Conflicts of Interest and Ethics Requirements Reemphasized
By: Laura Pringle
October 23, 2012
Ethics requirements for financial institutions and their directors, officers, employees and those who provide services to financial institutions are very much a focus of the regulators and the public. There have long been many statutory and regulatory requirements to be met and guidances from the regulators, but these requirements and guidances continue to be enhanced as concerns have arisen about practices which are not in the best interests of particular financial institutions. Many strongly worded policies have been suggested and adopted, but ongoing and current review of how those policies should be enforced to avoid regulatory criticism should be a priority of Boards of Directors. This article will briefly highlight several requirements and regulatory expectations as a beginning point for encouraging Boards to engage in conversations about ethics and how to best address risks, including reputation risk, at each financial institution.
Bank Bribery Act and Required Codes of Conduct
A high priority for Board members is the adoption and direction of full compliance with a policy which must include the requirements of the Bank Bribery Act as well as addressing conflicts of interest in a Code of Conduct. All directors, officers, employees, agents and attorneys are required by federal criminal law to read and sign this policy and any modifications to this policy. These provisions apply to all financial institutions and can be found at 18 USC 215. Also, these requirements were addressed in various regulatory issuances including the FDIC Regulatory Guidelines in BL-32-87.
In addition, the Bank’s employees, officers, directors and institution-affiliated parties are subject to a number of statutory and regulatory prohibitions and affirmative obligations which were emphasized by the Federal Deposit Insurance Corporation (“FDIC”) in its Financial Institution Letter, FIL-105-2005, “Corporate Codes of Conduct Guidance on Implementing An Effective Ethics Program” on October 21, 2005 (the “Corporate Guidance”). The FDIC explained that Guidance was issued to “remind financial institutions of the importance of written standards to promote honest and ethical conduct, compliance with applicable rules and regulations, and accountability in adhering to a corporate code of conduct or ethics policy.” A number of areas of law were referenced specifically in this Corporate Guidance and several very specific points are made which provide excellent references for topics to be discussed at the Board level and in employee training including the following:
- Ensuring the integrity of records, including maintaining records and accounting information with accuracy, reliability and integrity and reflecting transactions in an accurate and timely manner; and prohibiting false entries and activities that result in false entries;
- Providing strong internal controls over assets, including proper reporting and disclosure of financial information;
- Providing candor in dealing with auditors, examiners and legal counsel;
- Ensuring that all compensation arrangements comply with applicable statutory and regulatory limitations, requirements and guidances;
- Ensuring that all extensions of credit to employees, officers, directors and other institution-affiliated parties fully comply with all applicable statutory and regulatory requirements and limitations;
- Ensuring that the appointments and conduct of all directors and senior executive officers is fully in accordance with all applicable statutory and regulatory requirements and limitations, including any required prior notice and/or approval for director or executive officer appointments;
- Ensuring that appropriate investigations, including pre-employment background screenings, are conducted as to all employees; and
- Ensuring that any changes of control or interrelationships of management officials with other institutions are fully in accordance with applicable statutory and regulatory limitations, requirements and guidances.
Disclosures and Audits of Conflicts of Interest
This Corporate Guidance discussed above went on to emphasize the importance of having in place an effective audit program to monitor internal controls against self-serving practices and conflicts of interest. Specifically, that program is to be adequate to accomplish the following:
- Identify operational weaknesses;
- Ensure corrective action; and
- Ensure compliance with laws, regulations and internal policies.
The Corporate Guidance also provides an expectation that each financial institution’s program will include a mechanism for the reporting of questionable activities. One of the mechanisms mentioned is the establishing of a hotline and specific reference is made to “Guidance on Implementing a Fraud Hotline” in FIL-80-2005. In addition, the Corporate Guidance states an expectation that each financial institution program subjects violations of the Code of Conduct and Ethics Policy to specific and appropriate penalties in order to deter wrongdoing and to promote accountability for adherence to such a policy.
Compensation and Personal Use of Records
You should be aware that the Dodd-Frank Act included provisions amending the Truth in Lending Act which imposed restrictions on loan originator compensation and on steering by loan originators and rules implementing these requirements amended Regulation Z and apply to closed-end transactions secured by a dwelling for loan applications received since April 1, 2011. Thus, currently, issues surrounding mortgage origination are receiving regulatory attention; however, compensation concerns have been and continue to be the subject of very significant statutory and regulatory directives.
There were significant concerns arising in the 1980’s regarding compensation for financial institutions of all sizes and these concerns were in part addressed when the Reigle Community Development and Regulatory Improvement Act amended the FDIC Improvement Act in 1994 resulting in the issuance of Interagency Standards for Safety and Soundness. Those standards continue to require financial institutions to determine whether compensation to an executive officer, employee, director, or principal shareholder is excessive. Financial institutions are expected to consider at least the following criteria under the current regulatory standards:
- The combined value of all cash and noncash benefits provided to the individual;
- The compensation history of the individual and other individuals with comparable expertise;
- The financial condition of the financial institution;
- Comparable compensation practices at comparable institutions, based upon such factors as asset size, geographic location, and the complexity of the loan portfolio or other assets;
- For post-employment benefits, the projected total cost and benefit to the financial institution;
- Any connection between the individual and any fraudulent act or omission, breach of trust or fiduciary duty, or insider abuse with regard to the financial institution; and
- Any other factors the regulatory agencies determine to be relevant.
