Fitness & Probity; Sharing of Investigation Outcomes as Part of Staff Vetting

Speak Up Investigations – The Pitfalls and Hurdles’ Seminar
January 12, 2018
False Invoicing Fraud
February 26, 2018
Show all

The Central Bank of Ireland describes that;

“The Fitness and Probity Regime applies to persons in senior positions (referred to in the legislation as Controlled Functions (“CFs”) and Pre-Approval Controlled Functions (“PCFs”)) within regulated financial service providers (“RFSP”).  

The Fitness and Probity Regime also applies to RFSPs who are obliged to ensure that their senior personnel comply with the Fitness and Probity Regime”

https://www.centralbank.ie/regulation/how-we-regulate/authorisation/fitness-probity

Based on this and in the interest of this article, we should also consider that the Central Bank is a ‘public body’ and is a gatekeeper for private organisations it regulates.

When an individual joins a financial institution, and dependent on role, one would expect that that they complete and sign a pro forma that satisfies that they can comply within a role that comes under the Fitness and Probity Regime. Other than executive positions within the institutions, these declarations would not be shared with the Central Bank of Ireland and from an operational management perspective, nor would you expect them to be.

Prior to all of this, one concern that does come too mind, relates to Staff Vetting procedures. As part of this process, education, work and certain personal information are validated (in some cases police background checks undertaken). The previous work information is satisfied through a reference check(s). What is not validated  is confirming whether the individual (who was classified as woking in a Fitness and Probity role) was  subject of an  Internal investigation and dismissed for the same offence. The absence of these checks means an individual can wander from one institution to another although they have been dismissed or allowed to resign based on malpractice or even a criminal offence.

Dependent on outcome of such an investigation, institutions have reporting requirements to inform the Central Bank as to the details of these individuals and the outcome of the investigation. The questions therefore comes to mind, what is done with that information and how is this shared? Is this information placed in a hypothetical bottom drawer? Can institutions ask for this information as part of their vetting checks?

The formal sharing of such information  between the public and private sector will be an issue and I sure the Data Protection Commissioner would have a comment on this. Therefore one would ask whether the Central Bank are actually the correct gatekeeper in holding on to such information unless they create or already have a checking repository system that would allow institutions to validate if a previous report had been made from another institution. I would be in no way critical of the Central Bank around this process, but I would simply be challenging the same and consider that the reporting of internal malpractice should not be a tick box exercise and the data should and can be used for meaningful purposes to avoid and prevent malpractice in the future.

The Central Bank should be seen as an independent function too manage this data and given the changing demographic of nationality in Ireland and its neighbours, consideration should also be seen in cross border validation.

I am sure financial institutions have there own questions on this but I am sure they would appreciate an additional mechanism in keeping the ‘bad guys’ out.

Leave a Reply

Your email address will not be published. Required fields are marked *

//]]>

By continuing to use the site, you agree to the use of cookies. >

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close