Ethics articles

A mainstay of Ireland’s financial services landscape for over 60 years, our credit unions are entering an exciting phase with recent developments presenting new opportunities to adapt and change Credit unions are an important part of the financial services landscape. With offices a common feature of cities, towns and villages throughout Ireland, they play a key role in the day-to-day finances of many Irish people and communities. There are more than 3.6 million credit union members on the island of Ireland.  A history of credit unions Credit unions were first established in Ireland in the late 1950s and quickly became a repository for savings and a source of loans for many people. The total value of loans extended by credit unions in the Republic of Ireland is currently around €5 billion, with total savings coming to about €16 billion.  Average sector total reserves, as a percentage of total assets, is approximately 16 percent, which serves to underpin the confidence of their members, particularly in times of uncertainty and disruptive change. These institutions are not-for-profit financial co-operatives. They are owned and controlled by their members and therefore have a different business model to retail banks. Each credit union is independent, with its own board of directors, charged with overall responsibility for running the credit union.  Because they are part of the financial services sector, credit unions are governed by legislation in Ireland, principally the Credit Union Act 1997, as amended, and regulated by the Central Bank.  Significant amendments to the 1997 Act were introduced by the Credit Union and Co-operation with Overseas Regulators Act 2012, and this is the legislative regime under which credit unions currently operate. The credit union sector has been relatively stable in terms of any legislative or government policy changes. However, two recent developments, the Credit Union (Amendment) Bill 2022 and the Retail Banking Review (November 2022), present new opportunities for credit unions to adapt and change their business models and enhance their product and service offerings to members. The Credit Union (Amendment) Bill 2022 The first major legislative change for credit unions since the 2012 Act, the Credit Union (Amendment) Bill 2022 (the Bill) was published on 30 November 2022 following over two years of stakeholder engagement, with over 100 proposals considered. Highly technical and not an easy read, the Bill is currently before the Dáil, where proposals for amendments will be considered.  There is no fixed timeline for enactment and, post-enactment, commencement of sections may occur in phases, with the Central Bank of Ireland having to amend regulations to accommodate the new provisions.  The main provisions of the Bill involve: the establishment of ‘corporate credit unions’; amending the requirements and qualifications for membership of credit unions; altering the scope of permitted investments by credit unions; changes to the governance of credit unions; maximum interest rates on loans by credit unions; provision of services by credit unions to members of other credit unions; and participation by credit unions in loans to members of other credit unions. Collaboration between credit unions The introduction of ‘corporate credit unions’ should support greater collaboration between credit unions, facilitating a pooling of resources and greater access to funding.  A new form of regulated entity, their membership would be restricted to other credit unions, with lending allowed only to those members. Further collaboration is envisaged with a provision in the Bill allowing all credit unions to refer members to other credit unions to avail of a service that the original credit union does not provide.  While such referral is not mandatory, it is a new option for making additional services available to members—for example, a current account facility where the original credit union may be reluctant to provide this service to all members based on cost or other reasons.  Another provision enabling collaboration allows a credit union to participate in a loan to a member of another credit union. This will facilitate risk sharing associated with the loan and will make it easier for an individual credit union to offer larger loans to its members.  Regarding lending to businesses, and other organisations or associations, there is a further key provision in the Bill for “bodies” (incorporated or unincorporated) to be allowed join a credit union with the same rights and obligations as a “natural person” (member).  This is, however, subject to conditions that a majority of the members of the body would be eligible to join the credit union and the body meets the common bond requirement. Ultimately, this will make it easier for credit unions to lend to such bodies and is principally focused on SMEs. While none of these changes are mandatory, they do provide new options and opportunities for credit unions. Governance changes Regarding changes in governance, two provisions stand out: the option to appoint the manager (chief executive officer) of the credit union to the board; and  reduction of the minimum number of board meetings per year to six, down from the current 10.   The extent to which these changes will be adopted remains to be seen, as many credit union boards may be content with the existing practice.   Where a credit union decides to include its manager as a board member, the Bill proposes that this will be done by their direct appointment to the board and not by election at a general meeting of members.  The term can be for any length but cannot extend beyond the individual’s term as manager.  One restriction on the manager as a board member is that they cannot sit on the nomination committee of the credit union, the membership of which is restricted to board members who have been co-opted or elected at general meetings.  Similarly, regarding the frequency of board meetings, the board may be reluctant to change the current practice of having at least one meeting per month, concluding that it cannot adequately carry out its responsibilities with only six board meetings.  