A lawyer spotted a big mistake made by Britain’s financial regulator when handling sensitive info from businesses

Business Insider UK

By Lianna Brinded Jun. 2, 2016, 10:35 AM


Britain’s financial regulator made two huge oversights when it came to treating sensitive information from the SME Alliance, a small not-for-profit group that aims to help small to medium enterprises with problems they may have with their banks, says prominent London lawyer.

Chris Finney, Partner in Cooley LLP’s London office told Business Insider in an interview that the way in which the Financial Conduct Authority passed on sensitive information from SME Alliance members to the banks, which were subject to their complaints, may deter people from reporting potential wrongdoing in the banks because they would not be protected.

This is because the FCA didn’t ask the SME Alliance’s permission, nor did it warn them of what it was doing.

Over the last few years, the SME Alliance has been communicating with regulators, authorities and relevant organisations on the collective issues of its members, such as misselling financial products. Its main goal is not to deal with individual cases but instead to present the regulator with a raft of cases to demonstrate some of the issues a number of members are collectively experiencing.

However in January this year, the SME Alliance wrote to the chairman of the Treasury Select Committee Andrew Tyrie “to express concerns that the FCA had betrayed the confidence of whistleblowers by passing on sensitive information to the subject of their complaints, the high street banks.”

Subsequently, this led to Tyrie writing to the FCA’s acting-CEO Tracey McDermott in February, to respond “to claims made by the SME Alliance that its representatives have been ‘badly compromised’ by the passing on of sensitive information to the banks,” as well as to enquire about what progress the FCA has made to encourage a “significant shift in cultural attitudes towards whistleblowing.”

McDermott responded and said the FCA didn’t treat the SME Alliance as whistleblowers.

Tyrie then later wrote back to the FCA in late May to ask for “further clarity about what measures it is putting in place to improve its treatment of whistleblowers, following concerns raised by the SME Alliance.” The FCA has yet to respond to that letter.

The FCA told Business Insider “we don’t have any further comment to make than what Tracey said in her letter to Andrew Tyrie on March 10.

So Business Insider spoke to Finney, who leads Cooley’s London financial services and financial technology regulatory practices,to see what potential repercussions this has on the industry.


CooleyChris Finney, Partner in Cooley LLP’s London office.

Business Insider: So what did the communications between the Treasury Select Committee and the FCA regarding the FCA’s apparent failure to treat members of the SME Alliance as whistleblowers in accordance with its own policies truly show?

Chris Finney: That the FCA’s fallible. It was careful and thoughtful enough, and it had the decency, to ask for permission to disclose information and documents to the police and it was absolutely right to do so.

But it didn’t think to ask for permission to disclose the information and documents to the banks and it didn’t think to warn the SME Alliance that it had done so.

And these oversights might well have caused harm to the Alliance and its members. They’re also likely to have caused harm to the FCA – from a reputational point of view, and because other whistleblowers might now be deterred from whistleblowing.

That doesn’t necessarily mean the FCA acted unlawfully – although that is possible, notwithstanding the fact that the FCA did seem to have the power to disclose the information and documents to the banks and to the police as well.

The result? — Anyone else who’s thinking about blowing the whistle, should take pro-active steps to protect themselves from these risks in other cases.

BI: Were the allegations founded? What kind of evidence?

CF: There’s no way of telling whether the SME Alliance’s allegations against the banks were well-founded – and at least one of the banks denies the allegations against it.

The SME Alliance’s allegations that the FCA disclosed information and documents to the banks certainly appear to be true – at least in part – and the FCA has admitted as much. (In her letter to Tyrie of 10 March 2016, McDermott says “we did disclose limited information to the banks in question, and did not treat the SMR [sic] Alliance as whistleblowers ”).

tracey mcdermott

Tracey McDermott, acting CEO at the FCA.

BI: What was the response and has there been any repercussions over the businesses making these public, so to say?

CF: We don’t know. The SME Alliance alleges that it and its members have been prejudiced by the FCA disclosing the information and documents to the banks.

It might well be the case that the SME Alliance’s members will now be more reticent about disclosing information and documents to the SME Alliance; and, even if that’s not the case, the SME Alliance is likely to find it harder to meet its objectives, if it feels bruised and undermined by the results of its communications with the FCA.

BI: Has the FCA acted on it and if not, why?

CF: Andrew Tyrie has written to the FCA to ask it how it decides whether an informant is treated as a whistleblower, whether they are told clearly of this decision, and what assurance [it] can give to those who are so treated that their involvement will remain confidential.

His letter was sent on May 13, so the FCA’s reply may be this month. It will be interesting to see how the FCA responds.

Although it might fall back on its narrow legal obligations – arguing, perhaps, that it makes its decisions, and meets its obligations, in accordance with the law; it seems more likely that it will repeat its earlier assertions that (because whistleblowing is a good and positive thing from society’s point of view, and especially from a regulator’s point of view) it does everything it reasonably can to treat people as whistleblowers, and to protect their identity, whether the law requires this, or not.

I anticipate that we will also see more training for FCA staff, and improvements to internal FCA procedures, so that the FCA and whistleblowers are more likely to have these discussions up front; and the FCA is more likely to record and act in accordance with the whistleblowers preference for anonymity, whenever and however it reasonably can.

BI: What does this mean for businesses reporting this form of alleged wrongdoing from banks? Are they protected?

CF: Whistleblowers are given some protection by the law. But this case shows how easily that protection can be lost.

Although I think the FCA was wrong to impliedly blame the SME Alliance for its own misfortunes f(“the SME Alliance did not present themselves to us as proving this information in confidence”) whistleblowers probably need to be more pro-active in future, if they want to protect their anonymity.

This could be done, for example, by asking to be treated as a whistleblower (rather than assuming – however reasonably) that this is what will happen and marking every document you give to the FCA as confidential, and not to be shared with or copied to anyone outside the FCA without the express written permission of the person who provided the document and the person whose information it contains.

This will not be fail-safe — there is still a risk of leaks, and the FCA may be obliged to disclose regardless – but at least the risk of disclosure will be reduced to the greatest extent reasonably possible. And misunderstanding of the SME Alliance / FCA type (if that’s what it was) will not recur.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

<span>%d</span> bloggers like this: