Banking StandardsWritten evidence from Malcolm Crow

Improving Banking StandardsAn Outline Approach

The content of this document are my own personal views, and not endorsed in any way by Skandinaviska Enskilda Banken AB, my Swedish bank employer for the last 30 years.

Background

The suggested approach is based upon the following considerations:

1. There has indeed been a behavioural problem in certain sectors of banking, in certain institutions. In a small number of cases this has been deliberate malfeasance, but generally it has been a reflection of a cultural malaise which puts profit and selling ahead of attention to the client’s needs. However, in many other parts of the industry, and in many organisations, there have not been material problems.

2. Given the declining returns to banks in the face of the increasing regulatory burden, whatever solution is adopted to alleviate the problem should be (a) effective, and (b) low cost—n particularly since in the last resort increased costs are likely to be passed on to the users of bank services and/or shareholders. This means building on what is already there ton the greatest extent possible, without adding anything that will not have a real impact in behaviour at the financial coal face.

3. The FSA’s regulation failed to prevent problems from arising—in part, because their regulations only gave them direct sanction over the defined Controlled Functions, and even then (outside of the high level Principles) only in relation to specific matters which they had recognised as needing regulation.

4. Adding new technical requirements to the FCA’s rulebook is unlikely to provide a universal solution, even within consumer-facing banking. Increasing requirements for mandatory training are unlikely to assist, save in a small number of customer-related functions, given that the problem arises more from cultural influences than a lack of education.

5. Equally, whilst most banks have had some form of a Code of Ethics (behaviour, morals or whatever) governing their staff, this has been insufficient to prevent abuses from arising. It is difficult to see how merely adding another layer of moral requirements above this will achieve any real impact.

6. Any high level mandated code of conduct faces the choice between being universally applicable or honed to deal with particular parts of the banking industry. In the first instance, it is likely to be based on universally acceptable broad standards, which are unlikely to add greatly to the FCA’s Principles. In the latter instance, it will require a great deal of work to target the code to particular business areas—resulting in a plethora of sub-codes and training requirements, adding complexity and cost without actually bringing any real additional benefit. There is a great risk, therefore, that any British Banking Standards Board (call it what you will) will merely be a costly sinecure without producing any tangible additional benefit, other than appeasing the demand for action.

7. Equally, any mandatory ethical training, or membership/licensing requirement is going to: (i) involve great cost (welcomed by the providing institutions); (ii) result in restraint of trade problems and a reduction in the transfer of skills between countries and industries; and (iii) to the extent that withdrawal of membership/licence results in an inability to work in the sector again, provide a fruitful field for employment lawyers. The numbers of persons engaged in implementing and policing any such approach would be considerable.

8. Any approach which seeks to be targeted to specific sectors of the financial community runs foul of the problems inherent in attempting to define what “banking” is, and will result in arbitrary divisions between those functions covered, and those not—giving rise to the risk that coverage is later deemed to be too narrow when new risks are recognised (usually too late to prevent the resultant harm).

9. The ideal would therefore be a high level approach which is as universally applicable as possible, and which reinforces, and lies alongside, what is already in place.

The Proposed Approach

10. If there is seen to be an overwhelming need for one, a new Banking Standards Board (the “Board”) comprising the great and the good could be formed to draw up a non-technical Model Code of behaviour for “bankers” in general , monitor the observance on this code at a high level, and produce guidance for both the banks and consumers.

11. I see no reason why such a Board should not be a Financial Industry Standards (rather than a “Banking”) Board—since (a) the standards should be as high level and universally applicable as possible, (b) this avoids the definitional problems identified above, and (c) it will broaden the effectiveness of the scheme without adding materially to the cost.

12. The Model Code would be endorsed by the FCA, which would require all financially regulated institutions under its purview to take steps to implement the functional equivalent of the Model Code within their organisations, incorporating it (or its locally adopted equivalent) into the employment contracts of all members of staff. If a firm did not adopt the Model Code itself, then the FCA could seek to approve (or at least be given powers to seek modifications to) any local variant. There is no need to define which parts of the industry are within the code, and which not.

13. At this point it should be noted that the FCA could achieve precisely the same end on its own account, without any need for a new high level Board—which thus represents a costly palliative. In the event of there being no high level Board, any of the PRA, HM Treasury, or the Financial Services Ombudsman could be given authority to introduce potential adjustments to any FCA-based Code.

14. Whatever its origin, the Model Code would require firms to provide appropriate professional and ethical training to all employees. The precise scope and content of this training would not be mandated, but the Board/FCA (and any bodies endorsed by it) could provide guidance. This requirement is effectively already enshrined in the SYSC principles governing regulated institutions. This would, however, stop short of requiring specific examinations or licensing registrations—since at heart, these are not necessary, and thus represent an unnecessary financial burden on the industry.

