Supervisory Statement | SS5/16

Prudential Regulation Authority  -  20 Moorgate  London EC2R 6DA  -  Prudential Regulation Authority, registered office: 8 Lothbury, London EC2R 7HH.  - Registered in England and Wales No: 07854923

Supervisory Statement | SS5/16

Corporate governance: Board responsibilities - March 2016

© Prudential Regulation Authority 2016

Contents

Introduction 5 1

Setting strategy 6 2

Culture 6 3

Risk appetite, risk management and internal controls 6 4

Board composition 7 5

The respective roles of executive and non-executive directors 7 6

Knowledge and experience of non-executive directors 8 7

Board time and resources 8 8

Management information and transparency 9 9

Succession planning 9 10

Remuneration 9 11

Subsidiary boards 10 12

Board committees 10 13 Corporate governance: Board responsibilities March 2016 5

Introduction 1

1.1 The purpose of this supervisory statement is to identify, for the boards1 of firms regulated by the Prudential Regulation Authority (PRA), those aspects of governance to which the PRA attaches particular importance and to which the PRA may devote particular attention in the course of its supervision. It is not intended to provide a comprehensive guide for boards of what constitutes good or effective governance. There are more general guidelines for that purpose, for example the UK Corporate Governance Code, published by the Financial Reporting Council.2

1.2 As set out in the PRA approach documents,3 the PRA expects the boards and management of regulated firms to run the business prudently, consistent with the firm’s own safety and soundness and the continuing stability of the financial system. The desired outcome from a regulatory standpoint is an effective board, which is one that:

         establishes a sustainable business model and a clear strategy consistent with that model;

         articulates and oversees a clear and measurable statement of risk appetite against which major business options are actively assessed; and

         meets its regulatory obligations, is open with the regulators and sets a culture that supports prudent management.

1.3 Strong and effective governance is an intrinsic element of the Threshold Conditions in Schedule 6 to the Financial Services and Markets Act 2000 and particularly the suitability condition, which requires that an authorised person is fit and proper, having regard to, among other things, the need to ensure that the authorised person’s affairs are conducted soundly and prudently.4

1.4 To be effective a board needs to include individuals with a mix of skills and experience that are up to date and cover the major business areas in order to make informed decisions and provide effective oversight of the risks. This also requires robust and well-targeted management information.

1.5 The specific accountabilities of individual directors established by the Senior Managers, Certification and Senior Insurance Managers Regimes are additional and complementary to the collective responsibility shared by directors as members of the board.

1.6 Where the collective responsibilities of directors set out in this supervisory statement relate directly to individual responsibilities in the PRA’s rules and supervisory statements underpinning those regimes, the PRA’s expectations of firms and the requirements on individuals should be interpreted as being complementary. For instance, while the PRA recognises that culture is the collective responsibility of the board, it also requires the chairman to lead the development of the firm’s culture and standards by the board as a whole.

1.7 The statement applies generally to PRA-regulated firms, including, banks, insurers, designated investment firms, building societies, friendly societies and credit unions, though it

1 ‘Board’ refers to all of the executive and non-executive directors.

2 See also the Corporate Governance Principles for Banks, published by the Basel Committee on Banking Supervision, and the Guidelines on the System of Governance for Insurers, published by the European Insurance and Occupational Pensions Authority (EIOPA).

3 See www.bankofengland.co.uk/publications/Pages/other/pra/supervisoryapproach.aspx.

4 Financial Services and Markets Act 2000 (Threshold Conditions) Order 2013. 6 Corporate governance: Board responsibilities March 2016

 

is recognised that different governance models may apply depending on the nature and size of the firm and any wider group and that expectations of boards should also be proportionate. Good governance is important for all regulated firms, although the degree of supervisory attention paid to governance issues for particular firms may vary according to the risk profile of the firm and the potential impact of failure. Equally, judgements on the adequacy of governance arrangements may be influenced by the culture, management incentives and business goals of the firm and the extent to which the PRA judges that these may otherwise lead to outcomes inconsistent with the PRA’s statutory objectives.

