Address by Peter Oakes, Director of Enforcement, to the Association of Compliance Officers

08 May 2012 Speech

‘The role of enforcement and activities of the Enforcement Directorate’


Good morning ladies and gentlemen. I wish to start by thanking the Association of Compliance Officers in Ireland for the invitation to address a number of key enforcement and other regulatory topics this afternoon.

I will focus on the strategy and objectives of the Central Bank’s approach to enforcement, the work and investigations of the Directorate, how we allocate resources, together with regulatory and compliance issues for firms and senior management.

The Structure of the Central Bank and Enforcement Directorate

As many of you know, the Enforcement Directorate was established as a standalone directorate in mid-2010. I commenced in the post of Director of Enforcement in October 2010. The Enforcement Directorate reports to Deputy Governor Matthew Elderfield together with the Directorates of Policy & Risk (Patrick Brady, Director), Credit Institutions and Insurance Supervision (Fiona Muldoon, Director), Markets Supervision (Gareth Murphy, Director), Consumer Protection (Bernard Sheridan, Director).

These five Directors and Matthew Elderfield constitute the Financial Regulation function. The Central Banking function under Deputy Governor Stefan Gerlach comprises of two Directors, Maurice Maguire (Director of Financial Operations) and, joining the Central Bank at the end of this month, Lars Frisell (Director of Economic Policy and Financial Stability). These executives are members of various committees which deal with issues including policy, supervisory risk, financial stability, management and other topics. The Central Bank is overseen by a Commission, the members of which are the Governor, both Deputy Governors, the Secretary General of the Department of Finance (John Moran), Dr. Alan Ahearne, Professor Blanaid Clarke, Professor John Fitzgerald, Mr Des Geraghty and Mr Michael Soden. Further details of the Commission and work of the Central Bank are available on our website and in our upcoming Annual Report and Annual Performance Statement.

A business is only as good as the people entrusted to perform the activities of the enterprise. This holds equally true for central banks and financial regulators. Enforcement now sits at the frontline of the Central Bank and at many other regulators, not just within the EU, but also the US, Asia and Australasia. With this in mind we undertook an extensive recruitment campaign from late 2010 to get the right mix of skills and expertise to deliver our mandate. These professionals are at the heart of our multi-disciplinary team approach. Those in place, those who have joined recently and the small number of people joining in the near future will complete our target of approximately 73 staff. They join us from both the public and private sectors. They are high quality and industry respected professionals. Their backgrounds include legal, accounting, regulatory and investigative expertise from a wide range of backgrounds including law firms, accounting firms, barristers, former police officers, financial services firms and domestic and overseas regulators.

To achieve our objectives and goals the Central Bank will elect to use either supervisory measures or stronger enforcement tools (or a combination of both) to address concerns about regulated entities and their senior management. The enforcement work and powers of the directorate include: Administrative Sanctions Procedures for prescribed contraventions; fitness & probity cases; enforcement of markets regulations (i.e. market abuse, prospectus and transparency regulations); investigations of unauthorised business activity; criminal prosecutions; and specialist monitoring and inspections of Anti-Money Laundering/Counter-Terrorist Financing (AML/CTF) laws and Financial Sanctions.

Specialist AML/CTF, Unauthorised Providers and Financial Sanctions Units

Given the Central Bank’s important role as competent authority for the purposes of both the third anti-money laundering directive and our international obligations extending from membership of Financial Action Task Force, a specialist supervisory unit dealing with AML/CTF supervisory and policy matters is established and sits within the structure of Enforcement Directorate, as too does the Unauthorised Providers Unit and the Financial Sanctions team, the latter is another area where were are a competent authority. The work of our specialist supervisory teams is not limited to those authorised by the Central Bank but extends to institutions and persons not otherwise requiring a prudential or conduct of business authorisation. Many of you will know that this structure, i.e. of an AML/CTF supervisory unit being located in an enforcement department, is not unique to the Central Bank of Ireland. Depending upon the nature of the matter being considered, for example, where there are concerns about a firm’s compliance with the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (2010 Act), referrals from the AML/CTF supervisory team can, just like referrals from banking, insurance, markets and consumer supervisory divisions, be made to the teams charged with conducting our enforcement investigations. Regardless of the source of a referral to the enforcement teams, a rigorous, independent and consistent approach is adopted by the enforcement teams when considering and accepting a referral for enforcement attention.

