Banking StandardsWritten evidence from Paul Moore

1. Introduction, Background and Foreword

1.1 My name is Paul Moore. I gave evidence to the Parliamentary Commission on Banking Standards on 30 October 2012. Members will recall that I was the former Head of Group Regulatory Risk at HBOS who also gave evidence to the Treasury Select Committee in February 2009 when it was looking into the causes and implications of the banking crisis. My evidence was published on the day that the Committee interviewed the ex CEO’s and Chairmen of HBOS and RBS. It was widely publicised in the media worldwide and led directly to the resignation of Sir James Crosby who was then the Deputy Chairman of the Financial Services Authority. My evidence alleged that Sir James Crosby, when he was the CEO of HBOS, dismissed me as Head of Group Regulatory Risk for reporting that the sales culture had become markedly out of balance with risk and compliance systems and that the Board should reconsider its continued strategy for sales growth if it wished to avoid risks to customers and colleagues. I maintained that failures in corporate governance, risk management and compliance were at the heart of the banking crisis. In particular, I pointed to strategies with an excessive focus on sales, cultures that facilitated “group think” and resisted challenge and the lack of rigorous oversight and challenge by internal control functions, the non-executive, statutory auditors, shareholders and the FSA.

1.2 I am a Barrister by original training and an experienced professional adviser on risk management, regulation, corporate governance and ethics in the financial sector. I have been involved in risk management, regulatory compliance and governance in the financial sector since 1984 before the first version of The Financial Services Act 1986. After eleven years in industry, and just prior to joining HBOS in 2002, I worked at KPMG in London for seven years as a Senior Manager, Director and then Partner where I advised large banks, insurance companies and fund managers including quite a number of FTSE 100 companies. I often led engagements where significant regulatory failures had occurred where our reports were also used as part of the regulator’s supervisory or enforcement processes.

1.3 I have written more detailed papers setting out all the reasoning behind my recommendations and am prepared to share all that reasoning with the Commission if it is thought desirable. I have already provided much of this material both to the TSC as well as the PCBS. This paper, however, is deliberately designed as an executive summary of my views in all the key areas.

1.4 I am confident that that Andrew Tyrie and the PCBS will find this document useful in preparing its final report which, as has been stated, will be focused on recommendations for the future. I request that the PCBS treat this paper as formal evidence, distribute it to all members of the Commission and publish it in the usual places. I also intend to publish this document widely for the benefit of other interested parties.

2. Approach, Layout and Contents of this Document

2.1 This document can loosely be described as laid out in a “bottom-up” approach. This means that I deal with the current governance “systems” from the bottom upwards rather than the top downwards. This naturally means that the big picture policy points (eg about our monetary system and director’s fiduciary duties) are made at the end.

2.2 In line with this approach, the contents of this document firstly follow, in order, all key parts of the governance system of banks (in the most holistic sense) which, if carried out effectively, would be most likely to prevent another banking crisis like the one we have experienced. These are as follows:

1.Internal control functions—risk management, compliance and internal audit.

2.Non-executive directors and the internal corporate governance systems.

3.Audit and accounting and other professional services provided to banks.

4.Shareholder stewardship.

5.The external regulatory system.

6.Government & political involvement and accountability for the regulatory system.

2.3 Having dealt with each key element of the governance system of banks, I then turn to the bigger picture policy points. These are as follows:

7.The “permitted business” of banks ie what banks should be authorised to do.

8.The ring fence proposals by the Independent Commission on Banking.

9.Size matters—banks are too big. Public policy needs to support community banks and crowdfunding such as “Peer to Peer Lending”.

10.The inadequacy of the “fiduciary duties” of company directors.

11.Whistleblowing policy.

12.The inadequacy of our monetary system.

13.Our democracy and the excessive power of banks and other financial institutions.

2.4 In section 16, I cover what are, ultimately, the most important areas to “get right” if we are to have a banking system that leads the world in performance as well as good business practice, ethics and social responsibility. This is:

14.Executive business leadership, strategy, culture and associated incentive systems.

2.5 The final section of the paper is:

15.Conclusion and final thoughts.

2.6 I repeat that this document is drafted as a summary of the policy recommendations that I make without setting out the detailed thinking and arguments which support such recommendations. If the Commission requires the supporting arguments, it only has to ask for them.

Many of the recommendations that I make are clear from previous papers/evidence that I have submitted either to The Treasury Select Committee or the Commission (PCBS).

3. Internal Control FunctionsRisk, Compliance and Internal Audit

3.1 Believe it or not, you can become a Chief Risk Officer or a Head of Compliance or Head of Internal Audit with no formal qualifications. This is just plain wrong. These roles are now equally as important as the CFO’s job and we need to be totally confident in their technical competence, their skills and their integrity.

3.2 People who run and work in these functions must be professionally qualified by a new Chartered Institute (or the like) to the same level as Actuaries, Accountants, Lawyers and Doctors, with their own rigorous Code of Conduct and regulatory system. They must not only be trained in the technical aspects of risk management, oversight and assurance but also in the skills they need including how to carry out ethical based decision making. They must also be trained in the laws of evidence as it is often the case that failures in assurance are caused by reliance of self-serving statements from management without adequate corroboration.