1.8 The PRA’s expectations of boards will also be influenced by the recovery and resolution strategies for the firm or the group, taking account of the extent to which the PRA would need to be satisfied that the board of a significant PRA-regulated subsidiary is constituted and performs in a way that shows that they are capable of independent action.

Setting strategy 2

2.1 A key role for any board is to set the firm’s strategy, to ensure that the key goals in that strategy are within the agreed risk appetite and to oversee executive implementation of that strategy.

2.2 For all PRA-regulated firms the PRA will expect to see evidence that the board has established, and takes decisions consistent with a sustainable business model, ensures that the firm is managed to a clear and prudent strategy and risk appetite, and ensures that the firm meets its regulatory obligations.

2.3 The setting of the corporate strategy is core to the responsibilities of the board and it is important that the strategy is owned by the board as a whole. However, as recognised in the PRA rules for the Senior Managers and Senior Insurance Managers Regimes1, the chairman and chief executive have leading individual roles to play in the board’s development and maintenance of the firm’s business model. These roles include giving all the directors, but particularly the non-executive directors, the time and opportunity to contribute to the development of the strategy, and to provide appropriate challenge, before final sign off by the board.

1 See the PRA’s dedicated Strengthening Accountability webpages at www.bankofengland.co.uk/pra/Pages/supervision/strengtheningacc/default.aspx.

Culture 3

3.1 The board should articulate and maintain a culture of risk awareness and ethical behaviour for the entire organisation to follow in pursuit of its business goals. The PRA expects the culture to be embedded with the use of appropriate incentives, including but not limited to remuneration, to encourage, and where necessary require, the behaviours the board wishes to see, and for this to be actively overseen by the board. The non-executives have a key role to play in holding management to account for embedding and maintaining this culture.

Risk appetite, risk management and internal controls 4

4.1 The business strategy should be supported by a well-articulated and measurable statement of risk appetite (expressed in terms that can be readily understood by employees throughout the business), which is clearly owned by the board, integral to the strategy the board has signed off and actively used by them to monitor and control actual and prospective risks and to inform key business decisions. All the directors should have the time and

Corporate governance: Board responsibilities March 2016 7

 

opportunity to contribute to the development of the risk appetite, and to provide appropriate challenge, before final approval by the board. The PRA will expect to see evidence of this active oversight of risks according to the risk appetite. The risk control framework should flow from the board’s risk appetite.

4.2 The PRA will also expect to see evidence that the board and its relevant sub-committees exercise effective oversight of risk management and controls, supported with meaningful and well-targeted management information used to inform board discussions. It is the responsibility of the board to ensure that the effectiveness of the risk control framework is kept actively under review, that it remains aligned with the board’s risk appetite, and that the board has the management information it needs.

4.3 Where firms have dedicated risk and/or audit committees, the chairs of these committees will be deemed responsible for safeguarding the independence, and overseeing the performance of the firm’s executive risk and audit functions respectively, including the chief risk officer and head of internal audit. The board also needs to ensure that it has robust arrangements for oversight of other control functions, such as compliance.

Board composition 5

5.1 The principles of good governance should apply to all boards, including parent and subsidiary companies. A cornerstone of best practice is for the non-executives to be able to hold management to account effectively and to ensure that the executives are discharging their responsibilities properly. The board should include a sufficient number and quality of non-executives who are independent and who between them have sufficient breadth of understanding of the firm’s business to provide effective challenge to the executives.

5.2 In the case of listed firms, established best practice is that at least half of the board, excluding the chairman, is comprised of independent non-executives, but even smaller firms should ensure that they have at least two independent non-executives.

5.3 The PRA also expects firms to have a non-executive chairman, who is independent on appointment, in line with the Corporate Governance Code1. Where this is not the case, the firm should be able to explain how its governance arrangements will otherwise satisfy the need for independent oversight of the executives.

1 See Financial Reporting Council’s ‘UK Corporate Governance Code’; https://www.frc.org.uk/Our-Work/Codes-Standards/Corporate-governance/UK-Corporate-Governance-Code.aspx.

