemented governance structures and processes are important, but whether and how well they function are the essential questions".[1168]

Board size

691. Another debate after the financial crisis was whether UK bank boards had become too large and therefore too unwieldy. The Walker review noted research which showed that:

1169

For example, in 2008, Barclays Plc had a 17 member board, with 4 executives and 13 NEDs. Similarly, RBS had an 18 member board.[1170]

692. The Walker review examined this issue, but made no specific recommendations on the ideal size of bank boards. It did, however, note the "widely-held view that the overall effectiveness of the board, outside quite a narrow range, tends to vary inversely with its size. That view would probably tend to converge around an 'ideal' size of 10-12 members".[1171] Post-crisis, bank boards have generally decreased in size. For example, both RBS and Barclays currently have boards with 12 members apiece. Martin Taylor told us:

1172

Stilpon Nestor, Managing Director of Nestor Advisers, argued there was a high degree of correlation between performance of banks and the size of their boards:

1173

Interestingly, however HSBC and Standard Chartered have maintained relatively large boards of 16 and 19 respectively at the end of 2012.[1174]

Improving the skills and competence of boards

693. Increased scrutiny of the composition of bank boards in the aftermath of the financial crisis has resulted in the argument being advanced that the boards of banks, owing to their complexity and systemic importance, require greater industry representation and sector-specific expertise compared with boards operating in other sectors. A different view was that many bank boards and, in particular, non-executive directors, lacked diversity. This, it was argued, had resulted in 'group think' and the development of a 'herd mentality'.

694. The Walker review looked at the case for greater expertise as well as greater diversity and the potential underlying tension between the two. On the one hand, it supported moves towards greater expertise:

1175

On the other hand, the Walker Review noted that "while a majority of NEDs should be expected to bring materially relevant financial experience [...] there will still be scope and need for diversity in skillsets and different types of skillset and experience".[1176]

695. Much of the evidence stressed the importance of sector-specific expertise. Dr Peter Hahn told us that bank boards dominated by former bankers was to be expected, as complex risk knowledge was required and such expertise was rarely found outside financial institutions.[1177] Some banks also appear to have recognised the need for greater bank experience on boards. For example, Barclays told the Commission that, while it had believed that "the Board needs a diverse range of skills and experience, as well as financial services experience", it has agreed that "50 per cent of NEDs, including the Group Chairman and Chairmen of the principal Board Committees, should have banking/ and or financial services experience."[1178]

696. Otto Thoresen, Director General of the Association of British Insurers, cautioned against allowing the board pendulum to swing too far in favour of expertise and against that of diversity. He told us that an emphasis on industry-specific expertise could mean that "people would be less inclined to step forward for non-executive roles in financial institutions if they felt themselves not to be technically competent enough to carry out their duties". He warned that the result could be "a concentration of non-executives who are drawn from more technical backgrounds, with the consequence that diversity begins to be undermined".[1179] David Paterson, Head of Corporate Governance, National Association of Pension Funds, when asked specifically about gender diversity on boards, said it should be viewed in the context of the wider debate on diversity:

1180

697. Boards staffed with increased numbers of NEDs with direct banking expertise should not, however, be viewed as a panacea. In its evidence to the Treasury Committee, the Chartered Insurance Institute pointed out that RBS had notable experience on the Board but still failed to conduct the right due diligence in the ABN AMRO acquisition:

1181

698. Martin Taylor appeared sceptical as to the importance of this debate. He cautioned against the view that more expert NEDs would radically transform the governance of such firms:

1182

Who should select boards?

699. Cevian Capital, a fund manager, noted that "in the UK, the nomination process for NEDs is typically controlled by company chairmen, and the shareholder approval vote is almost always an empty formality". Consequently, Cevian argued:

1183

ShareSoc, an organisation which represents individual shareholders, took a similar view:

1184

700. Both Cevian Capital and ShareSoc argued that the solution lay in giving shareholders a far more prominent role in selecting the board. Cevian argued that "involving large shareholders directly in the nomination process would directly address the fundamental flaws in the current system", and was "the most tangible and realistic way to comprehensively address poor board performance". It argued that:

1185

701. Both Baroness Hogg and Sir David Walker expressed scepticism about the applicability of the Swedish model to the UK. Sir David Walker spoke of how "the Swedish model of involvement of shareholders in nomination committees is specifically appropriate to Sweden, because there are very few shareholders". Baroness Hogg was unconvinced "that shareholders are going to do a better job than the nominations committee. Shareholders are pretty inclined to like names they know on the boards of other companies".[1186]

FIDUCIARY DUTY

702. Company directors have duties under the Companies Act to promote the success of the company primarily for the benefit of shareholders. A number of witnesses argued that this meant boards placed too much emphasis on achieving this objective to the detriment of other issues. Martin Taylor stated:

1187

Lord Turner told us:

1188

In its submission to the Commission, the FSA said:

1189

Davis, Polk Wardwell told us that directors of insured US banks were required to take account of the interests of other parties than just shareholders in discharging their duties.[1190]

CONCLUSIONS ON BOARDS

703. Failures of board governance have taken place in firms with very different models of corporate governance, in banks with two-tier boards as well as those with unitary boards, and in banks whose boards, whether of the US or UK type, differ significantly both in terms of size, composition and the amount of time non-executives devote to their roles. Banks whose board-level governance arrangements could be described on paper as approximating to best practice have run into serious governance problems. There were frequently several common elements to bank governance failures. Some CEOs were overly dominant, which the Board as a whole failed to control. Chairmen proved weak; often they were too close to, and became cheerleaders for, the CEO. NEDs provided insufficient scrutiny of, or challenge to, the executive, and were too often advocates for expansion rather than cautioning of the risks involved. There was insufficient wider banking experience among NEDs and the resources available to them were inadequate. Central functions, including risk and control, had insufficient capability and status to perform their functions and were often regarded as an impediment to the business, rather than essential to its long-term success.

704. We have taken a great deal of evidence advocating a range of measures which witnesses argued would improve the effectiveness of bank boards. Some have suggested a move to a two-tier board structure is necessary. Others have argued in favour of changes to the composition of boards with an emphasis on greater sector-specific expertise or in some instances greater diversity. We have heard arguments in favour of greater prescription in terms of the time devoted by non-executives to their role, the benefits of an enhanced role for shareholders in board appointments or the importance of board effectiveness reviews as a tool to improve board effectiveness.

705. Proponents of corporate governance solutions can be prone to overestimate the benefit that their particular favoured measure will provide. Structural or procedural changes to bank boards would not have prevented the last crisis and will not prevent the next one. Nevertheless, the Commission has a number of proposals which, taken together, we believe will help to bring about a desirable change in the culture and overall approach of boards.

706. The Commission recommends that the Financial Reporting Council publish proposals, within six months of the publication of this Report, designed to address the widespread perception that some 'natural challengers' are sifted out by the nomination process. The nomination process greatly influences the behaviour of non-executive directors and their board careers. Fundamental reform may be needed. The Commission considers that the Financial Reporting Council should examine whether a Nomination Committee should be chaired by the Chairman of a bank or by the Senior Independent Director.

