The financial crisis revealed weaknesses in terms of oversight of the risk management function and internal control frameworks. The issue of corporate governance received steadily greater attention from international bodies in 2010. Since then these issues have continued to attract increased attention from international regulatory bodies as they continue to refine internal governance and risk management guidelines as a means to counterbalance the risks from institutions’ complexity and the products and services offered. While remuneration structures, in particular, continue to be hotly debated, industry participants will need to demonstrate rigour and proportionality when implementing these wide ranging guidelines.
Regulators are keen to reduce excessive risk taking and moral hazard within financial institutions. The Basel Committee on Banking Supervision (BCBS) is currently consulting on revised supervisory guidance for the internal audit function in banks. The document builds on its ‘Principles for Enhancing Corporate Governance’ which requires banks to have an internal audit function with sufficient authority, independence and access to the Board. The guidance contains 20 principles which include supervisory expectations and assessment of the internal audit function in banks.
In October 2011 the Financial Stability Board (FSB) published its second peer review on compensation practices which assessed the progress made by national competent authorities and significant financial institutions in executing its “Principles for Sound Compensation Practices and their Implementation Standards”. The FSB noted that good progress had been made, but expressed the need for further improvements particularly regarding behaviour and culture within financial institutions. Other concerns raised include a lack of consistency in approach across FSB member states and the need to disclose pay levels to ensure a level playing field. In the same month the FSB also published a progress report on the implementation of its recommendations on enhanced supervision of systemically important financial institutions (SIFIs). The report raised concerns that inadequate IT systems and data handling processes are hampering risk management practices and the effectiveness of supervisory oversight. The FSB also called on supervisors to increase scrutiny of firms’ risk management models. In May 2011 the Basel Committee on Banking Supervision (BCBS) published its final report on the alignment of remuneration with risk and performance. The Institute of International Finance (IIF) published a risk appetite framework report in June 2011 which, included recommendations for firms and several case studies.
In Europe, a proposal on further revisions to Credit Rating Agencies (CRA) regulation was published in November 2011, in the form of a Directive and a Regulation. The Regulation focuses on increasing competition and strengthening CRA independence to reduce conflicts of interest in the rating process as well as making CRAs more accountable for the ratings they provide and increasing the transparency and frequency of sovereign debt ratings. The Directive contains amendments to Undertakings for Collective Investment in Transferable Securities (UCITS) and the Alternative Investment Fund Managers Directive (AIFMD), requiring firms within scope of either initiative to carry out their own risk assessment rather than ‘solely or mechanically’ relying on external credit ratings. Similar requirements were included in the July 2011, Capital Requirements Directive IV proposal (CRD IV) which was also published in the form of Directive and a Regulation with provisions to prevent the overreliance on credit ratings included in the Directive. The European Commission (EC) has also included its corporate governance proposals within the CRD IV Directive with a focus on increasing the effectiveness of risk oversight by a firm’s board of directors and strengthening the independence and authority of risk management functions. As well as introducing remuneration policies, which discourage excessive risk taking and tie reward to the long-term performance of a financial institutions. In January 2012, Verena Ross, executive director of the European Securities and Markets Authority (ESMA) spoke at a public hearing outlining ESMA’s progress on CRA regulation and its future work programme in this area. In December 2011 ESMA conducted on-site inspections of three CRAs and will publish its findings in Q1 2012, ESMA will also finalise the establishment of the reporting data tools provided under the CRA regulation.
In the UK, the Financial Services Authority (FSA) is implementing remuneration requirements based on CRD III and will now require firms to make disclosures in respect to remuneration. In October 2011 the FSA published its finalised guidance on issues related to remuneration in the form of a ‘Dear CEO’ letter. The letter laid out the FSA’s approach to monitoring and implementing the remuneration code as well as clarifying its policy position.