An unprecedented wave of global enforcement has pushed risks facing banks to once unthinkable proportions. In the follow-up to our banking litigation Insight with Stephenson Harwood, bank counsel discuss managing the biggest risks in global business. Alex Novarese reports.
‘A head of litigation at a bank was saying to me the other day: “I don’t really care about [civil litigation]. If a counterparty has a claim, even a big claim, you instruct your litigators – it’s expensive and you try to control the cost but it’s just a bit of litigation. Worst-case scenario is we may have to write a cheque for £200m but we know the limits of the problem. We don’t really care. It’s containable. It’s predictable.” You would have never heard someone saying something like that ten years ago. But all these issues about reputation, regulation and unquantifiable fines – it’s such a mess. You know you have got to do something about it but you don’t know where it will go.’
The above comments from one veteran litigator at a major bank are a stark reminder how unrecognisably the risks and trading environment have changed for major finance houses over the last decade.
At a recent debate held by Legal Business and Stephenson Harwood on regulation and banking litigation, it was clear the extent that the onslaught of aggressive enforcement activity has utterly changed the risk equation for banks… and the in-house counsel charged with managing them.
With unprecedented fines levelled against major banking groups in the last two years – in excess of $100bn – amid a string of breaches including Libor and Forex manipulation, PPI mis-selling and the latest controversy over so-called ‘dark pool’ securities trading, the risks inherent in even big-ticket civil litigation now seem almost quaint.
Having gathered senior in-house counsel from half a dozen banks – it is immediately plain the extent to which enforcement activity now drives risk management of major finance houses above all other concerns.
Everything, from how legal and compliance teams are structured, to staffing and HR decisions and data retention, is underwritten by the curious dynamics of modern corporate prosecution in which agencies are not only hunting in packs globally and seizing new powers to extend corporate liability, but also often taking on the role of judge and jury.
As another of our panel comments: ‘We find that concerns over regulators completely over-ride all other considerations when it comes to litigation. There tends to be huge pressure to just keep litigation completely out of the picture or manageable. The focus on claims the institution may advance is lost.’
While the image of the untouchable banking giants has largely survived the post-Lehman environment, hearing the lawyers at the sharp end it is apparent that such institutions feel all too vulnerable as they grapple with a rapidly changing regulatory dynamic. Such are the sensitivities involved, Legal Business agreed to report the following debate without attributing comments to the individuals or institutions that attended.
Getting to the 47th floor
The reasons for the dramatic shift in the regulatory environment are well trodden, and certainly preceded the banking crisis, even if the too-big-to-fail environment ushered in far bigger incentives for regulators and policy-makers to crack down on banks.
The creeping expansion of corporate liabilities in the US has been apparent for decades and has recently been replicated in the UK, while the recent vogue for aggressive anti-bribery enforcement and liberal use of prosecutorial sticks like deferred prosecution agreements has made it far easier to pursue companies (the UK has of course, this year introduced its own form of corporate plea bargaining). The days when judges thought of companies as having ‘no soul to be damned, no body to be kicked’ are long gone. The $1.4bn deal agreed in 2003 between then New York attorney general Eliot Spitzer and a group of banks to settle claims regarding biased equity research was a means for securing major fines that arguably became a playbook in the decade that followed.
The expanding ranks of major agencies internationally targeting banks, together with the increasing chance that these watchdogs will actively co-operate across borders, added with dramatic increases in the levels of fines, has ushered in a once unthinkable level of risk.
‘It changed with Libor – there was a gap, there was PPI [mis-selling] and then there was Libor,’ reflects one delegate. ‘Now there is a different attitude. With Libor, we didn’t think it would be the end but we didn’t think there would be that many skeletons in the cupboard that would come out so quickly.’
As another counsel, citing the $9bn fine imposed this summer on BNP Paribas, reflects: ‘Ten years ago it was two or three litigators dealing with the claims coming through the door. Now there’s a well-trodden path up to the 47th floor for us and when you ask for a meeting, you get a meeting. The access has changed completely in the last five years.’
By agreement, the heightened risk awareness often leads to unrealistic expectations heaped on in-house legal teams, with much gallows humour around the table about calls from executives for the bank’s lawyers to have detailed contingency plans for obscure or unlikely problems.
