INTRODUCTION

On 1 September 2011 the Central Bank of Ireland (the "Central Bank") published its Fitness and Probity Standards (Code issued under Section 50 of the Central Bank Reform Act 2010) (the "Standards"), together with Draft Guidance on Fitness and Probity Standards (the "Draft Guidance").

The new regime will commence on 1 December 2011 for all existing staff and new staff holding senior positions, (i.e. those who hold a Pre-Approval Controlled Function ("PCF")), in regulated entities other than Credit Unions. In respect of new appointments to less senior positions, (i.e. those who hold a Controlled Function ("CF")), the new regime will commence from 1 March 2012 and from 1 December 2012 for all staff, including staff hired prior to and following the coming into force of the new Standards, in CF roles. This phased introduction is aimed at allowing firms time to implement the necessary internal controls and procedures to comply with the new regime.

Key aspects of this new regime are set out below, specifically those regarding the functions captured by the Central Bank Reform Act 2010 (Sections 20 and 22) Regulations, 2011 (S.I. No. 437 of 2011) (the "Regulations"), the standards of fitness and probity required of relevant persons, the obligations imposed on regulated financial service providers, as defined in Section 2 of the Central Bank Act, 1942, as amended by the Central Bank Reform Act, 2010 and the process for approving applications.

TERMINOLOGY – PCFs AND CFs

The Regulations confirm that the new regime will apply to two distinct groups, those performing Pre-Approval Controlled Functions ("PCFs") and Control Functions ("CFs").

Pre-Approval Controlled Functions

The list of PCFs, set out in Schedule 2 of the Regulations, is quite comprehensive as the Regulations specifically identify 42 senior positions as PCFs in a regulated financial service provider, including persons who hold the following positions:

  • Office of Executive and Non-Executive Director (PCF-1 and PCF-2);
  • Office of Chairman of the Board or Sub-Committee (i.e. audit, risk, remuneration and nomination committees) (PCF-3 and PCF-4 to PCF-7);
  • Office of Chief Executive (PCF-8);
  • Office of Secretary (PCF-9);
  • Head of Finance (PCF-12);
  • Head of Compliance (PCF-13);
  • Head of Internal Audit (PCF-14);
  • Head of Risk (PCF-15);
  • Head of Compliance with responsibility for Anti-Money Laundering and Counter Terrorist Financing Legislation (PCF-16); and
  • Branch Manager of branches of other EEA countries (PCF-17).

In addition to the list above, which applies to all regulated financial service providers, there is a list of industry specific PCFs within the Regulations specifying the functions which will be deemed to be PCFs in insurance undertakings, credit institutions, investment firms and other industry sectors.1

Where a regulated financial service provider proposes to appoint a person to a PCF, the Central Bank's prior written approval is required before it can offer to appoint the person to that function. Furthermore, before proposing a person for appointment to a PCF, the firm should conduct its own due diligence to assess the person's fitness and probity to perform the function.

Controlled Functions

While certain guidance has been provided as to which positions fall to be considered a PCF, the Regulations afford a more generic definition in respect of the 11 categories of CFs, which include a function related to the provision of financial services which is, for instance:

  • likely to enable the person responsible for its performance to exercise a significant influence on the conduct of the regulated financial service provider's affairs (CF-1);
  • related to ensuring, controlling or monitoring compliance with the firm's obligations (CF-2); or
  • likely to involve the person responsible for its performance in, for example, giving advice or assistance to a customer of the firm regarding the provision of a financial service (CF-3), arranging a financial service for them (CF-4), dealing in or having control over property of a firm's customer (CF-10) or providing instructions or directions in relation to dealing (CF-11) or dealing in/with property on the firm's behalf (CF-10).

The key difference between a PCF and a CF is that the Central Bank's prior approval is not required for persons to be appointed to a CF position, but the Central Bank will be able to investigate, suspend, remove and/or prohibit a person from carrying out a CF in a regulated financial service provider in the future.

