Mr. Brian Patterson:

Okay. Thank you, Chairman.

In April 2002, I was asked to become the non-executive chairman of the interim Irish Financial Services Regulatory Authority, which we know as IFSRA, by the Minister for Finance, and with involvement also of the Minister for Enterprise, Trade and Employment. The authority was formally constituted in 2003 and I remained chairman until my term expired in April 2008. Because it may come up later, Chairman, I should mention that as from October 2007, I was dealing with a serious illness. As chairman of IFSRA, I was also, ex officio, a non-executive member of the board of the Central Bank.

In 2004, instead of the more cumbersome title Irish Financial Services Regulatory Authority, it was decided to adopt in everyday usage the simpler term, "Financial Regulator", to mean the whole organisation, and that is the meaning I shall use here. In this statement, I'll also use the term "authority" to mean the board of the Financial Regulator and "executive" to mean the CEO and his staff. I'll also refer to the board of the Central Bank.

My job was to manage the authority, that is, the board, and to ensure that its non-executive group of independent, senior people worked well together and worked effectively with the executive in developing and approving policies, strategies, plans and initiatives. The executive’s job was to manage the organisation and to report to the authority on the ongoing work of regulation.

The first line of defence against a bank’s failure and the responsibility for protecting its safety and soundness lies squarely with the bank itself - its board, its management, its risk committee, its compliance officer; the second line of defence is the bank’s auditors; the third line of defence, at that time, was the Financial Regulator, responsible for the prudential regulation of individual banks; and the fourth line of defence was the Central Bank, which retained responsibility for systemic financial stability. In the banking crisis which befell us here in Ireland, all of these defences failed for complex and interrelated reasons.

As well as setting up a completely new organisation, the Financial Regulator achieved much in developing its consumer protection mandate, in implementing very complex EU directives, as well as regulating insurance, credit unions and the many other areas under its supervision. However, it clearly failed in its duty to uphold the safety and soundness of Irish banks. As chairman of the authority, I accept responsibility for my part in that failure. It's something I regret deeply. Had I known then what I know now, things could have been very different.The authority and the executive of the Financial Regulator took their responsibilities very seriously. They were diligent, hard working and, at all times, acted in good faith. Contrarian opinions were encouraged. So why did things go so wrong? That is the question on which I'll try to shed some light, and to do so without in any way seeking to evade my responsibility. I'll outline a number of reasons that, in my view, led to the ultimate failure of banking regulation. I'll describe these briefly under two main headings - structure and practice.

Let me first deal with structure. The interim regulatory authority was set up in 2002 following a long debate which followed the McDowell report about how it might best be structured. The main issues were: one, which financial services should be brought into its remit; two, whether a new structure would be independent of, or be part of, the Central Bank; and, three, whether it should focus on consumer protection alone or be combined with prudential regulation. The impetus for an integrated and separate regulator to cover the whole of the financial services industry came from a number of sources. One, following the radical deregulation of financial services under Presidents Reagan and Bush in the US during the 1980s followed by the "Big Bang" deregulation of 1986 in the UK, financial services had become more deregulated, more complex and were converging across traditional sector boundaries, which, in Ireland, and for historical reasons, had been regulated by separate entities reporting to different Government Departments. No. 2, it was believed that banks and other financial services were mis-selling to their customers and that stronger emphasis need now to be placed on consumer protection. Three, the DIRT inquiry and a number of other matters in the 1990s had raised persistent questions as to how effective the Central Bank was in supervising the banks. So it was believed that a more independent structure with a substantial focus on consumer protection was required. However, there were strongly competing views as to how this should be done. Following a lengthy debate, the structure that resulted was a complicated compromise.

The Irish Financial Services Regulatory Authoritywould have responsibility for both consumer protection and the supervision of individual financial services providers, including over 50 banking entities plus 30 EU banks operating on a "passport" basis into Ireland, two building societies, 180 insurance companies, 3,400 funds, 4,000 intermediaries, as well as re-insurance companies, stockbrokers and the Stock Exchange, bureaux de change, licensed moneylenders and 430 credit unions who were vocally opposed to the new regulatory arrangements. The organisation, with supervisory responsibility for over 8,000 different entities, had a lot on its plate. Of its approximately 350 staff, around 45 were initially allocated to banking supervision.

The authority reported to the Oireachtas through the Minister for Finance. It had a degree of independence, but, at the same time, operated within the overall framework of the Central Bank in what was to be known as the Central Bank and Financial Services Authority of Ireland, CBFSAI. The Central Bank and its Governor retained responsibility for financial stability and had powers to direct the authority in that regard; it remained the “competent authority” under EU directives; it was the sole point of contact with the ECB.

