Getting the Culture and the Ethics Right: Towards a New Age of Responsibility in Banking and Finance 9783110497410, 9783110496581

Citation preview

| I

Getting the Culture and the Ethics Right ILFS

II |

Institute for Law and Finance Series

| Edited by Theodor Baums Andreas Cahn

Volume 20

| III

Getting the Culture and the Ethics Right | Towards a New Age of Responsibility in Banking

Edited by Andreas Dombret Patrick S. Kenadjian

IV |

ISBN 978-3-11-049658-1 e-ISBN (PDF) 978-3-11-049741-0 e-ISBN (EPUB) 978-3-11-049420-4 Library of Congress Cataloging-in-Publication Data A CIP catalog record for this book has been applied for at the Library of Congress. Bibliographic information published by the Deutsche Nationalbibliothek The Deutsche Nationalbibliothek lists this publication in the Deutsche Nationalbibliographie; detailed bibliographic data are available on the Internet at http://dnb.dnb.de. © 2016 Walter de Gruyter GmbH, Berlin/Boston Cover image: Medioimages/Photodisc Data conversion: jürgen ullrich typosatz, 86720 Nördlingen Printing and binding: Hubert & Co. GmbH und Co. KG, Göttingen ♾ Printed on acid-free paper Printed in Germany www.degruyter.com

Introduction | V

Introduction Introduction Introduction

On November 23, 2015, the Institute for Law and Finance at the Johann Wolfgang Goethe University, Frankfurt am Main hosted a day-long conference entitled “Towards a New Age of Responsibility in Banking and Finance: Getting the Culture and Ethics Right”. The conference brought together policy makers, supervisors, chief executives and chairmen of major international banks, industry representatives and academics to discuss the importance of culture and ethics at the firms in the financial sector. More than eight years after the outbreak of the financial crisis and more than six years into the regulatory and supervisory reform process trust has still not returned to the financial sector. Surveys cited in the Group of Thirty Report referred to below indicate that public trust in banks today is still 30% below pre-crisis levels and, in fact 9% lower than in 2008 at the low point of the crisis, with banks being the least-trusted service providers. In the popular mind, there has been little doubt that greed and misfeasance within financial institutions were largely responsible for the crisis and have not been adequately dealt with since “no one has gone to jail”. As a result, according to the Bank of England, 77% of the “informed public” in the United Kingdom think there is not enough regulation of banks. That is nothing new. What is new is that regulators and supervisors, prominent among them the Federal Reserve Bank of New York, as well as senior bankers have started coming to the conclusion that the culture within financial institutions is a serious contributor to what led the industry to the brink of disaster seven years ago. Moreover, the failure to deal with this issue is seen as continuing to hinder the recovery of the financial sector as fines to global systemically important banks have topped $230 billion since the start of the crisis, equivalent to one and a half years of average net income for the institutions involved. So-called “operational risk” related losses are exceeding reserves for credit losses. So this is no longer – if it ever was – an “us versus them” issue of society, regulators and supervisors on one side and the financial sector on the other. The make up of the Group of Thirty whose recent report entitled “Banking Conduct and Culture: A Call for Sustained and Comprehensive Reform” was summarized at the conference by its chairman, Jean-Claude Trichet, is ample proof of that. So is the speed with which Chief Executive Officers and Board Chairmen participating in the conference responded to our invitation. The importance of culture and ethics within financial institutions appears now to be recognized by top management, boards of directors, supervisors and regulators. The general direction in which we want to go also appears clear so that the conference devoted itself to an attempt to define as palpably and con-

VI | Introduction

cretely as possibly what exactly the goal is, starting with the views of supervisors and regulators, and how we get there from here. The conference considered a number of alternative approaches. Outside the institutions we looked at the use of the traditional tools of regulation and supervision and the use of bankers’ codes intended to move the financial sector from being an industry closer to being a profession. Within the institutions themselves, we considered the impact boards of directors can have to contribute to change, heard about concrete examples of how two large European universal banks are dealing with cultural change and finally sought to balance the effect of culture with the effect of structure within institutions to evaluate where the most effective levers of change are to be found. Cynics may ask, “can a tiger change its stripes?” The answer is no. But can a banker change his habits and priorities? Surely the answer is yes. This is what differentiates human beings from more over-determined species. Ethnologists frequently view the ability of human beings to adapt to a changing environment as one of the greatest strengths of the species. And that is exactly what makes the topic of this conference so fascinating. The proof of the pudding is to be found in the universal banks which, as John Reed, the former Chairman of Citibank, observed in an op-ed piece in the Financial Times the week before the conference, have already undergone one culture change in our times. This change came as traditional commercial banks added trading related activities and, in so doing, transformed their culture. John Reed, a traditional commercial banker, sees it as a change from the tradition of banking as based on long-term relationships where bankers acted primarily as agents on behalf of customers to whom they owed a duty, to transaction oriented business where the bank acts as principal and customers become counterparties subject to the rule of caveat emptor. The view of a traditional commercial banker to be sure, but not without truth. It is incontrovertible that there was a change, that it had to do with culture, that it was stark and not necessarily for the good. It was also, from the point of view of bankers like John Reed, largely unwitting. The challenge addressed by the conference was whether we can discover a path towards engineering a conscious change for the better. To do so the participants strove to translate the somewhat imprecise terms of culture and ethics into more tangible goals – “deliverables” might be the term in current management jargon – and decide how an organization can make culture and ethics the guiding principles for the conduct of its members. Andreas Dombret Patrick Kenadjian

Frankfurt am Main, February 2016

Table of Contents | VII

Table of Contents Table of Contents Table of Contents

Introduction | V The Authors | XI

I. The Group of Thirty Report on Banking Conduct and Culture Jean-Claude Trichet Summary of Group of Thirty Findings | 3

II. Why focus on Culture? Andreas Dombret Culture and Conduct | 9 Alberto G. Musalem The importance of Reforming Bank Culture | 16 Patrick Kenadjian We ignore Culture at our Peril | 22

III. Enforcement and Supervision John Griffith-Jones Lessons from the Crisis | 47 Danièle Nouy The View from the SSM | 51 Simon Gleeson Culture, Supervision and Enforcement in Bank Regulation | 58

VIII | Table of Contents

IV. Bankers’ Codes: From Industry to Profession Klaus J. Hopt A Plea for a Bankers’ Code of Conduct | 75 Wim Mijs, Chief Executive of the European Banking Federation The Dutch Experience: Can an Oath repair the Dialogue? | 85

V. Supervisors and Boards Sir Paul Tucker Banking Culture: Regulatory Arbitrage, Values, and honest Conduct | 99 Douglas Flint Changing Corporate Behaviour – the Role and Importance of Governance | 113 Sylvie Matherat It’s all about Trust | 117

VI. Taking Responsibility: The Banker’s New Attitude Lorenzo Bini Smaghi A View from France | 125 John Cryan Taking Responsibility at Deutsche Bank | 129 Jan P. Krahnen How to conceptualize Corporate Culture and Cultural Change: Motivation for a Research Agenda | 135

VII. Is it Culture or Structure? Georg Fahrenschon The Importance of Structure | 143

Table of Contents | IX

Leonhard H. Fischer The Need to Synchronize Culture and Structure | 146 Dominik Treeck In the End it is both Culture and Structure | 149

VIII. Conclusion Axel A. Weber Conclusion | 155

X | Table of Contents

The Authors | XI

The Authors The Authors The Authors

John Cryan Co-Chief Executive Officer, Deutsche Bank AG John Cryan is Co-Chief Executive Officer of Deutsche Bank, a role he assumed on July 1, 2015. Mr. Cryan became a member of Deutsche Bank’s Supervisory Board in 2013, and served as Chairman of the Audit Committee and a member of the Risk Committee. Upon becoming Co-CEO, he stepped down from the Supervisory Board. Mr. Cryan will become sole CEO when Co-CEO Jürgen Fitschen steps down in May 2016. Mr. Cryan was President for Europe at Temasek Holdings Pte. Ltd., the Singaporean investment company, from 2012 to 2014. Previously, he was Group Chief Financial Officer of UBS AG from 2008 to 2011, having worked in corporate finance and client advisory roles at UBS and SG Warburg in London, Munich and Zurich from 1987. He began his career as a trainee chartered accountant at Arthur Andersen in London. He is a graduate of the University of Cambridge. Dr. Andreas Dombret Member of the Executive Board of the Deutsche Bundesbank Dr Andreas Dombret was born in the USA to German parents. He studied business management at the Westfälische Wilhelms University in Münster and was awarded his PhD by the Friedrich-Alexander University in Erlangen-Nuremberg. Andreas Dombret worked for more than 20 years in different executive positions with Deutsche Bank, JP Morgan, Rothschild, and Bank of America. Since May 2010, he holds the position of a member of the Executive Board of the Deutsche Bundesbank. His current responsibilities are banking supervision, markets and the Bundesbank’s representative offices abroad. Furthermore, he is member of the Board of Directors of the Bank for International Settlements, of the German Council of Financial Stability as well as the German Stock Exchange Commission of Experts. Georg Fahrenschon President German Savings Banks Association (DSGV) Georg Fahrenschon studied Economics in Munich and Augusburg. After being a member of the German Bundestag from 2002 to 2007, he became State Secretary in the Bavarian State Ministry of Finance and subsequently, in 2011, a member of the Bavarian Landtag. Additionally, he has served as a Chairman for Supervisory Boards of the Berlin Hyp Ag, the Deutsche Leasing AG, the Landesbank

XII | The Authors

Berlin AG and the DekaBank Deutsche Girozentrale. Further, he held executive positions at the Bundesverband Öffentlicher Banken, the Landesbank HessenThüringen Girozentrale and supervisory positions at the KfW Group, the Sparkassen Leasing Verwaltungs AG and Deutsche Leasing AG. In addition, he held advisory positions at the Federal Financial Supervisory Authority and the Landwirtschaftliche Rentenbank. Since 2012, he is the President of the German Savings Bank Association. Leonhard H. Fischer Chief Executive Officer and Member of the Board of Directors of BHF Kleinwort Benson Group SA Mr Fischer has been Chief Executive Officer and member of the Board of Directors of BHF Kleinwort Benson Group SA (formerly RHJ International SA) since 2009, having served as co-CEO since 2007. He has been a member of the Board of Directors of Glencore plc since 2011. Previously Mr Fischer was, from 2003 to 2006, Chief Executive Officer of Winterthur Group, an insurance subsidiary of Credit Suisse, and from 2003 to 2007 a member of the Executive Board of Credit Suisse Group. Mr Fischer joined Credit Suisse Group from Allianz AG, where he had been a Member of the Management Board and Head of the Corporate and Markets Division since 2001. Prior to this, he had been with Dresdner Bank AG as a member of the Executive Board since 1998 and with JP Morgan in Frankfurt since 1987. He served as a member of the Board of Directors of Julius Baer Group Ltd from 2009 to 2014 and as a member of the Board of Directors of AXA Konzern AG from 2011 until 2012. Mr Fischer holds an MA in Finance from the University of Georgia and a Business Management Degree from the University of Bielefeld. Douglas J Flint (CBE) Group Chairman HSBC Holdings plc. Mr Flint was born in Scotland in July 1955 and was educated at the High School of Glasgow and Glasgow University where he gained a B.Acc (Hons) degree. He also completed the PMD course at Harvard Business School in 1983. He is a member of the Institute of Chartered Accountants of Scotland and the Association of Corporate Treasurers. He is a Fellow of The Chartered Institute of Management Accountants. Douglas Flint began his professional life with Peat Marwick Mitchell & Co. (now KPMG) becoming a partner in 1988. He joined HSBC in 1995 as Group Finance Director, becoming Group Chairman in December 2010.

The Authors | XIII

Mr Flint also serves as Chairman of the Institute of International Finance. He is a member of the International Business Leaders’ Advisory Councils of the Mayors of Beijing and Shanghai and sits on the International Advisory Board of the China Europe International Business School. Douglas was appointed a Business Ambassador in January 2014. He was an independent external member of the UK Financial Services Trade and Investment Board until June 2015. In June 2006 he was honoured with a CBE (Commander of the British Empire) by Her Majesty the Queen in recognition of his services to the finance industry. Simon Gleeson Partner, Clifford Chance Simon Gleeson joined Clifford Chance in 2007 as a partner in the firm’s Financial Regulation group, where he specialises in financial markets law and regulation. He has advised governments, regulators and public bodies as well as banks, investment firms, fund managers and other financial institutions on a wide range of regulatory issues. He advised the World Economic Forum on their report on their 2009 Report on The New Global Financial Architecture, and has worked with regulators and governments around the world on the establishment of regulatory regimes. He has been a member of the Financial Markets Law Committee, chairs the Institute of International Finance’s Committee on CrossBorder Bank Resolution, has written numerous books and articles on financial regulation, and is the author of “International Regulation of Banking”, recently published by Oxford University Press. John Griffith-Jones Chairman of the Financial Conduct Authority (FCA) UK John Griffith-Jones has been Chairman of the Financial Conduct Authority (FCA) UK since 2013. Since 2014, he is also Chariman of the Payment Systems Regulator, a FCA subsidiary. From 2006 on, he served as a CEO at KPMG UK after spending 11 years in Audit and 15 years in Corporate Finance for the company. In 2007, he became Senior Partner at KPMG UK and subsequently Joint Chariman of KPMG Europe. He holds an Economics degree of Cambridge University and sits on the Advisory Board of the Cambridge Judge Business School. Furthermore, John Griffith-Jones is actively promoting numeracy charities, currently as a Vice Chairman of the National Numeracy Trust and previously as a Chairman of hte Every Child a Chance Trust.

XIV | The Authors

Klaus J. Hopt Max Planck Institute for Comparative and International Private Law, Hamburg Professor and Director (emeritus), Max-Planck-Institute for Comparative and International Private Law, Hamburg. 1974–95 professor in Tübingen, Florence, Berne and Munich. Member of the German National Academy of Sciences Leopoldina. Dr. h.c. (Brussels, Louvain, Paris, Athens, Tiflis). Visiting professor: U. Chicago, Harvard, NYU, Columbia, Paris, Rome et al. 1981–85 Judge, Court of Appeals Stuttgart; 2002–08 Vice President of the German Research Foundation; member: of the High Level Group of Company Law Experts (European Commission) 2001–02; of the German Stock Exchange Experts Commission (Ministry of Finance) 2002–11; of the International Advisory Board of the Alexander von Humboldt-Foundation 2011–2014. Publications in European corporate, capital market and financial law, e.g. “Comparative Corporate Governance” and “Corporate Boards in Europe”, in: The American Journal of Comparative Law 59 (2011) 1–73, 61 (2013) 301–375; The Anatomy of Corporate Law 3d ed. 2016 (with Kraakman et al., Oxford U.P. forthcoming). Patrick Kenadjian Senior Counsel, Davis Polk & Wardwell LLP Patrick Kenadjian is currently an Adjunct Professor at the Goethe University in Frankfurt am Main, Germany, where he teaches courses on the financial crisis and financial reform and mergers and acquisitions at the Institute for Law and Finance. Patrick Kenadjian has chaired conferences at the Goethe University in Frankfurt on bank culture and ethics, the EU’s Capital Markets Initiative, “too big to fail”, the EU’s Bank Recovery and Resolution Directive and the EU’s Collective Action Clause initiative and sovereign debt restructuring. He speaks frequently on topics related to financial reform, including “too big to fail,” the architecture of financial supervision and the new regulatory environment in the US and the EU. He has acted as Program Director for the Salzburg Global Seminar’s Finance in a Changing World Series in 2013 and 2014 and is currently a member of its Advisory Committee. Patrick Kenadjian is also Senior Counsel at Davis Polk & Wardwell London LLP. He was a partner of the firm from 1984 to 2010, during which time he opened the firm’s Tokyo and Frankfurt offices in 1987 and 1991, respectively and spent over 25 years in its European and Asian offices. He speaks French, German and Italian. He has been listed as a leading lawyer in several industry publications, including Chambers Global: The World’s Leading Lawyers for Business and Legal

The Authors | XV

Media Group’s Expert Guide to the World’s Leading Banking Lawyers, Expert Guide to the World’s Leading Capital Markets Lawyers and Expert Guide to the World’s Leading Lawyers Best of the Best. Prof. Dr. Jan Pieter Krahnen Goethe University Frankfurt, Center for Financial Studies at House of Finance Jan Pieter Krahnen is Professor of Corporate Finance at Goethe University, Academic Director of the Research Center SAFE, Program Director of the SAFE Policy Center and one of the Directors of the Center for Financial Studies. Krahnen is involved in policy advisory on issues of financial market regulation, currently as a member of the Academic Advisory Board at the German Federal Ministry of Finance, a member of the Group of Economic Advisors at the European Securities and Markets Agency (ESMA) and as a member of the Systemic Risk Council. His current research focuses on the implications of the 2007– 2010 financial turmoil for banking, systemic risk, and financial market regulation. Sylvie Matherat Chief Regulatory Officer and member of the Management Board, Deutsche Bank AG Sylvie Matherat became a member of Deutsche Bank’s Management Board on November 1, 2015. She is the bank’s Chief Regulatory Officer in charge of Regulation, Compliance and Anti-Financial Crime. She joined Deutsche Bank in 2014 as Global Head of Government & Regulatory Affairs. Sylvie Matherat came from Banque de France where she was Deputy Director General and responsible for regulation and financial stability issues, payment and settlement infrastructures, banking services, and the Target 2 Securities project. She previously held various positions at the Banking Supervisory Authority and in the private sector. Sylvie Matherat studied public law and finance at the Institut d’Etudes Politique de Paris, France, and holds a master degree in law and political sciences. She was awarded the Legion d’Honneur in 2014. Wim Mijs Chief Executive of the European Banking Federation Wim Mijs (1964) was appointed Chief Executive of the European Banking Federation in September 2014. Between 2007 and 2014 he served as CEO of the Dutch banking association NVB. During this time he transformed the NVB into a modern industry associa-

XVI | The Authors

tion, positioning it as the key representative of the banking sector in the midst of the financial crisis. Wim Mijs studied law at the University of Leiden in the Netherlands, specialising in European and International law. After his studies he worked for one year at the International Court of Arbitration at the Peace Palace in The Hague. In 1993 he joined ABN AMRO in Amsterdam before moving to Brussels to head up the bank’s EU liaison office. Wim Mijs moved back to The Hague in 2002 where he became the Head of Government Affairs for ABN AMRO. Between 2011 and 2015 Wim served as Chairman of the International Banking Federation. From 2012 to 2014 he was Chairman of the Executive Committee of the EBF. From 2013 to 2015 he was President of the Board of Euribor, now known as the European Money Market Institute. Wim is married and has two children. Alberto G. Musalem Vice president of the Federal Reserve Bank of New York and head of the Integrated Policy Analysis Group (IPA) Alberto G. Musalem is executive vice president of the Federal Reserve Bank of New York and head of the Integrated Policy Analysis Group (IPA). As head of IPA, Mr. Musalem oversees the Bank’s efforts to develop a more comprehensive and integrated view of the global economic and financial environment, in order to help inform and strengthen decision-making across the Bank’s monetary, supervisory and payments policy responsibilities. Mr. Musalem is also a member of the Bank’s Management Committee. Mr. Musalem joined the Federal Reserve Bank of New York in 2014 as executive vice president and head of the Emerging Markets and International Affairs Group (EMIA). As head of EMIA, Mr. Musalem oversaw the Bank’s efforts to foster international financial stability and expand international relationships. Prior to joining the Bank in 2014, Mr. Musalem was managing director and partner of Tudor Investment Corporation, where he led the firm’s Research Group and served on the firm’s Management, Capital Allocation and Strategy Committees. Earlier in his career, Mr. Musalem was an economist at the International Monetary Fund from 1996 to 2000, focusing on policy development and programs across emerging markets. He was also an adjunct professor of International Financial Markets at the School of Advanced International Studies of Johns Hopkins University. He also worked at Bankers Trust and McKinsey & Co.

The Authors | XVII

Mr. Musalem holds a doctorate in economics from the University of Pennsylvania and received his master’s degree and bachelor’s degree in economics from the London School of Economics. Mr. Musalem is chairman of School the World, a non-profit organization focused on early education in developing countries. Danièle Nouy Chair of the Supervisory Board of the ECB Single Supervisory Mechanism Ms Nouy joined the European Central Bank in January 2014 as Chair of the Supervisory Board of the Single Supervisory Mechanism, following a 40-year career in banking supervision. She began her working life as a supervisor at the Banque de France. During the early years of her career Ms Nouy was posted to the United States as the Banque de France representative in New York returning to spend time as a policy expert in the Foreign Department. She returned to her supervisory roots to head the research department and policy group in 1987 and was appointed director of financial supervision in 1990. In 1993 she became the French member of the Basel Committee on Banking Supervision. She then served as Deputy Secretary General of the Basel Committee from 1996 to 1998. She was appointed Secretary General of the Basel Committee in 1998, a position which she held until 2003. Returning to France, she became the head of the French supervisory authority, which she held for the next ten years: first as Secretary General of the Commission Bancaire and, following its merger with the insurance supervisor, as Secretary General of the Autorité de Contrôle Prudentiel et de Résolution. Ms Nouy was born in 1950. She holds a Degree in Political Science and Public Administration from the Institut d’Etudes Politiques, Paris, and a Post-graduate Certificate in Law. She authored numerous papers on international and European financial supervision and regulation. She is married and has two daughters. Lorenzo Bini Smaghi Chairman of Societe Generale Lorenzo Bini Smaghi is Chairman of Societe Generale. He is also Chairman of ChiantiBanca and Visiting Scholar at Harvard’s Weatherhead Center for International Affairs and Senior Fellow at LUISS School of European Political Economy and at the Istituto Affari Internazionali in Rome. He chairs the Italian Chapter of the Alumni of the University of Chicago. From June 2005 to December 2011 he was a Member of the Executive Board of the European Central Bank. He started his career in 1983 as an Economist at the Research Department of the Banca d’Italia. In 1994 he moved to the European Monetary Institute, in Frankfurt, to head the Policy Division, to prepare for

XVIII | The Authors

the creation of the ECB. In October 1998 he became Director General for International Affairs in the Italian Treasury, acting as G7 and G20 Deputy and Vice President of the Economic and Financial Committee of the EU. He was also Chairman of the WP3 of the OECD. He was Chairman of the Board of Snam, of SACE, and member of the Boards of Finmeccanica, MTS, the European Investment Bank and Morgan Stanley International. He holds a Bachelor’s Degree in Economics from the Université Catholique de Louvain (Belgium), a Master’s degree from the University of Southern California and a Ph.D from the University of Chicago. He is author of several articles and books an international and European monetary and financial issues (available in www.lorenzobinismaghi.com). He has recently published “Austerity: European Democracies against the Wall” (CEPS, July 2013) and “33 false verità sull’Europa” (Il Mulino, April 2014). He is currently member of the A-List of Commentators for the Financial Times. He is married and has two children. Dominik Treeck Partner, Oliver Wyman Dominik Treeck is a Partner in Oliver Wyman’s Public Policy and Organisational Effectiveness Practices. He advises senior decision-makers on public policy, regulatory, governance and compliance matters. His clients include governments, central banks as well as leading commercial banks across Europe and the Middle East. Dominik Treeck is a regular speaker at conferences/seminars and has published a number of articles on Corporate Governance. Prior to joining the firm, Dominik worked for the United Nations and the African Development Bank. He holds a B.A. in Politics, Philosophy and Economics from Balliol College, Oxford, and an M.A. in International Economics and China Studies from The Johns Hopkins University’s School of Advanced International Studies in Washington, DC and Nanjing University in China. Jean-Claude Trichet Chairman of the Group of Thirty (G30) Jean-Claude Trichet is presently chairman of the Group of Thirty (Washington) (2011) and chairman of the board of Directors of the Bruegel Institute (Bruxelles) (2012). He is a member of the “Institut de France” (Académie des Sciences Morales et Politiques). He chairs the Trilateral Commission for Europe. He is a member of the board of directors of Airbus group .

The Authors | XIX

Jean-Claude Trichet was President of the European Central Bank (2003– 2011). He was Governor of Banque de France (1993–2003) and under secretary of the French Treasury (1987–1993). He was President of the Paris Club (debt rescheduling) (1985–1993), President of the European Monetary Committee (1992– 1993), President of the Group of 10 Central Banks Governors and President of the Global economy meeting in Basel (2002–2011). He was named “Person of the Year” by the Financial Times in 2007 and one of the “Most influential people in the world” by Time Magazine (2011). Born in Lyon in 1942, Jean-Claude Trichet is an honorary Inspecteur général des Finances and Ingénieur civil des Mines (Nancy). He is a graduate of the Institut d’études politiques de Paris, of the Université de Paris (in economics) and of the Ecole nationale d’administration. Jean-Claude Trichet has been awarded honorary doctorates by several universities. Sir Paul Tucker Chair of the Systemic Risk Council Sir Paul Tucker is chair of the Systemic Risk Council, and a fellow at the Harvard Kennedy School. Previously, he was Deputy Governor at the Bank of England, sitting on its monetary policy, financial stability, and prudential policy committees. Internationally, he was a member of the G20 Financial Stability Board, leading its work on too big to fail; a director of the Bank for International Settlements, and chair of its Committee for Payment and Settlement Systems. His other activities include being a director at Swiss Re, a senior fellow at the Harvard Center for European Studies, a Visiting Fellow of Nuffield College Oxford, and a Governor of the Ditchley Foundation. Axel A. Weber UBS Group AG Axel A. Weber was elected to the Board of Directors (BoD) of UBS AG at the 2012 AGM and of UBS Group AG in November 2014. He is Chairman of the BoD of both UBS AG and UBS Group AG. He has chaired the Governance and Nominating Committee since 2012 and became Chairperson of the Corporate Culture and Responsibility Committee in 2013. Mr. Weber was president of the German Bundesbank between 2004 and 2011, during which time he also served as a member of the Governing Council of the European Central Bank, a member of the Board of Directors of the Bank for International Settlements, German governor of the International Monetary Fund, and as a member of the G7 and G20 Ministers and Governors. He was a member of the steering committees of the European Systemic Risk Board in 2011 and the Financial Stability Board from 2010 to 2011. On leave from the University of Cologne, he was a visiting professor at the Univer-

XX | The Authors

sity of Chicago Booth School of Business from 2011 to 2012. From 2002 to 2004, Mr. Weber served as a member of the German Council of Economic Experts. He was a professor of international economics and Director of the Center for Financial Research at the University of Cologne from 2001 to 2004, and a professor of monetary economics and Director of the Center for Financial Studies at the Goethe University in Frankfurt am Main from 1998 to 2001. From 1994 to 1998, he was a professor of economic theory at the University of Bonn. Mr. Weber holds a PhD in economics from the University of Siegen, where he also received his habilitation. He graduated with a master’s degree in economics at the University of Constance and holds honorary doctorates from the universities of Duisburg-Essen and Constance.

I. The Group of Thirty Report on Banking Conduct and Culture | 1

| I. The Group of Thirty Report on Banking Conduct and Culture I. The Group of Thirty Report on Banking Conduct and Culture

2 | Jean-Claude Trichet

I. The Group of Thirty Report on Banking Conduct and Culture | 3

Jean-Claude Trichet, Chairman of the Group of Thirty (G30)

Summary of Group of Thirty Findings Jean-Claude Trichet

“It is a great pleasure for me to participate in this colloquium organised by the Institute for Law and Finance, which I know very well and for which I have the highest esteem. I thank the institute and Dr Andreas Dombret, who invited me to participate in this conference – unfortunately through video and not physically, but I feel very close to you. And I have to say that the theme of the conference – “Towards a New Age of Responsibility in Banking and Finance” – is extremely timely. Banks and banking rely on trust, and while trust takes years to establish, it can be lost in a moment through failures caused by problematic ethics, problematic behaviours and wrong values. Events that precipitated the global crisis and subsequent issues that have emerged have revealed a multitude of cultural failures in my own understanding and in the Group of Thirty’s understanding. The report of the G30, which has been concentrating on these issues, recognises that problematic cultural norms – subcultures, in some cases, within large banks – have caused widespread reputational damage and loss of public trust. These events have been not only economically costly for firms in terms of litigation, in terms of regulatory actions and in terms of fines. These cultural failures also came at a high cost for the public, directly in some cases, and always in terms of lost bank lending capacity. Banking plays a crucial role in the economic and financial domain across the globe, providing support for growth, for employment and for our collective future long-term sustainable prosperity. A lot of work has begun in banks to deal with issues of conducts and behaviours, but there are still important gaps in implementation, and there is a great need to sustain and reinforce these efforts to achieve lasting results. The third G30 study on this particular issue, which is called Banking Conduct and Culture, calls for sustained and comprehensive reform. It is the culmination of several years of work focusing on the governance challenges faced by the world’s largest banks, by their boards, by their management and by the supervisors that oversee the health of the financial system as a whole and the economic sustainability, integrity and solidity of the individual firms themselves. Research for this report, which has been published recently, began in the fall of 2014. It was led by a steering committee comprised of co-chairs Roger W Ferguson, Jr and William R Rhodes and vice-chairs, and I will mention in particular the important contribution of Gerd Häusler, who is very well known, of course, in Germany, and also of John G Heimann and David Walker. They were supported by other working group members and observers. And to give you an

4 | Jean-Claude Trichet

idea of the work which has been done, more than 70 interviews were conducted on a non-attribution basis to encourage openness, frankness and candour with senior supervisors, board members, chairs, CEOs and senior members of management in many, I would say perhaps a majority, of the largest, most complex global and domestic banks in 16 countries. Interview participants illustrated how individual firms embed these values, behaviours, ethics that together constitute culture, how they champion strict adherence to ethical values and punish unethical behaviour and the challenges they are facing, and which are the approaches that, in their eyes, are the best in the circumstances. A great deal rests on a firm’s culture. As the title of our report makes clear, improving and embedding desired conduct and cultural norms is a long-term process that requires a sustained effort. The public can be served and individual firms can prosper in the long term only if they are trusted entities operating for the broader benefit and with the support of their customers. And not only their own customers, but society at large. The banking community as a whole needs to repair the damage done by failures in cultures, in values and behaviours, and should tackle the challenge with renewed vigour and purpose to achieve tangible improvements in reputation. The research pursued for this report shows that some firms are further along on the cultural journey, while others, unfortunately, have barely begun, or are trying, but failing, to achieve real significant changes. Regardless of where a firm stands, this report provides actionable advice to management, supervisors that we believe is applicable across cultural and geographic boundaries. Of course, this is very important because we are speaking of a global issue, not a national issue. The report addresses also the “soft” yet very-hard-to-get-to issue of bank culture by building on existing foundations of values and practices in the conduct of business. It does not define one good and one bad culture, or propose further regulation to govern culture. Rather, it identifies approaches, processes and examples of good practice that exist in other sectors, in the banking industry, and within individual banks, that should be a foundation of a sustained industry-led response. Drawing on the more than 70 interviews conducted, the reports offers recommendations for an industry-led response in key areas, including the overall mindset of culture, the need for senior accountability and governance processes, performance management and incentives in terms of compensation, for instance, staff development, promotion and an effective “three lines of defence”. This report also identifies specific ways regulators, supervisors and authorities can contribute effectively. The report, I would say, synthesises the overall sentiment of the various members of the group and reflects broad agreement amongst all participants. The focus of the report is on systemically important banks, but the observations and the recommendations

I. The Group of Thirty Report on Banking Conduct and Culture | 5

have wider application in the banking industry, and, we believe, more broadly in the financial industry as a whole. Let me now turn to different points that are more specific and on which I will now concentrate. I have selected six points which I trust are of importance. First point: most banks should aim for a fundamental shift in the overall mindset on culture – I say, most banks. If not there already, banks should shift the implementation approach to “this problem is core to our business model and fixing it is key to the economic sustainability of the institution”, raising the bar for CEO and executive team leadership, visibility and appetite to consistently take difficult internal sanctioning decisions – and by sanctioning decisions, we mean ensuring material consequences in terms of both termination of implicated management and employees, and significant compensation adjustments. Sanctioning must affect those with oversight responsibility, including, when needed and where needed, the CEO, for any new issue that arises and include those who exercise wilful blindness. Second point, I would say that as regards senior accountability and governance, boards should ensure that oversight of embedding values, conduct and behaviours remains a sustained priority, with the primary responsibility resting with the CEO and executive team for ensuring that the tone from the top has a clear and consistent echo from the bottom. The third point is on performance management and incentives. Banks should ensure that their performance management does not reward individuals who do not meet a threshold of acceptable behaviour in line with firm values and conduct expectations. This includes meaningful and consistent compensation adjustment – for example, bonus reduction or elimination, clawbacks, in the event of identified failures. This requires use of a meaningful balanced scoreboard approach based on objective criteria. As regards the fourth point, we consider it should concentrate on staff development and promotion. Banks should continue to establish robust processes to explain and regularly reinforce to staff what is exactly expected from them, and it deals with the first-line skills, and ensure that frontline management and leadership are properly trained. This can be achieved through development programmes for staff across all areas of the bank, tailored appropriately to banks’ circumstances which would regularly reinforce the desired values and conduct. And it also deals with formulating and implementing a system-wide values and conduct evaluation process for internal promotion and external hires. The fifth area is mentioning the effective lines of defence. All employees and all levels of management should adhere to values, conduct and the expec-

6 | Jean-Claude Trichet

tations for adopting the behaviour. Business line management, which is the first line of defence, should shoulder primary responsibility for delivering the desired values and conduct, with the second line setting standards, monitoring and providing advice to the first line. And then the third line, namely the internal audit reporting to Board and CEO, should be extremely robust and mandated to test adherence to the stated standards. This is, of course, extremely important, and I take it that these lines of defence are now very well known by all financial institutions, but the problem is to focus on the values that are at stake. And the sixth point, where we would stress that there is progress to be made, deals with the regulators, the supervisors and the enforcement authorities. Addressing cultural issues must, of necessity, be the responsibility of the board and of the management of the firms. Supervisors and regulators cannot determine themselves culture, but supervisors should have an extremely important monitoring function. That, of course, is also, I would say now, very well accepted, but it has to be said very forcefully. These are the six points on which I would insist very much. In summing up the conclusion of the G30 report, I really trust that the desired cultural shift will require leadership, persistence and consistency to overcome the past years of entrenched behaviours and attitudes, and to ensure that the changes are sustained and lasting rather than ephemeral or merely shortterm window-dressing. It was a great pleasure to participate in this conference.

neue rechte Seite weiter

II. Why focus on Culture? | 7

| II. Why focus on Culture? II. Why focus on Culture?

8 | Jean-Claude Trichet

II. Why focus on Culture? | 9

Andreas Dombret, Member of the Executive Board of Deutsche Bundesbank

Culture and Conduct Andreas Dombret

Introduction Culture is a phenomenon with many definitions and connotations. In a corporate setting, it can be defined as “a system of shared values that define what is important, and norms that define appropriate attitudes and behaviors for organizational members”.1 When most people think about the concept of sound corporate culture, the financial industry probably will not be the first place that springs to mind. Thus, the years since the onset of the financial crisis have seen culture in banking emerge as an increasingly important topic for academics and practitioners alike. What do we mean when we talk about culture in banking? Why should we focus on it? And how can it be changed and/or regulated? These are the questions this paper sets out to answer. Let’s start off with a mental challenge: imagine a banker was asked to take out a blank sheet of paper and write down all his company’s values and ethics. Would he manage to list them all? Would he find it easy, or perhaps difficult? Now let’s go one step further: imagine a group of his colleagues were asked to do the same, but without conferring with each other. Would they all come up with the same set of points, or different ones? It’s more likely than not that there will be differences in what they write down, if only in the details. That being said, the last few years have seen an increasing amount of thought being devoted to the topic of culture and ethics in banking, both in private and professional circles. And a host of credit institutions have already adopted a code of conduct, a code of ethics or the like. So bearing these advances in mind, why is the above experiment still unlikely to produce two identical sheets of paper? There are two reasons for this. One is that the way we prioritise corporate values is naturally informed by our own personal values and ethics. The other is that a corporate culture may well exist on paper – and only there.2

_____ 1 Charles A O’Reilly and Jennifer Chatman (1996), Culture as social control: Corporations, culture, and commitment, in: B M Staw and L L Cummings (eds): Research in organizational behaviour 18, 157-200, Greenwich, CT, JAI Press, p 166. 2 Andreas Dombret (2016), Four principles of good banking conduct, in: The Banker, January 2016.