3.3 All three control functions should be combined and should not work separately. They are all involved in policy, advice on that policy, process design to implement policy and in oversight, assurance and reporting of the bank’s “systems and controls”. An internal audit department without risk or regulatory content knowledge is next to useless. It audits process without even knowing whether the process does what it needs to do and this provides false assurance. Likewise, a risk department without knowledge, skills and experience in carrying out rigorous oversight and assurance is also next to useless because it sets policy and process but never checks whether it is being carried out.

By combining these functions into one department, the policy thinkers in risk and regulatory compliance obtain the oversight and assurance expertise of Internal Audit and Internal Audit obtains the content expertise that can be provided by risk and regulatory compliance. For the sake of this paper, I shall call this department “Risk, Compliance and Audit” or “RCA” for short.

I should add that all regulations relate directly to risk management. They are the regulators’ formal risk mitigation requirements in relation to matters which they consider of risk to the overall system, so the idea that risk management in a bank is just about the mathematics of credit risk management is wrong. In fact, the mathematics is often the simplest part of the equation.

3.4 All staff working in RCA or carrying out RCA accountabilities must always report directly and solely to the RCA department and never on a dual reporting-line basis both to the local executive and then “on a functional basis” through to the RCA department. This is even more important in a “divisionalised” organisation with Group RCA functions as well as divisional RCA functions. This dual reporting line approach is very common in large financial sector organisations and does not work. It creates unnecessary tension and adds cost.

3.5 The “three lines of defence” governance model (designed by consultants with little or no practitioner experience) which is commonly in use in large organisations does not work and is dysfunctional. As I say above, there should be one department called RCA and all staff responsible for these accountabilities must report directly into RCA. In fact, this approach will reduce cost for banks not increase cost.

3.6 All RCA staff must ultimately always report to the non-executive and never to the executive for the very obvious reason that, then, if they raise challenge with which the executive is not comfortable, they should be protected (assuming that the non-executive are independent and powerful). I recommend that they report through to the Board via a new dedicated non-executive director of “Risk, Compliance, Audit and Ethics”—“RCAE” for short. I have developed a detailed accountability description for this role which I can provide to the PCBS if required.

3.7 There must be additional “whistleblowing” protections for RCA staff and especially the Heads of Department. After all, it is actually the job of RCA staff to “raise the red flag”/“blow the whistle” when necessary. These protections must operate so that they avoid the current “close the door after the horse has bolted” approach to whistleblowing protection ie they must operate to prevent inappropriate dismissal as opposed to provide compensation after dismissal. This means people working in the RCA department cannot be dismissed without the formal approval of the whole non-executive in a minuted meeting and the prior written approval of the regulator. The standard post dismissal protections for whistleblowers are inadequate. This may mean that ultimately the internal professional whistleblower gets financial compensation but this also means that the wrong-doing always gets covered up through gagging orders. RCA staff subject to dismissal actions must be given representation rights in any such proceedings inside the company in question.

3.8 For all major strategic decisions eg material acquisitions, the Head of RCA must be required to draft a formal opinion to be placed on the record and shared with the regulator. In this regard, where were the opinions of the CROs of RBS and Lloyds on the acquisitions of ABN Amro and HBOS respectively?

4. Non-executive Directors & the Internal Corporate Governance Systems

4.1 All non-executive directors (“Neds”) must be trained in the basics of risk management, compliance and internal audit prior to taking up their roles. It is good to have diversity in the board room and, therefore, not all Neds need great expertise in these areas or great expertise in the business of the Board on which they sit. But they must know the basics of risk management, regulation and audit in the firms on the boards of which they sit. This needs both formal and informal training—as well as assessment—because training with no assessment often goes in one ear and comes out the other!

4.2 The senior Neds with special responsibilities ie The Chairman, the SID, the Ned of RCAE, the Chairman of the Risk, Compliance, Audit and Ethics Committee, The Chairman of Divisional RCAE Committees must have been trained and have direct personal experience and expertise in these areas. The Ned of RCAE must be highly experienced in these areas both strategically and operationally. These NEDs must also be experts in the relevant business areas as well.

4.3 There must be a complete and public register kept of all professional and social connections and activities between Neds and the executive. I suggest that this should include a register of all clubs, associations, alumni groups and if they are members of the Masons. Andy Hornby told me that he was a personal friend of Charles Dunstone who was the Chairman of the HBOS Retail (Halifax) Risk Control Committee.

4.4 Neds need to spend much more time, even than the additional time recommended by Sir David Walker in carrying out their duties. The specialist Neds need to spend even more time than the standard Ned. The Ned of RCAE would probably spend at least two days a week in a well controlled large company and more in an organisation in crisis or development. The Ned of RCAE would also spend a good deal of time focusing on the cultural and people aspects of good governance and not just on policy, process and structure.

