United States: Individual Accountability: The Senior Managers And Beyond

Last Updated: December 4 2015
Article by Barnabas W.B. Reynolds and Reena Agrawal Sahni

There has been much debate among regulators and in the general public about whether there should have been more enforcement action against executives and other individuals in banks for misconduct in the events leading up to the 2008 financial crisis and after. The U.K. government has taken several actions against banks and companies for their corporate misconduct and involvement in market manipulation scandals of recent years. However, regulators have found it difficult to hold individuals accountable for being involved in the same misconduct, particularly individuals in management roles. Complex organizational structures of large banks and investment firms that are important for running global businesses efficiently are viewed as contributing to the problem.


Regulators are starting to address this issue by changing the rules around individual accountability. The United Kingdom is reforming its approach to supervising and taking enforcement action against individuals in senior management positions and individuals who are employed in positions where they could pose a risk of significant harm to the firm or any of its clients (we'll call them certified personnel). For regulatory purposes, senior managers include not only directors but also chief executives, heads of key business lines, and certain highranking compliance and risk management personnel.

From March 7, 2016, banks, certain large investment firms, building societies, and credit unions established in the United Kingdom, including U.K. subsidiaries of overseas firms (referred to here collectively as SMR firms) and U.K. branches of third-country or European Economic Area (EEA) SMR firms (known as incoming branches), will be subject to a new Senior Manager and Certification Regime (SM&CR).


In the past, U.K. managers were allowed to define their own roles. Any personal liability would have been based on a legal standard of causation. The SM&CR rules aim to clarify areas of responsibility and therefore accountability. They require the allocation of certain prescribed responsibilities to senior managers and the production of Statements of Responsibility for those managers. SMR firms and incoming branches will need to create and manage processes that are effective absent deliberate wrongdoing on the part of a team member, and that minimize the risk and effects of any such wrongdoing. Most notably, the regime, as originally framed, introduced a "presumption of responsibility" for senior managers that effectively reversed the burden of proof by holding senior managers in a particular function responsible for a firm's regulatory breaches. Senior managers would have been required to rebut the presumption that they were responsible for breaches by demonstrating that they took reasonable steps to prevent them from occurring or continuing.

Such a rule is not without precedent. A similar presumption of responsibility mechanism already exists in Germany, where enforcement actions have successfully been taken against executives in particular positions of importance. However, one of the key concerns about the U.K. presumption of responsibility was that it would deter certain individuals from performing senior management roles and those who were undeterred would demand to be adequately compensated or insured for taking on the increased risk of personal liability. The U.K. Government announced several changes to the SM&CR in October, amongst which is the replacement of the presumption of responsibility with a statutory duty of responsibility. The burden of proving that a senior manager did not take reasonable steps to stop a breach will be on the regulator. The changes, at the time of writing this article, were set out in a Bill laid before Parliament.


Although the United States does not have a directly comparable regulatory regime for senior managers, many of the requirements of the SM&CR already are reflected in other U.S. regulations, with some differences. U.S. regulators have broad enforcement powers as part of their supervisory mandate. Just as in the United Kingdom, U.S. regulators have principally directed their enforcement actions at institutions and not individuals at those institutions. However, along with a renewed focus on governance and management, U.S. regulators are now placing more emphasis on the need to hold individuals accountable. For example, the U.S. Department of Justice recently issued new guidelines to bolster its ability to pursue individuals in corporate cases.


Any fundamental governance-related regulatory change such as this has the potential to be extraterritorial in impact, especially for global financial institutions. The SM&CR has the potential to reach senior managers located outside of the U.K., just as do actions taken by the U.S. regulators or the European Central Bank regarding individuals outside the U.S. and E.U., respectively. Differing standards and enforcement regimes can in theory give rise to conflicts between overlapping oversight requirements. However, the approaches of the various regulators are generally likely to work together, though it's possible (if unlikely) that oversight in one jurisdiction might prioritize safety and soundness within that jurisdiction at the expense of another.


