Skip to main content
Dec 08, 2017

The week in GRC: UK banks said not to be reporting cyber-attacks, and interim CFPB chief freezes personal data collection

This week’s governance, compliance and risk-management stories from around the web

The Wall Street Journal reported that Broadcom opened the next front in its $105 billion takeover bid for Qualcomm by saying it plans to submit candidates to sit on the target company’s board. Broadcom said it intends to propose 11 new independent directors, and would support expanding the board to reappoint three outside directors who were named within the last three years.

Broadcom CEO Hock Tan said his company has ‘repeatedly attempted to engage with Qualcomm, and despite stockholder and customer support for the transaction, Qualcomm has ignored those opportunities.’ Qualcomm said Broadcom’s proposal faces several challenges, including financing and the prospective acquirer’s domicile in Singapore. ‘Qualcomm stockholders expect a board that will support this innovation while evaluating objectively the full range of opportunities available to maximize value for all Qualcomm stockholders,’ said Tom Horton, Qualcomm’s presiding director.

– The UK’s accounting watchdog – the Financial Reporting Council (FRC) – has more than tripled the size of its enforcement team over the past five years after coming under pressure to demonstrate a more rigorous approach to policing the audit market, according to the Financial Times. The unit now employs 30 staffers, up from fewer than 10 employees in 2012. The bulk of the new hires came after the watchdog decided to build an internal forensic accounting unit, rather than outsource that work to specialist law and accounting firms.

– US banks have quietly launched a project they hope will prevent a run on the financial system should one of them suffer a debilitating cyber-attack, the WSJ reported. The effort, which went live earlier this year and is called Sheltered Harbor, includes banks and credit unions that have roughly 400 million US accounts. The effort requires member firms to individually back up data so it can be used by other firms to serve customers of a disabled bank.

Although most people worry about their money being stolen in a hack, banks fear an attacker destroying, or simply locking, data. Such moves leave a bank unable to operate for hours, days or even longer. If people suddenly can’t access their accounts and money at one bank, customers at other banks could panic, prompting them to withdraw funds as a precaution and, in a worst-case scenario, spark a run on the banking system.

– According to Bloomberg, France’s Autorité des Marchés Financiers chair Robert Ophèle denounced bitcoin as a ‘dangerous illusion’ as the crypto-currency’s value climbed further past $11,000. ‘It’s a way to purchase illicit goods, it’s a way to launder illicit income, it’s a way to develop and pay for cyber-crimes and it’s a pure empty commodity,’ he said. ‘If it were a currency, it would be a very bad one.’ Ophèle said he isn’t sure he’d want to regulate bitcoin because it has no link to the real economy. Authorities and banks worldwide are grappling with how to treat the crypto-currency.

– The WSJ reported that Rio Tinto turned to Simon Thompson, a boardroom veteran with mining industry experience under his belt, to succeed Jan du Plessis as chair from next year. Thompson, a director at Rio Tinto since 2014, will take over when du Plessis steps down in March after about nine years as chair, the mining company said. Du Plessis said in March he was stepping down to join BT Group, where he became chair last month.

At the time, the company said the search for his successor had begun in mid-2016, when du Plessis agreed to remain in the role for a further two years following the appointment of Jean-Sébastien Jacques as CEO.

– The WSJ reported that Mick Mulvaney, the Trump administration’s interim director of the Consumer Financial Protection Bureau (CFPB), said he had frozen the agency’s collection of personal information due to cyber-security concerns – a step toward changing policies criticized by the financial services industry. Mulvaney said the move is part of his effort to improve the agency’s data security program.

Critics of the CFPB have complained about the bureau’s efforts to collect consumer data on credit cards and mortgages. They argue this threatens privacy and information security, though CFPB officials have said such data helps the agency identify discrimination and other industry misconduct, and can serve as a basis for writing rules.

– Deutsche Bank plans to rebrand its asset management arm as DWS, the name of its main retail brand, and put a structure in place that gives the group full control even after the unit’s planned stock market listing, according to Reuters. The bank said the asset management unit would assume the legal structure of a partnership limited by shares, or KGaA, during the first quarter of 2018. That structure ensures Deutsche Bank can retain control of the unit even if its shareholding falls below the 75 percent needed to dominate normal German stock corporations.