The respective roles of executive and non-executive directors 6

6.1 Unitary boards comprise a combination of executive and non-executive directors. Executive directors have specific management responsibilities for which they are accountable to the board. It is their responsibility to manage the firm’s business on behalf of the board and exercise judgement in the running of the business on a day-to-day basis. They should exercise that judgement within the strategy, risk appetite and other assessment and control frameworks set and overseen by their board. Non-executive directors’ responsibilities require them to both support and oversee executive management. As board members, they all share in the wider board duty to promote the success of the company and to ensure that the regulated firm for which they are responsible continues to meet the Threshold Conditions.

6.2 In discharging their responsibilities boards should act in a cooperative and collegiate manner whereby the non-executives support and encourage executive management and vice

8 Corporate governance: Board responsibilities March 2016

 

versa. But this should not inhibit the non-executive directors from challenging executive management and holding them to account effectively. The PRA expects the chairman to play a pivotal role in facilitating this culture.

6.3 Executive management manage the firm’s business on behalf of the board. Boards therefore delegate a wide range of duties and responsibilities to the chief executive or to executive management. The PRA expects boards to be precise over what they delegate to the executive management and the limitations and accountabilities associated with each of the matters that are delegated. In doing so the PRA expects boards to articulate clearly and unambiguously the matters reserved to the board and the manner in which executive management must report and escalate matters to them, including the exercise of judgement in escalating matters of particular significance even if within the delegated mandate.

6.4 Accordingly the board and particularly the non-executive directors on the board should hold management to account against the matters delegated and be able to challenge the executive effectively and promptly.

Knowledge and experience of non-executive directors 7

7.1 Between them the non-executive directors need to have sufficient current and relevant knowledge and experience, including sector experience, to understand the key activities and risks involved in the business model and to provide effective challenge across the major business lines of the firm. The PRA expects to see evidence of effective challenge, particularly in relation to key strategic decisions. It is the role of the chairman to ensure that all views are heard and that the executives are not able to control the board discussion. However, board responsibility is collective and an effective board is not simply a collection of specialists. So just as the board should not delegate responsibility for major decisions to particular directors, the non-executives should not simply delegate responsibility for challenging the executives on particular issues to individuals among them who are considered specialist in the area.

7.2 Even a broadly constituted and well-experienced board cannot necessarily be expected to have expertise in every aspect of a broad and complex financial business. The point is to have the diversity of experience and capacity to provide effective challenge across the full range of the firm’s business and the opportunity to explore key business issues rigorously. Sometimes that may require the board to understand and reach decisions on complex technical, legal, regulatory or other issues. It is the responsibility of the executives to explain such issues in clear and transparent terms that enable the board to exercise their collective judgement and, where necessary, non-executive directors should be able to call on appropriate professional advice, although the directors will always remain ultimately and collectively accountable for all the board’s decisions.

Board time and resources 8

8.1 Non-executive directors should ensure they have sufficient time to fulfil their duties and boards should set clear expectations when recruiting new non-executives. Meetings should be organised to provide adequate time to deal with each of the matters to be covered. Discussions may take place outside formal board meetings, but the board meetings should be genuine, open discussions and not stage-managed, and the chairman has a particular responsibility to ensure that this is the case.

8.2 The PRA expects non-executive directors to be given adequate support to enable them to carry out their duties. Such support should include appropriate and relevant induction and ongoing training and professional advice (as mentioned above) as well as other practical

Corporate governance: Board responsibilities March 2016 9

 

assistance including office accommodation and staff support. The Corporate Governance Code1 expects, and the PRA’s rules on the Senior Managers and Senior Insurance Managers Regimes2 require the chairman to lead the development and monitoring of effective policies and procedures for the induction, training and ongoing professional development of board members, in particular non-executives.

1 See Financial Reporting Council’s ‘UK Corporate Governance Code’; https://www.frc.org.uk/Our-Work/Codes-Standards/Corporate-governance/UK-Corporate-Governance-Code.aspx.