Although the Central Bank considers that the scope of CFs relating to "customer facing activities" has been narrowed by specifying categories of staff that interact with customers, the definitions of CFs are nonetheless quite broad and will not necessarily assist regulated financial service providers in developing processes and procedures to comply with the Fitness and Probity regime. For instance, the reference to "giving of advice or assistance to a customer" in relation to CF-3 could capture a large group of individuals, particularly junior staff who should not be considered to fall within the new regime. The final Regulations do not appear to have incorporated industry submissions on Consultation Paper CP 51 Fit and Proper Regime in Part 3 of the Central Bank Reform Act 2010 ("CP 51") to the effect that the definition of a CF should be modified to relate only to roles with line management responsibility.

Standards of Fitness and Probity

The Standards of Fitness and Probity set the benchmark for considering the fitness, probity and financial soundness of people appointed to a PCF or a CF and may form the basis for refusing to approve the appointment of a person to a PCF or for removing or prohibiting someone from a CF if they do not meet those standards.

To comply with the Standards' conditions, a person must:

  • be competent and capable;
  • act honestly, ethically and with integrity; and
  • be financially sound.

Competence and Capacity

To be considered competent and capable of undertaking the CF or PCF to which a person is proposed, the person must have appropriate qualifications, professional or otherwise; experience and skills gained through training or in an employment context; and have shown the competence and proficiency to undertake the relevant function through the performance of previous roles. A sound knowledge of the regulated financial service provider's business, the responsibilities to be undertaken by the proposed person and the legal environment relating to the relevant function is also required. In addition, proposed persons must not allow conflicts of interest to arise or other responsibilities to impair the performance of their functions.

While the final Standards specify a fairly wide range of matters in considering a person's capacity to perform a relevant function, it is to be welcomed that the reference in the draft Standards to their physical/mental health has been omitted as this was considered to be an unusual and invasive requirement.

Honesty, Ethicality and Integrity

The Standards require a proposed person to be honest, ethical and to act with integrity (i.e. probity). Such persons must be able to show that their ability to perform the relevant function is not adversely affected to a material degree having regard to past behavior and events including, for example, if they were the subject of a complaint to a regulatory authority; if they were subject to any disciplinary proceedings; professional restrictions or suspensions; if they were dismissed from their positions; or if they have been convicted of certain offences.

Concerns have been raised that several of the matters referred to in the Standards are unduly broad and could give rise to data protection and confidentiality concerns and moreover may have no fair basis in terms of deciding whether a person is fit and proper to fill the PCF or CF position.

Financial Soundness

A person is required to demonstrate financial soundness (i.e. that the person managed his/her affairs in a sound and prudent manner). The person must also be able to show that his/her role in a relevant function is not adversely affected to a material degree by the fact, for example, that he/she is subject to an unsatisfied judgment debt or is an undischarged bankrupt or if he/she were a director of an entity which has been the subject of insolvency.

No allowance appears to have been made for financial difficulties arising from the recent financial crises which may be somewhat unfair and, in this regard, including as a relevant matter the directorship of an insolvent entity appears particularly harsh without any responsibility for the insolvency having been proven against the individual in question.

Due Diligence

Regulated financial service providers must satisfy themselves on reasonable grounds that persons appointed to CFs or PCFs comply with the Standards. This requires firms to analyse the competencies and degree of probity required to discharge a relevant function and take steps to ensure that a person is fit and proper to perform it. The Draft Guidance specifies the due diligence that firms should, at a minimum, carry out and provides examples of due diligence required in Appendix 1 thereof.

Minimum competency is one of the key concepts in assessing whether a person is fit to exercise a CF or a PCF in a regulated financial services provider. Part 1 of the Minimum Competency Code 2011 (the "Code"), issued pursuant to Section 50 of the Central Bank Reform Act 2010, specifies certain minimum competency standards with which persons falling within the scope of the Code must comply when performing controlled functions or pre-approval controlled functions on a professional basis.

