LEADING BY EXAMPLE
Strengthening your corporate governance framework to weather the storm
There has been a significant increase in the level of regulation concerning corporate governance since the last financial crisis. But what exactly are the regulators looking for, and how high should it be on your regulatory priority list for 2021?
In recent times, there has been a significant increase in the level of regulation concerning corporate governance.
Although the main political purpose of the Senior Managers & Certification Regime (SMCR) was to encourage improved personal accountability within the financial sector in the aftermath of the last financial crisis, the SMCR rules have had the collateral effect of improving corporate governance.
The UK Financial Conduct Authority (FCA) has always maintained that the SMCR is as much about improving corporate governance within regulated firms as it is about making it easier to fine individual members of senior management. Given the extremely low number of successful enforcement outcomes against senior managers since it came into force, this is probably just as well. The FCA says that “the Regime is a formal expression of the common sense, good governance practice that any organisation should adhere to” and to reinforce its point, has published a document applying the SMCR to itself.
Now, against the backdrop of the current pandemic, with firms facing previously unimaginable commercial challenges with a scattered workforce, strong corporate governance is arguably more important than ever.
What do the regulators want to see most and why?
1. Strong subsidiary board governance within UK-authorised firms sitting within large international groups
Many of the matters we work on with our larger clients concerning regulatory misgivings about firms’ corporate governance centre around the same issue: namely, a concern on the regulators’ part that the boards of subsidiary undertakings may not be sufficiently independent from the firm’s parent company or shareholders to be able to take the right decisions from the perspective of the UK subsidiary (or branch).
This is an area where UK company law (specifically the duty of directors to promote the success of the company for the benefit of its shareholders) and regulatory expectations (that UK subsidiary boards should be primarily concerned with ensuring that the UK company meets its local legal and regulatory obligations) can come into conflict. While the UK Prudential Regulation Authority (PRA) recognises the duty of directors to promote the success of the company for the benefit of its shareholders, this should not detract from the fiduciary duties which directors owe to the company of which they are a director. The PRA has noted specifically that “subsidiary boards must be capable of acting in the best interests and safeguarding the safety and soundness of the firm for which they are responsible”. 1
In its supervisory statement, the PRA explains that the “principles of good governance” for PRA-regulated subsidiaries include “having a substantial and effective independent presence across the board”. What “substantial and effective” means will differ from firm to firm: what is important is to be able to demonstrate that the board is appropriately balanced so as to be able to identify potential conflicts of interest between subsidiary and group, and to take decisions under its own steam.
Governance is an area where the PRA and FCA have overlapping responsibilities – governance is neither a purely prudential nor a purely conduct-related matter, but goes to the heart of both regulators’ statutory objectives. In our experience, both regulators are increasingly keen to see the boards of authorised subsidiaries demonstrate an appropriate level of independence from those who run their parent companies. (This is essential from the regulators’ perspective because without such independence, the UK-authorised firm is impossible to regulate effectively.)
There are several practical ways in which we have seen firms successfully demonstrate to regulators that they have the requisite degree of subsidiary board independence, including:
- Putting in place intra-group protocols/memoranda of understanding setting out which matters are within the power of the UK subsidiary board to decide for itself, without undue influence from its shareholder and/or parent company.
- Ensuring that (in the versions of the SMCR where SMF7 applies) the firm has carried out and documented a proper analysis of which group-level individuals need to be approved by the UK regulators as SMF7, Group Entity Senior Managers, and sought the requisite approvals in a timely way.
- In situations where individuals working for the subsidiary report upwards into group roles, ensuring there is also a local (subsidiary level) reporting line.
- Carrying out informal audits of subsidiary governance on a regular basis to monitor effectiveness and assess any areas of weakness.
- Extend parent level training to subsidiary level directors (both at induction and on a continuing basis) to ensure subsidiary board fully apprised of its fiduciary duties and responsibilities as well as local regulatory requirements
- Greater focus on the composition of subsidiary boards; procedures in place to ensure sufficiently balanced and avoid situations where too many parent level directors sit on multiple subsidiary boards.
2. Better governance in relation to non-financial misconduct and other ‘people-related’ risks
The #MeToo campaign triggered a statement from the FCA clarifying that ‘non-financial misconduct’ (i.e. non-work related bad behaviour at work) was just as important to the FCA as, for example, market abuse. Since this time, there has been an increasing recognition by both UK regulators that senior management’s attitude towards bad behaviour at work is an important indicator of culture. In turn, this has led to increased regulatory scrutiny of how firms’ senior management respond to such incidents.
The regulators are keen to see more consideration being given at board level to how the firm’s staff behave, and what motivates them in doing so (with remuneration and performance management being two key examples). It is clear that the regulators’ current strong focus upon improving culture within firms has now prompted them to take a much keener interest than previously in how boards govern the ‘people’ side of their businesses, as opposed to the ‘financial’ side. Recent indications from both regulators are that this focus will increase throughout 2021, notwithstanding the pressing current challenges of COVID-19 and Brexit.
