Uni of Law & ICA MSc Law GRC - Final Dissertation Thomas Wan Dec 2018

ICA MSc Law GRC Final Dissertation
Page 1 of 45
Final Dissertation
Submission Frontsheet
Title: Senior management’s accountability for organisational conduct and
culture in the financial services industry – A look at the case of implementing
the accountability and conduct regime in Singapore, and the efficacy of legal
and regulatory mechanisms to impute such responsibility and accountability
Candidate Number: C1004508
Course / Dissertation:
(Please delete as applicable)
ICA MSc Law, Governance, Risk and Compliance Professional Practice
Dissertation (PPD)
(Non-Law Route - 40 credits / 7,500 words)
Submission Date: 16 Dec 2018
Word Count: 7,488 words (Pages 6 to 36)
Ethical Research:
(Please delete as applicable)
I confirm that I have not conducted research involving human participants

Page 2 of 45
This dissertation achieves the following outcomes within the pages stated:
• Demonstrate a comprehensive understanding and critical awareness of current
issues or developments at the forefront of the chosen area of legal / regulatory
compliance practice: Chapter 3, 4 and 5, pages (10 to 32)
• Identify the complex legal / regulatory issues involved in the chosen area of legal /
regulatory compliance practice including the relevant commercial and tactical
factors: Chapter 4, 5 and 6, pages (23 to 36)
• Critically evaluate current research, commentary and legal / compliance
practitioner analysis of the various elements forming the subject-matter of the
dissertation: Chapter 4 and 5, pages (23 to 32)
• Reflect critically upon legal / regulatory principles and practical context in the
chosen area of legal / compliance practice: Chapter 4, 5 and 6, pages (23 to
36)
• Display originality in application of knowledge, based upon research and enquiry
undertaken: Chapter 5 and 6, pages (30 to 36)
• Demonstrate the ability to conduct and evaluate legal / regulatory compliance
research in primary or practitioner sources: Chapter 5 and 6, pages (30 to 36)
• Demonstrate the ability to produce work that communicates in a clear and concise
manner and with appropriate professional style: Chapter 3, 4, 5 and 6, pages
(10 to 36)
• Demonstrate the ability to self-manage a research-type project from design to
delivery: Chapter 3, 4, 5 and 6, pages (10 to 36)
Declaration: I declare that the work in this dissertation was carried out in accordance
with the Regulations of The University of Law. The work is original except where
indicated by acknowledgement or special reference in the text, and no part of this
dissertation has been presented to any other university or body for examination either
in the United Kingdom or overseas.
Confirmation of candidate number: C1004508

Page 3 of 45
Table of Contents
List of Tables............................................................................................................ 5
List of Figures .......................................................................................................... 5
Abstract..................................................................................................................... 6
Acknowledgements.................................................................................................. 7
Chapter 1 - Introduction........................................................................................... 8
1.1 Background ........................................................................................................ 8
1.2 Research Aims and Objectives......................................................................... 9
Chapter 2 - Research Methods Used...................................................................... 9
Chapter 3 - Literature review................................................................................. 10
3.1 Misconduct in Financial Services Industry and Regulatory Shift................ 10
3.1.1 UK - Changing Banking for Good ................................................................ 10
3.1.2 Need for a Paradigm Shift to Focus on Conduct and Risk Culture .......... 12
3.1.3 FSB Toolkit .................................................................................................... 14
3.2 The Multi-Facets of Conduct and Risk Culture - Contextual and Individual
Factors that Influence Behaviour.......................................................................... 16
3.3 Legal and Regulatory Framework and Mechanisms for Enabling the
Implementation of the IAC in Singapore .............................................................. 18
3.3.1 The Hard Laws - Singapore .......................................................................... 18
3.3.1 The Soft Laws - Singapore ........................................................................... 21
3.4 Challenges Faced by the FSI – Singapore ..................................................... 22
Chapter 4 - Review of Findings............................................................................. 23
4.1 Comparison of ACRs – Key Differences Between the MAS IAC and Others
................................................................................................................................. 23
4.2 Challenges Faced by the FSI - Globally ......................................................... 24

Page 4 of 45
4.3 Learning from Leading Countries and Jurisdictions - UK FCA - Conduct
Rules ....................................................................................................................... 25
4.4 Learning from Leading Countries and Jurisdictions - UK FCA - Measuring
Risk Culture............................................................................................................ 27
Chapter 5 – Key Findings and Discussion........................................................... 29
5.1 Lack of Soft Laws and Directions................................................................... 29
5.2 Lack of Models and Metrics for Conduct and Behaviour ............................. 30
5.3 Achieving the Final Regulatory Outcomes – Barriers and Limitations ....... 31
Chapter 6 - Conclusions........................................................................................ 33
6.1 The Efficacy of Legal and Regulatory Mechanisms to Impute Responsibility
and Accountability under the MAS IAC................................................................ 33
6.2 Weakness and Potential Problems with the Current Approach................... 33
6.3 Recommendation for a More Palatable Approach and Model...................... 35
6.4 Future Research............................................................................................... 35
Appendix 1 – Table of Comparison of ACRs ....................................................... 36
Appendix 2 – Comparison of Who is Affected Under the ACRs ........................ 37
Appendix 3 – Comparison of Assessment, Approval and Certification Under
the ACRs................................................................................................................. 39
Appendix 4 – Comparison of Personal Liabilities Under the ACRs................... 40
Table of Legislation................................................................................................ 41

Page 5 of 45
List of Tables
Table 1 ACRs introduced by leading regulators ......................................................... 8
Table 2- Excerpt of Speech by Chairman PCBS, Andrew Tyrie............................... 11
Table 3 - CCPRF Key findings ................................................................................. 14
Table 4 - FSB 2015 Workplan to Mitigate Conduct Risk .......................................... 15
Table 5 - FSB Toolkit 19 tools.................................................................................. 16
Table 6 - MAS 5 Outcomes on Accountability and Conduct..................................... 22
List of Figures
Figure 1 - Penalties paid by global banks since GFC............................................... 12
Figure 2 - Two prong approach to contextual factors driving culture in the FSI and FI
................................................................................................................................. 17
Figure 3 - BNM Expected standards for conduct and culture in FIs ......................... 17
Figure 4 - Summary of contextual factors - industry, the firm and individuals .......... 18
Figure 5 - Challenges in measurement – Broad indicators used (Source: Thomson
Reuters Survey 2018) .............................................................................................. 24
Figure 6 - Status of Implementation - Key Areas (Source: Thomson Reuters Survey
2018)........................................................................................................................ 25
Figure 7 - IRM Risk Culture Aspects Model ............................................................. 28
Figure 8 - IRM Risk Culture Aspects Model Implementation Pathways.................... 28
Figure 9 - IRM Enterprise Risk Maturity Evaluation Model....................................... 29
Figure 10 - Gap in Soft Laws.................................................................................... 30
Figure 11 - Nature and evolution of regulations - David Jackman & ICA.................. 32

Page 6 of 45
Abstract
In the aftermath of the global financial crisis (GFC) in 2007/08, the G20 governments
and regulators revamped the international regulatory architecture and introduced a
slew of new laws and regulations to fix and improve the global financial system.
Laws and regulation (“hard laws”) are the leading but certainly not the only mechanism
in the regulating and supervising the financial services industry (FSI). Indeed, a
simplistic over-reliance on hard laws for the financial regulatory system is inadequate
in protecting the consumer’s rights, interests and needs especially when the rule of
law is weak, lacking, ambiguous, or that supervision and enforcement are weak.
Subsequently, in the wake of continuing big fines on financial institutions (FIs) and
recurring incidents of egregious risk-taking and blatant misconduct in the FSI that have
continued to undermine public trust and confidence in FIs, governments and regulators
have come to realise that there is only so much that hard laws can do, and have
identified poor culture and behaviour as the key root causes of failures and scandals1.
Other regulatory mechanisms would include ethical value systems, culture, code of
conduct, conventions and norms, as well as networks in the various facets of human
endeavours, etc (collectively “soft law” here). Together with “hard law”, they provide a
nuanced way to better protect consumers, enhance rights, interests, and norms, etc.
To overcome these issues, the Financial Stability Board (FSB) has on the 20 April
2018 published its work on Strengthening Governance Frameworks to Mitigate
Misconduct (Toolkit) 2 and many leading regulators have since introduced (or
proposed) accountability and conduct regimes (ACRs) globally. Closely following this,
the Monetary Authority of Singapore (MAS) has quickly announced on 26 April 2018,
the proposed new Guidelines on Individual Accountability and Conduct (IAC)1.

Page 7 of 45
This research examines the efficacy of the local Singapore legal and regulatory
mechanisms (both hard and soft laws) that are in place to enable the imputation of
responsibility and accountability under the IAC in the context for the FSI in Singapore.
It also hope to learn from international standards setting authorities and leading
regulators (early adopters) that have implemented similar ACRs, so as to gain better
insights to some of the practical challenges faced by regulators and industry, and to
finally propose a palatable approach to such legal and regulatory mechanisms for
Singapore who is currently in the initial stages of the implementation of a national ACR.
Acknowledgements
I would like to express my sincere gratitude and appreciation to: My supervisor, Mr.
Richard Haggett, for his kind care and guidance, and the staff at the University of Law
(UoL), Mr Bill Howarth (CEO), Mr Andrew Glover (MD), and my colleagues at the
International Compliance Association (ICA), my family and loved ones for their kind
assistance and morale support given, as without them, I would not be able to have
done this.

Page 8 of 45
Chapter 1 - Introduction
1.1 Background
Following a global paradigm shift towards a conduct, corporate social responsibility
(CSR) and sustainability-focused financial regulatory landscape, in which the
behaviour and conduct of FIs and individuals, and their interaction with customers and
other stakeholders, has assumed greater importance, with many regulators
introducing ACRs (or proposing to) (Table 1), the MAS on 26 April 2018 announced
the proposed new IAC guidelines. This marks an initial step towards a national ACR,
with a focus on risk and control responsibility mapping to increase the accountability
of senior members of a FI, and therefore promote a sounder culture amongst the FSI
firms and individuals in Singapore.
• UK FCA’s Senior Management and Conduct Rules Regime (SM&CR– implemented wef
Mar 2016
• Hong Kong SFC’s Managers in Charge Regime (MIC– implemented wef 17 Oct 2017
• Australia APRA’s Banking Executive Accountability Regime (BEAR)– 7 February 2018, the
Australian Senate passed the Treasury Laws Amendment (Banking Executive
Accountability and Related Measures) Bill 2018 Full implementation by 1 July 2018 for
large Authorised Deposit-taking Institutions (ADIs). Smaller and medium sized ADIs will
have another year to comply, commencing on 1 July 2019.
• Malaysia BNM’s Discussion Paper on Responsibility Mapping (RM) – consultation ended
20 April 2018
• Singapore MAS Guidelines on Individual Accountability and Conduct (IAC)– consultation
ended 25 May 2018
• US Dodd Frank Act and DOJ’s memo – Sep 2015 on Individual Accountability for
Corporate Wrongdoing
Table 1 ACRs introduced by leading regulators

Page 9 of 45
1.2 Research Aims and Objectives
With an understanding for the basis of the research, the aims and objectives of the
study are as follows:
Aims
• To assess and validate the current legal and regulatory framework and
mechanisms (hard and soft laws) in Singapore to see if they are sufficient to
facilitate the effective implementation of the IAC.
• To study and examine the legal and regulatory framework and mechanisms for
ACRs in other leading countries and jurisdictions and identify some of the key
challenges and issues faced by the regulators and industry.
In addition to the above, importantly, it is hoped that the research can help to achieve
the following:
Objectives
• To study and examine the existing local legal and regulatory framework and
mechanisms to see if their efficacy to impute responsibility and accountability are
for the implementation of the MAS IAC in Singapore
• To propose further enhancements to the existing approach to the MAS IAC to
better achieve good desirable organisational conduct and risk culture outcomes in
the FSI in Singapore.
Chapter 2 - Research Methods Used
The research methodology used is predominantly integrative literature review, plus a
short survey conducted amongst a selected group of senior compliance and risk
managers, as this report aims to establish the critiques, and synthesises by using
secondary literature and data about the research topic area in an integrated way, so
that comparisons can be made, gaps are identified, and that perspectives on new legal
and regulatory mechanisms on the topic can be generated.

Page 10 of 45
Chapter 3 - Literature review
This section presents a literature review relevant for this dissertation topic, and is split
into the following key sections:
• Defining misconduct and its causes in the FSI and understanding why there has
been a shift in focus by regulators on organisational conduct and culture.
• Analysing what the FSB and national governments and regulators are trying to
achieve with ACRs and the approach undertaken to address conduct and risk
culture issues and examining the contextual and individual factors that influence
behaviour in FIs and individuals.
• Analysis and examination of the current legal and regulatory framework and
mechanisms for enabling the implementation of ACRs in Singapore and
comparative learning from other leading countries and jurisdictions.
• Discussion: The key points and implications from above sections are discussed,
leading to the MSc research rationale, key aims, objectives, findings and
conclusion.
3.1 Misconduct in Financial Services Industry and Regulatory
Shift
3.1.1 UK - Changing Banking for Good
The UK Parliamentary Commission on Banking Standards (PCBS) was established in
July 2012, in the wake of the GFC and LIBOR scandal, to conduct an inquiry into
professional standards and culture in the UK banking sector and to make
recommendations for legislative and other action. On 19 June 2013, the PCBS
published its Final Report – ‘Changing Banking for Good3. It outlines the radical reform
required to improve standards across the banking industry.
Commenting on the publication of the Final Report, the Chairman of the PCBS, Andrew Tyrie MP,
highlighted:

Page 11 of 45
• Recent scandals, not least the fixing of the LIBOR rate that prompted Parliament to establish this
Commission, have exposed shocking and widespread malpractice.
• Taxpayers and customers have lost out. The economy has suffered. The reputation of the
financial sector has been gravely damaged. Trust in banking has fallen to a new low.
• Prudential and conduct failings have many shared causes but there is no single solution that can
restore trust in the industry. The Report contains a package of recommendations that, together,
change banking for good.
• A lack of personal responsibility has been commonplace throughout the industry. Senior figures
have continued to shelter behind an accountability firewall.
• Risks and rewards in banking have been out of kilter. Given the misalignment of incentives, it
should be no surprise that deep lapses in banking standards have been commonplace.
• The health and reputation of the banking industry itself is at stake. Many junior staff who may
have done nothing wrong have been impugned by the actions of their seniors. This has to end.
• Rewards for success should be better focussed on generating long-term benefits for banks and
their customers. Where the standards of individuals, especially those in senior roles, have fallen
short, clear lines of accountability and enforceable sanctions are needed. They have both been
lacking.
• It is not just bankers that need to change. The actions of regulators and Governments have
contributed to the decline in standards.
• Governments need to get on with the job of implementing these reforms. Regulators and
supervisors need rigorously to enforce them. We need better regulation: this may mean less, not
more. And we need a better functioning and more competitive banking industry.
• High standards will strengthen Britain as a global financial centre. International co-ordination,
while desirable, should not be allowed to delay reform. We must get on and do what is right for
the UK.
Table 2- Excerpt of Speech by Chairman PCBS, Andrew Tyrie
However, nearly ten years after the GFC, instances of misconduct (i.e., professional
misconduct, ethical lapses, and compliance failures, etc) continue to be with troubling
frequency, many of which have resulted in widespread financial impacts to customers
and the markets, and significant monetary and reputational costs to FIs (Figure 1).
Coverage includes activities across the FSI, striking an uncomfortable contrast with
the intensity of the efforts the regulators have focused on reforming and remediating
the weaknesses that were brought to light.