Deutsche Bank’s board member Karl von Rohr is poised to become chair of the unit, while its 12-member supervisory board will include another one or two Deutsche Bank representatives, four labor representatives and five or six independent directors.

– According to the WSJ, bankers in London say they’re now resigned to not getting any special treatment from the EU after Brexit takes effect. They’re moving from contingency planning for Brexit to executing those plans. ‘We are prepared for the most severe outcome,’ Barclays chair John McFarlane told a UK parliamentary committee. UK bank lobbyists have argued that centralization of financial services in London promotes efficiencies that keep costs down for consumers across the trade bloc. But those arguments haven’t resonated.

– SEC chair Jay Clayton said the agency has more to offer on how it views the uses of bitcoin, though he stopped short of saying the commission planned to issue formal guidance on the subject, according to the WSJ. Clayton said he sees ‘very little distinction’ between someone asking for investors to put money in bitcoin and ‘handing people a piece of paper that says stock.’ That suggests the SEC views bitcoin as falling under the securities laws.

Reuters reported that National Labor Relations Board general counsel Peter Robb sent a memorandum to the agency’s regional offices detailing an agenda to reverse many of the decisions handed down by the board during the Obama administration. Robb said any cases involving ‘significant legal issues’ should be submitted to the office of the general counsel’s division of advice for review.

Bloomberg said that, according to a senior official, UK banks are still not telling regulators about all the cyber-attacks on the financial services industry despite a 10-fold increase in reports to the Financial Conduct Authority (FCA) over the last four years. ‘Our suspicion is that there’s currently a material under-reporting of successful cyber-attacks,’ Megan Butler, the FCA’s director of supervision, said. ‘The number of breaches relayed back to us looks modest when you set it against the number of attacks on the industry.’ The number of material attacks reported by firms to the FCA has grown to 49 this year from five in 2014, as hacks become one of the biggest threats to the safety of the industry.

– The SEC announced that it had made an award of more than $4.1 million to a former company insider who alerted the agency to a widespread, multi-year securities law violation and continued to provide important information and assistance throughout the SEC’s probe. ‘Company insiders often have valuable information that can help the SEC halt an ongoing securities law violation and better protect investors,’ said Jane Norberg, chief of the SEC’s office of the whistleblower. ‘The breadth of the SEC’s whistleblower program is demonstrated by this case, where the whistleblower, a foreign national working outside of the [US], affirmatively stepped forward to shine a light on the wrongdoing.’

The Guardian reported that, under proposals to overhaul UK boardroom rules, companies would not be forced to appoint workers to their boards and instead be allowed to choose how they intend to heed the views of employees. The proposals appear to confirm that Prime Minister Theresa May’s pledge to put workers on boards has been abandoned.

The FRC's consultation on the proposals also includes plans that would require firms to publish their gender balance. The FRC is proposing that these figures include the first layer of management below the board – and their direct reports – and includes all companies, not just the 350 biggest listings on the stock market.

– A report by the World Bank and the Bahrain-based General Council for Islamic Banks and Financial Institutions (Cibafi) says Islamic banks need to strengthen their risk-management and sharia compliance functions, Reuters reported. The report aims to encourage further action by regulators to strengthen the sector’s governance. The global financial crisis has spurred awareness of corporate responsibility over the past decade, but regulations covering Islamic banks have not always kept pace with the industry’s growth.

– A US Senate panel on Tuesday approved a plan to ease the rule book for regional banks, advancing the most significant bipartisan rollback of financial regulations since post-crisis rules were put in place, the WSJ reported. If enacted, the bill could drastically cut the number of banks subject to heightened Federal Reserve oversight by raising a key regulatory threshold from $50 billion in assets to $250 billion in assets. It also would ease rules governing credit unions and community banks. The bill is expected to advance through the full Senate in early 2018.

The New York Times reported that Oliver Schmidt, a former Volkswagen manager in Michigan, was sentenced to seven years in prison for his role in the company’s scheme to cheat on diesel emissions tests. The sentence, including a fine of $400,000, was imposed four months after Schmidt pleaded guilty to conspiracy to defraud the federal government and to violating the Clean Air Act.

