This article was written by Tim Bednall.
On 13 July 2017, the Commonwealth Government released a consultation paper on the proposed “Bank Executive Accountability Regime” (BEAR) flagged by the Treasurer earlier this year. The regime is one of several regulatory proposals in the financial services sector that draw on recent reforms in the United Kingdom, in this instance the “Senior Managers Regime” administered by the UK Prudential Regulatory Authority. Comments in response to the consultation paper are requested by 3 August.
The BEAR is proposed to be administered by the prudential regulator, APRA, rather than the financial services regulator, ASIC, which will, as with the UK PRA, represent a significant extension of the regulatory remit of APRA. However, the paper suggests that ASIC will continue its role as “conduct regulator”, which implies a division of responsibility that is not at all clear.
The scope of the regime is proposed to extend to all ADIs and their controlled entities, including off-shore entities. The regime will not apply to other prudentially-regulated entities, such as insurers, unless they are controlled by an ADI. Where an ADI is a member but not the holding company of a local or foreign corporate group, only the ADI and the entities it controls are proposed to be “in scope”.
Comment: This may lead to further moves by ADI’s to establish non-operating holding companies, and by existing corporate groups to re-organise so that subsidiaries that are not APRA-regulated do not fall within the scope of the new regime.
Application to “Accountable Persons”
The BEAR is proposed to apply to 10 “prescribed” positions in the ADI and in each subsidiary of the ADI, and an additional 2 prescribed positions for foreign ADIs. The BEAR is also proposed to apply to those executives of the ADI and its subsidiaries holding positions that fall within a “principles-based” definition, capturing those who have “significant influence over conduct and behaviour, and whose actions could pose risks to the business and its customers”.
For each of these directors and executives, the ADI will be obliged to “register” the individual, and “provide accountability statements to further detail their roles and responsibilities, and accountability maps to outline roles and responsibilities across the group”. APRA will be given enhanced powers to refuse to register individuals, and to remove and disqualify individuals who do not meet the expectations of the new regime, without a court order but subject to a right of appeal.
Comment: As in the UK, the regime is not proposed to apply to all directors of the ADI. This is inconsistent with the fundamental corporate governance principle that all directors have the same duties and obligations, and will have the undesirable outcome of making some but not all directors responsible for board decisions under the regime. Further, there is a legitimate concern by boards and CEOs that their ability to select the best people for the most important roles in their organisations, define their roles and responsibilities, and determine the consequences of poor performance, is being undermined by unnecessarily intrusive regulation. Finally, if the regime is implemented so as to apply to prescribed positions in subsidiaries, it is likely that the existence of the regime will influence the selection of people to fill those “middle management” positions, possibly to the detriment of the efficient operation of the group.
Obligations under the regime
The regime will impose additional obligations on ADIs, and specific obligations on the directors and executives to which it applies. “Accountable persons” will be expected to “act with integrity, due skill, care and diligence and be open and co-operative with APRA”. Accountable persons will also be required to take reasonable steps to ensure a range of compliance objectives.
Comment: This formulation raises several issues, and would benefit from further consideration. First, it does not include the qualifications that accompany the existing duty of care and diligence under s180 of the Corporations Act, which require the person to discharge these duties (paraphrasing) “as a reasonable person would, in the corporation’s circumstances, occupying the same office with the same responsibilities”. Section 180 is also subject to various safe harbours, including the business judgment rule, and reliance and delegation defences. Second, any obligation to be open and co-operative with the regulator, while welcome in principle, should be subject to the usual protections afforded to individuals accused of failing to comply with legal and regulatory obligations, especially when a failure to be “open and co-operative” may in itself bring serious consequences, irrespective of the underlying issue.
If the regime is to be effective, the expectations and responsibilities of accountable persons should be defined with greater precision than the formulae set out in the consultation paper. While the policy objective of making individuals accountable for the prudential and compliance failures of ADIs is not in issue, the objective should be framed in a manner that does not place an impossible or unreasonable burden on individuals. Failures will occur despite the existence of risk management and compliance programmes and seeking to make individuals responsible for failures in very large organisations beyond their reasonable control can be counter-productive, just as making regulators personally responsible for prudential or regulatory failures in the organisations they regulate may not be reasonable.
Impact on remuneration
The BEAR will include remuneration restrictions: for CEOs, 60% of variable remuneration must be deferred for 4 years; for other “accountable persons”, 40% of variable remuneration must be deferred for 4 years. APRA will also have enhanced powers to reduce the remuneration of an accountable person who fails to meet the expectations of the new regime.
Comment: The enhanced powers of APRA with respect to remuneration will be seen as a further example of regulatory undermining of the proper role of boards and CEOs. The imposition of remuneration policies, mainly as a knee-jerk reaction to systemic failure, is one thing, but giving the regulator power to make decisions about the remuneration of individuals is quite another, especially when it may be seen to be the imposition of a penalty without the usual legal protections.
The proposal includes new civil penalties for ADIs (not individuals) of up to $200 million for failure to meet the expectations of the BEAR, failure to hold persons to account, and failure to monitor suitability of accountable persons. Penalties will only be able to be imposed by a court.
Comment: The limitation of penalties to ADIs, and not individuals, is welcome and appropriate, although the ability of APRA to reduce the remuneration of individuals, remove them from their positions, and disqualify them, amounts to a penalty by another name.
Those positions are: Chair, Chair of Risk Committee; Chair of Audit Committee; Chair of Remuneration Committee; Senior Officer outside Australia (for foreign ADIs); Chief Executive Officer; Chief Finance Officer; Chief Risk Officer; Chief Operations Officer; Chief Information Officer; Head of internal Audit; Head of a Foreign Bank Branch (for foreign ADIs)