Because of the voluntary ethos of credit unions, the historically close involvement of board members with the credit union, and the relatively onerous responsibilities of boards, it may take some time before six board meetings is considered the norm. Other governance changes proposed by the 2022 Bill include reducing the number of board oversight committee meetings, removing the requirement for the board oversight committee to sign the audited annual accounts, and extending from annually to every three years the review of specific policies by the board. The Credit Union (Amendment) Bill 2022 includes substantive policy change in the areas of collaboration, members’ services, and governance. It seeks to give more power to credit unions to determine strategy and, when enacted, will require consequential changes to Central Bank regulations.  To fully exploit the options and opportunities enabled by its provisions will require significant work by the sector. The Retail Banking Review 2022 In November 2022, following its approval by Government, Minister for Finance, Paschal Donohoe, and Minister of State for Financial Services, Credit Unions and Insurance, Sean Fleming, published the report of the Retail Banking Review (the Review).  Driven by the departure of two major banks, Ulster Bank and KBC, this is a broad-ranging review of the retail banking sector in Ireland, including the credit union sector.  In relation to credit unions, the Review states: “Credit unions have a strong and trusted brand, they are present in communities throughout the country, and have been developing their product offering. The credit unions are already a significant player in consumer credit, and they are making inroads in the current account, mortgages and SME segments of the market. These developments, coupled with their collectively strong levels of capital and deposit bases, leads the Review Team to believe that credit unions could play a greater role in the provision of retail banking products and services in the coming years.” Referencing the Credit Union (Amendment) Bill 2022, the Review recommends that the credit union sector develop a strategic plan to deliver business model changes that would enable it to sustainably provide a universal product offering to all credit union members. Provided directly or on a referral basis, this would continue to be community-based. The Review suggests that such a strategic plan should show how credit unions can: viably scale their business model in key product areas such as mortgages and SME lending; invest in expertise, systems, controls, and processes to deliver standard products and services across all credit unions, while managing any risks arising and continuing to protect members’ savings; provide the option of in-branch services for members of all credit unions. Both the Bill and the Review point to new opportunities for credit unions and demonstrate confidence in their future as part of the Irish financial services sector. For these opportunities to be successfully managed, however, credit unions must continue to maintain high levels of governance so that legislators, the Central Bank, their members, and the wider community can have confidence in the sector.  Credit unions have done much for many people in Ireland for more than 60 years. These developments in legislation and government policy point to their continued and increasing relevance in the years ahead. Gene Boyd, FCA, is a risk management consultant and author of The Governance of Credit Unions in Ireland

The roadmap for the EU Commission’s milestone Corporate Sustainability Reporting Directive is taking shape and now is the time to start preparing for a brave new era in non-financial reporting, writes Conor Holland With the Corporate Sustainability Reporting Directive (CSRD) now approved by the European Council, entities in the EU must begin to invest significant time and resources in preparing for the advent of a new era in non-financial reporting, which places the public disclosure of environmental, social affairs and governance matters (ESG) matters on a par with financial information. Under the CSRD, entities will have to disclose much more sustainability-related information about their business models, strategy and supply chains than they have to date. They will also need to report ESG information in a standardised format that can be assured by an independent third party. For those charged with governance, the CSRD will bring further augmented requirements. Audit committees will need to oversee new reporting processes and monitor the effectiveness of systems and controls setup. They will also have enhanced responsibilities. Along with monitoring an entity’s ESG reporting process, and evaluating the integrity of the sustainability information reported by that entity, audit committees will need to: Monitor the effectiveness of the entity’s internal quality control and risk management systems and internal audit functions; Monitor the assurance of annual and consolidated sustainability reporting; Inform the entity’s administrative or supervisory body of the outcome of the assurance of sustainability reporting; and Review and monitor the independence of the assurance provider. The CSRD stipulates the requirement for limited assurance over the reported information. However, it also includes the option for assurance requirements to evolve to reasonable assurance at a later stage. The EU estimates that 49,000 companies across the EU will fall under the requirements of the new CSRD Directive, compared to the 11,600 companies that currently have reporting obligations. The EU has confirmed that the implementation of the CSRD will take place in three stages: 1 January 2024 for companies already subject to the non-financial reporting directive (reporting in 2025 for the financial year 2024); 1 January 2025 for large companies that are not presently subject to the non-financial reporting directive (reporting in 2026 for the financial year 2025); 1 January 2026 for listed SMEs, small and non-complex credit institutions, and