CP153: CBI Consults on Individual Accountability Framework as Act Becomes Law
On 9 March 2023, the Central Bank (Individual Accountability Framework) Act 2023 (“IAF Act”) was signed into law and will significantly change the regulation and governance of regulated financial service providers in Ireland (“RFSPs”). It has not yet been commenced.
- Published
- in Industry Updates
The IAF Act amends and updates three pieces of corelegislation1 and gives the Central Bank of Ireland (“Central Bank”) power to make regulations to strengthen and enhance individual accountability in the Irish financial services industry.
On 13 March 2023, the Central Bank released Consultation Paper 153 (“CP153”), including draft regulatory guidance and draft regulations supplementing the IAF Act. The main requirements of the IAF Act will not come into force until after this consultation process has concluded.
Core Elements and Timing
The new regime will create a framework to facilitate cultural change and ensure greater individual accountability in RFSPs. It comprises the following core elements:
- The introduction (initially on a limited-scope basis) of a new Senior Executive Accountability Regime (“SEAR”);
- The introduction (for all Irish RFSPs) of new ‘Common Conduct Standards’ and ‘Additional Conduct Standards’, applicable to certain individuals in RFSPs, and new “Business Standards” applicable to the firms themselves (together the “New Conduct Standards”);
- Enhancements to the Central Bank’s Fitness and Probity regime; and
- Changes to the Central Bank’s investigation and enforcement process, and the administrative sanctions procedure.
SEAR will be introduced on a phased basis and will initially apply, from 1 July 2024, to credit institutions, insurance undertakings (except reinsurance, captive (re)insurance and insurance special purpose vehicles), certain investment firms and any third country branches of those companies.
The New Conduct Standards, the enhancements to the Fitness and Probity regime and the changes to the enforcement regime are all due to apply to RFSPs from 31 December 2023.
SEAR
Inherent, Prescribed and Other Responsibilities
The Central Bank has new powers to set out inherent, prescribed, and other responsibilities for persons performing Pre-Approval Controlled Functions (“PCFs”).
‘Inherent responsibilities’ are core responsibilities considered to be inherent to the particular PCF role and will be set out (in very broad terms) in the “SEAR Regulations” (currently annexed to CP153 in draft form).
‘Prescribed responsibilities’ are the specific responsibilities (to be listed in the SEAR Regulations) that must be allocated to individuals carrying out PCF roles at in-scope firms.
Some of these will fit logically with some conventional senior management roles within a RFSP. However, some may not have an obvious ‘home’ and could result in executives assuming new areas of responsibility.
Notably, there are also seven prescribed obligations that must specifically be allocated to non-executive directors.
In-scope firms will need to carefully analyse the draft list of prescribed responsibilities and consider how these will be assigned across their PCFs.
While CP153 directs that prescribed obligations should be allocated to the ‘appropriate’ PCF, it is noted that there is “flexibility to allocate responsibilities in a manner that accommodates different business models and organisational structures”.
Taking into account nature, scale and complexity, a reduced list of prescribed responsibilities will be applicable to low PRISM impact rated investment and incoming third country branches of in-scope firms.
The ‘other responsibilities’ included in CP153 relate to material business areas, activities, control and management functions and specific projects that are within their remit but are not captured by the inherent or prescribed responsibilities.
Additionally, all PCFs at in-scope firms will be subject to a new statutory duty of responsibility to take any steps that are reasonable in the circumstances to avoid the firm breaching any obligations that they are responsible for under SEAR.
Duty of Responsibility
This new duty requires PCFs to take reasonable steps to ensure that the aspects of the RFSP’s affairs that they are responsible for are conducted so that the RFSP does not contravene its obligations under financial services legislation. CP153 defines reasonable steps as any steps that it is reasonable in the circumstances for the person to take.
Statements of Responsibility
A written statement of responsibility must be put in place for each PCF setting out their role and the inherent, prescribed and other responsibilities allocated to them.
Management Responsibilities Map
RFSPs must produce a management responsibilities map outlining a firm’s governance and management arrangements and clearly identifying individuals and their responsibilities. This should demonstrate that there are no gaps in responsibilities across the firm.
RFSPs Outside of Phase 1 of SEAR
RFSPs outside the initial scope of SEAR should nonetheless consider the new regime and whether it may be appropriate, within the RFSP’s senior management, to identify who is responsible for what, in order to ensure that the business and its risks are being properly managed. The Central Bank states in CP153 “there is much in the spirit of the SEAR that firms not initially falling within scope should consider as aligned with good quality governance and which will support firms and senior management in implementing an effective governance framework by identifying how the business and its risks are being managed, who is responsible for what, and any gaps which may arise “.
Conduct Standards
Common Conduct Standards
The Common Conduct Standards set out standards of behaviour expected of individuals carrying out controlled functions (“CFs”) within RFSPs.
These include standards such as acting with honesty and integrity, with due skill, care and diligence and in the best interest of customers. An individual that is subject to the Common Conduct Standards will be expected to take reasonable steps to ensure that those standards are met.
Additional Conduct Standards
PCFs and other individuals who exercise significant influence on the conduct of a firm’s affairs (“CF1”), will also have to comply with the Additional Conduct Standards.
An individual who performs a PCF / CF1 role should take reasonable steps to ensure that these standards are met.
In all cases, reasonable steps will be considered on a case-by-case basis by reference to the relevant circumstances in each case.
A breach of the New Conduct Standards will be directly enforceable against individuals by the Central Bank.
Embedding the New Conduct Standards
RFSPs will need to enhance their governance frameworks and to adapt or develop appropriate policies and procedures so that the New Conduct Standards can be integrated into the culture and conduct of the affairs of the RFSP and drive the right behaviours and standards.
For example, instances of failure by individuals to meet the New Conduct Standards should be considered in the context of performance assessments and compensation reviews so that these standards become meaningfully embedded in a RFSP’s culture.
To note, for RFSPs outside the scope of the SEAR, the Central Bank considers the chief executive officer (or equivalent) to be responsible and accountable for embedding the Conduct Standards throughout the RFSP.
New Conduct Standards and Non-Executive Directors
The Common Conduct Standard to act with due skill care and diligence applies to all directors (both executive and non-executive) exercising their role and responsibilities as a member of the board, other governing body, or its committees. This includes, taking part in meetings, preparing and reviewing papers in advance of meetings, actively participating in collective decisions, constructively challenging, consulting and reporting to the relevant body or committee as required.
Regarding Additional Conduct Standards, the responsibilities that non-executive directors and independent non-executive directors are accountable are more limited than
executive directors in respect of governance, oversight and challenge.
Training
RFSPs must notify CFs of the Common Conduct Standards and individuals in PCF / CF1 roles of the Additional Conduct Standards that apply to them. RFSPs are also required to provide training to relevant individuals – both initially and on an ongoing basis to ensure that individuals know their obligations and specifically what is expected of them in the context of their role.
Fitness and Probity
The IAF Act enhances the Central Bank’s supervisory powers on Fitness and Probity and introduces a new requirement that persons can only be permitted to perform a CF where a certificate of compliance with the Fitness and Probity standards is given to the Central Bank (“Certification Regime”).
CP153 also proposes extending the Head of Material Business Unit PCF role to insurance undertakings and investment firms, and includes some guidance on how to identify who might be performing that function.
In addition to CP153, the Central Bank will also be issuing regulations and guidance on Fitness and Probity investigations in due course.
RFSPs will need to assess their ongoing monitoring / due diligence processes in light of changes to the Fitness and Probity regime (and also in light of the Dear CEO feedback published previously by the Central Bank emphasising the ongoing nature of the Fitness and Probity obligations and the importance of making notifications to the Central Bank, when required).
A key element will be to review and enhance the RFSP’s Fitness and Probity policy.
Further Information
Our recent webcast discusses the background to the new IAF Act / CP153 in more detail and provides some practical tips, from both a regulatory and employment perspective, for RFSPs tasked with implementing SEAR or the other aspects of the IAF.
Further information on our Irish Financial Services Regulatory Group, and the services we provide is available on our website page and in our brochure.
If you would like to learn more, please contact your usual Maples Group contact or any of the persons listed below.
1The Central Bank Act 1942; Central Bank Reform Act 2010 and the Central Bank (Supervision and Enforcement) Act 2013.