Attribution of individual responsibilities (board, management, control functions, front office): disciplinary power, FINMA, criminal law

Recent case practice on the liability of banks and the second line of defense
Current practices regarding the drafting of internal policies that map and specify the duties to act
Impact of the future Senior Management Regime on control functions

To whom Is individual responsibility attributed: the legal framework

The principles governing criminal responsibility of (senior) management

• Criminal liability and responsibility of board members
• Non-transferable responsibilities in corporate governance
• Vertical divisions of responsibility and the principle of trust (Vertrauensgrundsatz)
• Responsibility of governing bodies in the context of AML reporting obligations
• Omissions as potential trigger for (criminal) responsibility (duty to act / Garantenpflicht)

The Criminal Liability of the Control Functions / Second Line of Defense

• The Compliance Framework: due diligence duties and corporate governance
• Key criminal offenses relevant to control functions
• Recent case practice on the liability of banks and the second line of defense
• The role of FINMA enforcement proceedings in shaping liability risks
• Preventive measures and best practices to mitigate liability

Clarifying and assigning individual responsibilities: governance and internal directives, the future senior management regime

In anticipation of the future Senior Manage-ment Regime or otherwise: What are the current practices in governance and decision-making to clarify and assign individual responsibility?

• Does clarity in task distribution (across the three lines of defense or between compliance, legal, risk teams…) lead to individual accountability or also to a form of detachment from others’ responsibilities?
• What are the current practices regarding the drafting of internal policies that map and specify the duties to act? What topics do these policies cover, and what decision-making processes?
• In the case of SARs to MROS—which are one of the main causes of individual accountability issues for compliance officers (due to reporting failure or delay)—what kind of governance and decision-making process (who participates, who informs whom) is effective and transparently defines who is responsible for what?

The future Senior Management Regime in Switzerland: impacts on control functions, objectives, limitations

• Objective: assign responsibilities to avoid having to prove individual breaches of internal or external rules
• With the SMR, what becomes of the concept of breach of responsibilities versus breach of rules/duties?
• Will misconduct occurring within a manager’s area of responsibility suffice for disciplinary or FINMA sanctions?
• Will the SMR result in a second layer of accountability: one for when the manager acts within their remit, and the current one for actions outside it (requiring proof of direct causal responsibility)?
• Scope: Board of Directors, executive management, senior staff; paradoxically, lower-level managers might be subject to a more complex regime
• Can specific individual responsibilities be assigned a priori when functions are shared, collaboration spans departments (e.g. dotted lines), and issues are cross-functional?
• Can we monitor compliance with job descriptions closely enough to attribute effective actions/inactions to responsible individuals?
• Acceptance of individual responsibility would imply a duty to reduce misconduct
• The impact of the SMR on the redesign of internal processes