captive insurance undertakings (reporting in 2027 for the financial year 2026). A large undertaking is defined as an entity that exceeds at least two of the following criteria: A net turnover of €40 million A balance sheet total of €20 million 250 employees on average over the financial year The final text of the CSRD has also set timelines for when the Commission should adopt further delegated acts on reporting standards, with 30 June 2023 set as the date by which the Commission should adopt delegated acts specifying the information that undertakings will be required to report. European Financial Reporting Advisory Group In tandem, the European Financial Reporting Advisory Group (EFRAG) is working on a first set of draft sustainability reporting standards (ESRS). These draft standards will be ready for consideration by the Commission once the Parliament and Council have agreed a legislative text. The current draft standards provide an outline as to the depth and breadth of what entities will be required to report. Significantly, the ESRS should be considered as analogous to accountancy standards—with detailed disclosure requirements (qualitative and quantitative), a conceptual framework and associated application guidance. Readers should take note—the ESRS are much more than a handful of metrics supplementary to the financial statements. They represent a step change in what corporate reporting entails, moving non-financial information toward an equilibrium with financial information. Moreover, the reporting boundaries would be based on financial statements but expanded significantly for the upstream and downstream value chain, meaning an entity would need to capture material sustainability matters that are connected to the entity by its direct or indirect business relationships, regardless of its level of control over them. While the standards and associated requirements are now largely finalised, in early November 2022, EFRAG published a revised iteration to the draft ESRS, introducing certain changes to the original draft standards. While the broad requirements and content remain largely the same, some notable changes include: Structure of the reporting areas has been aligned with TCFD (Task Force on Climate-Related Financial Disclosures) and ISSB (International Sustainability Standards Board) standards – specifically, the ESRS will be tailored around “governance”, “strategy”, “management of impacts, risks and opportunities”, and “metrics and targets”. Definition of financial materiality is now more closely aligned to ISSB standards. Impact materiality is more commensurate with the GRI (Global Reporting Initiative) definition of impact materiality. Time horizons are now just a recommendation; entities may deviate and would disclose their entity-specific time horizons used. Incorporation of one governance standard into the cross-cutting standard requirements on the reporting area of governance. Slight reduction in the number of data points required within the disclosure requirements. ESRS and international standards By adopting double materiality principles, the proposed ESRS consider a wider range of stakeholders than IFRS® Sustainability Disclosure Standards or the US Securities and Exchange Commission (SEC) published proposal. Instead, they aim to meet public policy objectives as well as meeting the needs of capital markets. It is the ISSB’s aim to create a global baseline for sustainability reporting standards that allows local standard setters to add additional requirements (building blocks), rather than face a coexistence of multiple separate frameworks. The CSRD requires EFRAG to take account of global standard-setting initiatives to the greatest extent possible. In this regard, EFRAG has published a comparison with the ISSB’s proposals and committed to joining an ISSB working group to drive global alignment. However, in the short term, entities and investors may potentially have to deal with three sets of sustainability reporting standards in setting up their reporting processes, controls, and governance. Key differences The proposed ESRS list detailed disclosure requirements for all ESG topics. The proposed IFRS Sustainability Disclosure Standards would also require disclosure in relation to all relevant ESG topics, but the ISSB has to date only prepared a detailed exposure draft on climate, asking preparers to consider general requirements and other sources of information to report on other sustainability topics. The SEC focused on climate in its recent proposal. The proposed ESRS are more prescriptive, and the number of disclosure requirements significantly exceeds those in the proposed IFRS Sustainability Disclosure Standards. Whereas the proposed IFRS Sustainability Disclosure Standards are intended to focus on the information needs of capital markets, ESRS also aim to address the policy objectives of the EU by addressing wider stakeholder needs. Given the significance of the directive—and the remaining time to get ready for it—entities should now start preparing for its implementation. It is important that entities develop plans to understand the full extent of the CSRD requirements, and the implications for their reporting infrastructure. As such, they should take some immediate steps to prepare, and consider: Performing a gap analysis—i.e. what the entity reports today, contrasted with what will be required under the CSRD. This is a useful exercise to inform entities on where resources should be directed, including how management identify sustainability-related information, and what KPIs they will be required to report on. Undertaking a ‘double materiality’ analysis to identify what topics would be considered material from an impact and financial perspective—as required under the CSRD. Get ‘assurance ready’—entities will need to be comfortable that processes and controls exist to support ESG information, and that the information can ultimately be assured. The Corporate Sustainability Reporting Directive represents a fundamental change in the nature of corporate reporting—the time to act is now and the first deadline is closing in.