In implementing accountability regimes, regulators must strike a difficult balance. On the one hand, there is a clear need for the rules to operate efficiently to ensure executives are effective in their management roles and to prevent executives from ignoring regulatory breaches. On the other hand, regulators must ensure that the new accountability regimes are fair and do not impose de facto strict liability on executives who take reasonable steps to prevent and detect problems. There is a risk that, crudely applied, the reforms could give rise to a random minefield of rules and regulations on liability that directors and employees will find difficult to navigate and which could deter key individuals from taking up roles of responsibility within their organizations.

In this article, we focus on the new SM&CR and its extraterritorial effect, and particularly on the rules on the personal liability of senior managers. We then compare U.K. regulations with those in the United States. This article does not seek to cover the general regulation of individuals, remuneration rules, firm registration processes, the impacts of resolution and recovery regimes, or other aspects of individual regulation. The new regulatory approach of focusing on individuals is likely to evolve, so this snapshot reveals the direction of travel more than the final destination.


The SM&CR represents a fundamental change in the approach to regulating senior managers, certified personnel, and conduct within SMR firms and U.K. branches. Firms, rather than the regulators, will be given primary responsibility for vetting senior managers and certified personnel, and only senior managers will be subject to the regulators' approval.

The SM&CR is made up of the Senior Managers Regime, the Certification Regime, and a new Code of Conduct. Each of these three elements is summarized in a box to the right. The rules will be applied by both the U.K.'s Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA), although each regulator's approach will differ according to its statutory objectives and areas of competence. In particular, the PRA, as the U.K.'s prudential regulator, will not apply its SM&CR rules to incoming U.K. branches of EEA firms because, under E.U. law, the prudential regulation of such branches is mostly within the competence of the relevant home member state.

The Senior Manager Regime will replace the "controlled functions" that currently are part of the Approved Persons Regime (APR) with a new set of PRA and FCA senior management functions that will cover a narrower range of individuals. The regulators intend to grandfather all controlled functions to their Senior Managers Regime, so that an individual who is already authorized under APR and whose activities cover a senior management function, for example as a chief executive, will not need to go through the authorization process in order to continue as an approved person under the new regime. Individuals who are currently approved persons but who do not perform a senior management function will no longer be required to be authorized by the regulators and will no longer be approved persons from March 7, 2016; although they will likely fall into the certified personnel category.

A separate Senior Managers Regime for certain U.K. insurance firms, based on the E.U. Solvency II Directive, and which we don't cover here in detail, is also being implemented in the U.K. The U.K. Fair and Effective Markets Review1 recommended that aspects of the new regime be extended to certain other types of financial institution. In the October announcement, the U.K. Government confirmed that it will adopt that recommendation. It is expected that the SM&CR will be extended, during 2018, to all U.K. authorized investment firms, asset managers, insurers and consumer credit firms. The detail of the expanded regime, as fleshed out by regulatory rules, remains to be seen.


This regulatory revamp of senior management responsibilities takes the law into two difficult and uncharted regions. First, it raises more acutely than ever the issue of personal liability in a world in which regulators want to hold senior management, not just firms or rogue employees, accountable for wrongdoing. Second, the revision of the existing regime highlights the tension between business-line management, which is crucial for successful and efficient management in global businesses, and top-down management of each legal entity (so-called entity-level management), which is a key element of postfinancial crisis regulation.

Personal liability in financial services is an area where there is somewhat limited jurisprudence, and there are uncertainties as to where the line of liability is to be drawn. More importantly, it is difficult to identify what well-intentioned senior managers can do to protect themselves.