10 | Andreas Dombret

And that’s the crux of the matter – nurturing a corporate culture and incorporating the values and ethics it entails into our own behaviour and daily life are two different things altogether.

Culture in banking: a snapshot Why focus on culture in banking? That’s quite an easy question to answer, it would seem. For one thing, banks grease the wheels of the economy by transforming maturities, lot sizes and risks. To provide this service, banks need to act as agents for at least two parties: savers and investors. But a bank can only perform this agent function if it enjoys the trust of both parties. Trust is one of the most cherished assets in the banking sector. Without it, banking as we know it, would be difficult, if not downright impossible. Sadly, the financial crisis and its aftermath destroyed many people’s confidence in the banking system. If banks are to regain the trust they have squandered, they will need to consider what exactly constitutes appropriate ethical behaviour. Alain Cohn, together with other colleagues, conducted an interesting experiment to investigate this question.3 In their paper, they show that employees of a large international bank behave, on average, honestly in a control condition. However, when their professional identities as bank employees are rendered salient, a significant proportion of them becomes dishonest. Control experiments with employees from other industries showed that those employees did not become dishonest when their professional identities were rendered salient. The authors conclude that the prevailing business culture in the banking industry weakens and undermines the honesty norm, and they reason that measures need to be taken to re-establish these values in the banking industry. Of course, these conclusions are not valid for the banking sector as a whole – in the end, it was a few black sheep who discredited the entire industry during the financial crisis. But this misconduct was rooted in a culture of short-term individual profits, that were prioritised over fair relationships resulting in long-term sustainable profitability. Corporate culture, then, seems to be a relevant factor in financial failure. As a paper by Andrew Lo has shown, even the setting of risk priorities mirror a corporate culture’s values and may deviate from a priority set by pure probability assumptions.4 There are many examples

_____

3 Alain Cohn, Ernst Feh and Michel André Maréchal (2014), “Business Culture and dishonesty in the banking industry”. Nature 516, 86–89. 4 Andrew W Lo (2015), The Gordon Gekko Effect: The Role of Culture in the Financial Industry. NBER Working Paper No 21267, www.nber.org/papers/w21267.

II. Why focus on Culture? | 11

of this in recent scandals in the financial industry. Many of them were able to come about because of the low priority the respective companies gave to controlling their trading desks. The banks’ objective now is to regain this trust, re-establish faith in the banking industry and restore the image of bankers as decent, trustworthy and upstanding business people. It is a goal that can only be achieved if banks, other companies in the financial industry and, last but not least, supervisors and regulators join forces. Regulators can create a proper regulatory framework, set the right supervisory incentives and encourage good conduct.

Culture – can it be regulated? Many regulatory measures have been put in place in recent years. One of them, the European Banking Authority Guidelines on the Supervisory Review and Evaluation Process (SREP),5 requires competent authorities to assess “whether the institution has a sound corporate and risk culture that is adequate for the scale, complexity and nature of its business and based on sound, clearly expressed values”.6 Similar regulations exist to ensure that remuneration policies support the institution’s corporate values. This is an area that has long been prone to misguided incentives. Chief among these flaws was the remuneration policy bias towards short-term goals. Reforms implemented in recent years have tied bankers’ bonuses to their performance over multiple years. This is a move in the right direction, and the next step is to tie the performance bonus to ethical conduct. Another SREP component is the assessment of conduct risk “as part of the legal risk under the scope of operational risk”.7 Because “corporate culture” is a phenomenon that’s difficult to grasp, we need rules of conduct for the banking sector that go one step further than legislation. In the Netherlands, for example, bankers each have to swear an oath that they will behave in an ethical manner. A code of conduct of this kind might prove useful when issues arise where the rules are somewhat opaque. In the banking business, there are often instances where a transaction might be legal, but it is not necessarily right. A bank must

_____ 5 European Banking Authority (2014): Guidelines on common procedures and methodologies for the supervisory review and evaluation process (SREP), http://www.eba.europa.eu/docu ments/10180/935249/EBA-GL-2014-13+%28Guidelines+on+SREP+methodologies+and+proces ses%29.pdf. In the following: EBA/GL/2014/13. 6 EBA/GL/2014/13, paragraph 86. 7 EBA/GL/2014/13, paragraph 253.

12 | Andreas Dombret

clarify in a code of conduct its expectation towards its employees with reference to these grey areas. Culture is also moving up the agenda at a number of international institutions, leading to the publication of papers such as the Financial Stability Board’s Guidance on Supervisory Interaction with Financial Institutions on Risk Culture,8 the G20/OECD Principles of Corporate Governance as well as the Basel Committee’s regulatory projects. The latter published guidelines on corporate governance principles for banks in July 2015.9 These principles stress the critical importance of effective corporate governance for the safe and sound functioning of banks, and thereby promote the value of strong boards and board committees together with effective control functions. Board members and senior management should care for a culture of honesty and accountability by using a code of conduct or code of ethics.10 Another example is the G30 report on banking culture,11 which expressly underlines the importance of culture and behaviour at financial institutions and links the absence of a corporate culture to the loss of trust in banks and to the financial distress some of them have suffered. The Group of Thirty calls for a fundamental shift in the overall mindset on culture and recommends a number of steps for both banks and supervisors.

Regulating culture – the constraints But for regulators, one important question remains – is culture something that can be regulated? As mentioned before, there are laws, regulations, guidelines, recommendations and instructions aplenty defining the behavioural standards that every bank, and every banker, has to meet. There are also more specific, capital-related requirements for operational risk including conduct events. However, responsibility for taking the necessary action – that is, implementing a code of conduct and underlining the importance of ethics and culture in day-to-day business affairs – ultimately rests with the individual financial

_____

8 Financial Stability Board (2014): Guidance on Supervisory Interaction with Financial Institutions on Risk Culture, http://www.fsb.org/2014/04/140407/. The goal of this guidance is to encourage early intervention and prevent behavioural weaknesses from taking root and growing. 9 Basel Committee on Banking Supervision (2015), Guidelines: Corporate governance principles for banks, http://www.bis.org/bcbs/publ/d328.pdf. 10 Basel Committee on Banking Supervision (2015), Guidelines: Corporate governance principles for banks, paragraph 14. 11 Group of Thirty: Banking Conduct and Culture (2015): A Call for Sustained and Comprehensive Reform, http://group30.org/images/PDF/BankingConductandCulture.pdf.

II. Why focus on Culture? | 13

company itself. And banks will have to do much more than just set up a code of conduct if they want to rebuild confidence and regain trust – they will need to breathe life into that code. But how exactly can banks and financial companies go about achieving that? Let’s not forget that ethics and culture are intensely personal matters. The values and ethical norms a person lives by are informed by his or her life experiences, family and cultural background, the generation he or she belongs to, and many other factors. But still, it is crucial for companies to stake out some common ground – a set of values that each individual employee and the company as a whole agree to accept and live by. This is anything but a trivial task. In the cultural and ethical sphere, there is no such thing as universal “best practices”, nor are there any metrics by which success can be quantified. This makes it very difficult indeed to pinpoint the specific qualities that define a company’s innate culture. The Bundesbank, for instance, has introduced six leadership principles as a way of setting the tone from the very top of the organisation. These principles are: Recognition, Communication skills, Responsibility, Equal opportunities, Judgement, and Motivation. Of course, others may choose different leadership principles – after all, they have to be appropriate for the entity in question. The Bundesbank’s set of principles naturally also have a bearing on the Bank’s corporate culture. In the following, I will discuss four examples of conduct principles that seem important from my point of view.

A first attempt at defining principles of good conduct One value that would appear to be worth considering is responsibility, both at the individual and the company level.12 Each individual is responsible for his or her own actions and lives by his or her own conscience and moral compass. Of course, one person’s moral compass may differ from his or her neighbour’s, so it is important to acknowledge one’s own accountability. In essence, responsibility, as an ethical value, ultimately concerns actions that are not expressly prohibited. If an action is not banned, does that mean it is permitted? As Seneca said: “Shame may restrain what the law does not prohibit”. So, by which standards do we define what is permitted?

_____

12 Andreas Dombret (2016), Four principles of good banking conduct, in: The Banker, January 2016.

14 | Andreas Dombret

The answer is a kind of self-regulation by which companies commit to live up to their responsibility towards their stakeholders – that is, their customers, their owners and their staff. It is not legally binding, of course, but a company should try to meet these expectations and have not only its own but also its customers’ interests at heart. As a second value, banks need good governance principles, because the “tone from the top” goes quite some way towards determining the individual employee’s behaviour. So it is up to the board and senior management to address and prioritise good conduct by promoting the values and behaviour they believe the company should embrace. Misconduct should be effectively sanctioned, for example in the form of reduced bonus or a career stop. It goes without saying that good governance has to be adopted and encouraged across all levels of management. Middle management awareness is particularly important because those employees act as a kind of direct role model for their staff. The core issue here is to promote sustainable long-term profitability built on ethical conduct and trust, rather than just business success. The latter is of course important as well, but if employees act solely on the basis of financial criteria, they will stay focused on delivering positive operating figures rather than aspire to morally acceptable behaviour. This is why incentives need to be set correctly throughout the company and across all levels of management. A third principle of good conduct is sustainability. In the long run, only banks that value sustainability will thrive, while institutions with a narrow focus on short-term profits will fall by the wayside. This commitment to sustainability may of course entail short-term costs or missed profits, but in the long term, the benefits will prevail. Winning customers’ confidence, cementing customer loyalties and building up a sound reputation are tasks that take time and are costly, but they are nonetheless necessary and worthwhile endeavours. This is especially true in the banking industry, where customers’ trust still needs to be regained. One area in which sustainability as part of a bank’s code of conduct can be implemented is remuneration – a bank’s remuneration policy needs to be aligned with its business and risks strategies in order to encourage sustainable banking. For instance, bonuses should be set as part of a multi-year framework to sufficiently reflect a bank’s business cycle. The fourth and final value I will discuss is sincerity – a quality that warrants inclusion in any self-respecting code of conduct. Of course, this is mainly a character trait, but in sum, it strengthens a company’s reputation. To put it differently, if customers feel that they have been poorly advised by a banker who does not have their best interests at heart, this will ultimately harm the reputation of the company, and might result in lost customers or even litigation.

II. Why focus on Culture? | 15

Conclusion: Trying to conceptualise culture Still, “culture” remains a somewhat abstract concept that cannot be readily incorporated into banks’ businesses and the activities of banking supervisors. In a memo to Berkshire Hathaway shareholders in 2006, Warren Buffett wrote that “culture, more than rule books, determines how an organization behaves”. Without any doubt, there is a lot of truth in that statement. At the end of the day, corporate culture is defined not by rule books, but by the behaviour of each individual employee. After all, a company’s public reputation is essentially the sum of the behaviour of all its individual employees. Put more succinctly, culture is, in essence, the connector between incentives and actions: A sound culture can smooth distorted incentives and encourage upstanding and decent behaviour, whereas a poor culture reinforces those misaligned incentives and is a breeding ground for unethical conduct. Low interest rates, for example, can encourage greater risk-taking. In a bank where sustainability and long-term stability are unshakable core values embedded in a common corporate culture, the individual employee is empowered to resist that temptation. A culture geared to short-term profits, on the other hand, could encourage employees to regard low interest rates as an opportunity and act in a riskier fashion. In conclusion, it is safe to say that culture matters, perhaps nowhere more so than in the banking sector that is based on trust. Introducing a sound corporate culture and defining a set of ethics and values are important, but living those values and applying them to daily routines is more important still.

neue Seite

16 | Alberto G. Musalem

Alberto G. Musalem, Executive Vice President, Federal Reserve Bank of New York

The importance of Reforming Bank Culture Alberto G. Musalem

Thank you to the Institute for Law and Finance for the invitation to speak here today. It is a pleasure to be at Goethe University. The New York Fed has, for the last two years, been part of an international dialogue on the reform of culture in the financial services industry. Why culture? Let’s begin with the following hypothesis: environment drives conduct. What each of us learned from our parents governs some of our behavior, but not nearly as much as any of us who are parents would like to believe. Place ordinary people in a bad environment, and bad things tend to happen. That said, place someone in a good environment, and good things tend to happen. This is just part of being human. We observe and adapt. Before continuing, I would like to clarify that the views I express today are my own and may not reflect the views of the Federal Reserve Bank of New York or the Federal Reserve System. Part of any organization’s environment is its culture. Some have labored over a precise definition of the word “culture.” Bill Dudley, the President of the New York Fed, has offered the following description, which works for me: “Culture relates to the implicit norms that guide behavior in the absence of regulations or compliance rules – and sometimes despite those explicit restraints. Culture exists within every firm whether it is recognized or ignored, whether it is nurtured or neglected, and whether it is embraced or disavowed.”1 The New York Fed’s interest in reforming culture is a product of events since the Financial Crisis. Take, for example, the manipulation of LIBOR and foreign exchange rates, much of which was collusive. Each of those episodes involved misconduct affecting wholesale markets on which the real economy relies. Both cases shared an underlying, flawed outlook. Bankers failed to see beyond their immediate financial goals. They ignored the broader social consequences of their decisions on the firm and its customers, as well as on consumers, producers, savers and investors. The same flawed outlook may have contributed to the Financial Crisis.2

_____ 1 William C. Dudley, Enhancing Financial Stability by Improving Culture in the Financial Services Industry, Remarks at the Workshop on Reforming Culture and Behavior in the Financial Services Industry, October 20, 2014. 2 Cf. William C. Dudley, Opening Remarks at Reforming Culture and Behavior in the Financial Services Industry: Workshop on Progress and Challenges, Federal Reserve Bank of New York,

II. Why focus on Culture? | 17

There are many more examples. One bank was fined for doing business with Sudan despite economic sanctions imposed for engaging in genocide.3 Another bank manipulated electricity markets in California and Michigan.4 Other banks helped U.S. citizens evade taxes.5 I will not review the full litany. Notably, none of these recent episodes had anything to do with capital levels or liquidity ratios. The many post-Crisis reforms to bank balance sheets – including the DoddFrank Act and new standards developed by the Basel Committee on Bank Supervision and the Financial Stability Board – provided necessary bulwarks against systemic risks. Capital and liquidity requirements, and the enhanced testing surrounding them, have made banks and the financial system more resilient to stress. But those new laws, regulations, and standards have done little to curb banker misconduct. Each post-Crisis episode demonstrates a narrow cultural focus on short-term gain and disregard of broader social consequences. Last year the New York Fed challenged the industry to consider many factors that have contributed to recent, widespread misconduct. There are no simple answers and that discussion is continuing. This year, by contrast, our focus has been more on solutions – what’s working, and what is not. In both years, we have offered three messages to the industry. First, cultural problems are the industry’s responsibility to solve. The official sector can monitor progress and deliver feedback and recommendations. In fact, many individual supervisory findings are often symptoms of deeper cultural issues at a firm. But the banks themselves must actively reform and manage their cultures. Second, a bank’s implicit norms – especially those reinforced through incentives – must align with the public purpose of banking. Gerald Corrigan, more than three decades ago, presented a theory of banking based on the principle of reciprocity.6 Banks receive operating benefits unavailable to other industries because they provide important services to the public. For example, financial

_____ November 5, 2015, (“The banking scandals that followed the financial crisis are evidence that something fundamental is wrong. I would encourage each of you to consider not just specific examples of misconduct, but the patterns within them that point to underlying causes. I suspect we will see a strong overlap with those factors that contributed to the financial crisis.”). 3 See Thomas C. Baxter, Jr., Reflections on the New Compliance Landscape, Remarks at The New Compliance Landscape: Increasing Roles – Increasing Risks Conference, July 24, 2014. 4 See Order Approving Stipulation and Consent Agreement, In re Make-Whole Payments and Related Bidding Strategies, No. IN 11-8-000, IN 13-5-000, U.S. Federal Energy Regulatory Commission (July 30, 2013). 5 See Baxter, supra n. 3. 6 E. Gerald Corrigan, Are Banks Special?, Federal Reserve Bank of Minneapolis Annual Report, January 1983.

18 | Alberto G. Musalem

intermediation is enhanced through deposit insurance and access to the discount window. Public benefits, though, are not a gift. They are part of a quid pro quo. In exchange for receiving valuable operating benefits, a bank’s implicit codes of conduct – that is, its culture – must reflect the public dimension of the services that banks provide. Third, the reform of bank culture should aim to restore trust.7 The bedrock of the financial system is trust and the word credit derives from the Latin notion of believing or trusting. We saw seven years ago that the public’s trust is critical in a crisis. The repair of the financial system would not have been possible without public support. If another crisis were to happen tomorrow, would there be that support? A lack of trust – or, more accurately, low trustworthiness – also imposes day-to-day costs.8 For starters, there are fines. Then there are the legal costs in investigating allegations and defending lawsuits. Internal monitoring also becomes more expensive as rules become more extensive. Some might say that the proliferation of rules since the Financial Crisis is inversely proportional to a decline in the industry’s perceived trustworthiness. The choice between rules and standards depends on the trustworthiness of the regulated. A more flexible, standards-based legal regime requires a degree of trustworthiness that, in recent years, banks have not demonstrated. Those are the measurable costs of low trustworthiness. There may be other, longer-term costs that are more difficult to price. Let me raise just two. If employees perceive a firm as untrustworthy or disloyal, will they choose to work in that firm? And, if they do, how will they behave toward the firm and its stakeholders? I am encouraged that the industry seems to understand the importance of reforming its culture. Consider for a moment the following data points. In September 2013, shareholders of a major U.S. bank requested that the bank prepare

_____ 7 See Christine Lagarde, Economic Inclusion and Financial Integrity, Address to the Conference on Inclusive Capitalism, May 27, 2014, (“Trust is the lifeblood of the modern business economy …. To restore trust, we need a shift toward greater integrity and accountability. We need a stronger and systematic ethical dimension.”); Mark Carney, Rebuilding Trust in Global Banking, Speech at 7th Annual Thomas d’Aquino Lecture on Leadership, Ontario, February 25, 2013, (“The real economy relies on the financial system. And the financial system depends on trust. Indeed, trust is imbedded in the language of finance. The word credit is derived from the Latin, credere, which means ‘to have trust in.’”); Dudley, supra n. 1 (“Unless the financial industry can rebuild the public trust, it cannot effectively perform its essential functions. For this reason alone, the industry must do much better.”). 8 See generally Onora O’Neill, A Question of Trust 15–17, 23–24, and 43–47 (2002) (distinguishing trust from trustworthiness).

II. Why focus on Culture? | 19

“a full report on what the bank has done to end [its] unethical activities, to rebuild [its] credibility and provide new strong, effective checks and balances within the [b]ank.” That request was forwarded, by the way, by a Catholic nun. The bank responded through its attorneys that the nun’s proposal was “materially false and misleading” and “impermissibly vague and indefinite.”9 Fast forward to May 2015. The Federal Advisory Council – a panel of bankers that advises the Federal Reserve System – reported that “Regulators and the banking industry have worked extensively to restore financial stability through a series of mechanisms and rules that establish appropriate levels of capital, liquidity, and leverage…. As often as not, however, the challenges faced in recent years have been behavioral and cultural; post-crisis episodes such as LIBOR and foreign exchange manipulation provide hard evidence that there remains work to be done.”10 This is clearly an encouraging difference in perspectives. The public sector, too, has paid increasing attention to culture. The Group of Thirty, the Basel Committee, the European Systemic Risk Board, and the Financial Stability Board have issued papers on culture, governance, and misconduct risk. The Fair and Effective Markets Review – a joint project of the Bank of England, the Financial Conduct Authority, and Her Majesty’s Treasury – has called for heightened standards for market practice in matters affecting the public good. And in the last year, we have seen emerging approaches to supervision that aim to address culture, conduct, and governance. In particular, the central bank of the Netherlands – De Nederlandsche Bank – has pioneered new techniques for the supervision of corporate governance, especially for assessing the group dynamics of boards and senior management.11 Culture also features prominently in criminal enforcement. The U.S. Department of Justice requires its prosecutors to determine “the pervasiveness of wrongdoing” at a corporation before seeking an indictment. According to its prosecutors’ manual, “[T]he most important [factor in making this determination] is the role and conduct of management. Although acts of even low-level employees may result in criminal liability, a corporation is directed by its management and management is responsible for a corporate culture in which criminal conduct is either discouraged or tacitly encouraged.”12 Individuals, including senior managers, also face criminal liability for their conduct. Recent guidance from the

_____ 9 Letter of Martin P. Dunn to the Office of Chief Counsel at the U.S. Securities and Exchange Commission’s Division of Corporation Finance, January 17, 2014. 10 Federal Advisory Council and Board of Governors, Record of Meeting, May 8, 2015. 11 See Supervision of Behavior and Culture: Foundations, Practice & Future Developments (Mirea Raaijmakers, ed. 2015). 12 U.S. Attorneys’ Manual, § 9-28.500.

20 | Alberto G. Musalem

U.S. Department of Justice places greater emphasis on individual culpability.13 And the recent convictions of two traders for rigging LIBOR, one of whom served as the Global Head of Liquidity and Finance at a major bank, may send a powerful message to bankers about the consequences of their misconduct.14 The new acceptance of culture as an important area of focus was evident at a workshop that the Federal Reserve Bank of New York hosted on November 5. Christine Lagarde, Managing Director of the International Monetary Fund, and Stanley Fischer, Vice Chairman of the Board of Governors of the Federal Reserve System, headlined a contingent of over 20 public sector authorities from around the globe. They were joined by the CEOs, senior executives, and board members of global financial institutions. Together, they discussed methods of reforming culture and the continuing challenges in this effort. In my view, the workshop offered a number of useful insights, chiefly: • Culture is a soft concept that is hard to measure, and perhaps harder to manage and sustain. But it is as important as capital and liquidity, and should receive continuous and persistent attention. • A bank’s culture must be consistent with public expectations and promote behavior that considers the firm’s many stakeholders, including the public. Also, a positive, constructive culture can be an important pillar aligned with the execution of a firm’s business strategy. • Culture cannot be set by fiat. Leadership is indispensable, and requires more than a “tone from the top.” Managers of all levels must take action to promote a greater sense of personal responsibility and stewardship among employees. The next generation of financial leaders will reflect the expectations of leaders today. • Despite firm-wide statements about values and codes of conduct, banks may have several dissonant sub-cultures. “Silos” or “tribes” as they are sometimes called, appear in most if not all of the episodes I described earlier. By sharing best practices across the industry, firms might identify common warning signs of problems within sub-cultures and behaviors that are incompatible with the firm’s values. • Diversity of thought and background are valuable cultural assets because they generate better questions and decisions, contributing to effective challenge. A diversity of views, though, must be complemented by a sense of

_____ 13 See Memorandum of Sally Quillian Yates, Deputy Attorney General, regarding Individual Accountability for Wrongdoing, September 9, 2015. 14 See U.S. v. Allen et al., 14-cr-00272, Dkt. No. 147 (S.D.N.Y Nov. 6, 2015) (jury verdict against Anthony Allen and Anthony Conti).

II. Why focus on Culture? | 21

common purpose. Certain basic principles – fair treatment of customers and employees, for example – cannot be open to debate. The Federal Reserve Bank of New York recently launched a webpage that collects resources on bank culture.15 We’ve included the papers by the Group of Thirty and other organizations that I have mentioned, and summaries of our two workshops on culture. I hope you’ll take a look. To conclude, the Financial Crisis and subsequent scandals revealed deep and continuing flaws in the culture of banking. The responsibility to address these flaws rests with the banks themselves. Many industry leaders have initiated reform programs within their firms. It is important to keep the momentum going. Reform requires relentless and sustained effort: from the top of an institution to its most junior employees, and across all of the institution’s business activities. Reform must include the full scope of an employee’s career, beginning with recruiting and continuing with annual performance management, compensation and promotion decisions. We in the official sector will be looking to the industry to fulfill its end of the bargain – to act consistent with the public well-being, to value long-term stability over short-term gain, and to take account of all stakeholders in making decisions. Thank you for your time and attention.

neue Seite

_____ 15 https://www.newyorkfed.org/governance-and-culture-reform/index.html.

22 | Patrick Kenadjian

Patrick Kenadjian, Senior Counsel, Davis Polk & Wardwell LLP

We ignore Culture at our Peril Patrick Kenadjian

1. Why focus on culture now? How did we come to focus on the culture of financial institutions in the fall of 2015, much less devote an entire day at a conference at the Institute of Law and Finance of the Goethe University, Frankfurt (the Conference) to the topic? In a sense, we arrived at this point through a process of elimination. In the aftermath of the financial crisis of 2007–2009, as we first turned our collective attention towards reform, we tackled those elements which were large, obvious and concrete, those areas where regulation had a clear role to play. We addressed capital adequacy, liquidity, leverage. We talked about the structure of the firms involved. We examined the scope of regulation, whether large swathes of firms and activities fell outside the scope of prudential regulations and needed to be brought within it. We took measures intended to strengthen the tool kit and the resolve of supervisors. We strove to take measures which would reduce the likelihood of failure and the losses upon failure of financial institutions, especially those labeled “too big to fail”. We acted locally and we coordinated internationally. We enacted laws and regulations. And yet, eight years after the outbreak of the crisis and more than six years after systematic work on financial reform commenced, we must recognize that public trust in the financial sector does not seem to have been restored. According to the Edelman Trust Index, public trust in banks today is still 30% below pre-crisis levels and 9% lower than in 2008 at the high or low point of the crisis, with banks being the least trusted service providers. The Group of Thirty Report (2015) brilliantly presented by Jean-Claude Trichet at this Conference contain these and other depressing statistics. But why should we care about trust in the financial sector? It has to do with the central role finance has come to play in our economies, the difficulties lay people have in comprehending many of the products and services it provides and a deep seated mistrust of both money and those who deal in it. Finance is the medium through which individuals save for retirement and their children’s education and borrow to buy shelter, businesses finance their operations and their expansion, creating jobs and producing the goods and services on which we all depend. All of these transactions require trust that the financial institution will not be taking undue advantage of the client or counterparty. Of course, we could say with President Reagan that, while trust is good, verification is better. But in fact that equation only holds for exceptionally high stakes transactions. Otherwise the cost of verification of every-

II. Why focus on Culture? | 23

day transactions easily outstrips the benefits and slows down the process of economic exchange. At a time when we are looking to the financial sector to help fuel growth we have little interest in slowing it down any more than necessary. Also, given the complexity of many financial products, verification is simply not an option for many users of these products. So trust is central. With respect to the inherent mistrust of finance and financiers, J. Kenneth Galbraith wrote in The Great Crash 1929 that “[m]oney is handled with a narrow, suspicious eye. The man who handles it is assumed to be dishonest until he proves himself otherwise.” But, as was pointed out to me recently by an erudite Deputy Governor of a European central bank, the suspicion probably goes back much further, at least to Aristotle, who saw that money could be useful as a common measure of value of disparate things, but had a profound distrust of generating money with money, a distrust which still seems to be with us. In the popular mind, there has been little doubt from the beginning that greed and misfeasance within financial institutions were largely responsible for the crisis and have not been cleaned up since “no one has gone to jail.” As a result, the Bank of England has found that 77% of what it refers to as the “informed public” in the UK think there is not enough regulation of banks. (Bank of England 2015) That is worrisome but not new. What is new is that regulators, supervisors and senior bankers are coming to the conclusion that culture within financial institutions is a serious contributor to what led the financial sector to the brink of the abyss in 2008/2009 and keeps it from recovering fully, both economically, as fines and financial penalties continue to pile up, and in terms of public trust, as new scandals arise. The Group of Thirty Report estimates that as of last summer fines to G-SIBs had topped $230 billion since the crisis, equivalent to one and a half years of average net income for the institutions involved. So-called “operational risk” losses are topping reserves for credit losses. It is of course possible that we are being too impatient in our expectations of the time frame within which it is reasonable to expect public trust to be restored. One of the Conference participants, Paul Tucker, suggested a time frame of a quarter century. If that seems very long, a comparison with the time periods required to restore public trust in other industries after catastrophes more limited in scope than a global financial crisis may be instructive. For industries like chemicals, nuclear energy or oil and gas, a decade or more has not been unusual. So Paul Tucker’s estimate starts not to look all that unlikely. In fact, Simon Lewis, chief executive of the Association for Financial Markets in Europe, an industry group, has written that “it may take a generation”. (Lewis 2015) Nonetheless, even if the task will take a generation, we should assume that it will not be done unless we attack the root causes of the problem. So we have turned to a common observation in analyzing the crisis, which is that in the run-

24 | Patrick Kenadjian

up to it there had been a cultural change in financial institutions. This change was encapsulated in an op-ed piece which appeared in the Financial Times by John Reed, former chairman and chief executive officer of Citigroup on November 11, 2015, a few days before the Conference, entitled “We were wrong about universal banking.” After discussing the financial and economic aspects of the turn from traditional banking to investment banking, he notes that “[t]he second thing we were wrong about has to do with culture – and this turns out to be very serious.” His conclusion is that the cultural change resulting from this shift has made the current universal banking model “inherently unstable and unworkable.” John Kay, in his 2015 book Other People’s Money (Kay 2015) which was cited at the Conference by John Griffith-Jones, Chairman of the UK Financial Conduct Authority (FCA) argues that “the rise of the trading culture has not just led to a decline in ethical standards but has also contributed to financial instability.” All the participants at the Conference, whether from industry, the public sector or academia, acknowledged that culture has something to do with public trust and requires attention if the financial sector is to recover that trust.

2. Why not just focus on behavior? However, dealing with culture presents a number of knotty issues, including how to define it, what impact it has on conduct, whose responsibility it is to define and, if necessary, correct it, and even whether it is something that can or should be regulated and sanctioned. Andrew Lo in his article “The Gordon Gekko Effect: The Role of Culture in the Financial Industry” (Lo 2015) notes that anthropologists have catalogued 164 different definitions of culture and adds that his objective is not to solve the definitional problem, but rather to find a working definition to describe a phenomenon. I will not be more ambitious than Mr. Lo on the definitional side. A participant in the Conference rightly raised the more practical question to the first panel of how cultural norms could be enforced and whether this was consistent with the idea of laws and regulation as we understand them. This question dovetailed with remarks made by Andreas Dombret of the Deutsche Bundesbank distinguishing culture and behavior and noting that a more achievable goal might be to change behavior rather than culture. That is of course a possible approach for which there was a good deal of support at the Conference. It is also implicit in the speech by Clive Adamson of the UK FCA cited below that really it is only conduct and not culture which can be sanctioned directly by a conduct authority. I think it is perfectly conceivable to approach the problem this way by engaging in what could be called behavioral risk management. This would, as

II. Why focus on Culture? | 25

noted by the original questioner, allow a more concrete program of actionable initiatives within the firms involved and would be compatible with conventional views of corporate governance, aiming at managing the behaviors most likely to harm the business franchise. You could start by asking what behavior risks you are trying to control and manage. These could include, for example, lack of appreciation and respect for compliance procedures, cutting corners on operating policies and procedures to achieve growth and profit targets, and intolerance by senior management for opposing views. You could then try to direct and control risk appropriately by reference to a number of concrete elements such as monetary and other rewards (for example titles and promotions), potential loss, career risk, competitive pressure, peer pressure, self-image and the regulatory environment. In essence, you would be focusing on behavior both inside and outside the institution and on those features of the institution’s internal structure which you think most influence behavior, rather than trying to deal with the more elusive concept of culture. This is a conceivable approach, but is it the right one? And the right one for whom? The supervisors and the regulators or the firms involved? For the reasons discussed below, I think it can be justified for supervisors and regulators to focus primarily on sanctioning conduct, but I think it would be wrong for the firms involved to ignore culture in favor of focusing exclusively on behavior and internal structures. Whether a focus on structure is the right approach from a firm’s point of view was the topic of one of the afternoon panels at the Conference. Lenny Fischer of BHF Bank expressed the view that while structure is important as a conduit for conveying culture, structure alone, without a cultural message to convey would be ineffective in changing conduct. Thus while all these measures can be taken, the issue for me is whether simply directing attention towards specific risks and kinds of conduct does not stop short of attacking the sources of those risks and that conduct and thus lead to an endless game of “whack-a-mole” for the public authorities and the firms themselves. So, while I agree that it is behavior, not culture, which must be sanctioned, I believe a focus on behavior alone may miss dealing with the deeper causes of the behavior. My concern is articulated in a recent communication from FINRA, the US Financial Industry Regulatory Authority, in January 2016 to the institutions it regulates – financial securities firms such as broker-dealers – which led off with culture, conflicts of interest and ethics, stating that “[f]irm culture has a profound influence on how a firm conducts its business and manages its conflicts of interest. FINRA does not seek to dictate firm culture, but rather to understand how it affects compliance and risk management at firms.” (FINRA 2016)

26 | Patrick Kenadjian

3. Whose job is it to define culture? However, Andreas’ Dombret’s observation points to an important limitation in the discussion of the importance of culture by regulatory and supervisory authorities, which is their reluctance to be prescriptive in their approach. The Group of Thirty Report echoes this stance by stating there is no one single right culture. In the first panel discussion Alberto Musalem of the New York Federal Reserve Bank also did not take up my invitation to list approaches that the New York Fed may have identified as particularly promising, although he gave us a link to a page on the New York Fed’s website where they collect resources on bank culture. The difficulties regulatory authorities have in choosing to take or not to take detailed positions in this area were underlined by the reaction the UK FCA encountered in December 2015 when it was disclosed that it would not be publishing results of its examination of bank culture commenced in 2013, but rather would be working with the institutions individually to address any concerns arising out of the examination. This disclosure was met with expressions of public and political dismay, and FCA officials were called to give Parliamentary testimony on the reasons for the decision. The FCA responded that it continues to view cultural change as important, but had simply shifted strategies to achieve it, from making its findings public to working privately with the firms involved. I think two concerns may be at work here. The first is that since, as discussed more fully below, culture and business models need to mesh and reinforce each other, so long as supervisors and regulators do not prescribe a single business model, prescribing a single culture does not make sense. Andreas Dombret made the point during our panel discussion that even within a single firm there could and probably should be different principles applicable to conduct in its different lines of business. If not, there would be the danger that whatever principles are articulated to apply generally will be too broad and vague to be enforced and will lack the necessary clarity to be fit for purpose. John Cryan of Deutsche Bank provided a concrete illustration of Andreas’ point by distinguishing between three broad lines of business that a universal bank like his engages in which require different approaches: the traditional banking business in which the bank works together with its clients to meet the clients’ goals; the trading business in which the bank takes a counter view to another market participant on the value of a particular asset; and the fiduciary business in which the bank manages other people’s money. He sees each as requiring a different approach. This point is surely well taken, and one can go even beyond that, by reflecting on the lack of consensus about duties of financial intermediaries towards

II. Why focus on Culture? | 27

various categories of people with whom they conduct business. Whereas there is a general consensus that some duty of fair dealing, in some jurisdictions even a fiduciary duty, may be owed to retail customers, there is a lack of consensus both in the market and in the law on what duties a financial institution owes to other persons, in particular those who fall in the category of institutional investors with more money that sophistication. Is a duty owed to them? Public expectations, market practice and the law seem to diverge here. The issue was perhaps best exemplified in a post crisis US Congressional hearing in which a CEO of a US financial services firm was called on to explain why it was permissible for the firm to take the opposite side from (characterized as betting against) the investors in a synthetic CDO vehicle the firm had structured. The CEO said the firm did not consider the investors to be “customers” to whom a duty was owed, but rather “counterparties”, so that it was legitimate to use asymmetries of information to the firm’s advantage. From a technical legal point of view he was probably right: what his firm did was entirely legal, or would have been had they not forgotten to disclose to the investors who had chosen the portfolio. However it is fair to say that neither the investors nor the members of Congress understood the distinction or could follow his reasoning. The issue was interestingly taken up by Awrey and Kershaw in their chapter “Towards a More Ethical Culture in Finance: Regulatory and Governance Strategies” in Morris & Vines (2014) in which they concluded: “There is arguably no underlying norm that sophisticated market counterparties be treated fairly. Indeed, there is a strong countervailing norm of caveat emptor within many wholesale markets.” The second concern was articulated by Alberto Musalem in our panel discussion, which is that it is important not to invert ownership of the issue. Culture should be the primary responsibility of the firm and not of the supervisor or regulator. This is clearly consistent with the idea that culture and strategy must mesh and that so long as we do not prescribe the one we should not prescribe the latter. I think this reluctance is fully justified by the experience of prudential regulation in the run-up to the crisis. As Andy Haldane of the Bank of England has noted, as prudential rules became more prescriptive, the regulated entities gradually substituted them for their own risk management, thus in effect, as Alberto said of culture, shifting ownership of the issue from themselves to the rules, rulemakers and supervisors. Risk management became an exercise in which ticking the box of the regulatory constraints was substituted for designing a policy for risk management and capital adequacy tailored to the institution’s actual business and strategy, with ultimately disastrous effects. John Kay makes the same point about culture when he writes “[r]egulation based on prescriptive rules has undermined rather than enhanced ethical standards, by substituting compliance for values.” (Kay 2015) It is important that we not repeat

28 | Patrick Kenadjian

the same mistake in the cultural and conduct area. Primary responsibility must rest with the firms, especially so long as they want to retain the freedom to determine their business models. The situation of public authorities is particularly delicate in part because, as another Conference participant noted, the public’s lack of trust is also directed towards them, as being potentially subject to “regulatory capture” by the institutions they regulate or supervise. This distrust probably underlies a good deal of the public and political dismay expressed towards the FCA’s decision to change tactics on their cultural review. The situation is perhaps most complex in jurisdictions like the UK where financial conduct and prudential regulation are split between two separate agencies, the FCA and the Prudential Regulatory Authority while questions such as culture and business models straddle the two areas. Thus I can perfectly well understand how the FCA may have felt it was going down a dangerous road. While as a practitioner I have sympathy for a question raised from the floor to the slowness of regulatory and supervisory responses and the lack of guidance in certain areas, I think this is an area where all of the answers cannot come from the regulators and supervisors. Still, it is important for them to ask the questions. In the FINRA January 2016 communication cited above, FINRA states that it “will focus on the frameworks that firms use to develop, communicate and evaluate conformance with their culture. We will assess five indicators of a firm’s culture: whether control functions are valued within the organization; whether policy or control breaches are tolerated; whether the organization proactively seeks to identify risk and compliance events; and whether sub-cultures (e.g. at a branch office, a trading desk or an investment banking department) that may not conform to overall corporate culture are tolerated.” That section of the letter concludes by noting that “a firm’s supervisory, risk management, and control systems are essential safeguards to protect and safeguard a firm’s culture.” In that sense, “[a] firm’s culture is both an input to and product of its supervisory system”. I have cited the letter at length because I think it shows how a supervisor can focus on set of indices of culture without prescribing what the culture should be.