Companies preparing for the commencement of the Protected Disclosures (Amendment) Act 2022 in the New Year will need to overhaul whistleblowing policies and processes, but the effort will bring clear benefits, writes Gráinne Madden Encouraging people in an organisation to speak up about their concerns should be a no-brainer. Why would an organisation not want to know about a potential risk? Why would an organisation want an employee to feel the need to go to an external body, such as a regulator or the media, to highlight internal problems? International research repeatedly reinforces that there are two main reasons why people fail to speak up about their suspicions of wrongdoing. First, there is the fear of retaliation. Current Irish and UK law is seeking to address this by offering protection. The second reason people fail to speak up about their suspicions of wrongdoing in an organisation is fear of futility. This is the fear that nothing will be done, even if they do speak up—and this is why having clear policies and processes in place is so important.  The absence of a whistleblowing policy and process in an organisation will certainly send the message that the organisation does not really want to hear about any problematic issues that may exist or arise.  As it stands, in Ireland and the UK, workers are entitled to legal protection against dismissal, or other reprisal from their employer or colleagues, when disclosing concerns about certain issues. Until now, however—except in certain sector-specific areas—most organisations have not been required to put a whistleblowing policy or procedures in place, or to follow up on such disclosures.  The EU Whistleblowing Directive will, however, bring major changes to which organisations operating in EU jurisdictions must now respond. In Ireland, the Protected Disclosures (Amendment) Act 2022 will commence on 1 January 2023, giving effect to the EU Directive. New requirements for organisations There are several key additional requirements that will apply to organisations under the new Act, which are considered below. Employee thresholds For workplaces with more than 50 employees, there will be a requirement to have formal channels and procedures for receiving and, crucially, following up on disclosures. Workplaces with between 50 and 249 employees have until December 2023 to comply, and 250-plus employee workplaces must comply at commencement.  However, all organisations operating in certain sectors will be required to comply at commencement, even those employing fewer than 50 people. This includes:  public bodies; companies subject to EU laws in the areas of financial services, prevention of money-laundering and terrorist financing; transport safety; and protection of the environment (offshore oil and gas installations and operations only). The 2022 Act states that the Minister for Public Expenditure and Reform may, by order, reduce the threshold of 50 employees for specified classes of employers, subject to a risk assessment and public consultation.  Change of definitions and burden of proof Under the new Act, the scope of protected persons will be extended to include non-executive members, shareholders, volunteers, and ‘pre-contractual’ employees, such as candidates applying for a job during the recruitment process before the work-based relationship even begins. Further, retaliation will be more broadly defined. In respect of alleged detriment (be it an act or omission) caused to a person because of the making of a protected disclosure, the employer will have to prove that the detriment complained of was not in retaliation for, or because of, the person having made a protected disclosure.  Administration and staff Confidentiality regarding whistleblowing must be respected by all reporting systems and access to data by non-authorised staff prevented. For staff who are authorised, appropriate training must be given in respect of the handling of reports. Finally, records must be kept of all reports, as well as ensuring follow-up and feedback regarding these reports within certain timeframes.  Blending culture with policy The required process management will mean that many organisations will need to implement issue management systems. Simply having a policy and process in place isn’t, however, going to be an encouragement for nervous employees. Creating a culture in which people feel safe in speaking up—and feel that their concerns are welcomed—is far more important.  So, in addition to having a sound policy and process in place, what other steps should employers consider? Here are seven recommendations: Train managers and team leads to recognise when an issue could be a protected disclosure and, most importantly, to receive reports of potential issues in a calm and welcoming way. Word can spread very quickly about managers not being open to bad news. Think about how whistleblowing is discussed in the organisation and consider whether it is healthy or whether the narrative needs to be changed. Any pejorative language in connection with whistleblowing or speaking up needs to be identified and stamped out. The focus must be on recognising that people who bring risks to our attention are doing the organisation a great favour. It is worth highlighting that research demonstrates that the people who blow the whistle tend to be the most loyal employees who care greatly about the organisation. Ensure that the confidentiality regime is well- communicated and respected so that employees can be confident their identity will not become known if they disclose an issue. Do not become complacent if the whistleblowing policy is not used—rather than indicating a spotless organisation, it could be signalling a poor work culture where people either fear speaking up or just don’t care enough to bother. Remove any ‘good faith’ requirement from policies. The focus should be on the issue reported, not the motivation of the person reporting. Furthermore, there is no ‘good faith’ obligation under Irish or UK law or the directive. Make sure that penalisation is not tolerated. State this clearly in the whistleblowing and speaking-up policy, making sure there are clearly defined processes for reporting claims of penalisation and for following up on claims of penalisation. Provide feedback to a discloser on any action taken in response to their disclosure. The ability to do this will depend on the nature of the issue and the rights to confidentiality of other parties. At the very least, a discloser should be reassured that their concerns have been dealt with appropriately. It is likely that most organisations will need to overhaul their whistleblowing policies and processes in response to the Protected Disclosures (Amendment) Act 2022. The requirements may seem daunting, but help and advice on good practice is available. The benefits are clear, not just in terms of risk management and protection of brand and reputation, but also for the common good.