News

June 10 2023

Really enjoyed doing this talk and participating in the panel session with Patrick Spens, Alex Viall and Rob Mason.

Interesting thoughts from Patrick Spens on the future of regulation, current governmental approaches and compliance risks firms should be aware of – sanctions, for instance.

And I said more than just what is reported below, of course!

Tell stories to embed compliant conduct, says Carroll Barry-Walsh

May 7 2023

Remember the De Lorean fiasco? To provide jobs in Northern Ireland, the then government paid the bouffant-haired car designer to set up his factory there. It collapsed a few years later amidst missing money and fraud. Arthur Andersen, the auditors, who admitted missing obvious fraud signs, were banned from government work and sued. It was only when Blair won that the ban on AA was lifted and a risible settlement agreed. (Doubtless entirely coincidentally, AA had provided free advice to Labour in opposition. A “scratch my back and I’ll scratch yours” approach to favours has never restricted itself to one party.)

Fast forward a quarter of a century. Fujitsu, whose Horizon accounting system used by the Post Office, was responsible for the largest miscarriage of justice in British history, has suffered no similar penalty. Indeed, no penalty at all. Far from it. It has been rewarded with more lucrative government contracts; it has not paid any compensation; no company official has been held responsible.

Why? Well, one answer is that AA’s failures harmed the government. Whereas Fujitsu and the Post Office only harmed some lowly sub-postmasters and mistresses. A cynical take. But an accurate one. The brutal reality is that being in public ownership or a public service does not automatically mean an organization behaves well. Worse, it often means that when it causes harm to others, its primary interest is to protect itself – even at the expense of those it has harmed. This is not new. See how the Aberfan families were treated in the decades after the loss of their children. Or the victims of the blood contamination scandal or many other NHS scandals or Windrush.

This story shows a state – and many of its key functions: the Post Office, owned by the state, the criminal justice system, run by the state, and the responsible Ministers and civil servants – to be malign, incompetent, indifferent to the damage caused, defensive and determined (behind all the paraphernalia of inquiries, reviews, assessments) to delay the allocation of responsibility, effective consequences for those responsible and proper, timely compensation for those harmed. It is no consolation – nor anything for the rest of us to be proud of – that some judges, some lawyers, a few persistent journalists and 1 MP – James Arbuthnot – have battled and are still battling to ensure justice.

There has been a book, a podcast, a heartbreaking Panorama documentary. The Times has written some scathing editorials. The inquiry grinds on, lawyers argue about different compensation schemes, the police investigation into possible perjury by Fujitsu personnel has been announced. But nothing seems to happen. Meanwhile yet more postmasters die – 59 so far. Is that the plan? To wait until everyone is dead, then quietly bury whatever report is produced while those responsible get away with it and carry on making money? Apparently so.

It is cruel. It adds a further injustice to the original one. It displays a contempt for the people who have suffered and are still suffering. It displays an indifference to the human consequences of people’s acts and omissions, something all too easy to forget amongst the mass of wrongdoing patiently unearthed by courts and inquiries. That cruelty consists in holding out the promise of compensation while making the process of getting it long, complicated and difficult. Meanwhile, those responsible, both for the injustice and the delays, suffer nothing, withhold evidence from the inquiry and/or, grotesquely, award themselves bonuses and lie about it. On its website the Post Office says it wants “to remain one of the most admired institutions in the public sector”. “Remain“? “Most admired“? Both delusional and arrogant.

Why has this scandal not been taken more seriously?

