Who’s afraid of the big bad regulator?

Virginie O’Shea, founder, Firebrand Research

There’s been a lot of discussion about how compliance fines continue to be viewed by the industry as “the cost of doing business” in regulatory quarters over recent months. The two GameStop hearings have repeatedly covered the topic and the EU has been abuzz with chat about governance in light of the enduring popularity of ESG. Now, I’ve already discussed the challenges related to instilling a compliance culture across a firm in a previous blog, but what do these discussions herald for the industry going forward?

Will we see a regulatory push toward holding individual executives more accountable for their compliance practices, rather than merely fining firms? If so, we already have proof that holding individuals to account at large financial institutions is much harder than it looks. The UK’s Financial Conduct Authority (FCA) introduced a regime to do just that back in 2016—the Senior Manager Certification Regime (SMCR)—but thus far, only one penalty has resulted from 34 investigations over the five-year period since its introduction.

The FCA and its partner in combating fincrime the Prudential Regulation Authority jointly fined Barclays CEO Jes Staley in 2018 for failing to act with what they called “due skill, care and diligence” in his response to an anonymous whistleblowing letter in 2016. That is the only successful fine that has resulted from SMCR investigations. Not exactly a stellar start to the regime for the UK regulator.

The UK regulator has not been alone on the global FinReg stage in coming up with governance and accountability guidelines, however. The Irish regulator has also taken a leaf from the FCA’s book with the proposed Senior Executive Accountability Regime (SEAR).

The Hong Kong Manager-in-Charge (MIC) Regime that came into force in 2017, the Australian Banking Executive Accountability Regime (BEAR) that came into force in 2018 and the Monetary Authority of Singapore’s Guidelines on Individual Accountability and Conduct (IAC Guidelines), which are in the process of being drawn up, have all followed a similar vein to SMCR in attempting to foster a greater sense of executive accountability across financial services. Much like SMCR though, it has been all quiet on the Eastern front when it comes to enforcement.

We all know that when it comes to regulation, it needs to have teeth to get the industry to really address underlying issues, particularly when those issues are deeply embedded and cultural in nature. To be effective deterrents to bad behaviour, SMCR, MIC and BEAR therefore need to result in financial penalties rather than investigations alone.

Given the growing importance of governance to the investor community, the industry can expect more regulators to head down this path too and that is likely to include the US market and potentially more EU-based regulators. But which regulator is going to prove its mettle in terms of individual accountability? Will the Securities and Exchange Commission (SEC) be tasked with proving a point to the rest of the world or will the FCA up its regulatory game in 2021?

The biggest challenge for any regulator is on locating an individual to hold accountable for various failings at a large financial institution. If, like Staley, you’re the CEO, it’s a little easier to prove, but passing the buck is commonplace across financial institutions. Regulators may not often have the necessary transparency to find the right person and the necessary proof to hold them personally accountable for various institutional infractions. Whistleblowing hotlines will certainly help in this regard – so perhaps the US does have an advantage over other markets?

What is certain is that the industry will be entering a new era of governance and accountability sooner rather than later. Regulators have a point to prove to the industry and each other.