The Monetary Authority of Singapore has issued new guidance to ensure senior managers in financial institutions take responsibility for deterring employee misconduct
The Monetary Authority of Singapore (MAS) recently issued regulatory guidance setting out five accountability and conduct outcomes that financial institutions (FIs) should achieve to improve oversight of core management functions and deter misconduct, risk management lapses or compliance breaches by staff.
The Guidelines on Individual Accountability and Conduct, which come into effect on 10 September 2021, state that boards and senior managers must speedily report to the regulator any “material adverse developments” that could significantly affect their business, stakeholders or the financial system.
Board members and senior management are required to ensure:
- Appropriate managerial oversight of all material aspects of the firm’s business;
- Consistent and effective communication of expected standards of conduct;
- Appropriate policies, systems and processes for enforcing conduct standards; and
- Transparent and timely communication of relevant material information to clients, shareholders, regulators and other key stakeholders.
MAS has explained that the guidelines are not intended to be exhaustive or prescriptive, and that firms should not adopt a ‘tickbox’ approach to compliance but rather an outcomes-based approach. The regulator seeks through the guidance to embed a strong culture of responsibility and ethical behaviour in FIs in order to protect customers and ensure robust risk management.
Firms should carefully review the measures set out in the guidance, identify those necessary to achieve the five outcomes and make relevant adaptations and enhancements based on the nature, size and complexity of their business. Where there are potential gaps in accountability and oversight, or if the FI’s operations are too complex, the regulator may require the firm to adopt elements of the specific guidance to ensure the objectives are met.
MAS has set out differing expectations for firms based on their size. FIs with less than 50 employees should still aim to achieve the five outcomes but will not “ordinarily be expected” to adopt all elements of the guidance. Firms that cross the 50-headcount threshold after the guidelines come into force will have 12 months to implement the recommended measures.
Larger firms can opt out of specific parts of the guidance that they consider irrelevant to their business, but should be prepared to justify their decisions and demonstrate how they are achieving the outcomes through other means. FIs that are already complying with accountability regimes in other jurisdictions may adapt existing frameworks, policies and procedures instituted at regional or head office levels to their Singapore operations in line with MAS’ guidelines.
The five outcomes
Outcome 1 — An FI’s board or head office should clearly identify the senior managers responsible for managing and conducting core management functions.
Outcome 2 — Senior managers should be fit and proper for their roles and will be held responsible for the actions of their employees and the conduct of the business under their purview.
Outcome 3 — The FI’s governance framework should support senior managers’ performance of their roles and responsibilities, with a clear and transparent management structure and reporting relationships.
Outcome 4 — MRPs should be fit and proper for their roles and subject to effective risk governance and appropriate incentive structures and standards of conduct.
Outcome 5 — The FI should have a framework that promotes and sustains desired conduct among all employees.
Identification of senior managers (Outcome 1)
Under the first outcome, an FI should clearly identify which senior managers have responsibility for functions that are core to the management of the organisation’s affairs and document those individuals’ responsibilities, regardless of whether they are based in Singapore or overseas.
Firms should also clearly delineate their overall management structure to facilitate greater transparency and accountability in decision-making processes. If firms are unable to clearly identify reporting roles, they may need to reduce complexity within their organisations, redefine reporting lines and designate individuals to senior manager roles. This is not limited to business functions – any review should include the core management functions both in Singapore and across the group.
Oversight of senior managers (Outcomes 2 and 3)
MAS expects each FI to maintain accurate and comprehensive records on its standards for assessing the propriety of senior manager appointments and to clearly outline each senior manager’s areas of responsibility, roles in management committees and reporting relationships.
Firms are also expected to establish management committees through a formal mandate and to articulate each committee’s terms of reference and reporting lines. Individual members are expected to raise issues for discussion and to share their diverse views and expertise to enable their committees to reach collective decisions. The guidance notes that the regulatory emphasis on individual accountability does not absolve management committees of collective responsibility, and vice versa.
As would be expected, MAS may assess the effectiveness of firms’ governance arrangements and senior managers’ understanding of their responsibilities during its ongoing supervision of financial institutions.
Oversight of MRPs (Outcome 4)
The guidance states that an FI’s board and senior management should identify and continuously assess the fitness and propriety of material risk personnel (MRP), i.e. individuals with the authority to make decisions or undertake activities that could materially impact the FI’s risk profile, regardless of whether they are based in Singapore or overseas.
The firm’s risk governance framework should ensure MRPs have appropriate mandates, decision-making authority, risk limits and supervisory oversight, along with the “necessary stature and authority” for risk management or control functions. The guidelines also state that FIs should provide MRPs with standards of conduct, regular training and appropriate incentives to help them meet regulatory expectations.
Boards and senior management are expected to establish criteria that consider both the financial and non-financial risks to which their organisations may be exposed, and the materiality of the impact of MRPs’ decisions on the firm’s risk profile, based on quantitative and quality indicators. Potential risks include credit, market, liquidity, operational, technology, conduct, financial crime, legal, regulatory, reputational and strategic risks. The guidance states that the “onus” is on an FI’s board and senior managers to determine appropriate materiality thresholds for the quantitative indicators used, based on the nature, scale and complexity of the FI’s activities.
MAS may require larger organisations to submit information on the quantitative indicators used to assess potential risks arising from MRPs’ decisions or activities. FIs may therefore need to reexamine their governance arrangements to ensure effective management lines of accountability, especially where they operate in a corporate group or have downstream subsidiaries.
Framework for standards of conduct (Outcome 5)
Boards and senior managers are responsible for overseeing FIs’ implementation of the guidance and for consistently embedding accountability and conduct measures across all entities within their group. Expected standards of conduct include honesty and integrity, fair dealings with customers, management of conflicts of interest, adequate risk management and compliance with applicable laws and regulations.
MAS has also stressed the importance of setting the ‘tone from the top’, which should be reinforced by policies, systems and processes to ensure the desired standards of conduct cascade down to all employees and become embedded in the organisation. This should be enforced through, for example, regular monitoring, reporting and escalation of conduct matters; transparent investigatory and disciplinary procedures; an effective whistleblowing programme; and engagement with key stakeholders.
Boards and senior management are expected to notify the regulator as soon as they become aware of any material adverse developments such as misconduct, lapses in risk management and controls, or significant breaches in legal or regulatory requirements. MAS should also be notified “in a timely manner” of any information that may materially affect assessments of the fitness and propriety of senior managers or MRPs.
Impact on international firms
The guidelines apply on a group basis to locally incorporated banks and insurers. Singapore-based firms will need to ensure compliance by their holding company as well as any local and overseas subsidiaries and branches. Foreign banks and insurers will need to apply the rules to their Singaporean operations as well as to any downstream subsidiaries and branches in Singapore and overseas.
Each significant downstream entity is considered a material business function of the parent bank or insurer that could have a bearing on the group’s safety and soundness. FIs should therefore ensure effective senior management accountability in all material business functions and identify the respective senior managers responsible for cross-border functions.
Descriptions of senior managers’ responsibilities should reflect their roles in relation to the Singapore operations, the parent entity and, where relevant, the group. For example, the guidance states that the group chief risk officer’s responsibilities should include identifying, monitoring and managing the parent organisation’s risks as well as the risks across the group, which would include risks arising from material business functions.
MAS has clearly outlined its expectations through the guidance, which will help financial institutions, senior management and employees to embed a strong culture of responsibility and ethical behaviour. This, in turn, will help to preserve the longevity of the organisation and ensure better outcomes for customers and stakeholders.