Page 12 of 45
Overall, this environment has further strained the public’s failing trust in the integrity of
the FSI, including the people it employs and the markets that it supports. The critical
question by governments and regulators is what must happen, or what must the public
see, to trust that the industry is working to meet a threshold of fiduciary care for their
customers and the markets.
Figure 1 - Penalties paid by global banks since GFC4
3.1.2 Need for a Paradigm Shift to Focus on Conduct and Risk
Culture
The academic literature here on culture is robust and copious. While there is no one
accepted definition of culture adopted by the FSI, most descriptions tend to boil it down
to the set of behavioural norms, often unspoken, that drive concrete actions,
consciously or not. In driving actions among employees, culture consequently drives
outcomes for firms, management, and stakeholders.
Reflecting this, the Group of Thirty (G30), an international body of leading financiers
and academics, defines culture as, “The mechanism that delivers the values and
behaviours that shape conduct and contribute to creating trust in banks and a positive

Page 13 of 45
reputation for banks among key stakeholders, both internal and external.” William
Dudley, President of the Federal Reserve Bank of New York (NY Fed), describes
culture as the “The implicit norms that guide behaviour in the absence of regulations
or compliance rules – and sometimes despite those explicit restraints”5 . Clive
Adamson, former director of supervision at the UK Financial Conduct Authority (FCA),
explains that “Culture is like DNA. It shapes judgment, ethics and behaviours displayed
at those key moments, big or small, that matter to the performance and reputation of
firms and the service that it provides to customers and clients”6.
The UK Salz Review7, an independent study of Barclay’s business practices after the
LIBOR rigging scandal, found that the various subcultures present at the bank had
greater influence on the actions of its employees than did the group’s overall culture.
One critical distinction to note in the report involves “risk culture”. In the US Office of
the Comptroller (OCC) Handbook8, risk culture is best seen as a subset of corporate
culture: “Risk culture is the shared values, attitudes, competencies, and behaviours
throughout the bank that shape and influence governance practices and risk decisions.
As a subset of corporate culture, risk culture pertains to the bank’s risk approach and
is critical to a sound risk governance framework”.
The literature on the economics of conduct risk and culture, however, is little,
particularly for the FSI. Nevertheless, the identification of key issues in conduct,
culture and governance marks an important step toward achieving success. The CCP
Research Foundation (CCPRF) now analyses these trends and figures to further
identify whether any of the banks under review are improving their performance, and
compares performance in this area across different countries, markets and types of
bank, etc. Some interesting but worrying key findings9 of the CCPRF are:
• Firms need to get out from regulatory remediation. The volume of regulatory remedial orders
(e.g., Consent Order, Matters Requiring Attention (MRAs), Matters Requiring Immediate.
Attention (MRIAs) and Deferred Prosecution Agreements (DPAs), etc) remains high, and are
creating significant frustration among the regulatory and political spheres, especially when closed

Page 14 of 45
issues return as future findings. Dealing with outstanding issues is also sapping management
time and attention.
• Business activities and dividends have been being curtailed. Regulatory remedial orders have
included provisions that curtail commercial activities – or even acquisitions – until remedial action
is satisfactorily complete.
• Personal criminal sanctions and liabilities are becoming more material. Beyond the debate on
“too big to jail,” there is a growing set of activities -, i.e., – through new laws (e.g., in the UK,
under the Senior Management and Conduct Rules Regime (SM&CR)), tougher prosecution, and
the adoption of broader sets of attestation approaches, are elevating personal accountability and
the potential for senior management prosecutions.
• Continued control failures have flamed the debate on breaking up big banks. Some legislators
and regulators continue to point out that, if banks cannot show they are under control, a plausible
policy option is actively reducing the size of banks.
• Customer perception is being badly affected. Continued fines and settlements have degraded
customer trust in traditional banking, at a time when FinTech companies are aggressively moving
into banking. These new firms often have strong and customer-centric brands.
Table 3 - CCPRF Key findings
Nevertheless, as the pace of fines shows no sign of abating, regulators now view these
aggregate fines as a systemic risk, and hence, a paradigm shift to focus on conduct
and culture risks.
3.1.3 FSB Toolkit
The FSB Toolkit provides a set of guidelines for national frameworks that governments
and regulators can use to tackle the causes and consequences of misconduct, and to
promote incentives for good behaviour and culture in the global FSI. The Toolkit forms
part of the FSB’s workplan (Table 3) to mitigate misconduct risk and builds on existing
guidance till date.

Page 15 of 45
• Standards and codes of behaviour, such as the FX Global Code10, and reforms to benchmark-
setting practices;
• The toolkit of measures to address Misconduct in Wholesale Markets11 developed by the
International Organization of Securities Commissions (IOSCO); and
• FSB’s Guidance on Sound Compensation Practices12
Table 4 - FSB 2015 Workplan to Mitigate Conduct Risk
The Toolkit focused on what the FSB considers to be the key areas of misconduct risk
and sets out 19 tools (Table 4) for use by regulators and firms to strengthen
governance frameworks to reduce misconduct risk. The Toolkits reflect a growing
consensus that more aggressive measures need to be taken to prevent, or at least
reduce, misconduct by FIs pre-emptively, rather than punishing misconduct “after the
event”.
Mitigating cultural drivers of misconduct
1) Articulating the desired cultural aspects that mitigate misconduct risk
2) Identifying the cultural drivers of misconduct through review of a broad set of information with
multidisciplinary analysis
3) Shifting behavioural norms to mitigate these cultural drivers
4) Building a supervisory program focused on culture
5) Using a risk-based approach to prioritize reviews of firms or groups of firms that display significant
cultural drivers of misconduct
6) Using a range of quantitative and qualitative information and techniques to assess cultural drivers
7) Engaging in dialogue with leadership on related supervisory observations
Strengthening individual responsibility and accountability
8) Identifying and assigning key responsibilities to specific individuals
9) Holding individuals accountable through internal processes and supervisory actions
10) Assessing the suitability, including integrity and professional competency, of individuals assigned
to key responsibilities
11) Developing and monitoring a firm’s implementation of its responsibility and accountability
framework
12) Coordinating with other authorities to understand their supervisory approaches to accountability
Addressing the "rolling bad apples" phenomenon

Page 16 of 45
13) Communicating conduct expectations early and consistently in the recruitment and hiring
processes
14) Enhancing interview techniques to consider a candidate's behavioural competency, conduct
history, and potential adherence to firm values
15) Leveraging multiple sources of available information before hiring
16) Reassessing employee conduct regularly
17) Conducting "exit reviews" and maintaining appropriate records on former employees
18) Supervising firms’ screening practices for prospective employees and monitoring practices for
current employees
19) Promoting compliance with legal or regulatory requirements regarding conduct-related
information about applicable employees
Table 5 - FSB Toolkit 19 Tools
3.2 The Multi-Facets of Conduct and Risk Culture - Contextual
and Individual Factors that Influence Behaviour
William Dudley, President of the NY Fed, made clear that improvement in the
industry’s culture was an imperative and wanted to see a cultural mindset of “what
should I do, and not what can I do” - in other words, a shift from meeting the letter of
the rules and the law to what was appropriate13. This question suggests putting the
onus on the industry to demonstrate that conduct risk and culture can be effectively
controlled across complex groups, which demands an understanding of the wider
causes of failures.
It is easy to see, however, why behaviour and culture has not been a big part of
financial regulation. Variables like capital ratios and compensation are tangible and
visible, so it is easy to target them in the formulation of regulations. Culture, by
contrast, is a nebulous and confusing concept that often means different things to
different people.
According to Stephanie Tan Y.L and Katie Lee S.T, Bank Negara Malaysia (BNM)14
advocates a two-pronged approach to look at contextual factors that make up the
prevailing culture within a firm in which an individual operates, and a balance of

Page 17 of 45
measures should be employed to shape cultural outcomes both across the FSI and
within each FI (Figure 2).
Figure 2 - Two prong approach to contextual factors driving culture in the FSI and FI
BNM also formalised its expectations (standards) on what is acceptable conduct for
the FSI, with the focus on behavioural aspects of governance being strengthened
through specific expectations for ethical conduct and culture to be embedded within
the FIs (Figure 3).
Figure 3 - BNM Expected standards for conduct and culture in FIs
Lastly, while contextual factors play a significant role in influencing individual or
personal behavioural factors (e.g.: beliefs, values and convictions of an individual) also
have a key influence on behavioural outcomes. Thus, a key objective is to uphold
uncompromising ethical and conduct standards for all individuals who are working in
the FSI (Figure 4). When these three conditions are met, it is hoped that behaviour,
conduct risk and culture will be “practiced” in the day-to-day operating decisions which
are made in a manner consistent with the FI’s strategy and values.