• The very diffuse nature of the tragedy over two decades. Lots of individual stories, all heartbreaking. But no one event or place to focus on. No image. No buried school or trapped fans in a football pen or burnt-out tower. No anniversary. So it is easy for it to fade away into a complicated background, something to do with accounting and IT and legal stuff. No-one is going to sing their heart out for that. No Royal is going to visit and lay flowers.
• Worse – this was not just the wrong people convicted of a crime. There was no crime.  It is hard to get your head round the fact that hundreds of people were investigated, tried and convicted for crimes that never happened. How can this possibly be?
• The people to whom this happened come from all backgrounds, all over the country, of all ages. It makes it worse but also means they have no obvious representative to speak for them, no-one to whom they – collectively – matter.
• No political party has taken up their cause. All the major parties had Ministers responsible for the Post Office who failed to ensure that it behaved competently and then, when the scandal erupted, failed to ensure that it was handled properly. So they hide behind their pathetic claims that they weren’t briefed or didn’t realise or delegated or assumed that others were doing their job and are shocked and appalled and oh dear … blah blah .. and very sorry etc.,. What is the point of these junior Ministers if all they can do is hand-wringing avoidance of responsibility?
• Far too many groups behaved badly. What makes this so hard to comprehend is the overwhelming scale. Look at all those responsible: Fujitsu, those who developed, oversaw and sold Horizon, Post Office management at all levels, internal investigators, in-house lawyers, external lawyers, IT staff, those knowing something was wrong but saying nothing, Ministers, civil servants advising them, prosecutors, the judges’ ruling that the computer evidence should be believed (one of the stupidest judicial rulings made). All these, through their actions and omissions, are responsible; many continue to be responsible for the delays in giving the victims adequate compensation while they are still alive. Easier to forget or not engage at all.

Among all these failings, two deserve very close scrutiny.

The lawyers

There were obvious problems with the Post Office being its own prosecutor, the confusion between the role of investigators and prosecutors, the failures of those investigators, a lack of clarity about the duties owed and to whom by the in-house lawyers, failures to make proper disclosure, withholding key evidence, failure to speak up, conflicts of interest for the lawyers advising on the compensation schemes, lack of honesty, failure to understand or challenge the accounting and technical evidence (a persistent problem for the legal system – see the Sally Clark case) and so on. Bluntly, the Post Office ruined innocent people by lying, manipulating and subverting for its own commercial advantage the English justice system. Its lawyers were central to that. Many of those involved should be ashamed of – and deserve censure for – their unprofessionalism and behaviour.

The approach to the technical (in this case, computer) evidence

There is a tendency (not confined to the Post Office) to believe there is one technological system which will provide the answer to a problem; and believe only what that technology tells you. Both are foolish, dangerous impulses. (A lesson for us on the cusp of a new technological revolution.) When combined with working back from your desired conclusion (“we’re going to find fraud with our shiny new toy”), miscarriages of justice are all but inevitable. (Something for Holyrood to consider before proceeding with its judge-only rape trial pilot designed to increase convictions.)

What now?

3 people: the PM, the Chancellor, the Business Secretary need to stop hiding behind endless inquiries and legal to-ing and fro-ing and make it a top priority to get compensation paid promptly.

• Those MPs trying to help their constituents need to badger them until they do.
• The inquiry into responsibility must be uncoupled from the assessment and payment of compensation.
• Fujitsu should be given no government contracts until they pay compensation.
• The Post Office’s senior management needs replacing by honest capable people. A public explanation is needed for why it awarded itself a bonus scheme for complying with an inquiry set up to investigate its own failings and why it lied about it in its public accounts.

Meanwhile, remember the words of Desmond Ackner QC, Counsel for the Aberfan families, to the official inquiry. They apply as easily to Horizon as to a slag heap.

This was a slow growing man-made menace, fed by the indifference of those who should never have permitted its existence. That is the horror of this disaster. There can be no more bitter reminder of the truth and wisdom of George Bernard Shaw’s condemnation –

“The worst sin towards our fellows is not to hate them. It is to be indifferent to them. For that is the essence of inhumanity.”

Photo by Kutan Ural on unsplash.com.

March 18 2023

It is a measure of how seriously the Swiss authorities view Credit Suisse’s position that they are, according to weekend reports, orchestrating a UBS takeover or rescue.

The Terrible Two

It is not the first time that a merger of these banking behemoths has been considered. Last time it was Credit Suisse which considered acquiring UBS when it was in serious difficulties after the 2008 Global Financial Crisis. UBS survived, with Swiss government backing, shareholder cash, endless cost-cutting and, eventually, after a revolving door of unmemorable CEO’s for its troubled investment bank, a return to its strengths: wealth and asset management not the chimera of an all-singing, all-dancing full service global bank able to compete with the US. Investment banking was scaled down but focused under Orcel’s leadership. Doing this required not just a reset of its business but its culture, which had underpinned and led to so many of its problems. It took — after some false starts — a decade and a lot of hard work at every level before the changes became effective and properly embedded.

