UK: How Might The Proposed New Senior Managers And Certification Regime For Individuals Have Affected Accountability For Foreign Exchange Manipulation?

Last Updated: 9 December 2014
Article by Richard Caird, Alexandra Doucas and Katharine Harle

Shakespeare's often misquoted suggestion, "first kill all the lawyers", still sells very successfully on mugs and T-shirts. It is likely that had he referred to bankers instead, merchandise sales would currently be at least as successful. The recent fine levied on five banks in respect of manipulation of spot FX rates has added fuel to the fire of public disapproval of banks and some of their behaviour. One of the most commonly perceived inadequacies of the authorities' response to this and other similar scandals has been a lack of individual accountability for the wrongdoing reported.

The notion of individual accountability covers a number of possibilities. It might refer to the accountability of the individual traders involved, or of their superiors who took no action to curb their activities. It could refer to criminal liability or to accountability to the regulator.

The FCA's and PRA's joint Consultation Paper "Strengthening accountability in banking: a new framework for individuals" states that public confidence in the banking system has been undermined by unclear or confused individual accountability. The new regime it proposes is designed to ensure greater accountability of individuals not only to the regulators but to their firms.

The new regime (yet to be announced in final form) is, of course, too late to affect FX manipulation. However, the issues surrounding the foreign exchange market may provide a useful prism through which to view the proposed new senior managers regime and accompanying changes.

In a subsequent article, we will consider how changes to the regulation of the market, rather than of the individuals who operate in it, might affect the type of behaviour identified by the FCA.

Foreign exchange manipulation - how was it done?

The spot rates investigated by regulators were those for the so-called G10 currencies as published by the European Central Bank (ECB) and WM Reuters at 13:15 and 16:00 respectively. The objective of the traders manipulating the "fix" was to ensure that the spot rate at which their banks would buy or sell currency to customers pursuant to existing orders was either higher or lower than the average at which the bank had bought or sold that day. The example given by the FCA in its Final Notices is that if the bank had net orders to sell currency to its customers, it would profit if the spot rate at which it did so was higher than the rate at which it had bought currency in the market that day.

This was achieved by traders forming groups in chat rooms in order to share information about their net positions (and occasionally confidential information about orders placed by specific clients), and then manoeuvring the individual positions of those within the group. So, for example, all the net buy orders within the group might be consolidated in the hands of just one trader who would execute a succession of large buys at just over the best available rate in the run-up to the fix, with the result that the spot price for that currency (which would determine the rate at which the bank then sold to its customers) would be artificially high.

The regulatory response

The fines levied by the FCA were for breaches of Principle 3 which requires firms to "take reasonable care to organise and control [their] affairs responsibly and effectively, with adequate risk management systems." The foreign exchange market is, of course, largely currently unregulated, and there were therefore no rules specific to the type of behaviour which had occurred.

The Final Notices published by the FCA are strikingly similar in content as regards the risk management model in place at the five banks, and its failure. All of them operated a "three lines of defence" model: the relevant business area's management being the first line of defence, with support from control functions such as Compliance, Risk and Legal (the second line of defence) and Internal Audit (the third line of defence).

The common criticisms made of the banks include:

  1. too much oversight being placed in the hands of the relevant business area's management, in the front office;
  2. that the banks had high-level policies in place which covered the sort of behaviour concerned, but did not deal specifically with the risks associated with G10 currency trading;
  3. that the right values and culture were not embedded within the front office teams;
  4. that those managing the front office were sometimes either aware of or complicit in the traders' activities;
  5. failure to implement properly general policies regarding confidentiality, conflicts of interest and trading conduct in the relevant teams;
  6. failure properly to monitor use of chat rooms;
  7. failure by the second and third "lines of defence" to challenge the front office appropriately.

The behaviour complained of, in an unregulated market, is unlikely to amount to market abuse under existing legislation. There was no requirement that traders be approved, so it is likely to be the case that many of those involved are not subject to the FCA's existing Approved Persons (APER) principles.

