- Code red for conduct development
- 1. An epistolary enquiry into conflicts of interest
- 2. Poisoned chalice? Corporate entertainment
- 3. No such thing as a free lunch
- 4. Employee awareness and training
- 5. Examples of good and poor practices: anti-bribery and corruption controls
- 6. Where do we go from here
- 7. Code of conduct checklist - best practices
It all started with three simple words – “Dear Chief Executive”. When the UK Financial Conduct Authority (FCA) decided to write to the heads of the largest asset management firms about how they managed conflicts of interest, it signalled the degree of concern that the regulator had. This followed a less than auspicious review of firms’ practices in the previous year.
In November 2012, when the UK regulator wrote to the heads of the largest asset management firms under its supervision to raise the issue of possible conflicts of interest within the industry, the highlighted areas included employee conduct, corporate gifts and entertainment, the use of commissions and the treatment of customers.
The letter stated that CEOs had to complete and return an ‘attestation’ set out in its appendix. Of course, those CEOs who were required to submit an attestation first had to have discussed the letter with their board, reviewed and closed off all the issues flagged in the letter and satisfied themselves of their conflicts arrangements.
By writing directly to the heads of these firms, the FCA explicitly laid the issue at the door of senior management. The treatment of customers, the management of conflicts, the use of corporate entertainment, the approach to inducements and the spending of commissions are all guided by the policies put in place by the board. Or not, as the case might be – the review had revealed that only “a few boards had defined and embedded in their business a credible, long-term commitment to serve their customers’ best interests and had established robust arrangements to identify and manage existing and new conflicts of interest.”
Yet how can CEOs be expected to be personally responsible for knowing each possible conflict of interest within their firm, and how it is managed? The FCA praised “that some firms had developed sophisticated monitoring programmes, based on automated management information.”
Those firms whose approach to documenting and managing conflicts of interest was less sophisticated received follow up visits to see what action had been taken to reduce the potential conflicts. While there have already been notable examples of fines issued for failing to manage conflicts of interest, it is widely rumored that a number of other firms have received negative reviews and may face penalties for their failings.
However, the FCA has not yet reached the next stage of its initiative: It has neither produced any further guidance on inducements nor introduced definitive rules on how a firm should spend its clients’ money. Nor does it appear likely to introduce the level of prescription requested by some industry groups. Instead firms face having to develop their own clear and enforceable codes of conduct without explicit regulatory guidance.
An epistolary enquiry into conflicts of interest
The FCA’s thematic review, which was conducted between June 2011 and February 2012, concluded that the way in which firms managed conflicts of interest varied markedly from one company to another, reflecting differing attitudes towards customers established by senior management. As it stated in its Dear CEO letter:
“In most cases, senior management failed to show us they understood and communicated this sense of duty to customers or even that they had reviewed or updated their arrangements for conflicts management since 2007.”
The regulator said employees of failing firms “too often lacked awareness of situations where short-term business goals conflicted with the long-term interests of customers”. The review examined how the firms managed:
- the purchase of research and trade execution services on behalf of customers
- gifts and entertainment, and
- employees’ personal dealing
It also looked at how firms ensured their customers had equal access to all suitable investment opportunities, and how they allocated the cost of errors between themselves and their customers.
The FCA’s general rules covering conflicts management include Principle 8 (Conflicts of interest, SYSC 4 General organization requirements), and SYSC 10 (Conflicts of interest), while the new Conduct of Business Sourcebook (COBS) includes detailed rules governing the purchase of goods and services using customers’ money and the allocation of investment opportunities between customers.
The purpose of the ‘Dear CEO’ letter was to remind asset managers that the FCA expects firms to demonstrate that these principles are embedded in their businesses, and taken into account when considering new products, processes or business models, and that boards of firms must regularly review their practices to ensure compliance. Where firms had not complied with the relevant principles or rules, they had to either justify their approach or take remedial action.
“In some cases, we required [Section 166] skilled person reviews … and in more serious cases we are considering enforcement action against firms,” the regulator said. “We have also concluded that the seriousness of the issues identified requires us to take action to ensure firms comply with the various FCA rules relating to conflicts of interest.”
The regulator made it clear that it expected the boards of asset management firms to discuss the ‘Dear CEO’ letter and to complete an attestation within three months to prove that it had “passed a resolution that the firm’s arrangements are sufficient to ensure that the firm manages conflicts of interest effectively and in compliance with FSA rules”.
The FSA then conducted a second round of thematic visits which were used to determine which firms warranted further enforcement or follow up assessments.
Poisoned chalice? Corporate entertainment
The UK regulator’s investigation into conflicts of interest is not an isolated initiative. Globally, regulators are asking organizations to review their corporate entertainment and gifts guidelines as part of tougher governmental stances on anti-bribery and corruption. If companies want an idea of the policies they will be expected to comply with, they would be well advised to reexamine recent cases of companies which have fallen short of regulatory expectations. Too often, customer-facing staff justify their gifts and entertainments activities by simply referencing ‘market practices’, but regulators wary of the effects of herd behavior are no longer willing to accept the excuse that ‘everyone does it’.