4. The importance of culture This gives us a few interesting leads on how to define the terms we are using and to see whether there is evidence that culture can be altered and, if so, by what means and to what ends. Culture is often said to be what we do when no one is watching. Alberto Musalem cited New York Fed President Bill Dudley’s definition that “culture relates to the implicit norms that guide behavior in the

II. Why focus on Culture? | 29

absence of regulations or compliance rules – and sometimes despite those explicit restraints. Culture exists within every firm whether it is recognized or ignored, whether it is nurtured or neglected, and whether it is embraced or disavowed.” Clive Adamson, at the time Director of Supervision at the FCA, said in a speech delivered in 2013 when the FCA was starting to look into culture that “[c]ulture is like DNA. It shapes judgments, ethics and behaviors displayed at those key moments, big or small, that matter to the performance and reputation of firms and the service that it [sic] provides to customers and clients… we view culture through the lens of what matters to us as a conduct regulator. This means an effective culture is one that supports a business model and business practices that have at their core, the fair treatment of customers and behaviours that do not harm market integrity.” (Adamson 2013). I think this goes to the crux of why culture is important. It shapes judgments and pervades conduct in a way which laws and rules and even coercion cannot hope to do. It truly is like DNA. If one can figure out how to harness it, it can be a force for enormous good. If left to develop on its own, it can develop into a force destructive of institutions, individuals and markets. A frightening and extreme example of how a culture can develop seemingly without direction from above and spiral out of control is Philip Zimbardo’s 1972 Stanford prison experiment in which 24 individuals were randomly assigned to be “prisoners” or “guards” in a mock prison set up in the basement of the psychology building at Stanford University in California. The planned two-week study had to be halted after six days as the situation swung out of control, with the “guards” becoming sadistic and the “prisoners” showing extreme passivity and depression. The students were allocated their roles at random, so there was no self-selection for the roles involved. The “guards” were not given any specific instruction or guidelines as to how they were to treat the “prisoners” besides the fact that they were not allowed to use corporal punishment, but one third of them were judged to have exhibited “genuine” sadistic tendencies. (Zimbardo 1972) This example is obviously far removed from the situations we are seeking to deal with in the financial sector, but to me it does illustrate three things. The first is that, as Bill Dudley of the New York Fed has said, when things go badly wrong we need to be looking not just for “a few bad apples” but what it is about the barrel that could turn those apples bad. Interestingly, that was Philip Zimbardo’s reaction to the reports of prisoner abuse at Abu Ghraib prison in Iraq which the US army had sought to explain as the actions of a few rogue soldiers. We have to seek out what it was in the situation the individuals were placed in which could have led to the conduct. The second is that individuals left without guidance, cultural or otherwise, risk falling back on models of behavior and

30 | Patrick Kenadjian

conduct which can be far removed from the norms which those running the institution had in mind when they set it up, and which can be damaging both to the institution and to the individuals involved. Zimbardo, in his analysis of his experiment, puts the blame on the environment, but an equally possible and in my mind more revealing way of looking at it would be to note that there was a lack of “tone from the top” in the form of a set of acceptable criteria for conduct – i.e. the lack of a governing cultural framework – in that “barrel”, an ethical and cultural void which must have had something to do with the outcome. The third is that monetary incentives need not predominate. There was an absence of monetary incentives in motivating the behaviour of the “guards.” They were paid the same per diem regardless of their conduct. Andrew Lo makes this point and also notes that monetary incentives were absent in the equally infamous Milgram experiment at Yale where it was authority, not cash, which pushed the volunteers to administer what they believed to be ever higher doses of electric shocks to invisible, but audible, subjects. I think this is a sufficient starting point for a discussion of the matter, although I liked Andreas Dombret’s thought experiment challenge to us all in his prepared remarks at the Conference: how many of us could, on the spot, write down our own firm’s values and ethics, would it be easy or hard and would what we write differ from what our colleagues would write. I think we all assumed it would be harder rather than easier and that there would be differences, despite the fact that most of our firms have codes of conduct or of ethics and that most of us have spent a considerable amount of time thinking about ethics and culture. The point is obviously that between codes as written and codes as lived by individuals there can be a significant gap. But this gap is precisely one of the issues to be addressed by the Conference and Andreas made clear in his remarks that, in his view, for financial institutions “sustainable profitability is not possible without ethical conduct.” I question how you get ethics to come out in conduct if you have not put it into the culture that produces the conduct. As to the question of the direction in which we would like to move the culture and ethics of financial institutions, in my introductory remarks at the Conference I offered up two suggestions. The first is to foster “other-regarding behavior” within financial firms by taking into account the private individual and social costs of the transactions the firm undertakes or, putting it more concretely, reducing opportunism, including sharp practice, in client and counterparty transactions. There used to be an old joke on Wall Street about transactions in which a firm client lost money, which was “the firm made money, the broker made money and two out of three ain’t bad.” That is an example of what I think should cease to be a rule of conduct, if it ever was one. The second sug-

II. Why focus on Culture? | 31

gestion I made was to restrain “socially excessive” risk taking, i.e. risk taking which could lead to spillover effects on the financial system itself. Clive Adamson used market integrity as the second leg. John Kay calls for an environment or culture in which “putting clients first leads to personal reward and business profit in the long run.” (at 258) I think those points suffice as guideposts for the moment.

5. What business is it of public authorities to define culture? Perhaps another preliminary issue that should be dealt with is – putting aside how deeply regulators and supervisors want to get into the business of regulating and supervising ethics – whether they have any business doing so. This question was raised in an FT editorial in January 2016, defending the FCA’s decision to get out of the ethics review business, at least in public, saying these matters could be left to the banks and the Banking Standards Board they set up. I disagree for two reasons. First, the institutions in question, as Albert Musalem noted in his remarks at the Conference, “receive operating benefits unavailable to other industries because they provide important services to the public.” These benefits include deposit insurance and access to the lender of last resort which allow them to have a far cheaper cost of capital than non-financial sector firms. The quid pro quo for them must include conduct which reflects the public dimension of the services they render. Second, the damage done by clearly unethical and, in many cases, illegal behavior of bank employees caused huge damage to the economy and the public at large, requiring the commitment of public resources numbered in percentages of GDP (just short of 25% committed, a little less than 6% actually expended) to prevent a collapse of the financial system, so it cannot be the case that it is inappropriate for the public authorities to seek to prevent a recurrence of such “spill over” effects. The manipulation of benchmarks relevant to millions of foreign exchange and LIBOR related transactions after the crisis also potentially affected very large numbers of people. There should simply be no question as to the legitimacy of the inquiry, but only as to the most effective way to conduct it. As an aside, the Banking Standards Board on December 29, 2015 announced that they had sent out their first “report cards” on the culture of the major banks to those banks, without disclosing their contents or having a clear idea of whether and in what form the banks themselves might make parts or all their contents public. That is certainly not how report cards worked when I was in school.

32 | Patrick Kenadjian

6. What about the role of the individual? What about the shareholders? Returning now to the question of whether a firm can change its culture, some people, including some prominent supervisors, have expressed a degree of pessimism. Ignazio Angeloni, member of the Supervisory Board of the European Central Bank, delivered a thoughtful speech in Venice in September 26, 2014 (Angeloni 2014) on ethics in finance in which he questioned how much individual behavior is determined by what individuals bring with them from their social backgrounds, as opposed to what they take from their new environment, or their images of what their profession or job entails, citing work done by Guiso, Sapienza and Zingales on the value of corporate culture (2013). If cultural and educational background determines conduct, how much can an institution do to change that? I must admit, when I read this, to having thought immediately about the Stanford prison experiment. One way of reading that situation is that no one told the “guards” to act sadistically, but somehow they pulled a set of reactions out of the psychological baggage they brought with them to the institution which made them willing to violate the institution’s own rules (for example limits on the length of solitary confinement) in the pursuit of short term goals under conditions of pressure (a looming loss of control over the “prisoners” and the “prison”). When Andreas Dombret and I pulled together the themes for the Conference we consciously called it “towards a new age of responsibility”, an expression we borrowed from Mark Carney, Governor of the Bank of England. In doing so we wanted to focus not only on the culture that institutions create, but also the personal responsibility which those who work for in these institutions bring with them. However, the discussion at the Conference focused more on the institutional than on the individual side. The institutions determine the rewards and the work atmosphere. People get paid and promoted for producing sales and ostensibly profitable trades. Separate bonus pools can help generate a disregard for the broader interests of the institution. The culture of hire and fire determines the relevant time horizon of the employees. “If you can be fired in five minutes, your time horizon will be five minutes” may be an overstatement, but there is some truth there. On the other hand, individuals bring with them an idea of what their role as a banker should be, much as the “guards” in the Stanford prison experiment brought with them the idea they could act like sadists if they had a director willing to look the other way. How dissimilar is the attitude of the “rogue trader” who thinks he (so far it has always been a he) can disregard desk trading limits

II. Why focus on Culture? | 33

if his boss looks the other way? So while institutions may have a long way to go on culture and structure, individuals should not get a free ride either. They should not be able to check their identity as a person and a citizen at the door and become a caricature of Gordon Gekko the moment they flip on the computer screen. They should be willing to stand up for common sense and common decency because these values correspond to their personal and societal values. As John Key notes, if you would not steal your neighbor’s car or iPad if you found them unattended, not because you fear being caught but because you think it is wrong, you should also not take advantage of your customer even if you could do legally because it is wrong. So we inevitably return to what the institution can do to promote and reinforce ethical behavior by their employees. The Guiso, Sapienza and Zingales paper also raises another important question in their finding that publicly traded firms seem to have trouble sustaining integrity as a corporate value, and that this is attributable to the stock market not seeming to value integrity. Inherent in this finding is the question of in whose interest a financial institution is to be managed. The debate of shareholders versus stakeholders is a familiar one in corporate governance. Corporate laws provide differing answers, some requiring an exclusive attention to maximizing shareholder value, others allowing a balancing of the interests of other stakeholders, such as creditors, employees, the community in which the institution operates and of the institution itself as distinct from its stakeholders. So theory and the letter of the law may provide boards with different answers and this has often been seen as an obstacle to boards putting other interests ahead of maximizing shareholder value. However, I would venture to say that in the concrete set of circumstances facing boards of directors of financial institutions today, I do not see that, in practice the answer should be very different. When one considers the accumulated fines and penalties since 2007 which have wiped out large amounts of putative “profits”, plus the real possibility that in some jurisdictions a recidivist financial institution may lose its license to operate as such, with serious consequences for it, it really seems that a board should not be shy about telling its shareholders that “honesty is the best policy” and that “if you think compliance is expensive, try non-compliance.” As an aside, I was rather taken with the comment of one Conference participant that where equity makes up but 3% of the balance sheet, there is in any event something a bit peculiar about giving that 3% of stakeholders the exclusive say on corporate decisions. But to return to the Guiso, Sapienza and Zingales article, they also find that high levels of integrity at the top of a firm correlate with higher productivity, profitability, better industrial relations and attractiveness to job applicants. In the context of anecdotal evidence of increasing difficulties in

34 | Patrick Kenadjian

recruiting top graduates to the financial sector since the crisis, this is also an important consideration.

7. Can institutions change their culture? Guiso, Sapienza and Zingales have a somewhat ambivalent view of culture, not atypical of economists. They see corporate culture as an unspoken code of communication among members of the group and a set of norms and values widely shared and strongly held. They acknowledge culture can play a role of social control, but they see it primarily as a supplement to incentives. They leave open the question of whether it is possible to change the preferences of individuals by inducing them to internalize norms or only to alter their incentives in repeated games. In contrast, I think the answer from behavioral science in the corporate area is more positive, that firms can change their culture. The literature on the subject is extensive, but to simplify matters for the reader I will take most of my examples mainly from two sources, an excellent article which appeared in the California Management Review in the summer of 1989 by Charles O’Reilly, Professor of Management at the Stanford Graduate School of Business and Director of the Leading Change and Organizational Renewal Executive Program (O’Reilly 1989) and a recent book by retired General Stanley McChrystal (McChrystal 2015) The O’Reilly article is less than 20 pages long and well worth reading. I include references to General McChrystal’s book in the hopes of dispelling lingering doubts that dealing with questions of culture is for academics, theoreticians and regulators, but not for leaders in the real world engaged in real life struggles. The process the General describes he pursued in his command of the Joint Special Operations Command (JSOC), a combination of elite units from the various arms of the US armed forces, in order to combat Al Qaeda in Iraq from 2003 to 2009, can only be described as an attempt to change the culture of the units he commanded in order to match the advantages in speed and flexibility of the enemy. He describes creating a network combining transparent communication with decentralized decision-making out of a collection of elite units who initially distrusted each other and operated as isolated silos. His empirical observations along the way correspond remarkably with O’Reilly’s theoretical structure. Whether the issue is turning around on time arrivals at SAS or the extraordinary turnaround of the quality of production and the work atmosphere at the New United Motors Manufacturing Incorporated (NUMMI) plant in Freemont, California, examples abound of cultural changes brought about within firms in

II. Why focus on Culture? | 35

a variety of commercial sectors. At SAS it seems to have required little more than the CEO asking to receive daily reports of the on-time status of all flights to move the needle from 83% to 97%. (O’Reilly 1989) More dramatic was the situation at the Freemont plant, which GM had closed in 1982 as one of its worst plants with an 18% absentee rate and a history of labor conflict. Reopened a year later as a joint venture with Toyota, with 85% of the same employees and the same union, the plant achieved productivity twice that of other GM plants and an absenteeism rate of 2% compared to 8% at other GM facilities. At the core of the change was “a culture in which the assembly line workers maintain their machines, ensure the quality of their work, and improve the production process”. (O’Reilly 1989) In essence, a culture in which each individual participant took personal responsibility for the success of their work. O’Reilly’s article distinguishes between two kinds or views of culture. The first is “culture as control” which involves “the knowledge that someone who knows and cares is paying close attention to what we do and can tell us when deviations are occurring” which corresponds to the SAS CEO’s attention to ontime arrival. It includes attempts to measure either outcomes (for example ontime arrivals) or behaviors. It has its limitations in that often neither outcomes nor behaviors can be adequately monitored, especially when the activities are non-routine and unpredictable, in situations that require initiative, flexibility, and innovation, precisely those situations which can occur with some frequency in financial services firms. In those situations, only social control systems in which common agreements exist among people (co-workers) about what constitutes appropriate attitudes and behavior will work. This is the understanding of culture as “what we do when no one is watching” which we used at our point of departure. This is often seen as a social control system, “a pattern of beliefs and expectations shared by the organization’s members. These beliefs and expectations produce norms that powerfully shape the behavior of individuals or groups.” (Schwartz and Davis, cited in O’Reilly 1989) This “culture as normative order,” which involves expectations about what are appropriate or inappropriate attitudes and behaviors, can relate to issues such as quality, performance, flexibility, or how to deal with conflict, according to O’Reilly. The examples of cultures O’Reilly provides are Pepsico where competition is encouraged and failure to compete punished, IBM where service is the pivotal norm and 3M where innovation is recognized as central. The broad scope of these examples and the sometimes hard to measure qualities such as innovation they seek to promote would seem to indicate that this concept of culture as normative order could also apply in the financial services sector to issues such as ethical conduct in dealing with customers and even counterparties.

36 | Patrick Kenadjian

However, as O’Reilly points out, there is an important difference between guiding beliefs or vision held by top management and those held at lower levels, with the latter defining how things actually are. He suggests analyzing norms along two dimensions, the intensity of the approval or disapproval attached to an expectation and the degree of consensus or consistency with which the norm is shared. If there is wide consensus at the base that they understand what the C-Suite wants, but no buy-in to that vision and those values, they will not be translated into action and actually become the culture. Conversely, where a belief is held intensely only by a part of the organization, but not widely held, it will also not be the defining culture. Only where both intensity and a broad consensus are achieved does a culture which actually governs conduct “when no-one is looking” emerge. Hence the tri-partite discussion on the first panel of the Conference of “tone at the top”, “echo from the bottom” and the problem of the “perma frozen middle” to describe attempts at cultural reform where the C-Suite and the front line can be at one on wanting to implement a change in values but where there is a middle layer of management which has risen and prospered or at least gone along with the old ways of doing things. They are in a position to block or at least slow down reforms by the control they have over promotions from the bottom and the day-to-day examples they are in a position to give to “the bottom” that actually here “we do things otherwise” than the C-Suite thinks. This danger strikes me as particularly great in large organizations which have developed operational silos such as trading desks equipped with separate bonus pools which can make them impervious to “tone from the top”. General McChrystal makes the same point about the silos in the military: “[i]nstinctively the silos in our organization looked inward, where they could see metrics of success and failure” (McChrystal, at 139) and he talks about “victory as defined by the squad” as opposed to victory as defined by the task force. (McChrystal, at 127) O’Reilly then turns to why we should care about culture and cites two reasons. The first is one I have mentioned above, the fit between culture and strategy. To be carried out effectively, a strategy requires a congruence among people, structure and culture. A firm which has decided to compete on price, he notes, will require strict cost controls, a top down control structure and a culture emphasizing numbers, a lack of frills and a certain ruthlessness. A firm which has decided to compete on innovation will seek to develop a culture valuing collegial interaction and the development of new technologies and products. The second is the importance of culture in developing and maintaining levels of intensity and dedication among employees, what might be called commitment to the organization, especially in fields where employees have knowledge that is instrumental to the success of the organization (think traders

II. Why focus on Culture? | 37

in specialized markets, industry specialist analysts or investment bankers) or when very high levels of motivation are required (think M&A teams working around the clock). Both of these traits are clearly present in the financial sector and are particularly valuable in turbulent and changing conditions where employees have to take the initiative without waiting to be told what to do. Commitment to the organization, according to O’Reilly, is the “individual’s psychological bond to the organization, including a sense of job involvement, loyalty, and a belief in the values of the organization,” with commitment going through three stages: compliance (accepting the influence of others mainly to obtain something, such as pay), identification (where the motivation is to maintain a satisfying, self-defining relationship, with the person feeling pride in belonging to the firm) and internalization (where the individual finds the values of the organization to be intrinsically rewarding and congruent with personal values). For most organizations, identification suffices. Individual commitment, as we will recall from his discussion of the NUMMI plant, seems to have been crucial to the turnaround there. O’Reilly sees the development of culture as involving “constructing social realities”, by which he means that the needs and values of individuals are not a stable set which shape expectations, goals and attitudes, but rather are heavily influenced by the expectations of others, what he calls “the information and normative influence of others. We pay attention to the actions of others and learn from them.” “We do as others do, not as they say. We watch others and form expectations about how and when we should act.” (O’Reilly 1989) General McChrystal notes that “[it] was impossible to separate my words and my actions, because the force naturally listened to what I said, but measured the importance of my message by observing what I actually did.” (McChrystal, at 226) We learn vicariously by observing other people’s behaviour and its consequences for them. Thus, while we may not be aware of it, our world is largely a social construction, resting on shared agreements. O’Reilly then turns to mechanisms for developing and managing culture in organizations. The underlying mechanism is to “create situations characterized by strong norms that focus people’s attention, provide clear guidance about what is important, and provide group reinforcement of appropriate attitudes and behavior.” (O’Reilly 1989) He cites four common mechanisms. The first is participation which encourages people to be involved and sends signals to the individual that he or she is valued, in order to incite a personal choice by the individual to participate, with participation leading to commitment. The second is management as a symbolic action in support of the cultural values, including providing consistent patterns of actions which are consistent with those values leaders preach to the individuals below who will be carefully watching and lis-

38 | Patrick Kenadjian

tening to understand what is important. This also includes providing interpretations of events for the organization’s members, interpreting or reinterpreting history and telling stories. The third is information from others, including consistent messages from co-workers. The fourth is comprehensive reward systems, including not simply money but including the intrinsic rewards of the job and a sense of belonging to the organization. It is crucial that rewards accrue to the desired behavior and not to its opposite; people usually do what they are rewarded for and don’t do what they are punished for. Overall, I find this a useful framework to use to come to grips with the issues in the financial sector. The only area O’Reilly is light on is compensation, perhaps consistent with the view that monetary incentives can pale in comparison to authority as a source of bad conduct. There is clearly something to this view, buttressed by the Milgram and Stanford prison examples, but more thought has to be given to that in as money centered a world as financial services, where both greed and fear play an important role. We usually view them as holding each other in check: we fear punishment or loss and that puts a bridle on our greed. But in financial institutions today they may well reinforce rather than restrain each other in that the fear of losing the job for not producing the sales or trading profits expected can reinforce the greed of striving towards the bonus number. How to deal with that conundrum does involve compensation arrangements and was put quite pithily by Richard Lambert in his preface to “Capital Failure” where he wrote “[p]eople will have to be paid for the way they do business, and not just for the revenues they generate.” (Morris and Vines 2014)

8. How does this relate to the financial sector? To return to our main theme, O’Reilly demonstrates why culture is important and why we are focusing on it. It does beg the question, raised by Andreas Dombret and one of the participants from the floor of the Conference, of whether it is something which can be regulated as such or whether regulation should confine itself to observable behaviors. Andreas is of course right and Alberto Musalem agreed with him that it is observed behaviors which regulators sanction. This is also clear from Clive Adamson’s 2013 speech cited above. It is also possible that the reluctance of the FCA to publish assessments or of the Group of Thirty or the New York Fed to be prescriptive about questions of culture are attributable to this issue. But, as Alberto rightly said in our panel discussion, culture appears to be the deep fundament which drives behavior and that is why it cannot be ignored by supervisors and regulators even if it is some-

II. Why focus on Culture? | 39

thing they want to step back from prescribing, just as they are careful about how much they prescribe financial institutions’ business models. However, since one lesson of the financial crisis was that it was a mistake for prudential supervisors to defer entirely to the institutions on business models, post crisis supervision includes a much more questioning attitude towards business plans. The parallel with a much more questioning attitude towards culture and its relationship to conduct is worth exploring. The two have more than a little to do with each other. To return to John Reed’s op end piece cited at the beginning of this paper, he is criticizing both a business model, universal banking, which brought investment banking into traditional banking institutions and the culture which this business model brought with it. The point he makes is widely acknowledged: as the culture of the investment bank penetrated the commercial bank, a generally risk averse culture of long term relationships based on trust and of agency transactions with customers to whom a degree of duty was owed became overwhelmed by the addition of a risk taking culture of principal transactions with counterparties to whom the principle of caveat emptor applied. John Reed notes this change extended to the kinds of people who are attracted to work at such enterprises, but the fundamental point is that a cultural change did take place at universal banks in Europe and the United States. The Group of Thirty Report, in a passage John Reed may well have had in mind when he wrote his op-ed piece, stated eloquently that “customers for whom caveat emptor was inappropriate were increasingly treated as counterparties to whom the bank owed no loyalty or duty. Asymmetry of information between banks and their customers was exploited … As banking transitioned from acting primarily on behalf of clients as an agent, to acting as a principal …and banks became counterparties for the vast majority of financial transactions the scope to benefit from [information and knowledge] asymmetry grew.” (Group of Thirty 2015) I think this change was largely unplanned. It happened as a natural outcome of the tone at the top, for example management teams whose focus and thus whose implicit mission statement for the entire enterprise was understood to be encapsulated in a single formula, to achieve a ROE of a certain percentage. I would contrast this with the motto of a US investment bank from the 1980s, “first class people doing first class business in a first class way” which sought to promote a feeling of pride in belonging to an organization which did business in a certain (first class) way. It also promoted a feeling of self-worth in the employees as first class people, not just contributors to the bottom line. I cite the example in part because it involved an investment bank, not a commercial bank, to suggest that John Reed’s and John Kay’s characterizations may be a bit oversimplified.

40 | Patrick Kenadjian

But I agree that the transformation of staid commercial banks into risk taking universal banks brought with it what has been felt both within the sector and outside of it as a profound cultural change, which led to conduct towards people who thought they were customers which, while it was not necessarily illegal (though it sometimes was), did not comply with their expectations of how these institutions should behave. And this brings us back to something Alberto Musalem said in our panel discussion in answer to a question from the floor: culture is that circle within what is legal which prevents people from taking certain actions that are legal but which do not pass a cultural test. So that if we want to address what was at the core of the crisis and whose lingering presence continues to stand between the financial sector and public trust, this will have to be addressed.

9. A modest proposal In conclusion, I do not think that focus on behavior alone is likely to solve the problem of trust in the financial sector. A more comprehensive approach is called for which I think passes through a particular understanding of culture. To return to O’Reilly’s categories, I think culture as top down surveillance based control simply will not work in financial services. There are simply too many people doing too many things, many in well-isolated silos and much of what they do cannot be monitored for deviations from the norms in real time without vastly more resources devoted to surveillance, and even then the nature of the activities may make the monitoring ineffective, due to inevitable asymmetries of information between actors and supervisors. What I think has to happen is culture has to be used as a normative order developed through the kinds of mechanisms noted above, which lead people to behave themselves even when on one is looking. To translate that into a more practical form, I would return to Andrew W. Lo’s suggestions at the end of “The Gordon Gekko Effect: The Role of Culture in the Financial Industry”. I would address them to the boards and management of financial institutions. First, recognize that culture exists and that it matters. Second, explicitly define the ideal culture for your institution. Here I would add that it needs to conform both to your business strategy and to society’s expectations of how people in your position should behave. To the extent your business strategy calls for activities which go beyond what society understands or finds appropriate, that strategy may have to be altered to suit the expectations of the people on whose sufferance you are allowed the substantial privileges you enjoy, including deposit insurance and access to the lender of last resort, both of which allow you

II. Why focus on Culture? | 41

to operate with a degree of leverage unheard of in other sectors. Third, institutionalize mechanisms for shaping culture, including instilling clear values such as honesty, responsibility, admitting mistakes and refusing unjust authority (this will require supporting mechanisms, such as inviting and facilitating constructive debate and encouraging a degree of diversity, so long as it is compatible with preserving cultural identity) and creating metrics, feedback loops, and reinforcement learning consistent with that culture. With respect to these values, I would add an insight from Guiso, Sapienza and Zingales who make an essential distinction between values and goals. Values, they say, must be respected at all times, whereas a goal may be traded off against other goals. The key, as they see it, is to accept no compromise in the matter of values, to commit not to engage in economical calculation in this area. Finally, I would add one more practical suggestion, which is to do as much as you can to eliminate silos which have the effect of fracturing institutions and impeding the flow of culture within them. This is an issue which all institutions share, especially those with small, elite units within them, who believe they are innately superior to all others. General McChrystal makes this point forcefully with respect to the armed forces he commanded but the same is perhaps even more true of financial institutions where separate bonus pools can have the effect of reinforcing the insulating effects of silos made up of small teams with highly specialized skillsets. I would address these to boards and managements as recommendations. They are not in a form which lends itself to regulation. This does not mean regulators and supervisors do not have a role to play. The crisis, as I noted above, has taught prudential regulators and supervisors that they need to review business models for consistency with the overall health of the financial system, to avoid failures of composition pursuant to which actions which may be conducive to short term gain for individual institutions end up damaging the financial system as a whole. So we are seeing a deep dive by prudential authorities into business models as both justified and inevitable, with a clear focus on risk and risk management, including the culture of risk management. The question is whether their colleagues on the conduct side can avoid following them. For reasons noted above, I understand that conduct authorities are reluctant to be overly prescriptive for fear that compliance in the sense of ticking the box exercises will replace the exercise of sound managerial and board judgment and will lead institutions not to take ownership of what should be for them a crucial issue. Should that occur, the exercise is bound to fail. However, I also think that it would be unfortunate if the current regulatory and supervisory focus on culture and ethics were to peter out without bringing forth a set of general principles or at least of recommendations for best practice. Simply saying we want you to

42 | Patrick Kenadjian

have a healthy culture and be ethical without more guidance to the institutions involved would at the very least waste a great deal of effort and useful reflection. As Jean-Claude Trichet said in his opening remarks to the Conference, a focus on culture will not only benefit society at large, but also the institutions themselves, making them better places to work, so they will attract better people who are proud of what they do. One SEC Chairman put the motto “good people doing important work” on the agency’s notepads. As Richard Lambert wrote in his foreword to Morris & Vines “Capital Failure” there is a “need to develop a culture where individual employees can take a professional pride in their work and in the company that they work for, and are prepared and empowered to place that pride above other considerations.”

References Adamson, Clive (2013), The importance of culture in defining behaviour of firms and how the FCA will assess this, 14 April 2013, http://www.fca.org.uk/news/regulation. professionalism, accessed February 3, 2016 Angeloni, Ignazio (2014), Ethics in Finance: a banking supervisory experience, 26 September 2014, https://www.bankingsupervision.europa.eu/press/speeches/date/2014/html/ se140926.er, accessed February 3, 2016 Bank of England, Open Forum 2015, November 11, 2015, http://www.bankofengland.,co.uk/ pages/openforum/index.aspx, accessed February 8, 2016 FINRA (2016) 2016 Regulatory Examination Priorities Letter, January 5, 2016, http://www.finra. org/industry/2016-regulatory-and-examination-priorities-letter, accessed February 3, 2016 Galbraith, John Kenneth (reprint 2009), The Great Crash 1929, Marriner Books 2009 Group of Thirty (2015) Banking Conduct and Culture, A Call for Sustained and Comprehensive Reform, Group of Thirty, July 2015 Guiso, Luigi, Sapienza, Paolo, Zingales, Luigi (2013), The Value of Corporate Culture, published in the Journal of Financial Economics, Elsevier, vol. 117(1) 2015 Kay, John (2015) Other People’s Money: The Real Business of Finance, Public Affairs, September 2015 Lewis, Simon (2015) Banks have a duty to regain trust and it may take a generation, City A.M., December 15, 2015 Lo, Andrew (2015), the Gordon Gekko Effect: The Role of Culture in the Financial Industry, 7 June 2015, http:/ssrn,com/abstract=261562, accessed February 3, 2016 McChrystal, Stanley, with Collins, Tantum, Silverman, David and Fusell, Chris (2015), Team of Teams, New Rules of Engagement for a Complex World, Portfolio/Penguin, 2015 Morris, Nicholas and Vines, David (2014), Capital Failure, Rebuilding Trust in Financial Services, Oxford University Press 2014 O’Reilly, Charles (1989), Corporations, Culture, and Commitment: Motivational and Social Control with Organizations, California Management Review 31, 9–25, 1989

II. Why focus on Culture? | 43

Reed, John (2015), We were wrong about universal banking, November 11, 2015, FT, http:// www.ft.com/intl/cms/s/0/255tatee-8872-11e5-90de-f44762bf9896.html, accessed November 14, 2015 Schwartz, Howard and Davis, Stanley, Matching Corporate Culture and Business Strategy, Organizational Dynamics, 1981. Zimbardo, Philip (1972), Standard Prison Experiment: a simulation study on the psychology of imprisonment, www.prisonexp.org, accessed February 3, 2016

44 | Patrick Kenadjian

neue rechte Seite

III. Enforcement and Supervision | 45

| III. Enforcement and Supervision III. Enforcement and Supervision

46 | Patrick Kenadjian

III. Enforcement and Supervision | 47

John Griffith-Jones, Chairman of the Financial Conduct Authority (FCA) UK

Lessons from the Crisis John Griffith-Jones

Thank you Patrick and my thanks to the Institute for inviting me to speak today. It’s a great pleasure to join everyone in Frankfurt and a privilege to share the stage with Daniele. Given the UK has a chequered record in terms of its financial conduct over the past decade, I would like to reiterate the importance of culture and ethics in financial services. So what follows is, I hope, a useful picture for you of the lessons we have learnt, sometimes painfully, in the UK. I have in mind two lessons in particular that seem to me to have been reinforced since the financial crisis.

The last two and a half years The first is the basic importance of stopping bad things from happening, or clearing them up quickly when they do. This has been the dominant priority among global regulators for much of the last eight years. We put a particular emphasis on firms understanding where the risk to customers is present, taking steps to proactively identify and address issues when things go wrong, and demonstrating that they learn from such events. So from the prudential angle, or the ‘systemic risk’ angle if you prefer, colleagues have set about tackling the ‘too big to fail’ conundrum with stricter capital requirements, measures around ring fencing and resolution regimes. On the conduct side of the house, the FCA, alongside BaFin and others in our financial world, have been engaged in major enforcement interventions across areas like FX, LIBOR, Euribor and so on and so forth. I make no excuse for that. Enforcement is an important feature of regulation and without an appropriate degree of protection for consumers, without an appropriate mechanism to enforce against those who transgress, and without an appropriate degree of supervision, there would be little or no trust and confidence in the future. Improving standards is important for restoring trust in financial services, increasing individual accountability, alongside the Senior Managers Regime, forms a key part of this. We envisage a shift to a culture where senior managers at firms are genuinely accountable for the conduct of their business. Where

48 | John Griffith-Jones

there are failings, it should be firms themselves who hold them to account in the first place. The regimes will make it easier for firms and regulators to be clear about who is responsible for what. Personal accountability of senior management is closely linked to the systemic question of culture and ethics. It is about creating a culture where everyone has ownership and responsibility for doing the right thing, because it is the right thing to do and not just because it is legal. This also means firms need to ensure that business processes and people support and reinforce the culture they want to promote. All of which places a perennial responsibility on regulators to seek out the most effective means of monitoring activity. And by way of improving its own effectiveness here, the FCA has undergone something of a transformation this year in how it supervises firms. In practical terms, this means we are now complementing our individual engagement with businesses with much increased market-wide analysis. All other things being equal, this should lead to more targeted use of our resources, reduce the amount of time firms need to spend an dealing with routine monitoring visits, and enable us more effectively to pool and share best practice and lessons learned across the sector. The theory being that this is a tide that should lift all boats.