Page 18 of 45
Figure 4 - Summary of contextual factors - industry, the firm and individuals
3.3 Legal and Regulatory Framework and Mechanisms for
Enabling the Implementation of the IAC in Singapore
Laws and regulation (hard laws) alone will not be enough to make the step change in
banking ethics, conduct and risk culture, as needed to address the shortcomings in
bankers’ conduct revealed by the 2007-2008 financial crisis. This will require a focus
on the “soft” issues of banking culture and “soft laws”, that is – the restoration of sound
ethics, appropriate values and behaviours. To be able to effectively implement the
IAC in Singapore, we need to examine to see if Singapore has the efficacy of legal
and regulatory mechanisms (both hard and soft laws) to impute such responsibility
and accountability.
3.3.1 The Hard Laws - Singapore
The MAS is the integrated regulator and supervisor of the FSI in Singapore. It
supervises and regulates banks and their operations. Singapore-licensed banks come
within the key ambit of:
• the Banking Act (BA)15; and

Page 19 of 45
• the Monetary Authority of Singapore Act (MAS Act)16.
The Banking (Amendment) Act 2016 (BAA)17 further empowers MAS to remove key
appointment holders of banks if they are found to be not fit and proper. The grounds
for removal of such key appointment holders will be aligned with the criteria for
approving their appointment. The BAA also formalises MAS’ expectation for banks to
institute risk management systems and controls that commensurate with their
business profiles and operations. Furthermore, the BAA requires banks to inform
MAS, as soon as possible, of the following:
• Any development that materially affects the bank adversely, and in the case of
locally incorporated banks, any development that materially affects the bank or its
related entities adversely;
• Any development that could affect the suitability of their key appointment holders;
and
• In the case of locally incorporated banks, any development that could affect the
suitability of their substantial shareholders and controllers.
The Accounting and Corporate Regulatory Authority (ACRA) also supervises and
regulates Singapore-incorporated banks or banks which otherwise fall under the
Companies Act (CA).
There is also subsidiary legislation issued under the BA and MAS Act in the form of
regulations. Banks must also comply with the legal and regulatory instruments (that
have legal binding effects) issued by the MAS under the key laws and regulation – like
notices, circulars, guidelines, practice notes and codes, etc.
The focus on culture is not a new concept to MAS. In the Consultation Paper
“Amendments to Banking Regulations and Banking Corporate Governance
Regulations” by the MAS published in February 2017 18 , several proposed
requirements refer to executive accountability, albeit not in a prescriptive manner. Key
corporate governance requirements imposed on Singapore-incorporated banks include the:

Page 20 of 45
• Banking (Corporate Governance) Regulations 200519
• Guidelines on Corporate Governance for Financial Holding Companies, Banks, Direct
Insurers, Reinsurers and Captive Insurers which are Incorporated in Singapore
They set out, among other things, the key factors to be considered in determining the
independence of a director, and the functions of the various board committees, etc.
These rules also apply equally to systemically important financial institutions (SiFis).
Additional rules apply for listed banks.
Apart from the latest proposed guidelines on the IAC, MAS has guidelines that set out
the regulatory expectations on culture and conduct. For e.g.:
• The Guidelines on Fair Dealing (Feb 2013)20 – To hold the board and senior
management of FIs accountable for setting the culture and direction to align
business practices with customer fair dealing outcomes.
• The Balanced Scorecard Framework (BSC) under the Financial Advisory
Industry Review (FAIR) Panel (Dec 2015) 21 - Adds non-financial and
compliance performance measures to volume-based remuneration
arrangements, to better align the interests of financial advisers and their
representatives with that of their customers.
• The Consultation on Proposed Regulation for Complaints Handling and
Resolution (Oct 2018)22 - Requires financial advisory firms to establish an
independent and prompt process for handling and resolving complaints from
retail customers.
• The Consultation Paper on Revisions to Misconduct Reporting Requirements
and Proposals to Mandate Reference Checks for Representatives (Jul 2018)23
- Requires FIs to lodge a report with MAS when they become aware of any
misconduct committed by their representatives such as acts involving
misconduct, dishonesty, fraud, inappropriate advice, misrepresentation, or
inadequate disclosure of information to customers, etc; and to have in place a

Page 21 of 45
robust and transparent process to investigate possible wrongdoings and
misconduct, and to take appropriate disciplinary actions.
3.3.1 The Soft Laws - Singapore
MAS has said the proposed IAC guidelines are not intended to be prescriptive and it
is the responsibility of FIs to hold their senior managers accountable for their actions
and ensure proper conduct among their employees. MAS further signalled that it will
engage the FSI to better understand how they embed the desired conduct and culture
in their day-to-day decision-making and operations and will look beyond compliance
frameworks to assess if the FIs have embedded a sound “risk and ethics DNA”.
At their core, all these initiatives can be seen as measures to promote and reinforce
the right culture in FIs and among their staff. MAS’ approach can be summarised in
three aspects:
1) Promote and cultivate - Promoting a culture of trust and ethics at FIs through
engagement with the industry.
2) Monitor and assess - Monitoring the culture and conduct at FIs, and
3) Enforce and deter - MAS’ approach to breaches and misconduct which will
involve enforcement, investigation and prosecution.
MAS’ proposed IAC guidelines seek to reinforce FIs’ responsibilities in three main
areas:
1) By increasing the individual accountability of senior managers;
2) By strengthening the oversight of employees in material risk functions, and
3) By reinforcing standards of proper conduct among all employees.
To achieve these objectives, MAS has set out five accountabilities and conduct
outcomes which FIs are expected to work toward:

Page 22 of 45
• Outcome 1 - Senior managers who have responsibility for the management and conduct of
functions that are core to the FIs’ operations are clearly identified.
• Outcome 2 - Senior managers are fit and proper for their roles and are held responsible for
the actions of their staff and the conduct of the business under their purview.
• Outcome 3 - FIs’ governance framework is supportive of, and conducive to, senior managers’
performance of their roles and responsibilities. FIs’ overall management structure and
reporting relationships are clear and transparent.
• Outcome 4 - Employees in material risk functions are fit and proper for their roles, and subject
to effective risk governance as well as the appropriate standards of conduct and incentive
structure.
• Outcome 5 - FIs have a framework that promotes and sustains the desired conduct among
all employees.
Table 6 - MAS 5 Outcomes on Accountability and Conduct
However, a comb through the MAS and local trade bodies (namely the Association of
Banks in Singapore (ABS)24, Life Insurance Association (LIA)25 and SGX Regco26, etc)
and their websites seems to suggest that there is not much directions or soft laws
given by MAS and local bodies to the local FSI.
3.4 Challenges Faced by the FSI – Singapore
According to the EY / IIF Annual Global EY/IIF Bank Risk Management Survey 201827,
the FIs in Singapore has cited the following as key challenges with conduct and risk
culture:
1) Messages not cascading throughout firm.
2) Not investing significantly in understanding or transforming their organizational
culture.
3) Conduct risk is not well integrated into enterprise risk management frameworks.
4) Lack of first-line accountability.
5) Conflict between sales-driven first-line and firm’s target culture.
6) Measurements of risk culture and conduct mainly limited to people engagement
surveys or corporate communications initiatives, with “culture” questions

Page 23 of 45
added. Also, difficulties in interpreting the findings or identify where “conduct
hot spots” might exist.
7) Culture and conduct are not seen as core to firm strategy or business objectives
and there is a a lack of alignment between “tone from the top” and “echo from
the bottom”.
8) Incentives for compliance are not used to drive the firm’s risk, compliance and
conduct agenda. Where KPIs for conduct, compliance, risk or governance
objectives have been introduced, these remain poorly defined.
Chapter 4 - Review of Findings
4.1 Comparison of ACRs – Key Differences Between the MAS
IAC and Others
The slight differences in key ACRs and the MAS IAC may suggest that more
accountability is deemed necessary in the realms of consumer protection and
transactional supervision (such as in the case of the FCA and MAS remit) but is seen
as less relevant to the delivery of financial stability (as in the case for Hong Kong and
Malaysia).
While MAS’ proposed IAC guidelines have largely followed UK’s SMR and Hong
Kong’s MIC regime (who are the early implementers of ACRs), its proposals are
arguably seemed to be less prescriptive (See Appendices 1 to 1D for more details on
the comparison). Some key points to note:
• The MAS IAC guidelines does not require is notification of the identified responsible
persons. Instead, compliance will be assessed via the MAS’s ongoing supervisory
process.
• MAS has not included a requirement to report who each of the key responsible
persons are, which is very different to the UK and HK regimes which require FIs to
prepare a very detailed responsibilities map.
• There is also greater notification and approval requirements under the UK regime.