The new regime

The new rules on which the FCA and PRA are consulting fall into three categories:

  1. the Senior Managers regime;
  2. the certification regime; and
  3. conduct rules.

They represent the regulators' intended way of implementing the changes recommended in the report of the Parliamentary Commission on Banking Standards and the statutory reforms of the Financial Services (Banking Reform) Act 2013 (the 2013 Act).

The Senior Managers Regime

The stated aims of the PRA and FCA in their Senior Manager proposals are to focus on a smaller group of "key decision makers, responsible for the firm's main activities", and to ensure a "clearer allocation of responsibilities to key individuals, which minimises the potential for overlaps and underlaps in accountability", when compared to the existing Significant Influence Function (SIF) and APER regime.

There are perhaps two key features of the proposed new rules. The first is that individuals performing Senior Management Functions (SMFs) as designated by the regulators will require pre-approval before they are appointed. Applications must be accompanied by a Statement of Responsibilities which must be updated whenever an individual's duties change, and approvals granted can be limited by time or by conditions. Firms will also be required to maintain a Responsibilities Map describing the firm's management and governance arrangements. The regulators intend the changes to promote "clearer internal governance" as well as assisting supervision and enforcement.

The second key feature is the "Presumption of Responsibility" created by the new regime, whereby the Senior Manager responsible for an area where a contravention occurs can be held accountable for it unless he or she can show that they have taken reasonable steps to prevent it. Unlike the requirement for pre-approval, this aspect of the rule changes is directed at ensuring accountability for problems which arise, rather than giving regulatory oversight of the identity of individuals with key responsibilities.

The PRA and FCA have produced a combined list of 18 SMFs, which might conveniently be thought of as a list of job titles, the usual duties of which would make the holder a Senior Manager. Underlying this is a combined list of responsibilities which the regulators will require firms to allocate to an individual.

The recommendation which the regulators are trying to put into effect (while allowing firms some flexibility of structure) is that anyone at board or executive committee level should be caught by the new regime. The PRA also proposes to introduce a concept of Group Entity Senior Manager to capture those outside the authorised firm but within its wider group who might exercise significant influence. The FCA proposes a designation of Significant Responsibility SMF, an individual who is not a member of the board or executive committee, but who has overall responsibility for a particular function and is primarily responsible for reporting to the board about it.

Scanning the list of responsibilities which the PRA and FCA will require to be allocated to a Senior Manager is an interesting exercise in the context of the issues surrounding FX manipulation. On the PRA's list for example is: "embedding the firm's culture and standards in relation to the carrying on of its business and the behaviours of its staff in the day-to-day management of the firm".

Referring back to the common criticisms made of the firms fined by the FCA, how would they fit in? Assuming that the banks retained their "three lines of defence" model, it is clear that those who have ultimate responsibility for the second and third lines (including Compliance, Risk and Internal Audit functions) will require approval as Senior Managers under the new regime, and therefore in the future would be held accountable for their failings.

The first line of defence in relation to FX manipulation (and the one primarily responsible for not catching the problematic behaviour) was, of course, the front office. What exactly the "front office" is for these purposes will depend on the structure of the bank in question. The position held by the person ultimately responsible for a business area within a bank is to be an SMF, but the definition of SMF is itself tied to regulated activity (which currency trading currently is not). Will it therefore be the case that an individual responsible for an unregulated area of the bank's business will be a Senior Manager? The answer may well be no. In this regard it should be noted that although reforms to regulation of FX are proposed, there is at present no plan to make spot FX a regulated activity.

If that is the case, then the result may be that those responsible for the failure to detect improper behaviour (including Compliance, Risk, Internal Audit, and the individual responsible for embedding the appropriate values and culture within the firm) will be held accountable under the new regime, whereas those ultimately responsible for the trading desk itself would not.

