Mobile Edition
Print
Get the Mag
Weekly UpdatesTHE LINE BETWEEN LEGAL AND ILLEgal business activity is normally clear, but--especially in a principles-based regulatory environment--a gray area exists between appropriate and inappropriate behavior of bank executives. So if the chairman of a country's third largest bank hides personal loans, can his behavior be considered inappropriate but not illegal? What type of executive or board-level behavior is considered unacceptable and inexcusable?
William Trome, the chairman of Apex Bank in Ireland, began borrowing money from the organization to invest in overseas projects when he was still the bank's CEO. That, in itself, was not a problem, and certainly not illegal, provided the loans were granted on commercial terms, approved in accordance with the bank's credit policy and within authorized approval limits, and financed for viable projects.
However, the amounts Trome borrowed from the bank far exceeded the amounts taken out by other directors, and he preferred not to disclose this information. The former CEO was keen to ensure that the bank's mandatory disclosure of its loan book to shareholders, as well as the prudential returns to the financial regulator, did not trigger any unnecessary questions. Over the course of several years, spanning his tenure as both CEO and chairman of Apex, Trome operated a simple, but highly effective, mechanism to avoid the unwanted disclosure and potentially awkward publicity surrounding his large borrowings from the company. With a little help from another bank, Trome drew down approved short-term credit lines to pay back the loans from Apex. Cleverly, this transaction always occured shortly before Apex's balance sheet date; consequently, the bulk of the loans to Trome did not actually appear on the bank's books at year-end. The beauty of this arrangement was that the befriended bank's financial year was different from Apex's, and the transaction was reversed before their balance sheet date, again enabling Trome to prevent a large exposure from showing in the befriended bank's year-end figures.
During the economic turmoil of 2008- 2009, Apex, along with many other banks, experienced severe financial difficulties, prompting the government to put in place a deposit guarantee program. The industrywide financial crisis worsened rapidly, and the state guarantee was complemented by plans to inject fresh capital into those banks that were deemed systemically important. Naturally, all banks that were subjected to the state guarantee had to open up their books to government auditors. The minister of finance, not blinded by the daunting details of the recapitalization undertaking, spotted the anomaly in the directors' loans at Apex, as the total amount was significantly larger than the respective loans of other banks.
Government-appointed auditors questioned Apex's management about the nature of the loans. Trome reluctantly provided some information but refused to appear in front of the dedicated parliamentary committee investigating the circumstances of the case.
Additionally, during the recapitalization proceedings, the financial regulator who oversaw Apex was asked to comment on the size of the loans, the relevant regulatory rules, and the applicable transparency requirements. The regulator had to admit that it had known about the loans to Trome and the related refinancing transactions for nearly a year but had not followed through on its findings with sanctions or penalties. Strangely, the regulator's discovery was made during a routine inspection of the bank Trome had used as a vehicle for his concealment and not during routine inspections of Apex. In light of these revelations, the regulator undertook an internal inquiry and found that an internal breakdown in communication was to blame for not escalating the incident to the highest level within the regulatory organization. The regulator's CEO announced his early retirement in response to these findings.
As the details of the case unfolded, Trome stepped down as Apex's chairman, followed swiftly by the bank's CEO and the chief risk officer (CRO) and finance director, who both realized that their positions had become untenable. Later, in the wake of the government's announcement of recapitalization and, ultimately, full nationalization, all but one of Apex's board members also stepped down.
The head of Apex's Internal Audit Department appeared in front of a parliamentary committee and admitted that he was aware of the loans but did not know about the full extent of Trome's borrowings or the transactions designed to hide the loans from shareholders and the regulatory agency. He indicated that the bank's loan book had, in fact, been routinely reviewed by the internal auditors, but unfortunately, none of the directors' loans was ever included in the random sample selected from the entire loan book for testing.
The bank's external auditors stated that the audits of Apex over the years were undertaken in accordance with the appropriate audit standards, and that they were confident of all audit opinions expressed by them regarding the bank's financial statements. As part of their normal audit process, the auditors had received certificates from directors setting out their loan balances with the bank at the end of the financial year. However, the firm claimed that it had been unaware of the refinancing transactions Trome had undertaken to conceal the extent of his loans with the bank during previous years.
At this point, it remains unclear whether the board of directors, the audit committee, the risk committee, or others had known about the full extent of the loans and what their respective roles were. The regulatory investigation, as well as a separate investigation by the governing accountancy body into the role of the external audit firm, is ongoing. Additionally, an investigation by the director of corporate enforcement into any breaches of company law or other rules and regulations has commenced; that investigation includes the role of the financial institution that Trome used for the year-end loan concealment transactions. Further revelations are being made that continue to contribute to the reputational damage of the banks involved, the financial regulator, and the domestic financial services market as a whole.
LESSONS LEARNED
* A failure to comply with good governance principles should always wave a bright red flag that something might be amiss; this was certainly true at Apex. Best practice, for example, would dictate that no senior executive moves into a direct position of influence on the board of directors of the organization, certainly not as the chairman of the board. In addition, the functions of a CRO and finance director are seemingly incompatible, but were performed by a single individual at Apex. Under modern governance principles, that should not be the case. The bank's deviations from good corporate governance principles should have led to a reassessment of risks by internal and external auditors. Additionally, such noncompliance should have warranted more extensive audit testing than what is required under "normal" audit standards.
* While it is not quite clear how closely Apex's internal and external auditors had aligned their audit work, the directors' loans and associated transactions before and after the financial year-end were clearly neglected. Effective communication and cooperation between the internal and external auditors is essential to ensure that neither group places too much reliance on the other, and to address overlaps or gaps in audit coverage pre-emptively.
* Despite the presence of a formal whistleblowing policy, no one at the bank reported any suspicions of the refinancing transactions that occurred shortly before and after the balance sheet date. While it is unclear how many people actually knew about Trome's actions, in the aftermath of the discovery, internal auditing should have reviewed the effectiveness of the whistleblowing policy. How effective is a hotline if no one is using it?
* The loans selected by auditors for testing were said to be based on random sampling from the total loan book and did not include any of the directors' loans. Internal auditors must determine whether their sampling methodology is appropriate given the nature of the tests being performed. At the very least, during testing of a bank's loan portfolio, loans to employees and directors should be a separate stratum and tested routinely, but with a different emphasis than normal customer loans.
To comment on this article, e-mail the author at iaonline@theiia.org.
EDITED BY ANDI MCNEAL
FEED