It was not just banks which had to rethink themselves. So did the Swiss financial and political establishment. For the best part of a century, Switzerland’s financial USP was discretion, carefully protected by banking secrecy laws. Or, more bluntly, Swiss banks were where you hid your money, few questions asked. That ended as a result of US fury on discovering how UBS and others, including Credit Suisse (fined $2.6 billion in 2014) had helped US taxpayers evade tax. So the new USP became expertise: put your money in Switzerland not to hide it but because Swiss bankers know how to manage it well.

Credit Suisse’s current travails blow a hole in that. How is it that, despite all the regulatory changes, all the scrutiny, all the lessons learned (surely?), all the training, all the rules, Credit Suisse has got itself into such a mess that its acquisition by its rival is now even in contemplation? And if such a large, important bank can get into such a mess, what does it say about Swiss expertise and, indeed, Swiss regulatory effectiveness?

Blowing the whistle?

One clue may be in the reason for its announcement on 9 March of a delay to its 2022 annual report after a “late call from the US Securities and Exchange Commission” the previous day. Why was the SEC making comments about the “technical assessment of previously disclosed revisions to the consolidated cashflow statements” in 2019 and 2020 and — this is the kicker — “related controls” in March 2023 in a late night call? What or who triggered this? One possibility is that someone escalated this to the SEC because other attempts at escalation and remediation within Credit Suisse had not worked. If correct — if there was a whistleblowing to the SEC — that is very troubling because it suggests either that there were no effective routes for raising concerns within the bank. Or, worse still, that concerns raised were ignored or ineffectively handled. In short, the problem may not just be inadequate financial processes (“material weaknesses in our internal control over financial reporting” and a management failure to “design and maintain an effective risk assessment process” — oops!). It may also be that the bank’s processes — and culture — for identifying, escalating and handling concerns are inadequate too. If that is the case, what other problems are lurking? This will be bothering Credit Suisse, the Swiss regulator (which was very annoyed by whistleblowing failings in UBS in relation to the FX scandal), the Swiss central bank — and UBS — if it does decide to acquire all or part of its rival. What exactly would it be acquiring?

A Bargain or a Pig in a Poke?

What is in it for UBS? Taking out a competitor, its clients, funds under management and its better employees. Yes — all these. But is an acquisition necessary? Clients and staff will make their own decisions, regardless of what Boards decide. Funds are already flowing out of Credit Suisse, as happened to UBS when it was in trouble.

The risks for UBS are considerable. Bigger is not always better. Absorbing a well-run company is hard enough; absorbing one with difficulties something else entirely. There is every likelihood of plenty more nasties lurking under the carpet. The reputational difficulties will stick to UBS’s name, no matter how often the press releases refer to past Credit Suisse problems. The costs of investigating these — as well as the remediation work necessary to put matters right — will be enormous; not just financially but in management time, energy and enhanced regulatory scrutiny. What will the effect be on the share price? UBS shareholders had a lost decade as UBS cleaned itself up. Are they really willing to finance another clean up, another set of potentially unquantifiable liabilities? Will an acquisition be a distraction from UBS’s own plans and for its current senior management, largely new and brought in to build on what has been achieved by UBS not to clean up another bank’s mess?

Conflicts of interest

There have been plenty of red flags (Greensill, Archegos, Mozambique tuna bonds, GFG, for instance) that all has not been well within Credit Suisse. Some parts (the Compliance department) were well able to identify issues with some of the clients the bank was keen to do business with and warn against this. Despite that those concerns were ignored or, more likely, rationalised away. (Why, for instance, did anyone think it sensible to take on Archegos, an entity set up by someone — Bill Hwang — fined a few years earlier by the SEC for insider dealing?) This suggests an institution with no sound way of managing its risks and the conflicts of interest arising from the desire to do apparently profitable business set against the risks of taking on clients whose adherence to rules is more apparent than real. Changing that is not the work of a moment as Ulrich Koerner, Credit Suisse’s CEO (part of UBS’s senior management team 2009–2022) or its new General Counsel (formerly UBS’ General Counsel 2008–2022) will tell you.