707. There is a danger that the non-executives directors of banks are self-selecting and self-perpetuating. In the interests of transparency, and to ensure that they remain as independent as possible, the Commission recommends that the regulators examine the merits of requiring each non-executive vacancy on the board of a bank above the ring-fence threshold to be publicly advertised.

708. The obligations of directors to shareholders in accordance with the provisions of the Companies Act 2006 create a particular tension between duties to shareholders and financial safety and soundness in the case of banks. For as long as that tension persists, it is important that it be acknowledged and reflected in the UK Corporate Governance Code, in the PRA's Principles of Business and under the Senior Persons Regime. The Commission has several recommendations in the light of this, which should at the very least apply to banks above the ring-fence threshold.

· The Commission recommends that the UK Corporate Governance Code be amended to require directors of banks to attach the utmost importance to the safety and soundness of the firm and for the duties they owe to customers, taxpayers and others in interpreting their duties as directors;

· The Commission recommends that the PRA Principles for Businesses be amended to include a requirement that a bank must operate in accordance with the safety and soundness of the firm and that directors' responsibilities to shareholders are to be interpreted in the light of this requirement;

· The Commission recommends that the responsibilities of Senior Persons who are directors include responsibilities to have proper regard to the safety and soundness of the firm; and

· The Commission recommends that the Government consult on a proposal to amend section 172 of the Companies Act 2006 to remove shareholder primacy in respect of banks, requiring directors of banks to ensure the financial safety and soundness of the company ahead of the interests of its members.

INDIVIDUAL RESPONSIBILITY

709. As discussed in Chapter 3, a culture exists in banking which diminishes a sense of personal responsibility. What we have referred to as the 'accountability firewall' has developed, which has served to prevent those on boards having a strong sense of personal engagement with and responsibility for failings and misconduct in the firm. Restoring a sense of individual responsibility to members of the board has the potential to improve the effectiveness of board governance and standards within the industry.

710. In Chapter 3 we outlined our proposals for a new Senior Persons Regime, to replace the SIF element of the Approved Persons Regime (APER), addressing the fundamental weaknesses with the past industry and regulatory approach to individual responsibility at the highest level. The Senior Persons Regime is designed to ensure the allocation of specific responsibilities to specific post or office holders that will place beyond doubt what responsibilities are held by whom. We discuss these responsibilities for members of the board in greater detail below, with a particular emphasis on the responsibilities of the Chairman of a bank board, given the particular importance of the role he or she occupies.

Responsibilities of the Chairman

711. The Chairman plays a crucial role. As the UK Corporate Governance Code states, "the Chairman is responsible for leadership of the board and ensuring its effectiveness on all aspects of its role". The Code also states that the Chairman "should also promote a culture of openness and debate by facilitating the effective contribution of non-executive directors in particular and ensuring constructive relations between executive and non-executive directors".[1191] This point has been stressed on numerous occasions. For example, the Financial Reporting Council has stated that "good boards are created by good chairmen. The chairman creates the conditions for overall board and individual director effectiveness".[1192] Similarly the ABI in its report on board effectiveness concluded that:

1193

712. The importance of the Chairman's role should be reflected in the post's responsibilities under the proposed Senior Persons Regime. Chairmen should have specific overall responsibility for leadership of the board as well for ensuring, monitoring and assessing its effectiveness. This should include a responsibility for promoting an open exchange of views, challenge and debate and ensuring that other non-executives have the tools, resources and information to carry out their roles effectively, particularly their challenge function. It should be the duty of the Chairman to hold annual meetings with the chairmen of every board sub-committee separate from any attendance at meetings to ensure that he or she has an overview of the subject area within those sub-committees' responsibility. Bank Chairmen should in future have an explicit responsibility for setting standards and providing effective oversight over how they are embedded through the organisation. In addition, it is essential the Chairman has a responsibility to ensure that he or she, together with his or her office, provides a genuine check and balance to the executives.

713. The Walker review concluded that:

1194

In practice many large banks have moved towards a position where the Chairman is nearly or wholly full-time. For example, HSBC has an executive full time Chairman and the Barclays Chairman is committed to serving at least 4 days a week.[1195]

714. Opponents of the proposal that the Chairman of a large bank should be full-time or nearly full-time have previously argued that there is a risk that this would effectively result in the individual concerned becoming an executive with all the attendant risks of going native and a corresponding loss of independence. Dr Peter Hahn explained that the crucial issue was not whether Chairmen was full time, but rather the role they played:

1196

715. We have received no evidence that a two-thirds time commitment has led chairmen of major banks to 'go native', and believe that the risk of this occurring with a full-time Chairman may have been overstated. In any case, the risks of partial disengagement are likely to be greater. The accountability and personal responsibility of Chairmen will be enhanced if they are engaged on a near full-time basis. In light of the crucial role played by the Chairman of a major financial institution, the Commission recommends that a full-time Chairman should be the norm. The implication of our proposals is that the Chairman of a large bank should usually not hold any other large commercial non-executive, let alone executive, positions.

Responsibilities of the Senior Independent Director

716. The Senior Independent Director (SID) plays a pivotal role on the board. In large part, this flows from the SID's role in acting as a check on the Chairman and ensuring that the Chairman is discharging his leadership responsibilities effectively. The Walker review outlined the role of the Senior Independent Director as follows:

The role of the Senior Independent Director (SID) should be to provide a sounding board for the Chairman, for the evaluation of the Chairman and to serve as a trusted intermediary for the NEDs, when necessary. The SID should be accessible to shareholders in the event that communication with the Chairman becomes difficult or inappropriate.

717. The Commission recommends that the Senior Independent Director should, under the proposed Senior Persons Regime, have specific responsibility for assessing annually the performance of the Chairman of the board and, as part of this, for ensuring that the relationship between the CEO and the Chairman does not become too close and that the Chairman performs his or her leadership and challenge role. We would expect the regulator to maintain a dialogue with the Senior Independent Director on the performance of the Chairman: the Senior Independent Director should meet the PRA and FCA each year to explain how the Senior Independent Director has satisfied himself or herself that the Chairman has held the CEO to account, encouraged meaningful challenge from other independent directors and maintained independence in leading the board.

Role of non-executive directors

718. Non-executive directors (NEDs) potentially have an important role in providing challenge to the executive of a bank. Many of the failures within banks that have come to light could have been prevented or ameliorated had NEDs acted more effectively.

719. The avenues open to them at present, however, are limited. They can make their point at board level, record dissent in the minutes, press their view to a formal vote, report their concerns to the regulator, or resign. None of these, except for insisting on and then winning a vote, may be effective, however, and all may ultimately degenerate into mere back-covering exercises.

720. Non-executive directors in systemically important financial institutions have a particular duty to take a more active role in challenging the risks that businesses are running and the ways that they are being managed. The FSA's report into the failure of RBS demonstrated that this was often not the case in the past. For non-executive directors to be more effective, they may need to make more use of their current powers under the UK Corporate Governance Code to obtain information and professional advice, both internally and externally. In this context, it is essential that the office of the chairman is well-resourced to enable it to provide independent research and support to the non-executive directors.