AML/CTF Guidelines

The AML/CTF Unit has been deeply involved in the work carried out by a group of financial services industry representatives on guidelines. In February this year the Department of Finance published Guidelines on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing. When welcoming the publication by the Department of Finance, the Central Bank made clear that although the Guidelines have not been approved by the Minister under section 107 of the 2010 Act (which is a matter for the Department of Justice and Equality and the Department of Finance) we will have regard to the published guidelines in assessing compliance by designated persons with the 2010 Act. This approach is consistent with the purpose of the guidelines themselves which - and I quote - “are designed to guide designated persons on the application of the relevant provisions of the Act. The guidelines do not constitute secondary legislation and designated persons must always refer directly to the Act when ascertaining their statutory obligations. The guidelines are subordinate to the Act.” These words should be borne in mind by industry when making any proposal for sectoral specific guidelines. Guidelines are subordinate to the Act. Furthermore, sectoral guidelines should not be drafted in a manner which contradicts the published guidelines.

In addition to our local AML/CTF requirements, Ireland’s financial services industries must not lose sight of our additional, non-EU law obligations, such as the country’s compliance with the FATF Recommendations. We cannot afford at any level to be seen wanting in this area and incurring the associated reputational damage which will surely follow. For this reason credit and financial institutions through their senior management (including the boards of directors both executive and non-executive) must ensure that they are in a position to demonstrate to the Central Bank that they are meeting the requirements as specified in the Act. I am cognisant that the new law came into effect in mid-2010, almost two years ago, and firms should have been using this time to embed the adoption and implementation of the new requirements in their business strategies, governance and operating models, including effective training, policies and procedures. For many firms operating in Ireland AML/CTF governance and compliance are not new phenomena. Many firms fell within the definition ‘designated bodies’ under the previous AML/CTF law and therefore, as a starting point, should have translated their experience of, and compliance with, those laws to the foundations of the wider and deeper regime of the 2010 Act.

AML/CTF Inspections

The AML/CTF Unit is undertaking on-site and desk-top inspections of regulated firms. I feel it important to let you know that from the totality of on-site and off-site work conducted since quarter 4 2010, together with other information coming to our attention, there are many instances where firms do not appear to have comprehensively reviewed their business models to assess the impact of the 2010 Act on their businesses nor devised or deployed effective implementation plans. At this point in time our concerns can be categorised under four broad headings: (1) Governance – boards and senior management not taking appropriate steps to ensure that their businesses are complying with the 2010 Act; (2) Training – inadequate training arrangements in place and boards of directors having not sought or received their firm’s own appropriate instruction; (3) Customer Due Diligence – failures in obtaining information on the purpose and intended nature of relationship and failures to identify nominee structures in line with due diligence requirements; and (4) Suspicious Transaction Reporting – inadequate procedures in place for investigating and reporting suspicious transactions.

Our message here is short and clear: if our concerns arising from work to date are extrapolated across all financial services firms, then there is much room for immediate improvement and ratcheting-up of board level deliberation on this important area of financial crime governance. Where these matters require closer supervisory scrutiny, the supervisors will respond as necessary. Where the supervisory teams are sufficiently concerned with their inspection findings, firms should expect – in line with our enforcement priorities for 2012 – AML/CTF deficiencies being referred to the enforcement teams for investigation and, where necessary, enforcement action. I do not propose to say anymore on AML/CTF findings at the moment - more will follow in the near future - other than to say that firms must put AML/CTF on the boardroom agenda referenced to both the civil and criminal sanctions which may follow for contraventions.

Role of other supervisory directorates re AML/CTF

The AML/CTF Unit does not operate in isolation from colleagues in other supervisory areas of the Central Bank, i.e. Credit Institutions, Insurance, Markets and Consumer Protection. Collectively all of these supervisory areas play an important part in the Central Bank achieving its competent authority obligations under the 2010 Act. The Supervisory Directorates will continue with reviews of this important area at regulated firms and indeed they have identified certain concerns about AML/CTF compliance during the course of non-themed AML/CTF inspections - and these are being followed up.