Accordingly, the regulated financial services provider should satisfy itself, where a person is performing or proposes to perform a CF, the performance of which is subject to the minimum competency requirements of the Code, that the person has the recognized/necessary qualification(s) by obtaining a copy of the relevant degree/certificate or other evidence required to confirm the qualification. The Code also imposes obligations on "regulated firms", as defined therein, to monitor compliance with ongoing CPD requirements on a regular basis. In the event that a regulated financial services provider fails to do so it may be exposed to financial penalties and other sanctions under Part IIIC of the Central Bank Act 1942.

Similarly where a person is performing or proposes to perform a PCF the regulated financial services provider should perform similar due diligence as outlined in the preceding paragraph. In addition a firm which is subject to the Code must check publically available sources to ensure that the person has not been the subject of a sanction, prosecution or other regulatory action, or been the subject of a disqualification action or had a judgment registered against them.

The meaning of regulated financial services provider for the purposes of the Standards differs from the definition of "regulated firm" as set out in the Code which is as follows: 'regulated firm' means any of the following:

  1. a firm authorised, registered or licensed by the Central Bank (except moneylenders authorised under the Consumer Credit Act 1995);
  2. a certified person as defined in Section 55 of the Investment Intermediaries Act, 1995;
  3. a financial services provider authorised, licensed or registered in another EU or EEA Member State when providing services into the State on a branch or cross-border basis, except where responsibility for requirements in relation to the provision of such services into the State is reserved to that provider's home state regulator or to a provision of EU law by a European Community instrument.

It is worth noting that the above definition does not make any cross border exception and we will see later in this paper that persons performing CFs or PCFs outside the State on behalf of regulated financial service providers authorized, licensed or registered in the State also remain subject to the Standards.

Fitness

The due diligence considered suitable to determine a person's fitness to perform a CF or PCF includes the following measures:

  1. Professional qualifications – firms should obtain a copy of appropriate documentation evidencing the person's professional qualification or registration with a professional body if so required in respect of the relevant function and in particular compliance with the Code if applicable, as outlined above. They must also be required to selfcertify compliance with continuing professional development ("CPD") if required to maintain a relevant qualification.
  2. Application and Interview – firms should retain applications and written notes of the interview process if used to assess competence and capability, including for instance by documenting how previous experience equips the person with the expertise and experience to perform the relevant function.
  3. References – firms should obtain references from former employers etc of the individual and verification from third party referees as to their truth and accuracy.
  4. Concurrent Responsibilities – firms should ensure the person does not have other employment which interferes or creates conflicts of interest with the relevant function and require the person to provide written self-certification that they are capable of and have sufficient time to perform the relevant function having regard to other responsibilities. If persons performing functions designated as CF1, CF2 or PCFs hold directorships, they must be required to disclose them, written confirmation should also be sought as to the time to be allocated to the directorships(s) and if this will affect their performance of the relevant function.

Probity

The due diligence to be employed to determine a person's fitness to perform a CF or PCF should include the following measures:-

  1. Firms should obtain signed written confirmation from the person as to whether the matters specified in the Standards regarding their probity and financial soundness apply to them. If they do, the person must be able to show this has not adversely affected his/her ability to perform the function to a material degree. In addition, firms should check against publicly available sources to determine if persons conducting functions designated as CF1, CF2 or PCFs have, for instance, been the subject of regulatory action or if a judgment debt has been registered against them.
  2. Firms should assess and document whether the matter is material to the relevant function based on the evidence received (e.g. underlying documentation which the person should be required to furnish such as reports/decisions). Materiality may be determined in conjunction with other matters such as the seriousness and surrounding circumstances of the facts, their relevance to the person's duties, the duration of behavior, the length of time since the matter occurred and evidence of rehabilitation.
  3. If the matter is deemed material, the firm should make reasonable enquiries, for instance contacting third parties such as former employers or regulatory authorities for further information. Any information received may be considered in conjunction with other relevant matters and their cumulative effect may determine whether a person is fit and proper to perform the relevant function.
  4. Firms may also consider the impact of criminal convictions (involving dishonesty, fraud, financial service, insolvency, consumer, insurance, market manipulation, insider dealing or revenue law for example) on a person's ability to perform a relevant function having regard, for instance, to the circumstances of the conviction and its relevance to the performance of the function, the length of time since the conviction, the explanation offered by the convicted person and evidence of their rehabilitation.