Page 24 of 45
• There is no formal requirement to perform periodic certification of the identified
responsible persons.
In all, it appears that with the robust hard laws on corporate governance requirements
and enforcement (personal) liabilities, etc, are in place, and combining them with IAC
guidelines, these provide the MAS with a more overall nuanced approach to supervise
and monitor conduct and risk culture in the FSI. However, it also seems to suggest
that MAS is saying, ‘We will take the lead and work with you to ensure everything is
fine, but if you misbehave, we will go after you (if you fail to meet the desired regulatory
outcomes” (See Appendix 1D – Personal, civil, administrative and criminal liabilities).
4.2 Challenges Faced by the FSI - Globally
The continuing string of failures, scandals and fines surrounding the FSI demonstrates
that frameworks, processes and standards for risk management, although essential,
are not sufficient to ensure that FIs can reliably manage their conduct and overall
organisational risks and to meet their strategic objectives.
Figure 5 - Challenges in measurement – Broad indicators used (Source: Thomson
Reuters Survey 2018)

Page 25 of 45
Figure 6 - Status of Implementation - Key Areas (Source: Thomson Reuters Survey
2018)
According to a recent 2018 benchmarking survey by Thomson Reuters (TR)28 ,
measuring conduct and risk culture remains a challenge for global SiFis. Moreover,
statistics in the survey have highlighted that FIs are generally struggling in
implementation, and let alone, to measure them (Figure 5 and 6). These results also
mirror what the FSI in Singapore faces in general with the MAS IAC.
This clearly indicates that there is a need for further guidance, and perhaps to be led
by the regulators in the provisioning of clearer guidance and standards to measure
conduct and risk culture for the FSI.
4.3 Learning from Leading Countries and Jurisdictions - UK FCA
- Conduct Rules
However, insofar, a comb through existing literature and regulators’ websites shows
that the UK FCA is the only leading regulator that is attempting to provide further
guidance and codification to the FSI on expected regulatory outcomes and
expectations about conduct and risk culture. Under the SM&CR, the FCA in its Code

Page 26 of 45
of Conduct (COCON) 29 publication recently, sets out specific guidance on the
following key ‘Conduct Rules’:
1) Individual:
• Rule 1: You must act with integrity.
• Rule 2: You must act with due skill, care and diligence.
• Rule 3: You must be open and cooperative with the FCA, the PRA and other
regulators.
• Rule 4: You must pay due regard to the interests of customers and treat them fairly.
• Rule 5: You must observe proper standards of market conduct
2) Senior manager:
• SC1: You must take reasonable steps to ensure that the business of the firm for
which you are responsible is controlled effectively.
• SC2: You must take reasonable steps to ensure that the business of the firm for
which you are responsible complies with the relevant requirements and standards
of the regulatory system.
• SC3: You must take reasonable steps to ensure that any delegation of your
responsibilities is to an appropriate person and that you oversee the discharge of
the delegated responsibility effectively.
• SC4: You must disclose appropriately any information of which the FCA or PRA
would reasonably expect notice.
On 20 July 2018, the FCA further published a policy statement “Industry Codes of
Conduct and Feedback on FCA Principle 5”: ‘You must observe proper standards of
market conduct’30. The policy statement also summarises the feedback given to the
FCA’s earlier 2017 consultation paper and the criteria that the FCA uses to recognise
such codes, and generally noted that:
• Respondents were generally supportive of the aim to improve transparency about
the status of market codes, and to be clear on the FCA’s approach given the clear
links to be included within the SM&CR; but

Page 27 of 45
• Some respondents were concerned that recognising the market codes may imply
a ‘quasi-legal status’ that undermines their voluntary nature.
In response to this, the FCA has proposed the following:
• A need to establish a process through which certain market codes in priority areas
can be recognised, to encourage but not mandate their use;
• To publicly consult on each panel’s decision to recognise a market code, to provide
transparency to market participants and let people share views if they disagree that
a code does represent proper standards.
4.4 Learning from Leading Countries and Jurisdictions - UK FCA
- Measuring Risk Culture
Problems with risk culture are often blamed for organisational difficulties, failures and
financial scandals, etc. However, there has been very little literature and practical
advice around on what to do about it. On 12 March 2018, the FCA took the initiative
and published a discussion paper on transforming risk culture in the FSI and urged
them to consider the issues in the paper and to engage in the debate about what
constitutes a healthy culture, and how to promote it. Jonathan Davidson, FCA
Executive Director of Supervision said:
“Culture may not be easily measurable, but it is manageable. So, firms can and should
take responsibility for ensuring their culture is healthy for both their employees and
customers, which can complement and support their business strategy. We as a
regulator have long gone beyond having the mindset that simply complying with rules
is enough. However, we don’t believe a one size fits all culture is the right way to go.
So, we want to promote a discussion and consensus on the essential features of a
healthy culture and how firms, regulators, employees and customers can help deliver
that culture”31.
Elsewhere, it is encouraging to know that an industry body like the Institute of Risk
Management (IRM) has in 2014, published the “Risk Culture: Resources for

Page 28 of 45
Practitioners” guide which brings together the high-level concepts and models (Figure
7, 8 and 9) that were found to be useful, and suggested ways to implement and
measure them32.
It is also interesting to note that the MAS recently is looking to employ trained
psychologists33 and advocate the use of data analytics to solve the conduct and risk
culture conundrum. Perhaps all these signals the first step in the right direction.
Figure 7 - IRM Risk Culture Aspects Model
Figure 8 - IRM Risk Culture Aspects Model Implementation Pathways

Page 29 of 45
Figure 9 - IRM Enterprise Risk Maturity Evaluation Model
Chapter 5 – Key Findings and Discussion
It is quite clear that as we move into the ACRs realm, that there are critical gaps and
salient challenges that need to be overcome if global regulators want to effectively
implement the ACRs. It is also quite apparent that regulators have not delineate
sufficiently to the FSI as to how to achieve or how to internalise conduct and risk
culture with the expected regulatory outcomes set forth (See earlier Table 5).
5.1 Lack of Soft Laws and Directions
First, while it is apparent that soft laws are essential to help to shape conduct and risk
culture in the FSI, but perhaps that till now, global regulators are grappling with how
to implement them in practice. Perhaps we must ask ourselves some further pertinent
fundamental questions:

Page 30 of 45
• Should the regulators take on the onus of setting soft laws for the FSI? It
appears that the UK FCA has taken on the mettle to set a minimum standard
via way of the Conduct Rules and Principles.
• Should the regulators partake, drive or let the FSI drive on their own to
internalise and set their own soft laws on conduct and risk culture? Are these
acceptable to the regulator(s)?
• Should there be a minimum standard (benchmark) for measuring conduct risk
and risk cultural behaviour set by regulators?
• What are the measurements that regulators would use to gauge good conduct
and behaviour (firms and individuals); or in meeting the minimum standards?
• Could there be a “one-size fits all” measurement of good conduct and behaviour
common across the industry or different sectors?
• Can conduct and risk culture be prescribed? If something is not prescribed by
the regulators, is it acceptable?
Regulatory Soft Laws?
Outcome (Gap)
Expectations
Expected
to
Conduct Hard Laws internalise
Risk Culture
conduct &
risk culture
to meet
regulatory
expectations
But how?
Regulator(s)
/ MAS Laws & Regulations
Industry /
Firm
Figure 10 - Gap in Soft Laws
5.2 Lack of Models and Metrics for Conduct and Behaviour
The second key area relates to further questions pertaining to the models and metrics
used to measure conduct and risk culture requirements under the ACRs. Given that

Page 31 of 45
conduct and risk culture comprises of many facets, perhaps we must ask ourselves
some further pertinent fundamental questions:
• What are the right measurements of good conduct and behaviour (firms and
individuals)?
• What are the right parameters to be used in such conduct and risk culture
models?
• Should the regulators partake, drive, or let the FSI drive on to develop their own
models and to internalise it?
• Could there be a “one-size fits all” models and measurements of good conduct
common across the industry or different sectors?
• What are the models and measurements that regulators would accept?
5.3 Achieving the Final Regulatory Outcomes – Barriers and
Limitations
The third key area would relate to a mindset shift with the prescription of soft laws to
facilitate the achievement of the desired regulatory outcomes. Studies by David
Jackman and the ICA34 into the evolution and nature of the types of regulations,
advocate that as we move into the higher realm of ACRs and related regulations, the
following should be considered, especially given conduct and risk culture outcomes:
• The interests of customers and the integrity of the market and wider community
should be at the heart of the business.
• Outcomes for consumers, not whether a firm complies with the rules.
• Shift from how a firm controls itself to how it runs itself, based on values.
• Boards should think deeply about the spirit of the soft laws, outcomes, and values
of the firm.
• Need to be in line with the ‘spirit’ and intended outcome – not managing the
business only to the letter, or ‘gaming the rules’.

