What you need to know about Ireland’s Individual Accountability Framework (IAF) Bill
When does IAF come into effect?
The Central Bank of Ireland’s (CBI) Individual Accountability Framework (IAF) Bill, which includes the Senior Executive Accountability Regime (SEAR), was first announced in 2018 but it wasn’t until August 2021 that the Irish Government presented the Bill.
Plans are now on track for the bill to be enacted in H1 2022 and for the consultation process to be started with key stakeholders in H2, where rules will be confirmed. Nevertheless, there are certain rules that are already going live and financial organisations will be expected to take action
Who will be affected?
The Individual Accountability Framework applies to financial entities in Ireland, specifically Regulated Financial Services Providers (RSFPs), and focuses on senior executive roles.
SEAR, in particular, will be introduced in phases, starting with credit institutions, insurance undertakings (excluding reinsurance, captive (re)insurance, and insurance special purpose vehicles), investment firms and third country branches of these organisations.
What has motivated the IAF?
The role of financial regulation in building resilience, anticipating risk, and protecting citizens – in steady times and through shocks
– Director General, Financial Conduct, Derville Rowland
Similar to the SM&CR regulation put in place in the UK, the IAF Bill aligns with an international movement to strengthen corporate culture and drive better, more resilient outcomes for these organisations and their customers. This is approached as an integrated effort to drive positive behaviour, promote individual accountability, promote the right individual conduct and competence, and heighten risk management practices within individual financial firms across the country.
This is also in part inspired by feedback from the public after a report from Edelman revealed that trust levels in banking remain low after recent challenges such as Brexit and the Covid pandemic. This isn’t helped by the lack of awareness and existing compliance issues surrounding the current Fitness and Probity regime.
In response, the Central Bank have released the IAF to expand and enhance on this regulation, giving financial institutions the opportunity to recover from this perception and common challenges with governance. Primarily, this will be achieved by improving the clarity of individual, committee, and team roles and responsibilities, as well as understanding how to implement this operationally within an organisation.
SEAR specifically draws on the UK’s successful SM&CR implementation in its aim to build effective governance frameworks. SEAR focuses on encouraging senior managers to do this based on assessing risk management and identifying any potential gaps.
What regulation does the bill introduce?
As mentioned, the IAF Bill will be based on SM&CR in the UK and the regulation it introduces will be similar.
The Bill contains four primary elements:
- The Senior Executive Accountability Regime (SEAR): This focuses on the need for firms to clearly and comprehensively evidence where responsibility and decision-making lies in order to build transparency over accountability (See below for more).
- Conduct Standards: This sets out the expected behaviour of firms and individuals including issues of integrity, honesty, skill, care, diligence and consumer interest.
- Fitness & Probity Regime: This section enhances existing regulation in this area, with the biggest change being a larger focus on proactively certifying staff to ensure they are fit and proper to perform their roles.
- Enforcement, Investigations and Sanctions: The Administrative Sanctions Procedure is being strengthened to ensure there is protocol for individual accountability against misconduct. This will instil greater clarity, efficiency, and consistency for the firm, individuals and enforcement agents.
Senior Executive Accountability Regime (SEAR)
Within the IAF, SEAR has been put into effect to ensure greater transparency and clear accountability. It ultimately gives the Central Bank the power to impose obligations onto Regulated Financial Service Providers (RFSPs) in respect to their management, monitoring and reporting of governance and management arrangements.
One of the core challenges that has led to this was proving a causal link between responsibilities and outcomes at large and often complex organisations. SEAR rectifies this by ensuring there is a clear statement of responsibilities for all senior executives within a bank or financial organisation, with an individual tied to all key business and operational functions.
In context, this means they can oblige RSFPs to lay out their responsibility and decision-making infrastructures by making provisions for the following:
- Responsibilities that are inherent to each Senior Executive Function (SEF)
- Prescribing responsibilities which RFSPs must allocate to individuals carrying out SEFs
- The identification and allocation of other responsibilities by RFSPs to relevant SEFs
- Imposing requirements on RFSPs to provide a statement of responsibilities to the Central Bank for SEFs which clearly sets out their role and areas of responsibility
- Imposing requirements on RFSPs to produce a management responsibility map documenting key management and governance arrangements in a comprehensive and accessible way within a single source of reference
The sectors for SEAR have not been explicitly defined in the legislation, but the initial sectors this is intended for have been listed with note that this may be extended in future.
- Credit institutions (excluding credit unions)
- Insurance undertakings (excluding reinsurance undertakings, captive (re)insurance undertakings and Insurance Special Purpose Vehicles)
- Investment firms which underwrite on a firm commitment basis and/or deal on own account and/or are authorised to hold client monies/assets; and
- Third country branches of the above
What are the key changes you should expect for your business?
New expectations have been established in relation to accountabilities, roles and responsibilities, particularly senior staff members. Firms will be required, based on specific regulation, to review and enhance their senior management and governance structures.
For example, Chief Audit Executives (CAEs) will now have responsibilities and influence as a senior person that may not have had previously.
Documentation will also be a key element of individual accountability within firms going forwards. For example, SEAR will require regulated firms to identify and document the responsibilities of senior individuals performing “senior executive functions” within them.
The IAF has outlined three types of conduct standards for RSFPs which should affect training practices and performance standards, as a breach will be considered an enforceable “prescribed contravention” against the organisation or individual in the relevant controlled function (CF).