Generally, under the enforcement rules of the Financial Services and Markets Act 2000 (FSMA), the FCA and PRA can only take disciplinary action against a senior manager where the relevant regulator is satisfied that the person is guilty of misconduct and, if he or she is guilty, that it is appropriate in all circumstances to take such action.2 According to current FCA guidance,3 the FCA can only impose a penalty on an individual if it is proven that the person was personally culpable, i.e., where the behavior was deliberate or where the approved person's standard of behavior was below that which would be reasonable in all the circumstances existing at the time of the conduct concerned. Under the current enforcement regime, the enforcing regulator has to satisfy the applicable evidential standard of proof to show a regulatory breach had occurred. The FCA and the Upper Tribunal, the body responsible for handling appeals against FCA decisions, have generally applied the "balance of probabilities" standard of proof applicable in civil cases. This is in contrast to the higher "beyond reasonable doubt" standard of proof applied by criminal courts or in civil cases where quasi-criminal sanctions, such as deprivation of liberty, may be imposed.

Previous FCA jurisprudence suggested that a "sliding scale" standard of proof could be applied, whereby the civil standard could be varied to a standard close to its criminal equivalent in cases of serious regulatory breaches. This approach has now been abandoned.4 The Upper Tribunal confirmed this year in the case of Carrimjee v the FCA [2015] UKUT 0079 (TCC) that, despite the FCA having power to impose serious sanctions, such as industry bans or substantial fines, FCA proceedings are not quasi-criminal in character and the civil standard should always apply.

A new liability will apply if: (i) the senior manager's firm committed a regulatory breach, (ii) the senior manager was a senior manager at the time of the regulatory breach, (iii) the senior manager was responsible for the management of any of the firm's activities in relation to which the breach occurred, and (iv) the senior manager did not take such steps as a person in the senior manager's position could reasonably be expected to take to avoid the contravention occurring (or continuing).

Whether the relevant senior manager was responsible for that part of the business to which the breach relates would be a question of fact. The Statements of Responsibility that institutions will be required to prepare (and may agree at a detailed level with the regulators), showing what each senior manager is responsible for, will be crucial in informing the regulator's determination on this issue.5


The new liability standard requires the regulators to prove, on a balance of probabilities, that conditions (i) to (iv) are satisfied. A senior manager must have failed to take steps that he could reasonably have been expected to take to avoid the breach from occurring or continuing. The U.K. regulators have published guidance which sets out some types of steps that senior managers would be expected to take to prevent or stop breaches. This guidance published by the PRA in the context of the operation of the former presumption of responsibility test includes actions it would consider as reasonable steps and the evidence it would expect senior managers to provide to demonstrate that reasonable steps were taken. The guidance will serve as the basis of the regulators' expectations of senior managers in satisfying the new statutory duty of responsibility which requires a senior manager to take reasonable steps to prevent contravention by way of a breach. It would be helpful if the regulators published additional guidance clarifying the types of steps that would not be required in every case, for example, commissioning external consulting reports. One of the concerns with the presumption of responsibility was that firms would focus their attention on creating evidence rather than on operating an efficient and compliant business. Without any further guidance from the regulators, there is still a risk that, though the extent of the duty may have been ameliorated by the removal of the presumption of responsibility, firms and senior managers will be motivated to create extensive paper trails to evidence the details of their decision-making process. The PRA has recognized that one of the challenges in implementing the SM&CR has been encouraging and ensuring that the right outcomes are achieved.


How the FCA and PRA will enforce the new liability standard in practice is of particular concern to firms and their senior management. For instance, it is not clear if the FCA/PRA are required to prove that there was a causative link between the senior manager's role and the breach in question. In the absence of such link, there would arguably be no case for the senior manager to answer and it would only be if this test was passed that the senior manager would be tasked with considering — probably again on the balance of probabilities — the reasonable steps element. Although on a strict reading of the legislation, a causative link does not appear to be one of the conditions, it is at least arguable that it is one of the circumstances that the enforcing regulator needs to consider under FSMA before deciding to take enforcement action.


