Bad things can happen in any financial services firm. None are immune to internal errors or systemic failure – and transgressions by wayward employees are, unfortunately, an occasional hazard of real life. What matters most, though, is how management responds when misconduct comes to light.
In particular, do the firm’s executives react by containing the problem and implementing robust measures to prevent a recurrence? Do they report the matter to regulators immediately? Does the firm compensate every harmed client in full promptly?
Smart firms do all this. They then qualify for special treatment in regulatory prosecutions that flow from the incident. For example, they receive “credit for co-operation” that can reduce fines substantially – by millions of dollars in one recent case alone.
In some jurisdictions such as Ontario, these firms also become eligible for “no-contest” settlements, which resolve enforcement proceedings without the firm having to make an admission of wrongdoing that could come back to bite it if any clients sue afterward.
This policy of giving prosecutorial discounts in deserving cases is meant to lighten the punishment that gets meted out. But what we really should be asking is: why are these firms being prosecuted and punished at all?
By their own initiative, they’ve promptly put things right, including, most importantly, compensating everyone who was affected adversely. Firms that do so are poster children for corporate responsibility. If we want to encourage more such behaviour, spanking them doesn’t make a whole lot of sense.
Instead, we should be lauding them and easing the path for others to follow their example. So, why not simply create an administrative process allowing them to submit paperwork detailing what happened and documenting, specifically, these six key things:
- Their non-compliance was inadvertent or the result of rogue employee misconduct that the firm did not encourage, countenance or know about.
- The problem did not arise and its detection was not delayed by a lack of diligence on management’s part.
- The firm didn’t ignore or attempt to cover up the incident.
- Internal processes have been strengthened sufficiently to ensure the problem won’t occur again.
- Appropriate disciplinary action has been taken against every employee who engaged in deliberate wrongdoing.
- Every client harmed by the error or misconduct has been identified, the extent of the harm they’ve suffered has been accurately determined, and the firm has fully compensated them.
Let regulators pore over the material and investigate further as they deem necessary. But ultimately, if they’re satisfied that these six criteria have been met, the only action they should take against the firm is to identify it in a news release about the incident.
That bulletin should set out a description of the wrongdoing in enough detail to let the public understand the nature and gravity of it. Measures taken by the firm in response should be mentioned, including the fact that all affected clients have been made whole. Regulators should state they are satisfied the firm dealt with the event appropriately.
And that’s it.
No need for officials to crank up their costly enforcement battle machinery, as a state of compliance has already been restored. No need for the firm to deploy reputation management countermeasures. No stigma. Best of all, no need for investors to spend money and incur angst to secure recompense. Everybody wins – except any employees who went rogue, if that’s what caused the problem. They would still get prosecuted, and deservedly so.
Currently, regulators are limited to issuing a “no action” letter when they approve of the firm’s response and want to hold off taking enforcement action. The letter forms part of the firm’s record but is not disclosed publicly. That’s less than ideal as it fails to provide transparency. It also doesn’t capitalize on the opportunity for encouraging others to follow the firm’s good example.
Moreover, this approach keeps the matter pinned to a narrative that’s essentially negative in slant (we’ve decided not to prosecute you) instead of a celebratory one (you dealt with the situation well).
So, again, why not move these cases out of enforcement altogether and into a purely administrative process that isn’t freighted with prosecutorial overtones and limitations.
Perhaps there would be concerns about diminished deterrence – i.e., won’t this initiative foster a cavalier attitude toward supervision if companies can just clean up any messes when they occur and then walk away, penalty free?
Another related concern might be optics: will this make regulators appear soft on misconduct?
The short answer to both questions is no. Recall that the program would excuse only non-compliance arising where there has been either no complicity or lack of diligence by the firm[PF1] . Those who have turned a blind eye to wrongdoing or have been lazy in their oversight duties won’t qualify for exemption. They’ll still face fines, denunciation and suspensions or bans and deregistration, where warranted.
So, this approach isn’t soft on malfeasance. Yet, it offers maximum redemption for those who act responsibly when “stuff happens.” It’s a big carrot, to be sure, but the deterrent stick’s still there to whack anyone in management who enables transgressions.
In addition, this approach emphasizes that the true dividing line between culpable misconduct and pardonable error lies in whether the wrongdoing was intentional or inadvertent, and whether good or bad choices are made once the problem surfaces.
Finally, this approach prioritizes getting redress for harmed investors – something regulation hasn’t always focused on as much as it should. That’s the right priority. So let’s actualize it now by stepping up from a system that offers credit for co-operation to one that strategically sets punishment aside and gives kudos for accountability instead.
Neil Gross is president of Component Strategies, a capital markets policy consultancy in Toronto.