The Individual Accountability Framework (IAF) is a regulation created to improve executive accountability within the Irish Financial Services sector by increasing transparency between Regulated Financial Services Providers (RFSPs) and the Central Bank of Ireland (CBI).
In Ireland, the IAF regime has been designed to address the shortcomings on good governance and culture following the retail banking tracker mortgage issue and a subsequent review of the Behaviour and Culture of the five retail banks in 2018¹.
Following this review, the IAF Bill was drafted in 2021 and a pre-legislation review was conducted by the Joint Committee on Finance, Public Expenditure and Reform and Taoiseach. This committee issued a report on 31 March 2022. The IAF Bill was enacted in March 2023 and has been followed by the issuance of the draft regulation, IAF Guidance, and Consultation Paper in April 2023.
The emphasis on individual accountability stems from the misconduct and excessive risk taking of the global financial crisis, recent banking scandals, and the associated difficulties of pinpointing individuals who can be held to account.
Regulators recognise that they cannot, and should not, legislate in detail every expectation of management in a rapidly changing world, and view accountability regimes as a key driver of cultural change and responsible senior management and Board behaviour.
The principal aim of individual accountability is to embed a culture of ethical compliance in regulated firms. The CBI Director General on Financial Conduct (Derville Rowland) alluded to this in her 11 March 2022 speech².
The IAF regime instituted by the CBI is comprehensive, and for the organizations which started their IAF programme early, we have seen these firms use it to strengthen their internal processes, clarify roles and responsibilities amongst senior executives, and incentivising positive behaviours.
Similar regimes are now in operation in several countries, including UK, Hong Kong, Singapore, Australia, and Malaysia.
The Irish IAF regime comprises of four components
1. Senior Executive Accountability Regime (SEAR): The key expectation is that senior executives must demonstrate compliance to their duty of responsibility by documenting their responsibilities and the reasonable steps taken to avoid contravention of legal and regulatory requirements.
There are Prescribed Responsibilities (provided by the CBI) which must be allocated to individuals carrying out Senior Executive Functions (incl. Board members). In addition, an overarching Management Responsibilities Map which outlines key management and governance responsibilities should also be in place.
2. Conduct Standards: Three categories of conduct standards are introduced;
- Common Conduct Standards for Controlled Functions (Controlled Functions (“CF”) and Pre-Controlled Functions (“PCF”) with binding obligations on individuals to conduct themselves with honesty and integrity, to act with due skill, care and diligence in the conduct of their business, and to co-operate with relevant regulatory authorities
- Additional Conduct Standards for Senior Management (PCF and CF-1 designated persons) and
- Standards for Businesses imposed on RFSPs which create a single reference point setting out the conduct standards in clear terms. They also provide a counterbalance to the conduct standards imposed on individuals
3. F&P Regime: Enhancements to the current regime which puts the onus on firms to proactively assess individuals taking up senior positions. This will also give the CBI additional powers, including the power to conduct investigations in relation to F&P of a person who performed a CF role in the past and who the CBI suspects pose a danger to consumers and/or the financial system
4. Enforcement Process: The CBI Administrative Sanctions Procedure has been further strengthened giving the regulator the powers to pursue individuals directly for their misconduct rather than only where they have participated in a firm’s wrongdoing.
Fostering an open, transparent, and ethical culture
The subject of culture is integral to the new regime, and this is again back to the 2018 report on Behaviour and Culture of the Irish retail banks.
Conduct, culture and accountability are under-pinned by risk culture; which is a firm’s collective attitudes, perceptions, beliefs and behaviours that impact risk and affect outcomes. Every organisation has a risk culture that determines the collective ability to identify, understand, openly discuss and act on risk.
Regulators have found that embracing strong accountability principles builds
positive risk awareness, ownership, and transparency across all business lines and
supporting functions. Similarly, heightened individual accountability leads to
enhanced monitoring of the organisation, a greater focus on the customer, and
increased speed in identifying responding, and resolving issues and poor customer
and shareholder outcomes.