The easier question is how senior managers can avoid personal liability under the SM&CR, even without the presumption of responsibility. The answer is: They should take such steps as a person in their position could reasonably be expected to take to prevent regulatory breaches from happening or continuing in the area for which they are responsible. Senior managers will need to be in a position to identify and address actual or suspected regulatory breaches in a timely manner. In respect of the presumption of responsibility, the FCA confirmed in its draft guidance that it would consider any preventative action as a relevant factor in determining whether a senior manager acted reasonably.6 Presumably the regulators are unlikely to seek to alter this position under the revised SM&CR in light of the removal of the presumption of responsibility, but of course the ultimate position will depend on how the final amending legislative provisions are couched.


Regulations on living wills, governance, and employee compensation are now all applied on a legal entity-level basis. Similarly, senior management responsibilities are to be applied against an entity-level backdrop. Tensions and problems arise when key business personnel within the entities concerned don't report directly to senior management. The risk is that the flow of information necessary for senior managers to perform their functions is more limited than what is required to enable them to prevent and detect regulatory breaches.

In a matrix-managed organization, it may be difficult for a senior manager to show sufficient control. One practical solution is for designated senior managers to take steps to ensure that reporting lines are established from relevant business heads and other relevant personnel to the legal entity-level senior managers, whether in the U.K. or overseas, which are clear to staff and operate effectively and as close to real time as possible. Information could flow directly through people not directly accountable to the senior manager. Global business management will still be possible, but relevant legal entity senior managers' involvement and approval will now be mandatory. The objective is for senior managers to gain an accurate and thorough understanding of the parts of the firm's business for which they are responsible, including the strengths and weaknesses in the governance and risk management framework. On this basis, senior managers should have sufficient information to be able to determine (among other things) whether improvements to the firm's systems, controls, and culture are needed to prevent or remedy breaches, whether persons responsible for any failings need to be removed or disciplined, and whether the regulators need to be notified if breaches are identified.


The SM&CR also introduces a new criminal offense for a reckless decision by a senior manager that causes a bank (i.e. deposit-taking institution) to fail. This offense does not apply to non-banks. It will only apply to senior managers working in U.K. SMR firms and not in U.K. branches of overseas firms. The FCA and PRA don't have the power to impose criminal sanctions for this offense but can instigate criminal court proceedings against responsible senior managers. As is the case for all criminal proceedings, the prosecution will bear the burden of proving a senior manager's guilt on the basis of the usual "beyond a reasonable doubt" criminal standard of proof. The FCA, PRA, and the U.K. government have not published any guidance on precisely what conduct would be likely to constitute the reckless decision offense; however, courts probably would rely on existing case law and general criminal law principles to make this determination.

On this basis, it is likely that a senior manager will be deemed to have made a reckless decision if he or she was aware that there was a risk that such decision could cause his or her firm to fail and it was unreasonable for him or her to take that risk in the circumstances as known to him or her.7 The more obvious the risk, the more likely it is that a court would find that the senior manager must have been aware of the risk.8 The penalties for the offense can be severe and include up to 12 years in prison on indictment and/or an unlimited fine. The Parliamentary Commission on Banking Standards, which proposed the introduction of this offense, acknowledged that securing a conviction for the offense may be difficult in practice.9

The SM&CR will apply to personnel of U.K. SMR firms (including U.K. subsidiaries of non-U.K. firms) and of incoming branches of overseas SMR firms (both non-EEA and EEA incorporated), although the application of the new regime will be tailored for branches to reflect the nature of the branch's activities.

For certified personnel, the Conduct Rules and the Certification Regime will generally only apply to personnel who are either based in the U.K. or perform services for clients in the U.K.10 U.K. regulators have provided additional guidance on who is not a U.K. client in this context. For instance, U.K. persons to whom research is provided by a non-U.K.-based employee would not be clients. Similarly, if a non-U.K.-based employee has contact with a U.K. person for relationship purposes, the U.K. person would not be a client in this context.11 This applies regardless of whether the relevant SMR firm is a U.K. subsidiary or an incoming branch. Examples of certified personnel include staff responsible for benchmark submission and administration, proprietary traders and material risk takers (in line with the Remuneration Code).

