As expected, the Central Bank published the planned Corporate Governance Code for Credit Institutions and Insurance Undertakings (the Code) yesterday. This follows the publication earlier this year of a consultation paper (CP41) to which the Central Bank received what it described as an "unprecedented volume of responses". Matthew Elderfield, speaking at the launch of the Code, said that the new rules deliver stronger standards for banks and insurance companies operating in Ireland.
The Code imposes the following:
- Minimum core standards on all credit institutions and insurance undertakings which are licensed or authorised by the Central Bank. Notably, this includes reinsurers (the inclusion of reinsurers in the scope was not originally envisaged in CP41) but excludes Captive Insurance undertakings and Special Purpose Reinsurance Vehicles (SPRVs). CP41 had specifically invited feedback from the captives sector on whether or not the full rigours of the requirements should be imposed on them.
- Additional and more robust requirements (set out in Appendix 1 to the Code) on certain entities which are designated as "Major Institutions" by the Central Bank, to reflect the risk and nature of those institutions.
The Code contains definitions of "major institution", "major credit institution" and "major insurance undertaking" and institutions will be informed in writing where the Central Bank considers that they are a major institution for the purposes of the Code. Giving more detail on this new arrangement, Matthew Elderfield said that the Central Bank will make its own judgements with regard to what constitutes a major institution. He said they will operate the Code in line with their risk based system of regulation and their "one size does not fit all" approach. He went on to say that the Central Bank will give firms an opportunity to make representations to them on whether they are major or not and he stated that the Central Bank is "open to dialogue" on this.
The Code will not apply to foreign incorporated subsidiaries of an Irish institution.
The Code applies to existing boards and directors from 1 January 2011. The Central Bank states that is conscious that institutions may need time to implement changes to systems and structures in order to ensure compliance with the Code. Institutions will be given until 30 June 2011 to introduce the necessary changes. Where changes to board membership are necessary this period will be extended to 31 December 2011 in order to allow institutions to identify and assess candidates prior to making appointments.
The Code contains detailed rules on the role, composition and function of boards.
The board is responsible for the effective, prudent and ethical oversight of the institution, setting the business strategy for the institution and ensuring that risk and compliance are properly managed. The role and responsibilities of the board must be properly documented and the board must have the necessary knowledge, skill, experience, expertise, professionalism, fitness, probity, and integrity to carry out their duties. The board must have a full understanding of the institution's business and risks, of their responsibilities and of the institution's financial statements. The board must meet at least quarterly.
Where a board applies group policies or functions, it must be satisfied that these policies are appropriate and that they take full account of Irish laws and regulations and the supervisory requirements of the Central Bank.
The board of an institution must have a minimum of five directors and be of sufficient size and expertise to adequately oversee the operations of the institution. The board should have a majority of non-executive directors. Board members are required to attend each board meeting unless they are unable to attend due to circumstances beyond their control (for example, due to illness). Their attendance and eligibility to vote at each meeting must be recorded in the minutes of each meeting.
There are restrictions on the number of directorships that an individual can hold, to ensure that each individual director has sufficient time to devote to the role. The number of directorships of credit institutions and insurance undertakings held by a director must not exceed five. However, this restriction does not apply to other directorships within a financial services group. The Code states that an individual holding more than five directorships of credit institutions and insurance undertakings, and eight non-financial directorships, creates a rebuttable presumption that the director has insufficient time available to fulfil his or her role and functions as a director of a financial institution. Where it is proposed that a director of an institution holds more than the set number of directorships, the prior approval of the Central Bank must be obtained. There are separate, more stringent limits for directorships of major institutions (see below).
In his statement launching the Code, Matthew Elderfield said that these limits would help to ensure that independent non-executive directors will devote sufficient time to their oversight responsibilities and will improve challenge in the board room. Regarding the concern that were not enough existing directors to go around, he said that the Central Bank believes it is possible to bring more directors into the financial services sector in Ireland by looking beyond the existing pool of directors and bringing outsiders into the board room. In addition, he mentioned the provision in the Code which provides that in calculating the number of directorships held, the Central Bank will exclude directorships held in the public interest on a voluntary and pro bono basis, provided that these directorships do not interfere with the director's ability to fulfil his role and functions properly.