Enforcement Referral Handover Process

One important area of the supervision and enforcement relationship which I focussed on when joining the Central Bank is the mechanism for referring matters from the supervisors to the enforcement teams. Although the handover mechanism is one which you may have a great deal of interest in, nonetheless it is an internal process but I will do my best to explain it in summary noting that it is an internal process. Together with the Enforcement Strategy, the referral process is a topic which we discussed at length within Enforcement and with the Supervisory Divisions. The referral process was also discussed at various committees within the Central Bank. We took into account referral handover models adopted by other financial services regulators. Having worked in supervisory, legal and enforcement functions at various regulators, I believe that I have an appreciation of the damage to a regulator, both internal and external, where there is a lack of cohesion between the different internal functions. We engaged closely with, and actively solicited the views of, our supervisory colleagues on the handover mechanism and the documentation necessary for supporting a referral.

First and foremost, supervisors are the primary points of contact and receivers of information. Based on information and where certain criteria are met, the management of the supervisory area will decide to make a referral to Enforcement. As noted in our Enforcement Strategy, the ultimate decision on whether or not a referral is accepted rests with Enforcement. Both the engagement and interaction between supervisors and enforcers is open, high quality and robust for the simple reason that we are ultimately pursing the same objectives. In particular we are guided by the Programme of Themed Reviews and Inspections and the list Enforcement Priorities for 2012 published earlier this year. We are not limited by the Programme and/or the Enforcement Priorities. Where a significant matter is identified by supervisors, or indeed the enforcement teams, outside of the Programme and/or Enforcement Priorities that matter will be pursued in line with the Central Bank strategies and policies.

Discussions between the supervisors and enforcers during the handover process are productive and may lead to the identification of additional potential breaches and new areas for consideration over and above the initial assessment of the facts. The process is not static: it will be continuously tweaked and reviewed to deliver improvements in the procedural handover of cases. To date we are already seeing improvements in efficiencies and effectiveness which are being measured and reported on internally. For example, the length of time between an enforcement file being opened and details of the investigation being notified to the regulated person have been reduced. The preliminary work conducted prior to a documented referral being received from supervisors has led to greater clarity in respect of both the supervisory concerns and the appropriate level of details and evidence needed to support such concerns. Such level of scrutiny benefits not only the regulator but also the regulated person because it means that just because a regulation may have been breached, this alone is not the sole determining factor of whether or not an enforcement file is opened. The significance or weight of the matter as determined by the Central Bank’s statutory objectives, its strategies, its policies, the Programme and Enforcement Priorities are also considered in making a determination.

The effectiveness of the handover mechanism is both:

  • pivotal to the overall success of the enforcement capability of the Central Bank, and
  • sits comfortably alongside our new formal risk assessment framework known as the Probability Risk and Impact SysteM or PRISM.

In closing off this topic on the internal piece of the handover mechanism it is worth noting Deputy Governor Matthew Elderfield’s comments in May 2011 1,

“As a Central Bank, then, we still need to change our culture as much as our processes. If we aren’t better at challenging each other about management of risk, we won’t be able to raise our game to challenge the CEOs of the high impact firms we supervise.”

I cannot see any reason why this principle (derived from what seems a rather obvious observation by Peter Nyberg which went unappreciated in previous years) should not equally apply to other aspects of the Central Bank’s work, including the enforcement referral handover mechanism.

Turning to the public piece of the handover mechanism, i.e. the Enforcement Directorate’s engagement with regulated entities and persons concerned in their management, these entities and persons, in respect only of the matters referred, will deal with Enforcement staff. They will be notified at the appropriate junction of Enforcement’s involvement. From the time a matter is accepted by Enforcement all decision making in that matter (i.e. on the issue(s)) rests with Enforcement. The supervisory relationship between the regulated entity and its supervisor continues as normal for non-referred matters. Therefore a regulated entity referred to Enforcement will have two corridors of communication with the Central Bank, the usual day-to-day channel with its supervisory team and a new corridor with the Enforcement Directorate.

Statutory Objective, High Level Goals & the Strategy

It is self-evident that culture is of critical importance to every business, whether public or private. In the words often attributed to Peter Drucker, ‘Culture Eats Strategy for Breakfast’. The Enforcement Strategy can be said to be based on one statutory objective and two high level goals of the Central Bank. One of our objectives is the proper and effective regulation of financial service providers and markets, while ensuring that the best interests of consumers of financial services are protected.

