22 April, 2015
What You Need To Know
- Personal responsibility and holding individuals to account was a key theme at this year's ASIC Annual Forum.
- The UK's Financial Conduct Authority has already been using attestations to achieve this objective of increasing senior management accountability.
- ASIC has adopted a number of other concepts developed by the UK's Financial Conduct Authority and accordingly this is an initiative that may be on the regulatory horizon for Australia.
What You Need To Do
- If you have any questions in relation to attestations please contact us.
What Is An Attestation?
An attestation is a request from the regulator to a specific senior individual at a regulated firm that they personally attest that a certain set of affairs exists. Where an attestation proves to be incorrect, this can result in personal liability for the relevant manager that signed the attestation, including in the form of a fine and/or a ban from the industry on the basis that they are not a fit and proper person.
Why Were Attestations Introduced In The UK?
Following the global financial crisis there was a perceived failure by the UK's Financial Conduct Authority (FCA) to hold senior individuals to account for the underlying failings that resulted in the need for a publicly funded bail-out of certain banks in the UK. Accordingly, the FCA has been under significant public and political pressure to bring actions against individuals, and attestations are one of the key tools that they are using to achieve this.
Attestations are now part of the FCA's everyday toolkit and their use is commonplace in the UK with senior individuals such as the CEO or the Head of Compliance at many UK banks having signed at least one attestation. There are however very few controls around how the FCA can use attestations as they are a regulator-created concept with no statutory or legal basis.
This is made even more onerous for the relevant individual by the fact that the FCA drafts the attestation and these are generally framed in absolute terms and are non-negotiable. Accordingly, there is no opportunity to include limitations on the liability that the individual is taking on, for example in terms of "reasonable steps" or "to the best of one's knowledge".
Implications In Australia
We have not seen personal attestations used by ASIC or APRA in any extensive way in the context of securing enforcement outcomes. The concept of attesting to past compliance (e.g. Australian credit licensees), or the adequacy of risk management arrangements (e.g. Board declarations under APRA CPS220) exist in Australian regulation, but not the more specific attestations which are being sought by the FCA.
There is no reason as to why ASIC or APRA could not seek to introduce attestations as an additional administrative tool available to them to address specific concerns, and attestations as a tool could potentially be introduced without a specific legislative basis (as has been the case with the FCA).
For further information, please contact:
Jonathan Gordon, Partner, Ashurst
jonathan.gordon@ashurst.com
Corey McHattan, Partner, Ashurst
corey.mchattan@ashurst.com
Anne Mainwaring, Ashurst
anne.mainwaring@ashurst.com
Nicky Thiyavutikan, Ashurst
nicky.thiyavutikan@ashurst.com
