corporate governance and banks: the role of regulation in …a8903a5c-238a-4431-9a4f... ·...

Journal of Banking Regulation Volume 7 Numbers

Corporate governance and banks: The roleof regulation in reducing the principal-agentproblem

Kern Alexander

The Judge Business School, University of Cambridge, Trumpington Street, Cambridge CB2 1AG, UKtel; +44 (0)1223 339700; fax: +44 (0)1223 339701The International Law Institute, University of Zurich, 74 Ramistrasse, Zurich, CH 8001, Switzerlandtel: +41 44 634 48 65; fax: +41 44 634 43 78

Kern Alexander is Senior ResearchFellow, The Judge Business School, Uni-versity of Cambridge and the InternationalLaw Institute, University of Zurich.

ABSTRACT

The purpose of this paper is to analyse some ofthe important issues concerning the corporategovernance of banks and financial institutionsand the related issues of financial regulation.The paper argues that corporate governance ofbanks is largely concerned with reducing thesocial costs of bank risk-taking and that the reg-ulator is uniquely positioned to balance the rele-vant stakeholder interests in devisinggovernance standards for financial institutionsthat achieve economic development objectives,while minimising the externalities of systemicrisk. The paper also analyses recent interna-tional initiatives in the area of corporate gov-ernance and banking, including some of theproposals of the Basel Committee on BankingSupervision. The paper then reviews the legaland regulatory framework of corporate govern-ance in the United Kingdom for banks to illus-trate some of the strengths and weaknesses ofthe UK approach, and to suggest possible regu-latory techniques for other jurisdictions.

INTRODUCTIONThe corporate governance of banks andfinancial institutions has become an impor-

tant area of fmancial regulation because ofthe systemic risks that banking activity posesfor the economy and society at large. Follow-ing the US savings and loan crisis in the 1980sand the Asian fmancial crises in the 1990s,most experts recognised that effective pru-dential regulatory regimes for the bankingsector require strong corporate governanceframeworks for banks and fmancial institu-tions. Most of the literature on corporategovernance has addressed the governanceissues confronting companies and firms in thenon-financial sector.' Most of these studiestake the principal-agent problem as the start-ing point of analysis, in which the principal isthe owner/shareholder of the firm and theagent is the manager/employee of the firm.This paper suggests that the traditionalmodel of the principal-agent problem fails totake account of the important role that fman-cial regulation can play in representing stake-holder interests in the economy. Recentinternational initiatives in the area of bankingregulation provide some general principlesfor how regulators can balance the interestsof owners, managers and other stakeholderinterest in society. UK financial regulationestablishes a legal basis for corporate govern-ance standards for banks and financial sectorfirms that seems to address some of the mani-festations of the principal-agent problem inthe financial sector.

Journal of Banking Regulation,Vol. 7. Nos. 1/22006, pp. 17-40Palgrave Macmillan Ltd,1745-6452/06 $30.00

Corporate governance and banks

The main rationale of bank regulation hastraditionally been the safety and soundnessof the financial sector and protection ofdepositors. A safe and soutid bankitigsystem requires the effective control of sys-temic risk. Systemic risk arises becausebanks have an incentive to underprice finan-cial risk because they do not incur the fullsocial costs of their risk-taking.'* The socialcosts of bank risk-taking can arise from thesolvency risks posed by banks because ofimprudent lending and trading activity, orfrom the risks posed to depositors because ofinadequate deposit insurance that can inducea bank run. Systemic risk can also arisefrom problems with payment and settle-ment systems or from some type of financialfailure that itiduces a macroeconomic crisis.*̂These sources of systemic risk demonstratethe fragility of the banking sector and theneed to develop adequate corporate govern-ance arratigements to incentivise bank man-agement and owtiers to utidertake a level ofrisk that does not create substantial socialcosts for the economy.

Bank regulation has traditionally soughtto mitigate these social costs by adoptitigvarious prudential measures, includingdeposit insurance, capital adequacy require-ments, asset composition rules, and fit andproper standards for bank officers, seniormanagement and board members.' Themain function of bank prudential regula-tion is to address the social costs whichbank risk-taking creates by adopting con-trols and incentives that induce banks toprice financial risk more efficiently. Corpo-rate governance plays an important role inachieving this in two ways: to align theincentives of bank owners and managers sothat managers seek wealth maximisationfor owners, while not jeopardising thebank's franchise value through excessiverisk-taking; and to incentivise bank man-agement to price financial risk in a waythat covers its social costs. The latter objec-tive is what distinguishes bank corporate

governance from other areas of corporategovernance because of the potential socialcosts that banking can have on the broadereconomy. Moreover, it should be notedthat regulatory intervention is necessary toaddress the social costs of bank risk-takingbecause the regulator is uniquely situatedto assert the varied interests of other stake-holders in society and to balance thoseinterests according to the public interest.

WHY BANKS ARE SPECIAL AND THEPRINCIPAL-AGENT PROBLEMThe role of banks is integral to any econ-omy. They provide financing for commer-cial enterprises, access to payment systems,and a variety of retail financial services forthe economy at large. Some banks have abroader impact on the macro sector of theeconomy, facilitating the transmission ofmonetary policy by making credit andliquidity available in difficult market condi-tions. The integral role that banks play inthe national economy is demonstrated bythe almost universal practice of states inregulating the banking industry and pro-viding, in many cases, a government safetynet to compensate depositors when banksfail. Financial regulation is necessarybecause of the multiplier effect that bank-ing activities have on the rest of the econ-omy. The large number of stakeholders(such as employees, customers, suppliersetc), whose economic well-being dependson the health of the banking industry,depend on a well-regulated and supervisedbanking sector. Indeed, in a healthy bank-ing system, the supervisors and regulatorsthemselves are agents acting on behalf ofbroader stakeholder interests in the econ-omy at large. Efficient banking regulationinvolves the promulgation of substantivestandards (eg capital adequacy and fit andproper standards) and risk managementprocedures for financial institutions inwhich regulatory risk measures correspondto the overall economic and operational

risk faced by a bank. Accordingly, it isimperative that financial regulators ensurethat banking and other fmancial institutionshave strong governance structures, espe-cially in light of the pervasive changes inthe nature and structure of both the bank-ing industry and the regulation which gov-erns its activities.

For most stakeholders, such as employ-ees, customers, suppliers etc, their eco-nomic welfare depends on the safety andsoundness of the banking system and, morecritically, the health of the econoniy. Thespecial role of banks is recognised by theBasel Committee on Banking Supervisionstatement on Corporate Governance forBanking Organizations, which states:

'Banks are a critical component of anyeconomy. They provide financing forcommercial enterprises, basic financialservices to a broad segment of thepopulation and access to paymentssystems. In addition, some banks areexpected to make credit and liquidityavailable in difficult market conditions.The importance of banks to nationaleconomies is underscored by the fact thatbanking is virtually universally aregulated industry and that banks haveaccess to government safety nets. It is ofcrucial importance therefore that bankshave strong corporate governance.

Moreover, as mentioned above, strongbank corporate governance is necessarybecause of the social costs of bank risk-taking. For instance, a bank run can lead toa general loss of confidence in the bankingsystem, which can quickly result in a spill-over effect on other banks and even affecthealthy banks via the payment system. It isimportant, therefore, that supervisors andregulators monitor the governance prac-tices of banks in order to protect the inter-ests of those who have an economic andsocial stake in the efficient performance of

the banking sector. An important functionof bank regulation should be to developsubstantive standards of governance andprocess-oriented risk management guide-lines that incentivise bank management anddirectors to take into account the overalleconomic and operational risk posed byfmancial institutions. This requires theadoption of robust governance structuresthat balances the various interests withinand outside the banking organisation sothat the social costs of bank risk-taking areminimised.

The principal-agent problemThe principal agent model has generallybeen concerned with how one individual(the principal) can design a contract whichmotives another person (the agent) to act inthe principal's interest. The design 'princi-pal-agent problem' was first used by Ross(Stephen Ross (1973) 'The economic theoryof agency: The principal's problem' Ameri-can Economic Review, Vol. 53, No. 2, pp.134-39) to refer to the general problem ofdevising a contract to ensure that the agentpursues the principal's goals as efficiently aspossible. The principal-agent problemusually arises from two sources: imperfectinformation, and misaligned incentivesbetween the principal and agent. Imperfectinformation occurs when the principalcannot sufficiently monitor the agents'actions. For example, it is very difficult for abank to monitor the actions of its borrowers,or for a bank owner to know the level ofeffort exerted by its officers and employeesbecause of what Arrow (Kenneth Arrow(1965) Aspects of the Theory of Risk-Bearing,Chicago: Aldine-Atherton) classified ashidden action and hidden information problems.If the agents' actions are not observable,it is impossible to design a contract basedon these actions. Moreover, the principalmay delegate responsibility to the agent tomake certain decisions based on informa-tion that is only available to the agent.