Feeding off this statutory objective are two high level goals. High level goal 3 is to: “ensure proper and effective regulation of financial institutions and markets and to minimise the risk of failure by ensuring compliance with prudential and other requirements”. High level goal 4 is to: “ensure that the best interests of consumers of financial services are protected by protecting customers and investors through conduct of business rules and other measures”.

We issued our Enforcement Strategy in December 2010. Enforcement is a key pillar of Central Bank’s Strategic Plan, especially the tenet of “assertive risk-based approach underpinned by a credible threat of enforcement”. When we execute our function, our aim will be to do so in a “proportionate, consistent, targeted and transparent”2 manner.

Many of you here today are business people. You decide upon your business mission, you set tough objectives for your business and yourselves personally, you have a strategic vision and execute business plans to deliver on all of these key ingredients. You will not run a sustainable business if you ignore the interests of key stakeholders, such as investors, depositors and consumers who demand stability and high standards. Yet if your senior management are not up to scratch you will not stay in business for long and if you manage to stay afloat then it is only because no one has yet discovered that your business model is broken. The same outcome is likely where senior management of regulated entities fail to meet the demands and regulatory requirements placed on them. To this end, the Enforcement Directorate will contribute to the statutory objectives and the high level goals through improving effective governance and compliance. And we will do so, where necessary, by the application of enforcement powers.

In relation to one question I often hear in respect of enforcement action against individuals, we have disqualified persons concerned in the management of regulated firms. The most recent action under this heading, back in February 2011, was the disqualification of two persons from being concerned in the management of a regulated firm for a period 3.5 years each. We believe that actions against individuals, especially those charged with oversight of key functions, enhances the credibility of markets, the reputation of Ireland and the protection of consumers. Such action is a strong deterrent to others and is aimed at improving behaviours expected from such persons. Another area on the minds of those in controlled functions is the new fitness and probity powers. I will not cover the scope of this new law today. However you may be interested to know that the new law has assisted refreshing boards of State-supported Credit Institutions. We wrote to the directors of all such institutions in 2011 informing that we intended to review the fitness and probity of these individuals if they were in situ in the period when decisions were taken leading to financial difficulties at such institutions who planned to continue as a director of the institution after 31 December 2011. This approach was quite effective and the vast majority of these persons are no longer on the relevant boards. Our reviews in this area are on-going but now relate to a small number of individuals. Other than the foregoing, I cannot talk about our work in this particular space of fitness and probity further.

There has been much interest in our adoption of a ‘vigorous investigation’ style. However I think it important to note that not every case referred to Enforcement will conclude with the Central Bank seeking to impose a sanction or other order depending upon the Act or Regulation in play. This should not come as a surprise because each case and outcome will depend upon the law and evidence involved. Conversely we will not shy away from cases which are complex, difficult, challenging, factually intricate or novel. We are prepared to be challenged before the tribunal and courts and we expect that this will happen from time to time.

There may be occasions where, following consideration of the facts, we have reasonable cause to suspect that a prescribed contravention has occurred but where it is considered that formal disciplinary action is not warranted. In such cases we may issue a supervisory warning. A supervisory warning is a non-statutory device. The rationale for issuing the supervisory warning is explained in writing to the recipient and contains an explanation of the behaviours we are concerned about and a summary of the factors taken into account when deciding to issue the warning. A supervisory warning forms part of the compliance record of the regulated entity. This regulatory tool is a private matter between a regulated entity and the Central Bank, accordingly we do not discuss the contents of a supervisory warning with anyone but the regulated firm. We issued supervisory warnings in 14 cases during 2011 and a further 7 in the first 4 months of 2012.

To date, although no matter has gone to Inquiry under Part IIIC of the 1942 Central Bank Act, we are prepared for the Inquiry forum. Exercising our criminal powers will place us before the courts to prove our case beyond reasonable doubt and this too is a challenge we accept. Like other regulators we may not win each case but we will take cases where we believe we have strong points to argue and solid evidence in support, including being prepared to appeal where appropriate.