4.5 Executives of other publicly quoted companies are too busy to manage their own businesses, let alone oversee the management of others. Indeed, the volume of paper they currently have to review, in itself, may create an appearance of governance but often achieves the exact opposite by making it impossible for the non-executives to “see the wood for the trees”. In this regard, Charles Dunstone, the founder and Chairman of the Carphone Warehouse, who was the Chairman of the HBOS Retail (Halifax) Risk Control Committee, said to me one day—“Well, even if I had time to read the papers, I would not understand them”!

4.6 It is far better to have one governance committee dealing with RCAE rather than three. The risks and issues are all intertwined on these matters and trying to separate them will cause communication and decision making risks. As I say, all these functions should work together as one seamless group. With the new Ned of RCAE, these meetings can be managed to a sensible agenda as not all Neds will now be required to read all the detailed papers and the Ned of RCAE will be able to “synthesise” and “summarise” the really key risks for discussion in a manageable way. Rather than reviewing a huge risk register, it is perfectly possible to use a one page risk map, an example of which I can provide. This ensures a much better quality discussion than attempting to wade through vast quantities of paper. In a large, divisionalised organisation there should also, of course, be a Group RCAE Committee as well as Divisional RCAE Committees.

5. Audit & Accounting & other Professional Services Provided to Banks

5.1 Audit does not “do what it says on the tin” and needs to be completely redesigned top to bottom. Currently, it is worse than a waste of money because it gives “false assurance” to stakeholders. We need to conduct a root and branch investigation and review of the role of the auditors and accountants in the banking crisis and, then, reform of statutory auditing, accounting standards, the regulation of the accounting profession and competition in the accounting profession.

5.2 In a short summary such as this, it is just not feasible to cover all the key points. An independent Commission should be set up to investigate this area of policy and come up with detailed recommendations. See my letter to the FRC provided as evidence to PCBS in this regard more generally.

5.3 Auditors must be required to have far more rigorous “statutory duties to report”. This means that they will be legally obliged to “blow the whistle” to regulators much more often. Having been a Partner at KPMG, I know just how difficult it is to get Audit Partners to exercise their statutory duties to report even when there are clear investor protection risks and issues. I also know that the Auditors have real in depth knowledge of the firms they audit and definitely would have known the risks within banks in the build up to the crisis.

5.4 Accounting standards need to be developed by a truly independent body. A CFO of a bank told me that one of the major causes of the crisis was “accounting standards designed for a different purpose”. The International Accounting Standards Board is not sufficiently independent.

5.5 Audit services must be kept completely separate from any non-audit services. This means that audit must become more expensive and must be capable of living in a business model in which non-audit services are not provided. I believe that the non-audit fees at HBOS during the period that I worked there were many times the level of audit fees. KPMG were paid over £1 million to investigate my allegations that Crosby had dismissed me for inappropriate reasons. The conflicts of interest are just totally obvious.

5.6 In regulated sectors such as financial services, the terms of reference of the audit should be agreed in tripartite discussions with the relevant regulator which will require increased intensity of audit in higher risk firms.

5.7 The regulatory system for the accounting profession needs to be completely overhauled along the lines of the ideas proposed for the regulation of the media. The FRC and the ICAEW are “in the pockets” of the accounting profession and they do not supervise and enforce the profession adequately.

5.8 The accounting profession, and particularly the Big 4, carry out far too much work for the financial sector regulators—previously the FSA and now the PRA and FCA.

5.9 The Big 4 need to be broken up. The average length of audit of a FTSE 100 firm is, I believe, 48 years! This cannot be allowed to continue.

5.10 In my view and in the view of many others, audit and accounting is at the absolute rotten heart of the current system and needs total change. The mere fact that the FRC has not conducted public interest investigations into bank auditing and professional advice given by the Big 4 is just plain wrong.

6. Shareholder Stewardship

6.1 Shareholder focus on what the companies they own are doing is absolutely vital. It has been sadly lacking in the build up to the crisis other than through the relentless cry of the investment analysts (who don’t care much about governance) for more short term profit. I recommend that the Commission reviews the excellent work carried out by Tomorrows Company in relation to “shareholder stewardship” and looks at the progress which has been made in Scandinavian countries in this area.

6.2 I recommend that the large institutional shareholders (who hold the legal title to shares on behalf of ordinary pension fund and collective investment scheme investors) agree and constitute their own “Shareholders Oversight Committee” which agrees a programme of work with the Ned of RCAE and the Head of the RCA Department. This will cover all key areas such as nominations, remuneration, RCA Committees etc. In particular, I believe that shareholders representatives should run Nominations Committees.

7. The External Regulatory System

7.1 I have written extensively on this subject in the consultation process to the Walker Review and elsewhere. I have provided these papers to the PCBS.

7.2 In a nutshell, you can move as many deck-chairs as you like on the “regulatory Titanic” in terms of structures but, unless the right regulators focus on the right things, it won’t do any good.

7.3 It is also vital to recognise that regulators can calculate capital requirement “until the cows come home” but it never has and never will save us from a financial crisis brought about by inherently reckless business strategies, an inadequate separation and balance of power in the boardroom caused by ineffective governance combined with cultures of greed, unethical behaviour and an indisposition to challenge.