The other source of the principal-agentproblem concerns the divergence of inter-ests between the principal and agent. If thegoals of these two parties were perfectlyaligned, the agent would have an incentiveto act in the way that the principal wouldwish it to act. Perfect alignment of inter-ests, however, is difficult to achieve becausethe unobservable actions of the agentcannot be perfectly inferred based onobservable data. For example, the agent'slevel of output cannot be used as a perfectmeasure of effort because other randomfactors may influence the agent's outputindependent of the agent's effort.

The principal-agent problem can mani-fest itself in two ways: moral hazard (hiddenaction), and adverse selection (hidden infor-mation). These problems arise from theinformational advantages possessed by theagent at the principal's expense. Moralhazard can be defined as actions of eco-nomic agents to maximise their own utilityto the detriment of others in situationswhere they do not bear the full costs orconsequences of their actions. This may bedue to the uncertainty and incomplete orrestricted contracts which prevent theassignment of full costs/benefis to theagents responsible. Moral hazard is a formof post-contractual opportunism thatinvolves the agent choosing to pursue hisor her self-interest at the expense of theprincipal by deviating from the course ofaction that the principal would prefer theagent to take. Moral hazard is thereforeassociated with hidden actions in a contrac-tual relationship. Hidden action involvesactions that cannot be accurately observedor inferred by others, thus making itimpossible to condition contracts on theseactions.

Adverse selection is another form of theprincipal-agent problem that applies to amarket in which products or services ofvarying qualities are exchanged, and onlysellers know the quality of the goods.

Adverse selecton refers to a form of pre-contractual opportunism which arises whenthe agent has private information aboutsomething which affects the net benefitthat the principal derives from the bargain.Adverse selection is therefore associatedwith hidden information. This means that theagent has some (possibly incomplete) infor-mation which determines the appropriate-ness of the agent's actions, but which areimperfectly observable by others. Forinstance, a borrower is likely to know a lotmore about its ability to repay a loan thanthe lending bank. This means that high-risk borrowers can exploit this informationasymmetry by portraying themselves aslow-risk borrowers in order to obtainimproved conditions on a bank loan.

The traditional principal-agent frame-work has been used to analyse bank risk-taking and how the incentives of share-holders, creditors and managers candiverge and thus undermine banking sectorstability." The main characteristic of theprincipal-agent problem is that some man-agers have the opportunity to engage inunobserved, socially costly behaviour.'^The principal-agent problem can manifestitself in different risk preferences for bankmanagers as compared to shareholders andcreditors, including depositors, and otherstakeholders, such as employees, customers,and borrowers. Overcoming the principal-agent problem involves reducing the infor-mation asymmetries between these partiesand aligning their incentives for risk-taking. This can be difficult, however,because of high transaction costs and insti-tutional barriers. Bank regulation is there-fore necessary to ensure that the incentivesof these groups are properly aligned andthat the social costs of bank risk-taking aremitigated and that the transaction costs forbanks in obtaining liquidity and access tothe payment system are low.

Moreover, the principal-agent problemmay also manifest itself within the context

of the bank playing the role of externalmonitor over the activities of third partiesto whom it grants loans. In fact, whenmaking loans, banks are concerned abouttwo issues: the interest rate they receive onthe loan, and the risk level of the loan. Theinterest rate charged, however, has twoeffects. First it sorts between potential bor-rowers (adverse selection) and it affectsthe actions of borrowers (moral hazard).These effects derive from the informationalasymmetries present in the loan marketsand hence the interest rate may not be themarket-clearing price.

In addition, a major challenge for corpo-rate governance as it relates to banks andfinancial institutions involves a redefinitionof the principal-agent problem to includethe various types of market failure thatcause financial instability in the bankingsector. This means that banking regulationshould be concerned not only with creatingan incentive framework to induce manage-ment to achieve the objectives of the bankowners (eg shareholder wealth maximisa-tion), but also to allow the regulator tobalance the interests of the various stake-holder groups in the economy that areaffected by bank risk-taking and reduce thesocial costs that are inevitably associatedwith poorly regulated banking activity.

Moral hazard and deposit insuranceThe banking literature suggests that bankspossess superior information regarding theviability of assets and that their primaryfunction is to serve as delegated monitorson behalf of depositors with surplus capi-tal.' Since depositors lack sufficient infor-mation to assess the riskiness of assets in thebank's portfolio, they are not able to suc-cessfully monitor banks. This informationadvantage (asymmetric information) ofbanks leads to moral hazard between thebank and the depositors. This means thatbank owners (managers) have strong in-centives to increase risk because they can

transfer their risk to third parties whilereceiving any gains that might result fromthe risky behaviour. To address the poten-tial risk to depositors, most developedcountries provide some form of depositinsurance protection. For example, the USGovernment has provided generous depositinsurance on multiple accounts for deposi-tors since the 1930s. This has been criti-cised, however, as reducing the incentiveof depositors to monitor the risky activitiesof bank management. For instance,Merton showed that before 1991 the FDICinsurance premia rates were calculated on afixed price basis for all insured deposits;and that this created a put-option-like sub-sidy for bank shareholders, which createdan incentive for riskier lending and tradingactivities.

In 1991, as a response to the savings andloan crisis of the 1980s, Congress sought tomitigate the moral hazard problem byenacting the Federal Deposit InsuranceCorporation and Institutions Act 1991(FDICIA). Under FDICIA, the FederalDeposit Insurance Corporation (FDIC) hasbeen vested with discretionary authority tomake determinations of unsafe andunsound banking practices in violation ofthe FDICIA that would place the insurancefund at risk.

FDICIA established a risk-based assess-ment system under which the premiumspaid by federally insured financial institu-tions are based on risks the institutions poseto the insurance fund. Specifically, s. 302(a)of the FDICIA requires the FDIC to estab-lish final risk-based assessment regulations,and s. 302(f) authorises the FDIC to pro-mulgate transitional regulations governingthe time period between the flat-rate assess-ment system and the risk-based assessmentsystem required under s. 302(a). The FDICadopted the transitional regulations on 15thSeptember, 1992,^' and subsequentlyadopted the final regulations on 17th June,1993. Both regulations were codified


under Title 12 of the Code of Federal Reg-ulations § 327.2^

In s. 302(a) of the FDICIA, Congressdefined a 'risk-based assessment system' as:

'a system for calculating a depositoryinstitution's semiannual assessment basedon —(i) the probability that the deposit

insurance fund will incur a losswith respect to the institution,taking into consideration the risksattributable to —(I) different categories and con-

centrations of assets;(II) different categories and con-

centrations of liabilities, bothinsured and uninsured, contin-gent and non-contingent; and

(III) any other factors the [FDIC]determines are relevant toassessing such probability;

(ii) the likely amount of any such loss;and

(iii) the revenue needs of the depositfund.''"

The FDIC has responded by using a risk-based classification system based on detailedreports and expert evaluations of the finan-cial condition of an institution. The FDIC'sregulations require the agency to analyseobjective 'capital' factors as well as subjec-tive 'supervisory' factors.'^ The capital fac-tors determine the institution's 'capitalgroup', signified as a 1, 2 or 3 in the riskclassification. The supervisory risk factorsdetermine the institution's 'supervisorysub-group', signified as an A, B, or C inthe risk classification. Further, the regula-tions provide that the FDIC will assign aninstitution a supervisory subgroup based onthe FDIC's 'consideration of supervisoryevaluations provided by the institution'sprimary federal regulator'. ^

The US FDICIA 1991 approach demon-strates that the regulator can influence the

risk preferences of the bank manager byadjusting the insurance premia rates forinsured deposits. Despite the FDIC's newpowers to devise premium charges thatmore truly reflect the underlying risk of abank's assets, some experts argue thatdeposit insurance premia in the USAremain underpriced. '̂̂ Nevertheless, regula-tors are in agreement that the reduction ofmoral hazard in bank risk-taking requiresthe efficient pricing of deposit insurancepremia along with a level of coveragethat creates an incentive for depositors toengage in an optimal level of monitoringand bearing some of the risks of bank man-agers.

Moral hazard — the lender of lastresort, bank manager and fixedclaimantsMoral hazard can also exist between theregulator and bank manager. The issue thatarises is whether the regulator can designgovernance structures to reduce the socialcosts of bank risk-taking. According toArrow, it is impossible to allocate riskefficiently between the regulator and bankbecause of asymmetric information. Forinstance, the lender of last resort (LOLR)mechanism provides a safety net thatallows the bank to shift risk to the regula-tor (insurer) or to depositors. This is espe-cially the case when the bank is perceivedas too big to fail. The LOLR mechanismprovides a safety net for banks that allowsthem to discount the cost of their risk-taking. On the other hand, in regard todeposit insurance, it has been argued thatthe insurer-regulator is assumed to managethe trade off between the social costs ofbank default and the economic benefits ofbank risk-taking when the bank avoids

2°Moreover, various devices are used to

protect fixed claimants against excessiverisk-taking in the firm. However, accord-ing to Macey et al.^^ what makes banks

primarily different from other types offirms is the lack of discipline exerted byfixed claimants (eg depositors and otherbanks). According to Hellniann et al.,monitoring financial institutions is a publicgood, which will give rise to a free riderproblem. For example, deposit insurancereduces the incentive for insured depositorsto monitor the bank's risk-taking becausetheir deposits are protected regardless ofthe success of the banks' investments.Furthermore, in a world without depositinsurance, depositors would be incentivisedto demand a higher interest rate to com-pensate for the extra risk due to the bank'srisk-taking. This would increase the cost ofcapital in the banking sector and thus inhi-bit economic development objectives.Therefore, it is necessary that the regulatorplay an appropriate role in designing anincentive compatible deposit insurancesystem and to address other sources ofmarket failure.