Internal controls and disciplines

THE PROBLEM

721. The control framework of a bank, how it manages and assesses all of the risks it is responsible for, and how well it assesses its capacity to manage the future risk environment it may be facing, is crucial to the successful running of the organisation. Many banks told us that they used a control framework model called the "three lines of defence".[1197] The first line is front-line staff, who take responsibility for their own day-to-day risks. The second line is specialist risk management, controls and compliance staff. The third line is internal audit.[1198] These are discussed further below. However, it is clear from the evidence we have received that this model, or at least the way the banks applied this model, was unable to prevent the multiple risk failures that occurred across the banking industry, from the collapses of HBOS and RBS to LIBOR, interest rate swaps mis-selling and PPI.

722. In Chapter 3 we described how banks were too big to fail and too complex to manage, and how bank control frameworks have tended to be characterised by confusion and a blurring of departmental responsibilities. Staff in compliance functions were often faced with seemingly impossible challenges, presenting a stark example of the problem discussed in Chapter 3 of banks being too complex to manage. For example, there are 3,500 compliance employees at HSBC who are expected to provide compliance services across a very complex organisational structure.[1199] Stuart Gulliver described how he had felt the need to change the way the bank was organised due to these complexities:

1200

Regardless of a bank's size, evidence suggests that the compliance function was often faced with a multiplicity of tasks, from approving new product launches, to providing a legal-style advisory role on regulatory issues to providing assurance that the bank's systems and controls are working appropriately. Deutsche Bank told us, for example:

Deutsche Bank has an independent group-wide Compliance function. The role of the Compliance Department includes: advising on ethical conduct and identifying regulatory solutions; safeguarding integrity and reputation; and promoting, in partnership with the business, a culture of compliance.

1201

723. Banks have a set of obligations that are externally imposed, through general law and specifically through regulatory requirements. These must be adhered to by everyone in the bank. In addition to the mandatory legal obligations, banks set their own control standards, relating to their overall business strategy, that they also need to ensure are being adhered to. The responsibility for making sure that there are no breaches of any of the internally or externally imposed requirements lies with all who work in the bank. The evidence suggests that the role of compliance is hopelessly confused. As also noted in Chapter 3, this was most starkly demonstrated in two exchanges with Barclays employees. Mike Walters, then Group Head of Compliance, told us that:

Mike Walters: it is not the compliance function's responsibility to make Barclays compliant. [...]

Q679 Mark Garnier: Who was responsible for the compliance at Barclays—to make Barclays compliant?

1202

Hector Sants, Head of Compliance and Government and Regulatory Relations, told us that:

1203

In addition, risk and compliance functions have too often been treated as cursory box-ticking exercises to satisfy internal control or regulatory requirements, with limited practical impact on front-line activity. These problems can be exacerbated by the divide between the 'police' and the 'policed' within banks, where the highest status and rewards are afforded to those who raise most revenue for the bank.

724. We also noted in Chapter 3 the fact that in large, complex banks, it is very difficult for compliance functions to have a detailed understanding of the activities being undertaken outside their individual silo as minutely segmented by brutal crosshatching lines of management responsibility, functions, language and geographical location.

725. The Commission recognises that how a bank structures the framework it uses to control risks has to be shaped by its particular business model. However, the wide-spread failure requires a significant shake-up in internal controls. Our recommendations are based on the principles of ensuring personal responsibility and making internal challenge a norm, not an exception.

FRONT-LINE CONTROLS

726. Rich Ricci explained the control function performed by a front-line trading desk supervisor:

1204

Barclays' then Group Head of Compliance acknowledged that this process failed in the case of LIBOR manipulation:

Mark Garnier: Who was overseeing the LIBOR rate-setters in London and why were they not answering back to these swaps traders in New York? Why were they not saying, "Guys, you can't do this; stop trying to influence the rate setting"?

1205

The Chief Internal Audit Officer of Barclays told us that the bank had, in the light of the LIBOR investigation, initiated a "desk-level supervision enhancement programme [...] understanding what their roles and responsibilities are, training etc.".[1206]

727. As well as front-line controls, supervisors are also responsible for the financial performance of the trading desk and tend to be remunerated on this basis while risk management was not valued as a basis for remuneration. The Reward and Performance Director of Barclays explained that while the performance and, therefore, variable remuneration of retail bankers at his firm was determined by a formula incorporating non-financial measures, this was not suitable for investment banking:

1207

RISK MANAGEMENT

728. Reporting arrangements for Chief Risk Officers vary between banks. Santander UK told us that, in its structure, the CRO sat on the Board and the CRO's role "reinforces the executive risk responsibility of the Chief Risk Officer for the management and control of all risks".[1208] Barclays told us that "The Group CRO reports jointly to the CEO and the Chairman of the Board Risk Committee".[1209] In our examination of the collapse of HBOS, we found that the main reporting line of the divisional risk functions was to the divisional management rather than to the group risk function. Paul Moore believed that this created an 'us and them' culture between the group risk functions and the divisional risk functions, which was "dysfunctional".[1210]

729. We note the evidence of Sir David Walker that "Certainly, the chief risk officer has to be able to say no to the chief executive. He has to be able to say no, without fear that he will lose his job or that he will not get an adequate bonus. He has to have a direct line to the chairman of the risk committee or the chairman of the board".[1211] We concur. Each bank board should have a separate risk committee chaired by a non-executive director who possesses the banking industry knowledge and strength of character to challenge the executive effectively. The risk committee should be supported by a strong risk function, led by a chief risk officer, with authority over the separate business units. Boards must protect the independence of the Chief Risk Officer, and personal responsibility for this should lie with the chairman of the risk committee. The Chief Risk Officer should not be able to be dismissed or sanctioned without the agreement of the non-executive directors, and his or her remuneration should reflect this requirement for independence. The Chief Risk Officer should be covered by the Senior Persons Regime, and the responsibilities assigned to the holder of that post should make clear that the holder must maintain a voice that is independent of the executive.

COMPLIANCE

730. In Chapter 3, we noted the dangerous combination of blurring between the first and second lines of defence and a status gap between staff in specialist control functions and those in front-line revenue-raising roles. These problems were widespread and reinforced, rather than challenged, by management expectation. Evidence from several banks pointed to ongoing concerns of this nature in the product approvals process. Citigroup told us that the compliance function plays "an integral part of the new product and new business line approval process".[1212] This appears to place compliance in a first line risk management position, when in most cases banks described the function as sitting in the second line of defence. The then Head of Compliance at Barclays outlined a similar arrangement at his bank:

Mark Garnier: Can you talk us through the process of how a new product is constructed, at what point you get involved and at what point it then gets rolled out to market?

Mike Walters: Our key involvement is at the new product approval stage. However, at an earlier stage it is possible that we would get asked for subject matter expert guidance on a rule.

Mark Garnier: The key question—they are coming to you for expert advice. The product design departments do not have their own experts on compliance.

Mike Walters: No, that's not right. The reason why I said it was possible is that every banker I've met at Barclays has a pretty good understanding of the rules [...] That said, it is possible from time to time that specific expertise on a specific area of the regulations is sought.

Mark Garnier: When you have new product approval, you are then brought in in a formal way, and at that point you give the sign-off?

Mike Walters: Yes.

Mark Garnier: So you then take responsibility for the compliance side of that.

1213

Mike Walters also told us that "complying is the responsibility of everybody at Barclays, starting with the front line".[1214] The acting Group Head of Compliance at HSBC explained that his staff had a dual role:

David Shaw: You could have it in a different way, where the business decides on the product, goes through the whole process and submits it up for approval. You could have that, but it is not a very constructive way of dealing with it.