7.4 Of course, we need more capital and competition in the banking world but The Prudential Regulatory and The Financial Conduct Authorities need to work very closely together. And, the greater the conduct risks in a firm the more capital must be required. Indeed, in my mind, the capital required for a culturally dysfunctional firm should be pretty much penal in nature to reflect the massively increased risks. In any event, the current proposals for additional capital are inadequate.

7.5 In order to assess the right amount of capital and to prevent conduct failures, the absolute focus of the regulators must not be primarily on process, structure, governance committees and words in an annual reports but must be on the following:-

The quality of the culture of the organisation as a whole must come first and the assessment of this must be conducted in the most rigorous way possible. I have developed a list of key cultural indicators against which assessments can be made but even further work needs to be done in this area. Evidence gathering in this regard needs to be conducted not only through electronic survey but also in one on one meetings with front line staff and junior managers, well designed focus groups, meetings with senior executives, control function staff and Neds as well as Auditors. Preferably, this work should also involve “undercover participative observation” which is the way in which anthropologists understand and assess culture. Members may have seen the TV programme “Under cover boss” which shows just how effective this approach is? As I said, in my original evidence to the TSC in February 2009 and which is probably the most important point I made—“You can have the best governance processes in the world but if they are carried out in a culture of greed, unethical behaviour and indisposition to challenge, they will fail.” This is true.

The quality and ethics of the executive leadership. There is now plenty of academic evidence that, in fact, the wrong sort of people have been getting to the top of major organisations—people with excessive “psychopathic” attribute. It is perfectly possible to stop this by the right recruitment processes and governance by a truly outstanding “unconflicted” Nominations Committee. One of the academics that works on this subject is Holly Andrews of Worcester Business School with who I did a short interview on the Jeremy Vine Show on BBC Radio 2 on 3rd of May at about 1.30pm.

The quality and ethics of the leadership and staff of the internal control functions and the systems and controls they have implemented. We need specific standards for what great looks like in this regard, both in terms of process and structure as well as culture and people and competence frameworks.

The quality and ethics of the Neds.

7.6 On specific regulatory points, there should be an absolute limit on bank leverage.

7.7 One absolutely crucial structural point on the regulatory system is that the policy, rule-setting and supervision accountabilities of the regulators must be kept organisationally completely separate from the investigation and enforcement accountabilities of the regulatory system. And, regulatory enforcement, once it has passed the “case to answer” test must be held in a public tribunal to ensure proper scrutiny by the media and other stakeholders.

7.8 Regulators should themselves also be held accountable in law for their serious failures—not mere negligence but reckless or wilful disregard to their duties.

7.9 Regulators must be enabled to recruit higher calibre staff who are incentivised to stay; my motto is “pay twice as much, get four times as much done at eight times the quality”. This is trite but telling. The good staff only stay for a short time whilst eyeing up where they can double their salaries by moving to the private sector as game-keepers turned poachers. The less good staff stay.

8. Government & Political Involvement and Accountability for the Regulatory System

8.1 My small firm conducted a survey of risk management professionals into the causes and implications of the banking crisis (see the News Tab at ). This provides valuable insight to policy makers. The survey obtained 563 responses from senior professionals involved in risk management and was overseen by Professor Andrew Kakabadse of Cranfield School of Business. The survey and its free format comments prove that the majority of risk professionals expected a major financial crisis well in advance.

8.2 One of the findings was that nearly 50% of respondents thought it was either important or very important that there was a government minister accountable for the performance of the regulators. Personally, I believe this is crucial. The argument against this is that this avoids government and political interference. I believe it creates a terrible democratic accountability gap in which the government can effectively abdicate its accountability to the “independent regulator”.

8.3 The Treasury Select Committee must be given much greater powers of oversight (accompanied by the appropriate resources). For example, key appointments at the regulator must be pre-approved by the TSC. It should also commission proper reviews of the performance of the regulators by “getting inside” their operations and checking what is going on.

9. The “Permitted Business” of Banks ie what Banks should be Authorised to do

9.1 We very much need to look at banning proprietary trading in investment banks. This was something that the ICB did not look at. Prop trading is not banking business. It’s not even investment banking in the sense of corporate finance or merchant banking. It is also tantamount to market manipulation through the abuse of a dominant, anti-competitive position that prop trading departments have in information (often obtained through ignoring Chinese Walls and abusing conflicts of interest through their investment banks and their fund management arms), in mathematics and in computer science. It is like gambling in a rigged market. I suggest the Commission asks for anonymous evidence from day traders (who risk their own capital) and they will be able to show Members exactly when the market is being manipulated by the big players.

Prop trading also creates artificial liquidity in the markets which makes people think that shares and other financial instruments are nothing to do with real people’s lives but only “chips” in a Casino. Ultimately this is bad for society—even if it does generate tax revenue for the Exchequer.

It does not just serve little useful social purpose; it serves a highly negative social purpose.

In addition, market making is also often used as a guise for prop trading.

9.2 If a bank wants to conduct this sort of business it should be run and regulated in the same way as any other fund management business and the capital investment risk should always fall on the investor or the lender and there should be limits to the amount of leverage that the fund can use ie it needs operate and to be regulated like a Hedge Fund.