Firms must also document the due diligence carried out to ensure adherence to the Standards and make such records available to the Central Bank upon request.

Obligations Imposed on Regulated Financial Service Providers

Regulated financial service providers must identify and maintain a record of persons performing PCFs and CFs in their organisations and must, by 31 December 2011, submit to the Central Bank a list of persons in a PCF as of 1 December 2011. Written confirmation must be submitted by the CEO, where appropriate, of regulated financial service providers, that the regulated financial service provider is satisfied that the persons on the list comply with the Standards and that the firm has obtained written agreement from such persons to abide by the Standards which must be brought to the attention of all persons performing a PCF or CF.

The Standards may not be met if firms have insufficient information to conclude that they are being complied with, particularly if this is due to lack of co-operation by the person, which should be brought to the attention of the person who should be allowed an opportunity to provide the required information.

The obligation on regulated financial service providers to ensure that persons performing CFs meet the Standards is a continuing one and therefore it may be necessary for those firms to introduce procedures to manage their compliance with this obligation. As such, the Central Bank considers it advisable for such firms to:

  • require persons in CFs to notify them of material changes from the initial due diligence. (Appendix 2 of the Draft Guidance provides suggested wording for this undertaking);
  • conduct annual audits, asking persons in CFs as to any material changes regarding their compliance with the Standards of which it ought to be aware;
  • ensure that they are aware of the Standards and they continue to abide by them on at least an annual basis; and
  • investigate, take appropriate action and notify the Central Bank without delay upon becoming aware of concerns as to the fitness and probity of a person performing a CF.

Processing Fitness and Probity Applications

All fit and proper applications will be dealt with by the Central Bank's Regulatory Transactions Department which will be the centre for standardised application processing and decision-making.

The Central Bank considers that the approval process will, to a large extent, be based on the online Individual Questionnaire ("IQ") which will replace the current paper version; reference checks; requests for additional information in some instances; and if necessary, interviews with proposed holders of PCFs. It anticipates that interviewees will largely emanate from firms whose impact and risk profile, in accordance with the Central Bank's Probability Risk and Impact System ("PRISM"), is assessed as medium or high, particularly in respect of the positions of Chairman and CEO. It is disappointing that the Central Bank did not indicate timescales within which applications will be processed.

Further Points to Note

  • Exclusion from the scope of the Standards: persons whose function is solely concerned with acting in accordance with a written script prescribing a course of action if a matter is raised regarding a range of routine matters arising in relation to the provision of financial services e.g. call centre staff.
  • Persons performing a PCF on a temporary basis: will not be taken to be responsible for this function but if it enables them to exercise significant influence over the firm's affairs, the firm may have to proceed with the application process. If the Central Bank agrees a person may perform a PCF on a temporary basis but firms must still be satisfied they comply with the Standards. Such temporary arrangements are only expected to be used in exceptional circumstances.
  • Outsourcing the Performance of a CF: regulated financial service providers remain responsible for ensuring compliance with their obligations under the Central Bank Reform Act 2010. Outsourcing arrangements must identify the persons responsible for performing the function. If the arrangement pertains to the performance of a CF, the identified person must comply with the Standards and in the case of a PCF the firm must obtain the Central Bank's prior written approval for the appointment of the indentified person to the PCF.
  • Provision of Services on a Branch Basis: persons performing CFs or PCFs outside the State on behalf of regulated financial service providers authorised, licensed or registered in the State remain subject to the Standards.
  • Reduced Regime for Proposed Persons Already Performing a PCF outside the State: persons approved for a PCF in an industry/sector in another EU/EEA State proposing to take up a similar role in that sector/industry in Ireland need only complete an IQ omitting section 5, certify that they comply with and will abide by the Standards and obtain confirmation from the relevant regulatory authority they can conduct the function in their jurisdiction. If the proposed PCF is materially different from the approved role, the approval process will apply in full.