‘The bane of my life is that the board gets a daily news feed, so you’ll certainly get a question about some weird case going on in Paraguay because of some news story and suddenly it’s top of their agenda,’ says one delegate. ‘You file in the forgotten box when you look at it.’
If seasoned litigators can usually work out what to discount, the fear of regulators is as much because potential actions are so hard to predict under the outcomes-focused regimes many agencies deploy.
Observes one counsel: ‘The regulators are non-committal when you do engage with them. You’re always operating in this completely grey area in which you can never really give definitive conclusions. There are so many angles – you just don’t know how the regulators will fall.’
Stephenson Harwood litigation partner Edward Davis recognises the picture: ‘We were asked to advise on two potential regulatory problems recently. We advised the clients, based on recent experiences and an initial investigation, that they could be in real trouble. However, when the clients approached the regulator, while investigations were started, ultimately they were not pursued and the files were closed.’
The difficult decision
The huge pressure to respond effectively to potential regulatory actions means that banks are forced to scramble to perform a rapid initial assessment once alerted to an issue so that they can determine a course of action before it spirals out of control.
Indeed, if there was one over-riding theme of the debate it was that, unlike in disputes, where playing for time and setting the pace are standard tactics, an effective regulatory response is a race against the clock.
‘Judging when to go to the regulator is a difficult call. You owe it to staff and shareholders to ensure that there is something to report. But you can’t sit on it for too long,’ says Stephenson Harwood litigation partner Tony Woodcock, citing cases of regulators claiming non-compliance if they perceive any feet-dragging over reporting. ‘You need to think early about privilege and IT preservation – regulators increasingly seek waiver of legal privilege in respect of an internal investigation’s working papers. It shows how important it is to agree the ground rules with the regulators.’
But, warns Woodcock, having a reasonable handle on the scope of the problem remains key after an initial assessment, regardless of time pressures. ‘Once the regulator is through the door, there is no telling how far its enquiries might spread. Terms of reference can be widened with ease.’
There is also agreement that once you have decided to make a material disclosure to a regulator, it pays to be liberal in reporting to a wide range of agencies with potential jurisdiction as the realities of inter-agency competition make it easy to put noses out of joint… with potentially disastrous consequences. As such, it is better to communicate extensively to ensure everyone is in the loop when determining matter scope because a lack of communication can have terrible consequences.
‘Early escalation to the regulator is key,’ says one counsel summing up the mood. ‘As a matter of practice we will, within a day or two of finding a problem, call the regulator and say: “This has happened. We’re looking at it and we’ll get back to you.” You need to manage their expectations because the last thing you want to do is read it on the front page of newspapers. Often if you’re asking yourself if you should notify, you should have already done it.’
Woodcock picks up the theme: ‘You have to assume that any information you give to one regulator will find its way to others. They share a lot more than they used to.’
Beyond sheer speed of response, there is widespread agreement that it is essential for in-house legal teams to have a structure to not only inform senior management but to manage and focus the attention of the c-suite and board through what may be a long-running process.
Counsel also need to be alive to the distinct cultural approaches used by different regulators, with US agencies typically far more likely to engage in extensive dialogue with regulated parties in a way that would be unthinkable in Europe.
However, despite the increasing complexity of managing so many different bodies and varying approaches, there is perhaps a surprising amount of common ground emerging in what information regulators are looking for and what behaviours they are attempting to sanction.
And in-house counsel arguably face as much of a challenge communicating internally as with outside parties in working out how they structure their sprawling compliance and legal teams, which have varying cultures and approaches to privilege. Several people in the room noted the problematic tendencies to silo between legal and compliance and the general view was there was no clear answer to such tensions, beyond the observation that: ‘We’re best friends with our IT department.’
The importance of a rigorous procedure and board-level support is heightened by the reality that many of the low and mid-level staff that are either potentially involved in or witnesses to wrong-doing are likely to have left the bank given the high staff turnover of the finance industry.
A notable related point is the extent that handling staff issues has become defined by potential regulatory concerns. Several counsel in the room said they were given prior notice of possible staff cuts to ensure no individual was fired that the bank needed to have within the tent for potential regulatory or dispute issues.
Ultimately, hard-nosed decisions on staff are increasingly determined by regulatory exposure of the wider institution, though this as often pushes banks towards a more long-term view in managing staffing issues; banks now ‘avoid pinning their disciplinary colours to the mast when they have any reservations about regulatory actions’ in the words of one counsel.