REGULATORY INTERVENTIONThe foregoing illustrates the wide range ofpotential agency problems in fmancialinstitutions involving several major stake-holder groups including, but tiot limitedto, shareholders, creditors/owners, deposi-tors, management, and supervisory bodies.Agency problems arise because responsibil-ity for decision making is directly or indir-ectly delegated from one stakeholdergroup to another in situations where objec-tives between stakeholder groups differ andwhere complete information which wouldallow further control to be exerted overthe decision maker is not readily available.One of the most studied agency problemsin the case of financial institutions involvesdepositors and shareholders, or supervisorsand shareholders. While that perspectiveunderpins the major features of the designof regulatory structures — capital adequacyrequirements, deposit insurance, etc —incentive problems that arise because of the

conflicts between management and ownershave become a focus of recent attention.

The resulting view, that fmancial mar-kets can be subject to inherent instability,induces governments to intervene to pro-vide depositor protection in some form orother. Explicit deposit insurance is oneapproach, while an explicit or implicitdeposit guarantee is another. In either case,general prudential supervision also occursto limit the risk incurred by insurers orguarantors. To control the incentives ofbank owners who rely too heavily on gov-ernment-funded deposit insurance, govern-ments typically enforce some control overbank owners. These can involve limits onthe range of activities; linking depositinsurance premiums to risk; and aligningcapital adequacy requirements to businessrisk.

While such controls may overcome theagency problem between government andbank owners, it must be asked how signifi-cant this problem is in reality. A cursoryreview of recent banking crises would sug-gest that many causes for concern relate tomanagement decisions which reflect agencyproblems involving management. Manage-ment may have different risk preferencesfrom those of other stakeholders includingthe government, owners, creditors, etc, orlimited competence in assessing the risksinvolved in its decisions, and yet have sig-nificant freedom of action because of theabsence of adequate control systems able toresolve agency problems.

Another important area that has notattracted sufficient academic or regulatoryattention concems the issues of whether toregulate the financial compensation pro-vided by banks to their employees andshareholders. Indeed, the risk-taking strate-gies of senior management and directorsare significantly influenced by their com-pensation arrangements and by their expo-sure to civil and criminal liability for theirrisk-taking practices. The goal should be


aligning the incentives of shareholders,depositors and creditors. In other words,they must be required to incur the costs oftheir risk-taking activities. The regulatorcan only hope to approximate this in thereal world. What has become generallyrecognised, however, is that regulatorsshould be given broad statutory authorityto exercise discretion in assessing the riskprofile of a particular institution and torespond rapidly to developments in finan-cial markets that affect risk-taking. Forinstance, this might involve controllingincentive arrangements for certain key per-sonnel in the bank who exercise controlover the bank's leverage positions.

In addition, a significant tool for the reg-ulator in ensuring that its regulatory stan-dards arc met is the use of administrativepenalties and civil sanctions on banks ortheir directors and employees for takingactions in breach of regulation. Effectiveregulatory intervention requires that regu-lators have the resources and discretion tobring enforcement actions for allegedbreach. Such discretion could include factfinding in administrative hearings whichcan only be reviewed on judicial review onthe basis of abuse of discretion or based onsubstantial facts. This type of discretion,however, can be criticised on the groundsthat it places too much power in the handsof the regulator to act in a way that somemight view to be arbitrary and capricious.Indeed, the discretionary power of the reg-ulator may result in discriminatory treat-ment between banks or individuals thatmight violate human rights legislation.Moreover, it might violate a person's rightto have civil penalties or sanctionsreviewed by a fair and impartial tribunal."'"''

INTERNATIONAL INITIATIVESInternational standards of banking regula-tion traditionally relied on compliancewith external standards or criteria of assess-ment (eg 8 per cent capital adequacy) to

determine the safety and soundness ofbanks, but with the adoption of Basel IIthere has been a change in emphasis thatfocuses on whether a bank's internal pro-cesses and decision-making structure com-plies with procedural standards ofassessment. Banks are expected to followprocess-oriented rules in assessing the riskof assets and calculating capital and notmerely relying on external standards andcriteria of assessment. This involves theregulator working closely with banks andadjusting standards to suit the particularrisk profile of individual banks. Indeed,Basel II emphasises that banks and financialfirms should adopt, under the generalsupervision of the regulator, internal self-monitoring systems and processes thatcomply with statutory and regulatory stan-dards. Pillar II of Basel II provides forsupervisory review that allows regulatorsto use their discretion in applying regula-tory standards. This means that regulatorshave discretion to modify capital require-ments depending on the risk profile of thebank in question. Also, the regulator mayrequire different internal governanceframeworks for banks and to set controlson ownership and asset classifications.

OECD and Basel CommitteeIn its most recent corporate governancereport, the OECD emphasised the impor-tant role that banking and financial supervi-sion plays in developing corporate-governance standards for financial institu-tions. Consequently, banking supervisorshave a strong interest in ensuring effectivecorporate governance at every bankingorganisation. Supervisory experience under-scores the necessity of having appropriatelevels of accountability and managerialcompetence within each bank. Essentially,the effective supervision of the internationalbanking system requires sound governancestructures within each bank, especially withrespect to multi-functional banks that oper-

ate on a transnational basis. A sound govern-ance system can contribute to a collabora-tive working relationship between banksupervisors and bank management.

The Basel Committee on BankingSupervision (Basel Committee) has alsoaddressed the issue of corporate governanceof banks and multinational fmancial con-glomerates, and has issued several reportsaddressing specific topics on corporate gov-ernance and banking activities. Thesereports set forth the essential strategies andtechniques for the sound corporate govern-ance of fmancial institutions, which can besummarised as follows:

— '[e]stablishing strategic objectives and aset of corporate values that are commu-nicated throughout the banking organi-sation';

— '[s]etting and enforcing clear lines ofresponsibility and accountabilitythroughout the organisation';''^

— '[ejnsuring that board members arequalified for their positions, have aclear understanding of their role incorporate governance and are notsubject to undue influence frommanagement or outside concerns';

— '[ejnsuring that there is appropriateoversight by senior management';

— '[ejffectively utilising the workconducted by internal and externalauditors, in recognition of the impor-tant control function they provide';

— '[ejnsuring that compensationapproaches are consistent with thebank's ethical values, objectives,strategy and control environment';and

— '[cjonducting corporate governance in a, 44

transparent manner .

These standards recognise that senior man-agement is an integral component of thecorporate-governance process, while theboard of directors provides checks and bal-

ances to senior managers, and that seniormanagers should assume the oversight rolewith respect to line managers in specificbusiness areas and activities. The effective-ness of the audit process can be enhanced byrecognising the importance and indepen-dence of the auditors and requiring manage-ment's timely correction of problemsidentified by auditors. The organisationalstructure of the board and managementshould be transparent, with clearly identifi-able lines of communication and responsi-bility for decision-making and businessareas. Moreover, there should be itemisationof the nature and the extent of transactionswith affihates and related parties.45

46Basel IIThe New Basel Capital Accord (Basel II)contains the first detailed framework ofrules and standards that supervisors canapply to the practices of senior manage-ment and the board for banking groups.Bank supervisors will now have the discre-tion to approve a variety of corporate gov-ernance and risk management activities forinternal processes and decision making, aswell as substantive requirements for esti-mating capital adequacy and a disclosureframework for investors. For example,under Pillar One, the board and seniormanagement have responsibility for over-seeing and approving the capital rating andestimation processes.''̂ Senior managementis expected to have a thorough understand-ing of the design and operation of thebank's capital rating system and its evalua-tion of credit, market, and operationalrisks.'*** Members of senior managementwill be expected to oversee any testingprocesses that evaluate the bank's compli-ance with capital adequacy requirementsand its overall control environment. Seniormanagement and executive members ofthe board should be in a position to justifyany material differences between estab-lished procedures set by regulation and


actual practice."*'̂ Moreover, the reportingprocess to senior management should pro-vide a detailed account of the bank's inter-nal ratings-based approach for determiningcapital adequacy.^°

Pillar One has been criticised as allowinglarge, sophisticated banks to use their owninternal ratings methodologies for assessingcredit and market risk to calculate theircapital requirements.^' This approach reliesprimarily on historical data that may besubject to sophisticated apphcations thatmight not accurately reflect the bank's truerisk exposure, and it may also fail to takeaccount of events that could not be fore-seen by past data. Moreover, by allowingbanks to use their own calculations toobtain regulatory capital levels, the capitalcan be criticised as being potentially incen-tive-incompatible.