Mark Garnier: Why not?

David Shaw: Because basically it is a lot better if the input, "This does not work," comes in during the formulation.

Mark Garnier: Why? I can see the argument, but we are trying to gather evidence, so what we are really after is clear explanations of those two processes. Why is one better than the other?

1215

731. The CBI told us that "compliance needs to become more independent to avoid conflicts of interest that may arise through an employee's desire to satisfy senior colleagues rather than raise compliance issues".[1216] Mike Walters, explained that LIBOR manipulation in his bank was the result of cultural failure rather than of control frameworks:

Mark Garnier: How did those LIBOR setters not [know] what was going wrong? [...] Why did those rate setters not turn round and say, "You can't do this; we have to be independent"? [...] How did you, as head of compliance, allow them to be influenced?

1217

732. Rich Ricci said that in certain circumstances, compliance rather than front-line staff might be blamed if a bad deal was signed off at a trading desk:

1218

733. We also examined the interaction between staff in the front line and those in the second line of defence in performance assessment. Several witnesses told us that employees in the second line now contribute to performance assessment for those in revenue-raising roles. Mike Rees of Standard Chartered noted that there is "input from the control functions, compliance and risk" in front-line performance evaluation.[1219]His colleague, Richard Goulding, elaborated:

1220

Eddie Ahmed told us that, at Citigroup, the performance assessment of senior staff would include input from risk and compliance functions. However, at trading desk level, assessment would be "in the chain of command, and ultimately signed off by the business head, in conjunction with assessment by human resources".[1221]

734. Michael Lavelle, CEO of Wholesale Banking at CitiGroup, explained that staff in front-line functions could be involved in assessing those in the second line, as well as the other way round:

Baroness Kramer: And how would each feed into the other's appraisal? Would your risk person have an impact on what the pay levels might be—

Michael Lavelle: In the assessment, absolutely.

Baroness Kramer: What about the other direction?

1222

735. It is important that banks have clear lines of accountability for the assurance of overall regulatory compliance. A blurring of responsibility between the front line and compliance staff risks absolving the front line from responsibility for risk. Compliance involvement in product development can make it more difficult for compliance staff subsequently to perform their independent control duties. Their involvement needs careful handling. Responsibility for acting in accordance with the letter and spirit of regulation should lie with every individual in a bank. This responsibility should not be outsourced to a compliance function, any more than to the regulator itself, particularly in the light of the fact that, owing to the complexity of banks, the compliance function would face a very difficult task were this responsibility to lie solely with it.

736. The Commission notes with approval measures taken by banks to involve control functions in the performance assessment of senior and front-line staff. There is a strong case for extending this further. To have a strong impact on behaviour, clarity in how such mechanisms operate is desirable. The involvement of the front-line in assessing second-line performance threatens to further undermine the independence of the second line. This effect can be exacerbated by ingrained status differences between staff in different functions.

737. We do not wish to be prescriptive about the role of the Head of Compliance. We see parallels with the role of the Chief Risk Officer, insofar as protecting the independence of the Head of Compliance role is paramount. This should be a particular responsibility of a named individual non-executive director. The Commission recommends, as with the Chief Risk Officer, that dismissal or sanctions against the Head of Compliance should only follow agreement by the non-executive directors. Such an action would, under existing arrangements, also need to be disclosed to the regulator.

INTERNAL AUDIT

738. The Group Head of Internal Audit at HSBC acknowledged that the work of his division had been characterised by a rules-based approach:

Baroness Kramer: In a sense, you were not looking at judgement; you were only looking as to whether people had taken the procedural step. Is that what you are saying?

1223

739. Roger Marshall explained how he saw the relationship of internal audit with the other parts of the business:

1224

This "complete independence" as Roger Marshall described it, reinforces again the need for this function to be protected by the non-executives to ensure their own independent challenge is informed by analysis that is also independent of the executive. Roger Marshall went on to describe a broad remit for internal audit "Internal audit should—and, by and large does, in UK banking—have an unrestricted remit. It should look at governance, it should look at culture, it should look at the way that the risk management departments manage risk, and it should look at compliance and how they are doing things.[1225]

740. Anthony Hilton said that "Internal audit is a way for top management, whatever it is—the risk committee or the audit committee—effectively to circumvent several layers of middle management and find out what is happening on the shop floor".[1226]The Head of Internal Audit at Standard Chartered Bank confirmed that the breadth of scope:

Baroness Kramer: So how broad would your scope be, Mr Wynter? Would it include product suitability, HR policies for recruitment, business strategy or perception? How wide-ranging is it?

1227

The CBI said that internal audit should not be restricted to historic analysis, but elevated to a role in decision-making processes.[1228]

741. Internal audit's independence is as important as that of the Chief Risk Officer and the Head of Group Compliance, and its preservation should similarly be the responsibility of a named individual non-executive director, usually the chairman of the audit committee. Dismissal or sanctions against the head of internal audit should also require the agreement of the non-executive directors.

CONCLUSION ON INTERNAL CONTROLS

742. The "three lines of defence" have not prevented banks' control frameworks failing in the past in part because the lines were blurred and the status of the front-line, remunerated for revenue generation, was dominant over the compliance, risk and audit apparatus. Mere organisational change is very unlikely, on its own, to ensure success in future. Our recommendations provide for these lines to be separate, with distinct authority given to internal control and give particular non-executive directors individual personal responsibility for protecting the independence of those responsible for key internal controls. This needs to be buttressed with rigorous scrutiny by the new regulators of the adequacy of firms' control frameworks.

Standards and culture

INTRODUCTION

743. Our witnesses were united in agreement that a change in banking culture was necessary. Antonio Horta-Osório said that the banking industry was facing a "deep crisis of confidence and trust" and "needed cultural change".[1229] Stephen Hester agreed that "there are cultural changes that we should make across banking",[1230] while Antony Jenkins told us that it was necessary to "change the culture" at Barclays.[1231] The Chartered Banker Institute said that "extensive cultural change" was required in banking.[1232] The CBI submitted that such change was "key to ensuring banking can support business' needs",[1233] while the ABI said it was "the key to further change in banks".[1234]

744. In this section, we argue that standalone programmes of cultural change, however well-intentioned, are unlikely to succeed. Worthy statements of direction or a reshuffling of faces at the top may change the outward image of an organisation. However, if they leave the underlying causes of cultural malaise intact, they are ultimately doomed to failure.

PROSPECTS FOR RAPID CHANGE

745. In our first oral evidence session, Sir David Walker, the then prospective Chairman of Barclays, was bullish about the prospects of achieving quick cultural change in his company:

1235

He explained that the crisis in UK banking offered an opportunity for unusually rapid cultural change:

1236

746. The Salz Review of Barclays was less confident that cultural change could be achieved quickly:

1237

Others respondents took a similar viewpoint. António Horta-Osório cautioned that "changing the culture of an organisation of 100,000 people takes time",[1238] while RBS wrote that enduring change would be "the product of a slow, deliberate and sustained march with many small steps".[1239]

747. In his second appearance before the Commission, Sir David Walker reiterated his confidence that the culture of Barclays could be changed quickly.[1240] However, he suggested that progress in the short-term would be restricted to highlighting the need for change and putting appropriate frameworks in place:

1241

748. Profound cultural change in institutions as large and complex as the main UK banks is unlikely to be achieved quickly. Bank leaders will need to commit themselves to working hard at the unglamorous task of implementing such change for many years to come.