The web of accountabilities was, to say the least, complicated. Some observers described the new structures as unwieldy and unworkable. However, early on, the Governor and I decided to try our best to make them work. I should say at this point that the Governor and I had a good, professional relationship all the time through my tenure as chairman. In the initial stages, the challenge was to begin implementing the legislation, which at that point was still a Bill, and to build an entirely new organisation with staff who were then working in a number of different organisations and Government Departments. The regulator inherited most of its staff from the Central Bank and so also inherited, and was effectively constrained by, the Central Bank’s HR policies, systems, and culture, a culture which, in my view, was generally hierarchical, deferential, cautious, and secretive. Accommodation and the critically important services of HR and IT systems were provided by the Central Bank. The bank was not a strong performer in either of these areas and this did slow down our banking regulators in coping with change, of which there was a lot in the period, and in developing their crucial data analytics capacity.

The Financial Regulator was given formal legal status in 2003, although its sanctioning regime was not in place until nearly two years later, and its ... the new legislative framework for banking supervision, under Basel II, was not in place until 2006. The authority had its own board of ten members, six of whom also sat on the board of the Central Bank, including myself as chairman and the CEO. None of the authority - the board - had any experience in regulating banks. There was some initial training for authority members in prudential regulation and financial stability. In hindsight, there was not enough.

At the time, those outside the regulator often saw prudential regulation as being in opposition to consumer protection. There was little or no acceptance that prudential regulation was, and is, in fact, the ultimate in consumer protection for depositors, for shareholders and, as we now know, for taxpayers. Some consumer groups even criticised the amount of resources the authority was then committing to prudential regulation, in so far as it used resources which, in their view, could have been better deployed to consumer protection. Through all of this time, looking back, there’s a theme of taking prudential regulation for granted.

As an example of this mindset, the legislation laid down that the consumer director was to be a statutory, ex officiomember of the authority; surprisingly, the prudential director was not. Early on we recognised this deficiency and we wrote to the Minister to put it on record that even though not written into law, we would treat the prudential director as if he were a full member of the authority, in the sense that he attended and participated in all meetings and received all board papers. The Minister agreed.

The priority given to consumer protection was exacerbated in those early years by a number of high profile consumer issues, for example, foreign exchange overcharging, which absorbed much time and energy of both the executive and the new authority. Many of the interactions with senior bankers on these issues were extremely robust. During one heated discussion in my presence, the CEO of a large bank threw a bunch of keys across the table to our CEO and asked him if he wanted to run the expletive bank.

Part of the CBFSAI mandate was to develop the financial services sector, although not at the expense of safety, soundness and stability – a responsibility more recently removed in the 2010 Act. While the regulator legally had no similar responsibility, it was widely believed that its remit included supporting the development of the industry. Hence there was an effort to ensure that rules and regulatory practice did not have a disproportionate impact on the operation and development of the financial services sector, particularly in relation to the IFSC. Following a fact finding visit to the US in early 2007, the CEO and I came to the view that the authority did not have sufficient visibility of what was happening in international financial markets and, in particular, in the US. On return, I suggested appointing an international adviser to the authority. This idea, unfortunately, did not find enough support in the board of the Central Bank or of the authority and, in April 2007, I was forced to drop it. Again with hindsight, an international adviser might have alerted us to the risks in the US financial markets at that time and how these would come in time to impact the Irish banking system.

Let me turn to the powers of the regulator. There is some misunderstanding about the limits of the Financial Regulator’s powers in relation to the banks. One, first, it had no powers, per se, of approval or disapproval over the banks’ products like 100% mortgages. The regulatory framework was not designed around prohibiting products, but around imposing additional capital charges on more risky products. Second, while it did regulate full subsidiaries of foreign banks in Ireland, it had no powers of prudential regulation over EU banks "passporting" as branches into Ireland, and which were regulated by their home supervisor. The authority was very conscious that if, for example, the capital requirements on Irish banks were pushed too high, foreign banks which were already, or could move beyond our supervisory reach by switching from subsidiary to branch could have gained advantage over their Irish competitors. This was particularly the case with some aggressive UK banks, attracted to the Irish market by increased margins. Trying to regulate these foreign banks through their home supervisor was futile; the role of the ECB in supervision was, at the time, very weak, as was transnational co-operation between banking regulators.