In relation to senior managers of both U.K. firms and branches, the Senior Managers Regime and the Conduct Rules will always apply to persons in designated positions wherever they are located. As such, it has extraterritorial effect and will apply regardless of whether the individual is based in the U.K. or provides services to U.K. clients.12 Thus, individuals who perform senior management functions for a U.K. firm or incoming branch will have to become authorized as senior managers regardless of whether they are based in the U.K. or abroad. If a senior manager is employed by other group entities, the potential for conflicting and overlapping requirements arises — and at the very least it will be more difficult to determine the non-U.K. manager's U.K. responsibilities.

As a result, firms will take steps to minimize the risk of conflicting requirements. Such measures may include reorganizing governance structures according to legal entity structures instead of business lines, and ensuring the delegation of responsibility for the conduct of an incoming branch's or U.K. subsidiary's regulated activities to a U.K.-based senior manager. The U.K. regulators have indicated that they will determine the application of the regime to a particular individual on a case-by-case basis taking into account the organizational structure of the firm, its reporting structure, and whether any U.K.-based senior managers have an appropriate degree of accountability, autonomy, and responsibility for the U.K. entity or branch. The regulator's focus will be on individuals who are directly responsible for implementing the firm's strategy in the U.K. entity or branch for its U.K. regulated activities.


Onerous "presumption of responsibility" regimes exist in some jurisdictions, including Germany. Under the German Stock Corporation Act, board members are jointly and severally liable for breaches of their directors' duties under German corporate law unless they can demonstrate they acted with due care and skill. Where the allegations relate to the directors' business decisions, the board members may benefit from the operation of the "business judgment rule," which provides a degree of protection for decisions made on the basis of adequate information and for the benefit of the company.

Directors also bear the burden of proof in relation to satisfying the requirements of the business judgment rule. The reverse burden of proof and the scope of the business judgment rule are currently subject to discussion, and it remains to be seen whether the German legislature or courts will take action to mitigate the liability risk for board members.


The United States does not have a regulatory regime directly comparable to either the APR or the SM&CR. However, there are several parallels between the U.K. regime and existing U.S. regulatory requirements.

Additionally, recent speeches by U.S. bank regulators suggest that, while the U.S. probably won't implement a directly comparable regime, the policy objectives of the U.S. regulators are closely aligned with those of the U.K. regime.

Several U.S. regulators have recently discussed the appropriate role of supervision in maintaining the safety and soundness of banking organizations and the link between supervision and the culture of an organization.13 While the U.K. regime explicitly calls for an active role by the U.K. regulators in approving senior managers, the U.S. rules have traditionally provided for the same watchfulness as to the quality and appropriateness of key personnel through more informal supervisory review and consultation. U.S. regulators have been increasingly focused on oversight of personnel who can expose an institution to significant risk and ensuring that organizations have the proper internal controls to monitor and manage such risk. This has manifested itself in more prescriptive regulatory requirements and responsibilities for the board of directors and other executive management, particularly the heads of the risk, compliance, audit, and legal functions.


The U.S. business judgment rule presumption generally affords directors and officers protection from personal liability for prudent, informed business decisions made in good faith. As in other jurisdictions, directors and officers generally obtain protection from personal liability through indemnification agreements and directors and officers liability insurance in the absence of bad faith or malfeasance, although such protections are limited in certain circumstances by law and regulation.

Certain statutory authorities allow U.S. regulators to bring cases against individuals for failure to meet their duties. For example, the Federal Deposit Insurance Corp. (FDIC) can bring civil lawsuits against former directors and officers of a failed bank for a demonstrated failure to satisfy the duties of loyalty and care. The degree of protection afforded to directors of failed banks by the FDIC under the business judgment rule has often been the subject of litigation.