BANK CODES OF CONDUCT

749. The primary vehicle the new Chairman and Chief Executive of Barclays have used to try to effect rapid cultural change in Barclays is the "Transform Programme".[1242] A prominent element of this is the adoption of a Statement of Purpose and Values. This was explained in the bank's response to the Salz Review:

1243

750. In evidence to the Commission, Antony Jenkins explained that Barclays had not previously had "a set of values and behaviours that are operative across the whole Group" which defined "what the Barclays culture should be".[1244] However, the then Chief Executive, John Varley, attempted to establish five similar Group-wide values in 2005: 'customer focus', 'winning together', 'best people', 'pioneering' and 'trusted'. This was intended to allow the Group to be overseen through one set of values. In 2007 they were embedded in a refreshed Group Statement on Corporate Conduct and Ethics.[1245] Writing in The Financial Times, Philip Augar remarked:

1246

The Salz Review observed that the five Guiding Principles had not "percolated into the consciousness of the Group",[1247] partly because of the "significant challenge to instilling shared values in a universal bank like Barclays".[1248]

751. Statements of values and corporate codes are not restricted to Barclays. The word cloud below shows the distribution of words used by a selection of banks in their corporate statements:[1249]

Which? told us that "superficially the major British banks have good cultures. They publish codes that are difficult to fault as statements of intent".[1250] Gavin Shreeve, Principal, ifs School of Finance, told us that "all the banks, all the professional bodies, were awash with codes, but that does not stop bad behaviour".[1251] The risks of placing too much reliance on the stated values of a firm are demonstrated by the case of Enron, whose values were remarkably similar to those of Barclays (Box 13).

Box 13: Enron's Values

Enron's Annual Report in 2000, the year before it filed for bankruptcy following the emergence of systematic accounting fraud, set out its corporate values:

Communication: We have an obligation to communicate. Here, we take the time to talk with one another… and to listen. We believe that information is meant to move and that information moves people.

Respect: We treat others as we would like to be treated ourselves. We do not tolerate abusive or disrespectful treatment.

Integrity: We work with customers and prospects openly, honestly and sincerely. When we say we will do something, we will do it; when we say we cannot or will not do something, then we won't do it.

Excellence: We are satisfied with nothing less than the very best in everything we do. We will continue to raise the bar for everyone. The great fun here will be for all of us to discover just how good we can really be.[1252]

752. Which? wrote that many of the most egregious conduct failings "involved banks where the top management appeared to have set explicit and impeccable cultural standards for employees".[1253] The 2009 Goldman Sachs Code of Business Conduct and Ethics championed "integrity and honesty" as being "at the heart of our business", but contained a caveat that "from time to time, the firm may waive certain provisions of this Code".[1254] Others claimed that cultural codes were not taken seriously. The Chartered Institute for Securities & Investment (CISI) said that "it is one thing to have a code and quite another to monitor and measure the extent to which any person follows it with a professional pride that goes beyond cursory compliance".[1255] Ken Costa told us that "mission statements and all the various statements that are made are very often merely bolt-ons".[1256]

753. Several witnesses told us of the importance of the ways in which corporate values were embedded throughout an organisation. CFA UK wrote that "it appears that some banks have paid lip service to professional standards and culture within their marketing communications, but have not embedded those ideals and behaviours within their firms. Anthony Browne said that codes "do not mean anything if they are just bits of paper that people tick. […] they need to be embedded within organisations".[1257] RBS told the Commission that:

1258

Sir David Walker told us:

there needs to be a clear statement of values. Most banks actually have them, but the problem is not with the values but how they are embedded from top to bottom.

The means of embedding change are considered in the following sections.

754. Poor standards in banking are not the consequence of absent or deficient company value statements. Nor are they the result of the inadequate deployment of the latest management jargon to promulgate concepts of shared values. They are, at least in part, a reflection of the flagrant disregard for the numerous sensible codes that already existed. Corporate statements of values can play a useful role in communicating reformist intent and supplementing our more fundamental measures to address problems of standards and culture. But they should not be confused with solutions to those problems.

TONE AT THE TOP, MIDDLE AND BOTTOM

755. The phrase "tone at the top", or "tone from the top" rose to prominence in the aftermath of the Barclays LIBOR settlement in 2012. The regulator, the FSA, had become concerned at the aggressive pattern of behaviour of Barclays towards regulatory issues. This was of sufficient importance that the then head of its Prudential Business Unit, Andrew Bailey, went to the Barclays board in person to express the FSA's concerns about the firm, and the Chairman of the FSA, Lord Turner, subsequently wrote to the Chairman of Barclays, Marcus Agius. Andrew Bailey told the Treasury Committee that he had said to the board that the tone at the top was of concern to the FSA, and also told the Committee that "the culture of this organisation was coming from the top".[1259]

756. The importance of setting the appropriate tone from the top of banks in attempting to improve culture was highlighted by a large number of respondents. The FSA said that the standards, culture and values of banks depended on "the tone set by top management".[1260] Lloyds Banking Group wrote "the tone and example needs to come from the top—having leaders with the highest integrity and values, who think and act for the long-term".[1261] The Institute of Operational Risk, arguing that "codes of conduct alone are not sufficient to change risk cultures", said that senior management needed to set the example by exhibiting "integrity, fitness, propriety and suitability for their roles".[1262] The FSA Financial Services Consumer Panel stressed the role of the personality of leaders in driving cultural change:

1263

757. The ABI said that the Commission would be most effective if we focused on "changes of culture that are already underway, and on encouraging those who are trying to lead this".[1264] Ken Costa said that though the need for a cultural shift was starting to be recognised among bank leaders, this was yet to be understood at lower levels:

1265

758. In a recent speech, the incoming Governor of the Bank of England, Dr Mark Carney, argued that to change the culture of banks, tone from the top needed to be supplemented by an appropriate sense of purpose throughout firms:

For companies, this responsibility begins with their boards and senior management. They need to define clearly the purpose of their organisations and promote a culture of ethical business throughout them.

1266

Simon Thompson made a similar point, suggesting that while the role of senior management in culture was "absolutely key", "tone at the middle and the tone at the bottom" were also important as "you need to have individuals surrounded by a culture of professionalism".[1267]

759. Dr Adam Posen warned against the assumption "that if banks simply sign up enough compliance officers, that constitutes a change of culture, rather than constitutes a tax that they are paying to make sure that they are not legally liable."[1268] Professors Black and Kershaw argued that cultural change had "to be "mainstreamed" throughout the organisation, not siloed off into "compliance" or "risk" divisions".[1269]

760. The CBI told us that, to achieve cultural change, "systems and procedures within firms must drive values throughout the organisation" and "individuals need to understand the behaviours expected of them and be held accountable for their actions".[1270] These sentiments were reflected by Antony Jenkins in his explanation of how he intended to embed cultural change in Barclays:

1271

761. Professor Nicholas Dorn stressed the importance of incentives in driving cultural change throughout bank staff hierarchies:

1272

The role of these incentives is considered in the next section.

