The Bank of Beirut has been fined £2.1m by the UK’s Financial Conduct Authority (FCA) for “repeatedly” giving the regulator misleading information about its systems and controls. The FCA also fined two individuals at the bank. Mr Anthony Rendell Boyd Wills the former compliance officer of the bank was fined £19,600 and Mr Michael Allin the internal auditor was fined £9,900.
What does the FCA do?
The FCA regulates financial institutions (including banks) in the UK. It is part of a triumvirate of regulatory authorities in financial services together with the Bank of England and the Prudential Regulation Authority. The FCA has wide enforcement powers which it can use against both firms and individuals. These powers can be disciplinary, criminal and civil. The powers include:
- withdrawing a firm’s authorisation;
- prohibiting individuals from working in financial services;
- suspending firms or individuals from undertaking regulated activities;
- fining firms or individuals;
- applying to the Court for injunctions and restitution orders; and
- bringing criminal prosecutions to tackle financial crime.
What was this case about?
This case came about after the Bank of Beirut was required to address a number of concerns following supervisory visits in 2010 and 2011. Those visits predated the appointment of Mr Wills. Mr Wills was appointed on 18th July 2011 and according to the FCA was responsible in part for developing and implementing a compliance monitoring plan for the bank. According to the FCA, Mr Wills initially sought to dismiss FCA concerns that the bank was not implementing changes to deal with the issues. The FCA said in its Final Notice “Mr Wills, in his capacity as Compliance Officer at Bank of Beirut, failed to deal with the authority in an open and cooperative way and failed to disclose appropriately to the Authority information of which it would reasonably expect notice”. According to the FCA Mr Allin provided false assurances that the required changes had been made.
The FCA said that Mr Wills handled almost all of the bank’s communications with the FCA, although others were involved in the drafting, including senior management. The FCA seem to have been concerned in part about the mismatch between what Mr Wills told the FCA and some internal emails. The FCA said that Mr Wills was under an obligation to maintain “an open and cooperative dialogue” with the FCA however in an internal email to senior management it said that Mr Wills had said that he was “fairly guarded” during a conversation with the FCA about the compliance monitoring plan.
What did the FCA do?
The FCA’s Acting Director of Enforcement and Market Oversight, Georgina Philippou said “We are reliant on compliance officers and internal audit to act as an important line of defence, to support effective regulation at firms and to show backbone even when challenged by their colleagues.”
In addition to its fine, the bank was also prevented from acquiring new customers from high-risk jurisdictions for 126 days. The FCA said that both of the individuals settled at the first opportunity and as a result their fines were discounted.
Mr Wills left the bank on 3rd December 2012. According to the FCA Mr Wills received a total of £103,884 for his time working at the bank. The FCA’s fine therefore reflects a starting point of 30% of his salary whilst at the bank. Mr Wills received discount for early settlement and for approaching the FCA for an interview. The interview took place shortly after he left the bank on 12th December 2012 although Mr Wills had set the interview up before leaving the bank. He received a reduction of 10% in the fine for his cooperation and an additional discount for settling early with the FCA.
What did Mr Wills say?
Mr Wills told the FCA that he was not provided with enough resource to conduct his role as compliance officer at the bank. He said that he was at times under pressure from senior management to be “careful” in his communications and that he was not allowed by senior management to explain issues fully to the authority. It remains to be seen what action, if any, the FCA will take against those above Mr Wills given the information he shared about the bank’s compliance culture with the authority.
Lessons learnt
The case shows that compliance officers can be personally responsible for breaches of the FCA’s regulations and the law. Under the UK financial services regime, compliance officers carry a heavy responsibility for making sure that their employer has the correct systems and controls in place. They also have a responsibility to make sure that they are fully informed.
To avoid falling foul of the FCA compliance officers should have proper training. Wills said to the FCA that the Bank of Beirut had not provided sufficient resources for him to carry out his job as a compliance officer. It is clear that the bank had problems before he joined.
Compliance officers need to go into their role with their eyes open. In some cases this will include doing due diligence on a prospective employer before accepting the position.
Financial firms must provide sufficient resource and training to their staff to enable them to do their job. Compliance officers may need to ask their employer for extra training and briefings by outside counsel – particularly when they are walking into a role to troubleshoot problems which already exist. Those accepting a new role, or a changed role at a financial institution, would be wise to ensure that they include a contractual entitlement to receiving appropriate support, paid for by the employer.
Ongoing debate
Since we first reported on this case it does seem to have drawn considerable comment amongst compliance professionals. We’ve spoken about the case with Roy Snell the Chief Executive Officer of the leading professional body the Society of Corporate Compliance and Ethics who had an interesting perspective on the case. Mr Snell comments:
“The individual being fined is not a compliance officer. By definition a compliance officer’s job is to assure that the work of others is in compliance with the rule of law. The person being fined here is being fined for work they are doing. They are doing work that should be checked by a compliance officer… not done by a compliance officer. The whole reason the compliance profession was created was to create an independent position that would not do the work… but independently check the accuracy of the work being done… much like an auditor. Auditors can’t prepare financial statements and then audit them. If a person prepares forms, reports, financial statements or does legal work that may be inconsistent with the rule of law… that work should be checked by an independent compliance officer. These people, who are being called compliance officers, cannot check their own work because they cannot be independent.
If the government is calling these people compliance officers or asking these companies to call these people compliance officers then they should stop it. They are ruining the definition of the compliance officers role. This is the equivalent to asking companies to change the name of their CFO to Internal Auditor and then asking them to independently check their own work. It would defeat the whole point of independent review.”
It is likely that we will see more debate along these lines as the FCA continues to focus on individuals, as well as organisations, in their enforcement actions. There’s an interesting debate as to whether compliance officers, especially in the financial services regulatory regime, are misnamed. The need for proper compliance resources, including training, is however undeniable.
Cordery provide advice on compliance issues and training. There are examples from our Board OnBoard briefing series here and there’s further information about our training expertise here.
You can also find a link to the FCA’s final notice against Mr Wills at www.bit.ly/fcawills.
For more information contact Jonathan Armstrong with Cordery in London where his focus is on compliance issues.
Jonathan Armstrong, Cordery, Lexis House, 30 Farringdon Street, London, EC4A 4HH
Office: +44 (0)207 075 1784
jonathan.armstrong@corderycompliance.com