The Senior Executive Accountability Regime (SEAR) and its role as part of the IAF
SEAR primarily targets the Board and Senior Management population. The Board of an entity sets the tone at the top and Senior Executives are responsible for the day-to-day management of the entity. If the effort to promote accountability in organisations will take root, the principal officers must take a leading role in shaping the culture of the entities for which they have stewardship.
The SEAR regime initially applies to the following sectors:
- Credit Institutions (excluding credit unions),
- Insurance undertakings (excluding reinsurance undertakings, captive (re)insurance undertakings and Insurance Special Purpose Vehicles),
- Investment firms that underwrite on a firm commitment basis and/or deal on their own account and/or are authorised to hold client monies/assets, and
- Third country branches of the above
Other sectors may be brought within the scope of SEAR in the future.
The IAF is about incentivising positive behaviours and promoting improved governance and culture with a focus on encouraging the good. This regime will have an impact on the end-to-end employee lifecycle from recruitment, induction and training, performance and appraisal, changes of role, up to exit. Firms will need to assess how the SEAR obligations are met and how evidenced throughout the tenure of senior individuals in their roles.
CBI Consultation Process
Consultation is a standard practice in regulation development – it gives the opportunity to RFSPs and other trade bodies to provide feedback to the regulator. As part of this process, the CBI is inviting stakeholders, including the public, regulated firms, staff, representative bodies, consultancies, and service providers to feed into the process.
In Ireland, the Banking Payments Federations Ireland (BPFI), Insurance Ireland, and Irish Funds will provide consolidated feedback to the CBI on the IAF. Once this feedback is analysed, it will then be incorporated into the finalised rules/guidelines subsequently published as regulations. As an example, some of the feedback from the industry may revolve around challenges that some institutions may have encountered in the allocation of prescribed responsibilities.
Key Dates in the roll-out of the IAF
- Conduct Standards, including accountability of senior individuals for running their parts of the business, effectively to apply from 31 December 2023
- Fitness & Probity Regime: Certification and inclusion of Holding Companies to apply from 31 December 2023
- Regulations prescribing responsibilities of different roles and requirements on firms to clearly set out allocation of those responsibilities and decision making to apply to in-scope firms from 1 July 2024.
There is a clear awareness of the regime amongst RFSPs and most organizations have now set up or are in advanced stages of setting up IAF programme. In order to be compliant with the conduct rules for the December deadline, organisations will need to have most aspects of SEAR in place.
What steps should organisations be taking now and, in the months, ahead, and why?
EY is currently supporting a number of organisations on their IAF programmes, delivering training to Board members and executives, performing impact assessments of the regime on firms’ operating model, and enhancing their governance and management structures.
In line with the principles of proportionality which has been emphasised by the regulator, the scale and scope of activities will vary from one organisation to another. The following are ‘No Regret’ activities that RFSPs should undertake over the coming weeks as part of their preparation for IAF introduction:
- Review current governance and committee structures. It is critical to assess how the respective committees discharge their responsibilities, ensure adequate representation and records management
- Review organisational design of senior management team to ensure that existing and additional F&P and Conduct standards are being met. Allocate the respective CBI-Prescribed Responsibilities to PCF role holders and use current job descriptions / role profiles to create statements of responsibility and reasonable steps framework(s), and assessments for each PCF.
- Review and map current end-to-end HR processes and activities (and interrelationships with the second line) as this regime has implications throughout the employee lifecycle, and
- Consider appropriate technology enablement to ensure that the various SEAR documents (e.g. MRM, SoR, Reasonable Steps assessments) developed can be effectively and efficiently maintained factoring in future change in roles
For more information about how EY can help your organisation with the roll out of its IAF programme, please contact EY today.
Sources
Contact Us
If you would like more information on how EY's team of experts can help, please reach out today.