There are several practical ways in which we have seen firms addressing this in practice, including:
- People management and culture being treated as regulatory issues which regularly feature on the board agenda (not just left up to the HR function within a firm).
- Actively creating an inclusive work environment with a “speak-up” culture in which employees feel “psychologically safe” to voice concerns and share different perspectives.
- Updating policies and risk management systems to identify bad behaviour which may be taking place online (e.g. cyber bullying or online harassment) as a result of extended remote working during the pandemic.
3. Greater diversity on the boards of authorised firms
The regulators have repeatedly made their views clear in relation to this area: the messages are now getting stronger and have crystallised into a settled regulatory view that lack of diversity on boards is a risk management issue, given the risk of ‘groupthink’ that such lack of diversity can engender. In March 2020, the PRA published a letter setting out its rules on board diversity with the aim of reinforcing “the importance the PRA places on diversity2 for improving decision-making and providing effective challenge”. This letter highlighted the dangers of “groupthink” which can adversely affect the safety and soundness of PRA-regulated firms and emphasised that “diverse boards, made up of members with different skills, knowledge, experience and values will support different perspectives being brought to discussion on business operations and risk strategy”.
For firms that have not yet engaged with the diversity agenda from a regulatory perspective, 2021 is the year to start doing that, if you don’t want the PRA and FCA to think you are turning a deaf ear to them and reach into their toolkit of ‘hard/soft’ regulatory powers to make you listen.
Similarly, the FCA approach is set out in a recent publication on its role as regulator and why diversity and inclusion matter in financial services.3 The FCA states that there has been an “increasing recognition of a need for more diverse boards and executive leaders for some time” and acknowledges that despite this, limited progress has been made. The FCA encourages firms to “take action and monitor their effectiveness to assess if the changes they implement are bringing tangible outcomes”. For firms that have not yet engaged with the diversity and inclusion agenda from a regulatory perspective, 2021 is the year to start, if you do not want the PRA and FCA to think you are turning a deaf ear to them and risk them reaching into their toolkit of ‘hard/soft’ regulatory powers to make you listen.
Sound corporate governance is essential for the development and embedding of a sound corporate culture.
Three reasons why strengthening corporate governance matters now from a regulatory perspective
1. Effective corporate governance operates as a protective mechanism for firms against regulatory risk.
Where accountabilities for all business areas are clearly defined, with appropriate management information being regularly reviewed by those responsible for the relevant areas and senior executives’ decisions are challenged by non-executive directors, it is more likely that ‘red flags’ will not be missed. This means that potential issues will be escalated and dealt with earlier, reducing the risk of both regulatory investigations and sanctions.
2. Sound corporate governance is essential for the development and embedding of a sound corporate culture.
Culture is a regulatory focus area that is not going to go away anytime soon, and one that, if anything, will only sharpen as a result of COVID-19. The FCA expects both firms and senior managers to put measures in place to ensure that they meet positive outcomes on diversity and inclusion, and explains, “We know diversity and inclusion are central elements underpinning good culture in firms — so they are important features of how we evaluate firm conduct”.4
3. PRA review evaluating the effectiveness of the SMCR regime on a “multi-sector” basis.
At the time of writing, the PRA is engaged in a detailed review of SMCR (due to conclude in Q4 2020).5 As the PRA is responsible for regulating the banking and insurance sectors, as well as a small number of systemically important investment firms, we expect that the PRA will consult on enhancements to the SMCR rules on corporate governance in early 2021. These changes will subsequently be rolled out to solo-regulated firms within the ‘core’ SMCR. In anticipation of regulatory expectations continuing to increase in the area of governance, it makes sense to ensure that you are in compliance with the current standards, so that you will be in a position to adapt more easily to higher standards as they come into force.
It is clear that strengthening your corporate governance framework to meet the regulators’ evolving expectations should be kept high on your list of priorities for 2021. Not only will the regulators be happy to see you doing this, but it will also improve your regulatory risk profile.
It is clear that strengthening your corporate governance framework to meet the regulators’ evolving expectations should be kept high on your list of priorities for 2021.
From our experience of working with firms undergoing regulatory reviews on their corporate governance, the benefits of making corporate governance improvements has a further reach beyond simply the mitigation of regulatory risk, and has helped firms to strengthen their businesses in ways they could not have initially foreseen.
Share this article:
MEET THE AUTHORS
Share this page:
Stay in the know and sign up for future updates
This document provides a general summary and is for information/educational purposes only. It is not intended to be comprehensive, nor does it constitute legal advice. Specific legal advice should always be sought before taking or refraining from taking any action.
Share this article: