It’s Time to Act Before Misconduct Does Permanent Damage to the Enterprise

Published On April 29, 2020
13 MINUTE READ

In the last of our articles on the perils of bad actors and continued intolerance for misconduct in the workplace, we examine the road ahead for management as they try to tackle new and sensitive issues to protect their employees and themselves.

The UK Financial Conduct Authority wrote a Dear CEO letter in early January which starts, “following recent, publicised incidents of non-financial misconduct in the wholesale general insurance sector, I am writing to set out our clear expectation that you should be proactive in tackling such issues. We expect you to identify what drives this behaviour and, where appropriate, modify those drivers to shape proper conduct. Non-financial misconduct and an unhealthy culture is a key root cause of harm.’’

“Poor culture in financial services can lead directly to harm to consumers, market participants, employees and markets. It was a key root cause of recent major conduct failings within the industry.”

“How a firm handles non-financial misconduct throughout the organisation, including discrimination, harassment, victimisation and bullying, is indicative of a firm’s culture. We view both lack of diversity and inclusion, and non-financial misconduct as obstacles to creating an environment in which it is safe to speak up, the best talent is retained, the best business choices are made, and the best risk decisions are taken. Although work has been undertaken in the market to tackle the issue of non-financial misconduct, it continues to be prevalent and will be a key focus for our supervision of firms and of senior managers.”

The letter continues, “the Senior Managers and Certification Regime (SMCR) provides an opportunity and catalyst to transform the culture in financial services. The regime emphasises the importance of senior managers taking responsibility for what happens in their areas. As part of our approval of senior managers, an assessment of fitness and propriety will be completed. This looks at factors including competence and capability, honesty, integrity and reputation, and we will consider any known relevant issues of non-financial misconduct.’’

“In particular, a senior manager’s failure to take reasonable steps to address non-financial misconduct could lead us to determine that they are not fit and proper.”

Firms have been warned! FCA’s expectations could not be much clearer.

Chris Brennan, partner at White & Case, compounds this view, “non-financial misconduct often went unreported but the move to a ‘speak up, listen up’ campaign means that is no longer the case. Management must now assess how they respond to these issues. A failure to act or to do so in the right way can have serious consequences.”

In the same breath comes this quote from the FCA’s Senior Managers and Certification Banking Regime Stocktake Report of August 2019, “many firms described a stronger tone and ownership from the top. They said that there was now a change in the level of detail, clarity and quality of conversations on culture and expected behaviours. All the firms talked about the work they had done to create a culture of challenge, escalation and providing a safe environment for staff to speak up.”

Once senior management has made the decision to act, in order to define and categorise the types of behavior and conduct that are expected and acceptable in their work culture, and those that are not, the really hard work begins. As our previous article on the variety of “snake” that lies hidden in almost every organisation describes, many of these traits had not previously been so easily discoverable.

But the question now is how much progress is being made in this new direction, and to what extent the standards are consistent across the industry. Vaughan Edwards, a director and regulatory expert at Medius Consulting, says “it is worrying if management become aware of certain activities on their watch and choose to ignore them e.g. employees sharing extreme political, racist or sexist opinions online. There are going to be shades of grey – employee activism is a challenging area that not everyone will feel comfortable addressing. The scope of what falls under ‘conduct’ has expanded significantly and people are at different stages. The tolerances are also different.”

The reality for many firms might be that most organisations are not set up to deal with these instances because they bring to the surface previously unaddressed and often personal issues. Who is responsible for identifying, reporting, and remediating these? Most firms have a rigid responsibility framework – who should be approaching an employee who is abusing their own family in communications on the corporate network? Or someone who is going through severe financial distress and exhibiting erratic behavior to colleagues and clients? Or someone who is arranging prostitutes and narcotics for themselves and clients on business trips using their work phone? There are a number of “in-trays” that come to mind for the variety of aberration that is now very visible on the corporate network, but they are not an easy fit.

Many will shun this sort of responsibility and claim it is not within their remit; they are not qualified or paid enough to accept such a tricky new role. The compliance team, the legal team, the HR department, the employee’s manager, even the employee himself, come to mind as the first port of call for evaluating, or self-regulating, this sort of behavior. There is no doubt that it needs a different skillset and approach in a fast-changing environment. Senior management needs to think carefully about appropriate training for those that are going to deal with these issues, and the creation of a process built around the identification and remediation of these conduct anomalies.

Edwards adds, “some firms have formed a panel where they typically have a roster of people (that form a cross-section of the firm) here from Compliance, HR, Legal and maybe a front office rep. Over time you have the same people assessing the same type of conduct situations so you get some consistency which is critical. The final piece is that their decisions get passed through someone pretty senior at the firm for effective rubber-stamping ahead of a formal notice to the employee of the imminent notification to the regulator (e.g. FCA) which the firm is obliged to send to any future employer.’’

“Properly orchestrated controls around the identification and resolution of conduct breaches will help a firm hugely in its approach to dealing with conduct well.”

At one progressive sell-side firm that recently deployed Behavox to analyze its conduct, escalations had previously been sent only to compliance executives. Once awareness of the heightened quality of alerts became recognized, the list of people who wanted access to the escalations started to grow. They argued that they may have applicability to their own area; key executives saw value in reviewing these (and if they could, dealing with them). This activity shows they are engaged in the business, and helps promote their standing at the firm. It displays a rare collegiate approach to the problem.

Edwards goes on to warn, “it comes back to the same principles that apply to the conduct rules more generally, where if a conduct rule breach is identified it will require notification. There is a connection here to the employee’s expectation that the firm needs to treat this fairly and get that notification right. It goes on that employee’s record and needs to be notified to another firm if they move. This could have significant negative consequences for that person’s career. Consistency is key here. Take an employee who is reprimanded for sending pornographic material to colleagues – this goes on his record and may well stop him getting a job elsewhere. Let’s say he knows that his boss has done the same thing but has not been similarly reprimanded. He has a very strong case to take legal action against the firm.”

Brennan expands on the issues that firms need to consider when dealing with these situations, “the quandary here for firms under regimes like certification is that the firm now has to make the call as to whether that person can be certified. That means effectively second-guessing the FCA’s view on that question. This decision is made all the more difficult because of the lack of clarity around what might be considered relevant in assessing fitness and propriety. In particular, the separation between personal and work life appears to have been blurred. Is it right that a financial conduct regulator should be concerned about conduct more generally? For example, if someone became involved in a fracas at a pub outside of working hours, does that render them unfit? What about recreational drug use or using prostitutes? Although these issues may be entirely unconnected to the honesty or competence of the individual, firms are likely to take a cautious view and refuse to certify the individual.”

He adds, “let’s say a successful banker who has never had any issues in the past, makes a drunken advance to a colleague at a party and, not surprisingly, gets reprimanded or dismissed. The question then is how does that factor in the assessment of fitness and propriety. That is a difficult question and most employers now probably say it is a blanket ‘no’. That means the individual is effectively unemployable in financial services. The route of the problem now is people don’t know where the line is drawn. It is difficult to calibrate the response to someone’s actions in terms of what should be reported to FCA, and what FCA deems to be career-limiting or career-ending. There is still work to be done in understanding that calibration to ensure that the outcome is not disproportionate.”

Messaging to the organisation what is and is not acceptable, which plays into the formation of the “culture” that is desired (as opposed to the reality of what the culture actually is) will start to build a code that marks out clearly what is viewed as transgression, and how that will be approached and dealt with from an HR and management perspective. John C. Williams, the CEO and President of the New York Fed, has interesting advice that must be heeded by any fellow CEO that is staring down the conduct and culture issue in their firms, “I’ve tackled these issues by focusing on principles and values rather than writing extensive policies that try to cover every potential decision. This puts a premium on individual accountability to do what’s right and creating an environment where everyone has the ability and responsibility to speak up. Somewhat paradoxically, focusing on principled decision making and accountability, rather than relying exclusively on rules and policies, can be the most effective safeguard against wrongdoing and unethical behavior.”

Chris Brennan has solid advice for those just starting to consider and reform their approach, “you can have a great system to leverage lessons learnt, listening up and encouraging an open culture where issues are raised and dealt with appropriately. But it all comes down to the actual decisions you make once that process is followed. The decisions need to be appropriately calibrated so as to satisfy the regulatory standards but at the same time not end up destroying an employee’s career unnecessarily.”

He goes on, “some decisions will be easy, such as someone misleading customers or breaching firm policies. Others become more nuanced. What do you do when someone is drinking too much or maybe using recreational drugs at the weekend? Those decisions may be much harder. The fact that a firm has a policy that helps to determine what is and is not acceptable will obviously make the decision-making process easier. The former McDonald’s CEO, Steve Easterbrook, had a consensual relationship with a senior colleague – both were single and there was no suggestion of any impropriety connected to this relationship. But this made no difference as the company policy was clear and said no relationships between employees. That might be where we get to where firms start to lay down some very specific and perhaps draconian rules.”

He continues, “the biggest risk now for financial institutions is not considering these things at all. You will clearly be in trouble if you do not turn your mind to how to deal with these situations. The second risk is designing a process that is not adequately delivered, embedded or executed. The third risk is that your systems and processes are good but you simply make the wrong call (either by supporting an employee who goes on to commit further or more serious misconduct or by dismissing an employee who goes on to make a successful employment law claim). That is the kind of jeopardy here. In some senses it is akin to the decisions made in the criminal justice system. Is someone a risk to society? Is someone a risk to your organization?”

He concludes, “I would be very surprised if anyone is not considering all of this now and has not got a ‘speak up, listen up’ approach. This is great and all for the good; the industry is dealing with something that needs to be addressed. We just need to ensure that we do not stray too far and get a disproportionate response.”

There is no saying where the formal regulatory environment might progress as the drumbeat gets louder on culture analysis and its drivers; FCA has released a number of speeches in the last 18 months that suggest it will be more proactive in its supervision of both financial and non-financial misconduct and will use indicators of cultural insufficiency and slack attitude towards discipline around certain values that drive employee behavior related to sexism, racism, bullying, discrimination and the like. These, in turn, will be deemed as markers that will affect the intensity with which they will regulate and supervise other areas of that business. The implication is that if a rat is thriving in one part of the building, they are usually not solitary actors!

The thinking is matched by other senior regulators. John C. Williams spoke in London in January at a Core of Culture conference, and said “culture is at the heart of behavior and norms, and the single most important factor driving the decision-making of employees. But illicit and unethical behavior is rarely the result of an isolated “bad apple.” It’s more often the symptom of a rotten culture. And rotten cultures don’t appear overnight…”

The increased sunlight on the darker elements of every enterprise presents a challenge for the current leadership that they cannot avoid any longer as the impact will hurt their businesses significantly in the medium term and beyond. It’s time to act – the reality is that time is limited for organisations to get into shape before they lose their employees, their reputation, their clients, their livelihood. Any delay is simply not sustainable.