It is not a problem confined to Credit Suisse of course. Questions have been raised about Goldman Sachs’ dual role in relation to Silicon Valley Bank. (It’s not for the first time that Goldmans has faced such questions in relation to M&A deals). Barclays has faced endless issues caused by the tensions between its investment bank and its retail bank, its latest problem arising from its appointment of Jes Staley and the judgment shown by its Board when questions about his relationship with Epstein were raised. (If only the Board and the FCA had taken more seriously Staley’s judgment and failure to understand why whistleblowing matters when concerns were raised in 2017–2018.)

Over the last few decades, the creation of ever larger financial institutions has led to multiple conflicts of interest between the interests of the institution, its clients, between different categories of clients and between different parts of the business. Internal Chinese Walls and oodles of rules sought to recreate what had previously been legal barriers in order to manage those conflicts. Self-regulation and — post the Guinness, Maxwell and Barings scandals — light-touch regulation were meant to do the rest. It did not work. Repeated scandals and harm to the ultimate customers of banks and taxpayers led to more intrusive regulation and ring-fencing — the 21st century’s equivalent of Glass-Steagall. Loopholes have been closed or tried to be anyway. Regulators have been playing Whack-A-Mole with financial institutions ever since. But conflicts of interest are at the heart of all financial scandals. As an official of the US’s Financial Crimes Enforcement Team said when the Vatican Bank did a deal with the US in 2013 “large amounts of money sometimes bring out the worst in people.”

What about governments?

It is not just large banks which have conflicts of interest. Governments have these too. Finance brings in lots of tax revenue. It can be — for a while anyway — a Golden Goose, ready to be plucked for politicians’ favourite projects: banks make money, bankers get paid extraordinarily large sums and consider themselves very clever and worth all this money rather than lucky, politicians get tax revenues and voters get all the goods those revenues pay for without having to pay for any of it themselves. Win-win. Until it all goes Splat! (For those of a more literary bent, the La Fontaine poem about the frog wanting to be a cow — La Grenouille et Le Boeuf — pithily sums up what went wrong.)

While it is all going well, though, politicians fall over themselves to attract such institutions to their country and take especial pride in having ever larger institutions.

• Think of Ireland and its International Finance Centre, which became the location of choice for various dubious German entities, which Ireland then decided to support at vast expense.
• Or Gordon Brown boasting about light-touch regulation for the City in 2004-5.
• Or Alex Salmond and his support for RBS’s ill-fated over-reaching pursuit of ABN AMRO.
• Or, more recently, the support by German politicians and the BaFin, the German regulator, of Wirecard, a German — but apparently cutting edge, global and profitable — fintech entity. A German champion to rival those arrogant Anglo-Saxons! Until it turned out to be so much hot air, fraud and money-laundering.

The desire to have a national financial champion can blind even the most sober of governments and regulators to the risks of letting such companies think themselves indispensable and/or grow too big, unwieldy and, effectively, hard to manage and regulate well.

Two risks

There are only two things which matter about financial institutions, whether large or small, whatever sector they are in: –

1. Do they understand the risks they are managing? This is not a side issue. It is their core work. Managing money — whether it is mortgages, shares, derivatives, loans to business, assets of the wealthy — is all about understanding and managing risk.
2. The only capital that matters is the trust that customers, staff, counterparties, regulators and others have in such an entity. The amount of capital, its liquidity and all the other measures are simply a way of putting figures on this. Once that trust has gone, a bank is finished.

There are serious doubts about Credit Suisse’s ability to understand and manage the risks it is running. What is not yet clear is whether the trust it needs to have the time to sort itself out is still there. Monday may provide an answer.

What Next?

Whatever that answer is and assuming there is no systemic fall-out, governments and regulators (and voters) need to ask themselves whether it is time to rethink whether such large global institutions, however well-capitalised or regulated, are a good idea. If you have institutions with built-in conflicts of interest, you will always have problems, even if systemic risk is avoided. Maybe smaller, more focused entities are best, ones which understand that finance is a service industry, part of an economy’s plumbing, there to serve others not help itself. Maybe global banks — much like other aspects of globalisation — are an idea which needs challenging and rethinking?