15. The Model Code would not only reinforce the existing encouragement for management to introduce whistle-blowing procedures, but would go further—by requiring the inclusion in employment contracts of a clause obligating the employee to bring to the attention of their superiors and/or their compliance officers any concerns the fact that it appeared to the employee (based on his/her technical understanding of the business) that the relevant internal requirements equivalent to the Model Code were not being met. Provided that the Model Code was simple, this would not represent too great a burden on the employee.

16. Each firm would be required by FCA rules to monitor the observance of its own internal equivalent of the Model Code. The existing compliance, audit and risk control functions within firms would assess the implications in the light of the Model Code of all findings of routine monitoring and incidents (including those indicated by internally generated reports analysing complaints received), and would report the results upwards, together with appropriate management information. This requirement could be added to the FSA’s requirements of such controlled functions, and of senior management in general.

17. Where individual breaches of the Model Code are identified, firms would be required by FCA Rules to take disciplinary action, to record this formally—and, possibly, to report the matter individually to the FCA, although this could be left to a periodic report, for which see further below. If the ability of firms to impose appropriate sanctions on persons responsible for breaches of the Code who are not themselves Controlled Functions, then the FCA could require submission and prior approval of proposed sanctions—although this would risk adding unnecessary administrative burden, and is perhaps thus a step too far.

18. The approach proposed above thus places the policing of the new order in relation to non-Controlled Function staff where it should be, namely within the context of the contract of employment. No new disciplinary bodies would be required, and any additional costs would be borne by the firms whose staff had failed to meet the required standard of behaviour. The Board/FCA would need to give guidance as to what forms of activity (in terms of breaches of technical rules relating to the conduct of business in specific areas) would amount to a breach of the Model Code.

19. When employees are dismissed for (or leave b y consent as a result of) material breaches of the Model Code (and where applicable, after any associated employment law proceeding have established the truth of the failing), their name would be forwarded to the Board/FCA which would record them on a central register. This is a sensitive matter for employees who do not fulfil a Controlled Function, but the interests of society as a whole should override those of the errant individual. This would produce a wider coverage and a more effective mechanism than the current requirement to inform the FSA of the reason for an Approved Person’s departure from his position, and is as equally effective and far less costly than any licensing requirement.

20. The central register of dismissed persons would retain the names of individuals only for a stated period; it would be available (directly or via an enquiry to the FCA) to the compliance officer of each firm, and firms would be required to review and take into account such entries when hiring new staff. Individuals appearing on the register might be taken on by firms subsequently—for example where they have changed their attitude/behaviour, or where the circumstances leading to their entry are deemed not to be applicable to their new post); however, in such instances the justification for te proposed hire could be required to be submitted to the FCA for review.

21. Each firm or major division within large firms would have its own senior-management level Code Oversight Officer (much as it today has a Money Laundering Reporting Officer) , whose responsibility would be to ensure that the firm’s behaviour at the level of individuals was monitored effectively pursuant to the Model Code.

22. The FCA SYSC rules would require senior management to put in place arrangements to ensure that every HR, Audit, Risk Control, Compliance or other “incident” to be analysed for its implications in terms of a potential breach of the Code and recording the appropriate actions taken as a result. This position would be an FCA Controlled Function.

This would form the basis of management information reports upwards within the organisation, demonstrating its effective compliance (or not) with the Code on an overall basis. There could be a requirement for quarterly reports to be forwarded to the FCA for oversight review and potential prompt corrective action.

23. The board of each firm would have a non-executive director whose responsibility would be to ensure that the firm’s behaviour and reporting in this area was effective.

24. The board of each firm would oversee the production and publication of an annual formal report on the arrangements in place and the extent to which the firm had met the behavioural standards underpinning the Model Code. This report would be made public, and would be forwarded to the FCA/Board.

25. The Board/FCA would review all such reports, and produce a high-level report into the efficacy of the Model Code Regime for the financial industry as a whole (potentially analysing it in terms of the different sections of the industry. The Board/FCA would be able to publicly criticise those institutions which in its eyes fall short of the requirements.

26. If there was a Board, it would be granted the status of Super Complainant, and would thus be able to encourage consumers to bring matters to its attention. It would not investigate them itself (since this would require a larger level of staffing support than is necessary), but would passing them on to the FCA, which would then either launch its own investigation (to the extent that the matter implicated a Controlled Function), or require the senior management of the firm involved to do so and to report back.

27. There would thus be no need for the FCA to greatly expand the Approved Person regime (which would place additional staffing requirements on it), since it could require firms to accept the costs of sorting out their own internal miscreants. Of course, if firms have failed to put in place appropriate arrangements, then the relevant Approved person would be sanctioned for a failure to observe the SYSC rules.

28. The regime would apply (as in the case of the Bribery Act) to all branches and subsidiaries (wherever located) of UK incorporated financial institutions, and to all UK branches of foreign financial institutions.

17 April 2013

Prepared 24th June 2013