Promoting competition The second lesson I have in mind, is around the importance of encouraging our financial markets to work well, which is significantly more challenging than preventing them from working badly, which can be achieved by preventing them from working at all. Regulators cannot ‘do’ good conduct on behalf of firms, try as our predecessors have sometimes tried to do. Culture drives individual behaviours which in turn affect day-to-day practices in the business. This means it can be both a key driver, and potential mitigant, of conduct risk. Successful enterprises in many industries and geographies have shown that there are different recipes for success. It is for each firm to take responsibility for its own culture. The choice, as this year’s Group of Thirty Report an banking conduct and culture suggest, is to keep it or to change it. Nor do I, as a regulator, wish to promote any one management theory at the expense of another, provided that the outcome is a drive for good conduct.

III. Enforcement and Supervision | 49

In the medium term, however I do see one of our new regulatory responsibilities having a great impact on the rebuilding of trust. That is our competition objective. To quote from this University’s illustrious namesake1, ‘correction does much, but encouragement does more.’ And I would suggest nothing encourages firms to ensure good outcomes for their customers quite like healthy and effective competition. That this is a trickier fact to pull-off than it is to point-out, is not, of course, a matter of any real disagreement. There are many important (and well-documented) reasons why competition is difficult to achieve in financial services. Among them the influence of customer inertia, lack of choice, fear of a worse experience elsewhere, asymmetry of knowledge and being locked in by debt. By way of addressing these issues, the FCA is one of a very small number of regulators in the world with a top-line objective to promote competition, and we are purposefully embedding it into the DNA of our organisation through the use, among other things, of complex behavioural analysis, as well as cutting edge econometric work. Indeed, the usefulness of competition alongside supervision and enforcement in ‘ensuring our markets work well’ is already established. To date, we have undertaken four competition market studies – the latest being released on asset management. We have also made significant changes to our authorisations processes to reduce barriers to entry in banking. In total, some 13 new banks have been authorised in the UK since our new regulatory system came into Operation in April 2013. On top of this, we also established an innovation hub at the FCA last year, which is specifically geared towards working with innovators in financial services. This has already supported five firms through regulatory authorisation, with the promise of more to follow soon.

Conclusion Finally, a word on the other great push factor I see as crucial to sharpening our industry’s focus an questions of conduct and culture. This is senior accountability – again a priority singled out for special mention by the Group of Thirty.

_____

1 Quote by Goethe, Johann Wolfgang von, in: Bell, Edward (ed.), Early and miscellaneous letters of J.W. Goethe, including letters to his mother. With notes and a short biography, p. 27, London 1884.

50 | John Griffith-Jones

In the UK, our answer has been the creation of the Senior Managers & Certification Regime, which will make it simpler for us to identify and hold to account those who hold responsibility for major failings. This came into play in March 2016 and is a key political and regulatory priority. Indeed, we see culture change as the key aim of our work on accountability, bringing together the SM&CR, remuneration and whistleblowing. Culture emerges from the behaviour of individuals and it is fundamental to the vision of PCBS that it is individuals who make decisions, therefore individuals drive the culture and conduct of a firm. It cannot be fair for rewards to be heavily individualised, as they were precrisis, but for responsibility to be mutualised to the point it becomes of vanishingly small importance. The changes should, over time, result in improved culture and governance within the industry and promote external confidence that firms have the right people in the right roles, in the interests of consumers and markets. So, this has been a very quick canter through what I see as key lessons learnt in today’s debate an getting culture and ethics right. Just one more intervention from myself, but an important one, I have been reading John Kay’s excellent new book “Other peoples’ money”. He makes the argument that financial services, though undeniably vital to the modern economy are there to provide a useful service, not merely to reward the participants. The clue is in the subtitle, “Masters of the Universe or servants of the people?” I think it is a question the industry, and all of us here today, would do well to consider.

neue Seite

III. Enforcement and Supervision | 51

Danièle Nouy, Chair of the Supervisory Board of the ECB

The View from the SSM Danièle Nouy

Ladies and gentlemen, First of all I would like to thank the Institute for Law and Finance for their kind invitation and for organising this symposium. I very much welcome this opportunity to elaborate on what I think are, currently, some of the most important questions in banking and finance, namely: • What ideas come to mind when we talk about “getting the culture and ethics right”? • Who is responsible and what role do supervisors play? I will start with an update on where we currently stand, before briefly introducing the tools at the disposal of the Single Supervisory Mechanism (SSM) to assess and address risk culture issues. I will then share with you our expectations as to what good practice entails. Finally, I will conclude with some thoughts about the way forward. As we all know, in recent years, misconduct has had a profound effect on credit institutions across Europe and elsewhere, giving rise to numerous concerns. Litigation costs can have a significant impact on an institution’s capital base; they can reduce a bank’s profitability, shareholder returns and confidence among fixed income investors; they also affect an institution’s reputation – sometimes irreversibly so; and finally, they can erode trust in the banking and financial system overall. We are out of the 2007–08 crisis, but far from where we need to be in terms of risk culture. This means that we continue to place a great degree of importance on the role of ethics and culture in risk management practices. New evidence of credit institutions’ misconduct is arising every day1. Over recent years, we have seen how the non-binding nature of a substantial part of the corporate governance framework, based essentially on codes of conduct, has not led institutions to effectively implement sound corporate governance practices. Culture and ethics are at the heart of banks’ decisions in terms of risk-taking and safe and sound management practices. This means that understanding culture – what one does “when nobody is watching”2 – and ethics – the line be-

_____

1 See 2014: the year of banks behaving badly, The Banker, December 2014. 2 See BANKING CONDUCT and CULTURE: A Call for Sustained and Comprehensive Reform, Group of Thirty, Washington D.C., July 2015, p. 17.

52 | Danièle Nouy

tween acceptable and unacceptable decisions – can help us to recognise, and even predict, some behaviours. Focusing on this, as the title of the symposium suggests, marks the beginning of a new era of responsibility in banking and finance. It is broadly recognised that the systemic implications3 of misconduct are relevant for the banking and finance sector as a whole. Misconduct has a direct impact in terms of losses. We can speak of the systemic nature of these risks taking into account not only the size of litigation costs and fines4, but also possible externalities. According to the European Systemic Risk Board (ESRB), these could even lead to market impairment.5 Nobody questions the contagion effects in terms of trust and the fact that banks might have lost part of their “social licence”6 or the necessary trust to perform their function. In this regard, I consider the recent trend of including governance considerations when describing the functions of “financial institutions”7 to be very telling. Looking back to the first tremors of the crisis eight years ago, we have definitely made progress in terms of strengthening the resilience of markets and institutions. Regarding markets, different initiatives, such as the United Kingdom’s Fair and Effective Markets Review, have been set up to address risks which might be inherent in some structures, such as obstacles to competition. In the European context, the establishment of the banking union and, in particular, the SSM, aims to rebuild trust in the banking system and promote higher standards in terms of risk culture. You will recall that, under the Capital Requirements Directive (CRD IV), institutions are required to have robust governance arrangements; in other words, Member States should introduce principles and standards to ensure effective oversight by the management body, promote a sound risk culture at all levels of credit institutions and enable competent authorities to monitor the adequacy of internal governance arrangements.

_____ 3 See Guidance on Supervisory Interaction with Financial Institutions on Risk Culture, Financial Stability Board, 7 April 2014, p. 3. 4 The cost of litigation for EU banks amounted to €50 billion, representing 0.3% of the EU economy in 2014. The data are taken from the Report on misconduct risk in the banking sector, ESRB, June 2015, p. 12. 5 Ibid. pp. 6–7. 6 See Building real markets for the good of the people, Bank of England, 10 June 2015. 7 See Levine, R., (2005), “Finance and growth: theory and evidence”, Handbook of Economic Growth, Vol. 1A, Chapter 12, pp. 865–934.

III. Enforcement and Supervision | 53

Putting this into action is a key mission for supervisors. In 2009, when I was chairing the Basel Committee’s Working Group on Corporate Governance, I witnessed the influence governance issues had previously had in terms of defining and shaping international best practices. These issues continue to be at the forefront of the supervisory agenda, as we promote good practices in our dialogue with the credit institutions. Let me now turn to the SSM, more specifically. Although the SSM is not directly responsible for consumer protection, our role does encompass some elements of conduct risk, core corporate values and risk culture. To fulfil this aspect of our role, we make use of our three main tools: • first, our authorisation function, i.e. the process we run at the appointment stage; • then, the assessment as part of the annual Supervisory Review and Evaluation Process (SREP), and, related to this, the ongoing thematic review of internal governance and risk management; • and finally, if necessary, our enforcement and sanctions function. Culture and ethics issues are people-specific. When significant banks make appointments to their management bodies, the ECB, together with the national competent authorities, assesses whether the candidates are of good repute, possess sufficient knowledge, skills and experience, have the ability to perform their duties without undue influence from others and the ability to commit sufficient time to performing their functions. Past behaviour is also taken into account, since experience has shown that past performance is a reliable indicator of future results. After this initial assessment, the approved candidate’s behaviour is assessed as part of ongoing supervision. To this end, we incorporate information from different reporting tools. I will only mention two: • Institutions are obliged to report “any new facts or any other issue which could impact the suitability of a manager” without undue delay. • All citizens are encouraged to report any suspected breach of relevant Union law directly to the ECB through the breach reporting mechanism. Corporate governance, values and culture are at the heart of the SREP, which makes use of specialised on-site missions, among other things. This means, in particular, that risk culture is assessed from various interlinked perspectives: • Starting at the top, board members must set the tone by defining an adequate Risk Appetite Framework, the so-called “RAF”, and governance ar-

54 | Danièle Nouy

• •

•

•

•

•

•

rangements, and they must promote an appropriate risk culture throughout their organisation. They must also promote individual accountability and transparency and align remuneration schemes to reflect these issues. In this context, we also assess the functioning and contribution of ethics committees in promoting core corporate values, ethics and behaviours. Regarding transparency and best practices, what we expect to see is internal, traceable records not only referring to the decisions taken, but also giving a flavour of the dynamics of the debate that led to each decision. Turning to accountability, we assess whether the institutions have fostered efficient communication at different levels, and whether they have adopted appropriate internal “alert procedures” so that staff can, in full confidence, draw attention to significant and legitimate concerns, including also matters related to internal governance. There is much literature on the importance of having appropriate whistleblowing systems.8 In addition to the tone from the top, the actions from the middle are equally important. As some episodes from the past have shown, a number of senior managers have become increasingly remote and not accountable for maintaining standards in day-to-day operations. Regarding the role of internal controls, we also expect an active and effective internal audit and compliance function to identify and prevent misconduct within the organisation and protect sound risk culture. We would certainly like to see the three lines of defence and internal control functions become part of the culture and corporate values. We are convinced that however good the RAF is, it will not be as effective as it could be unless there is also an appropriate risk culture. This means it must be cascaded down to the business lines and genuinely embraced and lived on a day-to-day basis. In terms of operational risk, we understand that it includes, but is not limited to, compliance, conduct, legal and reputational risk. We therefore assess whether the nature of the activities may increase the risk of future reputational damage and to what extent.

I would now like to draw your attention to some of our recent initiatives. We are currently carrying out a thematic review on risk governance and appetite across the SSM. This review covers many aspects, such as the risk culture, composition and organisation of management bodies, decision-making, and

_____

8 In accordance with Article 71(3) of the CRD IV, institutions must also have in place appropriate procedures for their employees to report breaches internally (i.e. “whistleblowing”) through a specific, independent and autonomous channel.

III. Enforcement and Supervision | 55

how the RAF is implemented and possibly linked to the institution’s strategy and compensation system. This in-depth analysis, which is linked to the wider SREP framework, enables us to assess, among other things, the functioning of the boards and their capacity to include financial and non-financial risks in the RAF. It also enables us to develop an intensive dialogue with the banks under our supervision to understand their risk perspectives. Furthermore, we are strengthening the way in which we assess remuneration policies and implementing the European Banking Authority’s rules on “identified risk-takers” and the impact of variable remuneration and discretionary dividend distribution on the sound capital base. We see incentives – both financial and non-financial – as having a critical role, since their misalignment with business and risk culture objectives is at the heart of misconduct. With regard to material risk-takers, we are considering making use of less conventional tools and techniques to improve our understanding of the behavioural and personality aspects of the risk-taking activities and of the dynamics of specific boards. Regarding misconduct in general, we understand the importance of having accurate information about open cases which could pose a credible threat to the profitability and viability of banks supervised under the SSM. For this reason, the ECB has recently sent out a questionnaire to the largest banks it supervises with a view to obtaining more information about large conduct risk cases. Regarding the role of the enforcement and sanctions function, on the basis of pre-emptive, not reactive, supervision, we prefer to take into account risk culture and ethics as part of the ongoing supervisory cycle and not as one-off issues. The fact that the ECB’s supervisory toolkit is complemented by dissuasive pecuniary sanctions which, as a general rule, will be published on the ECB’s website, conveys a clear message to the banks regarding our expectations in terms of compliance with regulatory standards. Financial sanctions imposed on firms to address unethical behaviour are therefore unlikely to be seen as merely part of the cost of doing business, because they also have a significant reputational impact. Finally, in banking supervision, we move far beyond a passive assessment of compliance with the rules. As Federal Reserve Board member Daniel K. Tarullo said in October 2014, “what we want to see is good compliance, not mere compliance”9.

_____ 9 Speech given by Daniel K. Tarullo, Board of Governors of the Federal Reserve System, at the Federal Reserve Bank of New York Conference, “Reforming Culture and Behavior in the Financial Services Industry”, New York, 20 October 2014.

56 | Danièle Nouy

Let me now try to draw some conclusions. Taking this forward is not an easy task. This “soft” topic is definitely a “hard-to-get-to” one. Following IMF Managing Director, Christine Lagarde10, all good principles and intentions on ethics and culture will only be effective if there is buy-in at the top. Another key element of a healthy risk culture is for staff at all levels to be familiar with, and understand, their bank’s core values and its approach to risk. Furthermore, the bank must ensure that staff are capable of performing their roles and are fully aware of their individual accountability with regard to the bank’s risk profile. Culture and ethics are no longer an afterthought. We have indeed seen some encouraging signs of changes in terms of culture and ethics, but we are still a long way from the end of this journey. As the G30 document shows, some firms are further along this path, whereas others have barely set off, or are trying to change but are so far failing. We remain committed to enhancing the dialogue and taking an active role in supporting the development of guidelines, best practices and more standardised codes of conduct and ethics. We will maintain an open and frank relationship with the boards of the banks under our supervision, helping them to live up to the highest international standards. In particular, a board should be in a position to assess its role through regular self-assessments, evaluating on the basis of traceable facts the extent to which “the tone is walked”. There is no “one-size-fits-all” approach and firms should define what culture and ethics mean in the context of their own business. As the IMF clearly states in its October 2014 Financial Stability Report11, financial and non-financial incentives should support and be consistent with the firm’s core values. Achieving this alignment is about firms understanding the positive impact of good culture and ethics on their risk profile and the sustainability of their business model. Finally, one should bear in mind that accepting responsibility for high standards is not the same as mere compliance in the sense of boxticking. Having said that, SREP assessments will continue to take into account the impact of potential misconduct, which, in turn, may lead to enforceable measures. We also consider that misconduct costs, if relevant, should be included in future stress tests.

_____ 10 Speech given by Christine Lagarde, Managing Director at the IMF, “The Role of Personal Accountability in Reforming Culture and Behaviour in the Financial Services Industry”, NY Fed, 5 November 2015. 11 See IMF Global Financial Stability Report: Risk, liquidity and shadow banking, page 115, IMF, Oct 2014.

III. Enforcement and Supervision | 57

All in all, much progress has already been made. But we still have a long way to go and there are many issues on which we can exchange views – as I am sure we will in our subsequent discussion. Thank you very much for your attention.

neue Seite

58 | Simon Gleeson

Simon Gleeson, Partner/Clifford Chance

Culture, Supervision and Enforcement in Bank Regulation Simon Gleeson

The primary interest of this subject it that at first glance these issues appear to have nothing to do with each other. However, this is because people – and especially lawyers – tend to look at the world with Austinian eyes, in that they divide norms using a binary distinction of “laws” and “not-laws”. In this oversimplified world, supervision is the inspection of compliance with “laws”, and enforcement is triggered only by breach of “law”. Since “culture” is by definition a “non-law”, supervision and enforcement can have nothing to do with it. This world-view is to some extent embedded within organisations. A good working definition of culture within an organisation would be “the behavioural constraint which exists beyond formal rules”. If a bank employee does something which contravenes a directly applicable formal rule, he will probably be noticed by the supervisor (since supervision can be defined as the job of noticing such things), and if this happens he will almost certainly find himself the subject of enforcement action by the regulator. Conversely, a breach of the “culture” of an institution by definition cannot be made the subject of formal enforcement action in the absence of formal rules. There are two aspects of this distinction which are more complex than they first appear. One involves an element of time-inconsistency. One way of looking at culture is that it is the art of arranging a firm so that it does not do today that which will be prohibited and prosecuted tomorrow. A firm cannot know what exactly will be prosecuted tomorrow. However it can know the sorts of things which are done today, but which would, if the regulator knew that they were being done today, attract immediate censure (The “immediate” in this test is important – mores change over time, as do accepted practices. However the fact that changing mores cannot be easily anticipated is not the same as saying that attitudes to currently unprohibited activities cannot be anticipated).

Rules and culture The starting point here is that the casual assumption that there is a clear distinction between “rules” and “culture” is highly misleading. In many respects this is a reflection of the discussion which bedevils so much of jurisprudence, in that it is a form of the discussion “what is law”, or, more accurately, “when do informal norms become formal rules?”. This is of interest to lawyers, but can be

III. Enforcement and Supervision | 59

irrelevant in practice. If a particular employee of a particular institution is firmly of the view that if he does X he will be sacked, it matters not a jot whether X is prohibited by formal law or informal consensus within the bank. The issue here is akin to the debate as to whether the rules of the football league are “law” within the formal definition of a legal system. This is of interest to jurists, but irrelevant to footballers. If what you seek to change is the behaviour of groups of people, formal “law” is simply one tool (and not usually a particularly effective tool) to achieve that aim. The one area where this debate is, however, of considerable importance is when viewed from the perspective of the enforcer himself. From the perspective of banks and other financial market participants it has never been more true that law is not what the rulebook says, but what the policeman does. However, when this is approached by the policeman himself, the answer to the question as to what he should do is a difficult one to answer. Financial regulatory authorities, like other public authorities, think of themselves a bound by Hartian secondary rules – they should only enforce those norms which have been through a process of endorsement by the legislator which results in their being regarded as “law”. This position has the merit of being in accordance with law, jurisprudence, and the traditions of individual freedom and constrained authority which form the basis of English Law. However, the consequence for those authorities of the adoption of this position has been sustained criticism over an extended period of time for having a “box-ticking” approach to their regulatory briefs; enforcing minor rules related to technical performance of functions without considering the “bigger picture” of the overall conduct of the industry as a whole. Few authorities accept that this criticism is entirely justified, but even fewer assert that it is entirely unjustified. Thus, in the same way that banks find themselves under pressure to enhance the non-legal norms within their organisations, regulators find themselves under pressure to find ways of enforcing those non-legal norms. At this point we set foot into jurisprudence. An enormous amount of academic effort has gone into answering the question “what is law?”, and the most familiar manifestation if this is to be found in the question of whether there is any real difference between “law” and regulation”. Classical (Austinian) jurisprudence operates on the basis that law is simply that which the system designates as such – thus a law is a law if it is enacted by a lawmaking body, and if it is not it is not. This yields a formal distinction between law and regulation which is accurate but useless – law is that which is made by legislatures, regulation is that which is made by regulators. However the real issue in the law versus regulation debate is as to whether regulation is somehow different in kind from law – is somehow “less” than law. In some respects this is clearly true –

60 | Simon Gleeson

law applies to people generally; regulation generally applies to a subset of any population, and whereas law is intended to produce equity between parties, regulation is intended to place the regulated person at the service of (i.e. in an inferior position to) others. Finally, the sanctions which may be imposed in respect of a breach of a regulation are likely to be prosecuted by a different authority in front of a different tribunal with a different (and lesser) range of penalties from those which would be imposed in respect of a breach of the ordinary law of the land. If regulation is “less” than law, then it seems a fortiori that culture is less even than regulation. We shall examine this conclusion. Consider a hypothetical bank. As a hypothetical employee of that hypothetical bank, how shall we order our conduct? The first point is that the majority of our concerns are in fact driven by the law of the land. The regulatory system supplies glosses to the basic dictates of law – don’t lie, don’t cheat, don’t steal – but we obey these laws not because we are employees of a regulated institution, but because we are citizens of the state. Over and above the law of the land is the regulatory system. The essence of bank regulation is the idea of the protected, regulated monopoly. In the same way that the state seeks to prevent people from holding themselves out as doctors or lawyers unless they are properly qualified, it does the same with Banks. This sort of arrangement has a classic quid-pro-quo character to it – participants are collectively given a monopoly backed by state power, and in exchange they agree to be subject to rules over and above those set out in the ordinary law. Thus – at its simplest – a banker who sells a financial product to a retail customer is required to do a number of things – determine that the product is suitable for the buyer, give full disclosure, provide follow-up information – which would not be required from a salesman selling a second-hand car. These standards are set out in the regulatory system, which can be viewed as applying a set of standards which are not applicable to the world as a whole, and compliance with which is the price of being permitted to participate in the protected monopoly. This would seem to support the idea that regulation is somehow “less” than the law. However the issue with which we are currently concerned is not the classification of obligations, but the effect on behaviour of the existence of those obligations. The reason that this is significant is that inherent in the argument that regulation is “less” than law is the idea that it therefore has a lesser impact on conduct – that people will be more careful to obey legal than regulatory sanctions. If this were true, it would necessarily also follow that culture would be “less” again, since it stands even lower in the hierarchy of norms than regulation. Using this formal approach, we could conclude that culture is therefore irrelevant to a rules-based approach to behavioural modification.

III. Enforcement and Supervision | 61

Consider a football cup-final match. The players are playing according to the rules of the Football Association. Everyone in the ground is, at the same time, subject to the laws of the land. Let us say that the rules of the football association prohibit a particular type of tackle, which at common law would not constitute the offence of assault. If a policeman present at the match sees a tackle of this kind on the field, he will not run onto the pitch and arrest the player concerned – however, the referee will award a penalty which may well lose the match for the team to which the tackling player belongs. One of the things that we can be reasonably certain of is that, from the point of view of the player at the time of the tackle, the rules of the Football Association will occupy a much larger slice of his attention than the criminal law. Playing football is what he is there to do, it is the sole aim of his career (and possibly of his life to date), and his success or otherwise in that aim will determine his future. In his mind, although the rules of the FA may be “less” than the law of the land, they are in practice the primary (and possibly the sole) determinant of his behaviour. If we flex our example slightly, and imagine that instead of a tackle which contravenes the rules of the FA but complies with the law of the land, the footballer performs a tackle which contravenes both the rules of the FA and the laws of the land. In the mind of the footballer, the only material consideration is likely to be the fact that he has contravened the rules of the FA and possibly given away a penalty. What follows from this is that it is not possible to determine the impact of rules on behaviour by examining the formal nature of the rules themselves. What matters in any given circumstance is the classical calculation which applies to all prohibitions, both legal and non-legal (we can call these “norms”). This is the deterrence algorithm, usually expressed as a% × b% x c, where a% is the likelihood of the breach of the norm being noticed, b% the likelihood of that breach being sanctioned, c is the potential severity of the resulting sanction. The product of these three is the extent to which a person is likely to be deterred from a breach of the particular norm. The nature of the norm which is being breached is simply not relevant to the analysis. It may be argued that this is an oversimplification, in that it matters who does the noticing – if an external person notes that an individual has contravened an internal norm, no consequences will follow from that. However, this is not in fact correct. Culture not only gives rise to internal expectations (that is, expectations of co-workers and management) but also external expectations (that is, expectations of clients, customers and the general public). Consider, for example, a large oil exploration company. There will be a long list of regulators with formal statutory powers over it. There will also be a long list of nonstatutory entities with a significant interest in what it is doing – consider Green-

62 | Simon Gleeson

peace as an example of the latter. Greenpeace is in no way a formal regulator – its determinations have no legal force, and breach of its determinations formally leads to no legal consequences. However, it is clearly true as a matter of fact that organisations of this kind can, if not placated, have a very significant commercial impact on the activities of the firms with which they are concerned, and exactly the same calculation – likelihood of objection, likelihood of a campaign of action and the economic consequences of that campaign – must be approached in broadly the same way that the expectations of a formally constituted regulator would be. The point of all this is that an employee of a bank generally will not regard himself as subject to a number of different levels of rules arranged in a formal hierarchy, but to a series of norms whose origin is likely to be largely irrelevant to the extent to which he regards them as binding. This collection of norms is made up of the law of the land, the provisions of the relevant regulator, and the informal codes and accepted behaviours which prevail in the institution in which he works. These last are clearly not formal legislative codes. However, in the same way that the football player in the cup final is likely to be significantly more interested in the rules of the FA than the Criminal Justice Acts, in practice the bank employee is likely to be significantly more interested in what is expected of him by the informal code of the institution in which he operates than in either law or regulation as it technically applies to him. When considering such codes, however, we have to reconsider the operation of the deterrence algorithm. The first two elements are probably the same as for any other estimation, but it is the third – the extent of the potential enforcement action – which is interesting in this context. There are a number of ways in which institutions respond to breaches of the internal code of behaviour, but none of these are likely to involve formal sanction (modern employment law pretty much ensures that dismissal for breach of an informal internal code of expectations is impossible without the payment of very substantial compensation). However, it is equally clear that this is not a useful paradigm – in real life, employees do not spend any very significant amount of their working time debating the risk of dismissal. The aim of employees is generally recognition and reward within the institutional structure of their firm of choice. In this context “sanction” is most likely to mean promotion withheld, a bonus less than that of contemporaries, or even simple fall in esteem within the organisation. These “sanctions” sound almost trivial compared with those which are available to regulators or civil authorities. However, in many respects they are the equivalent of conceding the penalty in the cup-final in terms of their ability to motivate and ensure compliance.

III. Enforcement and Supervision | 63

Culture and Principles It is impossible in a discussion of this kind not to consider the usefulness or otherwise of “principles based regulation”. This may at first glance seem surprising. Principles based regulation itself has fallen into bad odour in the postcrisis environment, with many regulators pointing to the UK FCA’s “product recall” of its former focus on principles as evidence that principles based regulation was simply a polite name for light touch – which in turn was merely a polite name for inadequate – regulation. This is, however, oversimplistic. It is true that the FCA was unusual amongst its international comparators in articulating a set of principles as the basis of its regulatory approach. However, as Julia Black has pointed out1, it is important not to confuse a formal adherence to published principles with the activity of principles-based regulation. On examination, most regulatory systems will be found, to one degree or another, to be based on a principles rather than a purely literalistic approach to rules enforcement. As Black says, the question of whether a regime is a principles based regime is entirely independent of the presence of formal principles in the written rulebook. If the question is rephrased as one as to whether the regulator can be said to operate on the basis of identifiable principles which underlie its formal rules, then most if not all regulators would claim to be principles-based using this definition. What, then, do we mean by principles based regulation, and how do we identify it? It is important to emphasise at this point that principles based regulation does not mean a regulatory requirement to have principles. Principles based regulation has been described as an outcomes-based approach, where the regulator specifies the outcome to be achieved and leaves it to the firm concerned to achieve that required outcome This raises the question as to why, if regulators regard these principles as being rules, they do not all formally incorporate them into their rule books. The answer to this is that even for those regulators who do incorporate principles in their rule books, those principles are not really “rules”. The problem, of course, is that rules at this level of generality do not pass the Hart/Raz test of being law at all, for the same reason that “be good” would not constitute an effective criminal statute. Thus, for example the FCA principle that firms should “treat customers fairly” is not, as it stands, a rule. The FCA has given a great deal of guidance as to what this principle means in certain specific situations, and firms have been fined for breaches of that guidance. However, although the

_____

1 The Rise and Fall of Principles Based Regulation, LSE law, society and economy working paper 17/2010.

64 | Simon Gleeson

formal justification of the sanction is breach of the principle, in practice it is the guidance, not the principle, which constitutes the rule. This example illustrates the difficulty of complying with principles. It is easy for commentators to say that it should be clear to firms whether their activities amount to treating customers fairly or not. The problem, however, is that there is no single common standard for what is “fair”, and treatment which may be accepted by one customer as fair may be regarded by another as grossly exploitative. It is generally for this reason that when firms are exposed to regulatory sanctions, the justification for the sanction is by reference to breaches of identifiable specific rules rather than of principles alone. The conclusion from this seems to be that principles perform much the same functions for regulators that culture forms for firms – a statement of a specific set of aspirations which exist alongside, but in some senses above, the specific rules which explicitly govern day to day interactions. It might, indeed, be not unfair to describe principles as a statement of the regulators’ culture, in the sense of an articulation of the outcomes which the rules should seek to achieve. However, it is quite clear that regulators themselves would not accept this – or rather, would not agree that this was the only purpose of the principles. Principles, they would say, should be goals for the regulated as well as the regulator, and if the regulated are not seeking to deliver outcomes which satisfy the principles of the regulator then they are delinquent in their duty. We can consider the obligation to deliver outcomes compatible with the underlying principles as a separate regulatory obligation which is distinct from the obligation to comply with the specific rules set out in the rule books. Considered on this basis, then the issue becomes one of how firms are to achieve this aim. One way of looking at the problem would be to say that the firm has one tool – compliance – to ensure that detailed rules are adhered to, and another – culture – to ensure that principles are taken into account in the way in which the business is conducted. A critic might say that a structure of this kind has ceased to constitute principles-based regulation, and become two separate forms of regulation – principles based and rule-based – which are applied interchangeable to the regulated firm according to which gets the best regulatory outcome. This is almost certainly correct.

Conduct and outcomes One of the worst problems with discussions of conduct is generally a lack of specificity – that is, the idea that conduct – and indeed people – can be simply and easily divided into “good” and “bad”. The most extreme manifestation of

III. Enforcement and Supervision | 65

this can be seen in those accounts of the 2007-8 financial crash which argue, in effect, that those who structured sub-prime mortgage securitisations must have been dishonest because, five years later, people who worked in an entirely different part of a different bank were prosecuted for manipulating LIBOR. It is clearly true that a successful regulatory action against any institution on the basis of dishonest conduct within that institution will have a detrimental impact on the perception of the institution as a whole, and by implication of all those who work for it. However, outside the media, perception is not reality, and the fact that something has gone badly wrong within a part of an organisation tells us nothing useful about the way in which other parts of the same institution are managed. It is clearly true that institutions have cultures, but this is probably not what is meant here. It is helpful in this regard to examine what “bad” culture looks like. In the FCA/PRA report on the failure of HBOS, probably the most spectacular of the UK bank failures during the crisis, a great deal of the blame of the failure is laid at the door of the culture within the institution. The (devastating) finding was that “The ineffectiveness of HBOS’s risk management framework was a consequence of a culture within the firm that prioritised growth aspirations over the consideration of risk. HBOS’s weak risk culture was evident at all levels of the firm, with the Board-approved emphasis on growth setting the tone for the rest of the organisation.” This is important for a number of reasons. One is that it rings true – the underestimation of risk in pursuit of gain is a universal element of the human condition, and although it is true that management structures within firms should be constructed primarily to rein in this tendency, it is not at all surprising that they are not invariably successful in this regard. The second point, however, is that when we describe this culture as being defective, we are not thereby passing a value-judgement of any form as to the extent to which what was done was “evil” or “wrong”. The individuals concerned might be accused of putting their own interests before those of others – for example, in order to gain short-term bonuses whilst leaving the payers of those bonuses (the shareholders) exposed to long term risks. However, what is notable about the report is the extent to which this does not appear to have been the case. The foundation of HBOS’s underrecognition of risk appears to have been an entirely understandable ambition on the part of its senior managers to grow their business, win market share and demonstrate to others the superiority of themselves and their organisation. The idea that there is no reason to worry because, when the day of reckoning comes, “I will be gone, you will be gone” is entirely absent from these findings. What this demonstrates is, inter alia, the almost complete separation between “morally culpable” and “harmful”

66 | Simon Gleeson

in this context. A culture can be so harmful as to be toxic, both to the entity and to the wider economy, without any individual within it doing anything, or holding any view, which should attract moral obloquy. When we consider the HBOS example and ask the question “what should have been done”?, it is quite clear that the response should have been to create an atmosphere within which there was greater concern with risk, and less with apparent commercial success. It is also entirely clear that this is something which, in order to be effective, should permeate the organisation from the top down. However, when we consider what role regulation might have played in the development of such a culture, we do not come to any particularly useful conclusion. As regards corporate governance, there is nothing easier than prescribing procedures, and regulators have created mountains of paper doing this. However, as is made clear in the HBOS report, the corporate governance procedures within HBOS were, on paper, excellent – indeed the “three lines of defence” model operated by HBOS was, on paper at least, a sophisticated and effective process. The problems lay less in the processes, and more in the approaches maintained by those participating in those processes. It is fair to say, in conclusion, that supervisors now acknowledge that merely looking at formal processes is not, of itself, a particularly effective way of monitoring management, and seek to watch the process in action rather than merely examining the processes in isolation.

Enforcement policy The primary question to be addressed here is whether enforcement per se has any role at all to play as a policy instrument in driving cultural change. In principle, the answer would seem to be that it does not. Enforcement policy, by definition, is focused on actual breaches of the existing rules. To the extent that the objective of the those focussed on culture are to drive improvements which go beyond the existing rules, the two might appear to be at complete crosspurposes. Enforcement decisions are the basis of any regulator’s interaction with the regulated community. Brutally, a regulator needs to be believed to be capable of effective, targeted action having a significant impact on the recipient before it will be effective in imposing its requirements on the regulated community. It is not true that enforcement is regulation, but it is true that without enforcement regulation is not regulation. This takes us to the question of how the decision to commence enforcement action is taken. It is not the case that any regulator will automatically

III. Enforcement and Supervision | 67

commence enforcement proceedings wherever there has been a demonstrable breach of the rules. All enforcement decisions are made using a two-stage process. The first stage involves an assessment of the evidence collected by the enforcement authority and an assessment of the likelihood of succeeding in enforcement proceedings. If this is not likely, then the proceedings are abandoned. However, even if there is enough evidence to secure a successful outcome, there is a further assessment to be made as to whether bringing enforcement action in the particular case is in line with the public policy objectives of the regulator. There are a large number of policy issues which a regulator may consider in bringing enforcement action. However one of the clearest is that the enforcement action itself is intended to have an impact not only on the person engaged in the activity but also on others. This objective is neatly summarised in the FCAs enforcement guide “The FCA will aim to change the behaviour of the person who is the subject of its action, to deter future non-compliance by others, to eliminate any financial gain or benefit from non-compliance, and where appropriate, to remedy the harm caused by the noncompliance.” [FCA Enforcement Guide 2.2(4)]

This makes clear that enforcement action is not simply aimed at the person on the receiving end of that action. This is made even clearer slightly further on “The FCA does not have a set of enforcement priorities that are distinct from the priorities of the FCA as a whole. Rather, the FCA consciously uses the enforcement tool to deliver its overall strategic priorities. The areas and issues which the FCA as an organisation regards as priorities at any particular time are therefore key in determining at a strategic level how enforcement resource should be allocated. FCA priorities will influence the use of resources in its supervisory work and as such, make it more likely that the FCA will identify possible breaches in these priority areas. Further, should evidence emerge of potential breaches, these areas are more likely to be supported by enforcement action than nonpriority areas.” [Guide 2.6]

This does make clear that enforcement is a communication tool. Enforcement authorities can clearly bring enforcement actions in respect of breaches of rules. However, there are two problems with using enforcement action per se to affect behaviour outside the rules. The first is that behaviour is, by definition, a matter of human conduct. Put simply, a firm cannot have a behaviour – it is only the individuals who compose that firm who can behave. However, in general the regulatory system applies to regulated entities, and the regulated entity in these cases is the firm, not the individuals. This is, of course, an oversimplification, in that regulators have jurisdiction over the individuals

68 | Simon Gleeson

who comprise the firm. However this jurisdiction is limited by the fact that it tends to arise only where the firm itself has breached rules. The issues with bringing enforcement actions against individuals are well-known – where the individual is clearly culpable then action is straightforward, but where the individual is a manager or employee, in general enforcement is only likely to be practical where actual wrongdoing can be shown on the part of that person. Actual wrongdoing in this case can be inferred from inaction – for example, a failure to establish systems to address a known problem, or a failure to act on information received which might have indicated breaches of the rules – or from active encouragement of another person to breach rules. All of this may be regarded as a long-winded way of saying that regulatory enforcement cannot lie for breach of non-regulatory rules. However, the world is a more complicated place than that, and it is interesting to consider an example of a situation – the UK PPI (Payment Protection Insurance) misselling case – where a regulator succeeded in doing exactly that. The facts of the PPI situation are contentious even now, but a short summary might run roughly as follows. It is common practice amongst banks of all descriptions to provide their customers with a mixture of credit and services, and it is generally found upon inspection that the profit in the relationship comes through the price of the services – indeed, in corporate relationships it is by no means unusual to find loans priced at below the cost to the bank of the financing concerned, such loans being provided on this basis in order that the relationship arising from the provision of the loan may be sued for the sale of other services. This approach was deployed by UK retail banks as regards the retail lending market in the UK, with apparently underpriced loans in the retail market being offered in association with apparently overpriced insurance. There was nothing particularly difficult to understand about the insurance being offered, there was no doubt that the pricing of the insurance was clear and transparent, in that the price to be paid was clearly disclosed, and it was common ground that the sales concerned were in accordance with the rules governing sales of insurance which were in force at the time. However, the financial terms on which the insurance was sold yielded an extraordinarily high profit to the person selling it – in Plevin v Paragon Finance2, Lord Sumption held that the mere economic terms of the contract alone (a commission equal to 71% of the sale price was paid) made it per se unfair, although he indicated without deciding that the disclosure of this fact might have cured the unfairness.

