The Central Bank (Individual Accountability Framework) Bill 2022 seeks to give more individual accountability to those in the financial services industry. Sinead Ovenden outlines what the Bill will change and how firms can best prepare for it.
The Central Bank (Individual Accountability Framework) Bill 2022 sets out changes to the Central Bank of Ireland's (CBI) powers to strengthen and enhance individual accountability in the financial services industry. This will be achieved by breaking the 'participation link', which requires wrongdoing by the firm to be proved before enforcement action can commence against individuals in that firm.
The Bill also introduces amendments to the CBI's Administrative Sanctions Procedure to align with the Supreme Court's 2021 decision in Zalewski v An Adjudication Officer.
The Bill will ensure greater transparency and accountability within financial service providers by requiring firms to:
- clearly describe where responsibility lies through statements of responsibility and management responsibility maps;
- confirm through an annual certificate of compliance that those performing controlled functions (CFs) are, and remain, "fit and proper";
- introduce new common conduct standards for CFs, additional conduct standards for pre-approval-controlled functions (PCFs) and any other individuals exercising significant influence on the firm and business standards applicable to the firm; and
- impose on senior executive function holders (SEFs) a duty of responsibility to take "any step that is reasonable in the circumstances" concerning the business areas they are responsible for to avoid contravention of the firm's financial services obligations.
This is a language change in the General Scheme of the Individual Accountability Framework Bill in 2021, which required SEFs to "take reasonable steps". But without specific examples, the practical impact of this change remains unclear.
The Bill also includes an obligation on individuals performing CFs and PCFs to take any steps that are reasonable in the circumstances to ensure the conduct standards are met.
Where an individual acknowledges a contravention, an alternative procedure will be made available under the Administrative Sanctions Procedure (ASP). This will allow the CBI to dispense an enquiry and impose a sanction on the individual, which will not take effect unless the High Court confirms it.
How to prepare
The CBI will set out the details around key elements of the regime – specifically, statements of responsibility, management responsibility maps and reasonable steps – in a consultation paper once the Bill is enacted. Regulations will be finalised following this consultation.
However, firms should commence their preparations now by considering the following points.
Clarity around responsibilities and the overall governance framework
Firms must produce responsibility maps and statements of responsibility for all SEFs.
For example, in the UK, the regulator highlighted weaknesses in these documents about matters reserved for decision-making bodies (for example, boards versus board committees) and how individual responsibilities fit into the overall governance framework.
Firms should review their current governance framework, committee terms of reference and individual responsibilities to identify gaps or areas of overlap and ensure consistency across their documentation.
Individual and collective responsibility
The increased regulatory scrutiny of individual responsibility should not be interpreted as undermining expectations around collective decision-making. How the board interacts to set the tone from the top, determine strategy and challenge the executive on its implementation will remain a key area of focus for supervisors.
Individuals, however, will need to be clear on how key decisions are reached and whether challenges or alternatives have been given sufficient consideration.
Communicating increased regulatory expectations to the board, and non-executive directors workshopping how reasonable steps may be demonstrated, and illustrating the complementary nature of individual and collective responsibility are all examples of activities that can be implemented now.
Implementation: business as usual
Individual accountability is a journey rather than a destination.
Aligning processes around conduct breach monitoring and reporting will require ongoing support, training and refinement. Considering how you will embed and test the desired culture and behaviours required to demonstrate that you are adhering to the requirements' spirit – not just the letter – will also be an iterative journey.
It is never too soon to start thinking about how you can enhance your culture of accountability and articulate that the work doesn't stop once the project is complete, but is an ongoing process of review and refinement.
Sinead Ovenden is Partner at PwC.