Pedestrians pass by CIBC ATMs near Union Station in downtown Toronto on Aug. 29.Sammy Kogan/The Globe and Mail
John Turley-Ewart is a regulatory compliance consultant and Canadian banking historian.
U.S. bank regulators have again pulled back the veil on rule-breaking at one of Canada’s largest banks, this time Canadian Imperial Bank of Commerce.
CIBC will hand over a US$30-million penalty to the Commodity Futures and Trading Commission and another US$12-million to the Securities and Exchange Commission after these agencies determined staff at CIBC were “communicating using unapproved communication methods, including messages sent via personal text.”
The regulators announced the penalties last week, making CIBC the last of Canada’s major banks to be punished in the United States over such conduct.
The commodities regulator highlighted the crux of the problem at CIBC: The staff who used unapproved communications methods included “some of the same supervisory personnel responsible for ensuring compliance with CIBC’s policies and procedures.” In short, compliance officials both failed to do their job in enforcing the rules and flouted the rules themselves, too.
These lapses violated recordkeeping provisions in U.S. securities laws and Canadian bank supervisory guidelines. But what, if anything, happened in Canada in relation to CIBC’s rule-breaking will remain a mystery. Canadian legislation deems such information secret.
Canadians are dependent on U.S. bank regulators to shine bright lights on otherwise dark corners in our Canadian banks. This dependence is increasingly untenable.
Our largest banks continue to grow their U.S. footprint, creating compliance risk in the process. That’s because non-conformance with various regulations can have reputational and financial consequences that are material.
Toronto-Dominion Bank is the most obvious case in point. Failing to comply with U.S. anti-money laundering rules owing to its own broken internal governance and control processes may cost the bank US$3-billion in fines, monies that will be paid into U.S. government coffers.
In May, we learned in these pages that Canada’s bank supervisor, the Office of the Superintendent of Financial Institutions, had inspected TD Bank (after news of its U.S. troubles were well known) and ordered it to overhaul its risk controls. Yet Canadians only learned about this because people familiar with the situation spoke to Globe and Mail reporters.
Again, what exactly OSFI discovered and what remediation plan OSFI laid out for TD and associated timelines to resolve the findings is anyone’s guess.
This culture of secrecy that surrounds the supervision of Canadian banks is a hangover from the country’s banking past. For more than 50 years after Confederation in 1867, the federal government did not supervise banks, nor did it verify that any provisions within the Bank Act were in fact being followed by the country’s banks. That did not mean the Finance Department did not know which banks were duds. Using backchannels, Finance identified troubled banks and, keeping that information secret to avoid bank runs, often encouraged sound banks to merge-away the problem players.
This tendency to secrecy continued after pro-active bank inspection began in Canada in 1925 and was embedded in the Bank Act and supervisory legislation ever since as a means of preserving stability in the banking system and dealing with issues behind closed doors.
It is true that some supervisory information gathered through bank inspections is best managed confidentially, such as a bank’s financial viability that could undermine systemic stability. However, properly following non-financial risk supervisory guidelines is not one of them.
The proof is evident over and again whenever U.S. officials release findings against a Canadian bank, point to the rule violations and causes, assess a fine, and, in some instances, document the remediation process that is being implemented.
Such was the case four years ago when Bank of Nova Scotia paid a US$60.4-million fine in the United States for its connection to a commodities price manipulation scheme attributed to problems in its compliance regime. The U.S. officials publicly stated that Scotiabank agreed to “modify its compliance program where necessary and appropriate, and to retain an independent compliance monitor for a period of three years.”
Releasing such information did not raise any doubts about Scotiabank’s financial viability. It simply highlighted failings in its compliance program and a remediation process that allowed investors and bank analysts to know the problem was being monitored and ultimately addressed.
Canadians rightly have confidence in their banks. They must also have confidence in the supervision of their banks. That confidence is at risk when it appears that U.S. regulators are the most engaged supervisors of Canadian bank compliance programs.
It is time that changed.