Recent case shows not just senior managers target of FCA’s personal accountability drive, says expert

Out-Law Analysis | 13 Apr 2015 | 10:44 am | 4 min. read

FOCUS: Recent enforcement action by the Financial Conduct Authority (FCA) starkly demonstrates that no individual in a regulated financial services firm can hide behind another or attempt to abdicate from responsibility.

New rules designed to make it easier for regulators to hold the senior managers of UK banks and building societies personally accountable for failings in their area of responsibility have received plenty of publicity, but enforcement action taken by the FCA at the beginning of March dramatically demonstrates the extent to which other staff will be held similarly liable. The FCA imposed a £2.1 million fine and placed restrictions on the Bank of Beirut for misleading it in relation to the implementation of action points on a ‘remediation plan’ – but more interesting was how it dealt with the bank’s former compliance officer and internal auditor.

Both Anthony Wills, the bank’s former compliance officer, and Michael Allin, an internal auditor, were tasked with addressing a number of required regulatory actions. Both were found to be in breach of the FCA’s Statement of Principles for Approved Persons 4, requiring them to deal with regulators in an “open and cooperative way” when responding to queries about the actions taken to mitigate financial crime risk. The regulator acknowledged that both individuals were influenced by the bank’s senior management, but found that this did not excuse their misconduct.

The FCA’s somewhat harsh stance when dealing with the employees is a stark warning that, while it recognises the difficult position a compliance officer faces when acting as the communicator between senior management and the regulator, there is an overriding duty to the regulator to be open and to cooperate with their enquiries. The FCA has indicated in no uncertain terms that if faced with such a predicament, the compliance officer “should have resisted any senior management influence … as an approved person, he remained personally bound by his own regulatory responsibilities”.

Although these statements come as no surprise in light of a growing new wave of increased individual accountability, they create a professional dilemma from the compliance officer’s perspective. If the compliance officer has escalated his concerns to senior management who choose, inadvertently or otherwise, to ignore their concerns or, even worse, to direct that false or misleading information is conveyed to the regulator, what is that officer to do? Is the compliance officer forced essentially to ‘whistleblow’ on his senior management team, in order to fulfil his personal regulatory duty as an approved person; or will compliance officers be pushed to consider another way out – resignation perhaps – to avoid the potential repercussions of whistleblowing on senior management to the regulator?

The compliance officer

Anthony Wills was employed as compliance officer of Bank of Beirut from July 2011. Part of his role was to address a number of actions set out by the regulator following supervisory visits to the firm in 2010 and 2011. In particular, he was responsible for developing and implementing a compliance monitoring plan and was the bank’s lead point of contact in most communications with the regulator.

The FCA found that Wills had failed to inform it about delays in the implementation of the compliance monitoring plan, and had knowingly provided incorrect information to the regulator on a number of occasions. Further, he was criticised for not correcting this misleading information when he had the opportunity to do so.

In his defence, Wills stated that he was not provided with sufficient resource to conduct his role and that he felt under pressure from senior management to be “careful” in his communications with the FCA. He had, for instance, described his communications with the regulator in an email to senior management as “fairly guarded” – presumably to allay any panic or concern by senior management on the degree of candour. Although the FCA recognised that his actions were influenced by senior management, this did not in its view “excuse his misconduct” given the duties of candour attached to his responsibility to communicate with the regulator and his unique role which best placed him to understand the position in relation to regulatory compliance.

Wills was fined £19,600, which benefitted from a 30% discount for early settlement.

The internal auditor

Michael Allin was employed as an internal auditor by the Bank of Beirut from January 2012. Although he began work after the FCA’s visits to the bank in 2010 and 2011, the regulator had specifically required him to review whether the bank had carried out all the required action and to provide the FCA with assurance that the necessary improvements had been embedded in the bank’s processes by 1 June 2012.

The FCA found that Allin had failed to deal with it in an open and cooperative way and had failed to disclose information appropriately. In particular, Allin had provided an assurance to the regulator in June 2012 that all of the action points had been implemented even though he had failed to review the bank’s implementation of these and was aware that it had still not completed two of the required actions. In addition, in November of the same year Allin prepared a report for the FCA which gave a misleading impression about the bank’s completion of a specific action point and omitted information from this report.

Again, although the regulator recognised that Allin was influenced by senior management, its ‘final notice’ against him made it clear that this did not excuse his misconduct. Allin was in a position to understand the true position of the bank’s compliance, and should have resisted senior management, it said.

Allin was fined £9,900 for his misconduct, again taking into account early settlement.

Learning points

This case shows that the potential for conflict between resistance from senior management and pressure from the regulators is far from hypothetical. Compliance officers working in a subsidiary where senior management is based abroad at a parent bank where respective regulatory obligations do not match those of the UK regulators may also face similar difficulties.

Those working in compliance departments should take heed of the following points which this case addresses:

  • Attestations: It is important that authorised firms ensure that any assurances, or ‘attestations’, made by an individual acting on behalf of the company are accurate. It would be advisable to have a record of all such attestations made so that responsibilities can be allocated accordingly;
  • Approved persons’ obligations: Approved persons have independent obligations to act in a cooperative manner with the regulator. As a result, the approved person should make compliance with these obligations a priority, even if this means resisting senior management;
  • Senior management: Although the FCA did not announce that it was taking any action in this case against the senior management who influenced the communications with the FCA, there is no indication that senior management would be immune from sanction in similar cases in the future – particularly in light of the regulators’ recent focus on senior management.

Elena Elia is a financial regulation and enforcement expert at Pinsent Masons, the law firm behind Out-Law.com.