Pillar Two seeks to address this problemby providing for both internal and externalmonitoring of the bank's corporate gov-ernance and risk-management practices.^^Banks are required to monitor their assess-ments of financial risks and to apply capitalcharges in a way that most closely approxi-mates the bank's business risk exposure.^''Significantly, the supervisor is nowexpected to play a proactive role in thisprocess by reviewing and assessing thebank's ability to monitor and comply withregulatory capital requirements. Supervi-sors and bank management are expected toengage in an ongoing dialogue regardingthe most appropriate internal control pro-cesses and risk-assessment systems, whichmay vary between banks depending ontheir organisational structure, business prac-tices, and domestic regulatory framework.

Pillar Three also addresses corporategovernance concerns by focusing on trans-parency and market-discipline mechanismsto improve the flow of informationbetween bank management and investors.̂ "*The goal is to align regulatory objectiveswith the bank's incentives to make profits

for its shareholders. Pillar Three seeks todo this by improving reporting require-ments for bank capital adequacy. Thiscovers both quantitative and qualitativedisclosure requirements for both overallcapital adequacy and capital allocationbased on credit risk, market risk, opera-tional risk, and interest rate risks.̂ ^

Pillar Three sets forth important propo-sals to improve transparency by linkingregulatory capital levels with the quality ofdisclosure.^'' This means that banks willhave incentives to improve their internalcontrols, systems operations, and overallrisk-management practices if they improvethe quality of the information regardingthe bank's risk exposure and managementpractices. Under this approach, share-holders would possess more and betterinformation with which to make decisionsabout well-managed and poorly managedbanks. The downside of this approach isthat, in countries with undevelopedaccounting and corporate-governanceframeworks, the disclosure of such infor-mation might lead to volatilities that mightundermine financial stability by causing abank run or failure that might not haveotherwise occurred had the informationbeen disclosed in a more sensitive manner.Pillar Three has not yet provided a usefulframework for regulators and bank man-agement to coordinate their efforts in therelease of information that might create avolatile response in the market.

Although the Basel Committee hasrecognised that 'primary responsibility forgood corporate governance rests withboards of directors and senior managementof banks',^^ its 1999 report on corporategovernance suggested other ways to pro-mote corporate governance, including lawsand regulations; disclosure and listingrequirements by securities regulators andstock exchanges; sound accounting andauditing standards as a basis for communi-cating to the board and senior manage-

ment; and voluntary adoption of industryprinciples by banking associations thatagree on the publication of sound prac-

5«

In this respect, the role of legal issues iscrucial for determining ways to improvecorporate governance for financial institu-tions. There are several ways to help pro-mote strong businesses and legalenvironments that support corporate gov-ernance and related supervisory activities.These include enforcing contracts, includ-ing those with service providers; clarifyingsupervisors' and senior management's gov-ernance roles; ensuring that corporationsoperate in an environment free from cor-ruption and bribery; and aligning laws,regulations, and other measures with theinterests of managers, employees, andshareholders.

These principles of corporate governancefor fmancial institutions, as set forth by theOECD and the Basel Committee, havebeen influential in determining the shapeand evolution of corporate-governancestandards in many advanced economies anddeveloping countries and, in particular,have been influential in establishing internalcontrol systems and risk-managementframeworks for banks and fmancial institu-tions. These standards of corporate govern-ance are likely to become international inscope and to be implemented into the reg-ulatory practices of the leading industrialstates.

It should be noted, however, that inter-national standards of corporate governancemay result in different types and levels ofsystemic risk for different jurisdictions dueto differences in business customs and prac-tices and the differences in institutional andlegal structures of national markets. There-fore, the adoption of international stan-dards and principles of corporategovernance should be accompanied bydomestic regulations that prescribe specificrules and procedures for the governance of

financial institutions, which address thenational differences in political, economic,and legal systems.

Although international standards of cor-porate governance should respect diverseeconomic and legal systems, the overridingobjective for all financial regulators is toencourage banks to devise regulatory con-trols and compliance programmes thatrequire senior bank management and direc-tors to adopt good regulatory practicesapproximating the economic risk exposureof the financial institution. Because differ-ent national markets must protect againstdifferent types of economic risk, there areno universally correct answers accountingfor differences in financial markets, andlaws need not be uniform from country tocountry. Recognising this, sound govern-ance practices for banking organisationscan take place according to different formsthat suit the economic and legal structureofa particular jurisdiction.

Nevertheless, the organisational structureof any bank or securities firm shouldinclude four forms of oversight: oversightby the board of directors or supervisoryboard; oversight by non-executive indivi-duals who are not involved in the day-to-day management of the business; oversightby direct line supervision of different busi-ness areas; and oversight by independentrisk management and audit functions. Reg-ulators should also utilise approximate cri-teria to ensure that key personnel meet fitand proper standards. These principlesshould also apply to government-ownedbanks, but with the recognition that gov-ernment ownership may often mean differ-ent strategies and objectives for the bank.

UK CORPORATE GOVERNANCE ANDBANKING REGULATION

Duties of directorsAlthough the traditional model of UK cor-porate governance focuses on shareholder


wealth maximisation, it should be notedthat English company law has traditionallystated that directors owe a duty to thecompany, not to individual shareholders.^''This position has been interpreted as mean-ing that directors owe duties of care andfiduciary duties directly to the shareholderscollectively in the form of the company, andnot to the shareholders individually.'^'^ Inessence, a director owes duties to the com-pany and not to individual shareholders.'''

In the case of bank directors, Englishcourts have addressed the duties andresponsibilities of senior management anddirectors over the affairs of a bank. Theclassic statement of directors' duties regard-ing a bank was in the Marquis of Bute'sCase.' The Marquis had inherited theoffice of president of the Cardiff SavingsBank when he was six months old.̂ ^ Overthe next 38 years, he attended only oneboard meeting of the bank before he wassued for negligence in failing to keep him-self informed about the bank's recklesslending activities. The judge rejected theliability claim on the grounds that, as adirector, the Marquis knew nothing aboutthe affairs of the bank and furthermore hadno duty to keep himself informed of thebank's affairs.*''' In reaching its decision, thecourt did not apply a reasonable personstandard to determine whether the Marquisshould have kept himself informed aboutthe bank's activities.

The case stands for the proposition that a'reasonable person' test would not beapplied to acts or omissions of a director orsenior manager who had failed to keephimself informed of the bank or company'sactivities. In subsequent cases, the courtswere reluctant to apply such a lenient liabi-lity standard. In Dovey v Cory^^ a thirdparty brought an action in negligenceagainst a company director for malpracticeand the court applied a reasonable personstandard in finding the director notliable.' The court found that the director

had not acted negligently in receiving sus-picious information from other companyofficers and in failing to investigate anyfurther irregularities in company practice.''^The significance of the case, however, wasthat the court recognised that a reasonableperson test should be applied to determinewhether a director had breached its duty ofcare and skill. But the reasonable persontest would not be that of a 'reasonable pro-fessional director' — rather, it would bethat of a reasonable man who had possessedthe particular ability and skills of the actualdefendant in the case.' If we were toapply this reasonable person standard to theMarquis of Bute case, it would have beendifficult to impose liability on the Marquisfor breach of duty because he would nothave possessed the requisite skills to makean informed judgment, and therefore couldhave avoided liability on the grounds thathe had no training or knowledge regardinghow to manage a bank.''^ In contrast, basedon the ruling in Dovey v Cory, it wouldhave been easier to impose liability on anexperienced and skilled senior managerwho had failed to act on information thatwas of direct relevance to the company'soperations. In the limited circumstancesthat liability could be demonstrated, theremedy would be damages.

Based on the above, the legal frameworkfor holding directors and senior managersliable for breach of duty under English lawprovided limited redress for shareholdersseeking to recover damages for negligentmanagement of a financial institution.Shareholders were required to establishthat the defendant board member/seniormanager possessed particular skills and thatthose skills were not exercised appropri-ately in discharging the management func-tion. The difficulties in bringing an actionfor breach of duty led UK policy makersto devise a regulatory regime that allowedboth shareholders and regulators to holdmanagers and board members directly

accountable for breach of a regulatory stan-dard regardless of the skills, knowledge ortraining of the defendant. This liabilityregime is set forth in the UK Financial Ser-vices and Markets Act 2000 and the Finan-cial Services Authority's regulatory regime.

The Financial Services and Markets Act:The statutory frameworkThe Financial Services and Markets Act2000 (FSMA) and its accompanying reg-ulations create a regime founded on a risk-based approach to the regulation of allfinancial business. FSMA's stated statutoryobjectives are to maintain confidence in thefinancial system, to promote public aware-ness, to provide 'appropriate' consumerprotection, and to reduce financial crime.FSMA created the Financial ServicesAuthority (FSA) as a single regulator ofthe financial services industry with respon-sibility, inter alia, for banking supervisionand regulation of the investment servicesand insurance industries.

To achieve these objectives, the FSA hasbeen delegated legislative authority toadopt rules and standards to ensure that thestatutory objectives are implemented andenforced. The FSA has established a regu-latory regime that emphasises ex ante pre-ventative strategies, including front-endintervention when market participants aresuspected of not complying with their obli-gations. Under the FSMA framework, reg-ulatory resources are redirected away fromreactive, post-event intervention towards amore proactive stance emphasising the useof regulatory investigations and enforce-ment actions, which have the overall objec-tive of achieving market confidence andinvestor and consumer protection.