_____ 2 [2014] UKSC 61.

III. Enforcement and Supervision | 69

The position, in a nutshell was therefore that the outcomes for most PPI customers were held to have been unfair, although no actual rule had been broken in the course of their sale. Pausing here for a second, it may be noted that a good part of the problem in practice seems to have arisen from the fact that the regulations surrounding the sale of insurance products of this type at the relevant time were based on the assumption that the investor had a responsibility to look after his own interests, and in particular, when he was clearly informed what he was getting and what price he was paying for it, that the responsibility for the decision would then become his own. The various commentaries on the incident seem to agree that any thinking customer should have been able to see immediately that what was being offered was substantially overpriced, and although it was suggested that in some cases buyers of the product were either coerced or deceived into buying it, this was not the case with the majority of buyers3. This fact pattern raises some very difficult issues for regulators as to what their role in such cases is actually supposed to be and, in particular, what level (if any) of responsibility for their own decisions should retail customers be expected to take. That having been said, it is not in dispute that by 2010 a very large number of these policies had been sold; many distributors and banks had been significantly enriched thereby; and many customers had suffered detriment. The starting-point for the PPI discussions was the activity of the UK Financial Ombudsman. Now the operations of Ombudsmen are an interesting illustration of the limits of conventional analysis of the distinction between law and morality. An Ombudsman is generally established in respect of a particular industry, and exists to review complaints made by customers of the firms in that industry. However Ombudsmen are not judges, and are not constrained to operate within the law. In the UK, for example, it was decided in R (Heather Moor & Edgecomb Limited) v (1) Financial Ombudsman Service (2) Simon Lodge4 that an ombudsman may reach a decision in a case which is at variance with the ordinary common law, and indeed with all of the other materials which relate to the situation, provided that he is satisfied that the outcome is fair and reasonable. In summary, the approach of the Ombudsman to PPI complainants was to say that all sales of PPI should be presumed to be unfair unless the institution

_____ 3 Although the Competition Commission report (Market Investigation into Payment Protection Insurance, 29 January 2009) into the PPI market concluded that there were very significant impediments to customers comparing different PPI policies, to some extent directly attributable to the behaviour of the sellers of PPI. 4 [2008] EWCA Civ 642.

70 | Simon Gleeson

concerned could prove that, at the point of sale, full disclosure had been made of the commission or profit levels, the sale would be treated as being unfair and the ombudsman would order compensation to be paid. The banks – who had in general made no such disclosure because there was at the time no rule requiring it – were understandably unhappy by this approach, and appealed to the courts to hold that what was being done should be stopped. It is interesting to consider the number of different layers of “laws” which were present in this case. • At the lowest level are the specific rules of the FCA relating to the sale of the products. It is common ground that these were not breached at any time. • Next, there was guidance given by the FCA to the Ombudsman (in the form of an “open letter”). This was the document which specified further obligations on banks selling PPI products which went beyond those set out in the FCA rules. These were adopted by the FOS, to the extent that it began to award compensation against banks in a large number of cases where the banks themselves, having considered the situation, had determined (correctly) that there had been no breach of the rules. • Finally, we have the FCA “principles for business” Prior to the case, it would have been agreed by all parties that (a) these principles applied to all of the activities of the firms concerned, (b) breach of them would have constituted a breach of rules in respect of which FCA could have taken enforcement action, but (c) breach of principles did not give rise to a civil law right of action in damages vested in the customer (or any third party). The upshot of the decision is interesting. In effect, the reasoning of the court was that (a) an obligation could be derived from the principles which was not set out in the rules (in this case, an obligation to communicate more detail that was required in the rules), (b) it was therefore open to the ombudsman to regard failure to comply with such obligation as unfair and, (c) it was therefore proper for the ombudsman to require the bank concerned to compensate the customer for a breach of that obligation, despite the fact that the effect of this decision was in practice to treat the bank as if it had been subject to a regulatory obligation which did not exist (and had not been suggested) at the time when the activity concerned was engaged in. This outcome can be summarised as a successful attempt by the regulator to impose a very significant economic penalty on the banking industry in respect of conduct which, at its simplest, was fully compliant with the formal rules as they existed at the time when the conduct was engaged in. This example usefully brings together a number of the points set out above. First, there was no wrongdoing, in the sense of moral turpitude. Those who sold

III. Enforcement and Supervision | 71

PPI insurance knew that it was overpriced, but they justified it as being sold in accordance with the rules, as being clearly described to customers, and as being optional (in the sense that no investor was ever – in theory – obliged to buy it). However, it is highly arguable that those involved would probably have admitted, if pressed, that viewed in isolation the economics of the individual transactions would be likely to be perceived by external observers as an extremely unattractive business, and not something which any regulator would have been able to defend in public as a legitimate business practice. In other words, the practice was something which the regulators could reasonably have expected the banks concerned to have thought carefully about in the context of their reputations generally. It is really this – the notion of looking at business which is legal (or at least not illegal) and asking whether there could be long-term detriments to the organisation as a whole arising out of doing that business – which constitutes a good culture in this regard. As the PPI case illustrates, the mere fact that something is legal is a useful starting point, but there is a further level of consideration which should be applied to any decision before it is concluded that it is something which can safely be done without risk of subsequent challenge. Finally, it illustrates that regulators can, given sufficient will, find ways directly to enforce behavioural norms which are not to be found in the rule book.

72 | Simon Gleeson

neue rechte Seite

IV. Bankers’ Codes: From Industry to Profession | 73

| IV. Bankers’ Codes: From Industry to Profession IV. Bankers’ Codes: From Industry to Profession

74 | Simon Gleeson

IV. Bankers’ Codes: From Industry to Profession | 75

Klaus J. Hopt, Max Planck Institute for Comparative and International Private Law, Hamburg*

A Plea for a Bankers’ Code of Conduct Klaus J. Hopt

The plea for a bankers’ code of conduct is not new. In Germany it goes back to the 1970 and the movement to have flexible codes instead of mandatory law. Two of the earliest examples were the Voluntary Insider Guidelines of 1970 and the Voluntary Takeover Code of 1995. I happened to be part of this early movement from the very beginning, both as author and as member of the Takeover Commission which administered the Takeover Code of 1995. Unfortunately both Codes were not successful, because neither industry and banks nor the German legislator nor even most of my colleagues in German academia took these codes seriously – despite the warning that this would call the European legislator into action. And indeed this happened, both by the European insider regulation in 1989 and by the takeover directive of 2004. As to a bankers’ code more specifically, the Deutsche Bank had issued its own Corporate Governance Principles in 2001, but withdrew it when the German Corporate Governance Code was issued on 7 November 20021. The Deutsche Bank Code was quite progressive at that time, and I saw the withdrawal with some regret since the German Corporate Governance Code addresses listed German corporations in general and only briefly recommends that companies not focused on the capital market also respect the Code. As a consequence the specific needs of banks and financial institutions were not taken into consideration. This is why I repeatedly made a public plea for a bankers’ code of conduct of its own, already in January 2009 in the German financial gazette Handelsblatt and most recently in the same newspaper on 4 August 2015.2 This plea had been supported by Andreas Dombret already before3 and had motivated him and Andreas Cahn to kindly invite me to participate in this conference. In the following the plea will be backed with three lines of argument: First, we shall have a look at the difficult code movement we have experienced in Germany and which to a

_____

* This article goes back to a presentation at the Institute of Law and Finance on 23 November 2015. The lecture form has been kept, footnotes for further reading have been added. A somewhat different earlier version is available in German: Klaus J. Hopt, Ein Bankers’ Code of Conduct, Audit Committee Quarterly III/2015, 20–23. 1 German Corporate Governance Code as amended on May 5, 2015, available on the website of the German Corporate Governance Code Commission. 2 Klaus J. Hopt, Kodex für Banken? in: Handelsblatt, 28.1.2009, No. 19 p. 19; idem, Für einen Bankenkodex, in: Handelsblatt, 4.8.2015, No. 147, p. 13. 3 Andreas Dombret, Anständig Geld verdienen, in: Handelsblatt, 17.6.2015, No. 113, p. 48.

76 | Klaus J. Hopt

certain degree has made Germany an outlier, the Netherlands are further ahead with their Code of the Bankers’ Association as revised in 2013,4 and so is the UK where seven British banks have jointed forces, formed a Banking Standards Review Council and developed and promised to respect voluntary standards of behavior,5 thereby following many companies in the non-financial sector that have developed company codes of conduct.6 Second, it will be explained why the three main objections against a bankers’ code of conduct are not convincing. Third, some suggestions will be made on how to go about formulating such a bankers’ code of conduct, all this against the background of the intricate relationship between law and corporate behavior7 and banking conduct and culture.8

1. One should have thought that the German Corporate Governance Code of 2002 would have helped the plea for a bankers’ code of conduct. Yet curiously enough, the contrary was true. Our friends and colleagues from abroad, in particular from the United Kingdom, have a long and good experience with Codes. Actually the seminal UK takeover code of 1970 and, later on, the Cadbury Code on Corporate Governance of 1992 became international models and have led to similar codes all over Europe and beyond.9 Yet in Germany voluntary codes like the German Corporate Governance Code appeared and still appear to

_____ 4 Wim Mijs, in this book at p. 85. 5 Bob Ferguson, The personal accountability of bankers, Law and Financial Markets Review 9 (2015) 40. 6 G20/OECD Principles of Corporate Governance, OECD, Paris 2015, p. 53; cf. also the comment there: “Company-wide codes serve as a standard for conduct by both the board and key executives, setting the framework for the exercise of judgement in dealing with varying and often conflicting constituencies. At a minimum, the ethical code should set clear limits on the pursuit of private interests, including dealings in the shares of the company. An overall framework for ethical conduct goes beyond compliance with the law, which should always be a fundamental requirement.” 7 See most recently Christopher Hodges, Law and Corporate Behaviour, Integrating Theories of Regulation, Enforcement, Compliance and Ethics, Oxford (Oxford University Press) 2015. 8 Group of Thirty, Banking Conduct and Culture, A Call for Sustained and Comprehensive Reform, Washington, July 2015. 9 See Klaus J. Hopt, Comparative Corporate Governance: The State of the Art and International Regulation, The American Journal of Comparative Law 59 (2011) 1–73; for an extended German version see idem, Vergleichende Corporate Governance – Forschung und internationale Regulierung, ZHR 175 (2011) 444–526.

IV. Bankers’ Codes: From Industry to Profession | 77

many as suspicious and they were criticized from different angles.10 On the one hand it was said that they were mere partisan work of lobbyists without tackling the real problems. On the other hand it was criticized that they were burdening industry too much, being reformed and stiffened continuously and leading to severe overregulation. Most recently, a well-known chairman of the board of a large German enterprise called for the German Corporate Governance Code to be repealed and the German Corporate Governance Code Commission to step down. Needless to say that I do not share these views. Quite on the contrary, I think that the Corporate Governance Code movement is a success story, certainly in other European countries, but at least to a certain degree also in Germany.11 Yet this controversy about the German Corporate Governance Code may help to explain why the plea for an additional, special bankers’ code of conduct has up to now not been successful. Some time ago I had the opportunity to discuss the matter in an informal working group of the Ministry of Finance in Berlin, but also here the reaction was for the most lukewarm and most of the participants of the meeting were inclined to consider such a code to be superfluous, in view of the extensive banking regulation in Germany and in Europe. Similarly within the German Corporate Governance Commission there is little sympathy for a new, specific bankers’ code of conduct and even in the Federal Association of German Banks skepticism seems to prevail. Yet things might change. In July 2015 the Basel Committee on Banking supervision published its revised “Guidelines: corporate governance principles for banks”.12 Among other points the Committee suggested to write a code

_____ 10 Cf. most recently Karl-Ludwig Kley (chairman of the management board of Merck KGaA), Eine schlechte Kommission, FAZ 19.6.2015, No. 139, p. 22, and the reply by the Chairman of the Commission, Manfred Gentz, Kodex-Kommission wertet keine Stundenzettel aus, FAZ 26.6.2015, No. 145, p. 22. See also Joachim Jahn, Den Kodex abspecken, FAZ 22.6.2015, No. 141, p. 17. 11 Klaus J. Hopt, Der Deutsche Corporate Governance Kodex: Grundlagen und Praxisfragen, in: Festschrift für Hoffmann-Becking, Munich (Beck) 2013, p. 563 at p. 565 et s.; idem, Self-Regulation in Banking and Finance – Practice and Theory in Germany –, in: La Déontologie bancaire et financière/The Ethical Standards in Banking & Finance, Bruxelles 1998, p. 53. Cf. more generally as to the advantages and limits of self-regulation Petra Buck-Heeb et al., Selbstregulierung im Privatrecht, 2010; Gregor Bachmann, Private Ordnung, 2006. 12 Basel Committee on Banking Supervision, Guidelines: Corporate governance principles for banks, July 2015. An earlier version is from 2010: Principles for enhancing corporate governance. As to this see Klaus J. Hopt, Corporate Governance of Banks after the Financial Crisis, in: Eddy Wymeersch/Klaus J. Hopt, eds., Financial Regulation and Supervision, A Post-Crisis Analysis, Oxford (Oxford University Press) 2012, p. 337. See already before Klaus J. Hopt, Corporate Governance von Banken – Überlegungen zu den Grundsätzen des Basler Ausschusses für Bankenaufsicht vom Februar 2006, in: Festschrift für Nobbe, Cologne (RWS) 2009, p. 853.

78 | Klaus J. Hopt

of conduct for banks.13 Similarly in May 2015 the G7 finance ministers and central bank governors have also supported the idea of such a code.14 As mentioned before, in an article in the Handelsblatt, Andreas Dombret has reacted positively to this plea,15 and if we look around among the 10 largest banks of the world we find many ethical codes or codes of conduct specifically for banks.16 My own prediction is that sooner or later such a bankers’ code of conduct will come about also in Germany. And indeed I think the time is ripe after the financial crisis and its abuses and in view of the severe loss of confidence suffered by German banks, in particular the German state banks (Landesbanken), but also the Deutsche Bank. “Banking is at a low point in terms of customer trust and reputation.” admits also the Group of Thirty.17 Actually there is a serious danger that this loss of confidence will not just be a temporary event, as shown for example by the reluctance of students to go into banking.18 It may very well be of a more permanent character to the detriment of the German banking industry as a whole. The diagnosis by Lord Adair Turner, former chairman of the UK Financial Authority from 2008 to 2013, seems correct: “bank executives face the challenge of setting clearly from the top a culture which tells people that there are things they shouldn’t do, even if they are legal, even if they are profitable and

_____ 13 Basel Committee 2015 (supra note 12) no. 31 states: „A bank’s code of conduct or code of ethics, or comparable policy, should define acceptable and unacceptable behaviours. – It should explicitly disallow illegal activity, such as financial misreporting and misconduct, economic crime including fraud, breach of sanctions, money laundering, anticompetitive practices, bribery and corruption, or the violation of consumer rights. – It should make clear that employees are expected to conduct themselves ethically and perform their job with skill and due care and diligence in addition to complying with laws, regulations and company policies.“ Idem no. 14 2d paragraph: “The board should set the ‘tone at the top’ and oversee management’s role in fostering and maintaining a sound corporate and risk culture. Management should develop a written code of ethics or code of conduct. Either code is intended to foster a culture of honesty and accountability to protect the interest of its customers and shareholders.” 14 G7-Finance Ministers and Central Bank Governors, results of their meeting at Dresden from 27 to 29 May 2015. For a short survey cf. also Monatsbericht des Bundesministeriums für Finanzen, Juni 2015, p. 32. 15 Dombret (supra note 3). 16 William Blair, Is there a role for culture and ethics in financial regulation? Lecture at the Wallenberg-Symposion in Stockholm, August 2013. 17 Group of Thirty (supra note 8), p. 22. 18 Cf. Wirtschaftsstudenten machen Bogen um Banken, Börsen-Zeitung, No, 224, 21.11.2015, p. 3.

IV. Bankers’ Codes: From Industry to Profession | 79

even if it is highly likely that the supervisor will never spot them”.19 The elaboration of a bankers’ code of conduct may be helpful in mastering this challenge.

2. Let us now have a look at three objections that are often brought forward against the plea for a special code of conduct for banks and/or bankers. First, it is said that confidence in the banks and the bankers can only be restored by hard law. Second, the German Corporate Governance Code is mentioned, why double it with another code? Third, the wave of banking regulation is considered by many to be so burdensome that additional provisions, even if only of a voluntary character, only add to overregulation. Yet at a closer look at all three objections shows they are not convincing. a) First, it is a truism that banking needs to be regulated, both banks as institutions as well as bankers personally, the members of the management and the supervisory bodies and the key function holders in the banks. This regulation is mainly achieved by direct and indirect bank supervision on the basis of laws that are enacted by the European legislators and their counterparts in the Member States. From time to time even criminal law is needed in order to cope with particularly grave cases of misconduct, as experienced occasionally during the financial crisis.20 In a recent speech Sabine Lautenschläger21 mentioned, that the financial crisis taught the lesson: light touch regulation or even self-regulation are not convincing solutions for dealing with such a crisis. Right, but with an important addendum: mere self-regulation or even: primarily self-regulation is not sufficient. Yet in my opinion, a bankers’ code may very well supplement these laws by voluntary standards of behavior that the banks and the bankers promise their clients to respect when they are doing business with them. Law and codes are not the same. The law is formal, it is the product of what can be a lengthy and complicated legislative process and it is bound to end up in a compromise. Unfortunately, from time to time, laws seem more to react to public

_____

19 Alain Cohn/Ernst Fehr/Michel André Maréchal, Business culture and dishonesty in the banking industry, Nature vol. 516, 4.12.2014, p. 86. 20 But criminal law must remain the means of last resort, in Germany after the financial crisis this seems not always to be respected. Cf. Klaus J. Hopt, Die Verantwortlichkeit von Vorstand und Aufsichtsrat: Grundsatz und Praxisprobleme – unter besonderer Berücksichtigung der Banken, ZIP 2013, 1793 at 1804 et s. 21 Sabine Lautenschläger, Speech at the assembly of the members of the German Share Institute (Deutsches Aktieninstitut, DAI) on 21 April 2015 in Frankfurt.

80 | Klaus J. Hopt

opinion and outcry than to be based on well documented and tested regulatory needs. Codes, on the contrary, are flexible. They can react quickly to abuses. They can be adjusted without much ado and – more important – they can offer authentic and convincing self-binding. Codes may even be more effective than law in creating trust and confidence since they are voluntary, institutional and personal promises and not just legal duties forced upon the banks and bankers under the threat of civil and penal sanctions.22 And this leads us to ethics. Law should of course not be unethical, but ethics are more than law23 and culture is more than rulebooks. Codes can incorporate ethical standards that may go well beyond law. And this is what creates confidence. b) The second objection maintains that there is no need for a bankers’ code of conduct because we have already the German Corporate Governance Code. Yet as said before, this Code is addressed to all listed companies and beyond and does not take into consideration the specificities of banks and the financial institutions more generally. Of course, insofar as banks are listed corporations, the German Corporate Governance Code is addressed also to them. Under section 161 of the German Stock Corporation Act their management board and their supervisory board24 shall declare annually that the recommendations of the Code “have been and will be complied with or which recommendations have not been or will not be applied and why”,25 and this declaration shall be con-

_____ 22 Cf. the corporate social responsibility movement. See the special issue of the Schweizerische Zeitschrift für Wirtschaftsrecht (SZW/RSDA) 3/2015. 23 Cf. Cass R. Sunstein, The Ethics of Nudging, Yale Journal of Regulation 32 (2015) 413. 24 The good or not so good functioning of European boards is discussed by Klaus J. Hopt/Paul Davies, Corporate Boards in Europe – Accountability and Convergence, The American Journal of Comparative Law 61 (2013) 301; more generally Paul Davies/Klaus J. Hopt/Richard G. J. Nowak/ Gerard van Solinge, eds., Oxford (Oxford University Press) 2013. 25 § 161 of the German Stock Corporation Act says: “Corporate Governance Codex Declaration (1) The management board and supervisory board of the listed company shall declare annually that the recommendations of the ‘Government Commission German Corporate Governance Codex’ published by the Federal Ministry of Justice in the official part of the electronic Federal Gazette has been and will be complied with or which recommendations have not been or will [are] not be applied and why. The same shall apply to the management board and the supervisory board of a company which has exclusively issued other securities than shares for trading on an organized market within the sense of § 2 (5) of the Securities Trading Act and the issued shares of which shall [are], on the company’s own initiative, only be traded via a multilateral trading system within the sense of § 2 (3) sentence 1 No. 8 of the Securities Act. (2) The declaration shall be continuously available to the public on the company’s internet page.” (Norton Rose translation, deviation of this translation are market).

IV. Bankers’ Codes: From Industry to Profession | 81

tinuously available to the public on the bank’s internet page. Yet recent empirical economic research has found that banks are special and good governance of banks is by no means the same as good governance of corporations in general.26 For banks good governance must be geared towards the protection of depositors and other creditors. For general corporations good corporate governance consists in the governance and control of the corporation for the benefit of the shareholders and, possibly, other stakeholders. According to empirical research, during the financial crisis those banks that had the best corporate governance quite often did worse than the others with less good corporate governance. This is explained by the fact that shareholders are (or should be) diversified and therefore may urge the management and the board to take more risks. Therefore improving general corporate governance may have consequences that run directly against good bank governance, i.e. it may lead to excessive risk-taking to the detriment of depositors and other creditors and, if systemically relevant banks are concerned, in the end to the detriment of the taxpayers.27 c) The third objection concerns overregulation. It is true that the financial crisis has led to what has been called a tsunami of regulation of banks and other financial institutions. Some actually think that here and there bank regulation has overdone it and goes too far into the details. As in other instances, less may be more. Yet even in areas which have been densely regulated such as bankers’ pay, there may be room for more precise, voluntary promises. Andreas Dombret mentioned for example rules on clawback and suggested to voluntarily extend the time period for such clawbacks.28 I personally think that a general promise of ethical behavior of the bank, the bankers and the employees, at least the key function holders, may be most appropriate. If we take a look at the Basel “Guidelines: Corporate governance principles for banks” with their 13 principles on 40 pages,29 I think we find enough room for voluntary standards and ethical

_____ 26 Klaus J. Hopt, Corporate Governance of Banks and Other Financial Institutions After the Financial Crisis, Journal of Corporate Law Studies 2013, p. 219. 27 Idem at p. 236–245. 28 Dombret (supra note 3). 29 Basel Committee on Banking Supervision, Guidelines 2015 (supra note 10). See also European Banking Authority (EBA), Report On the peer review of the Guidelines on the assessment of the suitability of members of the management body and key function holders (EBA/GL/2012/06), 16 June 2015, no. 3.6.1 Potential best practices observed. Cf. also ICGN Global Governance Principles: “4 Corporate culture 4.1 Codes of conduct/ethics

82 | Klaus J. Hopt

promises for the board and senior management that may very well supplement banking law and banking regulation. The supervisors should of course refrain from immediately changing voluntary standards into hard regulatory requirements.30

3. Let me end with some suggestions on how to proceed with the elaboration of a bankers’ code of conduct. As mentioned before the largest banks of the world have already ethical codes, codes of good conduct or guidelines for corporate governance of banks. In my view each of these banks may be best suited itself to formulate such a code that it thinks fits its specific business, history and character. By such a code the bank may set better incentives for its own managers and employees and thereby may better address the expectations of its clients. But this concerns the specific banks and may contribute less to the reputation of the banking industry at large and the improvement of the system as such.31 Therefore, in my view, a bankers’ code of conduct should operate for banks more generally. The banking crisis is also a crisis of bank culture and financial ethics.32 The bankers’ code should therefore be set up by the banking community at large, though of course without giving the impression that such a code is only meant for public relations and, at the worst, self-service of the banking industry and even mere window dressing. Therefore I think it would be important right from the beginning to call on independent experts and stakeholders who

_____

High standards of business ethics should be adopted through codes of conduct/ethics (or similar instruments) and oversee a culture of integrity, notwithstanding differing ethical norms and legal standards in various countries. This should permeate all aspects of the company’s operations, ensuring that its vision, mission, business model and objectives are ethically sound and demonstrative of its values. Codes should be effectively communicated and integrated into the company’s strategy and operations, including its risk management systems and remuneration structure.” 30 Group of Thirty (supra note 8), p. 15, 54: “Supervisors and regulators cannot determine culture, but supervisors should have an important monitoring function.” On the merits and limits of self-regulation in regulating trading practices and the role of regulators, supervisors, and self-regulatory organizations see Andreas M. Fleckner, Regulating Trading Practices, in: Niamh Moloney, Eilís Ferran, Jennifer Payne, eds., The Oxford Handbook of Financial Regulation, Oxford (Oxford University Press), 2015, p. 597 at 608 et s. 31 Group of Thirty (supra note 8), p. 23 and 56: culture is unique to each institution, but industry-led standard-setting initiatives should be encouraged. 32 Group of Thirty (supra note 17); Cohn et al. (supra note 19).

IV. Bankers’ Codes: From Industry to Profession | 83

do not belong to the financial community. The German Corporate Governance Code Commission has such outside members and has made good experience with this, though I would not recommend to try to have all possible interest groups represented in the commission, even trade union members. This may lead to too much interest group behavior and difficult compromises beyond the interest and expectations of the stakeholders of the banks. The members of the German Corporate Governance Commission are appointed by the Minister of Justice. For a bankers’ code it may make sense to entrust the appointment to the Minister of Finance. Leaving the selection of the relevant persons to the banking industry alone may not be ideal for creating confidence of the general public. The tasks of such a Commission could be rather different. First of all one would have to decide whether the Commission should just elaborate the code or whether it should be a standing commission that would meet say once a year to discuss whether the code needs to be updated. By being updated I do not just mean new recommendations, but often it may be more appropriate to just modify or even repeal certain recommendations that have shown to go too far or not to fulfill their purpose. Andreas Dombret has suggested in his article in the Handelsblatt to go right away for an international bankers’ code.33 I must confess that I think that may be too ambitious. As we know, banking is already very different in our own country with private banks, savings institutions (Sparkassen) and cooperative banks and there are many special banking institutions well beyond these three German banking sectors. The Basel Committee is well aware of the many national and structural differences and of their path dependencies and their constant further development. The Committee therefore refrained from advocating a specific banking governance structure.34 For the same reason the European Commission constantly refused to recommend a general European Corporate Governance Code. So, maybe, we should start more moderately, and possibly with different codes of conduct for different businesses. Furthermore thought should be given to who should be the addressees of such a bankers’ code. The code could be addressed to the banks themselves, i.e. the institutions, or the persons within the banks, i.e. under the German two-tier system the members of the management and the supervisory boards and the key function holders, or even reaching further out, to the bank personnel more generally. Each of these possibilities has its pros and cons. A code of ethics should probably comprise both, the banks and all of its collaborators. This is what is

_____ 33 Dombret (supra note 3). 34 Basel Committee (supra note 12), Guidelines No. 19.

84 | Klaus J. Hopt

meant by the tone from the top for everybody in the bank. What is important is that the tone from the top has a clear and consistent “echo from the bottom”.35 Last but not least even a good code needs some enforcement. I mentioned at the beginning the German Insider Guidelines and the Takeover Code. Both codes were fully voluntary and failed because of the well-known free rider effect of corporations which profited from the codes without following it themselves. Part of the Code should therefore at least be a bank-internal compliance system, may be even a corporate responsibility officer as suggested by a SEC commissioner some ten years ago in the USA when the Sarbanes Oxley Act was discussed36, and the banks must of course have a system that combines both, not only disciplinary measures – though these are important as the Dutch Bankers’ Code example shows37 – but more importantly incentives. I would not go so far as recommending to ask bank employees to take a professional oath analogous to the central government oath for state employees or the Hippocratic oath for physicians, as practiced in the Netherlands38 and suggested by several experts and regulators39. But the success of the German Corporate Governance Code consists to a considerable degree in its enforcement by the “comply or explain” principle laid down by the legislator in a mandatory way in the Stock Corporation Act.40 Such a transparency requirement informs the capital market and the general public and may help to create more confidence. A similar provision – say in the Banking Act or as a supervisory requirement – could help the banking industry at large and contribute to regaining some of the lost confidence in a foreseeable future.

neue Seite

_____

35 Group of Thirty (supra note 8), p. 13. 36 Cited after Mirko Haase, Kommt der Corporate Responsibility Officer?!, in: Handelsblatt, Sonderveröffentlichung Compliance, September 2015, p. 7. 37 Wim Mijs (supra note 4) in this book at p. 85. 38 Wim Mijs (supra note 4) in this book at p. 85. 39 Cohn et al. (supra note 19). 40 See the text of § 161 of the German Stock Corporation Act (supra note 17). An extensive analysis of this provision is presented by Patrick C. Leyens, § 161 AktG, in Klaus J. Hopt/Herbert Wiedemann, eds., Aktiengesetz Großkommentar, 4th ed., Berlin/Boston (de Gruyter) 2012.

IV. Bankers’ Codes: From Industry to Profession | 85

Wim Mijs, Chief Executive of the European Banking Federation

The Dutch Experience: Can an Oath repair the Dialogue? 1

Wim Mijs

How do you as banker deal with the total loss of trust and confidence in your industry? Is it possible to repair a dialogue with society that has been totally crushed? Wim Mijs, Chief Executive of the European Banking Federation and formerly the head of the Dutch Banking Association, explains how the Netherlands developed its oath for bankers as part of its unusual approach to this challenge.

A Crushed Dialogue In May 2014 at the Inclusive Capital Conference in London, Christine Lagarde, Managing Director of the International Monetary Fund, said that “the behaviour of the financial sector has not changed fundamentally in a number of dimensions since the crisis and while some changes in behaviour are taking place, these are not deep or broad enough. The industry still prizes short-term profit over long-term prudence, today’s bonus over tomorrow’s relationship”. When she made these comments, it was clear that Ms Lagarde had not yet heard what was happening in the Dutch banking sector. When I started as the Chief Executive of the Dutch Banking Association in 2008 the Netherlands had changed significantly. Trust and confidence in the financial sector had disappeared. The world’s largest financial crisis since the great depression caused a rapidly increasing unemployment rate, a negative GDP growth and two of the three largest banks were in need of government support. When the smoke started to clear Fortis and ABN Amro were nationalized and ING was receiving capital injections. For us at the Dutch Banking Association this was not the worst part of the crisis. The dialogue between the banking industry and Dutch society had been completely crushed. Society was outraged and had lost all of its confidence and trust in the banking sector. The greatest challenge we faced in the banking sector was how to restore confidence and repair the dialogue with society.

_____ 1 This article is an edited version of the speech that Wim Mijs, the Chief Executive of the European Banking Federation, held at the ILF Conference on Bank Culture & Conduct, Frankfurt, November 2015.

86 | Wim Mijs

Restoring Trust In November 2008 the board of the Dutch banking association decided to set up an advisory committee in order to draft a report on the future of banks in the Netherlands. The main goal of the report was to repair the damaged confidence in the Dutch banking sector, essential, given banks’ vital role in the economy and the negative consequences on other sectors when they do not perform well. Thus the committee, fully independent, needed to give advice and recommendations to improve the functioning of the Dutch banking sector. The committee, comprising Cees Maas (Chairman), Sylvester Eijffinger, Wim van den Goorberg and Tom de Swaan, solely focused on the banks, as they deemed this to be the key to responsible and sustainable banking. The committee’s main goal was to achieve a return to the traditional way of banking in which clients’ interests are the banks’. We believed that this would eventually resolve the loss of trust and rebuild the broken relationship with society caused by doubts on the ethical and moral views and the conduct of bankers during the crisis. The report consisted of four chapters. The first chapter contained recommendations which were meant to reinforce the governance structure and banks’ risk management systems. In this chapter there were recommendations with regard to the role and position of the supervisory board, executive board and external auditor. The second chapter was about the remuneration in banks’ in which the committee gave recommendations on the policies regarding remunerations. In this chapter the committee also discussed the role of the shareholders from the perspective of the public function banks play. The third chapter addresses the supervisors in the Netherlands and consists of recommendations to reinforce the supervision of banks in the Netherlands. The final chapter discussed the structure of the Dutch banking sector on which the committee again gave recommendations to improve. The committee’s final report was published in April 2009, when it was presented to the Minister of Finance and Deputy Prime Minister of the Netherlands, Mr Wouter Bos. The public and Minister Bos were very optimistic about the report but asked what the Dutch Banking Association would do with it. We responded with a clear message: “We will make a code.”

The First Banking Code In September 2009, five months after publishing the report, the Dutch Banking Association introduced the Banking Code. The code’s principles were derived

IV. Bankers’ Codes: From Industry to Profession | 87

from chapters one and two. The Banking Code, which at the beginning was fully self-regulatory, was not drawn up solely by the Dutch banking association but was a collection of national, European and international laws and regulations, case laws and codes, all reviewed in their entirety and adapted to unique Dutch realities. The Banking Code was to be applied to all activities performed by banks with a Dutch licence, irrespective of whether they perform their activities in the Netherlands or in another country and irrespective of whether those activities are performed by a branch. The Banking Code came into effect in January 2010. Did it really make a difference? For the public: no. But for banks: definitely. Surveys conducted during the years that followed revealed that there was little awareness of the Code among a wider audience. The general public’s level of trust in the banking sector did not increase. Banks nonetheless took the Code very seriously. Compliance was high and banks used the Code as an instrument for internal reform. At the same time, new laws and regulations and tighter supervisory and enforcement policies resulted in a considerable overlap with several of the Code’s principles. So, three years after its introduction, the Banking Code Monitoring Commission concluded that the Code should be updated to reflect these developments. After all, everyone had agreed from the very beginning that the Code should be considered a ‘living document’. So by adjusting it the Code could develop further. It would let us, as the banking sector, raise our ambition levels and show what we really stand for.

Future-Oriented Banking2 In April 2014 Dutch banks met at the Dutch Banking Association to work on a revision of the Banking Code and the introduction of a social charter and several behavioural rules. The three parts all together we called ‘Future-Oriented Banking’. The updating of the Banking Code took into account the recommendations of the Banking Code’s Monitoring Commission, the Committee on the Structure of Dutch Banks, the government’s views on the Banking Industry and the vision of the Dutch Banking Association. Four years after its introduction, the main part of the initial code, approximately 80 percent, was incorporated into legislation and regulation and therefore did not need to be repeated in the 2014 update of the Banking Code. But

_____ 2 The updated Banking Code can be found in the annex at the end of this article.

88 | Wim Mijs

what remained to be addressed was the centralization of the client and the declaration of conduct. After an extensive consultation with stakeholders and the general public on Future Oriented Banking, the updated Banking Code came into effect on the 1st of January 2015.

