In recent years, there has been an increased focus on Individual Accountability by regulators around the world. Regulated firms, including their Independent Non Executive Directors (INEDs) are being required to put a greater emphasis on culture and individual accountability in their day to day responsibilities.
In July 2018 the Central Bank of Ireland (CBI) proposed an Individual Accountability Framework (IAF) which incorporates many of the elements introduced by the UK Senior Manager and Certification Regime (SMCR) and includes the Senior Executive Accountability Framework (SEAR). Legislation to facilitate the introduction of the new Framework is expected in Q2 2021.
Individual accountability is now a global concept and is becoming a regulatory focus area around the world, for example:
This increasing focus on individual accountability has been driven firstly by an aim to curb excessive credit and market risk taking. It also aims to place a greater emphasis on a strong and positive culture, greater diversity and high conduct standards, with the expectation that INEDs and the Board will set this “tone from the top”. Lastly, it aims to hold individuals to account if, and when, regulatory breaches and other failures occur.
Although events such as the COVID-19 pandemic have delayed the enactment of this pivotal legislation we expect that the draft legislation will be released in Q2 / Q3 2021. As regulated entities respond and adapt to the “new normal”, with staff working remotely and long established processes and policies having to respond and adapt to the COVID-19 restrictions, the role of the IAF in promoting accountability and the required behaviours cannot be overlooked.
The CBI has spoken directly to the role of INEDs in fostering good culture. In addition, the UK Corporate Governance Code has directly stated that directors are responsible for promoting the desired culture on Boards. Therefore, INEDs must actively support the shift in culture that IAF and SEAR aim to bring by challenging both the Board and the executive functions, as well as re-assessing their role as INEDs in light of the proposed regulation.
Where accountability is clear and cascaded through the organisation to middle management and their direct reports, significant improvement in the culture, transparency and performance will be achieved.
INEDs must take this shift towards greater individual accountability seriously, not least because of the potential consequences on individuals of a failure to do so but also because firms will increasingly rely on the independent challenge of INEDs.
Using our experience of implementing regulatory change, as well as our experience of accountability regimes globally, we outline the preparation required of INEDs from both to prepare themselves for the personal implications and also how they can effectively challenge and oversee their firms, ultimately equipping INEDs to perform an effective and strong oversight role under the SEAR.
As part of the CBI’s increasing focus on fostering and embedding robust, sustainable, and positive cultures within regulated service providers, the Bank intends to introduce an IAF and strengthen the pre-existing Fitness and Probity (“F&P”) Regime. The proposed framework is set out at high level below:
Applies to Senior Executive Functions (“SEFs”) and will at least map to the Pre Approval Control Functions (PCFs) under the current F&P regime.
In considering the IAF, it is vital that INEDs determine how prepared they are personally. INEDs are PCFs under the current F&P regime, and therefore are likely to become SEFs and be subject to the SEAR when it is introduced. Furthermore, there are a number of consequences for firms if they ignore Diversity and Inclusion issues from both a Business and People Perspective. As such, the role of INED on the Nomination Committee is crucial in influencing a dynamic and diverse candidate pipeline in all its forms to mitiage the risk of “group-think” and to foster innovation and better understand the needs of an evolving workforce and customer base which can in turn increase profitability and a boost in the organizations reputation.
Given that the CBI’s proposals have been known since July 2018, and alongside heightened scrutiny and calls for individual responsibility for senior executives, INEDs and firms should be prepared for a rapid introduction of the IAF.
The position of an INED has always been an essential component of the board, representing a vital layer of independent oversight on the activities of a firm. With an international shift towards individual accountability and an increasing focus on culture, the role of INEDs in providing oversight and challenge of firms and their boards will become even more critical.
This enhanced role brings both challenges and opportunities for INEDs. INEDs should drive a cultural shift within the firm, acting as a role model for accountability whilst also remaining independent, and guide and challenge firms without falling into inertia. Additionally, they should challenge the details and consider risks from all sources to mitigate group think whilst continuing to provide strategic oversight. Below we outline some of the potential impacts of the IAF on INEDs.
As INEDs, your value is in offering an independent experienced review of all aspects of the bank’s business. You can and must ask the hard questions and critically evaluate the quality of information or reporting to the board, the strategic direction of the bank, the culture that prevails, the customer relationships, the emerging risks to the business model and much more.
INEDs have the power to change the inherent culture of a firm and can do so by observing the as-is culture, establishing a strategic cultural vision and guiding this cultural agenda through meaningful action. The UK Corporate Governance Code (which also applies to Irish companies with a premium listing on the London Stock Exchange and is referenced in the Listing Rules of the Main Securities Market of Euronext Dublin) has directly stated that Boards are responsible for promoting the desired culture, noting that:
The Institute of Directors has also developed a Director Competency Framework setting out the expected standards of directors. These standards include the high expectations of leaders to develop an organisational culture that is value based and aligned to the overall strategy of the organisation.