The FSA's main functions will be form-ing policy and setting regulation standardsand rules (including the authorisation offirms); approval and registration of seniormanagement and key personnel; investiga-tion, enforcement and discipline; consumer

relations; and banking and financial super-vision. The FSMA requires the FSA toadopt a flexible and differentiated risk-based approach to setting standards andsupervising banks and financial firms. TheFSA has authority to enter into negotia-tions with foreign regulators and govern-ments regarding a host of issues, includingagreements for the exchange of informa-tion, coordinating implementation of EUand international standards, and cross-border enforcement and surveillance oftransnational financial institutions.

The FSA's corporate governance regimeA major consequence of FSMA is its directimpact on corporate governance standardsfor UK financial firms through its require-ment of high standards of conduct forsenior managers and key personnel of regu-lated financial institutions. The main idea isbased on the belief that transparency ofinformation is integrally related toaccountability in that it can provide gov-ernment supervisors, bank owners, cred-itors, and other market participantssufficient information and incentive toassess a bank's management. To this end,the FSA has adopted comprehensive regu-lations that create civil liability for seniormanagers and directors for breaches bytheir firms, even if they had no directknowledge or involvement in the breachor violation itself. For example, if the regu-lator finds that a firm has breached rulesbecause of the actions of a rogue employeewho has conducted unauthorised trades orstolen client money, the regulator maytake action against senior management forfailing to have adequate procedures inplace to prevent this from happening.

High-level principlesThe FSA has incorporated the eleven high-level principles of business that were partof previous UK fmancial services legisla-tion. They applied to all persons and


firms in the UK financial services industry.These principles also apply to senior man-agement and directors of UK financialfirms. The most widely invoked of theseprinciples are integrity; skill, care, and dili-gence; management and control; financialprudence; market conduct; conflicts ofinterests; and relations with regulators.FSA regulations often cite these principlesas a policy basis justifying new regulatoryrules and standards for the fmancial sector.These principles are also used as a basis toevaluate the suitability of applicants tobecome approved persons to carry onfinancial business in the UK.

Principle Two states that '[a] firm mustconduct its business with due skill, care anddiligence'. The FSA interprets this princi-ple as setting forth an objective, reasonableperson standard for all persons involved inthe management and direction ofauthorised financial firms. The reasonableperson standard also applies to PrincipleNine, which provides a basic frameworkfor internal standards of corporate govern-ance by requiring that a financial firm'organise and control its internal affairs in aresponsible manner'.^^ Regarding employ-ees or agents, the firm 'should have ade-quate arrangements to ensure that they aresuitable, adequately trained and properlysupervised and that it has well-definedcompliance procedures'.

In addition, the FSA has adopted its ownstatement of principles for all approvedpersons, which includes integrity in carry-ing out functions, acting with due skilland care in carrying out a controlled func-tion,^' observing proper standards ofmarket conduct,^^ and dealing with theregulator in an open and honest way.The FSA has also adopted additional prin-ciples that apply directly to senior man-agers and require them to take reasonablesteps to ensure that the regulated businessof their firm is organised so that it can becontrolled effectively.̂ "* The objective, rea-

sonable person test is reinforced in Princi-ple Six with the requirement that seniormanagers 'exercise due skill, care and dili-gence in managing the [regulated] business'of their firm.̂ ^ Additionally, senior man-agers must take reasonable steps to ensurethat the regulated business of their firmcomplies with all applicable require-ments.̂ '̂ These high-level principlesdemonstrate that an objective regulatorystandard of care exists to govern the actionsof senior managers and directors in theirsupervision and oversight of the bankingfirm.

AuthorisationFSMA s. 56 provides the legal basis forauthorising financial firms and indivi-duals. ^ Based on this authority, the FSAprovides a single authorisation regime forall firms and approved individuals whoexercise controlled functions in the finan-cial services industry. The FSA can imposea single prohibition on anyone who is notan authorised or exempt person from car-rying on regulated activities.^^ Any personwho does so can be subject to civil finesand may be adjudicated guilty of a crim-inal offence. The FSA takes the view thatits authorisation process is a fundamentalpart of its risk-based approach to regula-tion.

The FSA discharges its function by scru-tinising, at entry level, firms and indivi-duals who satisfy the necessary criteria(including honesty, competence, and finan-cial soundness) to engage in regulatedactivity. The authorisation process of theFSA regulations seeks to prevent most reg-ulatory problems by maintaining a thor-ough vetting system for those seekinglicences to operate or work in the financialsector. The FSA has discretionaryauthority to exercise its powers in anyway that it 'considers most appropriate forthe purpose of meeting [its regulatory]objectives'.91

The FSA will take three factors intoaccount when determining fitness and pro-priety in the authorisation process. First, itmust make a determination that the appli-cant is honest in its dealings with consu-mers, professional market participants, andregulators.^^ This is known as the 'hon-esty, integrity, and reputation' require-ment. Secondly, the FSA requires theapplicant to have competence and capabil-ity — that is, the necessary skills to fulfilthe functions that are assigned orexpected. Thirdly, an applicant must beable to demonstrate financial soundness.These are objective standards that must befulfilled to engage in the banking or finan-cial business.

In addition, a firm or an individualapplying for authorisation must submit abusiness plan detailing its intended activ-ities, with a level of detail appropriate forthe level of risks. The FSA will determinewhether employees, the company board,and the firm itself meet the minimumrequirements set out in the Act. It is a corefunction of the FSA authorisation processthat the regulator satisfy itself that theapplicants and their employees are capableof identifying, managing, and controllingvarious financial risks and can performeffectively the risk-management functions.

Senior management arrangements,systems and controlsThe FSMA aims to regulate the activitiesof individuals who exert significant influ-ence on the conduct of a firm's affairs inrelation to its regulated activities. Pursuantto this authority, the FSA has divided theseindividuals into two groups: members ofgoverning bodies of firms, such as direc-tors, members of managing groups of part-ners, and management committees, whohave responsibility for setting the firm'sbusiness strategy, regulatory climate, andethical standards; and members of seniormanagement to whom the firm's govern-

ing body has made significant delegation ofcontrolled functions. ^ Controlled func-tions include, inter alia, internal audits, riskmanagement, leadership of significant busi-ness units, and compliance responsibil-ities.'̂ ^ The delegation of controlledfunctions likely would occur in a numberof contexts, but would occur particularlyin companies that are part of complexfmancial groups.

The FSA is required to regulate in a waythat recognises senior managements'responsibility to manage firms and toensure the firms' compliance with regula-tory requirements. FSA regulations aredesigned to reinforce effective senior man-agement and internal systems of control.At a fundamental level, firms are requiredto 'take reasonable care to establish andmaintain such systems and controls as areappropriate to [their] business'.^^ The FSArequires senior management to play themain role in ensuring that effective govern-ance structures are in place, overseeing theoperation of systems and controls, andmaintaining strong standards of account-ability.

More specifically, the FSA requires firmsto take reasonable care to establish andmaintain an appropriate apportionment ofresponsibilities among directors and seniormanagers in a way that makes their respon-sibilities clear. They also are required totake reasonable care to ensure that internalgovernance systems are appropriate to thescale, nature, and complexity of the firm'sbusiness.'°' This reasonable care standardalso applies to the board of directors andcorporate officers who must exercise thenecessary skill and care to ensure that effec-tive systems and controls for complianceare in place. Unlike the reasonable carestandard at common law, the reasonablecare standard in the FSA regulations is anobjective standard that expects corporateofficers and board members to complywith a certain skill level when exercising


their functions. It will not be a defence forthem merely to claim ignorance or lack ofexpertise if they fail to live up to the objec-tive standard of care that requires them toestablish and to maintain systems and con-trols appropriate to the scale, nature, andcomplexity of the business.^"

Furthermore, a company's most seniorexecutives, alone or with other seniorexecutives from different companies in thesame corporate group, are required toapportion senior management responsibil-ities according to function and capability,and to oversee the establishment andmaintenance of the firm's systems andcontrols. Corporate officers' and direc-tors' failure to act reasonably in apportion-ing responsibilities may result in substantialcivil sanctions and, in some cases, restitu-tion orders to shareholders for any lossesarising from these breaches of duty. Inaddition to shareholders' private remediesfor restitution, the FSA may impose addi-tional and unlimited civil sanctions andpenalties on individuals who are officers ordirectors in an amount that the FSAdeems appropriate, even though the indi-viduals in question may not have beeninvolved directly in the offence in ques-tion. The decision to impose personalliability can arise from the senior man-ager's failure to comply with the objectivestandard of care.

The FSA regulations for internal systemsand controls address the problem, whichexisted at common law and in the Compa-nies Act, of requiring only a subjective,reasonable person test to determinewhether a board member met his or herduty of care and skill. Firms and theirsenior managers and officers are nowrequired to comply with a heightenedobjective standard set by the FSA throughits authorisation process or enforcementrules. For example, if a senior manager hasexercised a controlled function in violationof the regulatory rules, and the FSA finds

the manager to be in contravention of hisor her legal obligations, the FSA mayimpose 'a penalty, in respect of the contra-vention, of such amount as it considers

106

appropriate .The regulations seek to ensure that the

firm's system and control requirementswill be proportionate to the size and natureof the firm's business. Moreover, corporateofficers and directors of a bank or financialfirm also have the responsibility to ensurethat compliance with these systems andcontrols is linked in a meaningful way tothe authorisation process.