Practical Steps

The phased implementation of the standards will take place as follows:

  1. From the 1st December 2011 existing and new staff in PCFs will be subject to the Regulations and Standards. Regulated financial service providers must notify the Central Bank of each individual in a PCF by 31 December 2011;
  2. From 1st March 2012 new appointments to CFs will be subject to the Regulations and Standards; and
  3. From 1st December 2012 the Regulations and Standards will apply to all staff in existing CFs.

The Draft Guidance sets out the practical steps that a regulated entity will be expected to take to meet the Standards and the criteria against which the Central Bank will assess compliance with the Standards.

Such steps include:

  1. Compiling and maintaining a list of persons in every PCF and CF (and by 31st December 2011, must provide a list of those performing PCFs to the Central Bank as at the 1st December 2011);
  2. Obtain confirmation from a person who is to perform a PCF or CF that he/she is familiar with the Standards and will comply with them;
  3. Undertaking due diligence of fitness, competence and probity of those performing PCFs and CFs, including obtaining signed confirmation of relevant matters from the particular person;
  4. Undertaking due diligence in respect of possible criminal records; and
  5. Ensuring that all due diligence carried out by the regulated financial service provider is documented and recorded;

CONCLUSION

When the new regime comes into effect, it will operate in addition to the existing statutory powers of the Central Bank, i.e. minimum competency requirements, corporate governance codes and administrative sanctions. Failure to comply with the Regulations and Standards may be subject to sanctions under the Administration Sanctions framework.

The new regime will clearly impose quite onerous obligations on regulated financial service providers to ensure persons performing CFs and PCFs adhere to the quite detailed conditions specified in the Standards of Fitness and Probity. Indeed the extensive nature of the duties imposed on firms is evident from the minimum due diligence measures set out in the Guidelines, which should however afford some practical assistance to firms in meeting their obligations to ensure the Standards are met.

The final Regulations and Standards do not necessarily address all of the industry's concerns raised in their submissions to CP51. As such, while the new regime demonstrates the Central Bank's commitment to ensuring a robust fitness and probity regime, its effectiveness and implications for regulated financial service providers and persons performing PCFs and CFs will take some time to be fully appreciated.

APPENDIX 1

*Pre-Approval Controlled Functions in Relation to Specified Regulated Financial Service Providers

  • In respect of insurance undertakings (save captives or special purpose reinsurance vehicles):-
    1. Head of Underwriting (PCF-19),
    2. Head of Investment (PCF-20) or
    3. Chief Actuary (PCF-21).
  • In respect of credit institutions:-
    1. Head of Treasury (PCF-22),
    2. Head of Credit (PCF-23) or
    3. Head of Asset and Liability Management (PCF-24).
  • In respect of investment firms authorised under the MiFID Regulations or investment business firms authorised or required to be authorised under section 10 of the Investment Intermediaries Act 1995:-
    1. Branch Managers within the State (PCF-29),
    2. Head of Trading (PCF-30),
    3. Chief Investment Officer (PCF-31) or
    4. Head of Investment (PCF-32).
  • In respect of entities carrying out administration of collective investment schemes or custodial operations involving the safekeeping and administration of investment instruments:-
    1. Branch Managers within the State (PCF-33),
    2. Head of Transfer Agency (PCF-34),
    3. Head of Accounting (Valuations) (PCF-35),
    4. Head of Trustee Services (PCF-36) or
    5. Head of Custody Services (PCF-37).
  • In respect of UCITS Self Managed Investment Companies, UCITS Management Companies or certain other management companies of investment companies:-
    1. Head of Transfer Agency (PCF-38),
    2. Head of Accounting Valuations (PCF-39) or
    3. Designated Person to whom a director of a UCITS self managed investment company or management company may delegate the performance of the management functions (PCF-40).

* The full list of PCFs is contained in Schedule 2 to the Central Bank Reform Act 2010 (Sections 20 and 22) Regulations 2011 (S.I. No. 437 of 2011).

Footnote

1. The list of industry-specific PCFs is included in Appendix 1 hereto.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.