Financial services regulators across the globe have been focused for a number of years on the need to address ‘Rolling Bad Apples’. This is where individuals engage in misconduct during their employment at a financial institution, but are nonetheless able to obtain subsequent employment elsewhere without disclosing their earlier misconduct to the new employer. The Hong Kong Monetary Authority (HKMA) has recently published its consultation conclusions on a proposed Mandatory Reference Checking Scheme (MRC Scheme).
MANDATORY REFERENCE CHECKING SCHEME
The MRC Scheme will be implemented in two phases and will apply to all authorised institutions (AIs) in respect of their Hong Kong business. In Phase 1, any individual who is to perform the role of a director, chief executive, alternate chief executive, manager, executive officer or responsible officer will be subject to the MRC Scheme. Phase 2 will (it is expected) expand the scheme to cover all staff carrying out regulated activities under the Securities and Futures Ordinance, the Insurance Ordinance or the Mandatory Provident Fund Schemes Ordinance.
An MRC Information Template (i) will require all AI employers (AI Referees) to provide basic employee information, (ii) contains questions that must be answered by an AI Referee to a recruiting AI and (iii) provides a disclaimer stating that the recruiting AI takes full responsibility in relying on the information provided by the AI Referee and that the AI Referee is not liable in the absence of negligence and bad faith.
The MRC Scheme proposals are not generally controversial. There are similar schemes in other jurisdictions, such as the Senior Managers and Certification Regime in the United Kingdom.
Timing for implementation has not yet been confirmed. To assist with the development and implementation of the MRC Scheme, the HKMA has requested that the Hong Kong Association of Banks (HKAB) set up an industry working group (IWG) to formulate operational details within six months from the date of the Consultation Conclusions. The IWG will also confirm the transition period for implementing Phase 1 – a period that will run from when the HKMA has endorsed the IWG operational plans.
SOME DIFFICULT ISSUES FOR AI REFEREES
AI Referees may face difficult decisions when establishing a framework and protocols to comply with the MRC Scheme.
For example, how should AI Referees deal with a reference request when there are ongoing (and continuing) investigations into potential misconduct involving the employee subject to the request? Where should AI Referees draw the line between employee conduct and conduct within private life, which is a line that is becoming increasingly hard to identify. Read our paper on the MRC Scheme where we have considered these and other issues that may arise.
ACTION POINTS FOR AUTHORISED INSTITUTIONS
Despite there not yet being a confirmed date for implementation, AIs should start to take the necessary steps to ensure that they are ready to comply with the MRC Scheme once introduced. In particular, AIs should consider the following:
- Gathering historical records of current and past employees in the last seven years;
- Ensuring that they maintain sufficient internal records to allow future compliance with the MRC Scheme;
- Reviewing existing internal systems, controls, policies and procedures for information collected and ensuring they meet the requirements of the MRC Scheme; and
- Ensuring their Personal Information Collection Statement (PICS) is fit for personal data collection under the MRC Scheme; and
- Ensuring compliance with a data correction or access request from an applicant or from a current or former employee.
FURTHER DEVELOPMENTS EXPECTED IN APAC
In Australia, the Financial Sector Reform (Hayne Royal Commission Response) Act 2020 reformed the breach reporting and remediation regime for Australian Financial Services (AFS) licensees and holders of Australian Credit Licenses (the Subject), targeting the problems created by ‘rolling bad apples’. It aims to strengthen and broaden a Subject’s existing reporting obligations to self-report to the Australian Securities & Investments Commission (ASIC). An ASIC consultation paper released in April contains draft regulatory guidance reflecting the reforms to the breach-reporting regime. The consultation introduces obligations on financial advisers and mortgage brokers to report, investigate, and remediate misconduct or breaches of regulatory requirements. ASIC intends to publish its final guidance regarding reporting obligations before 1 October 2021, ie the effective date of the legislation’s reporting provisions.
Meanwhile, the Monetary Authority of Singapore (MAS) has proposed that all financial institutions and entities regulated by the MAS be required to carry out reference checks for all prospective hires for senior managers and employees in specified key functions. The proposal set out in its 14 May 2021 consultation paper is a significant expansion on MAS's current expectations which only apply to representatives and broking staff of holders of capital market services licences, licensed financial advisers, registered insurance brokers and persons exempted from licensing to carry out these activities. In addition, standardised practices for carrying out reference checks earlier proposed by the MAS in 2018 for such representatives and broking staff are now proposed to be applied industry wide to all financial institutions and regulated entities. These standardised practices include a mandatory list of information to be requested in reference checks, and a mandated time limit of 21 days to respond to reference check requests. The broader focus is intended to deal with persons 'sanitising' their records by moving across different roles and industry segments and is in line with the increasing global focus on 'rolling bad apples'. The development fits in neatly with the current narrative of the importance of strengthening governance frameworks to deter and prevent the perpetuation of representatives’ misconduct. The MAS has proposed a transitional period of six months upon the publication of the finalised notices to implement the system.