The FSA has undertaken a number ofenforcement actions to enforce these stan-dards and to impose sanctions on seniormanagers for failing to act reasonably inmaintaining internal controls and reportingwrongdoing by lower level employees, hithe Credit Suisse Financial Products case,the FSA disciplined three senior managersof Credit Suisse Financial Products (CSFP,now Credit Suisse First Boston). Two weredisciplined for inappropriate conduct andthe other one (the former chief executive)was disciplined for failing to implementthe appropriate system of internal con-trols. The FSA imposed a fine of/;i50,000 on the former CEO for failingto detect or prevent attempts to misleadthe Japanese tax authorities in an audit ofthe firm's Japanese operations.

Although the FSA found that the CEOhad properly delegated responsibility forcomplying with the firm's audit to othermanagers who had failed to execute theirdelegated function, it held nonetheless thatthe CEO was liable and thus subject to sanc-tions. Specifically, the FSA held that theCEO had failed to monitor and supervisestaff, and to discern and investigate and totake preventative measures after it becameapparent that the firm's employees wereengaged in illegal conduct under Japaneselaw. The FSA's case rested on the factthat the CEO had received documents that

would have provided him with the neces-sary information to discover the employees'misconduct had he read the documents. Byfailing to read the documents the CEO hadviolated the reasonable person standard fora person in his position, which preventedhim from becoming aware of the miscon-duct which he agreed was inappropriateand illegal. The enforcement action showshow the FSA might act under the FSMAregime were a senior manager to breach thereasonable expectations of the FSA regula-tory standards. Moreover, the case revealsthe extraterritorial extent of the FSA's regu-latory regime and how it can impose civilsanctions on financial market professionalsfor misconduct that takes place in other jur-isdictions.

The UK FSA regulates UK banks andcredit institutions and has devised pruden-tial supervisory and regulatory standards toenhance the corporate governance frame-works of UK banks and financial institu-tions. These standards seek to address theprincipal-agent problem through: enhancedmonitoring; improved disclosure andaccounting practices; better enforcement ofcorporate governance rules and the corpo-rate governance framework; and strength-ening of institutions through marketdiscipline. They also require banks to estab-lish internal compliance programmes tomonitor other types of risk arising fromthe growing problem of financial crime.

UK financial policy recognises theimportance of authorising the financialregulator to balance these interests to pro-tect the safety and soundness of the finan-cial system and to promote economicgrowth and development. In contrast, USbanking regulation adopts a more prescrip-tive approach in which the regulatorapplies more precise and uniform criteriafor assessing the safety and soundness of abanking institution. The regulator is con-cerned not only with fmancial stability butwith vindicating the rights of creditors

and depositors to the extent that it protectsthe deposit insurance fund. US bankinglaw and regulation, however, has madesignificant strides in adopting standardsand rules that seek to reduce the principal-agent problem witbin tbe corporate groupof banks.

It is submitted that this model of corpo-rate governance that relies on the regula-tor playing a key role in devisinggovernance standards and ensuring thatsenior management and directors complywith their duties is an important develop-ment in the regulation of financial mar-kets. In the past, however, manyregulators have played a passive role andnot engaged with financial institutions indevising corporate governance structuresthat fit the risk profile of a banking insti-tution. The globalisation of fmancial mar-kets and increasing financial fragility inmany fmancial systems necessitates a moreproactive role by regulators in monitoringand evaluating the risk profile of financialinstitutions. The Basel II framework sug-gests that regulators engage more withbanks in devising corporate governancestandards. UK fmancial law and regulationbas moved in this direction.

CONCLUSIONThis paper suggests that bank regulationshould seek to balance the interests ofshareholders with management creditors,depositors, and other stakeholder interestsin order to achieve the overall objective offinancial stability. Specifically, the regula-tor has the primary role to play in devisingstandards of corporate governance forbanks and financial institutions because ofthe externality risk that banks pose to tbebroader economy and the unique role ofthe regulator in assessing and managingbank risk-taking. An efficient corporategovernance framework should rely less ona strict application of statutory codes andregulatory standards, and more on the


design of flexible, internal compliance pro-grammes that fit the particular risk leveland nature of the bank's business. Toaccomplish this, the regulator should playan active role with bank management indesigning internal control systems and riskmanagement practices that seek to achievean optimal level of protection for share-holders, creditors, customers, and thebroader economy. The regulator essentiallysteps into the shoes of these various stake-holder groups to assert stakeholder interestswhile ensuring that the bank's governancepractices do not undermine the broadergoals of macroeconomic growth and fman-cial stability. The proactive role of the reg-ulator IS considered necessary because ofthe special risk that banks and fmancialfirms pose to the broader economy.

It would be too extreme to describefinancial regulation as a substitute for cor-porate governance practices — it would bemore accurate to describe its role as redu-cing the collective-action problem in repre-senting broader stakeholder interests in theeconomy to ensure that adequate govern-ance standards are adopted to mitigate thesocial costs of bank risk-taking. Basel IIrepresents a major change in the practice ofregulation that involves regulators workingwith financial institutions to apply stan-dards to bank risk-taking activity thatreflects the particular risk profile of thebank. The UK FSA regulatory regime pro-vides a comprehensive framework of cor-porate governance that recognises theimportant role played by the regulator inbalancing the main stakeholder interests.The regulator enforces corporate govern-ance standards by applying a reasonableperson standard to determine whether theactions of managers and key personscomply with FSA regulatory requirements.Moreover, an important aspect of UKbank regulation involves its recognition ofthe relationship between the internal gov-ernance framework of banks and the incen-

tive structure for risk-taking. This meansthe regulator must be diligent in overseeingcompliance and possess the resources toenforce standards by imposing sanctionsand allowing various stakeholders to seeklegal redress.

© Kern Alexander

REFERENCES

(1) Mehran, H. (2003) 'Critical Themes inCorporate Governance', FRBNYEconomic Policy Review, April; Macey, J.and O'Hara, M. (2003) The CorporateGovernance of Banks', FRBNY EconomicPolicy Review, Federal Reserve Bank ofNew York, pp. 91-107.

(2) Briault, C. (1999) 'The Rationale for aSingle National Financial Services Reg-ulator', Occasional Paper Series 2, May,Financial Services Authority, p. 7;Dewatripont, M. and Tirole, J. (1994)'The Prudential Regulation of Banks',MIT Press, Cambridge, MA; Norton,J.J. (1995) 'Devising International BankSupervisory Standards', Kluwer, Dor-drecht, The Netherlands.

(3) Eatwell, J. and Taylor, L. (2000) 'GlobalFinance at Risk', Polity Press, Cam-bridge, UK.

(4) Underpriced financial assets can result inimprudent lending and trading activityfor hanks and lead to increased solvencyrisks. See Dewatripont and Tirole, ref. 2above, pp. 23—25. Moreover, the differ-ence between the private costs and thesocial costs of bank risk-taking is thenegative externality imposed on societyvia depositors, borrowers and other banks.

(5) The social cost of bank risk-taking cantake the form of a general loss of confi-dence by depositors in the banking sector(bank run) ^vhich will force banks to selloff their assets at prices far below theirhistoric costs. Also, a defaulting bank'suninsured liabilities to other banks orfinancial institutions can serve as a sourceof contagion that can create substantiallosses for other banks whose unfundedexposures to counterparties derive from

the original defaulting bank. Bank risk- (14)taking therefore creates a negative extern-ality for the broader economy thatprovides the major rationale for bankingregulation. See Banking, Finance and (15)Money.

(6) Dow, J. (2000) 'What is Systemic Risk?Moral Hazard, Initial Shocks, and Propa-gation', Monetary and Economic Studies,Vol. 21, pp. 1-24.

(7) Goodhart, C.A.E., Hartmann, P., Llewel-lyn, D., Rojas-Suarez, L. and Weisbrod,S. (1988) 'Financial Regulation: Why,How and Where Now?', Routledge, (16)London, UK.

(8) See Hawkins, J. and Turner, P. (2000)'Managing Foreign Debt and LiquidityRisks in Emerging Economies: AnOverview', BIS Policy Papers, Septem- (17)her, pp. 8—9; http://www.bis.org/publ/plcyO8

(9) Basel Committee on Banking Super-vision (1999) 'Enhancing Corporate (18)Governance for Banking Organizations',Bank for International Settlements (BIS).

(10) For instance, while workers know thelevel of effort they are putting into theirjobs, the employer may be unable toobserve how hard they are working.This means that workers may shirk theirduties rather than work as hard as theiremployers may wish.

(11) Stiglitz, J. (1989) 'Principal and Agent'in J. Eatwell, M. Milgate and P.Newman (eds), 'The New Palgrave:Allocation, Information and Markets',Macmillan Press, Basingstoke, p. 241.

