On the 24th of June 2019, the
Central Bank reprimanded and fined JPMorgan Administration Services (Ireland)
Limited (JPM) €1.6 million.
In March 2014, following a themed inspection with
outsourcing requirements, the Central Bank issued a Risk Mitigation Programme
requiring JPM to take measures to fix issues with its outsourcing arrangements
with third parties.
JPM persistently failed to remediate the root causes of
these failings despite repeated supervisory intervention by the Central Bank.
And yet, someone senior in JPM continued to tell the Central Bank that all was
well and had been fixed, whilst JPM continued to outsource core activities
without supervisory approval. And, despite the establishment of an oversight
and governance committee to regularise these issues, a thinly veiled attempt to
provide assurances to the regulator, nothing changed.
In a way, the enforcement
action against JPM, we would argue, represents a microcosm of scandals that
continue to plague large international financial institutions such as Danske,
ING and Deutsche Bank. Dare we question, why do big institutions continue to
fail in their regulatory obligations as supervisory authorities increase the
regulatory burden for entities large and small? Can internal compliance
departments continue to justify their position that they are not risk owners
and therefore not responsible?
Gatekeepers and frontline staff are overburdened
with operational requirements, targets, customer pressures and bureaucracy
while Senior Management, Compliance and Risk teams “oversee” their colleagues.
Is it time the Central Bank takes a closer look at the Heads of Compliance and
Senior Management and acts on its administrative sanctions programme?
6 prohibition notices issued against individuals for failures in fitness and
probity and the latest Central Bank’s speeches commenting on individual
accountability, perhaps it’s only a matter of time.
Click here for details of the Central
Bank’s enforcement action