Schmidt has played down his role in the company’s efforts to cover up its actions. In his comments to the judge, he accepted responsibility for his wrongdoing. ‘I only have to blame myself,’ he said. ‘I made bad decisions, and for that I am sorry.’

– The Financial Industry Regulatory Authority (Finra) issued proposed changes to the expungement process, which enables associated persons to seek to remove allegations from the Central Registration Depository made by customers. Finra has proposed creating a roster of arbitrators with additional training and specific backgrounds or experience from which a panel would be selected to decide requests for expungement of customer dispute information in settled cases and in cases brought for the sole purpose of seeking expungement.

Finra is also discussing with the North American Securities Administrators Association more extensive changes to the process. ‘The proposals help address concerns related to arbitration panels granting expungement requests without hearing the full merits of the underlying case,’ said Richard Berry, executive vice president and director of Finra’s office of dispute resolution. ‘The proposed changes would also make it easier for customers to participate in expungement hearings and make information about the underlying case more readily available to arbitrators.’

– According to the FT, the proportion of M&A activity involving all-share deals has dropped to a record low this year, as access to cheap cash and doubts over US equity market valuations complicate what can already be a tough option for dealmakers. Stock-for-stock deals involving US companies accounted for just 10.6 percent of transactions by dollar value in the year to December 1, according to data from Dealogic. That puts 2017 on track to be the weakest year for such deals since Dealogic began collecting data in 1995. The average for the past 22 years has been 18.5 percent; in 2016, 23.9 percent of deals by dollar value were consummated using all stock.

– The WSJ said that, according to people familiar with the matter, the Trump administration has told employees of the US Office of Financial Research (OFR) to expect deep budget and staffing cuts, in the latest example of its efforts to undo policies put in place under former President Barack Obama.

Senior officials at the US Department of the Treasury delivered the news to OFR employees at a November 30 meeting, according to people who attended. Congress created the OFR in 2010 to improve financial data and spot risks. A Treasury spokesperson had no immediate comment.

– Glass Lewis said it has recommended London Stock Exchange (LSE) shareholders vote against a resolution by activist hedge fund firm TCI calling for the immediate removal of LSE chair Donald Brydon, Reuters reported. The LSE and TCI have been engaged in a public dispute over the exchange’s handling of plans for CEO Xavier Rolet to step down by the end of 2018.

Glass Lewis was the second influential investor advisory group to recommend investors reject TCI’s proposals after ISS made a similar statement. ‘We see no reason to believe the board failed to properly oversee the company during the CEO transition process or that it failed to act in the best interest of shareholders,’ Glass Lewis said. ‘We find little evidence to support the... claims that shareholders have lost faith in Mr Brydon as chairman.’ TCI and LSE declined to comment on the Glass Lewis statement.

Bloomberg reported that global bank regulators broke a year-long deadlock and closed the book on the Basel III capital rules. The deal includes new curbs on how banks estimate the risk of mortgages, loans and other assets on their books in an effort to improve the transparency and health of lenders’ balance sheets, the Basel Committee on Banking Supervision said.

‘Today’s endorsement of the Basel III reforms represents a major milestone that will make the capital framework more robust and improve confidence in banking systems,’ said Mario Draghi, chair of the Basel Committee’s group of central bank governors and heads of supervision and president of the European Central Bank.

– The SEC appointed Daniel Michael as chief of the enforcement division’s complex financial instruments unit. In his new role, Michael will lead a specialized unit of attorneys and industry experts based in offices across the country and investigate potential misconduct related to complex financial products and practices involving sophisticated market participants. Michael joined the agency in 2010, and has served as an assistant director based in the New York office since 2014.

– The WSJ reported that EU officials agreed to expand the bloc’s powers to police and fine auto makers, in an effort to prevent a repeat of diesel-emissions scandals. Negotiators for EU governments and the European Parliament clinched a deal to allow the European Commission to audit national regulators. The deal introduces spot checks on new vehicles hitting European roads and empowers the commission to issue EU-wide recalls and fine auto makers as much as €30,000 ($35,000) per non-compliant car.

Ben Maiden

Ben Maiden is the editor-at-large of Governance Intelligence, an IR Media publication, having joined the company in December 2016. He is based in New York. Ben was previously managing editor of Compliance Reporter, covering regulatory and compliance...