From our experience of implementing similar regimes and preparing Irish organisations for the incoming IAF legislation, the role of the Chair will take on a vital position when it comes to IAF implementation, setting the cultural tone of the entity’s approach as well as leading the prioritisation of its implementation. IAF implementation is a change programme that will require resourcing, a robust strategic plan and potential technological uplift. Given the significant cultural shift this applies, appropriate buy in from the Chair and the Board will be required to set the correct tone from the top.
In December 2020 the Prudential Regulation Authority surveyed in-scope firms to evaluate the impact of the SMCR and the regime was widely considered to have had a positive impact on culture and behaviour(1). In addition, the Financial Conduct Authority published a review of the SMCR in 2019, which stated that there was now a change in the level of detail, clarity and quality of conversations on culture and expected behaviours and that firms had completed activities create a culture of challenge, escalation and providing a safe environment for staff to speak up.(2) Therefore, INEDs should now be prepared to focus on fostering and encouraging a robust culture, promoting and setting an example for diverse thinking and inclusive behaviours within the organisation and challenging those aspects that are not currently best practice.
INEDs occupying the SEF roles under the SEAR will be individually accountable for the decisions that they make and therefore subject to the applicable sanction in the event of any regulatory breach. Within the UK, there were concerns that under the SMCR, this individual decision making accountability would require INEDs to adopt quasi executive or executive roles which could potentially impact on independence.
However, the FCA has been explicit that an INED is neither required or expected to assume executive responsibilities. Although INEDs have duties under the UK regime, the FCA still views the application of the regime as consistent with the principle of collective decision making. The PRA has also spoken directly to these concerns noting that the expectations of firms and individual requirements should be viewed as being “complimentary”.(3)
In February of this year, Ed Sibley, Deputy Governor, Prudential Regulation addressed this concern from a CBI perspective, stating “In evolving the individual accountability framework, we are of course keen to ensure that we do not unbalance the framework of collective decision-making and individual accountability by an increased focus on the individual aspects”.(4) Ultimately, the IAF should result in better collective decisions which will be reflected in the obligations of individuals.
The INED response to this challenge will evolve as the legislation comes into effect. Nevertheless, INEDs must be mindful of the potential consequences and the need for a robust “reasonable steps” framework in order to evidence how decisions are made and that the relevant Conduct Rules are being followed.
The role of the Board Chair is a significant position that can influence senior executive decisions, overseeing the Board to ensure it is effective in steering the direction and strategy of the company. If a similar approach to the UK regime is adopted by the CBI, INEDs occupying Chair roles on both Boards and Committees will face increased responsibilities and therefore will need to consider how this will affect the execution of the Chair role and running of the committees.
In the UK, these individuals are subject to the full requirements of the SMCR regime for Senior Manager Functions, and they are allocated prescribed responsibilities and required to draft Statements of Responsibility, documented on a Management Responsibilities Map. They therefore have an obligation to demonstrate “reasonable steps” that they discharged their functions effectively and may be subject to sanction, including criminal penalties, if they cannot.
INEDs occupying these positions should therefore be cognisant of the heightened expectations that the IAF may bring as our experience in the UK demonstrates that these individuals will become much more heavily involved in the running of committees. Key considerations for such INEDs therefore will include:
The scandal at Wells Fargo and subsequent report on mis-selling of financial products contains a number of key lessons for boards, which speak to Internal Control Framework (ICF) requirements, governance, incentives and culture – all elements of an individual accountability framework which INEDs will help to foster within their role.
The requirements of an IAF will require in-scope institutions to have a robust and clear ICF with accountabilities and responsibilities clearly defined. Boards must ensure that the ICF is robust by challenging the executive appropriately. Boards are likely to require a clear combined assurance statement on the effectiveness of the ICF to satisfy themselves everything is as it should and ensuring that firms have established appropriate structures and resources to deliver on it.
There is also a requirement for INEDs to challenge executives on the implementation and delivery of SEAR within the context of structures that support and establish an appropriate ICF.
The CBI has been clear that Boards are expected to also comply with the spirit of the new requirements. Successful implementation of the framework should not only clarify accountabilities but also drive positive cultural change throughout the organisation; strengthening the tone and ownership from the Board, creating a culture of challenge as well as improving the level of detail, clarity and quality of conversations on culture and expected behaviours. As previously noted, INEDs should therefore be prepared to drive cultural change as a result of the IAF.
In addition, the CBI has noted that Boards must navigate the COVID-19 pandemic and therefore understand and satisfy themselves that the business model is sustainable and understand the role of the bank’s risk appetite in order to guide strategic decision making. Other topical issues include disruption of traditional business models, technological risk (including cyber attacks). Boards must ensure that they have sufficient expertise to address such challenges to enable them to provide adequate oversight and challenge to firms in these areas. The IAF will certainly focus on the quality of decision making accordingly.(5)
Another key area of focus to take into account is the indemnities for INEDs who may be taking on additional risk as a result of SEAR. Our experience has demonstrated an increased focus on D&O Insurance following the introduction of accountability regimes.
INEDs must give consideration to how an ‘Insured Person’ is defined within current D&O insurance policies to confirm their coverage. Additionally, the financial thresholds and aggregate limits under the current D&O policies should also be reviewed as they may need to be revised. It is crucial that INEDs have a full understanding of what exactly is covered by the relevant policies and what is excluded in the event a claim is made.