Page 32 of 45
Figure 11 - Nature and evolution of regulations - David Jackman & ICA
In addition, any initiatives by regulators to set conduct and risk culture rules, principles
or standards can only work more effectively if these are better aligned with the desired
regulatory outcomes and objectives, and the ‘spirit of things’. Moreover, there is a
need to gradually build up rules, principles or standards, as attempts to leapfrog to
reach the end outcomes and regulatory objectives is simply not possible.
Lastly, we must also recognise that conduct and risk culture, just like any form / types
of risks, are always dynamic, especially, considering the everchanging macro-
environment of the FSI, and as such, the models and measurements used should be
reviewed and validated from time to time to make ensure that they remain relevant.

Page 33 of 45
Chapter 6 - Conclusions
6.1 The Efficacy of Legal and Regulatory Mechanisms to Impute
Responsibility and Accountability under the MAS IAC
The move towards ACR regulations can be a judgement-based approach towards
regulatory supervision. It is essentially pre-emptive in nature and allows regulators to
take intervening actions before problems have occurred. This new judgement-based
approach is very much in line with the change in the character of financial laws and
regulation away from facilitating market discipline and towards providing the public
good of consumer protection or financial stability.
With the ACRs, the judgement-based approach is supported by changes to the
capacity and powers of the regulators within the ambit of hard laws. The research has
shown that at present, whilst there is evidence that the Singapore regulator has
enacted / amended robust hard laws (Section 3.1) to be put in place, there is clearly a
dearth of official guidance or soft laws for the FSI in Singapore on the requirements
on conduct and risk culture which are fundamental to enable the effective imputation
of proper behaviour, responsibility and accountability required under the MAS IAC.
6.2 Weakness and Potential Problems with the Current
Approach
First, when regulators become more engaged in intelligence, surveillance, information
and behavioural analysis (e.g.: such as the MAS making use of data analytics and
hiring of psychologists), it can be argued that they are likely to become technocratic
bureaucracies. This is because financial, economic, legal and technological expertise
are required to do so. However, with such a drift towards technocratic nature, a key
question that comes to mind is that whether this will make regulators to become insular
and inward-looking. This is also a concern as pre-emptive powers may be exercised
to affect transactional and market freedoms (e.g.: In the UK, using cease and desist

Page 34 of 45
orders), and the wisdom of pre-emptive judgements may be questioned if such
judgements are made in an insular manner.
Second, while regulators like the UK FCA are subject to comprehensive channels of
ex post political accountability, the judicial scrutiny and input accountability in the UK
and other jurisdictions elsewhere seem to be relatively weak. As conduct, risk culture
and accountability, etc, are relatively complex and multi-facet topics, one key concern
is that the regulators may subscribe to an insular form of input accountability,
especially when they try to take the lead and try to come up with further guidance with
rules, principles, and standards, and market codes, etc. While consultation papers
have been opened to the industry and public, the stakeholders who are welcomed to
provide input may not be experts in financial regulation, conduct and culture risk, etc,
and this could mean that wider stakeholders’ participation is non-existent or curtailed.
Third, as we see an emerging global trend of putting a greater spotlight on executive
conduct, accountability as well as risk culture under the ACRs, it is anticipated that
there could be a heightened focus on these topics, as well as more continuing potential
fines and penalties on firms and individuals. As such, it can be argued that there could
perhaps be a tendency for regulators, legislators, and for courts, to limit tort law or
administrative responsibilities and liabilities (as seen in the recent rise in the number
of DPAs and MRIAs etc), as there is no desire to open the floodgates of financial
penalties on the FIs. Also, the consequences for accountability in limiting the court’s
review on the financial penalties are difficult to foretell, particularly for some
independent regulators (like the UK FCA and HK IA).
Lastly, the question of inconsistencies in standards for conduct and risk culture within
the ambit of the ACRs at a global level could create a problem of an uneven playing
field, making the FSI in some countries and jurisdictions ‘much tougher’ to operate in
and might even affect the viability of doing financial services business.

Page 35 of 45
6.3 Recommendation for a More Palatable Approach and Model
This research has uncovered some of the salient shortcomings with regards to the
current approach undertaken to implement the ACRs globally and the IAC in
Singapore. To overcome these issues, the following are proposed for consideration:
1) Better guidance on the implementation of some of the hard laws’ requirements
on responsibilities and accountability, conduct and risk culture.
2) Greater need for further clearer guidance on the soft laws for conduct and risk
culture to impute responsibilities and accountabilities under the ACRs.
3) A more consistency approach to the minimum rules, principles and standards
on conduct and risk culture and their details amongst regulators across different
jurisdictions and sectors of the FSI.
4) Due consideration as to who should be the stakeholders who are driving these
initiatives, and whether there could be wider collaboration between the
regulators and FSI, and other stakeholders or experts.
5) Clearer alignment in the development of rules, principles and standards on
expected conduct and risk culture with the final regulatory outcomes and
objectives.
6) Inputs are needed from a range of stakeholders to be further drawn into the
ACRs’ legislative and regulatory space. They may play the role of
‘gatekeepers’, providing intelligence to regulators, acting as whistle-blowers
and perhaps disciplining the industry. They can be professional bodies, audit or
legal and compliance, whose professional stature and expertise could be
leveraged to apply governance check on industry behaviour.
6.4 Future Research
Conduct risk and risk culture will continue to evolve and its definition and
measurements are likely to expand or evolve. This research report has found that
there is a need for further research into the consolidated models and metrics to be
used to measure and gauge conduct and risk culture, and to achieve some form or
conformity or standards, that needs to review and updated continuously to reflect the
demands and challenges of the macro-environment that FIs operates in.

Page 36 of 45
Appendix 1 – Table of Comparison of ACRs
Regime UK: Senior Managers &
Certification
Regime (“SM&CR”)
HK: Manager in Charge (“MIC”)
Regime
Australia: Banking Executive
Accountability Regime (“BEAR”)
Singapore: MAS Guidelines on
Individual Accountability and
Conduct (“IAC”)
Rationale • Addressing the “root
causes of failures” in the
FSI.
• Increase individual
accountability.
• Clarify specific
responsibilities of senior
managers (“SMs”).
• Expand the range of
persons who are
subjected to standards of
conduct to impact
individual behaviour and
the culture within firms.
• Complement collective
Board responsibility.
• Clarify which individuals
should be regarded as the
senior management of a
licensed corporation.
• Promote awareness of
regulatory obligations and
potential liabilities of SMs.
• Clarify that certain
members of senior
management should seek
the SFC’s approval to be
responsible officers
(“ROs”).
• Outline certain roles and
responsibilities of a
licenced corporation’s
Board.
• Provide guidance as to the
information a licensed
corporation should submit
regarding its organisational
and governance structure.
• Coleman Report on major
banks having a ‘poor
compliance culture’ and
have repeatedly failed to
protect the interests of
consumers.
• To improve the operating
culture of authorised
deposit-taking institutions
(“ADIs”)] and increase
transparency and
accountability across the
banking sector.
• By setting out accountability
obligations in the Banking
Act and providing guidance
about them, the Bill makes
clear and enhances the
obligations of ADIs and
reinforces the standards of
conduct expected of them by
the community.
• Key part of MAS’ broader
efforts to promote and
cultivate a culture of trust and
ethics in the FSI.
• Reinforce FIs’ responsibilities
in three key areas:
(i) promote individual
accountability of SMs;
(ii) strengthen oversight of
employees in material
risk functions; and
(iii) embed standards of
proper conduct among all
employees.
• Supplement existing
regulatory framework (NB –
not to introduce a standalone
regulatory regime)
• Complement collective
responsibility of Board and
management committees
• Align current regime with
developments in other major
jurisdictions