10. The Ring Fence Proposals by the Independent Commission on Banking

10.1 The ICB pretty much completely ignored the issues of corporate governance, culture and conduct of business risk even though the TSC did its very best to hold it to account in these areas. They excluded my input to the Commission because it was slightly late even though I clearly had important input to add. They, like many others, seemed to assume that the calculation of capital and competition were the only key issues when we all know from the lessons of history (Barlow Clowes, BCCI, Morgan Grenfell, Barings, and the banking crisis), that, as I put it, you can calculate “capital until the cows come home” but, whatever amount it adds up to, capital will never save an organisation from a conduct of business failure brought about by a greedy, unethical and dysfunctional culture combined with inadequate corporate governance.

10.2 Nor did the Commission even dare to consider the really fundamental question (referred to above) as to whether proprietary trading should be permitted inside banks when it is not banking business and when it raises very strong inferences of market manipulation by the abuse of a dominant position in information, mathematics and computer science which effectively means that banks can “count cards” while they gamble with their shareholders capital, the funders credit and the leverage which their depositors’ funds gives them.

10.3 Of course, as someone said, even if the proposals to ring-fence retail operations from investment banks were a good idea and the way to solve things, it will now take longer to implement the proposals than it took Kennedy to put a man on the moon!

10.4 The ring fencing proposals (even electrified) are a “red herring” which has swum into the “long sea-weed”. They should be ignored in favour of banning prop trading and the introduction of “Full Reserve Banking” (see below).

11. Size MattersBanks are too Big. Public Policy needs to Support Community Banks and Crowdfunding such as “Peer to Peer Lending”

11.1 Banks are too big and should be limited in size to a maximum of £100m balance sheet or even smaller.

11.2 Parliament should encourage and support the creation of as many community banks as possible. A good start would be to break up RBS and mutualise it into regional community banks/building societies. At the same time, it should use its shareholding in Lloyds Banking Group to demerge The Halifax and turn it back into the world beating Building Society it once was.

11.3 Parliament should educate itself about and proactively support what is called “Crowdfunding”. This is the approach by which capital is raised by way of equity, loan, reward or donation by connecting willing investors, lenders, participants directly via an internet platform with organisations needing capital.

11.4 Peer to Peer Lending (P2PL) is an example of Crowdfunding which is gaining traction.

11.5 Crowdfunding has the potential to unleash a powerful new force for growth and jobs at the same time as creating a fairer, democratised world for investors/lenders. It is a powerful new force for lending without the need for a bank. It can become the EBay of the financial world.

11.6 Here I must disclose a personal interest as I am the Chairman of a new P2P Lender called Assetz Capital.

11.7 Barry Sheerman MP has set up and sponsored The Westminster Crowdfunding Forum where interested parties have been meeting to discuss how to educate MPs on the subject, promote the ideas and manage the regulatory requirements in an appropriate way. The time may come when this informal group should “morph” into more of a formal Commission?

12. The Inadequacy of the “Fiduciary Duties” of Company Directors

12.1 In my view, and taking into account all my professional experiences since 1984, both as an in-house expert, as well as one of the top performing partners at KPMG, the corporate governance in large publicly quoted companies with balance sheets larger than many sovereign governments (and more power than many of them), simply does not work. In addition, when you take into account the rapid increase in the speed and complexity of large corporations since the internet revolution, the current paradigms for corporate governance are totally inadequate.

12.2 Company Law and its associated regulatory and “quasi regulatory” regimes were never designed for companies this large, with this much power, acting with this much speed and complexity and with such huge societal importance. When the East India Company got out of control, the only way the government could solve the problem was by nationalising it.

12.3 The fiduciary duties of directors of such companies are currently an inadequate constraint on their behaviour and actions when they are driven by the insatiable drive and addiction of the investment analyst (and, therefore, shareholder) to short term profit. The drive for short term profit, at best leads directly to moral and ethical relativism, and, often, to actual civil and criminal wrongdoing, especially when the fines and consequences are lower than the profits made. For example, the systemic miss-sale of PPI was obviously ethically wrong but it was also certainly serious civil wrongdoing under the regulatory regime but, for some reason, no directors of the offending banks have been held to account. But, worse than this, some experts would say that the action of directors and executives raises a very strong inference of a criminal offence under S397 of the Financial Services and Markets Act 2000 as well as The Fraud Act.

12.4 The fiduciary duties of directors of large and publicly quoted companies now MUST include specific public duties. This can be done very simply by changing the list in The Companies Act 2006 S172 (1) (a) to (f) from being matters that directors should have regard to (ie a permissive list) to matters they MUST have regard to (ie it needs to become a list of mandatory considerations). The list of items (already set out in S172 but currently solely permissive) that the Directors must consider in fulfilling their fiduciary duties should be as follows:

(a)the likely consequences of any decision in the long term;

(b)the interests of the company’s employees;

(c)the need to foster the company’s business relationships with suppliers, customers and others;

(d)the impact of the company’s operations on the community and the environment;

(e)the desirability of the company maintaining a reputation for high standards of business conduct; and

(f)the need to act fairly as between members of the company.