The primary task is to ensure that the organization has a clear policy that considers the intent behind gifts, entertainment and hospitality, in particular whether these actions are to induce or reward someone to improperly perform their duties with a view to obtaining a business advantage. Lest anyone should think this is merely an exercise in bureaucracy, they should be aware of recent actions taken against companies in Japan, the UK and the US.
JAPAN: In June 2014, a former Deutsche Securities employee confessed he was told to hide evidence of entertaining public pension officials, and that an executive who in 2013 became head of the investment bank in Japan had been informed of the potentially illegal practice.
Shigeru Echigo, a former salesman, made the claims during a court hearing in Tokyo. He was being prosecuted for bribery after charging more than $9,000 in expenses for entertaining a pension fund client of the bank. Under Japanese law, pension fund officials are seen as public servants and any effort to win business from them via corporate entertainment can be viewed as bribery.
Echigo pleaded guilty to the charge but maintained that entertaining pension fund officials was a widespread practice sanctioned at the highest level, and he was unaware that he was doing anything wrong. “If you told me to give someone 10 yen to get their business, I would have rejected that, but I thought that entertainment in the form of eating out and golf outings was normal practice,” he said. “My understanding was lax.”
UK & US: London-based broker RP Martin was fined a total of $2.3m by the FCA and the US Commodity Futures Trading Commission (CFTC) for its role in the rigging of the London Interbank Offered Rate (Libor), the benchmark interest rate used to set lending rates. Between 2007 and 2010, staff at the interdealer broker encouraged their trading counterparties at investment banks to manipulate the rate in order to benefit their own trading positions. The inducements ranged from lager-fuelled lunches to trips to Las Vegas. “
The culture at Martins was that profit came first,” said Tracey McDermott, the FCA’s head of enforcement. “In this environment, broker misconduct was almost inevitable.”
The fine reflected both the relative size of RP Martin as well as its early cooperation in the case. “RP Martin’s new senior management team cooperated fully with the FCA and CFTC in their investigation and entirely respect the fine and sanctions imposed,” said the firm, whose board subsequently restructured the firm’s governance, systems and controls and compliance procedures.
No such thing as a free lunch
The FCA expressed specific concern that most of the firms they visited applied limited thinking to how accepting gifts and entertainment could compromise their duty to act in their customers’ best interests. A good corporate entertainment and gifts culture is clearly a concern for regulators, and it is imperative that everyone in the organization is aware of what is acceptable in terms of such hospitality. This necessitates having clear written policies in place, detailing the principles for giving and receiving gifts, entertainment and hospitality. Organization should also maintain adequate records, which may include introducing a ‘gifts register’, to record all necessary information as to who gave or received what, to/from whom, for what value and purpose, and on what date. As the old adage advises, ‘there is no such thing as a free lunch’, and even if no obligation is perceived by the recipient, organization must avoid situations which could give rise to conflicts of interest.
In a pressurized environment, traders and other staff are unlikely to be able to devote the necessary brain power to identifying, without assistance, cases where a conflict may occur (unless it is obvious). Although employees may in some cases knowingly cross a line into the unethical, there will be more instances where a conflict might arise unintentionally.
Employee awareness and training
In part due to the UK Bribery Act, the US Foreign Corrupt Practices Act and similar legislations around the world, organizations should already be aware of the importance of training their employees on bribery prevention. Such training should be regularly monitored and evaluated, so as to ensure that employees are kept abreast of regulatory requirements which may affect their work.
In terms of the content of training for employees, the FCA’s updated guidance sets out some suggestions and also notes that organizations may wish to introduce more focused training for those employees who may be exposed to elevated risks of bribery and corruption, and who need to be more aware of these risks and how to combat them. Such elevated risks include those arising from associated parties; facilitation payments; sponsorship and events; charitable and political donations.
Where staff are engaged in specialized activities, the training must also be specialized. There will always be a place for generic training and the ‘sheep dip’ approach on certain matters, such as a firm-wide code of conduct for example. However, this must be enhanced by relevant, job specific training which is tailored and includes practical examples relevant to the firm’s business activities.
In order to ensure that policies and procedures are, and continue to be, appropriate and effective, they also need to be monitored and reviewed on a regular basis to keep track of the effectiveness of their policies and procedures.
While the updated FCA guidance does not provide any specific regime or policy as to how an incident should be managed, firms should consider adopting a bribery-specific policy - which will go some way to meeting the FCA’s expectations - and seek expert legal advice from the outset when considering self-reporting policy breaches. While immunity from prosecution is not a likely outcome, updated guidance suggests that it may be a relevant consideration for determining whether or not to provide a more lenient outcome to an investigation or to pursue a deferred prosecution agreement.