‘We used to have directions to grill employees as hard as you can because they were getting fired on Monday – that doesn’t happen anymore,’ says one in-house counsel. ‘There is now a perception that you need to keep people on board at least until you have a much clearer idea of what has happened. You need their ongoing co-operation, not just a witness statement.’
£4m is fine. Not a penny more
With regulation having seized the agenda of in-house counsel – and consumed a growing level of resource – there is clear agreement that the focus in handling commercial litigation has shifted towards ensuring predictable outcomes and costs.
This has been a sea-change from the period where, in the words of one counsel, people would have once ‘worried about if that person collapsed in the witness box or what happened in disclosure’.
One reason for this shift is that the startling speed of regulatory response now means that banks are moving far more quickly than the vast majority of potential claimants, be they counter-parties or individuals.
As one bank lawyer comments: ‘You get the claimants saying: “We’re going to tell the regulator about this, we’re terribly cross.” And you say: “Well, we’ve beaten you to it by about four weeks.” It will rarely be a claimant telling a regulator about a problem these days.’
It appears that as a reaction to the inherent volatility of regulatory actions, bank legal teams have responded by seeking to contain conventional disputes within predictable budgeting.
Comments one: ‘We ask external counsel: “What are you going to cost us next year because we have to build those costs into the business? The assumption is you’re going to go through disclosure, you’re going to do 25 witness statements, you going to get in four experts, you’re going to have a four-week trial and it’s going to cost us £4m. Fine. That’s what I’ll pay and not a penny more.” [The law firm] then takes the risk to run the case in an efficient way to make sure they make a profit – the worst thing that can happen is to bust the budget because we’ve got to move the budget from somewhere else. If they say: “Actually we’ll have to get in six [expert witnesses rather than four],” we’ll have to move budget from somewhere else. That’s a complete disaster.’
Given this dynamic, the stakes and the level of resources on tap, it was clear from our panel that banks remain uninterested in progressive forms of fees or risk sharing such as damages-based agreements or external funding.
Far more popular are fixed fees and simple discounts on hourly rates. In the words of one counsel: ‘It’s all about certainty. We don’t care about [success fees]. If the case is certain, why am I giving away the equity? We can afford the running costs of the litigation.’
Perhaps more surprising, banks also remain less focused than many other major global industries on arbitration, reflecting probably the particular exposure to regulatory risk of finance.
Aside from expecting counsel to deliver predictability on costs, there was a desire from banks at the debate to have more effective briefing from advising law firms about the trends and relevant future developments in finance litigation. While such ‘horizon scanning’ is often provided in the regulatory field, it is far harder to come by in disputes, though several counsel advised maintaining close links with QCs specialising in finance cases.
In a broader sense there was a call for law firms to provide more forward-looking intelligence that banks can feed into their monitoring.
Drawing these points together, Woodcock reminds the audience that with stakes so high, heading off problems before they happen is the best course. ‘If you look at a regulatory issue, it’s usually an individual through incompetence or unethical behaviour that causes it. Regulators will want to know about your processes and tools to prevent that – including remuneration systems and training and monitoring throughout the business. It’s about prevention rather than cure.’ LB
alex.novarese@legalease.co.uk
When the bomb drops – first steps in a regulatory breach
- Speed matters Institutions need to front-load initial analysis as there are only a matter of days to scope a potential problem, assess worst-case scenarios and craft an initial response. There is one chance to get the scoping right and it will help to shape the process.
- Report early If the problem requires reporting, it is better to go for wide-ranging disclosure between agencies and assume they will share information.
- Manage communication assiduously Time invested in communicating with regulators and keeping them thoroughly briefed is well spent.
- Get the structure right In-house legal teams need to build systems and contacts across the business that fulfil two needs: to work as an early warning system of potential risks to bolster preventative measures and provide effective rapid assessment of problems as they occur. This means cultivating access to senior executive and board members, but also strong lines of communication with IT, HR, compliance functions and specialist fraud teams.
- The response team must be ready Legal, IT, external lawyers and e-discovery teams need to be quickly aligned with a coherent and consistent approach.
- Prevention is key Rigorous training and monitoring will not only reduce chances of regulatory breaches but go a long way to placate agencies and contain corporate liability.
The Legal Business and Stephenson Harwood Banking Insight report, Hunting Titans, from LB240 is available here.