12.5 Making this one simple change to the Companies Act, would set directors of large companies free from the slavery of having to focus solely on short term profit with the consequential moral, ethical and legal relativism which this encourages. With this one simple change directors would be obliged in law to consider their other important stakeholders.

13. Whistleblowing Policy

13.1 Whistleblowing policy just does not work and needs to be overhauled. It closes the door after the horse has bolted. Key points are as follows:

Whistleblowing law does not really work yet and it is a vital part of holding businesses to account.

Internal tribunals are not really independent because there is a natural conflict of interest and they especially do not work in organisations which need to have the whistle blown on them!

Where regulators are involved, the regulator should investigate the matter themselves.

Anonymity is a real problem both for the whistleblower and the firm on whom the whistle is blown. Wherever possible the whistleblower’s identity should be kept secret.

Obviously whistleblowing complaints need to be properly challenged to avoid excessive power to disgruntled people and complaints not in good faith should have consequences for the individual concerned.

If there is a financial settlement, this should not permit the firm to “sweep the matter under carpet”; the firm must still be held to account by the appropriate regulator so it must be a requirement that such matters are always shared with the regulator.

As set out above, there must be special rules for compliance officers/risk managers/internal auditors and anyone else whose job is to blow the whistle.

The whistleblowing law itself is flawed in a number of ways but especially by the fact that the Claimant has to prove that “the dismissing officer” subjectively fired him or her due to the raising of Protected Disclosures. This is a very difficult onus of proof. The test should be changed and should be objective in nature ie what a reasonable person would believe was the motivation of the dismissing officer.

It is vitally important that the law should prevent discrimination for employment on grounds of having been a whistleblower. As anyone who has publicly (or often even privately) blown the whistle it is almost impossible to get another job.

13.2 The Commission set up by Public Concern at Work is a good idea but those of us in the whistleblowing community do not have high regard for PCAW. However, I do not think it would be right to go into detail in this paper, although I am happy to provide the reasons privately. Another point to make about this Commission is that, although there are two whistleblowers on the panel (Gary Walker (NHS) and Michael Woodford (Olympus)), there is no representation from the financial sector where whistleblowing is so very important and this may be because of the background of PCAW’s Chairperson.

13.3 A better option would be for Parliament to set up a Commission to look into the whole question with a view updating the law.

14. The Inadequacy of our Monetary System and the need to Investigate what is called “Full Reserve Banking” but which is, in fact, a Wholly New Monetary System

14.1 I have to say, at this point in my paper, that I really do not think we have got anywhere near solving the problem of banking in this country (or the world) or the excessive power the big 4 banks have over our monetary system, economy and lives.

14.2 Over time, I have come to the very firm conclusion that ring-fencing, more capital, stronger corporate governance and regulation simply will not do the trick and that, to solve the huge economic problems we face, the entire monetary system and banking needs fundamental reform by the introduction of a system of “Full Reserve Banking” as proposed by Positive Money.

14.3 The whole idea that 97% of our money supply is created, and its use in the economy is directed, by private commercial banks when they make loans is wrong. It bases pretty much everything we do economically on debt which banks are incentivised to oversell to make interest for themselves. It directly causes a constant transfer of wealth (through interest—about £160 billion per annum) from society as a whole (and particularly the poor) to the banks and so is a direct cause of the inequalities and associated social problems discussed in the great book called The Spirit Level. It means that asset bubbles (property) and boom and busts are inevitable and, most importantly, it cedes far too much power over our economy, our society and our lives directly to the banks and a tiny group of executive directors who are incentivised (and required by Company Law) to generate short-term profit. Of course, only around 10% or so of bank lending is made to the productive economy ie the SMEs with the vast majority going to residential and commercial mortgages and financial intermediation. Indeed, SME’s deposit more with banks than they ever borrow.

Finally, the big 4 banks control well over 80% of the money supply which means that something like 25 executive directors, with no public duties whatsoever, to a very large extent control our monetary system and economy.

14.4 Even Mervyn King has commented that this way of organising our monetary system and banking is not the best way to do it. Martin Wolf summed it up perfectly when he said—“The essence of the contemporary monetary system is the creation of money out of nothing, by private banks’ often foolish lending.”

14.5 Positive Money which was set up and is run by a remarkable young guy called Ben Dyson makes the case for reform of the monetary system through the introduction of Full Reserve Banking very powerfully indeed in their new book “Modernising Money”. You can check out what they say on their website here . I am on the Advisory Committee of Positive Money.

14.6 Policymakers need to look very carefully at introducing “Full Reserve Banking” (see Positive Money about all this) as this will completely remove the need for the State ever to stand behind banks again.

The ICB simply ignored the idea of full reserve banking and its recommendations do not achieve this.

It is wrong that the taxpayer has to provide a guarantee of £85,000 to each account holder in each bank. Full reserve banking is the best way to resolve this problem and the best way to ensure that banking is carried out in the interests of customers and society as a whole. It means that there can never be a run on current accounts and customers choose savings accounts with the level of lending risk with which they are comfortable just like collective investment schemes and the saver/investor bears the risk.