Organizations should also consider which regulators and prosecutors would have an interest in possible future investigations, as there may be both domestic and international authorities that are relevant. In a recent case, Smith & Wesson, the Springfield, Massachusetts-based firearms manufacturer, was charged with violations of the Foreign Corrupt Practices Act (FCPA) for offering, authorizing, or making illegal payments or providing gifts meant for government officials in Pakistan, Indonesia, and other foreign countries.
Examples of good and poor practices: anti-bribery and corruption controls
- Policies and procedures are documented and kept up to date.
- Policies and procedures will vary from firm to firm however they must address relevant areas of bribery and corruption risks (either in a standalone document, or as part of separate policies).
- Gifts and entertainment policies and procedures clearly define the approval process; include clear instructions for escalation, definitions and guidelines for staff to follow.
- The rationale for using agents or introducers to generate new business is documented, and monitored through review and assessment on a continuing basis.
- The firm implements robust operational controls to monitor, review, and approve third party payments.
- Policies and procedures are not tailored to the business.
- Policies and procedures do not address other areas of bribery and corruption risk but focuses on one area only e.g. gifts and entertainment.
- Firms do not maintain a list of third party relationships and rely on informal means to assess the risk.
- A firm using intermediaries fails to satisfy itself that those businesses have adequate controls to detect and prevent where staff have used bribery to generate business.
- Gifts and entertainment activity is not consistently monitored by senior management.
Where do we go from here
Despite the focus on conflicts of interest and the high stakes involved, the FCA has not been forthcoming in issuing further detailed and prescriptive guidance on inducements, despite calls from the industry for more clarity on the issue.
The Investment Management Association (IMA), the UK trade body for fund managers, has asked for more specific examples of acceptable practice for topics such as corporate hospitality and gifts. The interest group argued that under the current rules no one can be sure what is right and wrong. However, the FCA does not intend to revise its guidance, preferring to describe the characteristics of good practice and leave firms to devise their own code of conduct.
Despite this lack of prescriptive rules, there is still plenty for firms to work with in ensuring that they do not fall foul of regulatory expectations. Any updated guidance issued by the FCA should be treated as a checklist against which firms should regularly review their procedures and policies, while the below checklist provides a framework to help guide organizations’ reviews of their current conflicts of interest-related code of conduct policies and their enforcement.
Code of conduct checklist - best practices
• Does your organization have adequate resources in place?
Included within such adequate resources is the need to ensure relevant people at board level are aware of and responsible for the effective implementation of anti-bribery and corruption policies.
• Can you show a proactive approach to fighting anti-bribery and corruption?
Evidence of robust internal practice is necessary. Financial institutions need to tighten up internal controls but also ensure that key employees are annually certified that they are aware of the code of conduct and in compliance with it, as well as regular participants in relevant training sessions.
• Are your conflicts of interests procedures demonstrable?
Human conduct cannot be continually controlled through regulation, but the regulators will look at what it is “objectively verifiable”. For example, they will consider whether institutions have a code of conduct in place, whether they have carried out proper training for their employees, and whether they have proper policies for raising concerns, such as whistle-blowing.
• Are your entertainment and gifts guidelines clear and well communicated?
It is incumbent on the organization to make it clear to their employees what is and what is not considered acceptable behavior and what the consequence of misconduct would be.
• Are your business practices and associated costs transparent and fair?
Above all, regulators are concerned with protecting the end investor. Transaction costs are rapidly moving up regulators’ agendas, specifically because some of the charges present conflicts of interest, such as brokers’ commissions. The selection procedure for any vendor should be robust, objective and repeatable. This is particularly important for those services where the cost is directly borne by the underlying clients, such as broking. Do the commission payments really reflect the pure cost of dealing? Are the separate services individually paid for or paid as a bundle? Might ‘free’ services such as tickets to high profile sporting events or jaunts to luxury hotels be hidden among the bundled fees? Financial services firms now need to ensure that any corporate gift is logged and reviewed to ensure they can demonstrate their approach to ensuring fair customer outcomes.
A practical approach is to apply the three lines of defense principle to the use of entertainment and the offer and receipt of goods and entertainment. The first level is for general approval by the compliance department. The second requires compliance and a director. The third and final line of defense is an annual total allowance, which if exceeded, must be approved by the board.
While the FCA identified that many firms had failed to establish an adequate framework for identifying and managing conflicts of interests, the regulator also found a strong correlation between a firm’s culture and its ability to recognize conflicts of interest. Organizations aiming to stay ahead of regulatory scrutiny and enforcements would be well advised to consider how to involve their operational and customer-facing staff in creating a more sustainable and engrained line of action for managing conflicts of interest between their organization and their customers. The tone for a constructive culture must not only be set at the top, but also supported by investment into maintaining and enforcing this culture through a three-pronged approach encompassing awareness, training and simple-to-follow, well-documented and regularly reviewed processes and procedures.
For the trusted answers that help you anticipate, mitigate and act on risk with confidence. Manage enterprise risk, corporate governance, customer and third party risk, regulatory compliance and financial risk effectively, and accelerate business performance.