Allocation of Enforcement Resources and Outcomes

Our Enforcement Strategy provides that the work of the directorate will be driven in two ways. Firstly, by ‘Pre-defined’ enforcement work. When we published the Enforcement Strategy we expected that the majority enforcement action would fall under this heading. This did not turn out to be the case. We announced our first set of ‘Pre-defined’ enforcement work in the Enforcement Strategy. Our list of enforcement priorities was updated in February 2012 and covers:

  • Mortgage Arrears
  • Retail Intermediaries
  • Payment Protection Insurance
  • Client Asset Requirements
  • Prudential Requirements
  • Anti-Money Laundering and Counter Terrorist Financing
  • Transaction Reporting
  • Systems and Controls
  • Timeliness and Accuracy of Information submitted to the Central Bank
  • Dissemination of inaccurate/incorrect information in the market (Transparency and Prospectus Directives)

The balance of enforcement action falls under the heading of ‘Reactive’ enforcement work. What we mean by this is responding to potential breaches identified through non-themed supervisory work and other information sources whether identified internally or externally.

Regardless if pre-defined or reactive enforcement work, where a breach is shown to have occurred, we have available to us a full range of powers.

In our Enforcement Strategy we said that firms and persons concerned in their management should assume that proportionate and robust sanctions will follow via our administrative sanction powers or other powers when a case is accepted by the Enforcement Directorate. This does not mean we shall pre-judge a matter. Rather it means that firms should take seriously our involvement in a matter and extend to Enforcement (just as they would to their supervisors) open, candid and co-operative action. Whether the outcome is a monetary penalty, a direction, a reprimand or some other type of enforcement action, we will not lose sight of the fact that a regulatory action is a strong deterrent to others and educates stakeholders on the behaviour we (and their peers) expect.

Impact Profile and Enforcement

Turning to the impact profile of a firm, it is of course fair to say that higher impact firms or those systemically important will generally be prioritised to a greater degree than those entities that are deemed to have a lower impact profile. And we are fully cognisant that where we do not have an active supervisory relationship with large groups of smaller firms/low impact firms, enforcement action has a powerful deterrent effect. Therefore we will act against lower impact firms where the circumstances warrant it. We have said previously that a substantial portion of low impact firms must improve basic compliance. Where our current and new powers permit, we will use our powers to fine or revoke the authorisations of firms who refuse to pay levies or who fail to file timely regulatory returns. As business people, you are no doubt concerned about level playing fields. It stands to reason that you will be very annoyed should you spend money, time and other resources complying with your obligations and your competitor down the road thumbs its nose at the same requirements and appears to be no worse off.

Administrative Sanction Procedures & Key Enforcement Powers

Back in 2005 we published two documents in respect of our Administrative Sanction Procedures process. I do not propose to go into the nitty gritty of these well-known documents except to say that following on from our recent consultation on Inquiry Guidelines we will consult on a revision of the Administrative Sanction process and we look forward to reading, listening to and digesting comments received. The revision will affect both the Guidelines and the Outline documents.

Let me know turn to the topic of Settlement Agreements and Publicity.

Settlement Agreements

Settlement is voluntary. We promote the option of early settlement once an Administrative Sanctions Procedure has commenced. We do so in line with sound legal practice and to promote a cost effective resolution. Entry into a voluntary settlement early in the procedure (and I emphasise the word ‘early’), may lead to a discount on the penalties which we propose to apply. The discount is in respect of the saving in time, resources and money which results from an early settlement. We will not engage in protracted settlement negotiations. We usually facilitate only one settlement meeting in each case. Why? We need to ensure that resources are utilised as efficiently and effectively as possible. As an enforcement case progresses, our valuable resources are best applied to pursuing the enforcement case to a more formal conclusion rather than engaging in attempts to settle the case.


Settlement agreements contain an agreed statement for publication. We will publish the key terms of a settlement agreement, including the name of the regulated entity, the nature and facts of the prescribed contraventions and the sanctions imposed. This is manifested in a Publicity Statement. Should a matter go to an Inquiry (under the ASP model), in the event of an adverse decision, we will, subject to the safeguards provided for in section 33BC of the 1942 Act, publicise the name of the regulated entity, the nature of the prescribed contraventions and the sanctions imposed.

Publicity of enforcement actions is a core feature of the enforcement process and, as noted below, generally includes a market commentary.