The Standards of Businesses cover expectations for RSFP conduct including honesty, fairness, skill and consumer treatment amongst others. The Common Conduct Standards outlines similar themes relating to CFs, aiming to provide clarity about behaviour and compliance standards by providing a non-exhaustive list of practical examples to demonstrate what’s expected and guide further training. Finally, the Additional Conduct Standards introduce more obligations for all persons in senior roles to secure accountability and responsibility within roles, decision-making and throughout delegation action.
To support these changes in conduct and integrity from the ground up, as well as those outlined in the Fitness and Probity section of the regime, there will be new requirements on how to assess staff training methods and support after training. These principles are expected to be embedded into the organisational culture and so organisations will need to rethink their HR processes, such as their assessment processes for individual certification.
Another key part of these changes involves enabling sanctions when an individual breaches conduct rules. For example, it will be possible to disqualify and fine senior persons convicted of carrying out their professional responsibilities in a reckless manner.
How can you prepare your finance business?
Download our guide to get key considerations for implementation and practical solutions from Trailight to help you maintain transparency and meet ongoing regulatory requirements.
IAF and SEAR FAQs
Why is individual accountability important?
A firm’s governance is supported by infrastructure and carried out by individuals. This is why it’s important for organisations to ensure they are instilling accountability in their staff while also centring their processes around the people who are responsible for meeting their governance requirements.
Building effective individual accountability ensures not only that the individuals entrusted with certain roles and responsibilities are capable of fulfilling them, but that these responsibilities are clear, recorded, and systemised. Digital fingerprinting or versioning tools, for example, support this process by providing an unequivocal paper trail tracking individual accountability; including an individual’s actions and when they took place.
This both gives people the tools they need while creating a culture where compliance is incorporated into everyday workflows and processes.
What is an SEF and what will their duties be?
SEF stands for Senior Executive Function, which, according to the IAF Bill refers to “a pre-approval controlled function carried on by, for, or on behalf of a regulated financial service provider to whom the senior executive accountability regime applies”.
Their duty is “to take reasonable steps to avoid their firm committing, or continuing to commit, a ‘prescribed convention’ in relation to the areas of the business for which they are individually responsible.” SEFs will therefore be considered in breach of their duties in the following circumstances:
- If when the individual was performing that SEF role, the RFSP committed or continued to commit a prescribed contravention
- If they were, at that time, responsible for the business area relevant to that prescribed contravention
And if the individual did not take reasonable steps to avoid the prescribed contravention occurring or continuing
What are the standards for business outlined by IAF?
The obligations imposed for standards of business describe that a RFSP should:
- Conduct its business professionally, honestly, ethically and with integrity
- Conduct its business with due skill, care and diligence, and take appropriate steps to prevent or effectively manage conflicts of interest
- Act in the best interests of its customers and treat them fairly and professionally
- Maintain adequate financial resources and control and manage its affairs and systems sustainably, responsibly, and in a sound and prudent manner
- Arrange adequate protection for clients’ assets when it is responsible for them
Deal with its regulators in good faith and in an open and cooperative way and shall disclose to the Central Bank promptly, proactively and appropriately anything relating to the firm of which the Central Bank would reasonably expect notice
What changes have been made to the Fitness and Probity (“F&P”) Regime?
The changes made to the F&P regime serve to strengthen the existing obligations of firms in relation to the Fitness and Probity of their key personnel under the CBI’s Fitness and Probity Regime. Primarily, an RSFP will now be required to certify that anyone in a controlled function is meeting the required standards.
In addition, the Central Bank may now investigate individuals that are a suspected danger to consumers or the financial system, whether or not they are currently in a controlled function role.
Who does the Fitness and Probity Regime now apply to?
The fitness and probity regime has been amended to include directors or staff within holding companies established in Ireland. The previous regulation did not include unregulated entities in this regime, but now organisations that fall under the following umbrellas, according to the relevant regulations, must adhere to this regime:
- A financial holding company
- A mixed financial holding company (as defined by the Capital Requirements Regulation)
- An insurance holding company
- A mixed financial holding company (as defined by Directive 2002/87/EC)
What constitutes a RFSP?
A Regulated Financial Service Provider can be defined as either:
(a) a financial service provider whose business is subject to regulation by the Bank under the Central Bank Acts or under a designated enactment or a designated statutory instrument,
(b) a financial service provider whose business is subject to regulation by an authority that performs functions in an EEA country that are comparable to the functions performed by the Bank under the Central Bank Acts or under a designated enactment or designated statutory instrument, or
(c) a financial service provider whose business is subject to supervision by the ECB under a designated enactment.
What are the next steps for implementing IAF?
Before taking any action, here are a few important questions you can ask to assess your organisation’s position:
- Do you have an effective steering committee set up?
- Do you have a widespread communications plan in place?
- To what extent does your organisation meet the F&P expectations?
- Are there any outstanding concerns or issues that need addressed?
- Do you have a defined governance structure? Or, is this in review?
- What is your third party risk management system? Is it robust?
- Does your current approach to compliance integrate with company culture?
- Do you have a shared definition for ‘reasonableness’?
You can find a full copy of the bill here.
If you would like guidance on implementing the IAF with transparency, our experts at Trailight can discuss how our platform supports human-centric regulatory compliance for finance organisations. Just get in touch.