15. Our democracy and the Excessive Power of Banks and other Financial Institutions

15.1 Jesse Norman MP said—“Lobbying is a canker on the body politic”. He is right. [I hasten to add that I am not and never have been party politically aligned.]

15.2 We don’t live in a democracy any longer. We live in “corporatocracy” where the power of corporate money buys public policy. Some say we live in a “bankocracy” as they have control over the money supply.

Whatever we call it, it is a plutocracy and we need to do something about it.

The corporate giants in oil, weapons, banks and financial services, pharmaceuticals, agrochemicals (oil again), gambling and drinking etc (plus illegal drugs which fundamentally affects the standard economy)—just have too much power and the rest of us end up feeling helpless, fed up and sometimes, when our spirit rises through the latest corporate scandal, angry.

15.3 The Centre for Investigative Journalism (Neil Mathieson, I believe) did a detailed analysis of the money spent in just one year by banks and other financial sector giants in the UK on lobbying. The sum was huge—about £100m, if my memory serves me correctly. But this still ignores the money those organisations, and their rich leaders, spend on funding of political parties. This is wrong and means that democracy does not work. It leads to a greedy and powerful elite with no proper accountability to ordinary people. And they own the politics.

15.4 Here are just three ideas to solve this:

Introduce a detailed register of all lobbying contacts with public bodies and officials both business and social.

Require all companies over a certain size to keep detailed and transparent accounts on the money they spend on public and government affairs and, in particular, on lobbying relating to new public policy.

Use internet technology to engage in the political debate with ordinary people through organisations like 38% and Avaaz ie bring our democracy truly into the internet age and give us back the power that the corporate giants now have.

16. Executive Business Leadership, Strategy, Culture and Associated Incentive Systems

16.1 All organisations are dynamic “systems”. Change one part and it affects all the others. If we are to get our large and publicly quoted corporate world working properly, we need to look at the problems we face holistically and design our public policy response accordingly.

16.2 A good way to visualise the overall way in which we need to look at the huge beasts we have created (out of the essentially good idea of splitting personal risk from corporate risk) is shown in the diagram below on the next page.

16.3 So, if you have a reckless strategy, even if your people and culture and structures are right, the organisation will fail. Likewise, even if you have a good strategy, if your people and culture are dysfunctional, the organisation will fail.

16.4 The key to all of this is ultimately the centre of the diagram—Leadership. And here, I return to the very heart of the problems we face. If we promote the wrong people to lead our large, publicly quoted and societally important businesses, the whole system will fail. Sadly, this is what seems to have happened to a large extent over the last sixty years or so.

16.5 The academic evidence on this is now clear that we generally promote people to the top who have the wrong personal attributes—narcissism, lack of empathy, charm but manipulativeness, lack of conscience, ruthlessness etc. Yes, this does seem to drive short-term results but, in the end, these characteristics will fail the business and fail society.

16.6 I repeat what I wrote earlier about the crucial requirement of the quality and ethics of the executive leadership. There is plenty of academic evidence that the wrong sort of people have been getting to the top of major organisations—people with excessive “psychopathic” attribute. This is obviously not the case throughout all organisations and there are plenty of really great leaders around.

16.7 However, it is now time for the FCA to focus a great deal of attention on this and to implement systems to prevent this happening as part of their Approved Person’s regime. It is perfectly possible to stop this by the right recruitment processes and governance of those processes by a truly outstanding “unconflicted” Nominations Committee.

Much more work needs to be done in this area to inform the public policy debate and to design appropriate risk mitigation systems to avoid this happening. A good place to start might be for members of the Commission and others to read the book “Snakes in Suits: When Psychopaths Go to Work” by Paul Babiak and Robert D. Hare. I would also recommend engaging with Holly Andrews to whom I referred earlier in this paper.

16.8 Finally, members may have noticed that, thus far, I have not mentioned remuneration at all even though this is normally where everyone starts. This is not because I do not consider it to be important. It is ultimately one of the most visible symptoms of what is wrong with the system of corporate governance. However, I believe that the problems of remuneration will ultimately be solved by proper corporate governance and the changes described above (including shareholder approval of remuneration systems).

16.9 The fact is that because there is no real governance of remuneration, compensation consultants have not been independent nor have remuneration committees. It is a type of self-feeding vicious circle of self-interest at work. You don’t need much common sense to conclude that the pay packages in pretty much all large publicly quoted companies are designed by the very same people who receive them and are, on any analysis, an unfair reward for the risks taken.

16.10 When I was at HBOS, I was one level below main board director. I almost certainly got paid too much but I was paid only 25% of what the lowest-paid main board director got paid and less than 10% of what the highest-paid director was paid. My two direct reports got paid less than 33% of what I was paid. This is not fair on any proper independent analysis of value.

16.11 I am not sure I or anyone really knows the final answer to dealing with the problems of the ludicrous pay of plc directors and executives when they take no real personal risk. Nevertheless, here are some ideas to consider while the problems of corporate governance and independent checks and balances, which I believe will solve the problem, are resolved:

Remuneration committees should be chaired or, at least nominated, by shareholder representatives. See Tomorrow’s Company’s work on this.