Page 37 of 45
Appendix 2 – Comparison of Who is Affected Under the ACRs
Certification
Regime
Conduct (“IAC”)
Senior
management
functions
• For UK-incorporated firms:
o Chief Executive function
o Chief Finance function
o Executive Director function
o Chief Risk function
o Head of Internal Audit
function
o Head of Key Business Area
function
o Group Entity Senior
Manager function
o Credit union SMF
o Chairman function*
o Chair of Risk Committee*
o Chair of Audit Committee*
o Chair of Remuneration
Committee*
o Chair of Nomination
Committee*
o Senior Independent
Director function*
o Compliance Oversight
function
• Directors and Responsible
Officers of a corporation and
MICs of Core Functions
• Core functions are:
o Overall management
oversight
o Key business line
o Operational control and
Review
o Risk Management
o Finance and Accounting
o IT
o Compliance
o AML/CFT
• Individuals who hold a
position in an ADI or a
subsidiary which gives them
actual or effective senior
executive responsibility for
the management or control
of an ADI or a significant or
substantial part of the ADI or
ADI group
• Prescribed accountable
person functions include:
o Board members of the ADI
(including non-executive
directors)
o Chief Executive Officer /
Head of Foreign Bank
Branch
o Chief Finance Officer
o Chief Risk Officer
o Chief Operation Officer
o Chief Information and
Technology Officer
o Head of Compliance
o Head of Human Resources
• Core management functions
include the following persons,
by whatever name described:
o Chief Executive Officer of the
Singapore FI
o Chief Financial Officer or
Head of
o Finance
o Chief Risk Officer or Head of
Risk
o Chief Operating Officer or
Head of Operations
o Chief Information Officer,
Chief Technology Officer or
Head of Information
Technology
o Chief Information Security
Officer or
o Head of Information Security
o Chief Data Officer
o Head of Business Function
o Head of Actuarial, Appointed
Actuary or Certifying Actuary
o Head of Human Resources
o Head of Compliance

Page 38 of 45
Certification
Regime
Conduct (“IAC”)
o Money Laundering
Reporting Other Overall
Responsibility function
o Chief Operations function
* denotes non-executive
director (“NED”) roles
o Senior executive
responsibility for AML/CFT
• Where the activities of a
subsidiary are significant or
substantial within the ADI
group, at a minimum an
accountable person located
within the subsidiary should
have responsibility
o Head of Financial Crime
Prevention
o Chief Regulatory Officer (for
approved exchange / clearing
house/holding company)

Page 39 of 45
Appendix 3 – Comparison of Assessment, Approval and Certification Under the ACRs
Regime UK: Senior Managers & Certification
HK: Manager in Charge
(“MIC”)
Regime
Conduct (“IAC”)
Senior
management
functions
• SMs – Regulatory pre-approval
required.
• Firms required to re-assess fitness
and propriety of SMs (and Notified
NEDs) on at least an annual basis.
• Certified Persons (individuals that
are not SMs but who are still
performing functions that could give
rise to significant harm for the firm or
its customers): Firms required to
assess fitness and propriety prior to
performing role and required to re-
certify fitness and propriety on at
least an annual basis.
• Not subject to regulatory pre-
approval / registration.
• Conduct Rules Staff (all other staff
unless performing a defined
excluded role – e.g. security guards
and receptionists) – not subject to
regulatory pre-approval /
registration, but subject to Conduct
Rules.
• MIC may or may
not be licensed by
the SFC, depending
on the functions
they perform within
the firm. Firms
should ensure any
unlicensed MIC is fit
and proper and
qualified to act.
Individuals
appointed to Overall
Management
Oversight and key
business line core
functions must be
approved by SFC
as ROs.
• Accountable persons must
be registered with the
Australian Prudential
Regulation Authority
(“APRA”), with information
about proposed
appointments provided in
advance to APRA.
• Accountable persons are
deemed to have been
registered 14 days after the
application has been lodged
with APRA.
• There is no process for
regulatory pre-approval/
screening. ADIs retain
responsibility for assessing
suitability of accountable
persons and must sign a
declaration that the ADI is
satisfied as to the suitability
of the relevant accountable
person.
• SM may or may not require
prior approval of the MAS,
depending on the functions
they perform within the firm.
• Firms should ensure any
individual who does not
require approval by the MAS
is fit and proper and qualified
to act.
• Firms are required to assess
fitness and propriety prior to
relevant individual performing
role. No formal requirement
to perform periodic
certification. However, MAS
should be notified if individual
ceases to be fit and proper.

Page 40 of 45
Appendix 4 – Comparison of Personal Liabilities Under the ACRs
Certification
HK: Manager in Charge
(“MIC”)
Regime
Accountability Regime
(“BEAR”)
Individual Accountability and Conduct
(“IAC”)
Senior
management
functions
• Civil liability
• Breach of Conduct
Rules/SM Conduct Rules.
• Being knowingly concerned
in a breach by the firm of
the rules applying to the
firm.
• Failing to take reasonable
steps to prevent a
regulatory breach occurring
or continuing in the area for
which the SM is responsible
(“duty of responsibility”).
• Sanctions for the above
include fine (unlimited), ban
(where not fit and proper),
suspension/limitation to
regulatory approval.
• Criminal liability
• Recklessly causing a bank
to fail (7 years
• imprisonment or a fine or
both).
• When determining
whether to take
disciplinary action and
the level of sanctions,
the SFC has indicated
it will refer to its
Disciplinary Fining
Guidelines.
• While the sanctions
that can be imposed
under Part IX are civil
in nature, if an LC has
been found guilty of an
offence under the SFO,
the SFO extends
criminal liability to any
of the LC's officers
where the offence was
proved to have been
committed with their
consent, connivance or
otherwise attributable
to their recklessness.
• APRA has the power to
disqualify an accountable
person where it is
satisfied an individual has
failed to comply with
his/her accountability
obligations.
• If an accountable person
fails to comply with
his/her accountability
obligations, an ADI is
required to have in place
a remuneration policy that
reduces that accountable
person’s variable
remuneration
proportionate to the
nature of the breach.
• Individual criminal, civil and/or
disciplinary liability may arise in
certain cases. For e.g.:
o a director or executive officer of a
bank in Singapore commits an
offence when failing to take all
reasonable steps to secure
compliance by the bank with any
written law; and
o certain key officers of FIs may be
criminally liable if the FI commits an
offence due to (among others) the
neglect of the relevant individual.
• Even where the above types of
liability are not engaged, non-
compliance with duties and
expectations by an individual may
result in other sanctions e.g. licence
revocation/ suspension, fines and
reprimands. Such non-compliance
may also affect the MAS’ overall
assessment of the individual’s fitness
and propriety and the risk
assessment of the FI.