Failure to meet the Interagency Standards, which mirror statutory provisions, can subject financial institutions to enforcement actions and prompt corrective action. Section 39 of the FDIC Improvement Act at 12 USC 1831 p-1.
More recently the FDIC saw a need to issue “Guidance Regarding the Copying and Removal of Confidential Financial Institution Information” in FIL-14-2012. This Guidance can be accessed at http://www.fdic.gov/news/news/financial/2012/fil12014a.html. While these Guidances were issued because of the taking of records to prepare to defend regulatory actions, the Guidelines more broadly state and reference several laws prohibiting access to records for reasons other than those that are in the best interests of the financial institution and are instead for personal interests or gain. Of course, using information to either take a corporate opportunity or an opportunity of a customer has led to litigation against officers and directors as well as financial institutions. The broader statements include the following information which include good reminders for discussion and training as well:
Various federal laws and regulations govern the treatment of information that financial institutions accumulate during the normal course of business and through interaction with regulators; for example:
- FDIC regulations expressly prohibit the disclosure of examination reports and other supervisory correspondence. FDIC reports of examination and other supervisory documentation do not belong to the financial institution, but remain the property of the FDIC. This prohibition protects the confidentiality of the examination process and ensures confidence in the banking system. 12 C.F.R. § 350.9.
- The FDIC and other federal agencies prohibit the disclosure of SARs because they contain information that could be prejudicial or damaging to law enforcement efforts as well as to individuals if made public. 31 C.F.R. § 1020.320(e) and 12 C.F.R. § 353.3(g).
- Federal statutes, including Title V of the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, as well as numerous FDIC regulations, require financial institutions to properly safeguard confidential consumer information and to refrain from disclosing personally identifiable information found in many financial institution records unless particular consumer opt-in requirements are met. To that end, financial institutions must implement and strictly follow a comprehensive information security program. The purposes of such a program include ensuring the security and confidentiality of customer information, protecting against any anticipated threats or hazards to the security or integrity of such information, protecting against unauthorized access to or use of such information that could result in substantial harm or inconvenience to any customer, and ensuring the proper disposal of confidential information. 12 U.S.C. § 1831p-1; 15 U.S.C. §§ 6801 and 6805(b); and 12 C.F.R. Part 364, App. B.
- Federal laws and regulations also establish strict requirements for the exchange of confidential consumer information among affiliated and nonaffiliated entities. 15 U.S.C. § 6801, et seq.; 15 U.S.C. §1681 et seq.; 12 C.F.R. Parts 332 and 334.
Compensation which is deemed to be illegal or just excessive has been a focus of the regulators and the public. Risky lending and fee-taking rewarded by compensation arrangements meant to increase earnings have caused significant problems in fair lending compliance and unfair practices as well as other areas of law.
Insider and Borrowing Asset Purchases and Sales
Just as insider borrowing laws were passed to specifically address alleged insider abuses in the 1970s, Congress included new teeth to the statutory provisions addressing transactions with insiders in the Dodd-Frank Act. Specifically, Section 615 of the Dodd-Frank Act amended Section 18 of the Federal Deposit Insurance Act to add a “general prohibition on the sale of assets” to and from an insured depository institution and any executive officer, director, or principal shareholder or any related interest of such person unless:
- The transaction is on market terms, and
- If the transaction represents more than 10 percent of the capital stock and surplus of the insured depository institution, the transaction has been approved in advance by a majority of the members of the board of directors of the insured depository institution who do not have an interest in the transaction.
Compliance with this statutory provision was required effective July 21, 2011. However, you should be aware that requirements for arms length transactions, with full disclosure and appraisals and prior approvals of Boards as well as by regulators in some cases, have long been important to avoid criticisms and potential liability and continue to be very important in Safety and Soundness Examinations and regulatory ratings.
Boards of Directors set the stage and provide the examples for others of the ethics expectations at each financial institution. As the lead is taken and examples set by Board members, a financial institution is better prepared to meet regulatory requirements and to avoid or reduce reputation risk. All employees and those who provide services to financial institutions are to be held to the standards set by the Board of Directors. Current and regular training sessions and enforcement of standards should be a priority for those who are willing to be Board members and particularly for those who assume Audit Committee responsibilities. Proactive and preventative steps to require compliance and enforce high ethical standards can be expected to be well received in upcoming Safety and Soundness examinations and reflected in regulatory ratings, particularly management ratings, and to reduce reputation risk.
This Article was also published at Wolters Kluwer’s Compliance Headquarters™ website: www.complianceheadquarters.com.