Only one banker has been forced to serve prison time as a result of the global financial crisis. Image sourced from Shutterstock.com
Despite bankers playing a central role in the global financial crisis, only one has been jailed as a result, leading many taxpayers and investors to ask why more haven’t been criminally held to account.
The answer is complex, related to the layers and layers of organisational obfuscation that works towards making nobody responsible for anything. Everyone is to blame for the crisis but at the same time nobody’s to blame.
In his annual Mansion House speech last week, Bank of England chief Mark Carney warned that “the age of irresponsibility is over” and said:
“Markets responsible for trillions of pounds of global trade were stained by excess, collusion and abuse and that ‘ethical drift’ had taken hold. And Criminal sanctions should be updated, with market abuse rules similarly extended and maximum prison terms lengthened.”
In making these comments, Carney, and the UK Chancellor (Treasurer) George Osborne, were endorsing the long awaited Fair and Efficient Markets Review which called for increased criminal sanctions for market manipulation. The UK government is considering a new statutory offence of a “corporate failure to prevent economic crime” and is examining the rules on “establishing corporate criminal liability” more widely.
Australia is considering similar sanctions. At a Senate Estimates hearing this month, ASIC chief Greg Medcraft let slip that the regulator was considering tougher sanctions.
“Under section 12.2 of the Commonwealth criminal code, a company can be held responsible as an accessory for a breach of certain Commonwealth laws by its employees if the company’s culture encouraged or tolerated the breach.”
He then brought out the big stick:
“It’s a provision we need to think about more – and it’s one, frankly, we are.”
Jailing an individual for deficiencies in an organisation’s culture appears pretty far fetched, but that is exactly what Section 12 of the Commonwealth Criminal Code appears to provide for.
The Criminal code is, as one would expect, full of legalese but does actually define “culture” quite clearly as:
“An attitude, policy, rule, course of conduct or practice existing within the body corporate generally or in the part of the body corporate in which the relevant activities takes place”.
One of the key words here is “policy”, such as official company policies on fraud or behaving ethically towards customers. Having put in place such policies, the criminal code is pretty clear that corporations are required to enforce them, otherwise the corporation might be considered guilty of a “corporate culture of non-compliance or of failure to maintain a corporate culture of compliance, with the law”.
In a recent case in the US, Standard & Poor’s was fined a whopping US$1.375 billion for misconduct in mis-rating complex securities before the global financial crisis. The argument that the US Department of Justice made was fairly novel. In mis-rating securities, it argued, bank employees broke the rules in their company’s Code of Conduct. Since investors read (and believed) the organisation’s Code of Conduct and S&P didn’t enforce it, it was guilty.
In Australian terms, S&P had a “culture” of non-compliance. So, in theory, if employees of Australian financial institutions do not follow their codes of conduct and break the law, then the institution would also be at fault, under section 12 of the Criminal code.
But how does a regulator move from attributing blame to a corporation to charging a senior officer of the firm, such as a chairman or CEO?
Section 12 identifies four so-called “fault elements”: intention, knowledge, recklessness and negligence, which can give rise to an individual and then a corporate offence.
In the UK, the 2013 Banking Reform Act introduced a new criminal sanction for “reckless misconduct that leads to bank failure”. Although the new legislation has been somewhat neutered by requiring a bank to actually fail before jailing the culprits, it is nonetheless a major step forward. But Section 12 appears to have no such limitation.
How could a senior banker be considered reckless?
Section 5 of the code identifies that a person is reckless with respect to a “result” if: “(a) he or she is aware of a substantial risk that the result will occur; and (b) having regard to the circumstances known to him or her, it is unjustifiable to take the risk”. Interestingly, the code states that the question of whether taking a risk is unjustifiable is one of fact, not opinion.
This, of course, hangs on the meaning of “substantial risk” but the code provides a definition that “the risk is substantial if a reasonable observer would have taken it to be substantial at the time the risk was taken”.
Having heard the reservations of these experts, senior bankers must consider the risks of lending into such a market. It does not mean they should not lend but that the risks they take should be justifiable. In practical terms, they must proactively manage these risks.
If senior managers have not put in place the systems to report and monitor such risks then they cannot reasonably argue that the risks are justifiable – they just won’t know and therefore could be considered reckless.
On the other hand, if reporting systems have been put in place, but the senior managers do not read the reports in detail and take action where necessary that too could be considered reckless.
And if the senior managers do all of the right things but do not ensure the risks are being managed properly by frontline staff, that could also be considered reckless. In other words, it is not enough for senior managers to say “do something”, they also need to ensure that it is done by subordinates, otherwise the culture is at fault.
When someone is sent to jail for such an offence, although justified, it is an admission of failure. It is always better (and less expensive) to put prevention measures in place.
What would prevention look like?
Using the example of runaway house prices, pressure could be brought to bear on senior bankers by the mere action of officially identifying a “substantial risk”, such as with Stevens’ comments. That should trigger a response from banks, even if only to say “it’s under control”, which can then be tested by regulators.