Monitoring a self-regulatory code As the Dutch Central Bank and the Ministry of Finance did not want to underpin the banking code by law at the outset, we deemed it essential that there would be an independent monitoring body to ensure the code had an impact. Consequently, when the code came into effect, a monitoring committee had been set up, with its members selected by both the Central Bank and the Ministry of Finance. The role of the monitoring committee is to ensure that banks comply with the updated Banking Code. It signals wrongdoings and gives recommendations on the principles of the Banking Code. The monitoring committee is also able to obtain support and receive advice from third parties. Recommendations and opinions of the committee are annually reported to the Dutch Banking Association. The code also requires banks to be transparent so that monitoring could be effective. Every year, the banks must post a new report on their website, describing how they have applied the Banking Code the previous year and how they have progressed in applying the principles, giving additional examples of compliance. If a bank does not apply a particular principle it has to provide a substantial explanation of why it did not. This said, what the Dutch Banking Association insists on is that the spirit behind its values and principles be implemented and applied on a daily basis. This is what matters most.

Globalization and the end of the traditional Dutch Banking Code As John Larson said, “Globalization is not a monolithic force but an evolving set of consequences – some good, some bad and some unintended”. Twenty years ago, the Dutch banking community was a relatively small group in which each person knew the very simple code. If there were any problems concerning the

IV. Bankers’ Codes: From Industry to Profession | 89

bank’s business then the Central Bank’s president would invite the bank’s CEO in question for an informal talk. If this happened more than once during the course of a year the CEO knew that he/she had done something wrong and that some operations need to be revised. In the old days the codes in banking were informal and often embedded in national traditional practices. The president of the Dutch Central Bank would invite you – as a bank CEO – for a cup of tea and at that time, you would immediately think “Oh my God. Something is wrong!” And then, when you were having that tea, the president would tell you, for example, “We have been looking at your business in Brazil, and we suggest you look at it again”. As CEO you would immediately go back to your business and tell your directors: “We must immediately stop all ties with Brazil!” This to show the central bank that you had understood the message. But those days are no more. The world has evolved and has become more international, with the Dutch market opening up new banks, with new bankers, new international competition and new small competitors who have never known these informal codes. The 2014–15 update of the Dutch Banking Code brought many changes. The most significant one was the declaration addressed to top management on how they should conduct their business and behave as a banker. The Dutch Banking Association was keen to improve conduct and tone significantly at the very top of a bank. This approach was new and adopted by the Dutch Banking Association despite banks being already supervised by the Central Bank.

The Oath In the initial 2009 Banking Code the executive and non-executive board members were bound to a moral-ethical declaration. But the 2014 update was far more ambitious and included something that no other country had done yet: an oath for bankers. The change of the declaration in the initial Banking Code to an oath in the new Banking Code was extremely controversial as it had usually been done only for doctors, politicians or lawyers. The oath comprised a simple set of rules of practice. At that time I was sceptical about making the oath happen as I considered it not fitting for a banker, legislation being a social reality that is imposed contrary to self-regulation. But at that time a book called ‘The Bankers’ Oath’ was very popular among members of the Dutch Parliament. Consequently, the parliament was encour-

90 | Wim Mijs

aged to see that the Banking Code’s top management declaration could evolve and become an oath. So when the green light was given we modelled the Bankers’ Oath on the basis of the Dutch oath for civil servants. It was intended for all employees working in the Netherlands with an employment contract at a bank licensed in the Netherlands. The oath was an opportunity for Dutch banks to show society what they stood for and for what they could be made accountable. The employees have personal responsibility for complying with the rules of conduct and can be held accountable for non-compliance. Dutch Bankers’ Oath: I swear/promise that within the limits of the position I hold at any time in the banking industry: I will execute my function ethically and with care; I will draw a careful balance between the interests of all parties associated with the business, being the customers, shareholders, employees and the society in which the business operates; when drawing that balance, I will make the customers’ interests central; I will comply with the laws, regulations and codes of conduct that apply to me; I will keep confidential that which has been entrusted to me; I will not abuse my knowledge; I will act openly and accountably and I know my responsibility to society; I will make every effort to retain and improve trust in the financial sector. So help me God/This I declare and promise. The oath/affirmation was taken/made in the above form on [date], at [place], before [name of person who administered the oath] in the presence of [name of other representative of the business or industry or professional organisation]. Furthermore, [name of the person] confirmed his/her acceptance of the enforcement of the codes of conduct by the Disciplinary Committee and the exercise of authority by the Director General pursuant to the disciplinary scheme in the banking industry codes of conduct. Name [signature]

The oath has been a significant tool in creating the new culture desired by the banking industry. A disciplinary scheme has since been introduced to ensure that taking the oath is not without meaning rendering bank employees accountable to society as a whole. The Bankers’ Oath is now operational. Bankers who have taken it see it as positive, although its long-term impact on the reputation of the banking sector remains to be determined. The most important element the oath has introduced is the prolonged dialogue between society and the banker’s community. This dialogue also touches every rank, from top management to middle management, staff and society overall. Each and every one is engaged in this dialogue.

IV. Bankers’ Codes: From Industry to Profession | 91

Rules of Conduct A friend who carries out consultancy work on culture and conduct once described a company which had beautiful core values and had even written integrity on the wall. He felt quite proud being in such a place and wondered what he could do with integrity in a company that already had defined its core values. He asked an employee “Do you believe in the values?”, “Do you have integrity?”. “No,” he answered, “in this company integrity is only present on the wall.” Imposing a text does not guarantee behavioural change. Only focusing on top management does not mean that the values will permeate throughout an institution. The tone set at the top of an organisation is essential but how do you know which employees are risk-takers whose conduct is regarded as material? The Dutch Banking Association considered this aspect central as it places the responsibility of disciplinary measures with each and every employee. The reason for the creation of both disciplinary measures and rules of conduct stems from the dissatisfaction of the Dutch Banking Association Board with the ‘hygiene’ in the banking sector. All of the board members were able to mention at least one or two people whom they considered wholly unsuitable for the banking sector. This story for example is well known among Dutch bankers. It involved a private banker who had become very close to one of his clients, an elderly lady. He took the decision to travel with her to Switzerland to transfer funds in order to avoid taxes. While in Switzerland, he took advantage of the opportunity to visit a notary with his client and made legal arrangements to become her heir, to ensure that he would be part of his client’s inheritance. His bank discovered what he had done and fired him. But a short while later, he found a new job with a competing bank. In this particular case, the first bank informed his new employer on what their new employee had done. In the old system there was no formal structure that prevented rotten apples such as this one from ending up in another basket. But now such behaviour would trigger eviction from our industry. With clear rules of conduct and disciplinary measures, it is possible to improve the hygiene in the banking sector. At the Dutch Banking Association we modelled the disciplinary sanctions on the basis of the disciplinary court of the Dutch stock exchange, where I was board member for many years. The most important aspect of this system is that there should be an end solution: the disciplinary measures. In short: if you have received disciplinary measures you will already have been fired. If you have caused any damage you will have a civil claim against

92 | Wim Mijs

you. And if you have a criminal record the penal law will be applied and disciplinary sanctions imposed.

Perfection requires change, often Today, the Netherlands is a prosperous country. In fact it still is one of the most prosperous countries in the world. Nonetheless it is facing major social and economic challenges. A stable, service-oriented and reliable banking industry is part of a society’s solid economic foundation is of common interest to all stakeholders, national as well as international. It is a challenge that we, as banking sector, face every day again. During 2015 more than 95 percent of the 85.000 people working in the Dutch banking sector took the oath, pledging integrity and promising to put clients’ interests first. By April 2016 all bankers will have taken the oath. Those who break the rules can now be held accountable as individuals under the disciplinary action scheme. That scheme is a clear response to society, but in reality only applies to the handful of bankers whose individual, sometimes criminal, actions, simply are not acceptable. More importantly, the introduction of the banking oath has had positive side-effects that are not to be underestimated. The oath has re-introduced pride in our sector! Banks have embraced the oath with great enthusiasm. All of them organized staff events in different ways, some for all staff, others for teams, each one matching their own corporate culture. Inside our sector, the oath has encouraged broad discussions on behaviour, on dilemma’s, on rules that work, and on those that don’t, and of course on the responsibility of bankers towards clients. The oath made each bank employee part of that discussion. The bottom line: Dutch bankers are proud again, and they are not afraid to show it. If the Dutch experience is anything to go by, it should be clear to critics like Ms Lagarde that fundamental changes are definitely taking place. The changes made in the Netherlands are deep and broad, and each banker in the Netherlands is aware of that. But it takes time for the effects to be recognized by the general public. Changes are also taking place at the European level, slowly but surely. As the EBF we are mapping national initiatives across Europe as well as developing a minimum set of recommendations for the European banking sector, inspired by the report drafted by Jean-Claude Trichet’s Group of Thirty on conduct in banking. As Winston Churchill once said: “To improve is to change. To be perfect is to change often.” Changes can never be perfect first time round. But I am convinced that the cumulative impact of all the changes already made, the changes

IV. Bankers’ Codes: From Industry to Profession | 93

that are in progress and the ones that are still to come are fundamental and transformational. Once the effects become visible they will help restore the banking sector’s damaged relation with society. I am confident that we have already started our journey in the right direction in the Netherlands. It will be fascinating to see how other countries approach this and introduce actions on behaviour and conduct that match their own cultural, economic and financial context.

Annex The Dutch Banking Code (January 1st 2015) Sound and ethical operation To build and maintain its position as a stable and reliable partner, a bank must formulate its mission, strategy and objectives. These focus on the long term and are expressed in part in the bank’s risk policy and the policy for sustainability and corporate social responsibility. A bank chooses its positioning such that its commercial interests and social role are extensions of each other. This is also expressed in the bank’s governance structure and guides the implementation of its policy based on its mission, strategy and objectives. The executive board and supervisory board are –with due regard for each other’s duties and powers – responsible for setting up a sound governance structure and compliance with the governance principles. The members of these boards will set an example to all of the bank’s employees and exhibit this in their day-to-day activities. The supervisory board will evaluate the way the members of the executive board are setting an example each year. The executive board and supervisory board are – with due regard for each other’s duties and powers – responsible for developing, communicating and enforcing standards on integrity, morals and leadership in the bank. In addition, they ensure there are proper checks and balances and they safeguard a solid IT infrastructure that is vital for the functioning of the bank. Among other things, thorough checks and balances mean that the compliance function is also safeguarded within the executive board and supervisory board. The executive board will promote responsible behaviour and a healthy culture both at the top of the bank and throughout its organisation. In this, it will consider the interests of the bank’s customers and other stakeholders. The supervisory board supervises this. A bank’s culture must also express the assumptions in the Social Charter of the Dutch Banking Association. These must be embedded in the bank’s organisation and the bank will include them in its contact with its stakeholders. It will provide an insight into the way in which the bank deals with the assumptions in the Charter. All employees will comply with the formal regulations and self-regulation that apply to them. The executive board and supervisory board are – with due regard for each other’s duties and powers – responsible for this. The executive board is responsible for employees being and remaining familiar with all rules, values and standards applicable to the bank and will continue to pay attention to this. The supervisory board supervises this.

94 | Wim Mijs

Supervisory board The supervisory board will be composed in such a way that it is able to perform its tasks properly. It will form a risk committee and an audit committee. The members of the supervisory board will be prepared and able to make sufficient time available for their duties and exhibit effort and commitment. They will at the same time be critical and independent. Each member of the supervisory board will be aware of the social role of a bank and of the interests of the various stakeholders. There are specific competence and experience requirements for members of the supervisory board’s risk and audit committees. Members of the risk committee must have thorough knowledge of the financial aspects of risk management or the necessary experience to permit a thorough assessment of risks. Members of the audit committee must have thorough knowledge of financial reporting, internal control and audit or the necessary experience to permit thorough supervision of these subjects. The chairman of the supervisory board will organise a programme of lifelong learning for all members of the supervisory board with the aim of maintaining their expertise at the required level and improving it where necessary. The learning programme will in any event cover relevant developments at the bank and in the financial sector, corporate governance in general and in the financial sector in particular, the duty of care towards customers, integrity, IT infrastructure, risk management, financial reporting and audit. Every member of the supervisory board will take part in the programme and meet the requirements for lifelong learning. The assessment of the effectiveness of the programme of lifelong learning will be part of the annual evaluation performed by the supervisory board. Future-focused Banking In addition to the supervisory board’s annual self-evaluation, the functioning of the supervisory board will be evaluated under independent supervision once every three years. The involvement of each member of the supervisory board, the culture within the supervisory board and the relationship between the supervisory board and the executive board will be part of this evaluation. Each member of the supervisory board will receive appropriate compensation for the amount of time that he or she spends on supervisory board activities. This compensation will not depend on the bank’s results. Executive board The executive board will be composed in such a way that it is able to perform its tasks properly. Each member of the executive board will be aware of the social role of a bank and of the interests of the various stakeholders. One member of the executive board will have the duty of preparing decision-making by the executive board on risk management. This member will be involved in good time in the preparation of decisions that are of material significance for the bank’s risk profile, especially where these decisions may result in a departure from the risk appetite approved by the supervisory board. This member may combine his or her function with other responsibilities, provided that he or she does not bear any individual commercial responsibility and operates independently from commercial areas. Risk management will also include a focus on the impact that systemic risk could have on the bank’s risk profile. The chairman of the executive board will organise a programme of lifelong learning for all members of the executive board with the aim of maintaining their expertise at the required

IV. Bankers’ Codes: From Industry to Profession | 95

level and improving it where necessary. The learning programme will in any event cover relevant developments at the bank and in the financial sector, corporate governance in general and in the financial sector in particular, the duty of care towards customers, integrity, risk management, financial reporting and audit. Every member of the executive board will take part in the programme and meet the requirements for lifelong learning. Risk policy A bank’s risk policy is characterized by a comprehensive approach, is transparent and has both a short- and long-term focus. The risk policy also takes reputational risks and non-financial risks into account. A bank’s executive board will be responsible for its risk policy and ensure proper risk management. The executive board will propose the risk appetite to the supervisory board for approval at least once a year. Any material changes to the risk appetite in the interim will also require the supervisory board’s approval. The supervisory board will supervise the risk policy pursued by the executive board. As part of its supervision, the supervisory board will discuss the bank’s risk profile and assess at a strategic level whether capital allocation and liquidity requirements are generally in line with the approved risk appetite and whether operations in general are in line with the bank’s risk appetite. In the performance of this supervisory role, the supervisory board will be advised by its risk committee. Audit A bank’s executive board will ensure that a systematic audit is conducted of the management of the risks related to the bank’s operations. To this end, a bank will have its own internal audit department with an independent position within the bank. The head of the internal audit department will report to the chairman of the executive board and also have a direct reporting line to the chairman of the supervisory board’s audit committee. The internal audit department, external auditor and supervisory board’s audit committee will consult periodically. The internal audit department will take the initiative in arranging talks with DNB (the Dutch central bank) and the external auditor at least once a year to discuss each other’s risk analyses, findings and audit plans at an early stage. The bank’s executive board and internal audit department will encourage these tripartite talks, aiming for a clear delineation of each other’s duties and responsibilities. Remuneration policy The bank will implement a detailed, restrained and long-term remuneration policy that is unambiguous and transparent and in line with national and international regulations. The remuneration policy will have a primarily long-term focus and be in line with the bank’s risk policy. It will incorporate an internal and external balance of interests, taking into account the expectations of the various stakeholders and social acceptance. It will also take the relevant international context into account. The total income of a member of a bank’s executive board will at the time it is set be below the median for comparable positions inside and outside the financial industry, taking into account the relevant international context. The variable remuneration of a member of the executive board will be set in accordance with national and international regulations.

96 | Wim Mijs

neue rechte Seite

V. Supervisors and Boards | 97

| V. Supervisors and Boards V. Supervisors and Boards

98 | Wim Mijs

V. Supervisors and Boards | 99

Sir Paul Tucker, Chair of the Systemic Risk Council

Banking Culture: Regulatory Arbitrage, Values, and honest Conduct Sir Paul Tucker

I am glad to be at this timely and important conference. Let me begin by saying that, on my reckoning, we are about a third of the way through the long period that it will take for finance to adapt to the postcrisis world, and for those outside finance to get comfortable with it again. This matters to assessing where things stand on establishing and embedding better conduct across the industry. Back in 2009/10, when the reform programme was getting going, I thought the whole process of adjustment to a reconfigured equilibrium would take around a quarter of a century. Eight years after crisis broke in the summer of 2007, my view hasn’t changed. At a technical level, not all the planned reforms are quite in place yet; there are, for example, outstanding issues such as the resolution of clearing houses and how far to constrain shadow banking. At a political level, it remains to be seen whether the US Presidential election race affects the terms of trade for finance. Even if none of that were so, important forces are yet to play out in the markets themselves. At the macro level, it will take some years for monetary policy and, thus, relative asset prices to normalize, and perhaps even longer to find out whether productivity growth will return to anything like its previous trajectory. And at the micro level, it will take time to see whether the shape and size of banks and banking are materially affected by the market discipline that higher equity requirements and new resolution regimes are designed to harness. For financial intermediaries themselves, all that means that unavoidable uncertainty hangs over business models and strategies. That is highly germane to this conference’s focus on conduct and culture because, although the new legal regimes for conduct seem to be settled, the rewards and incentives facing workers in the different parts of finance cannot yet be clear. We know more about the legal constraints on conduct than we know about the temptations financiers will face. In consequence, the deep culture of finance, the subject of this conference, is still being shaped. In these comments, I therefore want to explore the role of leadership, values and incentives in getting us back to honest and sound finance. The half-life of the unease and anger prompted by finance’s failures is not short, which means that how leaders lead over the next half-decade or so could make a big difference.

100 | Sir Paul Tucker

1. A memory That something went badly wrong over the past 30 odd years is brought home for me by recalling a moment from my two-year secondment to Barings merchant bank during the mid-1980s. One day one of our more senior colleagues came out of his cubicle groaning something like, “Oh no, we’ve been sent the other side’s draft document”. I don’t remember what the deal was, but in a takeover battle the printers acting for the opposition’s merchant bank had mistakenly sent us one of their key documents. The response was to put the document back in the envelope without reading it, and to call our counterpart to let them know. I just wonder how many houses would do that today. That episode would have been during 1985 or ’86, before the Big Bank reforms of London’s securities markets took effect. And I recount it partly because I have long thought that during that period the UK made a great mistake on its regulatory architecture. Some years before the Big Bang, Professor Jim Gower had been commissioned by the government to review the structure of investorprotection regulation, prompted as I recall by some scandals in retail finance. The proposed solution was that a number of Self-Regulatory Organisations (SROs) should be established, operating under a statutory umbrella. The problems with this were twofold. It is doubtful whether, in any circumstances, effective SROs can just be wished into existence by government, regardless of whether they have organic origins and authority to draw upon. But in any case, the premises behind the structure were invalidated by the Big Bang, which was planned after Jim received his commission but before the Financial Services Act 1986 came into effect. With the doors of non-bank finance flung open, and long-standing commercial relationships upturned as a result, club-like policing structures were no longer viable. What London needed then was not a collection of shallow-rooted SROs, but a regulator modeled broadly on the US’s Securities and Exchange Commission: a statutory agency charged with keeping and empowered to keep finance clean. A step in that direction was, arguably, attempted in 1998, through the establishment of the Financial Services Authority (FSA). But, as an integrated regulator, charged with everything from stability through fairness and efficiency to honesty, in both wholesale and retail markets, across every sector of finance, the FSA was overloaded, to put it mildly. So only now, through the new Financial Conduct Authority, does London embark upon a road that might have been charted 30 years ago. Over those three decades, ground has been lost. The mores, norms, values, ethics, rewards, incentives of finance have all changed.

V. Supervisors and Boards | 101

That is a pessimistic point of departure for some reflections on where we are and what might be done.

2. Trust and incentives: a pessimistic starting point If there is a lack of external trust in finance, then the social standing of working in finance will be low, other than amongst the denizens of the sector itself. With no intrinsic reward, incentives will need to come from money and punishment. The big question is whether we can invert this, and I suspect that we can, at least for parts of finance. Where a sector operates on the basis that the only reason for working in it is to make money and where the only impediment to wickedness is punishment by regulators or via the courts, an industry is likely to put little or no weight on virtue or values or duties to society. And in those circumstances, the sector is likely to be regarded with distaste by people in other walks of life. This is a world where the talk is of incentives, but in which incentives are conceived narrowly and crudely. So narrowly and crudely, in fact, that even if the result were conduct within the law and in compliance with the rules, it would amount to law-abiding behavior in a values-free zone. That is a terribly fragile basis on which to erect global finance. Not least it assumes that the credibility of enforcement is constant over time and across jurisdictions. Casual empiricism suggests that that condition does not hold. But if enforcement is episodic or uneven, then we should expect standards of conduct to lapse, perhaps disastrously, at some point again in the future. What I am suggesting is that if we are to achieve something like honest business (and I deliberately say ‘business’, because the problems go well beyond the financial sector), then either – We need people to be rewarded less in money and more in social standing, or – We need arrangements that ensure that enforcement of conduct rules and laws is consistently credible over time and across jurisdictions. The first entails addressing a profound market failure (in fact, the inability of market processes alone to generate the conditions for their existence). The second entails remedying a global government failure.

102 | Sir Paul Tucker

There are those – and we cannot rule out that they are correct – who will judge that our societies have moved beyond the point where the first course is feasible. That is to say, on that view we might have become societies where good business ethics can’t be grounded in societal values, although good business practices might still be induced by fear and narrow self-interest. I am not convinced that we could or should leave it at that. Unless society is confident that it can rely over the decades ahead on consistent coercion alone, we have to take the opportunity of a period of more rigorous enforcement to incentivize decent behaviour and, thereby, to induct the values that would embed that decency. To that end, I shall air some suggestions for what firms should put behind them and what they might begin to do more of. I do this recognizing that it won’t be easy. Quite apart from the collective-action problems that impede even the virtuous from acting alone, which I shall discuss towards the end of these remarks, the rules-arbitrage that is part of daily life in finance is corrosive of healthy values, or so I shall argue. To take the argument forward, we need to reflect on the role and unintended effects of rules in financial regulation.

3. The role and place of rules in regulation Nearly every regulatory regime has, in my view, got into a muddle about the role of rules. Indeed, I think there is a dilemma that requires urgent but deep debate, and where the regulatory authorities almost certainly need the help of legislators.

The corrosive effect of rules arbitrage I will assert three bold propositions, and then go on to explain them. They are: a) Rules are ineffective in the preservation of stability b) Rules are essential in the regulation of conduct c) The prevalent use of rules in prudential policy has contributed to corrosive cynicism about rules in general and so about conduct rules. Over the past quarter century, and especially since the late-1990s, rules have become the standard instrument of prudential policy: a model of write rules, monitor compliance, enforce against breaches. I believe this model to be fundamentally flawed. A regime designed to preserve financial stability starts (or should start) from a societal choice – a political choice – about how resilient the

V. Supervisors and Boards | 103

system should be. That standard of resilience should get cashed out in regulatory measures for different parts of the financial system. For banks, those measures include minimum capital ratios, minimum liquidity ratios, and so on. So far, so good. But when those measures are framed in rules, and when firms are confident that the rules will be applied narrowly, to the letter as it were, epidemics of regulatory arbitrage follow. That is so whether the rules are complex or simple. If the rules are complex, regulated firms have incentives to take risk in forms that reduce, say, their regulatory capital requirements even when nothing material has changed economically. If the rules are simple, they have incentives to take risk via routes that simply step around the constraint; say via the composition of asset portfolios if they are subject to only a cap of their total assets/equity leverage. Meanwhile, unregulated firms have incentives to structure their activities in forms that replicate the economic substance of banking, insurance or whatever, but leave them outside the regulatory net. This might be termed ‘regulatory avoidance’. It can have very high social costs, through instability and macroeconomic downturns. It is not an offence. Even if it were an offence, enforcement after the fact cannot undo the social and economic costs. The prudential endeavour is, in its essence, prophylactic not retributive1. But, in any case, regulatory avoidance is not an offence under a rulesbased regime. Conduct regulation is quite different from stability policy. Whether in wholesale or retail markets, it is vital that participants, customers and counterparties know the rules of the game. If something goes horribly wrong and it turns out that there was a gap in the rules, the rules need to be adjusted, but without retrospective effect. All this is central to the rule of law, and conduct regulations are, of course, legally binding rules issued by agencies under authority delegated by legislatures. It is delegated law-making. Breaches are to be punished, partly in order to deter bad conduct. I put it to you that an environment in which arbitrage around prudential rules is endemic – a normal part of life in financial firms – fosters a culture of cynicism towards regulatory rules in general, a culture where concepts of ‘right’ and ‘wrong’ get blurred, eroded and infected. If this is correct, it is a high cost to pay – on top of the crisis of instability – for the false turn taken by prudential supervision. But it points to some prescriptions for the regulatory regime, and for boards.

_____

1 For a more complete account of this, see Tucker, “Micro-prudential versus Macro-prudential Supervision: Functions that make sense only as part of an Overall Regime for Financial Stability”, Boston Federal Reserve Bank conference, 2–3 October 2015.

104 | Sir Paul Tucker

For the institutional architecture of regulatory regimes, it underpins the case for separating conduct regulation from prudential supervision. Workers in firms need to grasp that the rules of a conduct regulator are not the same kind of thing as prudential and stability policies. They are not fair game. As to the boards of regulated firms, I would urge them to give up on regulatory arbitrage and the cynicism that it fosters towards society’s ends and the people’s welfare. This won’t be easy, and I can hear industry leaders and participants complain that they won’t know where to draw the line. But it is hard to believe that firms don’t know when they’ve retained the bulk of the risk or the tail risk while escaping the regulatory tax. And if they don’t know, from a prudential perspective they shouldn’t be in that line of business since either the firm as a whole can’t analyse the risks or management can’t keep track of what middle management and workers are doing. In other words, by eschewing pervasive arbitrage of prudential policies, boards and executive leaders would help to foster a less cynical approach to rules in general. Commercially, by giving up some of the superficial gains of prudential arbitrage, they might well reduce the probability of conduct fines and reputational damage. But what of the conduct regime itself? I believe that that too needs deep debate and deliberation. Indeed, whereas the whole approach to stability policy has been debated and reformed somewhat since the crisis, I wonder whether there might have been less debate on the optimal high-level structure of a conduct regime. Please excuse me if that debate has occurred.

Replacing ‘Rules versus Principles’ with ‘Rules and binding Principles’ One way of summing up the difference between prudential supervision and conduct regulation is that for the former it is the spirit that matters, whereas for conduct it is the letter of the rules that matters at any particular time. There is a lot of truth in this, but it would be reasonable for people to complain that, however detailed, conduct rules are always open to interpretation and, thus, that those working in finance will search for loopholes and, what’s more, are entitled to do so. This has been central to a debate that has being going on for decades about the relative costs and benefits of rules-based regulation and principles-based regulation of conduct in financial markets. A number of countries have flipflopped between the two approaches over the past thirty years.

V. Supervisors and Boards | 105

The familiar problem with principles is that they leave too much vague and underdetermined when, as I have argued, uncertainty should be minimized in the area of conduct regulation. The familiar problem with a regime of detailed rules is that it gives rise to artful interpretations, creative loopholes, and thus sows the seeds of its own demise. Further, it gives rise to an industry of expert advisors with a narrow commercial interest in preserving this kind of regime – an articulate lobby for the status quo. The truth is that the spirit of the rules ought to matter in the conduct arena too, because society expects it to. But we can’t just leave it to regulators to construe their own rules with whatever they perceive to be their spirit; that kind of discretion shades into arbitrary power. What then should or could be done, or are we simply stuck? One possible route would be to combine statutory principles with detailed regulatory rules. A set of Principles would be enacted in primary legislation, with a statutory provision – binding on the courts – that the detailed rules promulgated by the conduct regulator must be interpreted in the light of those Principles. So far as I know, this legislative structure has not been attempted in a major jurisdiction. It does not give rise to the radical indeterminacy that afflicts non-statutory principles, since the rules reduce open-ended uncertainty. But the interpretation of those rules is tied to their social purpose, as instantiated in the statutory Principles. It leaves the courts as the final arbiter of how the Principles should be construed, but it gives legislatures not regulators the responsibility of framing and specifying those Principles. I would think that it is worth exploring2.

4. Principles, practices, and ‘value statements’ I want to suggest that a determined shift away from regulatory arbitrage, underpinned by regulatory reforms along the lines I have been describing, might have the effect, over time, I stress over time, of helping to give values a place within the culture and operation of financial intermediaries.

_____ 2 I first encountered this thought in discussion at Australian National University with John Braithwaite, who has canvassed it in the field of tax evasion versus avoidance. See J. Braithwaite, Markets in Vice, Markets in Virtue , Sydney and New York, Federation Press and Oxford University Press, 2005, especially Chapter 10, “Reforming the Law”; J. Braithwaite, “Making Tax Law More Certain: A Theory”, Australian Business Law Review, 31(2), 2003, 72–80; For the initial and more general formulation that goes beyond tax: J. Braithwaite, “Rules and Principles: A Theory of Legal Certainty”, Australian Journal of Legal Philosophy, 27, 2002, 47–82.

106 | Sir Paul Tucker

Before suggesting some other changes to business practices, I want first to explain how incentives might be used to forge values. Please excuse a detour away from finance for a moment.

The forging of values via incentives There is a respectable body of work that seeks to explain the development and purpose of moral values and practices in terms of their positive effect on our collective welfare. We live together, civically and politically, and need norms and conventions for doing so: to avoid Hobbes’ state of nature, if you like. This view can seem horribly cynical, resting morality on little more than its instrumental benefits. But it seems plausible that we reap those benefits only if we (or at least most of us) come to believe – truly, genuinely, sometimes deeply believe – in those values. Whereas driving on the right (or left) hand side of the road is a convention that we would ignore at our peril but is hardly the stuff of values, ‘thou shall not murder’ runs deeper. According to one’s view of these things, our values are reinforced by our practices even if they do not always arise wholly from them. When it comes to finance, things are in such a mess that both forging and reinforcing seem apt. For some people in finance – and surely they exist – their already sound values need to be reaffirmed and reinforced in the environment around them. For others, decent values need to be induced and inducted. Incentives can play an important role in this. It seems, and perhaps this is putting it mildly, that there is a big negative externality when weak or inconsistent enforcement of rules combines with transformational remuneration to non-entrepreneurs: the bad externality is ethics-free finance. Society needs to flip the process, aiming to secure a positive externality by first changing the incentives. If enforcement of rules and reduced pay can alter the incentives, statutory Principles, governing the interpretation of those detailed regulatory rule-books, can provide some of the content of the values that society wishes to restore and embed. In other words, our legislatures should codify in high level Principles the values they want to embed in finance. This isn’t just for the big financial centres. Indeed, it is not implausible to think that however thoughtful and determined the efforts of legislators, regulators and business leaders in those centres, it will be harder and take longer to achieve the desired cultural change there. Their heterogeneity, which is the very source of some of their commercial strengths, can dilute civic values and the peer pressures that can prevail in smaller communities. But what we have heard

V. Supervisors and Boards | 107

during this conference about the changes in the Netherlands and elsewhere offers the possibility that initiatives in the big centres, as set out at recent conferences on both sides of the Atlantic, can be reinforced by the efforts to reforge community values in smaller financial centres.

Getting out of doors: inducting civic virtue At this point I want to draw on another recollection; one which signals another dimension of the problem. In the pre-Big Bang world I was remembering earlier, there were lots of medium-sized firms. The heads and deputy heads of those firms represented them in and, therefore, to the outside world: to politics, the authorities, the public, and to their peers. As they did so, they (or some of them at least) discovered that they had a stake – a stake deriving from the social role they played and the social standing that could go with it – in the health of the system itself. As I like to put it, a world of many firms meant that many people had to go ‘out of doors’. Doing so immersed them in a valuable process of civic socialization. In a world of a few massive firms, my guess is that far fewer people in the industry feel that they personally have a stake in the health of the system. Far fewer people go out of doors. Being the head of a gigantic desk with layers of management above you does not easily give you the same sense of belonging to a system that comes from being at the helm of a modestly sized firm competing with similarly sized firms. If that’s even broadly correct, it poses the question of how to get those people out of doors, how to give them a stake in something bigger than their takehome pay and the living standards of their children and grand children. It is when one looks at it like this that the thought that motivates calls for finance to become a profession, requiring years of training like medicine or the law, is not so completely crazy. Finance is so hugely important to our economies and societies that we need each scandal to be an affront to workers in the industry: not just to their interests, not even only to their values, but to their sense of who they are, their identity. And I don’t doubt that it was for some. This is why the public outcry is valuable. And it is why pay needs, somehow, to come down, so that being rich can’t compensate for society’s distaste, and so that society’s valuing the contributions of financiers can mean something again.

108 | Sir Paul Tucker

Stories and ‘value statements’ One way to help embed values within a firm is for its leaders to share stories of its past with those coming up through the ranks, underlining what worked, what the firm is for, its heroes – stories they believe and which matter for them personally. If a firm has no history, with each generation detached from its predecessors, today’s incumbents are just passing through, grabbing what they can on the way: consuming rather than investing in the firm’s reputation. They are unlikely to value what they leave behind once they have taken what they can – an environment in which some might even risk trashing the firm’s standing for personal gain if it carries no value for them, if it matters not a jot to them being able to say later in life who they worked for, how they chose to spend their working life. One might say: if that were unavoidably the case, better for each generation to have to start a new venture, with each financial intermediary having only a finite life. If policy makers instinctively reject a mass break-up of firms of any size because of the transactions costs and uncertainties for society, those costs must be set against the costs of history-free and so values-free firms. If that course is rejected, it must be because we trust business leaders to turn culture around. Leaders lead in part by drawing on those parts of the past that are useful to facing the future. Let me repeat: a firm with no remembered history is unlikely to be a firm that, as a firm, a collective of individuals working together, has values. There is something faintly ridiculous about senior management teams sitting around, in some odd imitation of Kantian philosophers, drafting ‘values statements’. There is something slightly sad about management using staff ‘focus groups’ in order to discover what values might be embedded in the firm they lead but don’t know. And there is something distinctly eerie about bringing in consultants to help draft ‘values statements’, which I assume some firms do since such consultancy services seem to exist (although one wonders about the delusion or cynicism they risk carrying in their own corporate DNA). I should emphasize that I believe that Values Statements can be useful, might play a role in resurrecting honest finance, and that staff are a vital part in affirming and sometimes constituting a firm’s values. But such Statements need to reflect and draw on the values truly found in their particular firm, and so in its history, in its stories, not just peddling what they think society wants to see. And where it turns out that no values worth having are truly embedded, if a firm has no more to fall back on than ‘make money’ and ‘obey the law’, better to face up to that, better for leaders to start from the beginning. These issues can certainly afflict small firms, but they seem likely to be more prevalent amongst conglomerates with disparate lines of business based on dis-

V. Supervisors and Boards | 109

tinct business models. And they are probably harder still to overcome in those conglomerates formed through an extended sequence of mergers and takeovers, in which either no organic culture survives at all or plural and probably rival cultures persist here and there around the group, perhaps for years. These are hazards of capitalism, and, I repeat, are by no means confined to finance. But for finance, perhaps because crisis and scandal came together, as it did in the 1930s, the public has been saying that it is their business too, that the spillovers matter. And, in any case, because financial services firms enter in contracts with their customers that are often long-term or otherwise rely on trust, finance has a clear interest in addressing these problems. Look at it another way: everyone is a customer of finance, so the customers who bear the private costs are also, in our democracies, the voters who elect our governments after they have borne the social costs. The leaders of financial firms carry that with them as a basic condition of being in business.

5. The terms of trade between firms: ending mercenary poaching Against that background on how incentives and values need to support each other, I want to go through one further set of issues and the corresponding set of actions that business leaders could usefully take. I believe the issue matters in itself, but it also helps to highlight the collective-action problems that likely plague any efforts to address the subject of this conference. One of the more striking features of modern finance (indeed, modern commerce) is whole teams moving from one firm to another. Poaching in the sense of active soliciting is no doubt denied, and perhaps that’s correct in a strictly legal sense. But something not a million miles away plainly goes on under a common sense understanding. I suggest that this matters to culture, values, honesty because if groups of young (and not so young) people are treated like mercenaries, we shouldn’t be surprised when they think and behave like mercenaries. The habits of thought and conduct that we associate with mercenaries are, I would suggest: technical proficiency; dedication to the task at hand; orientation to immediate, visible results; being paid partly at the end of the assignment, and partly upfront to get them to turn up; indifference, beyond the terms of their contract and its enforceability, to whoever has hired them; calculated personal risk-taking weighed in terms of expected financial returns; services granted to the highest bidder.