762. The appropriate tone and standard of behaviour at the top of a bank is a necessary condition for sustained improvements in standards and culture. However, it is far from sufficient. Improving standards and culture of major institutions, and sustaining the improvements, is a task for the long term. For lasting change, the tone in the middle and at the bottom are also important. Unless measures are taken to ensure that the intentions of those at the top are reflected in behaviour at all employee levels, fine words from the post-crisis new guard will do little to alter the fundamental nature of the organisations they run. There are some signs that the leaderships of the banks are moving in the right direction. The danger is that admirable intentions, a more considered approach, and some early improvements, driven by those now in charge, are mistaken for lasting change throughout the organisation.

763. We believe that the influence of a professional body for banking could assist the development of the culture within the industry by introducing non-financial incentives, which nonetheless have financial implications, such as peer pressure and the potential to shame and discipline miscreants. Such a body could, by its very existence, be a major force for cultural change and we have already recommended that its establishment should be pursued as a medium to long term goal alongside other measures such as new regulatory provisions.

INDIVIDUAL INCENTIVES FOR IMPROVEMENTS TO STANDARDS AND CULTURE

764. Dr Adam Posen argued that the culture of banks reflected the accumulated consequences of a wide range of economic incentives:

1273

765. Martin Taylor told us that codes of conduct were unlikely to succeed in improving standards if financial incentive worked in the opposite direction:

1274

Professor David Kershaw also argued that incentives tended to trump other considerations:

1275

Which? concurred that in order to embed genuine change, staff needed to be "given the proper incentives to maintain high levels of professional standards."[1276]

766. Commenting on their internal reform programme, RBS argued that specific programmes aimed at rapid cultural change were unlikely to be successful while wider frameworks remained untouched:

1277

767. Media coverage of Antony Jenkins' announcement of the new Barclays Statement of Purpose and Values suggests that it was met with, at best, mixed feelings among the traders in his company.[1278]

768. There is little point in senior executives talking about the importance of the customer and then putting in place incentive and performance management schemes which focus on sales which are not in the interests of the customer. As long as the incentives to break codes of conduct exceed those to comply, codes are likely to be broken. Where that gap is widest, such as on trading floors, codes of conduct have gained least traction. This betrays a wider problem with stand-alone programmes to raise standards and improve culture. Attempts to fix them independently of the causes are well-intentioned and superficially attractive, but are likely to fail.

769. There is still much to do in promoting diversity within banks. There is a need to hold banks' feet to the fire in encouraging the gender diversity of their workforce. The culture on the trading floor is overwhelmingly male. The Government has taken a view on having more women in the boardroom through the review carried out by Lord Davies of Abersoch and his recommendations that FTSE 100 companies increase the number of women directors who serve on their boards. If that is beneficial in the boardroom so it should be on the trading floor. The people who work in an industry have an impact on the culture of that industry. More women on the trading floor would be beneficial for banks. The main UK-based banks should publish the gender breakdown of their trading operations and, where there is a significant imbalance, what they are going to do to address the issue within six months of the publication of this Report and thereafter in their annual reports.

INDICATORS OF CHANGED CULTURE

770. In order for banks to demonstrate to the public that they have changed their standards and culture, they will need to provide clear evidence of such change. Banks are well aware of their past failings. They should acknowledge them. Further opportunity to demonstrate change is offered by ongoing concerns, such as approaches taken to customer redress or involvement in activities inconsistent with a customer service ethos. The clearest demonstration of change will come with the avoidance of further standards failings of the sort that led to the creation of the Commission.

Driving out fear

INTRODUCTION

771. The banking scandals which we have examined occurred even though the institutions concerned had formal internal compliance and control structures which ought to have prevented wrongdoing. But these systems failed to function effectively. For example, in HSBC, despite repeated internal and external warnings, failings in anti-money laundering systems that made the bank "very attractive to transnational criminal organisations, whether they are terrorist or criminal in origin," were allowed to persist.[1279] In Barclays, UBS and RBS, the manipulation of LIBOR submissions for individual profit continued unrestrained for years, without internal compliance preventing it.

772. As well as this failure of formal control systems, the firms concerned were also apparently not tipped off about wrongdoing by their own employees. Had this occurred, the firms might have been able to shut down the wrongdoing much earlier and prevent much of the penalties and reputational damage they incurred. Why did this not happen? Huw Jenkins, former CEO of UBS investment bank, acknowledged that this clearly demonstrated "a failing in our systems and controls and in our culture."[1280]

REASONS THE BANKS WERE NOT TOLD BY THEIR OWN EMPLOYEES

773. A number of different reasons have been given to us. The common factor is that employees feared the consequences of speaking out.

Fear in banking culture

774. An internal investigation into Barclays Wealth America found that it had a "culture of fear" that was "actively hostile to compliance" and "ruled with an iron fist to remove any intervention from those who speak up in opposition". Issues with the "revenue at all costs strategy" were not escalated up the management chain, but "buried, stopping any solution ever coming to light".[1281] A whistleblower writing in The Independent claimed that the Barclays investment bank was run "through a culture of fear. You fear for your job and you fear for your bonus".[1282] The Salz Review reported that similar problems remain:

1283

The same charge has been made of the culture of RBS during Fred Goodwin's tenure as Chief Executive:

1284

In addition, the way in which banks suddenly dismiss employees, without colleagues being told, can deter employees from raising concerns:

1285

775. These concerns are not unique to banking. A recent review of the BBC, found "a strong undercurrent of fear". It observed that many freelancers felt that "getting a reputation for speaking out or as a troublemaker is considered by many to be one form of 'career suicide'."[1286] The Francis Report on Mid-Staffordshire NHS Trust found that "It is clear that there is a very real reluctance on the part of staff at all levels of seniority to persist in raising concerns about unsafe or substandard services, colleagues' capability and conduct, and similarly important issues. There is a widespread belief that the protections offered are theoretical rather than real."[1287]

776. These fears may be justified: employees who express concerns about questionable practices in a bank may suffer as a result. In the worst cases, individuals who expressed concern may have been moved on.

Fear from sales pressures

777. We heard evidence from Citizen's Advice and Which? about the pressures staff felt under to sell products:

Q47 Mr McFadden: Were the kind of front line sales service staff that I am talking about given specific targets per month or per week for the number of PPI products that they had to sell?

Sue Edwards: When we did our super-complaint, we talked to Amicus—now Unite—about whether they had any evidence of their bank staff being put under pressure to sell PPI. They said they did not have any specific evidence about PPI, but they were dealing with a lot of cases of members who were put under pressure to sell a very high number of products, which they could not achieve and were facing disciplinary action as a result.

1288

Stuart Davies, regional officer of Unite, told us that:

1289

Fear of damage to reputation and career

778. Employees in the financial services industry, because of its particular characteristics, may fear for their employability and reputation if they complain about wrongdoing of all sorts:

1290

ENCOURAGING ESCALATION AND WHISTLEBLOWING

779. Fear of the consequences, even if misplaced, deters bank employees from raising wrongdoing with their manager or firm. The numbers of successful whistleblowers in banks is understood to be very low. This is not in the interest of banks themselves. The people best placed to flag up emerging failings in culture and standards are a bank's own employees. Despite the widespread knowledge of LIBOR-rigging on the trading floor, no employee apparently felt sufficiently concerned, or sufficiently confident, to 'whistleblow' by escalating the problem internally, or informing the regulator. As we have said, had staff come forward at an early stage, even at one firm, and had their concerns been acted on with appropriate reporting to the regulator, much of the damage caused by the LIBOR-rigging scandal might have been avoided.