2 See the PRA’s dedicated Strengthening Accountability webpages at www.bankofengland.co.uk/pra/Pages/supervision/strengtheningacc/default.aspx.

Management information and transparency 9

9.1 The PRA considers the provision to the board by executive management of timely, accurate, complete and relevant management information, including the aggregation of exposures across businesses, to be a fundamental component in supporting the board to fulfil its duties and responsibilities. The nature, specific content and frequency of the management information provided to the board and its committees should be actively managed by the chairman and non-executives, taking into account their particular needs. The chairman and non-executives should also actively guard against the risk that they are provided with such extensive and unwieldy amounts of data which render it unworkable in a practical sense.

9.2 The PRA expects management to be open and transparent with the board to ensure the board is adequately apprised of all significant matters about which the board should be made aware. Management should not simply confine such information to matters formally reserved for the board or falling outside the board’s stated risk appetite, but should raise issues where, for example, the size, nature or impact suggest that disclosure or escalation is appropriate. Non-executives should have unrestricted access to a firm’s employees and information as needed to enable them to carry out their duties.

9.3 As noted above, the board is responsible for the oversight of, but not for managing the business, which is the responsibility of the executives. But the PRA expects executive management to exercise judgement and actively to apprise their boards of key business developments, decisions and activities at an appropriate but early stage. Executives have a responsibility to ensure that their boards are able to exercise their role and are provided with the necessary information and support.

Succession planning 10

10.1 The PRA expects boards to pay close attention to the skills, experience and effectiveness of its members. Boards should ensure they have robust succession plans that recognise current and future business needs and requirements.

10.2 Boards should maintain succession plans that address the unexpected loss of key individuals, particularly those roles covered by the Senior Managers or Senior Insurance Managers Regimes including arrangements covering immediate and short term situations as well as longer term replacements.

Remuneration 11

11.1 The PRA expects boards to oversee the design and operation of the firm’s remuneration system ensuring the incentives are aligned with prudent risk taking.

10 Corporate governance: Board responsibilities March 2016

Subsidiary boards 12

12.1 The PRA recognises the fiduciary duties of directors of subsidiaries, including the duty of company directors to promote the success of the company for the benefit of its shareholders. However, subsidiary boards must be capable of acting in the best interests and safeguarding the safety and soundness of the firm for which they are responsible.

12.2 In general, therefore, the principles of good governance also apply to significant PRA-regulated subsidiaries, including independence of the chairman and having a substantial and effective independent presence across the board. This will help ensure that the subsidiary board is alert to the potential for conflicts of interest and able to take decisions independently where required to meet its own legal and governance responsibilities or in the interests of the safety and soundness of the subsidiary.

12.3 Additional restrictions on cross directorships with other group entities will apply to the boards of ring-fenced banks. Meeting the ring-fencing objectives may also be a factor to consider in relation to the wider governance arrangements within the group, including the nature and extent of cross-directorships between the ultimate holding company and other group entities.

12.4 The extent to which the PRA believes the boards of significant regulated subsidiaries need to be independent will be influenced by a number of factors, including the size, scope and nature of the subsidiary’s business, its business model and the degree of strategic and operational dependence between the subsidiary and the wider group. Other possible factors include the subsidiary’s recovery and resolution plans, and the need for the board of an insurer to have regard to the effect of its business decisions on those who are, or may become, policyholders. The objective is to ensure that the governance of the subsidiary is effective and that its board is capable of taking decisions in the interests of the safety and soundness of that firm.

12.5 The PRA also considers it generally undesirable for some key positions on the board of such a subsidiary, such as chairman, chair of the key board sub-committees, chief executive or finance director, to be occupied by executive members of the group or parent board. This does not prevent group executive and non-executive board members from sitting on the subsidiary board as non-executive directors, so long as the overall independent balance of the board is satisfactory. Nor does it preclude independent group non-executive directors from chairing the board of the subsidiary or its sub-committees.

Board committees 13

13.1 The role of a board sub-committee is to support the board. The committees are accountable to the board, but should not relieve the board of any of its responsibilities.