The FSA shifts its focus to individuals
As part of its response to the Financial Crisis, the FSA is determined to pursue directors and senior managers and hold them to account for their company's failings.
There is increasingly a feeling that unless individuals realise that if things go wrong within their sphere of responsibility they will personally be held to account by the FSA (and fined), behaviors will not change across the board.
So far, the FSA has found delivering on this task difficult – it recently lost a test case against a UBS executive for breach of duty, and it was unable to bring a case against executives involved in the failure of RBS in 2009.
In order to encourage the assumption of personal responsibility, and no doubt to make it easier to bring personal enforcement action, the FSA has decided that it can now demand that firms name a person responsible for specific regulatory or enforcement issues.
Under the move, institutions are forced to spell out in writing which senior person, generally someone in a “significant influence function” (SIF), will personally take charge of addressing a particular issue. Clive Adamson, the FSA’s director of conduct supervision, has said: “For sometime now we have been strengthening and enhancing our conduct supervision as we embed intensive supervision into our everyday work. As part of that we have been increasingly asking that firms identify senior managers who are responsible for specific policies or actions so that we can be clearer about accountability for delivering the most significant actions.”
The effort continued this month when, in the wake of the RBS IT failure which caused delays of up to 3 weeks in processing payments on 17million customer accounts, the FSA wrote to the Chairmen of the nine largest banks and building societies and asked them to name a senior manager who can be held personally responsible in the event of an IT systems failure.
We have little doubt that, in the long term, this development will see an increase in regulator enforcement action against individuals when things go wrong. As noted above, it is the reasoning behind the policy. The key will be whether the nominated person has taken reasonable steps to discharge his responsibility. In this regard, having a detailed policy and detailed procedures is fine so far as it goes, but could well be an 'evidential own goal' if they were not followed. That said, reliance on professional advice, committees, and complex management structures within companies may still allow the nominated person to diffuse responsibility.
D&O Insurers should nonetheless be alert to this new source of potential claims.
The market standard D&O policies for financial institutions will provide cover for the costs of the enforcement action, which can be hugely expensive. As part of rating the risk, underwriters might therefore like to enquire pre-inception what individuals have been nominated by the institution as being responsible for which issue or policies (if any), and seek further information as to that person's qualifications and experience. It might also be worth considering seeking details of the steps that person has taken or proposes to take in order to discharge that responsibility.