‘Leadership, Accountability and Culture in Financial Services’ - Derville Rowland, Director General, Financial Conduct

14 November 2018 Speech

Derville Rowland

Speaking at the Eversheds Sutherland Conference on ‘Leadership, Accountability and Culture in Financial Services’

Introduction

Good morning ladies and gentlemen.

Thank you for inviting me here to discuss the Central Bank of Ireland’s proposals to enhance accountability in the financial services sector, to deliver a more effective consumer focused culture at regulated financial institutions and to emphasise the role of leaders in bringing about the required changes.

Since the crisis, and in tandem with significant regulatory and supervisory reform at national and international level, the Central Bank has greatly enhanced our gatekeeper and enforcement roles, to keep unfit individuals out of the financial services industry and to pursue individuals and firms for wrongdoing.

I am a realist, and I know we will always need strong and effective gatekeeper and enforcement powers. But it’s also true to say I’d be very happy if we were using them less frequently because there was less misconduct to pursue.

And that’s where culture comes in.

The Role of Culture in Misconduct - Cash or Cabbage for the Sales Team?

Culture is a system of shared values and norms that shape behaviours and mindsets within an institution – the unwritten rules or ‘the way things are done around here’.1

At a recent conference hosted by the Central Bank and Trinity College Dublin, speaker after speaker gave examples of how certain cultures have given rise to misconduct - often with serious consequences for consumers, employees and shareholders.

One quoted Anthony Try, a former Wells Fargo employee who described the relentless pressure to reach sales targets: ‘There would be days where we would open five checking accounts for family and friends just to go home early.’’ The US bank was subsequently fined after its staff secretly opened millions of unauthorised accounts in an effort to reach unrealistic sales targets.

Another speaker talked about how a UK-based payment protection insurance sales team would award cash or a cabbage – a literal cabbage - to the best and worst sales performers at the end of the week, a symbol of a culture that clearly put achieving sales targets ahead of good consumer outcomes. Lenders have paid out stg£31.5bn in compensation for the mis-selling scandal, according to recent estimates.2

Yet another spoke of how enormous sums of money ran through the Commonwealth Bank of Australia’s supposedly ‘intelligent’ deposit machines before anyone questioned whether money laundering issues arose. The bank was earlier this year fined A$700 million after admitting it had contravened the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 on 53,750 occasions.3 And, just in case you’re wondering, 53,750 is not a typo.

And of course, here in Ireland we have seen customers who were denied a tracker mortgage or put on the wrong rate with sometimes devastating consequences - up to and including the loss of their homes and properties in some cases. Lenders have paid €580 million in redress and compensation to affected customers to date, while the cost to the banks is currently running at c.€1 billion.

Culture is a matter for each financial institution in the first instance, and no two cultures will be precisely the same. However, I think we can agree, based on these examples, that we all know a poor culture when we see one. Conversely, we also recognise that organisations with effective culture share a commitment to high standards and values.

You Won’t Find the Avalanche in a Snowflake

You won’t find the avalanche in a single snowflake. But when enough snowflakes interact together in certain circumstances, an avalanche can ensue. It is heartening to see that many key players are now insisting on bringing an ethical focus to bear on discussions about delivering effective culture.

Blanaid Clarke, Chair of Corporate Law, Trinity College Dublin, has described how research in behavioural ethics has shown that human responses are highly dependent upon situational and social pressures and less attributable to stable personality traits than formerly believed.4

In other words, people are likely to follow the culture within an organisation if there is significant peer pressure to do so.

This emphasises the need for organisations to get their culture right.

To break this down further, the moral philosopher Professor Onora O’Neill has spoken about the need for banks to be more trustworthy. She identifies the three key elements of trustworthiness as competence, honesty and reliability.5

The Minister for Finance, Paschal Donohoe, has suggested viewing culture and behaviour through the lens of political philosopher Edmund Burke who once said: ‘It is not what a lawyer tells me I may do; but what humanity, reason and justice tell me I ought to do.’’

Though I trained as a lawyer myself, I wholeheartedly agree that companies which aspire to have effective cultures should care as much about doing the right thing as about doing the bare legal minimum.

Many financial institutions, particularly banks, have public as well as corporate purposes and benefit from various forms of public support, such as central banking services and deposit guarantee schemes.

Against that background, it is wholly insufficient for them solely to consider maximising shareholder value without taking into account the needs of customers, employees and the wider economy in which we license them to operate.

The Governor of the Bank of England, Mark Carney, has noted that markets are not ends in themselves, but powerful means for prosperity and security for all. As such, they need to retain the consent of society to be allowed to operate, innovate and grow. He has also noted that repeated episodes of misconduct have called that social licence into question.6

Given that misconduct can cause consumer detriment and, indeed, threaten the safety of financial institutions, regulators are increasingly focusing on how firms manage conduct risk, which arises from inappropriate, unethical or unlawful behaviour. Hence the increasing focus on culture, which drives behaviour and, ultimately, customer outcomes.

While the role of ‘bad apples’ cannot be ignored, organisations can’t simply dismiss misconduct problems by attributing them to individuals alone. They must examine the barrel within which the apples were stored – i.e., the organisational culture.