Similarly, in the event of a receivership of a large financial institution under Title II of the Dodd-Frank Act, or the Orderly Liquidation Authority, directors and officers can be personally liable in a civil case brought by the FDIC as receiver for gross negligence or conduct that demonstrates a greater disregard of a duty of care than gross negligence, including intentional tortious conduct. Furthermore, clawback provisions allow the FDIC to recover incentive payment and other compensation from directors and senior executives for the two years prior to the company's failure if they are found to be substantially responsible for the failure.14

U.S. banking regulators can, like their E.U. counterparts, dismiss employees as part of enforcement actions against firms. U.S. bank regulators can take enforcement actions against directors and officers (and other so-called "institution-affiliated parties") for violations of laws, breach of fiduciary duties, and unsafe and unsound practices. For example, the Federal Reserve Board can remove any officer, director, or employee of a foreign banking organization involved in its U.S. branch or other operations upon a finding of improper conduct or as a result of being convicted of certain criminal offenses.15


Just as in the U.K., U.S. regulators and prosecutors have been increasingly focused on individual accountability. William Dudley, President of the Federal Reserve Bank of New York, has suggested that it would be helpful if individuals who are convicted of an illegal activity were prohibited from employment in the financial services industry forever.16 He suggested that the U.S. should make it more difficult (as the U.K. is seeking to do) for employees who cross ethical boundaries to be able to move from one firm to another in order to escape the consequences, and put forth the idea of a database that would keep track of the hiring and the firing of financial professionals maintained by financial institution supervisors, akin to the regime that currently exists for broker-dealers in the U.S.17

Moreover, the U.S. Department of Justice recently issued a memorandum with guidance for civil and criminal prosecutors to pursue the prosecution of individual employees involved in corporate misconduct. The memorandum acknowledges the "substantial challenges unique to pursuing individuals for corporate misdeeds" and suggests that individual accountability for those who perpetuated the misconduct is "one of the most effective ways to combat corporate misconduct."18 Under the guidance, cooperation credit for corporations requires that the corporation provide information to the Department of Justice about the role of individual employees in the misconduct, and prosecutors are instructed not to release culpable individuals from civil or criminal liability as part of the resolution of a matter with the corporation.

The new U.K. rules on personal responsibility place firms and senior managers into a new world of regulatory requirements and obligations. It remains to be seen how industry standards will develop to protect well-intentioned senior managers from being held responsible for their firms' regulatory breaches and how firms might structure reporting lines to allow senior managers sufficient oversight of relevant business parts while allowing firms to maintain organizational and operational efficiency.

Notwithstanding that the U.S. does not have such a formal framework in place, there is an increased focus on individual accountability in the U.S. as well, and it remains to be seen how the U.S. regulatory and prosecutorial environment will change for individuals at banking organizations.


1 The final report and recommendations of FEMR are available at: http://www.bankofengland.co.uk/markets/Documents/ femrjun15.pdf.

2 See FSMA, section 66.

3 DEPP 6.2.4G.

4 See, for example, the discussion in Carrimjee v the FCA [2015] UKUT 0079 (TCC).

5 See the PRA's Supervisory Statement SS28/15, Id., para. 2.71.

6 The PRA also confirmed that it would only take action against senior managers where this is appropriate in all the circumstances and that such circumstances may include the nature and seriousness of the breach. See para. 2.67 of the PRA's Supervisory Statement SS28/15.

7 R. v. G [2004] 1 AC 1034, paragraph 41.

8 Seray – Wurie v DPP [2012] EWHC 208 (Admin), para. 21.

9 See para. 1182 of the Parliamentary Commission on Banking Standards, "Changing banking for good," available at http:// www.publications.parliament.uk/pa/jt201314/jtselect/ jtpcbs/27/27ii12.htm.