The certification regime

The certification regime aims to extend the "fit and proper person" test more widely than its current application. Crucially firms (rather than the regulators) will be responsible for certifying that each employee meeting specific criteria is fit and proper to hold their position, and to renew such certification annually at least, and on any change in role.

In order to require certification, an individual must perform a "significant harm function" (i.e. one capable of causing significant harm to the firm or its customers in relation to any regulated activity). The PRA bases its criteria on the definition of "material risk taker" in the Capital Requirements Directive and the FCA/PRA joint consultation on remuneration. The FCA has adopted a similar approach but has included: anyone performing a function which is a SIF under the existing regime, but which will not be a SMF; anyone with a customer-facing role which is subject to qualification requirement; and anyone supervising or managing a certified person.

It is unlikely that this aspect of the proposed rule changes would have had much effect on the FX manipulation scenario. The certification regime does not apply to unregulated activities, nor does it seem likely to have much effect on holding individuals to account for misdemeanours, as opposed to trying to ensure that those likely to commit them are not appointed in the first place. Rather, since responsibility for certifying individuals will rest with the bank as opposed to the regulator, it seems likely to provide a further avenue in respect of which the regulators can hold firms to account and, if misconduct is discovered, levy large fines. Going forward of course, depending on the extent to which the FX market becomes regulated in the UK following on from the Fair and Effective Markets Review and similar initiatives, the position regarding individuals may well be different.

The Conduct Rules

It is the final part of the proposed new regime, the introduction of individual conduct rules, which may well be the most apt to deal with a situation like FX manipulation or any other misdemeanour concerning individuals who are not subject to the Senior Managers or certification regimes. The conduct rules are, in essence, nine high-level rules which will be applied by the FCA to a wide body of people. Unlike the SMF and certification regimes, they are not specific to regulated activities.

The proposed conduct rules are:

Rule 1: You must act with integrity.

Rule 2: You must act with due skill, care and diligence.

Rule 3: You must be open and cooperative with the FCA, the PRA and other regulators.

Rule 4: You must pay due regard to the interests of customers and treat them fairly (FCA only).

Rule 5: You must observe proper standards of market conduct (FCA only).

SM1: You must take reasonable steps to ensure that the business of the firm for which you are responsible is controlled effectively.

SM2: You must take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system.

SM3: You must take reasonable steps to ensure that any delegation of your responsibilities is to an appropriate person and that you oversee the discharge of the delegated responsibility effectively.

SM4: You must disclose appropriately any information of which the FCA or PRA would reasonably expect notice.

The rules with the prefix SM will apply to Senior Managers only. The remaining rules will be applied by the FCA to all employees of relevant firms with the exception of 20 specified categories comprising ancillary staff whose role is not specific to the financial services business of the firm (e.g. receptionists, security guards, IT helpdesk and HR administrators). It is interesting to note that in-house lawyers who are already subject to professional regulation will, under this regime, find themselves dually regulated in relation to their work.

It seems clear that much of the activity complained of by regulators in relation to FX manipulation would fall foul of Rules 1, 4, 5, SM1, SM2 and SM4.

Firms will be required to notify the FCA of any suspected breaches of the conduct rules and disciplinary action taken, within seven days in the case of Senior Managers, and in a quarterly compendious report for others. The FCA will be able to impose penalties (such as a fine, publication of the individual's wrongdoing, or suspension/removal of approval) in respect of any breach and the firm's reporting will, of course, make the regulator's job in identifying misconduct easier.

There does not at present seem to be any proposal in the rules to the effect that breach of a conduct rule will not give rise to a right of action by anyone affected. Breaches of FCA rules give rise to such rights unless specified otherwise. Section 64 of FSMA (repealed by the 2013 Act) allowed the FCA to create codes of conduct for approved persons, but specified that breaches of such rules would not give rise to a right to damages or render affected transactions unenforceable. Neither protection appears in the new statutory provisions inserted by the 2013 Act. Breach of the FCA's Principles for Business (on which the new conduct rules are expressly based) also does not give rise to a claim by those affected.