Leadership and Tone from the Top

The Chinese proverb says: 'The fish rots from the head.' And so it is with businesses and other organisations - the buck starts and stops in the boardroom.7

In the case of Wells Fargo, it has been documented that the CEO’s commitment to the sales culture led him to him to minimise problems with it. His reaction invariably was that it was simply a few bad apples causing issues. He was too slow and too late to call for inspection of, or critical challenge to, the basic business model, according to the 2017 report of Wells Fargo’s independent directors.8

The Wells Fargo board also failed to read the signals that appeared many years before it was made aware of the potential seriousness of the sales incentive issues. These included employee exit interviews and terminations, whistleblower reports, customer complaints, media reports and lawsuits.9

This highlights the importance for boards of obtaining timely and relevant information to help them ensure that the culture they have defined for their organisation is reflected on the ground. Being a board member or a senior leader is a tough job that requires strong, independent thinkers, who are fully informed, curious and willing to challenge the organisations they direct.

The Central Bank expects leaders to set the right tone from the top, to ensure it is echoed from the bottom up and is visible throughout the organisation.

Our Consumer Protection Risk Assessment model (CPRA) specifically requires that leaders can demonstrate, with clear examples, how their actions and communications are encouraging a culture of consumer protection throughout the firm. We require clear oversight, responsibility and accountability for culture and behaviours related to consumer protection. To be clear, we want to see remuneration structures that reward consumer protection behaviours over sales volumes and promotion processes that take account of employees’ behaviour and commitment to consumer protection.

We generally adopt a risk-based approach to supervising firms’ conduct at a sectoral, rather than firm-specific level. However, we are now moving towards more intrusive, firm-specific supervision to complement our existing sectoral thematic engagements. We are developing a new consumer impact model to help us determine which firms pose the greatest potential harm should conduct issues arise. We are increasing our supervisory intensity in the area of conduct and consumer protection risk to ensure that boards truly understand the importance of embedding a consumer focused culture.

We are not alone in our focus on culture. The new UK Corporate Governance Code, 2018, which comes into force in January next year, also has plenty to say on role of the board in developing the organisation’s culture.

Specifically, it says the board should establish the company’s purpose, value and strategy and satisfy itself that all the components of its culture are aligned. The board should also assess and monitor culture and seek assurances that management has taken corrective action where it is not satisfied that policy, practices and behaviour throughout the business are aligned with the company’s purpose, values and strategy.10

Fitness and Probity

International and domestic experience indicates that in order for a regulatory framework to impact individual behaviours and, in turn, the culture within a regulated financial services provider, the individuals in question need to see and believe there is a direct link to them and the role they perform.

That is why the Central Bank places so much emphasis on ensuring that only suitably trustworthy people are approved to lead financial services firms.

The Fitness and Probity regime, which was introduced in 2011, gave us enhanced powers to prevent people from performing certain functions where they do not meet our standards, or, indeed, removing them where necessary. We want to see honest, competent people running financial services firms and we are willing to challenge applications if we have concerns.

Since 2011, 58 applications for senior positions have been quietly withdrawn where the prospect of Central Bank refusal was raised. This year alone, we have seen 14 applications withdrawn, many of them relating to applications for senior executive positions at high-impact firms.

We have also taken Administrative Sanctions Procedures (ASP) against firms. Since 2006, we have concluded 122 enforcement actions resulting in sanctions of more than €64m. The procedures also allow the Central Bank to sanction individuals who have been involved in wrongdoing. In this regard, we have disqualified 12 senior people to date. In addition to disqualifying 12 people from management roles under ASP, we have also prohibited six from the financial services sector outright under our Fitness and Probity regime, including four in the last 18 months.

On top of this, there are a substantial number of ongoing investigations across various financial services sectors being actively progressed involving the review of millions of documents.

Enhancements to the Individual Accountability Framework

In an ideal world, the gatekeeper and enforcement roles played by the Central Bank would not be necessary, because misconduct would not arise. While we don’t live in that ideal world, firms can do much more to drive the kind of effective cultures that focus on delivering fair consumer outcomes and limit the possibility of the Central Bank taking gatekeeper or enforcement action against them.

We detailed our views on this issue in our report on the Behaviour and Culture of the five main Irish retail banks – AIB, Ulster Bank, Bank of Ireland, KBC and Permanent TSB. The report found that all five banks have recently taken steps to reinforce the consideration of the consumer interest. However, the consumer-focused cultures at these banks remain under-developed and all five banks still have a considerable distance to travel.

I will not focus today on the detailed findings of those reviews which have already been well publicised. However, I would like to flesh out in greater detail our proposals on new individual accountability measures to drive better behaviour.

These include proposed Conduct Standards for all staff in regulated firms, such as acting honestly, ethically and with integrity; additional conduct standards for senior management; and standards for businesses.

We are also recommending to government that a Senior Executive Accountability Regime (SEAR) be implemented through legislation which would place obligations on firms and senior individuals to set out clearly where responsibility and decision-making lies for their business.