780. Dr Andrew Hilton of the CSFI described the positive impact that whistleblowers could have, saying that an effective internal whistleblowing system:

1291

781. Rich Ricci of Barclays showed a marked appreciation of the scale of what went wrong. He admitted that the bank's culture may have been an impediment to effective internal whistleblowing:

1292

The ICAEW told us that:

1293

Ali Parsa, Chief Executive, Circle Partnership, said that:

1294

Whistleblower Martin Woods commented that "Ultimately it is all about culture [...] a culture which encourages people to speak out and rewards them for doing so."[1295]

782. Whistleblowing in the financial services sector needs to be treated by firms not as inconvenient and potentially damaging, but as a valuable source of information for senior management. We set out below some of the practical steps that we expect banks to take to provide greater encouragement and protection for internal whistleblowers. Procedural and practical solutions will only be effective if they are underpinned by a significant change in bank standards and culture.

BANKS' OWN WHISTLEBLOWING POLICIES

783. Whistleblowing policies and procedures do exist within banks, but they failed. In evidence they were criticised for being insufficiently clear, well-publicised, and robust. Whistleblowing charity Public Concern at Work commented that:

1296

In oral evidence to us, HSBC told us that it rewarded staff who drew attention to wrong behaviour of different kinds, but struggled to demonstrate how its internal guidance documents clearly set out the expectation for staff to escalate matters if they became aware of wrongdoing.[1297] Professor Nicholas Dorn told us that:

1298

784. The Commission was shocked by the evidence it heard that so many people turned a blind eye to misbehaviour and failed to report it. Institutions must ensure that their staff have a clear understanding of their duty to report an instance of wrongdoing, or 'whistleblow', within the firm. This should include clear information for staff on what to do. Employee contracts and codes of conduct should include clear references to the duty to whistleblow and the circumstances in which they would be expected to do so.

785. Concerns reported by employees may be less specific than those typically associated with whistleblowing. Employees may feel a sense of unease about a practice or a product without necessarily understanding or anticipating the scale of the problem. Stuart Davis, from Unite Union, told us that bank staff had concerns about PPI long before it emerged as a scandal: "Clearly, there was growing discomfort among our members that perhaps the products they were selling were not all they were cracked up to be".[1299] We noted earlier in this chapter the enormous pressure front-line staff were under to sell products, not just as a result of financial incentive structures, but also as a result of less formal cultural influences. Jayne-Anne Gadhia, now CEO of Virgin Money, told us of her struggle with her previous employer to get them to address problems relating to PPI:

1300

786. In addition to procedures for formal whistleblowing, banks must have in place mechanisms for employees to raise concerns when they feel discomfort about products or practices, even where they are not making a specific allegation of wrongdoing. It is in the long-term interest of banks to have mechanisms in place for ensuring that any accumulation of concerns in a particular area is acted on. Accountability for ensuring such safeguards are in place should rest with the non-executive director responsible for whistleblowing.

Senior responsibility

787. If whistleblowers are to have the confidence to come forward within firms, they need to be reassured that their reports will be dealt with appropriately and that they will be protected from detrimental treatment by their employer. Professor Nicholas Dorn said that:

1301

788. Internal whistleblowing processes must be overseen by an individual with the authority and seniority both to ensure that whistleblowing reports are acted upon and to protect the whistleblower. A non-executive board member—preferably the Chairman—should be given specific responsibility under the Senior Persons Regime for the effective operation of the firm's whistleblowing regime. That Board member must be satisfied that there are robust and effective whistleblowing procedures in place and that complaints are dealt with and escalated appropriately. It should be his or her personal responsibility to see that they are. This reporting framework should provide greater confidence that wider problems, as well as individual complaints, will be appropriately identified and handled.

What firms' whistleblowing regimes should contain

789. We do not propose a one-size-fits-all approach to establishing appropriate whistleblowing procedures. There already exists a wealth of best practice guidance and, as we have already made clear, the success of a whistleblowing regime will owe more to an institution's overall culture than the minutiae of its procedures. Nonetheless, we believe that there are some elements of a successful whistleblowing policy which are sufficiently important that they should be incorporated into every institution's whistleblowing processes, and we outline these below. Beyond this, it is for the Chairman or other responsible board member to ensure that the whistleblowing procedure at the firm is fit for purpose, as outlined above.

Protection

790. In many cases whistleblowers will act anonymously, but where whistleblowers are not anonymous they need particular protection, because a key barrier to effective whistleblowing is the fear that staff will face repercussions from their employer for having drawn attention to wrongdoing. We note that legal protection for whistleblowers does already exist in the form of the Public Interest Disclosure Act 1998 (PIDA). A person making a "protected disclosure" which falls within the terms of PIDA (including an allegation of criminality or failure to comply with a legal obligation) and who is subsequently detrimentally treated by his or her employer can take their case to an employment tribunal and seek damages. But in spite of this legal protection, blowing the whistle remains daunting. Martin Woods commented that "when an individual blows the whistle in a bank, he/she is blowing the whistle against some very powerful and very strong people."[1302] Ian Taplin described the pressure not to whistleblow as "immense" and argued that whistleblowers within the banking sector can face intimidation and obstruction.[1303]

791. As part of a robust whistleblowing procedure, institutions must have effective systems in place to protect whistleblowers against detrimental treatment. The Commission recommends that the Board member responsible for the institution's whistleblowing procedures be held personally accountable for protecting whistleblowers against detrimental treatment. It will be for each firm to decide how to operate this protection in practice, but, by way of example, the Board member might be required to approve significant employment decisions relating to the whistleblower (such as changes to remuneration, change of role, career progression, disciplinary action), and to satisfy him or herself that the decisions made do not constitute detrimental treatment as a result of whistleblowing. Should a whistleblower later allege detrimental treatment to the regulator, it will be for that Board member to satisfy the regulator that the firm acted appropriately.

Record keeping

792. Existing guidance from the regulator encourages whistleblowers to raise their concerns internally in the first instance. We received evidence that many complaints that are framed as whistleblowing reports are in fact more appropriately categorised as individual grievances or disagreement with legitimate management decisions,[1304] and we recognise that this may sometimes be the case. Whistleblowing reports should be subjected to an internal 'filter' by the bank to identify those which should be treated as grievances. Banks should be given an opportunity to conduct and resolve their own investigations of substantive whistleblowing allegations. We note claims that 'whistleblowing' being treated as individual grievances could discourage legitimate concerns from being raised.

793. The Commission does, however, believe that it is important that a contemporaneous and independent record of every whistleblowing complaint exists, regardless of its eventual outcome. The regulator should periodically examine a firm's whistleblowing records, both in order to inform itself about possible matters of concern, and to ensure that firms are treating whistleblowers' concerns appropriately. The regulators should determine the information that banks should report on whistleblowing within their organisation in their annual report.

THE ROLE OF THE REGULATOR

Benefiting from whistleblowers

794. As explained above, one of the challenges facing regulators is that they are not as well placed as those within banks to spot problems. Whistleblowers therefore play an important role in bringing concerns to the attention of regulators. Banks must implement and administer appropriate and robust whistleblowing procedures. Nonetheless, there is also an important role for the regulator to play in overseeing the operation of banks' internal whistleblowing procedures, in providing an alternative route for whistleblowing, and in providing support and encouragement to whistleblowers. The evidence that we received from whistleblowers demonstrated a lack of confidence in the regulator's willingness and ability to support them and to act upon their concerns. Whistleblowers UK said that whistleblowers "have no confidence in the FSA".[1305] Martin Woods, whose actions in disclosing wrongdoing at Wachovia were commended by the US Comptroller of the Currency, said that his experience with the FSA "should have been a better one".[1306]

795. Approved Persons are currently obliged to "deal with the FSA and with other regulators in an open and cooperative way and must disclose appropriately any information of which the FSA would reasonably expect notice." (Principle 4 of the Statement of Principles for Approved Persons). Tracey McDermott described this Principle as providing an "obligation to whistleblow",[1307] but acknowledged that it was questionable whether the FSA had been sufficiently assertive in enforcing it. She suggested that in many cases where wrongdoing was uncovered, the FSA had tended to focus on enforcement action for the wrongdoing itself rather than considering whether a breach of Principle 4 had also occurred.

796. All Senior Persons should have an explicit duty to be open with the regulators, not least in cases where the Senior Person becomes aware of possible wrongdoing, regardless of whether the Senior Person in question has a direct responsibility for interacting with the regulators.

Encouraging whistleblowers

797. Regulators should be responsible for ensuring that firms have put in place an appropriate whistleblowing system. However, Martin Wheatley did not appear to believe that the FCA needed to do anything more to address the problems that whistleblowers may face:

1308

while protecting the anonymity of whistleblowers is important, this attitude gave support to Martin Woods's evidence of his experience:

1309

He told us that he later submitted a complaint to the FSA that he had been detrimentally treated by his employer for his whistleblowing, but did not receive any feedback from the FSA.[1310]

798. The FSA Handbook states that it "would regard as a serious matter any evidence that a firm had acted to the detriment of a worker because he had made a protected disclosure about matters which are relevant to the functions of the FSA. Such evidence could call into question the fitness and propriety of the firm or relevant members of its staff, and could therefore, if relevant, affect the firm's continuing satisfaction of threshold condition 5 (Suitability) or, for an Approved Person, his status as such."[1311] The FSA told us that it

1312

The FSA also said that actively monitoring employment tribunal cases brought by bank employees alleging detrimental treatment would not be cost-effective, large number of such cases brought each year.[1313]

799. The FCA's evidence appeared to show little appreciation of the personal dilemma that whistleblowers may face. The FCA should regard it as its responsibility to support whistleblowers. It should also provide feedback to the whistleblower about how the regulator has investigated their concerns and the ultimate conclusion it reached as to whether or not to take enforcement action against the firm and the reasons for its decision. The Commission recommends that the regulator require banks to inform it of any employment tribunal cases brought by employees relying on the Public Interest Disclosure Act where the tribunal finds in the employee's favour. The regulator can then consider whether to take enforcement action against individuals or firms who are found to have acted in a manner inconsistent with regulatory requirements set out in the regulator's handbook. In such investigations the onus should be on the individuals concerned, and the non-executive director responsible within a firm for protecting whistleblowers from detriment, to show that they have acted appropriately.

800. The FSA told us that "if someone provides us with information which indicates that their fitness and propriety is in question then we have taken the view that we cannot, as the regulator, ignore that. So the consequences may be that an individual who comes forward is prohibited from working in the industry".[1314] The FSA acknowledged that this approach "acts as a further disincentive to report misbehaviour" and suggested that it could adopt a more lenient approach to whistleblowers who bring misconduct to its attention (with appropriate safeguards to ensure that other market users or customers were not put at risk). It said that it did operate leniency provisions in connection with insider dealing.[1315] The PRA and the FCA have, however, now stated that a mitigating factor in deciding on any financial penalty can be the conduct of the individual in bringing the breach to the regulators' attention.[1316]

801. One of the more controversial proposals to encourage whistleblowing is the use of financial incentives, as found in the United States. The most recent US scheme, introduced under the Dodd-Frank Act, provides for whistleblowers to be rewarded with a proportion of any fine levied on a company as a result of the information they have provided. Some of the evidence we received pressed strongly for the introduction of a similar scheme here. Erika Kelton, a US lawyer dealing with whistleblowing cases, described the impact of the US whistleblowing incentive schemes:

1317

She argued that "meaningful, non-discretionary financial incentives are critical to establishing robust and successful whistleblower programs."[1318]

802. The FSA had some serious reservations about the use of financial incentives, particularly in relation to the associated "moral hazards". It argued that the prospect of already highly-paid individuals receiving a "reward" for doing what was arguably their duty could lead to public disquiet. Carol Sergeant, Chairman of the whistleblowing charity Public Concern at Work, also had reservations and suggested that financial incentives could encourage whistleblowers to delay reporting wrongdoing in order to maximise their reward.[1319] Whistleblowers UK recognised the potential pitfalls of financial incentives, but argued that an incentive system based on a principle of compensation rather than reward would act as a recognition of the risks that a whistleblower undertook, while avoiding some of the associated moral hazard.[1320]

803. We note the regulator's disquiet about the prospect of financially incentivising whistleblowing. The Commission calls on the regulator to undertake research into the impact of financial incentives in the US in encouraging whistleblowing, exposing wrongdoing and promoting integrity and transparency in financial markets.

804. We have said earlier in this Report that the financial sector must undergo a significant shift in cultural attitudes towards whistleblowing, from it being viewed with distrust and hostility to one being recognised as an essential element of an effective compliance and audit regime. Attention should focus on achieving this shift of attitude.

805. A poorly designed whistleblowing regime could be disruptive for a firm but well designed schemes can be a valuable addition to its internal controls. The regulator should be empowered in cases where as a result of an enforcement action it is satisfied that a whistleblower has not been properly treated by a firm, to require firms to provide a compensatory payment for that treatment without the person concerned having to go to an employment tribunal.

1118 Group of Thirty, Toward Effective Governance of Financial Institutions, 12 April 2012, p 5, www.group30.org Back

1119 John Kay, The Kay Review of UK Equity Markets and Long-term Decision Making: Final Report, 23 July 2012, p 10, www.gov.uk Back

1120 John Kay, The Kay Review of UK Equity Markets and Long-term Decision Making: Final Report, 23 July 2012, p 21, www.gov.uk Back

1121 Sir David Walker, A review of corporate governance in UK banks and other financial industry entities, Final recommendations, November 2009, p 17 Back

1122 John Kay, The Kay Review of UK Equity Markets and Long-term Decision Making: Final Report, 23 July 2012, p 45, www.gov.uk Back

1123 Ibid. P 10 Back

1124 Q 326 Back

1125 Q 3628 Back

1126 Ev 1324 Back

1127 Ev 1222 Back

1128 Ev 1119 Back

1129 Treasury Committee, Ninth Report of Session 2010-11, Competition and choice in retail banking, HC 612, Qq 833-835 Back