The work of supposedly independent compensation consultancies needs to be rigorously checked and corroborated to ensure that no conflicts of interest exist or irrational recommendations are made. This could be conducted by the proposed new Ned of RCAE as explained above. It could even involve the Regulators to ensure that the design of the remuneration system does not incentivise dysfunctional behaviour.

All remuneration should be in cash as it is too easy to hide pay in the complexity of long-term incentive share schemes and incredibly valuable pension schemes. Also owning huge packages of shares creates conflicts of interest.

Bonuses should be allowed but, for every £1 of bonus upside, there should also be £1 of downside.

The assessment of any bonus (de-bonus!) must be formally signed off as fair and independent by internal control functions and the Ned of RCAE before approval by the remuneration committee.

Bonuses should be held in trustee accounts and invested in safe financial instruments for a minimum of three years (better five, even better ten) as security against subsequent underperformance.

Public income taxation policy should be linked to what we want to achieve here. For example, there should be different income tax rates for entrepreneurs who drive growth and employment in the economy and take significant personal risk and directors of publicly quoted companies who seem to be able to negotiate employment contracts which reward them even when they fail.

Although highly unlikely to work because of the power of the vested interest in politics, the G20 should start a debate and work hard towards a recommended multiple of top-level remuneration packages to average pay in any country—say 20Xs for top-level public sector jobs and 40Xs for top-level publicly quoted companies (not private close companies which are normally owner managed).

In the UK this would mean about £500,000 in public sector and about £1 million in private sector. These levels should only be recommended and not a legal “incomes policy”. However, there should be a regulatory requirement that any organisation that goes outside these recommended parameters must publish a detailed “comply or explain” report and that this report, which must be independently signed off by internal control functions and the Ned of RCAE as true and fair.

17. Conclusion and Final Thoughts

17.1 It’s not just that—“There’s something rotten in the State of Denmark.”:—it’s actually that “Pretty much everything is rotten in the State of Denmark.”

17.2 This means that there is an awful lot to do to put things right.

17.3 The fact is that we should have had a thorough and transparent investigation into the whole banking crisis right at the outset. This because the only way to get to the bottom of what caused it (ie what went wrong and who did wrong) and what we need to do to make sure it does not happen again, is to carry out a thorough, forensic and transparent judicial investigation as we have done in other areas of equal public importance—Equitable, Iraq, Mid-Staffs, Leveson etc.

17.4 The work of the PCBS on HBOS has done this country a huge service. At last, some of real problems and causes have been exposed to the bright light of public scrutiny.

17.5 We can, at least, still do a thorough investigation into the aspects of the RBS and HBOS scandals that have not already been done. We own most of RBS and a lot of HBOS. The good work already done will not be wasted but there is more to see. The work done by PwC on behalf of the FSA into RBS was totally inadequate and the independent overseers were not even permitted to check the decisions as to whether enforcement action should have been taken. This was made even worse when Margaret Cole, who took the decisions, apparently with no outside legal opinion, then walked through the revolving door to become the General Counsel of PwC.

17.6 The roles of FSA, the accountants and their regulators (FRC, ICAEW etc) must be investigated thoroughly first. This must be done independently as the current structures are flawed and there are too many conflicts of interest.

I disagree with the PCBS requiring the FSA to continue with its own investigation into HBOS and its own role in the scandal. After all, Sir James Crosby was the CEO of HBOS while also a Ned of the FSA and then became Deputy Chairman of the FSA in November 2007.

17.7 In any event, there is so much to do that I venture to suggest that what we need to lead this is properly is a Royal Commission with powers to take evidence under oath but also to call evidence on a truth and reconciliation basis, if it considers that this may the best way to get to the bottom of things that have not been investigated.

This Royal Commission could look both backwards, if it feels that there are still matters to be discovered. It could also require criminal investigations if necessary. But, most importantly, it can look forward and redesign the entire system so that we can truly move on as a country with one of the finest financial sectors in the world.

17.8 Some final thoughts come from an Encyclical written by Pope Benedict XVI called Caritas in Veritate (Love in Truth) which, as even the Deputy Chairman of Goldman Sachs, Lord Brian Griffiths, has publicly acknowledged, is one of the most eloquent narratives on the problems we face today, not only in the UK but throughout the developed world where, in effect, the love of money has taken over from all else and where GDP is the only mantra in town. There must be a better way to lead our societies.

“Once profit becomes the exclusive goal, if it is produced by improper means & without the common good as its ultimate end, it risks destroying wealth and creating poverty.

The economy needs ethics in order to function correctly...

Development is impossible without upright men and women, without financiers and politicians whose consciences are finely attuned to the requirements of the common good.

Both professional competence and moral consistency are necessary.

When technology is allowed to take over, the result is confusion between ends and means, such that the sole criterion for action in business is thought to be the maximization of profit, in politics the consolidation of power, and in science the findings of research.”

13 May 2013

Prepared 24th June 2013