On 23 December 2013, the “Corporate Governance Code for Credit Institutions and Insurance Undertakings 2013” (the “Code”) was published by the Central Bank of Ireland (the "Bank"). The Code revises the Corporate Governance Code for Credit Institutions and Insurance Undertakings 2010 (the "2010 Code") but will not come into effect for firms until 1 January 2015. In the meantime, the 2010 Code continues to apply. The Code continues to apply to reinsurance undertakings and excludes captives.
The revised Code follows a review by the Bank of submissions to Consultation Paper 69 ("CP69") last year. As with the 2010 Code, it aims to provide guidance to enable firms to ensure that robust arrangements are in place for direction, control and management of the institution and to ensure that appropriate oversight is achieved by the board of directors and senior management.
The Code contains a number of important changes which include the following:
Section 8: Chairman
The 2010 Code prohibits the Chairman of a credit institution or insurance undertaking from holding a position of Chairman or Chief Executive Officer ("CEO") for another institution at the same time.
Due to practical issues arising out of this requirement, the Bank has revised the prohibition to provide that the Chairman of a subsidiary of groups designated as Medium-High, Medium-Low or Low Impact institutions can hold more than one Chairman position. The additional institution must be in the same group and the Chairman's ability to fully discharge his or her duties must not be compromised by his or her holding more than one Chairman position. Prior approval must also be obtained from the Central Bank if an individual wishes to hold more than one Chairman position.
Firms should note that the prohibition remains in place for the Chairman of a High Impact firm.
Section 9: CEO
The 2010 Code prevents a firm's CEO from holding another CEO position in a credit institution or insurance undertaking at the same time. Taking into account feedback from Central Bank supervisors and experience of firms in practice, the Bank has removed this absolute prohibition for Medium-Low and Low Impact firms where the nature, scale and complexity of a firm does not justify a full-time CEO.
Such CEOs may be able to hold up to 2 additional CEO roles in other Medium-Low or Low Impact credit institutions or insurance undertakings. Prior approval of the Central Bank will be required and the individual concerned must be able to show that they have sufficient time to fulfil their role.
Section 12: Chief Risk Officer ("CRO")
A firm must now appoint a CRO and the Code sets out details of this role and the responsibilities that apply. The CRO must be a member of senior management and will be specifically responsible for managing the firm's risk management function. This includes responsibility for maintaining and monitoring the effectiveness of the institution's risk management system.
In relation to this requirement, firms will welcome the fact that the Central Bank acknowledges that a full-time CRO may not be required in firms not designated as High Impact. As such, whether a full-time CRO is required for such firms will depend on the nature, scale and complexity of a firm's operations. The CRO role may be shared with the role of Chief Actuary. The firm must notify the Central Bank if the role of CRO is going to be shared in this manner.
Section 13: Board Responsibilities
The Central Bank has clarified its expectations as to board responsibilities and invites comments on its proposed insertions.
Insertions include responsibility for "an adequate and effective internal control framework, that includes well-functioning risk control, compliance and internal audit functions as well as an appropriate financial reporting and accounting framework". This insertion is significant given the fact that the Bank noted the inadequacy of internal controls in firms in a number of settlement agreements it entered into in the last three years in relation to different regulatory matters. Another significant insertion in this regard is the proposed requirement for "a robust and transparent organisational structure with effective communication and reporting channels".
Section 14.9: Board Diversity
CP69 raised the issues of board diversity, and particularly gender diversity, and invited commentary from interested parties. The revised Code requires a firm's board, or if one exists the nomination committee, to establish a written diversity policy in relation to the selection of persons for nomination to become members of the board.
The issue of board diversity principally concerns the effort to prevent a situation of "group-think", whereby diversity (in age, gender, nationality, professional and educational background, skillsets and experience and others) is seen to lead to and ensure that issues and proposals presented to the board are approached from a number of different perspectives.
Firms will have to bear in mind that it is important that each member of the board also has the necessary skills and expertise required to justify their position on the board. The revised Code requires High Impact firms to have a formal skills matrix in place to ensure that the board has an appropriate skills mix. This matrix should be taken into consideration in any appointment process.
Section 16: Board Meetings
Under the 2010 Code, Non-High Impact firms are required to hold a minimum of one board meeting per quarter. The Bank acknowledges that due to the nature of the business of some firms, business activity may be greater in certain parts of a year and so it has amended this requirement to one board meeting per half year with discretion being given to each firm as to when to hold the other two required board meetings. This will enable firms to choose the timing of its board meetings to cater to levels of business activity.
The 2010 Code requires High Impact firms to hold a minimum of 11 board meetings per calendar year. Having considered the practicalities and other issues arising from this requirement the Bank has reduced this requirement to 6. A minimum of 3 meetings must be held in each six month period. The Central Bank has reserved the power to require a firm to increase the frequency of its board meetings.
Section 19: Committees of the Board
The new Code requires cross-committee membership in firms:
- in all firms at least one member of the audit committee must be a member of the risk committee and vice versa. This is important as the risk committee must draw on the work of the audit committee when determining whether the firm has the capacity to manage and control risks within the agreed risk strategy. In High Impact firms, the Chairman of these committees cannot be the same person at the same time. This is to prevent a situation where one individual has undue influence on the outcome of committee decisions;
- in High Impact firms the Chairman of the remuneration committee must be a member of the risk committee and vice versa;
- in all firms the audit and risk committees must have a minimum of three members. Where a firm has a small board of 5 members, the full board (including the Chairman and the CEO), can sit as the audit and/or risk committee. Given that this is permitted only for firms with boards of 5 members, it is envisaged that this permission would only apply to lower impact firms.
- a firm's risk committee and audit committee each will be required to have a minimum of three members.
Cross-committee membership is viewed as a good way to ensure that the knowledge and appreciation of board members in relation to risk considerations across the firm is broadened. Such cross membership could also lead to more effective discussion of issues and proposals at board meetings.
Section 23: Risk Committee
The risk committee has responsibility for providing oversight of the firm's risk management function and advice to the board in relation to same, including on the firm's risk appetite and future risk strategy.
Then 2010 Code requires that there be an appropriate representation of non-executive and executive directors on the committee having regard to the nature, scale and complexity of the firm's business. The Bank has amended this to require firms to ensure that the risk committee is comprised of a majority of non-executive directors and that the Chairman is also a non-executive director.
Section 26: Annual Compliance Statement
The 2010 Code requires that this Statement be submitted at the end of the calendar year. However, the Bank acknowledges that in some firms the financial reporting period may differ from the calendar year and so this requirement can create problems for firms in terms of an increased administrative burden. Under the revised Code firms will be permitted to change the submission date to coincide with their financial year.
Other amendments to the 2010 Code include:
Click here for a copy of the “Corporate Governance Code for Credit Institutions and Insurance Undertakings 2013”.
- Clarification that governance arrangements in the firm must promote an appropriate risk and compliance culture at all levels of the firm;
- Clarification that where a director is unable to attend all board meetings in person due to his or her location, such director can attend via videoconferencing or teleconferencing;
- Directorships held in the public interest on a voluntary and pro bono basis must be notified to the Central Bank even though such directorships are not included for the purpose of calculating the number of directorships held for the purposes of the limits set under the Code;
- Changing the requirement to formally review membership of any member of the board where they have served on the board for 9 years or more to a requirement to formally review the independent non-executive members of the board after such period;
- A requirement that the board will identify and ensure that risks are regularly reviewed and tested and are addressed by contingency plans by the firm.