Institutions must review board membership at least once every three years and must review, document and report to the Central Bank on the continued membership on the board of any person who is a member for nine years. The frequency with which board membership is renewed must also be documented.
The Chairman must be an independent non-executive director, must be proposed for re-election annually and must ensure that he or she can devote the required time to the role. The CEO of an institution may not advance to the role of Chairman of that institution within 5 years and the Chairman must not hold the position of Chairman or CEO of more than one credit institution or insurance undertaking at any one time.
The roles of CEO and Chairman must be separate. The CEO must also have relevant financial services expertise, qualifications or background, or be required to undergo training to enable him or her to comprehend the institution's business, activities, risks, his or her responsibilities and the institution's financial statements. The CEO must not hold the position of CEO of another institution or insurance undertaking at the same time, and the renewal of the CEO contract must be reviewed at least every 5 years.
Independent non-executive directors / executive directors
Independent non-executive directors must have a knowledge and understanding of the business, risks and material activities of the institution to enable them to contribute effectively. They must have relevant skills, experience and knowledge (such as accounting, auditing and risk management knowledge) and must provide an independent challenge to the executive directors of the board.
In a new provision which goes beyond the proposed wording in CP41, the Code sets out the role of the non-executive directors, under the Chairman's leadership, which is:
- To ensure that there is an effective executive team in place;
- To participate actively in constructively challenging and developing strategies proposed by the executive team;
- To participate actively in the board's decision-making process;
- To participate actively in board committees (where established);
- To exercise appropriate oversight over execution by the executive team of the agreed strategies, goals and objectives and to monitor reporting of performance.
The Code sees the role of executive directors, led by the CEO, as proposing strategies to the Board and, following challenging board scrutiny, executing the agreed strategies to the highest possible standards.
The board must demonstrate an understanding of the risks to which the institution is exposed and must establish a documented risk appetite for the institution, to be reviewed annually. The board must ensure that the risk management framework and internal controls reflect the risk appetite and that there are adequate arrangements in place to ensure that there is regular reporting to the board on compliance with the risk appetite. Any material deviation from the defined risk appetite measure must be reported to the Central Bank by the board in writing no later than 5 business days of the Board becoming aware of the deviation.
The board must establish an audit committee and a risk committee. Where the board comprises only 5 members, the full board may act as the Audit Committee and/or the Risk Committee. Where appropriate, the board should consider the appointment of a Remuneration Committee and/or Nomination Committee.
Where an institution is part of a wider group which has a Group Audit Committee and a Group Risk Committee, it may rely on those committees, provided that the board is satisfied that they are appropriate to the specific circumstances of the institution. Non-executive directors must play a leading role in these committees.
Each institution must submit an annual compliance statement to the Central Bank confirming that it has complied with the Code. The first report will be for the year end 2011 and must be submitted with the institution's annual report.
Breaches of the Code may be liable to the Central Bank using any of its regulatory powers, including, but not limited to, any or all of the following:
- The imposition of an administrative sanction under Part IIIC of the Central Bank Act 1942;
- The prosecution of an offence;
- The refusal to appoint a proposed director to any pre-approval controlled function where prescribed by the Central Bank pursuant to Part 3 of the Central Bank Reform Act 2010; and/or
- The suspension, removal or prohibition of an individual from carrying out a controlled function where prescribed by the Central Bank pursuant to Part 3 of the Central Bank Reform Act 2010.
Additional provisions for "major institutions"
Additional obligations are imposed on "major institutions" in Appendix 1 to the Code.
- Boards of major institutions must have seven directors. The board must consider whether a larger board is necessary and record their deliberations and decision in writing. There should be sufficient representation by executive directors on the board to ensure it is not dominated by one individual executive;
- The board must have a majority of independent non-executive directors. Different arrangements apply to subsidiaries of groups;
- The number of directorships of credit institutions and insurance undertakings must not exceed three;
- Any individual seeking to have directorships of more than five non-financial institutions must seek prior approval from the Central Bank;
- The board must conduct an annual assessment of its performance. An external evaluation must be carried out every three years, and the evaluation report submitted to the Central Bank;
- The board must meet at least 11 times a year; once per calendar month for 11 months of the year; and
- Boards of major institutions must establish an audit, risk, remuneration and nomination committee. In a group structure, separate remuneration and nomination committees may not be required, at the discretion of the Central Bank.