On 04 July 2022 the Finance Minister sought approval from the Government for the text of the Central Bank (Individual Accountability Framework) Bill. The draft legislation is expected to be published prior to the Dáil’s recess on 14 July 2022. Our Risk team explain the implications below.

On 23 June 2022, Gerry Cross, the Director of Financial Regulation, Policy and Risk in the Central Bank of Ireland (“CBI”) provided an update on key aspects of the Individual Accountability Framework (“IAF”) and the Senior Executive Accountability Regime (“SEAR”). We have summarised the key updates in respect of the IAF and SEAR from Mr Cross below:  

Culture

In addition to the development of the forthcoming IAF and SEAR the CBI has increased its regulatory focus on culture and conduct in recent years as a result of the significant misconduct identified at financial institutions. This focus has resulted in enhancements to the Consumer Protection Code (“CPC”) and the adoption of a Consumer Protection Risk Assessment (“CPRA”) Model among others. Mr Cross confirmed in his speech that the CBI will continue this focus and implement an enhanced supervisory approach to culture and behaviours within firms while the IAF is rolled out. 

SEAR

Mr Cross confirmed that the SEAR will initially apply to a defined range of Regulated Financial Service Providers (“RFSPs”) which comprise credit institutions, insurance undertakings (excluding certain specific categories) and higher risk activity investment firms. While the scope of the SEAR will increase over time, approximately 150 firms will initially be in-scope. Firms not initially in scope of the SEAR should still consider its requirements as it drives good governance practices. In addition, in April this year the Joint Committee on Finance, Public Expenditure and Reform and Taoiseach (the “Joint Committee”) has recommended that the SEAR will apply to entities initially proposed to be excluded within one year of commencement of the legislation. 

1. SEFs

The CBI proposes that Senior Executive Functions (“SEFs”) under the SEAR align with Pre-approved Control Functions (“PCFs”) under the existing Fitness and Probity (“F&P”) Regime. Mr Cross indicated that it will be for firms to identify the executives that fall in scope as an SEF. The creation of new roles will not be required and when determining SEFs firms should take a substance over form approach, i.e., the function performed should drive the SEF allocation, rather the job title. 

2. Responsibilities and Responsibility Maps

Mr Cross further clarified what is intended by the inherent, prescribed or other responsibilities applicable to SEFs under the SEAR: 

  • Inherent responsibilities are mandatory responsibilities for a specific SEF and are inseparable to the definition of a SEF; 
  • Prescribed responsibilities are responsibilities which firms must allocate out to individuals carrying out SEF roles. Examples of prescribed responsibilities include: the responsibility for Environmental, Social and Governance matters or the responsibility for embedding positive culture, consumer protection and conduct risk.
  • Other responsibilities cover any additional functions, business areas or projects for which an SEF is responsible and which are not already covered under inherent or prescribed responsibilities. 

Both inherent and prescribed responsibilities will be set out in the regulations, while other responsibilities will be determined by firms themselves. Furthermore, Mr Cross outlined that the CBI intends to allow some flexibility in the allocation of prescribed responsibilities. To this end, while a general list of prescribed responsibilities applicable to all firms will be provided, tailored lists for industry sectors will also be available. These tailored lists will consider differences of scale and complexity in firms. 

Responsibility Maps will be required under the SEAR to document the allocation of responsibilities across the firm. Mr Cross, in his speech, listed some key elements that should be contained in these maps: 

  • Matters reserved for the board (i.e. as set out in a firm’s formal schedule of matters as required under the CBI Corporate Governance Requirements);
  • Terms of reference for key board committees; 
  • Reporting lines of SEFs to individuals, committees and, if applicable, within the wider group. 

Furthermore, Statements of Responsibilities (“SoRs”) will also be required under the SEAR to clearly set out the responsibilities of each SEF.

3. Branches under the SEAR

It is currently proposed that the SEAR will apply to incoming third country branches (i.e. branches of non-EEA financial institutions established in Ireland) but not to incoming EEA branches (i.e. branches of other EEA member state financial institutions established in Ireland). 

The SEAR will apply to branches of Irish financial institutions in-scope of the SEAR and established in other EEA member states (i.e. outgoing branches). This is because outgoing branches are legally a part of the regulated Irish entity. As a result, the Branch Manager role, currently a PCF function, will become a SEF under the SEAR. 