To date all ASP and Markets cases resulting in a sanction have been resolved by settlement. There have been 46 ASP actions and 3 Markets actions. We have agreed the disqualification of 9 persons ranging from 1 to 5 years duration. The total amount of monetary penalties issued is circa €18.5million (July 2006 to date). We have issued publicity statements for all outcomes. I will not visit the details of any cases for the purposes of today as I should expect that you, given the nature of the audience, are familiar with these, including the signalling we provide in the market commentary section underneath the public statement. The market commentary serves as a useful reminder of our approach to our enforcement work and the commentary contains key enforcement messages and signalling. The details of ASP and Markets cases were a sanction has been imposed are available in the Enforcement section of our website (see

If I am to leave one message in this area, it is that we are committed to demonstrating achievement of the Central Bank’s statutory objectives and high level goals. As you read through the publicity statements you will - hopefully - note the connection between the cases and our stated objectives, strategy, supervisory priorities and enforcement priorities.

Our powers – current and proposed

Some of our key enforcement powers arise from Part IIIC, Central Bank Act 1942. This is the ASP process noted above. Adverse decisions reached by the Inquiry mechanism are appealable to Irish Financial Services Appeals Tribunal. We also have new powers under Part 3 of the Central Bank Reform Act 2010 in relation to the fitness and probity of persons in “controlled functions”, including “pre-approval controlled functions”. The exercise of these powers may result in suspension notices or prohibition notices. And there is an appeals mechanism, for example a refusal by the Central Bank to consent to pre-approval controlled function application may be subject to appeal to IFSAT. Another key enforcement power we administer is that of the sanctions available under the Market Abuse (Directive 2003/6/EC) Regulations 2005. The 3 Markets cases referred to above are enforcement outcomes arising from this Regulation.

It may seem that we have a lot on our plate and a broad range of supervisory and enforcement tools to effect desired outcomes. However experience over the past number of years has highlighted some key gaps in our powers to safeguard stability, effectively regulate markets and financial firms and protect consumers. These gaps are being addressed in the form of the Central Bank (Supervision and Enforcement) Bill. In summary, the Bill will provide the Central Bank the ability to pass new types of regulations, the power to issue wider ranging directions, wider powers for authorised officers and the ability to require ‘skilled persons’ reports. The Bill doubles the current administrative sanctions penalties taking the maximum fine for individuals and bodies corporate to €1 million and €10 million (or 10% of annual turnover) respectively. The ability to suspend and revoke an authorisation is a planned addition to the sanctions which may be imposed following an Inquiry. Another area in the Bill which may be of interest to you is the proposed regime to protect whistle-blowers who, for example, disclose in good faith to the Central Bank that a financial services law offence or prescribed contravention is or has been committed.

At this time it is opportune to give a plug to our enforcement news service [email protected]. This email address is used for subscribing to e-mail alerts on enforcement news and developments. If you subscribe to the service you will be notified of key announcements by the Enforcement Directorate including publicity statements and copies of presentations we deliver. We feel that it is important that this type of information is readily accessible to those with an interest in these subjects.


I am conscious of the time and appreciate that you will have questions on the issues addressed this afternoon. In concluding, rather than seeking a witty remark or getting bogged down in a drawn out conclusion, I will finish by reference to the words of Governor Patrick Honohan at the recent Central Bank of Ireland Stakeholder Conference3:

“Financial firms know that they operate in a rules-driven environment and that compliance is expected. Failure to enforce could, I am afraid, be taken as an implicit waiver of rules. Such lack of clarity is not consistent with the new philosophy. To help ensure that these matters are not side-lined by on-going supervisory responsibilities, the responsibility for enforcement in the Central Bank has been organisationally separated from supervision … While the ideal result would be no successful prosecutions because of 100 per cent compliance, recent experience makes it clear that we are still far from that ideal. As such, I am pleased with our recent record of completing enforcement cases: this sends an important and effective signal to regulated firms … The threat of enforcement is there for all, big and small, and this is evidenced by those cases taken to date”.

In my job it is gratifying to know that the Governor supports our enforcement philosophy and approach. Thank you very much for your time and I look forward to your questions.


 1 Address by Matthew Elderfield, Head of Financial Regulation, to the Galway Chamber, GMIT, May 05, 2011

2 Section 3.3, Enforcement Strategy

3 Closing remarks by Governor Patrick Honohan, at the Central Bank of Ireland Stakeholder Conference, 27 April 2012