(12) Allen, F. and Gale, D. (1997) 'Compar-ing Financial Systems', pp. 93—97.

(13) Does the manager have better informa-tion? Perhaps the best evidence thatmonitors possess inferior informationrelative to managers lies in the fact thatmonitors often employ incentive (19)mechanisms rather than relying comple- (20)tely on explicit directives alone. For (21)example, such incentive mechanisms (22)may take the form of tying a portion of (23)a manager's compensation to thecompany performance in the stockmarket through the use of stock options. (24)

Stiglitz, J. E. (1987) 'The Causes andConsequences of the Dependence ofQuality on Price', Journal of Economic Lit-erature, Vol. 25, No. 1, p. 6.Ibid., p. 3, 18. Overall, the presence ofasymmetric information can preventcertain equilibrium outcomes frombeing achieved, and the market equili-bria that often result fail to be Paretooptimal, showing the importance ofperfect information for the efficientoperation of fmancial markets and effi-cient management of financial firms.Stiglitz, J. E. and Weiss, A. (1981)'Credit Rationing in Markets withImperfect Information', AmericanEconomic Review, Vol. 71, pp. 393—394,409.

Flannery, M. and Ellis, D. (2002) 'Doesthe Debt Market Assess Large Banks'Risks?', Journal of Monetary Economics,December, pp. 481-502, 483-485.The Federal Deposit Insurance Corpora-tion (FDIC) was established by statuteduring the Great Depression in 1931 toprovide deposit insurance to the deposi-tors of failed US banking institutions.During its first 60 years, it assessed theinsured institutions at the same flat ratefor̂ deposit-insurance coverage.

Although the FDIC was crucial forrestoring depositor confidence in the USbanking system following the 1940s andundoubtedly played a key role in therecapitalisation of US banks, it was criti-cised for creating moral hazard amongbank managers and depositors whoperceive respectively that they can bebailed out for making poor lending deci-sions and depositing money. See Kane,E.F. (1989) 'The S&L Insurance Mess:How Did it Happen?', Urban InstitutePress, Washington, DC.Kane, ref. 18 above.Ibid.57 Fed. Reg. 45263 (1st October, 1992).58 Fed. Reg. 34357 (25th June, 1993).See 12 C.P.R. § 327. The transition reg-ulations were in effect from 1st January,1993 to 1st January, 1994.

12 U.S.C. § 1817(b)(l)(C).


(25) FDIC V Coushatta, 930 F. 2d 122 {5thCir.), cert, denied, 502 U.S. 857 (1991).

(26) 12 C.F.R. § 327.3 (e)(l).(27) 12 C.F.R. § 327.3(e)(l)(ii).(28) Flannery, M. (1991) 'Pricing Deposit

Insurance when the Insurer MeasuresBank Risk with Error', Journal ofBanking and Finance, September, pp.975-998.

(29) Arrow, K. (1965) 'Aspects of the Theoryof Risk-Bearing', Aldine-Atherton, (38)Chicago, IL.

(30) See ref 28 above, pp. 981-87.(31) Macey et al. (2003) See ref. 1 above.(32) See ref 16 above^(33) See Biais, B. and Pagano, M. (2002) (39)

'New Research in Corporate Finance (40)and Banking', Oxford, pp. 190-202 (dis- (41)cussing conflicts between shareTiolders (42)and management). —- (43)

(34) For details on attempts to align regula- (44)tory capital with economic risk, see (45)Basel Committee on Banking Supervi-sion (2001) 'Second Consultative Paperof the New Basel Accord', 16th January,http://www.bis.org/publ/bcbscaO3.pdf(hereinafter Second Consultative Paper).

(35) See Art. 6(1) of the European Conventionon Human Rights. See also R (on theapplication of Fleurose) u Securities andFutures Authority Ltd [2001] EWHCAdmin 292 [2001] 2 All ER (Comm) 481.

(36) See Organization for Economic Coop-eration and Development (OECD),Survey of Corporate Governance Devel-opments in OECD Countries 12, http://www.oecd.org/dataoecd/58/27/21755678.pdf (2002) (noting that -banks (46)'[i]n several countries .. . have had animportant place in the overall corporategovernance system, serving both a moni-toring and a fmancial role').

(37) The most important of these reports areBasel Committee on Banking Supervi-sion (2000) 'Principles for the Manage-ment of Credit Risk', http://www.bis.org/publ/bcbsl25.pdf; BaselCommittee on Banking Supervision (47)(1998) 'Framework for Internal ControlSystems in Banking Organisations',http://www.bis.org/publ/bcbs40.pdf;

Basel Committee on Banking Supervi-sion (1998) 'Enhancing Bank Transpar-ency: Public Disclosure and SupervisoryInformation that Promote Safety andSoundness in Banking Systems', http://www.bis.org/ publ/bcbs41.pdf; andBasel Committee on Banking Super-vision (1997) 'Principles for the Manage-ment of Interest Rate Risk', http://www.bis.org/publ/bcbs29a.pdfBasel Committee on Banking Super-vision (1999) 'Enhancing CorporateGovernance for Banking Organisations5', http://www.bis.Org/publ./bcbs56.pdf(September).Ibid.

Ihid. at p. 6.

Ihid. at p. 7.

Ihid.

Ihid. at p. 8.

Ihid.

The International Accounting StandardsCommittee defmes 'related parties' asparties who are able to exercise 'control'or 'significant influence'. Cairns, D. andNobes, C. (2000) 'The ConvergenceHandbook: A Comparison BetweenInternational Accounting Standards andUK Financial Reporting Requirements101', Institute of Chartered Accountantsin England and Wales. Such controlledrelationships include parent-subsidiary;entities under common control; associ-ates; individuals who, through owner-ship, have significant influence over theenterprise, and close members of theirfamilies; and key management personnel.Basel Committee on Banking Super-vision (2003) 'The New Basel CapitalAccord (Consultative Document)',http://www.bis.org/publ.bcbscaO3.pdf(April) [hereinafter Basel II]. See discus-sion in Ward, J. (2002) 'The supervisoryapproach: A critique'. Working PaperNo. 2, The Cambridge Endowment forResearch in Finance, www.cerf.cam.ac.ukIhid. at para. 400. Pillar One states, inrelevant part, as follows: 'All materialaspects of the rating and estimation pro-cesses must be approved by the bank's

board of directors or a designated com-mittee thereof and senior management.These parties must possess a generalunderstanding of the bank's risk ratingsystem and detailed comprehension of itsassociated management reports.'

(48) Ibid. (60)(49) //;/(/. at para. 401. (61)(50) Ihid. at para. 402.(51) See, eg, Ward, J. (2002) 'The new Basel

accord and developing countries:Problems and alternatives'. WorkingPaper No. 4, The Cambridge Endow-ment for Research in Finance,www.cerf.cam.ac.uk at p. 11 (describingBasel IFs reliance on banks' own riskestimates as a 'fundamental weakness').

(52) See Basel II, ref. 46 above, at pp. 11-29(discussing the supervisory reviewprocess).

(53) Ibid, at para. 680.(54) Ihid. at paras. 758-59; Ward, ref 51

above n. 116 (Working Paper No. 04),at p. 9.

(55) See Basel II, ref. 51 above, at pp. 22-27(detailing both quantitative and qualita-tive disclosure enhancing requirements).

(56) See ihid. at para. 758 (explaining that'[t|he purpose of Pillar [Three] . . . is tocomplement the minimum capitalrequirements [of Pillar One]').

(57) Basel Committee, ref 38 above, at p. 10.(58) Ihid. (62)(59) Percival v Wright [1902] 2 Ch 421, 425-

26 (rejecting shareholders' demand that (63)share sales be set aside on grounds that (64)company chairman and directors (65)breached duty owed to shareholders). (66)See also Re Chez Nico Ltd [1992] BCLC (67)192 (1991) (stating that, 'in general direc- (68)tors do not owe fiduciary duties toshareholders but owe them to thecompany'). This principle applies only tothose duties owed by directors to thecompany that arise out of their appoint-ment as company directors. It would notapply for instance to directors' duties (69)that arose from a special relationshipbetween directors and shareholders basedon particular facts. See discussion in (70)Davies, P.L. (2003) 'Gower and Davies'

Principles of Modern Company Law',7th edn. Sweet and Maxwell, UK, pp.374-75, and also Boyle, L., Potts QC.R. and Sealy, L.S. (1986) 'Gore-Browneon Companies', 44th edition, JordanPublishing Ltd, s.12.17.Gower and Davies, ref. 59 above, p 374.This case has been actively criticised inNew Zealand and Australia. The NewSouth Wales Court of Appeal in Brun-ninghausen v Ghvanics (1999) 32 ACSR294 recently refused to follow thedecision, thus following the lead takenby the New Zealand Court of Appeal inCokman v Myers [1977] 2 NZLR 225.The law has now evolved to a pointwhere the courts recognise that a fidu-ciary duty may be owed by directors toindividual shareholders in special circum-stances, such as where the company is afamily-run business. See also Pcskin vAnderson [2000] 2 BCLC 1 at p. 14 perNeuberger J and Peskin v Anderson (CA)[2001] 1 BCLC paras. 58-59. The judg-ments, both at first instance and in theCourt of Appeal, agreed that special cir-cumstances must be established, particu-larly in 'the specially strong context ofthe familial relationships of the directorsand shareholders and their relativepersonal positions of infiuence in thecompany concerned'.In Re Cardiff Savings Bank (Marquis ofBute's Case) [1892] 2 Ch. 100.Ihid. p. 105.Ihid.