110 | Sir Paul Tucker

In a field without widespread economic and social externalities, one might ask who cares. But in finance, the social costs can be high, so it is of wider interest, for all the reasons covered already. Boards could help by deciding that their firm will not poach teams or, if approached, will not buy teams. There are two objections to this, one more serious, because less tractable, than the other. The first objection could well come from the members of teams themselves, some of whom might with reason argue that their individual value in a market economy is far greater as part of a team of specific individuals. My answer to that is, broadly: then set up outside on your own, becoming entrepreneurs. This, after all, is capitalism. To the complaint that this would constrain their rights under employment law, I think the response is: this is about norms not laws.

Pay and collective-action problems The second and more serious issue is that there is a collective-action problem here. Why would Firm A give up poaching/welcoming mercenaries if Firms B, C etc show no sign of doing so? One possible answer is that the stewards of Firm A might see it as being in their interests, nevertheless, to give up poaching since it would save them a lot of reputational and financial tail risk over the longer run. I’m not confident of that, as it is, perhaps, just as likely that Firm A’s honest management would persuade themselves that their culture would socialize the teams they had hired rather than vice versa. If that’s right, it would seem that some kind of industry-wide cultural adjustment is needed; perhaps an informal practice of self-restraint that becomes, with time, a norm. A collective-action problem infects pay more generally. I would not be hugely surprised if not a few industry leaders thought that pay is out of control. I would even speculate that they would quite like to see or at least would not oppose a recalibration; having already become super-rich themselves, their interests and incentives have changed, after all. But it is hard to believe that any such reflections could give them reason to act alone. Massively invested, as many are, in their particular firm’s equity, they would personally see their wealth fall if, having acted alone to cut pay, their staff crossed the road to their rivals. The metaphor of not daring to leave the dance floor while the party is going works no less here than for the herd-like risk-taking behavior that preoccupies stability-policy. I suspect that even if they wished to do so, anti-trust law might prevent industry leaders getting together to discuss this. But, in any case, isn’t the very

V. Supervisors and Boards | 111

thought of a recalibration in pay a pipe dream given the globalization of finance and the different values characteristic of the various societies in which internationally active firms are domiciled?

Incentives redux: stability policy and conduct On this front, perhaps the best we can hope for is the operation of market forces that might be set up by the new policies for stability. The changes to balance-sheet constraints (capital requirements etc) and to resolution policy (in particular bail-in of bonded debt) can prospectively reduce the headline return on equity (but not necessarily risk-adjusted returns); push equity holders to demand that they get a great share of the pie, with less left over for rent extraction by management and staff; and, separately, focus capital markets on whether economies of scale and scope do really exist. Depending on how those forces are transmitted, it is possible that the new steady-state will reduce agency problems within banks and dealers, and reduce remuneration packages. By their nature, the lags in the transmission of these forces are, as central bankers like to say, long and variable. An important question, therefore, is how much patience society has. I would guess not much, which is reason enough for business leaders to think about what practices to jettison.

6. Boards and regulators Where does all this leave boards and regulators, and the relations between them? If what I have been surveying is no more than one reasonable approximation of the problem, there is a long process of adjustment ahead. I will conclude, therefore, by listing some of the concrete suggestions I have aired, and what it means for board-regulator relations. Boards picked up the following objectives on the way: • Give up systematic regulatory arbitrage • Reward middle management for their contributions in industry bodies as well as their contributions internally, but reward them by making it a precondition for progression in the firm and do not give financial rewards to those who decline management responsibility and the external roles it entails. • Give up poaching whole teams • Be ready for a systematic reduction in pay

112 | Sir Paul Tucker

•

Encourage executive leaders to convey the values-affirming stories in the firm’s history; and if there is none to speak of, face up to it and make a new beginning.

It is sometimes suggested that boards and regulators have shared objectives. This is over-stated. Boards are trying to maximize shareholder value; that is what directors get rewarded for, not only through remuneration packages but also through appointments to other boards. Regulators, by contrast, have duties to society. Not inchoate duties or duties that they make up for themselves, but duties to deliver the specific statutory objectives given to them by legislatures. Those responsibilities need to be clear, meaning that the outturns can be monitored and that high-level trade-offs amongst society’s values are not left to unelected officials. Regulators have an interest in getting legislators to do a better job at this. A fit-for-purpose legislated framework would give powers to regulators to remove members of management and boards on ‘fit and proper’ grounds. This is not enforcement as punishment, with its particular burden of proof, but regulation as warranted prevention: de-authorising individuals before they have done damage. I think the UK is trying to resurrect this approach. I am not sure such powers exist in all jurisdictions. Those two points – about mandates and powers – are related. Clearer objectives would make it easier to give regulators greater discretion in exercising adjudicatory powers, including crucially in relation to powerful managers and directors. That would help to harness the incentives of board members to society’s sense of right and wrong, which is a necessary pre-condition for finance to remain part of the market economy and – the reason this all matters so much – for market economies to thrive. And if, as I suggested, detailed rules could be backed by statutory Principles, society’s sense of right and wrong would be decided where it ought to be decided: in our legislatures after rich public debate. If, as I suggested, most likely we are only a third of the way through the adjustment that finance faces and needs, there is absolutely no reason to lose hope or faith. Although I have raised questions about the design of effective statutory conduct regimes that I believe warrant debate, the authorities have done a lot of the heavy lifting within the terms of the prevailing regimes. The next phase is for business leaders, who have a great opportunity to remake finance.

neue Seite

V. Supervisors and Boards | 113

Douglas Flint, Group Chairman HSBC Holdings plc.

Changing Corporate Behaviour – the Role and Importance of Governance Douglas Flint

You will note that in the title for my remarks I have avoided using the word ‘culture’. This is intentional. Culture has become an all-encompassing term to exemplify all that is wrong with financial services, yet a moment’s reflection would expose that this is far too simple and sweeping a concept to apply reliably to organisations as large and diversified as today’s leading financial firms. Instead I want to concentrate on behaviours as it is the aggregate of all behaviours that defines what we think of as organisational culture. Society judges organisations such as banks based on the outcomes that they have experienced against the outcomes they expected. Outcomes are clearly impacted by behaviours and expectations of future outcomes reflect experience of how organisations respond when expectations are not met. A financial services organisation cannot control outcomes in every scenario given unpredictable market forces but it can seek to control its employees’ behaviours. It does this through recruitment policy, training and performance management, all designed to set the organisation’s standards regarding the behaviours that are expected. Equally important is making clear how the organisation will respond if standards of behaviour are not met. The nature of the response has to be seen to be consistent, irrespective of the seniority of the wrongdoer or the success of outcomes attaching to the poor behaviour. Trust, essential to a properly functioning financial system, breaks down when society’s expectations of outcomes are regularly not met, and when the system’s response is seen as inadequate or dismissive. Banks, their supervisors and policy makers have a joint responsibility to set and agree standards of conduct and define the behaviours which will lead to outcomes that will meet society’s expectations. Following the global financial crisis most of the focus has been on the breakdown in trust between banks and society. However, three other major breakdowns in trust occurred which are important to understanding how corporate governance in banking is changing. • First, executive management discovered weaknesses in their control systems of which they were unaware. This led to lack of trust in these systems as managements were humbled by what they did not know. • Second, Boards began to worry if they could trust executive management – were failings hidden from the Board or did executive management not know what was going on – either conclusion was deeply damaging to trust in the effectiveness of governance as it had been practised.

114 | Douglas Flint

•

Third, supervisory authorities lost faith in the effectiveness of Board oversight and governance – what value was it when so many failings occurred?

One of the inevitable and damaging consequences of this breakdown in trust in the reliability of control systems and governance was the elimination of the previously collaborative relationship between both executive management and boards and the supervisory authorities as the latter sought to avoid any perception of regulatory capture. Supervisors also began an exhaustive process to redefine their expectations of Boards. Today, seven years post crisis, a collaborative relationship is being restored – indeed if it were still the case that supervisors do not trust boards that would be an unacceptable failure of regulation as it would evidence that boards had not been refreshed with the right calibre of director. In reaching this better position we have seen a variety of approaches across the world. • In Asia, there was an increase in dialogue. There were few barriers to this simple approach given that Asia had largely not experienced the losses or the behaviours seen in Europe or the United States. Moreover, Asian financial systems were substantially more profitable, were delivering what was expected of them and were offering good returns to shareholders. • In the UK, we saw significant public policy intervention through legislative and regulatory actions – structural revisions to the banking industry through the Vickers Committee, conduct changes enacted following the Parliamentary Commission on Banking Standards and the creation of a Senior Managers Regime framework to improve personal accountability. • Europe also explored structural reform – still in train – and imposed restrictions on the design of banker compensation and mandated longer deferral of incentive compensation to afford the opportunity to ‘claw-back’ bonuses subsequently found to be undeserved. • In the United States, regulators made Boards directly accountable for resolving ‘matters requiring attention’ as opposed to overseeing executive management doing so. In addition to all of the above, the actions of regulatory and prosecuting authorities through censures, fines and prosecutions drew significant public and political outrage towards the banking industry. The consequential damage served to place conduct and culture issues at the top of Board agendas if for no other reason that repeated offences would draw personal sanction and risk loss of licence to operate in critical areas.

V. Supervisors and Boards | 115

In practice, in the case of HSBC as an example, addressing these issues has greatly impacted the manner in which the bank’s risk appetite is framed and executed and the way the Board applies its governance duties. • We have critically examined and curtailed the number of countries and businesses we serve to avoid areas where risk management is more difficult to perform; • We have increased the formality of evidencing customer choices to avoid mis-selling risks; • We are exploring how best to monitor and measure the behaviours that are seen as indicating ‘culture’. • We are exploring how best to harness the expanded capabilities of new technology and ‘big data’ to improve risk control in customer screening and needs identification; • We are working to demonstrate that the ‘value exchange’ between the bank and our customers is both appropriate and can be justified. It terms of Board governance we responded to the issues we faced by creating two new Board committees to concentrate attention on areas of increased public policy and regulatory concern. • In 2013, we established a Financial System Vulnerabilities Committee to address financial crime risks, including cyber risk. • In 2014, we set up a Conduct and Values Committee to look at issues that could be root causes for unacceptable behaviour. Public Policy also responded by encouraging industry co-operation in new initiatives to define best practice standards of behaviour. This led to the creation of the Banking Standards Board and the Fair and Effective Markets Review, both in the UK. In judging whether these initiatives will achieve the improvements required, it is worth considering whether there are constraints to achieving the outcomes we all seek. The following are worthy of note. • Whether there is clarity in expectations amongst firms, stakeholders and the public – if we don’t know where we are heading, we might not get there. (Apologies to Yogi Berra) • Is it possible to apply a single set of global standards given different legal frameworks, market sophistication and risk cultures? • Has public policy set an expectation of ‘zero tolerance’ to errors that is both unrealistic and constraining on public policies around financial inclusion? • Have we done enough to define what we want the financial system to do as opposed to making clear what we don’t want to occur? A system that

116 | Douglas Flint

•

• • •

•

permits everything that is not banned is unlikely to be optimally designed. Does demonization of an industry, based on the actions of a few, create morale issues among the vast majority of employees who strive to deliver what is expected of them but feel under increasing pressure from what is often seen as retrospective application of newly formed standards? Can, indeed, should we expect a distinction between standards of conduct in retail as opposed to wholesale markets. Ever more detailed rule books don’t seem to work so how can we get confident with supervision based on the application of principles? Have we got sufficient supervisors with appropriate experience to oversee what we want to see and if not, is the gap in pay between the official sector and the private sector a barrier that has to be overcome to prevent high turnover in senior supervision staff? Does the buy-side community focus sufficiently on qualitative measures such as conduct as opposed to financial outcomes? If not how do we change this?

The challenges outlined above illustrate the complexities involved in setting expectations around behaviours and evidencing whether these expectations are being met. We have reached a point where, to address these challenges, we need to continue to extend the interaction between the industry and its supervisors. I believe we now have clarity on shared objectives. Closer interaction between supervisors and Boards is now needed to build confidence that there are both shared values and a consensus around the destination being worked towards. Only once supervisors have the confidence to say that bank ‘culture’ is heading in the right direction will the public change its perceptions of the industry, perceptions that must change if the industry is to play the role society has the right to expect in the economies served.

neue Seite

V. Supervisors and Boards | 117

Sylvie Matherat, Chief Regulatory Officer and member of the Management Board, Deutsche Bank AG

It’s all about Trust Sylvie Matherat

I greatly appreciated the opportunity to moderate the panel “Supervisors and Boards” at the ILF Conference “Towards a New Age of Responsibility in Banking and Finance: Getting the Culture and Ethics Right” in November 2015. I had two distinguished discussion partners in Paul Tucker, Research fellow at the Harvard Kennedy School, and Douglas Flint, Group Chairman of HSBC Holdings plc. They have contributed excellent articles to this book which lay out their arguments much better than I could do in a short summary. But let me stress some of the issues which I deem to be of special importance. Crucially, we always came back to one thing: trust, or rather, a lack of trust. The current lack of trust in the industry is obvious. Almost eight years after the outbreak of the financial crisis, and more than six years after work started on supervisory and regulatory reform, trust still has not returned to the financial sector. We are only a third of the way through the process of applying reforms, which poses a major challenge not only to the economy, but also to society as a whole. How can we regain trust? What does society expect from the industry and how can management and supervisory boards on the one hand and supervisors on the other hand deal with it? We are all familiar with why trust broke down. Douglas Flint rightly pointed out three elements: 1. The breakdown of trust in the executive management and their understanding of the control framework and institutions; 2. the breakdown of trust between the non-executives and the executives on the board; and 3. the breakdown of trust between the supervisors and the boards. Executives expected control frameworks to work according to the standards of the industry. When the frameworks failed and executives realized it, they lost confidence in themselves and questioned whether their understanding of the actual situation was correct. The second breakdown of trust between executives and non-executives has a clear link to communication. Did the executives know the problem and fail to inform the non-executives in time? Or did they not even know what was going on – which is perhaps even worse? Do we need special training for executives to ensure they understand everything they need to in order to properly supervise a

118 | Sylvie Matherat

firm? And most importantly, how can we ensure a proper escalation of concerns in order to prevent such a breakdown of trust in the future? Lastly, the breakdown of trust between board and supervisors. This has to be looked at from both perspectives. The supervisors lost confidence in boards because of the impression that executives did not have control over the business. But, in turn, bankers and the public were asking how supervisors could have been so wrong in their assessment of the distribution of risk in the financial system, which meant they did not take appropriate (preventive) remediation actions. To give one example, the US Federal Reserve initially estimated subprime related losses at no more than USD 50–100bn, leading many in the industry to believe the problem could be easily contained. Today we know this assessment back in 2007 was wrong. Another example provided by Paul Tucker was the fast-growing consultancy industry staffed by ex-regulators in the US. Banks seemed reluctant to talk to regulators directly; they seemed not to trust them and instead chose to engage with an intermediary who might be in a position to help. Recent experience has taught us this was a fallacy. What are the consequences? Is it the reason for the difficult relationships that the industry has today with regulators worldwide? And given the regular staffing changes on the supervisory side – and on the banks side as well, I must admit – how can we built trustful relationships? I want to come back to this point at a later stage, but without restoring regulators’ trust in financial institutions and their confidence that the culture and behaviour of the industry has improved we will never regain the trust of society. Another interesting argument regarding the lack of trust between the industry and society was discussed by Paul Tucker. He argued that trust in the industry is more or less non-existent: people working in the industry get no social recognition or esteem so their reward is money and the threat of punishment is what keeps them in check. By inverting this argument (i.e. that an industry with incredibly high monetary rewards, kept in check only by the treat of punishment in the courts, does not place any weight on virtue or values) he argues that the only way to prevent misdemeanours is with strict and consistent enforcement by authorities which enjoy credibility. Given the fragmented regulatory landscape and the absence of such a powerful authority – what can boards and supervisors do? This leads inevitably to the “Rules versus Principles” debate. One recommendation could be that the industry needs absolutely clear rules and laws on conduct, in conjunction with consistent enforcement measures. Looking at the prudential side it becomes apparent that rules do not work; one cannot write rules for stability. Here principles might be the better solution. The familiar problem with principles, however, is that they are often vague, leading to uncer-

V. Supervisors and Boards | 119

tainty. So what to do? The alternative, examined in more depth in Paul Tucker’s article1, is what he calls “Rules and binding Principles”. The underlying concept is to set out certain principles in primary legislation with statutory provisions enforceable in courts, together with detailed rules which have to be interpreted in light of the principles outlined. This concept would tie the Interpretation of rules to their social purpose and leave courts as the final arbiters of principles that have been designed by legislators – not regulators. This could be a viable and sustainable solution for conduct and prudential regulation. However, to return to the core of this discussion, which focuses on culture, behaviour and trust, one must admit that rule books will not work and so principles are important. Because in our industry decisions are not always black or white, there are many grey areas. So we need to train and support our people to use their judgment. When asked about decision-making and escalation processes within my remit, I always advise my staff that escalating decisions is a proper tool to use if something cannot be decided at a certain level within the bank. However, it should be a “last resort” rather than a “first resort” solution and, before doing so, they should always discuss the issue within their respective teams. They need to take into account all the existing rules – and in addition they must use common sense. We need to lead by example. How can we improve the relationship with supervisors and meet society’s expectations of the industry? Or more simply: How can we regain trust? I have to acknowledge that there are no right or wrong answers to this question. A first step would be to clearly define what is expected from banks. Banking is a global industry and supervisors in different jurisdictions have different views about how it should be governed. In addition, the financial crisis did not hit all regions at the same time and with the same severity, which led regulators and supervisors around the world to react differently. Therefore we must also reflect upon the fragmentation of regulation. One prominent example is the difference in approach between the European Union and the United States. Whereas Europe still focuses on structural reforms, including compensation restrictions (discussed in various panels throughout the day), the US has tackled the issues more directly by giving boards immediate accountability for dealing with supervisory matters that require attention. Were these different approaches the right way to root conduct in values and to put culture and behaviour on the top of boards’ agendas? As pointed out during our discussion there are certain constraints. One example relates to boards being held accountable for culture

_____ 1 Paul Tucker, in this book at p. 99.

120 | Sylvie Matherat

but not setting out what they expect a healthy culture to look like. In international banking where different jurisdictions take different views it is difficult to have a single global standard. But without such a global standard, which “standard” is an institution to choose? There is a perception within the industry that the regulatory and supervisory framework takes a zero tolerance approach, which has a significant impact on the morale of staff. This perception, and the fear of potentially losing their jobs, means that staff tend to be risk adverse. Having risk adverse staff will be difficult for a banking industry where managing risk and constantly taking decisions is a major part of the day-to-day job. A lot has been said about compensation, and I will therefore not go into detail. But if, as Paul Tucker argues, money is the only incentive that motivates bankers (which I honestly do not believe to be the case), should we think about the associated governance? Douglas Flint discusses extending responsibility for payments to other capital providers besides equity providers. Might they also have a closer look at culture and thus foster an improvement? Changing governance arrangements and related laws might prove difficult. Taking a step back and looking at it from another perspective: could a more careful hiring approach ensure that we have staff who are not motivated purely by money and who understand the need for high standards of behaviour and a healthy corporate culture? Should we be more careful about poaching of teams? (Douglas Flint’s example/lessons learnt from the FX scandal certainly make one believe so.) A further thought: is it the case that the majority of bankers no longer have a stake in the system? If this were the case then one need not wonder about the often cited disconnection between the industry and wider society. In my view, based on my experience at Deutsche Bank, this is not the case. We always work to earn our clients’ trust by placing them at the core of our organisation, and by striving to build mutually beneficial client relationships in which the value created is shared fairly. We have all seen budgets increase in banks’ regulatory and compliance departments. In addition, staffing levels have almost tripled over the last four years. But will these increases in budgets and staff necessarily help to solve the behavioural and culture issues and, therefore, help to regain trust? I have to agree with Douglas Flint who said we must get better at anticipating the next big challenges on the horizon. If the industry combines its strength we can help protect the system from bad practice and unwise transactions. Let me add: lt is not just a question of which institutions make bad decisions, it is also about who does the deals at all. We need to avoid massive regulatory arbitrage. Significantly tightened regulation in the banking sector creates the risk of transactions moving to other, more lightly regulated areas. And there is evidence that

V. Supervisors and Boards | 121

this is happening. While the European banking sector has not grown at all since 2008, alternative financial service providers – the so-called “shadow banking sector” – have expanded their total assets by about two-thirds and now make up 40% of the total Euro-area financial system. This is almost as much as the banks, which comprise 45% of the system. If this continues, are we just shifting the same behavioural and cultural issues to another part of the financial system? When considering transactions we also need to take into account the question of returns. These days, and in light of scarce resources, it is important to understand banks’ profitability drivers. In the past, when leverage was high, it was relatively easy for a mediocre financial institution to earn a low doubledigit return on equity. With actual capital about twice as high as pre-crisis levels and many formerly profitable businesses having now disappeared, earning decent returns has become much harder. This is another reason, besides regulatory and cultural changes, why banks need to become more selective about which activities they continue and which they bring to an end. This in turn is leading to a change in banks’ business models. However, adapting the business model should also be seen as an opportunity to provide greater clarity, especially to investors, which will help to reduce uncertainty and regain trust in the banking sector. So what is the essence of this discussion? A lot has been said about trust, responsibility, institutional culture and staff morale. There are no hard and fast rules for regaining trust. But I believe if we all – boards and supervisors together – work on rebuilding our relationships so they are based on transparency and trust; if the industry strives to get its culture right; and if supervisors and regulators acknowledge and communicate the progress made, then we will take a first but important step towards regaining the trust of the public we serve.

122 | Sylvie Matherat

neue rechte Seite

VI. Taking Responsibility: The Banker’s New Attitude | 123

| VI. Taking Responsibility: The Banker’s New Attitude VI. Taking Responsibility: The Banker’s New Attitude

124 | Sylvie Matherat

VI. Taking Responsibility: The Banker’s New Attitude | 125

Lorenzo Bini Smaghi, Chairman of Société Générale

A View from France Lorenzo Bini Smaghi

Cultural change has to come from the top. Top bankers have to take responsibility to foster change in their own institutions. I would like to briefly explain how this can happen, building also on the concrete experience of a bank whose culture, and reputation, was hard hit by a major event. Culture is largely part of the history of an institution. History matters. Change takes time. Cultural change can be accelerated when there is a crisis. But change should be made possible without waiting for a crisis. This is the reason why a bank’s culture should be continuously tested. When major shocks occur, they can affect the reputation of a bank, with long lasting effects. This is one of the main concerns of bank boards: avoiding being in the news for the wrong reasons. This is why boards and management need to be proactive, not wait for the regulation to become prescriptive. This problem goes beyond single banks. It has a social impact. The negative reputation of a bank has contagious effects on the whole banking system. People in our society can’t measure the value of banks to society. It’s a problem of communication because we are not able to tell to our citizens why banks are an important part of the economic system and need to be preserved. Most people tend to have negative opinions about the banking system, that it produces damage to society that ultimately hurt taxpayers. These feelings are often exploited by politicians who tend to blame the financial system for all evils. This fuels a vicious circle leading to measures that weaken the soundness of the banking system, and ultimately of the economy. For some 150 years, Société Générale (SG) has built its growth on a strong culture of client-focused professionalism. But at the turn of the 21st century, the abundance of liquidity and the growth of variable compensation structures led to some laxity, particularly in the American market. This risk had been taken into account at the highest level of the bank (for example, a code of conduct was published in 2006), but the crisis took place before the bank had fully taken stock of it. In January 2008, SG faced a major crisis: Fraud committed by a rogue trader, Jérôme Kerviel, which cost nearly €5 billion. No other bank had experienced such a shock to that point. The subprime crisis landed just after the Kerviel crisis. These two successive crises had very serious consequences on SG: its financial solidity was jeopardized, its operational risk ballooned, its professional

126 | Lorenzo Bini Smaghi

reputation was damaged, leading to a crisis of confidence among clients, and finally its staff questioned their relationship with the company. The reaction of SG has entailed several phases. The whole risk management system was overhauled, adopting a holistic approach for all risk categories, centered on a consolidated vision of the Group’s risk appetite, and supported by a corporate culture favorable to risk management, rigor, and discipline. The investment bank’s risk management and internal control processes were particularly strengthened. A plan, named “Fighting Back” was launched in 2008, and let to creation in 2009 of a control department devoted to monitoring and controlling of operational risks; specifically, it includes a dedicated anti-fraud department supported by a “control tower” managing alerts raised by the correlating of weak signals. Warmly supported by the Board, the Executive Committee launched in 2010 a five-year “Enterprise Risk Management” program, to address all issues related to risk management, while at the same time adopting a transformation effort aimed at making customer satisfaction one of the Group’s central concerns again. Even before regulators required it, SG made several structural changes to its compensation policy, for instance: – All compensation directly tied to sales volume was eliminated. – Liquidity costs were taken into account for all risks (credit, market, operational) in determining variable compensation packages, as was capital cost. – Variable compensation started being tied also to qualitative criteria; it is correlated with a formalised annual performance review that takes individual quantitative and qualitative goals into account. – A qualitative assessment by the Risk Department and the Compliance Department was launched of business units and “regulated” employees (about 600 people in 2015), in order to prevent or penalise inappropriate conduct. These assessments have an impact on the variable compensation of those people or on that of the business units. The effects of these assessments have been concrete and measurable; businesses assessed as “below expectations” by the Risk Department and the Compliance Department have had their variable compensation reduced; most of them recorded an improved assessment the following year. When this does not happen, the Group may put a stop to the business (as occurred in 2013 and 2014). A sizeable part of remuneration of key managers is paid in the form of SG share equivalents (at least 50% for regulated employees and 60% for the CEO).

VI. Taking Responsibility: The Banker’s New Attitude | 127

More fundamentally, the Group has changed its core values: Team Spirit, Innovation, Responsibility, Commitment. These four values were approved at the board level. The Group translates the client focus and the four shared values into competencies and behaviors ( through the Leadership Model). It defines managerial action and reconciles the values and the way in which everyone behaves toward the clients and within the company. The Leadership Model was integrated into all Human Resources processes: – Recruitment and mobility: the behavioral part in the job description was aligned for the assessment of candidates, and the HR experts were trained to develop their candidate’s appraisal in line with the values. – Individual conduct-based performance target: In recent years, the individual process of setting goals and reviewing the performance of all employees has increasingly incorporated operational goals and the setting of personal development goals. – Now that the Group’s four values have been translated into specific requirements (Leadership Model), those processes are being adapted to adhere more closely to the culture the Group is moving towards. – Measuring individual conduct-based performance: (i) Annual 360° review of the 300 top executives, based since 2015 on the Leadership Model. (ii) Annual performance review of employees with regard to risk management, in light of the goals set for that subject at the start of the year. (iii) Variable compensation that incentivises conduct-based performance (risk/compliance assessment, deferred variable share). – Managerial training: to foster the cultural change, the managerial training from Team leaders to Top executives was redesigned to integrate the values and expected attitudes. The managers are also trained to inform and develop their employees regarding SG’s Culture. However, a bank’s culture is much more than a system of controls and a remuneration scheme. Culture has to be an integral part of the management system that underlies the functioning of the institution. Culture is what makes an organization unique and what makes it different in the eyes of stakeholders. Concerning Societe Generale, we consider that our main task, at the top, is to set the tone. The Board, the Executive Committee, the heads of businesses have key roles in launching and overseeing the program. They have also to lead the change by exemplary behavior. The program is being monitored through key indicators and includes the ability to sanction. Zero tolerance is essential. We also have to enhance efficacy

128 | Lorenzo Bini Smaghi

of the three lines of defence, particularly the first line, ie the heads of the businesses line. Finally, Société Générale has decided an action plan under the responsibility of the top management and with a regular reporting to the board. The code of conduct will be rewritten in order to foster integrity, concerning how employees behave. This code is part of the compliance set of rules and controls. Ensuring that everybody acts with integrity is a strategic objective. It is everyone’s responsibility to do the right thing for customers, communities, employees and shareholders. The Bank’s leadership team is accountable for having the appropriate culture as a source of inspiration as well as a way to ensure the right conducts are in place. To sum up, the experience of Société Générale shows that change can be implemented, especially after a major shock. But change should be implemented before major shocks happen, and need to be at the core of the bank strategy. The crisis has challenged the perception that our fellow citizens have about banks and their role in society, in particular their contribution to growth. This needs to be changed, and the prime responsibility is with banks themselves, starting from the top of the institutions.

neue Seite

VI. Taking Responsibility: The Banker’s New Attitude | 129

John Cryan, Co-Chief Executive Officer, Deutsche Bank AG

Taking Responsibility at Deutsche Bank John Cryan

Since the financial crisis there has been much discussion about culture in the banking industry. Quite legitimately, much of this discussion has been not about culture, which is a positive thing, but about its opposite: a failure to act properly and to live up to certain fundamental responsibilities. For the banking industry of today, ‘getting the culture and ethics right’ depends absolutely on recognising and accepting those responsibilities and ensuring they are reflected in the way bankers behave. A ‘new age of responsibility’ must be lived at two levels. The first is our responsibility to conduct business and manage and control our organisation in a proper manner. Secondly, we must embrace our responsibilities towards all our stakeholders – our employees, our clients, our shareholders, and the wider society we serve. If we fail to recognise these responsibilities, and if we fail to embed them into the way we operate, we cannot restore trust in our industry. Last summer’s G30 Report on Banking Conduct and Culture put it succinctly: “without a culture that insists on high standards of values and conduct, it is difficult to generate and sustain trust and reputation, which are the bedrock of a safe and effective financial system.” 1 When discussing culture in a business context, it needs to be defined in a practical sense to be meaningful. A culture of responsibility needs not only to be clearly articulated; it must also be transmitted effectively into the organisation, and this can happen in a number of ways. It is possible to discuss this culture, and specifically a culture of responsibility, in the context of these two imperatives.

Embedding a culture of responsibility: mechanisms of transmission Most organisations contain mechanisms and structures which enable the ethos and essential purpose of that organisation to inform, govern, and shape the behaviour of the people who work in it. These mechanisms and structures – we

_____ 1 G30 Report on Banking Conduct and Culture: A Call for Sustained and Comprehensive Reform, July 2015.

130 | John Cryan

might call them the ‘plumbing’ – need to function effectively if the corporate culture is to be effective. They take a number of forms: governance structures, management structures and control frameworks. All of these transmit culture in different ways, but all depend for their effectiveness on some critical factors – for example, the complexity in the organisation and the quality of its technology infrastructure. Governance structures are an essential transmission mechanism. Some aspects of governance structure are driven by the need to comply with regulation in a specific jurisdiction; however, management must also ensure governance mechanisms effectively support corporate culture and instil an attitude of responsibility. This attitude of responsibility needs to spread beyond the senior levels of the organisation, but it starts at the top. Deutsche Bank’s new management team, which was appointed last year, overhauled the Bank’s governance structures to place the proper emphasis on individual accountability and responsibility. Committees sometimes serve a useful purpose, but an over-reliance on committees, some of them with overlapping remits, was blurring lines of individual responsibility and creating superfluous layers of bureaucracy. We reduced the number of senior-level committees from 16 to four in order to increase the focus on individual responsibility. One of the committees we abolished was the Group Executive Committee, set up to advise the Management Board and with considerable duplication of membership between the two bodies. Abolishing it removed a superfluous layer and focused responsibility, with commensurate accountability, on individual Management Board members. Management structures play a no less important role, particularly if they reflect, as accurately as possible, the business we are in. At Deutsche Bank, one of the first actions of the new management team was to re-organise our four core business divisions around the four different types of clients we serve: corporates, institutions, fiduciaries and private clients. In this sense, our management structure became not only client-focused, but client-centric. Each business is represented by a single leader on the Management Board. The same principle applies to infrastructure functions: we identified our critical functions – finance, risk, technology, and regulatory and legal matters – and ensured that all of these, like each of our core businesses, were represented by an individual Management Board member. Clear responsibilities at the most senior executive level form an essential foundation, if a culture of responsibility is to spread across the bank as a whole. Control frameworks form a third critical mechanism of cultural transmission. To some extent, controls are about ensuring that regulation is complied with internally; additionally, to be truly effective, controls must also cover the

VI. Taking Responsibility: The Banker’s New Attitude | 131

clients we do business with, the type of business we do, and the locations in which we do that business. Doing business in locations, or with clients, of a higher risk profile may not only be risky from the perspective of capital or balance sheet consumption. It may also go against the ethos of the bank and expose it to legal and reputational risk. Strict controls over the adoption of new clients, and continuation of business with current clients, help to underline the importance not just of revenues, but of relationships. Our priority is sustainable performance for clients, rather than near-term revenue maximisation. This makes both commercial and ethical sense. Effective controls over client relationships reflect, and support, a fundamental commitment to responsible business.

Effective transmission: critical enablers Governance, management structures and controls are all essential transmission mechanisms of an effective corporate culture. To be truly effective, they must be not only well-constructed, but also well-supported and tailored to the specific dynamics of the business. Reducing complexity of the business can play an important role. The more complex and diverse the business, the more challenging it becomes to transmit and communicate clear and consistent cultural messages and define demarcated responsibilities. This may mean separating yourself from businesses, or assets, which are not core to the bank you want to be. In addition, in global organisations, the potential for a blurring of responsibility arises at the junction of regional or country management, and business management. At Deutsche Bank, the new management team has addressed this by increased the use of ‘dual hatting’: responsibility for a given country or region rests with the head of the largest business division. We have also made substantial progress on disposing of, or withdrawing from, businesses which will not be core to our strategy in future. Modern technology is a second critical enabler. If we are to get the culture right, responsibilities need to be fairly apportioned, behaviour to be monitored, performance to be evaluated based on fair and objective criteria, and controls to be tested for effectiveness. All of these processes depend to some extent on the reliable availability of fast, accurate and relevant management information. We must also recognise that one size does not fit all. A full-service or universal bank like Deutsche Bank, for example, needs to take full account of the different dynamics between its businesses if the ‘plumbing’ is to function effectively. Universal banks frequently comprise three fundamentally different

132 | John Cryan

types of business. The goal of the traditional banking business is to serve clients over the long-term, to help them contribute to the economy and to society around them. The trading business, by contrast, is by definition more shortterm – deploying the bank’s expertise, knowledge and capital resources to trade on financial markets, form relationships with counterparties, taking positions on the opposite side from other market participants and performing better by being right more often. The fiduciary business, on the other hand, requires considerably longer time horizons. Governance, management and control mechanisms need to take account of these differences if they are to function effectively.

Articulating responsibility: the right messages All of these transmission mechanisms, however well-constructed and wellsupported, depend for their effectiveness on the clear and consistent articulation of the right messages – in other words, the content of what flows through the ‘pipework’. This content has several essential elements: clear statements on the values of the organisation; its commercial and social purpose; and very importantly, clear statements on what behaviour is expected of employees. Clear expectations are vital. There has been much discussion on the extent to which incentives and compensation in the banking industry played a role in causing the behaviours which led to the financial crisis. Without doubt, incentives are an important aspect of corporate culture. However, before making the connection between incentives and behaviour, it is vital to assess whether employees understand clearly what is expected of them. Confusion on what is expected of employees may not only lead to the wrong behaviour; it also saps morale. A clear vision is an essential element of the message. This enables management to articulate what it wants the organisation to be, and to unite and bind its employees around a common purpose. It is against this common purpose that strategy can be defined, objectives established and measured, behaviours codified, and responsibilities established. The style of communication matters, particularly as leadership communicates with employees. If a rift opens up between leadership communication and the mood within the organisation, it is a clear signal that critical messages are not being transmitted effectively. At Deutsche Bank, we committed to two clear principles. The first is that staff should be the first to hear important messages, and this includes moments when the news is not good. The second is that as much communication as possible should be two-way. We actively invite em-

VI. Taking Responsibility: The Banker’s New Attitude | 133

ployees to communicate directly with the leadership, giving their own feedback or sharing what clients are telling them. We have had to commit extra resources to make sure that every message is read and that each receives a reply. The effort may be time-consuming, but for us, this style of communication sends a very important message about management’s sense of its responsibility to deal openly and candidly with employees, particularly in challenging conditions.