Page 41 of 45
Table of Legislation
15 Singapore Banking Act 1970 <https://sso.agc.gov.sg/Act/BA1970>
16 Monetary Authority of Singapore Act 1970
<https://sso.agc.gov.sg/Act/MASA1970>
17 Banking (Amendment) Act 2016 <https://sso.agc.gov.sg/Acts-Supp/5-
2016/Published/20170523?DocDate=20170523&ProvIds=pr35->
18 Banking (Corporate Governance) Regulations 2005
<http://www.mas.gov.sg/Regulations-and-Financial-Stability/Regulations-Guidance-
and-Licensing/Commercial-Banks/Subsidiary-Legislation/2005/Banking-Corporate-
Governance-Regulations-2005.aspx>
References
1 Gillian Tett, Financial Times, 'Has Banking Culture Changed?' (Financial Times, 27
August 2018) <https://www.youtube.com/watch?v=ZpKXF-Ktipg> accessed 5
September 2018
10 Global Foreign Exchange Committee (GFXC), 'FX Global Code' (August 2018)
<https://www.globalfxc.org/docs/fx_global.pdf> accessed 1 September 2018
11 International Organization of Securities Commissions (IOSCO), ‘IOSCO Task
Force Report on Wholesale Market Conduct’ (June 2017)
<https://www.iosco.org/library/pubdocs/pdf/IOSCOPD563.pdf> accessed 1
September 2018
12 Financial Stability Board (FSB), ‘Compensation Practices’ (April 2009)
<http://www.fsb.org/what-we-do/policy-development/building-resilience-of-financial-
institutions/compensation/> accessed 1 September 2018
22 Association of Banks in Singapore (ABS) website <https://abs.org.sg/>

Page 42 of 45
23 Life Insurance Association of Singapore website: <http://www.lia.org.sg/>
24 Singapore Exchange Reg Co website: <https://www2.sgx.com/regulation/public-
consultations>
Bibliography
2 Financial Stability Board (FSB), ‘Strengthening Governance Frameworks to
Mitigate Misconduct Risk: A Toolkit for Firms and Supervisors’ (April 2018)
<http://www.fsb.org/2018/04/strengthening-governance-frameworks-to-mitigate-
misconduct-risk-a-toolkit-for-firms-and-supervisors/> accessed 5 September 2018
3 UK Parliamentary Commission on Banking Standards (PCBS), ‘Final Report –
‘Changing Banking for Good (19 June 2013)
<https://www.parliament.uk/business/committees/committees-a-z/joint-
select/professional-standards-in-the-banking-industry/news/changing-banking-for-
good-report/> accessed 5 September 2018
4 Straits Times, ‘Global banks have paid $453b in fines’ (3 March 2017)
<https://www.straitstimes.com/business/global-banks-have-paid-453b-in-fines>
accessed 5 September 2018
5 William Dudley, President of the Federal Reserve Bank of New York, ‘Enhancing
Financial Stability by Improving Culture in the Financial services Industry’ (October
2014) <https://www.newyorkfed.org/newsevents/speeches/2014/dud141020a.html>
6 Clive Adamson, Director of Supervision, the UK FCA, ‘The importance of culture in
driving behaviours of firms and how the FCA will assess this’ (23 2017)
<https://www.fca.org.uk/news/speeches/importance-culture-driving-behaviours-firms-
and-how-fca-will-assess> accessed 5 September 2018

Page 43 of 45
7 Salz Review, ‘An Independent Review of Barclays’ Business Practices’ (April 2013)
<https://online.wsj.com/public/resources/documents/SalzReview04032013.pdf>
8 US Office of the Comptroller of the Currency (OCC), ‘Corporate and Risk
Governance’ (July 2016) <https://www.occ.treas.gov/publications/publications-by-
type/comptrollers-handbook/corporate-risk-governance/pub-ch-corporate-risk.pdf>
9 CCP Research Foundation, ‘The Conduct Costs Project Report 2017’ (2017)
<http://ccpresearchfoundation.com/> accessed 10 September 2018
13 Ibid 5
14 Stephanie Tan Yen Li and Katie Lee Sheah, Bank Negara Malaysia (BNM),
‘Strengthening Conduct and Culture in the Financial Industry’ (March 2018)
<http://www.bnm.gov.my/index.php?ch=en_publication&pg=en_work_papers&ac=68
&bb=file> accessed 30 September 2018
18 Monetary Authority of Singapore (MAS), ‘Consultation Paper on Amendments to
Banking Regulations and Banking (Corporate Governance) Regulations’ (7 Feb
2017) http://www.mas.gov.sg/News-and-Publications/Consultation-
Paper/2017/Consultation-Paper-on-Amendments-to-Banking-Regulations-and-
Banking-Corporate-Governance-Regulations.aspx> accessed 30 September 2018
20 Monetary Authority of Singapore (MAS), ‘Guidelines on Fair Dealing - Board and
Senior Management Responsibilities for Delivering Fair Dealing Outcomes to
Customers’ (20 February 2013) <http://www.mas.gov.sg/Regulations-and-Financial-
Stability/Regulations-Guidance-and-Licensing/Financial-
Advisers/Guidelines/2013/Guidelines-on-FD-_-BSM-Responsibilities.aspx> accessed
30 September 2018

Page 44 of 45
21 Monetary Authority of Singapore (MAS), ‘Notice on Requirements for the
Remuneration Framework for Representatives and Supervisors ("Balanced
Scorecard Framework") and Independent Sales Audit Unit [Notice No. FAA-N20]’ (31
December 2015) <http://www.mas.gov.sg/regulations-and-financial-
stability/regulations-guidance-and-licensing/Financial-Advisers/Notices/2015/Notice-
on-Requirements-for-BSC-Framework-and-Independent-Sales-Audit.aspx>
22 Monetary Authority of Singapore (MAS), ‘Response to Consultation Paper on
Proposed Regulations to Enhance Resolution Regime for FIs in Singapore’ (26
October 2018) <http://www.mas.gov.sg/News-and-Publications/Consultation-
Paper/2018/Consultation-Paper-on-Proposed-Regulations-to-Enhance-Resolution-
Regime-for-FIs-in-Singapore.aspx> accessed 30 September 2018
23 Monetary Authority of Singapore (MAS), ‘Consultation Paper on Revisions to
Misconduct Reporting Requirements and Proposals to Mandate Reference Checks
for Representatives’ (July 2018) <http://www.mas.gov.sg/News-and-
Publications/Consultation-Paper/2018/Consultation-Paper-on-Revisions-to-
Misconduct-Reporting-Requirements.aspx> accessed 30 September 2018
27 EY / IIF, ‘Eight Annual Globa Risk Management Survey’ (2018)
<https://www.ey.com/Publication/vwLUAssets/ey-eighth-annual-global-eyiif-bank-
risk-management-survey/$FILE/ey-eighth-annual-global-eyiif-bank-risk-
management-survey.pdf> accessed 1 June 2019
28 Practical Law, Thomson Reuters, ‘Culture and Conduct Risk Survey 2018’ (2018)
<https://risk.thomsonreuters.com/content/dam/openweb/documents/pdf/risk/report/cu
lture-and-conduct-risk-2018.pdf> accessed 15 October 2018

Page 45 of 45
29 UK Financial Conduct Authority (FCA), ‘Code of Conduct (COCON)’ (December
2018) <https://www.handbook.fca.org.uk/handbook/COCON.pdf> accessed 5
December 2018
30 UK Financial Conduct Authority (FCA), ‘Policy Statement - Industry Codes of
Conduct and Feedback on FCA Principle 5’ (July 2018)
<https://www.fca.org.uk/publication/policy/ps18-18.pdf> accessed 5 December 2018
31 UK Financial Conduct Authority (FCA), ‘Discussion Paper on Transforming Culture
in Financial Services’ (12 March 23018) <https://www.fca.org.uk/news/press-
releases/fca-publishes-discussion-paper-transforming-culture-financial-services>
accessed 5 December 2018
32 The Institute of Risk Management (IRM), ‘Risk culture
Resources for Practitioners’ (2013) <https://www.theirm.org/media/3814165/Risk-
Culture-Resources-for-Practitioners.pdf> accessed 5 December 2018
33 Monetary Authority of Singapore (MAS), ‘Recruitment or Deputy Director /
Assistant Director, Behavioural Science’ (2018)
https://www.linkedin.com/jobs/view/mas-deputy-director-assistant-director-
behavioural-science-at-monetary-authority-of-singapore-mas-948221670/> accessed
5 December 2018
34 David Jackman, ‘Corporate Maturity – How Compliance Needs to Change’ (2015)
<https://www.jerseyibs.com/files/1514/5803/1132/David_Jackman.pdf> accessed 5
December 2018

Uni of Law & ICA MSc Law GRC - Final Dissertation Thomas Wan Dec 2018

Recommended

Recommended

More Related Content

Similar to Uni of Law & ICA MSc Law GRC - Final Dissertation Thomas Wan Dec 2018

Similar to Uni of Law & ICA MSc Law GRC - Final Dissertation Thomas Wan Dec 2018 (20)

Recently uploaded

Recently uploaded (20)

Uni of Law & ICA MSc Law GRC - Final Dissertation Thomas Wan Dec 2018