[1901] AC 477.Ihid. pp. 492-493.Ihid.See In Re City Equitable Fire InsuranceCo. Ltd [1925] 1 Ch. 407, 408 (statingthat a director 'need not exhibit in theperformance of his duties a greaterdegree of skill than may reasonably beexpected from a person of his knowl-edge and experience').The Marquis became president of thebank when he was six months old. In ReCardiff Savings Bank [1892] 2 Ch. P. 105.Regarding fiduciary duties, Englishcompany directors have the paramount


(71)

(72)

(73)

duty of acting bona fide in the interest ofthe company. Specifically, this means thedirector individually owes a duty ofgood faith to the company, whiehmeans the director is a fiduciary of thecompany's interest. Although the direc-tor's fiduciary duties resemble the duties (74)of a trustee, they arc not the same. Theseare discussed in Davies and Gower, ref.59 above, Company Law p. 381. Thefiduciary duties of directors have beenset forth in the Companies Act and fallinto the following categories: the direc-tors may act only within the course andscope of duties conferred upon them bythe company memorandum or articles,and they must act in good faith inrespect to the best interest of thecompany, while not allowing their dis- (75)eretion to be limited in the decisionsthey make for the company. Moreover,a director who finds himself or herself inthe position of having a conflict of (76)interest will be required to take correc- (77)tive measures. The remedy for breach offiduciary duty is restitution or compen-sation for the value of the property dissi-pated or lost by the bank manager.The statute's title is the Financial Servicesand Markets Act 2000 c. 8 (Eng.) The (78)FSMA received Royal Assent on 14thJune, 2000. Ibid. The FSMA repealedexisting financial services legislation, (79)including the Banking Act of 1987, the (80)Financial Services Act of 1986, and thehisurance Companies Act of 1982.Briault, C. (1999) ref. 2 above.2000 c. 8 at s. 2. The UK Parliamentadopted FSMA, in part, as a response to (81)major financial scandals occurring in the1990s that resulted in the collapse of theBank of Credit and Commerce Intema-tional and Barings. See generally Maty- (82)jewicz, G. and Blackburn, S. (2003) TheNeed for Corporate Governance', http://www.gapent.com/sox/corporate_gover-nance.htm (May) (discussing high-profilescandals in the UK). (83)

Briault, ref. 2 above, at p. 5. The FSAhas been described as a 'super-regulator'and as one of the largest and most

powerful regulatory bodies in the world(ibid.). The FSA has been chartered byParliament as a company limited byguarantee, which is accountable to theTreasury and funded by industry levies.2000, c. 8 at s. 12.2000, c. 8 at s. 2.4. In so doing, the FSAmust have regard to seven principles,which include 'the desirability of facili-tating innovation in connection withregulated activities'; 'the need tominimise the adverse effects on competi-tion that may arise from anything donein the discharge of those functions'; and'the desirability of facilitating competi-tion between those who are subject toany form of regulation by the Author-ity'. 2000, c. 8, s. 2.3.FSA, Press Release, 'The FSA PublishesResponse Paper on Principles forBusiness', http://www.fsa.gov.uk/pubs/press/1999/099.html (12th October, 1999).Ibid.

FSA, 'Statement of Principle and Codeof Practice for Approved Persons § 4.2',http://www.fsa.gov.uk/handbook/lega-I_instruments/2001/novl5_aper.pdf (] stDecember, 2001) [hereinafter FSA Codeof Practice].FSA, Press Release, 'Paine WebberInternational (UK) Limited Fined;£350,000'.Ibid.

FSA Code of Practice, ref. 70 above, ats. 4.1.1. Principle One states, 'Anapproved person must act with integrity incarrying out his controlled function'(emphasis in original).Ibid, at s. 4.2.1. Principle Two states, 'Anapproved person must act with due skill,care and diligence in carrying out hiscontrolled function' (emphasis in original).Ibid, at s. 4.3.1. Principle Three states,'An approved person must observe properstandards of market conduct in carryingout his controlled function' (emphasis inoriginal).Ibid, at s. 4.4.1. Principle Four states, 'Anapproved person must deal with the FSAand with other regulators in an open andcooperative way and must disclose

appropriately any information of whichthe FSA would reasonably expect notice'(emphasis in original).

(84) Ihid. at s. 4.5.1. Principle Five states, 'An (96)approved person performing a significantinfiuence function must take reasonablesteps to ensure that the business of thefirm for which he is responsible in his (97)controlled function is organised so that itcan be controlled effectively.' Id.(emphasis in original).

(85) Ihid. at s. 4.6.1. Principle Six states, 'An (98)approved person performing a significantinfluence function must exercise due skill,care and diligence in managing thebusiness of the firm for which he isresponsible in his controlled function' (99)(emphasis in original).

(86) Ihid. at s. 4.7.1. Principle Seven states, 'Anapproved person performing a significant (100)infiuence function must take reasonablesteps to ensure that the business of the Jirmfor which he is responsible in his controlled (101)function complies with the relevantrequirements and standards of the regula-tory systeni' (emphasis in original).

(87) Section 56 states, in relevant part, asfollows: '[I]f it appears to the [FinancialServices] Authority that an individual isnot a fit and proper person to performfunctions in relation to a regulatedactivity carried on by an authorised (102)person . .. [t|he Authority may make anorder ("a prohibition order") prohibit-ing the individual from performing aspecified function, any function fallingwithin a specified description or any (103)function' (2000, c. 8 at s. 56).

(88) Ihid. at s. 56(2). (104)(89) Ibid, at s. 56(4).(90) See ihid. at ss. 51-54 (setting forth provi-

sions governing the authorisationprocess).

(91) //;/(i. ats. 2(l)(b).(92) FSA, 'FSA Handbook: Enforcement (105)

§ 8.5.2(l)(a)', http://www.fsa.gov .uk/handbook/BL3ENFPP/ENF/Chap-ter_8.pdf Qanuary 2004). (106)

(93) Ihid. at s. 8.5.2(l)(b). (107)(94) Ibid, at s. 8.5.2(l)(c).(95) FSA, 'FSA Handbook: Threshold Con-

ditions § 2.4.6', http://www.fsa.gov.uk/handbook/BLlCONDpp/COND/Chap-ter_2.pdf (January 2004).FSA, 'Consultation Paper 26: The Regu-lation of Approved Persons, 4', http://www.fsa.gov.uk/pubs/cp/cp26.pdf (July1999).FSA, 'FSA Handbook: Supervision§ 10.4.5', http://www.fsa.gov.uk/handbook/BL3SUPppb/SUP/Chap-ter_10.pdf (January 2004).FSA,' FSA Handbook: Senior Manage-ment Arrangements, Systems andControls § 3.1.1', http://www.fsa.go-v.uk/handbook/BLlSYSCpp/SYSC/Chapter_3.pdf (January 2004).Ihid. at s. 1.2.1 (available at http://www.fsa.gov.uk/handbook/BLlSYSCpp/SYSC/ Chapter_l.pdf).Ibid, at s. 2.1.1 (available at http://www.fsa.gov.uk/handbook/BLlSYSCpp/SYSC/ Chapter_2.pdf).Ihid. at s. 3.1.1. The original statement ofthis principle was set forth in the FSA'sconsultation on firms' senior manage-ment responsibilities. See FSA, Consulta-tion Paper 35: Senior ManagementArrangements, Systems and Controls 8,http://www.fsa.gov.uk/pubs/cp/cp35.pdf(December 1999) [hereinafter Consulta-tion Paper 35].

The defence of ignorance put forth bythe Marquis of Bute, discussed in refs.62—64 above and accompanying text,would not have been available underthese regulations.Consultation Paper 35, ref 101 above, at10.See Financial Services and Markets Act2000, c. 8 at s. 66 (allowing the FSA toimpose penalty for failure to complywith a statement of principle); ibid, ats. 382 (authorising use of restitutionorders).See ibid, at s. 66(2)(b) (defining miscon-duct to include the indirect act of being'knowingly concerned' in an offence).Ibid, at s. 206(1).See FSA enforcement action at http://www.fsa.gov.uk/pubs/final/index-2002.html


(108) This case involved facts that occurred in1996-97 before the FSA was establishedand therefore was subject to the FinancialServices Act 1986 and to enforcementproceedings by the former self-regulatorybody, the Securities and Futures Author-ity (SFA), for breach of High Level prin-

(109)

ciples 5, 7 and 9. These principles todaywould be enforced under the FSA's'Senior Management Arrangements,Systems and Controls' (SYSC).At the time, the FSA's fine was thelargest it had ever imposed on an indivi-dual.

corporate governance and banks: the role of regulation in …a8903a5c-238a-4431-9a4f... ·...

Documents