Employment contracts may also need to be reviewed to include a personal indemnity for breach of conduct standards and this should dovetail with cover in the D&O policy to ensure there are no gaps in cover should a breach arise.
Finally, INEDs must determine whether there are there any gaps in cover between professional indemnity (PI) and D&O policies. To the extent that an investigation of those in SEF roles concerns the provision of professional services this may be outside the scope of D&O and will need to be considered under PI policies.
The impact of the SEAR on remuneration has yet to be fully determined, however is likely to be a key focus area. In other jurisdictions, regulators have adjusted remuneration regimes to align to the individual accountability provisions in order to incentivise and encourage the required behaviours.
Therefore, in addition to any pre-existing regulatory requirements on remuneration, INEDs and firms should also be mindful of the potential impact of the IAF on remuneration.
INEDs must critically appraise their role as independent advisors in the context of the upcoming regulation. Outlined below are the high level themes on which INEDs should challenge their boards and senior executives to ensure effective implementation of the IAF:
Governance Structure and Effectiveness
Firms will be obligated to review the role of INEDs as SEFs, alongside duties under company law versus duties under SEAR. Similarly, Board and committee structures and effectiveness will need to be reviewed and uplifted, where required.
Senior Executive Function
Firms will need to clearly define the roles and responsibilities of the SEFs and ensure clarity over the delegation of tasks. In addition, it will be vital to review succession planning, handover policies and procedures as well as conduct rule breach management procedures.
Legal considerations including indemnities, insurance and legal support for Senior Executive Functions are an important component of IAF implementation. Contracts will need to be reviewed to ensure alignment with conduct rules and that the consequences of non-compliance are clear.
Annual Certification Regime
There will be a duty on firms to annually assess the in-scope population as fit and proper and align these assessments to conduct rule breach management and performance management processes. INEDs will need to challenge the Executive and ensure firms implement the certification regime in compliance with the IAF. This includes clarification of the consequences of failure of certification, including appeals processes and remediation plans for affected individuals.
Human Resources Engagement
HR engagement is key to successful IAF implementation and ongoing operation. Performance management will need to align to the conduct standards, as well as breach and remuneration processes and procedures. HR will need to be involved in the recruitment and exit procedures for in-scope employees, and training for in-scope populations and for those administering the IAF.
Conduct Breach Management
Firms must also define the meaning of a breach of conduct rules. They will then have to monitor conduct rule compliance and reporting of breaches to the CBI within the business as usual environment. In addition, firms will need to clarify the interlock of breach reporting with performance management and fit and proper assessments. Clear and consistent breach reporting mechanisms will also be important should the CBI also introduce the requirements for regulatory references for in-scope individuals.
Technology Changes and Enhancements
Technology changes will likely be required to support ongoing compliance with the IAF. This may also include enhancements to as-is systems to ensure an interlock with any additional platforms introduced.
Three Lines of Defence Collaboration
Throughout IAF implementation and beyond, communication between all three line of defence functions is vital. Firms will need to clearly define the accountability of the first line of defence for management of conduct issues and the role of second and third line in providing advice and assurance that “reasonable steps” are being taken by SEFs.
Cultural Agenda Focus
An essential component of IAF success is to ensure compliance with not just the letter of the law but also the spirit of the framework. Firms need to take this opportunity to re-assess their cultural agenda and prioritise acting with integrity and be prepared for potential scrutiny of behaviours both inside and outside of the firm in fit and proper assessments. Effective oversight and challenge from INEDs will be key.
Firms will need to review both the operating model changes and associated costs arising from the introduction of the legislation. Resources will be required for both the implementation and ongoing maintenance of the IAF and will need to be factored into the long term strategy of the firm.
“Reasonable Steps”, MI and Reporting
Boards and Senior Executives will need to ensure that they have adequate and regular MI in order to ensure effective oversight of the functions for which they are responsible. Therefore, firms should conduct a mapping exercise against each of the responsibilities captured to ensure that there is sufficient information to support ongoing compliance with the IAF.
Our experience has highlighted several common challenges that are outlined below and should be considered by INEDs both personally and when challenging Boards:
KPMG’s Risk and Regulatory Consulting team comprise of experts in Fitness & Probity, Conduct Risk and UK SMCR and Australian BEAR specialists who have assisted clients in the design and implementation of individual accountability regimes in the UK and Australia.
KPMG can provide services to ensure both individuals in senior positions and firms themselves are adequately prepared for the IAF and that they are well-appointed to maintain compliance with its requirements on an on-going basis. The CBI has also re-emphasised the need for firms to review and assess their pre-existing F&P compliance as outlined in the Dear CEO letters released in April 2019 and November 2020. In order to prepare for the IAF, firms should review these letters and perform an assessment to ensure that F&P compliance is up to date. We can advise on F&P requirements and the CBI’s expectations in order to ensure readiness for the introduction of the IAF.
If you have any queries related to the Individual Accountability Framework, please contact Gillian Kelly of our Risk Consulting practice. We'd be delighted to hear from you.