The primary purpose of the Central Bank’s reform proposals is to act as a driver for positive behaviours and recognition of responsibilities by individuals. We also aim to be at the forefront of global thinking on enhancing individual accountability, given that the initial signs from Australia and the UK are that such proposals have had a positive impact on firms.

We think of the SEAR as a way of minimising conduct risk and reducing the likelihood of harm being done to consumers and other stakeholders. It is not primarily about assigning blame, but rather about encouraging senior people in firms to identify what might go wrong and do their best to prevent it.

It is well recognised that well run firms have clear lines of responsibility and decision making processes. The SEAR proposals will facilitate better governance structures in firms, which will in turn enable issues to be resolved efficiently and effectively as there will be greater clarity within the firms as to who is responsible for what.

Imposing the Conduct Standards as universal obligations on all staff aims to provide a sense of shared values and to empower individuals at all levels in the organisation to speak up and challenge issues that arise in their firms. We envisage that this approach will be both ‘top down’’ and ‘bottom up’’ and will help to ensure that emerging risks are addressed on a timely basis and the necessary corrective action is taken.

None of the above should be seen as an imposition for industry, because I think the majority of firms we regulate would tell us these are precisely the standards and behavior they already expect of their staff. Additionally, the best run firms have well embedded conduct risk frameworks, and in our report, we are simply stating that we expect all firms we regulate to have such frameworks in place.

The Behaviour and Culture Report also recommended enhancements to the current Fitness and Probity regime to strengthen the onus on firms proactively to assess individuals in controlled functions on an ongoing basis, and to surmount some current limitations of the Fitness and Probity investigative function.

We also recommended a unified enforcement process, which would apply to all contraventions by firms or individuals of financial services legislation. To ensure the credibility of the Individual Accountability Framework, we recommend that the hurdle of ‘participation’ be removed from the enforcement process to ensure that the Central Bank can pursue individuals directly for their misconduct rather than only where they have participated in a firm’s wrongdoing.

Our proposals are firmly in line with best international practice. For example, the Financial Stability Board earlier this year identified lack of accountability for misconduct as a key cultural driver of misconduct and recommended that national authorities identify and assign key responsibilities, hold individuals accountable and assess the suitability of individuals assigned key responsibilities.

We are in discussions with the Department of Finance on our proposals and the necessary legislative powers required to implement them. Ultimately, both the timing and content of legislation is a matter for Government and the Oireachtas.

In the case of the Central Bank’s detailed proposals, we are unlikely to see a public consultation before late 2019. We are fully committed to meaningful engagement by stakeholders via a public consultation process. All evidence-based feedback will be considered in finalising the framework.

Conclusion: Good intentions are not enough

In concluding, I might mention Paul Kalanithi, a young, talented neurosurgeon who was destined for great things until he received a terminal cancer diagnosis. He wrote a book in which he talked, among other things, about the onerous responsibilities facing a surgeon when performing operations.

‘As chief resident, nearly all responsibility fell on my shoulders, and the opportunities to succeed – or fail – were greater than ever. The pain of failure had led me to understand that technical excellence was a moral requirement. Good intentions were not enough, not when so much depended on my skills, when the difference between tragedy and triumph was defined by one or two millimetres.’’11

The responsibilities on financial services providers may not be such immediate life and death matters, but they are nonetheless very onerous responsibilities given the damage that financial institutions can do to their customers, their shareholders and the wider economy.

Indeed, given that the Ireland is the least trusting of its financial services sector12, it is clear that the time is now for the board and senior leadership teams at our financial institutions to ensure that the culture of the firms that they lead is one that demonstrates competency, honesty and reliability – the key components of trustworthiness.

---------------------------------------------------------------------------------------------------------------------

[1] https://www.apra.gov.au/sites/default/files/CBA-Prudential-Inquiry_Final-Report_30042018.pdf

[2] https://www.ft.com/content/de44b9cc-9554-11e8-b747-fb1e803ee64e

[3] http://www.austrac.gov.au/media/media-releases/austrac-and-cba-agree-700m-penalty

[4] Cialdina, Aaarts, 2003.

[5] https://www.newyorkfed.org/medialibrary/media/governance-and-culture-reform/ONeill-Culture-Workshop-Remarks-10202016.pdf

[6] https://www.bankofengland.co.uk/speech/2015/building-real-markets-for-the-good-of-the-people.

[7] https://www.amazon.co.uk/Fish-Rots-Head-Boardrooms-Developing/dp/1846683297

[8] https://www08.wellsfargomedia.com/assets/pdf/about/investor-relations/presentations/2017/board-report.pdf

[9] http://m.bankingexchange.com/news-feed/item/7293-7-ways-conduct-risk-can-be-handled-by-bank-boards

[10] https://www.frc.org.uk/getattachment/88bd8c45-50ea-4841-95b0-d2f4f48069a2/2018-UK-Corporate-Governance-Code-FINAL.pdf

[11] When Breath Becomes Air by Paul Kalanithi. See http://paulkalanithi.com/

[12] 2018 Edelman Trust Barometer

I would like to thank Kathleen Barrington, Mary Burke, John Lynch and Maria O’Regan for their input to this speech.