10 There is some doubt over how this territorial restriction applies to the PRA Certification Regime and Conduct Rules. Based on the available PRA guidance, it would appear that, for incoming non-EEA branches, the PRA Certification Regime would only capture U.K.-based personnel. For non-EEA branches, the PRA has stated that the scope of its Certification Regime would only capture "the U.K. population of Material Risk Takers" — see page 13 of the Policy Statement PS20/15 (August 2015) available at http://www.bankofengland.co.uk/pra/Documents/publications/ ps/2015/ps2015.pdf. However, for U.K. firms, on a strict reading of the PRA's guidance, it would seem that the PRA Certification Regime could apply to such firms' personnel based overseas; see footnote 44 in the Consultation Paper FCA CP14/13/PRA CP14/14 (July 2014), available at http://www.fca.org.uk/static/ documents/consultation-papers/cp14-13.pdf.

11 See pages 26 to 27 of the FCA CP15/10 (August 2015), available at https://www.fca.org.uk/your-fca/documents/ consultation-papers/cp15-10.

12 Nonexecutive directors of incoming U.K. branches will generally be excluded from the scope of the SM&CR rules.

13 See Remarks by Thomas J. Curry Before the Annual Conference of The Clearing House Association, New York, New York (November 21, 2014), available at http://www.occ.gov/news-issuances/ speeches/2014/pub-speech-2014-160.pdf.

14 The Securities and Exchange Commission recently proposed a rule to implement Section 954 of the Dodd-Frank Act that would, among other provisions, require listed issuers, including but not limited to banks, to develop, implement, and disclose policies requiring clawback of "erroneously awarded compensation" in the event of an accounting restatement. Specifically, issuers would be required to recover incentive-based compensation received by any executive officer in the three years prior to a material restatement of the issuer's financial statements that is in excess of the compensation that would have been received if the compensation had been determined based on the restated financial statements. Such clawback would be required regardless of the reason for the restatement, i.e., not limited to restatements required because of misconduct, and including restatements that are required because of no-fault computational errors. For a detailed overview of the proposed rule see Shearman & Sterling LLP, "SEC Proposes Highly Anticipated Clawback Rules" (July 9, 2015), available at http://www.shearman.com/~/media/ Files/NewsInsights/Publications/2015/07/SEC-Proposes-Highly-Anticipated-Clawback-Rules-ECEB-070915.pdf.

15 12 U.S.C.A. § 1818(e).

16 Speech, "Enhancing Financial Stability by Improving Culture in the Financial Services Industry," William C. Dudley, President and Chief Executive, Remarks as the Workshop on Reforming Culture and Behavior in the Financial Services Industry, Federal Reserve Bank of New York, New York City (October 20, 2014), available at http:// www.newyorkfed.org/newsevents/speeches/2014/dud141020a. html. Section 19 of the Federal Deposit Insurance Act prohibits anyone convicted of a crime of dishonesty, breach of trust, or money laundering from working at an insured depository institution or bank holding company. Dudley has suggested expanding Section 19 to cover the entire financial services industry.

17 Id.

18 See Memorandum from Sally Quillian Yates, Deputy Attorney General, U.S. Department of Justice, "Individual Accountability for Corporate Wrongdoing," Sept. 9, 2015, available at http://www. justice.gov/dag/file/769036/download.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Similar Articles
Relevancy Powered by MondaqAI
Akin Gump Strauss Hauer & Feld LLP
In association with
Related Topics
Similar Articles
Relevancy Powered by MondaqAI
Akin Gump Strauss Hauer & Feld LLP
Related Articles
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Mondaq Free Registration
Gain access to Mondaq global archive of over 375,000 articles covering 200 countries with a personalised News Alert and automatic login on this device.
Mondaq News Alert (some suggested topics and region)
Select Topics
Registration (please scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions

Mondaq.com (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of www.mondaq.com

To Use Mondaq.com you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions