During the last three years, the way in which the Financial Services Authority regulates has changed radically both in terms of approach and intensity. It was announced last week that the overall funding requirements of the FSA had increased 9.9% over the past year, reflecting the work the FSA has been undertaking to deliver its new intensive supervisory approach and its credible deterrence policy. The FSA has been out to flex its regulatory muscles and demonstrate through its actions that people should indeed be very frightened of the FSA.
Intensive supervision aims to deliver outcomes-based regulation. The FSA will seek to make judgements on the judgements of senior managers and take action if, in its view, the actions of firms threaten its ability to meet its own statutory objectives. The FSA has moved away from regulation based only on observable facts to regulation based on judgements about the future. By way of example, the FSA has said that it will assess business models and intervene where it sees things it does not like.
The FSA is currently considering the effectiveness of corporate governance and risk management arrangements in the firms it regulates, as evidenced by the publication in January of consultation paper 10/03 on significant influence controlled functions and the Walker review. This work builds on the FSA’s existing significant influence function review and represents its formal response to the recommendations made by Sir David Walker as part of his review of corporate governance in UK banks and other financial institutions.
Corporate governance and approved persons
New parent entity SIF controlled function
The FSA made changes to its approved persons regime in August 2009, which introduced revised CF1 and CF2 definitions that were intended to capture certain individuals operating at the level of an unregulated parent or holding company of an FSA-regulated firm where they were capable of exerting significant influence over that firm.
CP10/03 proposes to capture these individuals in a new parent entity SIF controlled function, CF00. The intention is that this CF00 controlled function will be wider in its application to parent level individuals than the previous CF1/CF2 definitions. For example, CF00 will be capable of capturing individuals at FSA-regulated parent or holding companies (although individuals at other EEA-regulated firms will remain excluded).
Of concern is the fact that there is to be no guidance on the standards of conduct expected of CF00 approved persons. In practice, a CF00 approved person is likely to be relatively distanced from day-to-day decisions made at the level of an FSA-regulated subsidiary firm and ought, therefore, to be judged differently from a serving director of the firm. It seems to us that this omission must be remedied, not least to allow individuals who need to be CF00 approved to understand the FSA’s expectations of approved persons in CF00 roles.
The changes made last August, which became effective earlier this month, have already caused practical difficulties as whether or not a parent level individual requires approval comes down to how each individual operates in practice (which will naturally vary from individual to individual). Affected groups may be tempted to review their reporting lines and management structures to remove the need for approval, resulting in regional businesses in the UK becoming more autonomous from the parent operation.
Other new controlled functions
The FSA has stated that the current SIF categorisation is too broad and does not allow it sufficient scope to track and vet individuals who may change roles within one of the current functions. The FSA intends to address this concern through the introduction of nine new SIF categories (of which CF00 discussed above is one). This more granular approach to SIF roles will inevitably give the FSA much more control over who is appointed to perform key roles at regulated firms.
Many of the new controlled functions relate to roles ascribed to non-executive directors, including the chairman, senior independent director and chairman of the board risk committee. The other new controlled functions focus on key control functions, with the existing CF28 function being slated for deletion in favour of three new controlled functions for the finance, risk and internal audit functions.
CP10/03 addresses specific recommendations of the Walker review relating to risk oversight by proposing new guidance in the FSA’s Senior Management Arrangements, Systems and Controls Sourcebook, to require firms to consider whether they should appoint a chief risk officer and establish a board risk committee. The proposed guidance is intended to apply in a proportionate manner on the basis of a firm’s size, nature and complexity. It seems clear that the FSA is signalling a desire for a general uplift in the role and status of CROs.
Interviews for candidates for SIF roles
The FSA has made it clear that it places considerable emphasis on good governance and, consequently, on the responsibilities of directors and senior managers of FSA-regulated firms. It has been interviewing certain candidates for SIF roles since October 2008 and set out its approach to the approval and supervision of persons carrying out certain SIF roles in a “Dear CEO” letter published in October 2009. The FSA has stressed that it is a firm’s responsibility to ensure that any candidate is fit and proper for the role in question, which means that firms should undertake sufficient due diligence on candidates and provide sufficient information to the FSA.
CP10/03 sets out more detail on the interview process to help firms understand the FSA’s expectations. SIF candidates will face a tougher application process, with a clear focus on their competence and capability to perform the role in question. Interviews will be held at the FSA’s discretion by a dedicated team and will involve candidates being assessed against specified core competences (whose precise relevance will vary from role to role).
Expectations of non-executive directors
The FSA regards non-executive directors as having a pivotal role in the governance of FSA-regulated firms, particularly as potential restraints on the behaviour of dominant personalities in executive management.
As a result, the FSA has signalled that the overall time commitment required of NEDs will be greater than in the past. CP10/03 proposes that firms should contractually specify the time commitment required of an NED and that the FSA will take into account when approving candidates for NED roles the ability of a candidate to meet that time commitment. The FSA aims to develop its relationship with NEDs to assist them with the execution of their duties, notably through increased dialogue and, for example, providing them with relevant sectoral updates.
Of concern is the fact that the FSA proposes to remove existing guidance (contained in SYSC 2.1.2G and 4.4.4G) that places limits around the potential liability of NEDs. This clearly signals an increase in the level of responsibilities attached to NEDs by the FSA; however, it does create a regrettable degree of uncertainty as to where the line will be drawn in terms of their potential regulatory liability where problems occur in an FSA-regulated firm. It remains to be seen whether this uncertainty will affect the ability of FSA-regulated firms to recruit NEDs to their boards.
How does corporate governance fit into intensive supervision?
It seems clear that the FSA will use the expanded scope of the approved persons regime and the more intrusive approach to the approval of candidates being put forward to perform SIF roles to articulate its expectations of firms’ corporate governance arrangements and ensure that they are taken into account in practice.
Corporate governance should be viewed as an integral part of the FSA’s intensive supervisory agenda, with the threat of regulatory intervention where the FSA has major concerns about the judgements made by a firm in relation to its corporate governance arrangements. The FSA sees NEDs as a crucial control on the behaviour of executive management and it seems clear that any NED who fails to devote the requisite amount of time to his role or to provide sufficient challenge to executive management will be firmly in the FSA’s sights where problems occur. It also seems likely that the FSA will scrutinise the role and standing of the CRO in those firms that do not currently treat this role as a board-level appointment.
Enforcement action against those performing SIF roles is likely to become more commonplace where problems occur, consistent with the FSA’s stated policy of credible deterrence. The fact that the FSA has thus far failed to articulate the standards expected of NEDs and CF00 approved persons and their potential liability is undeniably a matter of real concern. We hope that the FSA can be persuaded to remedy this omission, not least in the interest of fairness to those being put forward for approval to perform these roles.