Incentives and compensation structures In shaping a ‘new age of responsibility’ for the banking industry, incentives and compensation structures play a role. Banks have responsibilities to pay their employees fairly, and retaining talent is essential for the sustainable performance of the institution. However, if these considerations are to be correctly balanced with responsibility towards shareholders and society as a whole, we need to challenge widely-accepted norms in several ways. First, we need to strike a reasonable and fair balance between rewards for shareholders and rewards for employees. Historically, compensation structures in banking included a large and often near-term variable or bonus component, with the ostensible aim of encouraging and rewarding ‘entrepreneurial’ behaviour. This became widespread, even where bankers in fact enjoyed many benefits of being corporate employees while remaining protected from many of the risks faced by true entrepreneurs. At Deutsche Bank, we recently altered our pay mix, partly with the aim of ensuring that variable compensation truly reflects performance of the individual and of the bank. Second, we need to assess cause and effect – the actions people take versus the value creation that has been achieved. In the fiduciary business, for example, the notion of ‘true alpha’, or outperformance, is questionable, in my own experience and according to the considerable research that has been done on the subject. In an era of responsibility, reward needs to be more closely aligned to genuine, rather than coincidental, creation of value for clients. Third, we need to consider whether the timeframe on which we pay people is really aligned to the time horizon over which we can objectively measure success in the type of business they do. The three different types of banking business – traditional banking, trading, and the fiduciary business – are fundamentally distinct and run on different commercial cycles. Performance, good or bad, becomes clear at different speeds, with the creation of value in traditional banking and fiduciary business typically taking much longer to become clear, and frequently much longer than a single year, than in the trading business. Likewise, misconduct or other damaging behaviour may take years to come to light.

134 | John Cryan

Managing compensation on the same, one-year cycle for all three businesses is therefore challenging. Banks and regulators have introduced new mechanisms to address this issue. ‘Clawback’ provisions and so-called cliff vesting have both become more prominent features of bank compensation in recent years – at Deutsche Bank, for example, over 50% of our variable compensation pool is now deferred. It is also possible, when assessing the right reward for an employee’s contribution, to take account of a longer time horizon and pay later, rather than paying sooner and subsequently having to claw back. The risk of unintended consequences also exists – for example, an entire cohort of unvested compensation may be impacted by the perfectly legitimate actions of a small number of employees. Compensation and incentive structures have a critical part to play in defining the new age of responsibility for our industry. To be successful, however, we must be committed to challenging widely-held assumptions and practices; to balancing the interests of all our stakeholders; and be ready to pay fairly, rather than quickly. Ushering in a ‘new age of responsibility’ will be a multi-year undertaking across the banking industry. Its success will depend on recognising, respecting, serving and protecting the long-term interests of all those who have a stake in the industry. Not only this, but we must also balance those interests appropriately. Achieving these aims depends on the right messages from leadership, and on mechanisms which transmit these messages into the organisation, so effectively that they guide and influence behaviour at all levels. This effort may present banking leaders with difficult decisions in the near-term; nevertheless, the task is the most important we face today. Restoring trust in the banking industry requires nothing less.

neue Seite

VI. Taking Responsibility: The Banker’s New Attitude | 135

Jan P. Krahnen*, Goethe University Frankfurt, Center for Financial Studies at House of Finance, SAFE and CEPR

How to conceptualize Corporate Culture and Cultural Change: Motivation for a Research Agenda Jan P. Krahnen

Abstract: I propose a research approach for understanding a bank’s corporate culture, and for assessing any changes of that culture over time. The key element of the approach is identifying the incentives for bank agents and management embedded in the bank’s compensation architecture. The underlying proposition maintains that the corporate culture of a firm manifests itself in the expectations of clients about the behavior of bank agents and management when performance is unobservable. In the aftermath of the financial crisis, the role of corporate culture at banks, and the need to pay attention to its design, has become an important theme not only in financial newspapers, but also at board meetings. In fact, bringing about a change of the existing corporate culture has been labeled a top priority by some of the largest international banks. The new emphasis on corporate culture within the banking firm suggests there is a cultural defect in modern banking that may have contributed to the financial crisis that started in 2007, epitomized by the alleged greed of some of its personnel. From the angle of an academic observer, the idea of a corporate culture is not easy to understand. It is widely seen as a “soft” concept, a summary characteristic of behavioral patterns deemed acceptable or commendable within the organization. If there is a common role model of proper behavior in the firm, for example the way sales agents deal with their clients, then the basic features of that role model are experienced by many clients, and over time, through a process of learning in relationships, those features become part of what market participants (clients) expect to obtain in business interactions even if they cannot observe agent behavior immediately or directly, or at all. According to this theoretical view, the features characterizing the corporate culture of a particular firm shape mutual expectations in opaque interactions in markets. A sophisticated corporate culture can only be built over long periods, as it requires time to prove its existence, and its reliability. The very culture of a

_____ * [email protected].

136 | Jan P. Krahnen

corporation builds on reciprocal expectations of participants, as it is similarly true for the cultural fabric of a society at large. In this sense, “culture” aligns and defines expectations, facilitating interaction when directly observable and contractible features of a transaction are absent. In economic terms, corporate culture may reduce transaction costs. Conversely, if a company does not invest in its own “corporate culture”, but rather allows its employees to behave according to their individual liking, it will nevertheless produce a “cultural” expectation among potential business partners. Namely, the expectation of being possibly confronted with a ruthless opportunist, i.e. a business partner who must be treated at arms length, who will exploit situational advantages mercilessly, and so on. Thus, if a particular firm has earned a reputation for maintaining a rather poor corporate culture, e.g., ripping customers off from time to time, the firm is likely to face high costs in doing business with clients. For the simple reason that these clients will learn about the poor state of the corporate culture over time, and upon learning they will update their expectations and will start protecting themselves against potential rip-off by asking for “margins” of all sorts: price discounts, extra guarantees, option rights, and so on. Consequently, in an industry with opaque markets, firms with a poor (or low) corporate culture may lose market shares to their high culture competitors. As a consequence, low culture firms may eventually specialize in transactional lines of business, i.e. businesses that do not require a high level of trust among business partners, and which are characterized by a rather low level of opaqueness. In transactional businesses, profit margins tend to be low due to competition and a lack of inframarginal rents. That said, and returning to the current situation in the banking industry, we are not surprised to find many institutions now investing heavily into corporate culture building exercises, particularly those firms that had benefitted from questionable sales activities in the run-up to the 2007 financial crisis, thereby destroying (part of) their cultural capital. It is from the perspective of a longterm business logic, and its consistency, rather than a moralistic viewpoint, that I will discuss some features of a corporate culture. Most of what I have to say in the next few paragraphs was also raised during a panel session at the ILF conference on November 23, 2015, at Goethe University’s House of Finance. Reference to these questions may be found in the contributions to this volume by the panelists of the session, John Cryan of Deutsche Bank and Lorenzo Bini Smaghi of Société Générale. The upshot of the trial definition presented above is the following: the corporate culture of a firm cannot easily be observed; but it can be sensed, or approximated, by the expectations ordinary clients have when transacting with that firm.

VI. Taking Responsibility: The Banker’s New Attitude | 137

These collective expectations are the result of what clients have experienced over long periods of time in the past and what these clients believe about possible changes of behavior going forward. Quite naturally, there is an asymmetry between building and destroying a corporate culture. While the build-up of culturedefining expectations may take a long time, years or even decades, their deconstruction needs much less time, as little as a few weeks or months. In order for clients to experience a consistent corporate culture of a particular firm, the agents of that firm should behave in a similar way. In a behavioral sense the firm is represented by the totality of its employees, from the very top management all the way down to the sales agent at a branch office. By implication, it is a necessary requirement for the development of a corporate culture to align the behavior of all of these corporate agents, irrespective of the management level, and particularly so in situations characterized by opacity and (thus) behavioral discretion. Opacity refers to a transaction between a firm and a customer that lacks concrete, easily observable quality characteristics. Financial advice offered by an asset manager to a client is a good example of a service with a high level of opacity. Aligning behavior among agents, particularly hard-to-monitor services like, for instance, recommending suitable risk-return properties of investment strategies for a particular client, is a formidable management task. If it is difficult to maintain a corporate culture established over lengthy periods at a particular level, it is probably even harder to restructure a culture that has gone astray, or that appears to have lost its consistency and orientation in the recent past. The natural follow-up question to an officially declared cultural change, therefore, is: how do you align behavior of managers at all levels, and across all business lines with respect to their treatment of clients when immediate actions by agents cannot be observed or assessed by outside clients? In other words, how do you convince outside clients to trust in the quality of unobservable services? On a basic level, the answer is rather simple. Referring to the above portfolio management example, it requires all sales agents to behave alike, providing services that will pay off in a desired way for the clients over long periods. Asset managers thus should refrain from excessively turning over client portfolios in order to generate transaction fees. Note that a typical client does not know when turnover is excessive, as she/he cannot carry out counterfactual (benchmark) calculations easily. It is therefore possible for an asset manager to earn significant fee income (for the firm’s bottom line) by churning the assets in the client portfolio. How can such a policy be avoided? Or rather: how can the client be convinced that the portfolio manager will not churn? There is a solution. Clients may be offered a wealth management mandate that defines management

138 | Jan P. Krahnen

success, and also management compensation such that churning, would it happen, will lower bank earnings, and also employee income. Don’t oversimplify – if turnover fees are debited, directly or indirectly, to portfolio manager income, then another problem arises, namely under-trading, rather than over-trading. The trade-off between trading performance and transaction costs has to enter the compensation formula of the bank agent if a true optimization of portfolio behavior is to be achieved. In this example, the compensation formula of the agent is used as an instrument of credible commitment by the bank. The firm incentivizes sales agents or portfolio managers by mimicking the income stream of clients. Incentive alignment therefore is the magical formula. If disclosure is required to influence expectation formation of clients in markets, corporate culture may be developed by publicly disclosing the exact income formula of bank agents and bank management. The bank can thus disclose its inherent incentive structure. This contains the DNA of the bank’s corporate culture. This is the first test question for the role of a bank’s corporate culture, and also for the desire to change it: what is publicly known about the compensation of bank employees, particularly those with direct client contact? Does the firm disclose the architecture of its compensation schemes, and also the extent to which annual income of sales agents and managers at all levels depend on performance, and how exactly the latter is defined? If the answer is affirmative, i.e. if the compensation scheme of firms, or elements thereof are publicly disclosed, markets and clients know more about the firm’s corporate culture and its likely impact on the behavior of managers and employees. That said, behavioral incentives of managers are probably shaped by many aspects of the employment relationship, not only by the level and the performance dependency of compensation. Other aspects that have material impact on behavioral incentives and performance are: hiring practice, promotion policy, pension formula, seniority rules, vesting properties for pensions, relative pay, clawbacks for bonuses and base salary and its actual use in the past, and many more aspects. In short, an extended disclosure policy towards the design of the compensation architecture of the firm could enhance the difficult task of re-building the corporate culture of a banking firm, and thus the trust felt by potential and actual customers in the service quality provided by its agents and management. A separate and detailed compensation report could therefore be a useful instrument far beyond its role in hiring and HR. A compensation report would probably improve the potential of markets to assess ex-ante the behavior of management and sales agents towards clients –

VI. Taking Responsibility: The Banker’s New Attitude | 139

and to predict how effective a policy of cultural change is likely to be. Moreover, such a compensation report would also greatly facilitate the comparison across competing institutions. It is therefore also an instrument for speeding up the growth of corporate culture in the sense of aggregate client expectations. If a researcher had the chance to dig deeper in the corporate culture of firms in the banking industry, he would probably try to infer the incentives of its agents and managers from the bank’s chosen compensation architecture. Are these incentives well aligned across management levels, and over lines of business? And if so, what behavior can be expected from agents in situations characterized by different degrees of opacity? Finally, as a matter of judgment, does the compensation architecture support a unified culture of the firm in its behavior to clients? Can clients trust in the services offered, even if true performance is unobservable? As a postscript to the above research agenda on corporate culture in banking, the hypothetical researcher would note that she or he would need more pieces of information to assess the bank’s compensation architecture and its incentive implications for management properly. In particular, she/he would need to know details about the cost allocation scheme used by the bank. For example, do funding cost allocations properly reflect risk differentials across lines of business? Or, alternatively, do attributed return allocations reflect these risk differentials? If the answer to these questions is “no”, then allocated performance related compensation carries its own incentive distortion which needs to be taken into account as well.

140 | Jan P. Krahnen

neue rechte Seite

VII. Is it Culture or Structure? | 141

| VII. Is it Culture or Structure? VII. Is it Culture or Structure?

142 | Jan P. Krahnen

VII. Is it Culture or Structure? | 143

Georg Fahrenschon, President German Savings Banks Association (DSGV)

The Importance of Structure Georg Fahrenschon

Ladies and Gentlemen, Thank you for giving me the opportunity to share some thoughts with you today. As I understand “economics”, it is the science of human nature. This raises the question as to whether – in a technical world like the one we live in – banking should be committed to human beings in the first place. After all, all human beings tend to fail once in a while. Why not take advantage of the fact that “robo-advice” can do the job as well? And ultra-speed trading has almost taken over anyway. My answer is: banking is about people, and always will be. So there is a good chance that we will have to go on living with imperfect creatures on both sides of the counter. What can we do to make sure they do not – accidentally – rip off society, national economies, and even governments? To my mind, this is not a matter of training, or persuasion, or culture. We need to channel and limit “creativity” by putting the right structures in place. • We need to reduce complexity in internal structures in order to create transparency on “who does what, and why, and how”. • We absolutely need to make sure that, within these structures, taking risks and assuming responsibility are counterbalanced within the respective role models of all of the parties involved. They should never be separated. • On the other hand, we need to leave enough scope for entrepreneurial spirit and for commitment to performance. I can assure you that Germans are very critical with regard to their banks’ behaviour. Not only because Germans, as some may suggest, have “invented” criticism. Instead, it’s because they are “spoiled” – and have been for decades or even centuries – by a banking market which is strongly focused on retail customers and corporate clients, and which has a tradition of long-term lending. Traditionally, two-thirds of the German banking market has been in the hands of small local banks. They have evolved from grass-root banking or even social causes to become main-street banks for people and enterprises alike. Remarkably, two-thirds of the German banking market is managed by decentralised entities like savings banks (Sparkassen) and co-operative banks. They have proven to be pretty resilient. Germany’s savings banks alone serve

144 | Georg Fahrenschon

about 50 million clients out of a population of 80 million. Within our Group, there are 412 savings banks, each of them economically and legally independent. Our business model is rather simple: We take deposits, and we give out loans. Our main role is to fuel local economic cycles, to improve living conditions, and to foster economic development throughout the country. Please note that I have not mentioned “profit maximisation”. There are some structural features of savings banks that I find worth mentioning in the course of our debate today. First: Our mission statement is enshrined in law. This is why we do not call it a “mission statement”, but a “public mandate”. Roughly speaking, the public mandate demands that everything we do shall benefit society. As a consequence, our business is almost exclusively oriented towards people and the real economy. We are experts in small-scale risk and long-term lending. We also assume civic responsibility that goes far beyond banking. Secondly: A savings bank can only do business in its territory of origin, in accordance with the so-called „regional principle“. If a savings bank fails – either by mistreating its customers or by mismanagement – it cannot just disappear and start cherry-picking elsewhere. Accepting a high level of risk just to make short-term profit is impossible for savings banks because of this structural feature. And thirdly: Savings banks have no owners, which makes them free of any third-party interests. Yes, we need to earn money and be profitable. But there is no need for savings banks to cater to exaggerated shareholder-driven expectations. This legal setting helps us to “channel creativity”, and to be “beneficially boring”. However, I would also like to mention three criteria which, to my mind, should be applied to banking in general. 1. The more focused banks are on the real economy, the smaller the risks they take. Small numbers are not very attractive for moral hazard, and even in a worst-case scenarios, they do not lead to great damage. Reducing moral hazard is key in order to improve a bank’s resilience. 2. When choosing a financial product, a bank should always make sure it actually reduces the risk of the client and third parties involved. This is not the case for parts of the securitization markets, for example, which specialise in passing on risks, and thus separate risk from responsibility. 3. Every bank should make sure that, overall, its activities benefit – and do not harm – society.

VII. Is it Culture or Structure? | 145

Whatever path you choose to achieve this, as a bank you will also need the support of regulators und supervisors. To date, I am not completely convinced that they have learned the following essential lesson from the financial crisis: It was a severe political mistake to encourage banks to reign – rather than serve – the economy, and to rely on banks as an engine for growth. In order to get things back under control, we need to apply simple logic: The higher the risk stemming from a banking entity, the greater the need for strict rules. As simple as it is, this logic is not being applied. Most regulatory rules are focused on the balance sheet total, not on the risk profile. In our case, the balance sheet total includes over 800 billion euros in customer deposits, which are completely risk-free. When we talk about structural features, I therefore recommend that we also touch on the structures of banking regulation. Regulators should have a vital interest in respecting and encouraging a diverse range of business models in banking. But the very opposite is happening! Triggered by the Single Supervisory Mechanism (SSM), regulation and supervision tend to rely excessively on purely quantitative factors. The ECB calls it “checking the sustainability of business models”. But it is actually an approach to classify business models predominantly by revenues, making “profit” a key benchmark in supervision – which should not be the case. “Greedy” banking should not be encouraged, especially not by supervisors! We must make sure that profit maximisation will not once again become the model for doing business in banking. I strongly believe that a “one-size-fits-all” approach to supervision along with a predominantly quantitative benchmarking model will threaten financial stability. Financial stability is put at risk by single-model banking markets, where everyone acts in a uniform way – both in building up risks and in leading to collapse. Second-tier regulation under the SSM provides room for a more reasonable approach, which takes account of the actual risk profile and the intrinsic stability of different business models. Or else, we will see that banks which are “too big to fail” will become “even bigger”, with smaller banks being swallowed up by regulatory zeal. If we expect banks to be more profitable than the economies in which they operate, this is a misguided incentive. It’s like a blind flight in a foggy sky!

neue Seite

146 | Leonhard H. Fischer

Leonhard H. Fischer, Chief Executive Officer and Member of the Board of Directors of BHF Kleinwort Benson Group SA

The Need to Synchronize Culture and Structure Leonhard H. Fischer

Prior to 2008 the financial services industry prided itself publically and internally on its modern risk management culture (through computer technology and statistical models). As we found out later this proclaimed culture did not entirely hold up to reality. I suggest that there is an interdependence between culture and structure within organisations, which can lead to a significant asymmetry in risk. Before exploring this further, I will first clarify my understanding of these two terms and the context within which we are considering them: – What is structure? – What is culture? – What is it that we seek to maximize? For the purposes of this short presentation I shall define that: Structure represents a formal set of rules and the organizational set-up and sanctions within any system. Culture is manifested in the informal rules and values of any social system. In the context of banking, we want to achieve an acceptable and sustainable level of specific as well as systemic solidity whilst maximizing the effectiveness of risk intermediation in the economy. This goal strongly implies that maximization of solidity is not in the economy’s best interests, even though the debate today sometimes feels like that is the case. I shall put forward a number of hypotheses: – Firstly that structure by itself is not sufficient for achieving the aforementioned goal; – Secondly that, in the absence of any proper structure, culture is rendered inefficient and inadequate, although equally; – And thirdly, I argue that the absence of culture renders structure inefficient and inadequate. Consequently, an all too familiar scenario is that considerable inefficiencies can exist between culture and structure which would be a significant barrier to achieving goals. Let me offer the example of China, a country with very formal, regulated structures in place. In 1989, the Wall Street Journal in its centenary edition

VII. Is it Culture or Structure? | 147

claimed that China’s economic rise would falter because of too much structure and bureaucracy. However, as we were able to observe, because of China’s tradition of combining rigidity with the culture of high achievement it turned out very differently. Having a highly structured system without that culture would not have resulted in the same outcome. For maximum effectiveness, one could conclude that culture has to be in line with structure. I suggest that efficient structures can only be built when they are based on and in line with inherent cultures. Conversely, it would not be enough just to develop an appropriate culture, i.e. when an organisation demonstrates the skills and right attitude based on an ethical foundation, without securing enough formality. I am therefore suggesting consistency between the culture and the structure of an organization, but this consistency has to be genuine. Reading annual reports these days, the terms ‘transparency’ and ‘sustainability’ crop up frequently, demonstrating that companies claim to focus on delivering both. Often in reality however, the ethical code proclaimed differs from the actual behaviour demonstrated by the organisation. Inevitably, any divergence will lead to an ever-increasing lack of credibility and potentially even a complete breakdown of trust in the system. In risk intermediation, culture is an absolute necessity to complement any formal system to secure effective risk intermediation and to ensure it is not abused by agents in power. This is especially true for banking as it has, by definition, a high degree of public collateral damage risk, as we had to find out post-2008. Concluding that the synchronisation of structure and culture is a prerequisite to an effective system, we now have to consider the role of the regulator. I would argue that the regulator does have an important role to play in this collaboration of culture and structure, although it would not be to attempt to subjectively judge the merits of an organisation’s individual culture. However, the regulator can be very useful in monitoring the above-mentioned consistency between the claims made by an organisation and the framework and behaviour it adopts in real life. I would suggest that the regulator could, for example, observe and challenge three elements: 1) The leadership structure of the organisation. Consideration needs to be given to the existence of division of power and diversity of opinion. It is of particular importance that no individual (in particular not the CEO) or group of individuals wields too much power. Let’s call this ‘the division of power’ test; 2) The nature of the incentive system. In what way does the organisation attract and retain employees and reflect the organisation’s goals. An overly aggressive compensation system is unlikely to represent prudent banking,

148 | Leonhard H. Fischer

but equally a complete lack of financial incentive is unlikely to result in delivering the best performance for its clients. Let’s call this ‘the incentive system is in line with culture’ test; 3) Consistency between the message which is publically proclaimed and the reality of governance. This can be achieved for example by independently organizing interviews with representatives of different hierarchy levels of the organisation to verify consistency between the effective organizational structure and proclaimed culture. Let’s call this ‘the synchronization’ test. I have tried to strongly argue that synchronization between culture and structure will ensure much more success than if each individual component existed on its own. Actually both depend on one another. In addition, I have suggested how the role of the regulator could be adapted to encourage a genuine relationship between reality and the claims an organisation makes. In conclusion, I would like to add a critical element in developing the target synchronization, which is one of timing. Building an appropriate culture is a dynamic process requiring long term commitment by senior management and other stakeholders, including a high amount of consistency over time. Contrary to that, changes to the formal structure can be, and often are, easily realised in the short term. The recognition of this is useful when seeking the convergence of these two elements. Here also lies the big challenge for companies, to keep formal structure and culture synchronized in an environment of massive change.

neue Seite

VII. Is it Culture or Structure? | 149

Dominik Treeck, Partner Oliver Wyman

In the End it is both Culture and Structure Dominik Treeck

Introduction Nearly a decade after the demise of Lehman Brothers and the ensuing financial crisis, the banking industry is still struggling to rebuild the trust and reputation squandered by the greedy, callous conduct of too many of its institutions and staff. Indeed, since 2008 the banking industry consistently scores at or near the bottom (see Figure 1). But how to go about this – how do you effect a substantive change in behavior that is both credible and evident? Figure 1: Percentage of interviewees trusting businesses in different industries 85 80 Technology 75 Automotive

70

Consumer Goods

65

Average Energy Health Care

60 55

Banks Media

50 45 40 2006

2007

2008

2009

2010

2011

2012

2013

2014

2015

Source: Edelman Trust Barometer Archive; www.edelman.com

Many, particularly larger, banks made much fanfare about culture initiatives – often based around a restatement of their values and countless training seminars. Suffering from a lack of follow-through and inconsistent signaling, most of these attempts fell flat. More sustained investment and attention has gone into the build-up or enhancement of governance, compliance and control structures – suggesting that decision-makers (and their supervisors) lend greater credence to their efficacy in addressing the issues at hand. So which is it – culture or structure? To resolve that question was the task put to the final panel of the day, whose members shed light on the matter from very different perspectives.

150 | Dominik Treeck

Definitions “Culture” is of course a rather amorphous concept. For the purposes of this discussion, we think of it as the mechanism that delivers values in the form of specific conduct. In the best case, a strong culture drives conduct consistent with a bank’s values – even in the absence of rules – and thus contributes to trust and strengthens the bank’s reputation among its stakeholders. In the worst case a negative culture breeds conduct that counters the bank’s stated values -- quite possibly despite management efforts to the contrary – and thus undermines trust in the industry and its reputation. The term “structure”, by contrast, serves as headline for the range of formal parameters that direct, incentivize or constrain how banks and their employees behave. This includes at the highest level the very ownership structure and mandate of the bank. But it also includes accountability and governance mechanisms, incentives and performance management, staff development, and policies and procedures.

Relationship between culture and structures It is tempting to view culture and structure strictly as alternatives. The panel’s discussion revealed a relationship that is much more complicated. Structures are clearly necessary. Indeed, all banks rely on structures, albeit on varying levels and with varying degrees of sophistication. At a sector level, the German savings banks are structurally set up for good conduct. Their mission statement is a public mandate – what they do must benefit society. Their business is limited to a defined territory, so they are forced to take a long-term view. And they have no owners – while they need to be profitable there are no short-term earnings pressures. Looking at commercial banks, however, we find that structures often fall short in achieving desired behaviors: First, many structures reflect regulatory compliance requirements in a given jurisdiction rather than the bank’s values and beliefs. Staff will thus perceive them as an external imposition and an inhibitor of business and accept the narrowest interpretation of requirements or even seek creative solutions to avoid requirements altogether. Moreover, there are often contradictions between values and structures or between different sets of structures, e.g. where hiring and firing decisions are made on the basis of short-term contributions to the economics of the business. Finally, research by the Group of Thirty found that banks whose management considers adherence to values a defensive maneuver to minimize client

VII. Is it Culture or Structure? | 151

redress, regulatory fines and cost are not nearly as likely to succeed as those who consider good conduct core to the economic viability of their business model. The bottom line is that a bank’s structures, like laws and regulations, are never water-tight. Unless they reflect a deeply embedded culture that drives individual behaviors, especially in the grey zones, they will not solve the issue at hand. Trust and the sector’s reputation will remain where it is – in the doldrums. So culture is the panacea? Unfortunately it is not – at least not for most banks most of the time. Why is that? First, many banks are large, have a wide geographic spread and contain a diverse set of businesses. They may combine plain vanilla retail services in Austria with high-stakes investment banking in the UK. Such a constellation creates tremendous challenges for shaping a single cohesive culture and structures may help by providing a framework within which different parts of the business can define their own sub-cultures. Second, organizations change all the time, for instance when acquisitions need to be integrated or new hires are brought on board. Over time, of course, a strong culture will assert itself, but structures can set the right expectations and provide the appropriate signaling, thus supporting cultural convergence. Third, management may wish to evolve target values and expected behaviors, perhaps in response to stakeholder demands. While compelling communication and tone-from-the top is the obvious starting point, the alignment or relevant structures provides critical support to effect the shift in behaviors. Our work with the Group of Thirty points to four areas where adequate structures are needed in support of a strong culture: 1. Senior accountability and governance. Boards should ensure that oversight of embedding values, conduct, and behaviors remains a sustained priority, with the primary responsibility resting with the CEO and Executive team for ensuring that the “tone from the top” has a clear and consistent “echo from the bottom.” 2. Performance management and incentives. Banks should ensure that their performance management does not reward individuals who do not meet a threshold of acceptable behavior in alignment with firm values and conduct expectations. This includes meaningful and consistent compensation adjustments (for example, bonus reduction or elimination, claw backs) in the event of identified failures. This requires use of a meaningful balanced scorecard approach based on objective criteria. 3. Staff development and promotion. Banks should continue to establish robust processes to explain and regularly reinforce to staff what is expected of them.

152 | Dominik Treeck

4. An effective three lines of defense. All employees and all levels of management should adhere to values, conduct, and behavioral expectations. Business line management – the first line of defense – should shoulder primary responsibility for delivering the desired values and conduct, with the second line setting standards, monitoring, and providing advice to the first line. The third line should be robust and mandated to test adherence to the stated standards. Culture and structures thus both have a critical role to play in achieving desired behavior. A strong culture is necessary and theoretically sufficient, though the complexity and constant change in the business of banking makes it not so in practice. Structures are necessary in support of culture but are certainly not sufficient. And the stronger a culture the less the bank needs to rely on structures.

Implications for regulators and supervisors What does all that mean for regulators and supervisors? While there is widespread consensus that culture cannot be regulated, this discussion does suggest an important role for supervisors. Given appropriate resources, senior staff supervisors can add value by sharing best practice insights with executive management and the Board, with specific emphasis on testing whether structures are being deployed appropriately in support of the target culture. This does not imply grading institutions on their culture, but it does imply sharing perspectives on whether “the how” is being effectively pursued relative to market best practices.

neue rechte Seite

VIII. Conclusion | 153

| VIII. Conclusion VIII. Conclusion

154 | Dominik Treeck

VIII. Conclusion | 155

Axel A. Weber, UBS Group AG (Chairman of the Board of Directors/Chairperson of the Corporate Culture and Responsibility Committee/Chairperson of the Governance and Nominating Committee)

Conclusion Axel A. Weber

Introduction For some time and for reasons we are all well aware of, conduct, compliance, and corporate culture have been hot topics for both the industry and the policymakers or regulators. And rightly so. Since the great financial crisis, the financial industry has lost trust. Many measures and regulatory developments have been implemented to regain trust in the industry. However, to restore and maintain trust, the public, politicians, supervisors, and regulators need to be convinced that the culture in the financial industry has changed, that it has changed for the better, and that it has changed for good. In this respect, more clarity is needed about the cultural and ethical values that organizations embrace and their own sense of purpose. Regulators and supervisors can also play an important role, by devoting more time and energy to ensuring that sound behavioral standards are improved and maintained. Ultimately, however, it is the responsibility of those who manage our financial institutions, particularly our banks, to drive cultural change and to instill a good corporate culture. The Group of Thirty (G30) Report on Conduct and Culture1 in the banking industry, which was published this past summer, is an important industry initiative in this direction. I want to emphasize though that I think that there is no such thing as “the right culture”. There are many dimensions to culture, which differ in different parts of the world. But there is a common understanding of what “good culture” entails. Ultimately, every financial institution needs to develop and implement a culture tailored to its needs. Also, it is important to consider that people may behave differently at the workplace than they would privately, or in society. Defining the workplace culture and global business conduct is important, because you can’t take it for granted that people bring their private culture to the bank and behave the same way as they behave privately. At UBS we continuously strive to enhance the workplace culture.

_____

1 Group of Thirty (2015): Banking Conduct and Culture: A Call for Sustained and Comprehensive Reform. The report can be downloaded free of charge from the G30 homepage (http:// group30.org).

156 | Axel A. Weber

I will first address the G30 report and the role it plays in improving the financial industry’s culture and conduct. I will then also give my view on the role of regulators with respect to culture and finally present some thoughts for next steps.

G30 Report represents work in progress I contributed to the G30 Report and pay tribute to the Co-Chairs Roger Ferguson and William Rhodes for their leadership. It provides a good overview of where the financial industry’s conduct and culture stands at large and what needs to be done to establish appropriate conduct standards, to rebuild culture, and eventually, to rebuild trust in the financial industry. While I fully agree with the report’s conclusions, it is work in progress and more needs to be done particularly in relation to remuneration, risk, and corporate governance. Furthermore all banks must take action and follow up on the report’s recommendations including the requirement for deeper engagement, involving the exchange of expert views between supervisors and banks’ management (both at CEO and Board level). Because ultimately, it is the responsibility of the banks’ managements to drive culture.

Culture and Conduct at UBS We at UBS recognized early on that rebuilding culture is very important in order to rebuild trust. Rebuilding culture is an essential component of our overhaul of the strategy and the business model, because one cannot change culture if one doesn’t change the way one is doing business. We went back to core guiding principles and focused on four key issues. First, the Group Executive Board needed to own the culture change and was put in charge of the process. Secondly, as behavior is incentivized by compensation, we reviewed and modified our compensation models to be better aligned with our long-term goals. Thirdly, a new control framework was adopted, and fourth, a firm-wide behavior program was implemented. For the UBS Board of Directors, we repositioned the Corporate Responsibility Committee into the Corporate Culture and Responsibility Committee to underline the importance of culture to the Board. We established three core principles – Client Focus, Excellence, and Sustainable Performance – and three behaviors – Integrity, Collaboration, and Challenge – as the guiding framework for our activities. Behaviors now define

VIII. Conclusion | 157

how we pay. It is not only important what results we achieve, but also how we achieve them. To make this all work, we needed to do two things: 1. Encourage people to do the right thing: this relates to our principles and behaviors, articulating what is expected, role modelling the behaviors and building them into day to day processes such as performance appraisal. 2. Monitor that people do the right thing: this is the control environment built around a risk assessment that has conduct risk embedded and enhanced monitoring and surveillance. The common denominator is the focus on aligned incentives: rewarding good behavior and ensuring poor behavior is penalized in a transparent way and impacts on compensation. In terms of implementation, setting the right tone from the top by clearly defined principles which are demonstrated in action by top management is very important to embedding values and culture. Our core behaviors are incorporated in the balanced scorecards for the CEO and the Group Executive Board. Including the appraisal report of the Group CEO in the firm’s compensation report is an important measure that helps to build transparency. Role modeling is another important element for implementing cultural change throughout our organization. Equally important is injecting a sense of personal accountability and ensuring that all levels of management clearly understand that delegating responsibility does not delegate accountability. In this regard we have rolled out a new leadership development program to embed our core principles and behaviors within all levels of the organization. Successful implementation requires the right tone from the top in combination with a bottom-up process. This is why we have implemented a whistleblowing process that gives everybody access to the CEO or Chairman when they see misbehavior happening. Ideally indeed, people should be able to directly challenge their superiors in such situations, but not everybody works like that, therefore it is important to have an anonymous mechanism that can be used to highlight misbehavior. A widespread challenge is that it is relatively easy to preach and live culture at the top of an organization, but many firms experience so-called permafrost of the Middle Management; they face difficulties embedding their culture and values on Middle Management level. This problem can be solved easily by applying both heat from the top and heat from the bottom. A combination of the right tone from the top and a good bottom-up whistleblowing process can help ensure that the right culture is embedded at all layers of the institution.

158 | Axel A. Weber

Role of regulators: Guidance and constructive dialogue Banks are obviously not acting in a vacuum, and there is a role to play for regulators and supervisors in the field of changing culture and conduct. When developing new standards, the focus of regulators should be on factors that influence culture, such as corporate governance, risk management and remuneration standards. Culture itself is hard to regulate and supervise directly. And we have seen a number of positive developments in this area with regulators providing guidance to the industry on risk and conduct standards. There have been updates of corporate governance standards at Basel Committee on Banking Supervision and OECD level, in particular focusing more on the role of Boards, risk management frameworks and compensation. Separately, the Financial Stability Board has done a lot of work and issued a framework on risk culture as well as principles for risk appetite. On a national level, regulators have taken additional steps, especially in the UK where we have seen a strong focus on conduct recently. The Financial Conduct Authority (FCA) has been leading developments such as the Senior Managers Regime and the Fair and Effective Market Review (FEMR), processes that have culture and governance at their core.

Focus on the longer term Looking beyond the role of regulators, shareholders should also be active in checking the implementation of values and culture, as this is in their interest as investors. We at UBS have introduced a binding vote on the variable pay to management. This is applied retroactively, based on the actual financial results and achievements. We focus on pay for performance. This helps the Board find balanced pay packages for management and results in a very transparent process between management, the Board and shareholders. Because it is applied retroactively, it can potentially also be a very intrusive measure and a strong deterrent. Another measure we continue to apply is a standard consultative vote on executive compensation, which is a measure for shareholders to express their satisfaction or dissatisfaction with the way Board and management have worked. In closing, it is fair to say that although ultimately management is responsible for the culture of a firm, there are important roles for regulators and shareholders in changing corporate culture and ensuring good conduct.

VIII. Conclusion | 159

We have made significant changes to compensation frameworks at UBS, with longer deferral periods and management now has more “skin in the game”. This ensures that management is incentivized to deliver consistent results, rather than one-offs. Having management heavily invested in the company in a sustainable way focuses the minds of everybody and brings sustainable performance. This is what drives good results. Prior to the crisis, banks were too focused on short-term results. And the new focus on more sustainable results is a major driver of culture in the financial industry.

160 | Axel A. Weber

Ende