The proposed C-CON sourcebook (which will contain the individual conduct rules) does not currently contain any proposal that breach of the new conduct rules will not be actionable. It is likely that such a provision will appear in C-CON in due course. If it does not, it would have the odd (and unjust) result that individual bank staff, who might be very junior, could be sued for breaches of high-level rules in circumstances where their employer could not. It seems unlikely that this can be the intended result.

Conclusions

The new regime for individual accountability which has been proposed is lengthy, complex, and still in the process of finalisation.

It was (quite justifiably) reactive to the scandals which had engulfed the banking industry at the time when it was formulated, but there must be questions as to whether the new Senior Managers regime will be enough in itself to address public concerns about lack of accountability in the wake of the FX scandal, unless it is accompanied by significant regulation of the foreign exchange market and not just in the UK.

It may also prove to be a weakness of the new Senior Managers regime that its effectiveness is dependent on being able to identify an individual who is responsible within the organisation for every failing. It is rare, however, that problems fit neatly into particular boxes (particularly where they occur in what is currently an unregulated market), and it remains to be seen whether the regulators succeed in removing the "overlap and underlap" which they say has undermined the principle of individual accountability. It may turn out to be the case that without regulating the market, it proves difficult to hold senior personnel to account.

Those who will obviously be in the firing line for this type of behaviour going forward are those responsible for functions such as Compliance, Risk and Internal Audit. Given the criticisms which appear in the FX Final Notices (not for the first time) that these functions were not strong enough to curb poor behaviour, it remains to be seen whether the new regime will assist in strengthening them within their organisations or whether high quality individuals in these areas will be deterred from continuing in these roles for fear of personal liability. It may well be a legitimate regulatory strategy to go after those individuals, but it is likely that the heads which the public may (metaphorically one hopes) wish to see on pikes are those of the individuals responsible for the trading desks where mistakes (and possible profits) were made.

The aspect of the proposed rule changes which seems particularly applicable to FX manipulation is the introduction of individual conduct rules. These seem likely to capture the behaviour complained of, and provide a means of holding individual traders to account.  For those individuals, it is likely that the prospect of regulatory action would be considered preferable to the current situation where the SFO has been given "a blank cheque" by George Osborne to pursue criminal wrongdoing in the FX market.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Authors
Events from this Firm
21 Sep 2017, Seminar, London, UK

Is there such a thing as "energy law"? What do "energy lawyers" do? And why should it be of interest to anyone else?

28 Sep 2017, Seminar, London, UK

On 26 July the FCA published its long-expected consultation paper on the extension of the SMCR to all FCA-authorised firms. The so-called "core regime" introduces the key concepts of regulator-approved senior managers, firm-approved certification staff and conduct rules applicable to virtually all staff.

3 Oct 2017, Conference, Zurich, Switzerland

As the founding Partner of the Europe-Iran Forum, Dentons Europe will once again support this year’s event. This compelling event which explores all Iran-related topics will take place in Zürich on 3rd and 4th October.

 
In association with
Related Video
Up-coming Events Search
Tools
Print
Font Size:
Translation
Channels
Mondaq on Twitter
 
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
 
Email Address
Company Name
Password
Confirm Password
Position
Mondaq Topics -- Select your Interests
 Accounting
 Anti-trust
 Commercial
 Compliance
 Consumer
 Criminal
 Employment
 Energy
 Environment
 Family
 Finance
 Government
 Healthcare
 Immigration
 Insolvency
 Insurance
 International
 IP
 Law Performance
 Law Practice
 Litigation
 Media & IT
 Privacy
 Real Estate
 Strategy
 Tax
 Technology
 Transport
 Wealth Mgt
Regions
Africa
Asia
Asia Pacific
Australasia
Canada
Caribbean
Europe
European Union
Latin America
Middle East
U.K.
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.

Disclaimer

Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.

Registration

Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.

Cookies

A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

Links

This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.

Mail-A-Friend

If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.

Security

This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at enquiries@mondaq.com.

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.