4. Outsourcing of SEFs

Any RFSPs in scope of the SEAR will be required to allocate an SEF with responsibility for outsourcing arrangements. Furthermore, oversight of the outsourced role holder will fall under the relevant PCF and this will need to be reflected in the relevant Statement of Responsibilities and Responsibility Maps. 

5. Duty of Responsibility

Mr Cross also confirmed that an SEF’s legal duty of responsibility will be breached when all the circumstances below are present: 

  • An SEF is performing their role with responsibility for the relevant business area; 
  • The regulated firm performed a prescribed contravention; and 
  • The individual did not take reasonable steps to avoid the prescribed contravention occurring. 

The CBI intends to publish guidance on its expectations for the behaviour of SEFs and what steps may be considered reasonable in respect of an SEF’s Duty of Responsibility as part of the consultation process. 

Conduct Standards

The IAF will also implement Common Conduct Standards applicable to all staff in an RFSP, Business Standards for RFSPs and Additional Conduct Standards for senior executives (i.e., PCFs and those in a position of significant influence over the RFSP). 

Mr Cross confirmed that the CBI intends to publish guidance on its expectations in relation to both the Common Conduct Standards and the Additional Conduct Standards. 

  • Common Conduct Standards: The CBI will ensure that the guidance it provides in relation to the Common Conduct Standards is not overly prescriptive and is proportionate to the nature, scale and complexity of individual firms and roles. 
  • Additional Conduct Standards: Mr Cross also confirmed that guidance will cover which steps may be considered reasonable for replace SEFs with in-scope individuals in defence of a potential breach of these standards. This will include a non-exhaustive list of relevant considerations when determining if reasonable steps have been taken. 

Legislation and Consultation process and timeline

KPMG expects the publication of the legislation before the Dáil breaks for summer recess on the 14th of July. Mr Cross indicated that the legislation is to be published “very shortly” with a consultation period of three months and guidance provided in parallel. The legislation will then be enacted in 2023. 

Once the legislation is enacted the CBI will focus on embedding the IAF into its supervisory processes and approach and ensuring that firms also embed the framework. 

Implementation steps

Mr Cross outlined key areas that firms should consider in preparing for the implementation of the IAF and the SEAR. These included: 

  1. Obligations and governance structures should be reviewed to ensure responsibilities are clear. Roles and responsibilities of SEFs should also be well defined, with clear reporting lines and delegation of tasks 
  2. F&P processes should be analysed to determine improvements that are required for annual certification 
  3. Internal culture and values should be compared against the principles of the IAF to determine the areas will need particular focus for alignment 
  4. Education and training for staff of their obligations under the IAF and the SEAR should be developed and implemented.

How can KPMG help?

KPMG has a multi-disciplinary team across legal, risk and regulatory matters with experience of implementing similar Individual Accountability regimes in other jurisdictions such as the UK’s Senior Managers and Certification Regime (“SMCR”) and Australia’s Banking Executive Accountability Regime (“BEAR”) and Financial Accountability Regime (“FAR”), as well as Hong Kong and Singapore. The IAF comprises multiple elements comprising the SEAR, Certification Regime, Conduct Standards and a Unified Enforcement Process. We can help you in your preparation for the IAF in the following ways: 

Readiness assessment

We can assist you with a readiness assessment and identify required changes to be implemented. This includes a remediation plan and clear actions for any gaps identified. 

Technology

We can advise you on technology solutions to manage both the IAF requirements, using our bespoke technology solutions which include our Accountability Manager Tool, that are adaptable for your needs.

Design & implementation

We can assist you with the design and implementation of the IAF requirements using the output of a readiness assessment. This includes target operating model design and implementation. 

Assurance

We can assist you to ensure that you are in adherence with the new requirements prior to implementation or post implementation, leveraging our experience with implementing and advising on F&P requirements as well as Individual Accountability regimes such as the UK’s Senior Manager and Certification Regime, and Australia’s Banking Executive Accountability Regime / Financial Accountability Regime.

Get in touch

The pace of change is challenging leaders like never before. To find out more about how KPMG perspectives and fresh thinking can help you focus on what’s next for your business or organisation, please get in touch with our team below. We’d be delighted to hear from you. 

Contact our team

More in Risk