The McDowell report had recommended that the regulator be given powers of administrative sanction so that it could challenge the banks more effectively, although most countries in Europe did not use sanctions as a core part of their prudential banking supervision. However, the power to impose sanctions on the industry took a long time to materialise. The legislation was not enacted until August 2004, and by the time statutory instruments and staff training were complete, sanctions were not available to the authority until late 2005, more than two years after vesting. This lag in giving the regulator powers of sanction may have weakened the new organisation in the eyes of powerful, and dare I say, in the case of a few increasingly arrogant banks. When eventually enacted, the legislation gave the authority powers to sanction without having to access the courts. Internally, there were real concerns about legal and possible constitutional challenge. If, in the early stages, the authority’s sanctioning powers were to be struck down by the courts, it would have far-reaching consequences, and these concerns fed into a Central Bank culture which had already had in-built cautiousness and hesitancy.

Resourcing levels in banking supervision, as you've heard, were derived from the principles-based approach. It's worth noting that in the new, post-crash regulatory regime, a more intrusive, inspection-based approach required a 170% increase in staff resources. As you have heard, resources at the time were under considerable pressure. As well as carrying out ongoing supervision, they had, at the same time, to implement a raft of complex EU directives, particularly Basel II. Management in banking supervision did seek some increase in resources but there was a perceived need to keep a lid on costs and the procedure for getting approval for additional staff was extremely complicated. Even when approval was obtained, the filling of posts was constrained by, first, the inability to attract enough external candidates at the right level and, second, by the capability of the Central Bank’s recruitment function.

In relation to the first of these points, the regulator was constrained by the pay scales and HR policies of the Central Bank and its long-standing conformity to terms and conditions of the Civil Service. And there were three consequences of this: number one, it was virtually impossible to offer competitive market conditions and to bring in, particularly at a senior level, expertise from outside, especially from the highly paid financial services industry. For example, on the basis of figures which are in the public domain, the authority would never have been in a position at that time to recruit a Matthew Elderfield. Number two, performance management systems and practices were very weak and number three, the organisation culture was formal and slow. The authority was obliged to take its IT and systems development from the Central Bank. Because of problems in this unit, it was a constant source of frustration and inefficiency to the whole organisation and to banking supervision in particular.

In summarising this part about structure, it's clear with hindsight that the Financial Regulator, as it was constituted, was not entirely fit for purpose. A modern Financial Regulator needs a board with regulatory experience and skills. It needs an enabling legal framework with strength to counter the naturally powerful influence of the banking sector. It needs to be well resourced, to have a fast-moving capacity to develop its IT capability and to recruit expert staff. It needs freedom of action and clarity in its legislative mandate that it's single-mindedly to prioritise the stability of the banking sector over other competing public policy goals.

Let me turn to regulation and practice. As you've heard ad nauseam, principle-based prudential regulation was at the time perceived internationally as best practice. It was the bedrock of EU banking supervision as enshrined in the Basel accords – to which the Irish Government was a signatory. It had therefore to be embraced by the Central Bank and was inherited and continued by the new Financial Regulator.

In an era of deregulation and belief in free-market policies, principles-based regulation was based on the belief that one, the market should be allowed to operate freely; the regulator should not interfere in product design or pricing and had no powers to do so. Two, responsible financial services providers were best placed to make decisions about their businesses and were required by government ... required to be governed by experienced managements and boards, backed up by risk committees, compliance officers and auditors. Boards were required to comprise of persons who were "fit and proper" and who operated in a transparent and ethical way. This would take, number four, place under regulatory oversight, with reporting, monitoring and risk-based inspections, backed up by strong enforcement.

As part of the EU push to develop the single internal market with a common regulatory framework, the Government had signed up to implement EU-wide, complex, data-rich, risk-based system of prudential regulation named Basel II, which was to complement the principles-based core principles of effective banking supervision. The regulator was required to adopt this system and to bring the Irish banks under its disciplines. Implementation of Basel II, completed in 2006, fell to the Financial Regulator. This work was extremely challenging, complex and detailed; it put a lot of strain on the Central Bank’s systems development capacity. Critically, it temporarily diverted a large number of banking supervisory staff from day-to-day supervision at a time when, as we now know, the seeds of the banking crisis were already germinating. Ironically, the new Basel II framework did not prevent an EU-wide banking crisis and it was superseded in 2011 by a new accord, Basel III.

To strengthen its principles-based approach, in 2005 the authority set out to introduce a new fitness and probity regime for the directors of financial institutions. There was, inevitably, strong challenge from the industry. The authority sought legal advice, which was that constitutionally, no directors who were already appointed, could be reassessed and by implication potentially disqualified. In other words, they were effectively grandfathered or grandmothered. After the crash, the 2010 Act brought in extensive powers for the Central Bank to examine existing appointees – powers not available to the regulator before that time.

In a second move taken by the authority to strengthen its supervisory approach, in November 2004 the authority set out to use its discretionary powers under the Central Bank Acts to require compliance statements of directors in financial institutions. The consequential consultation process ran into a barrage of resistance from the industry. They deployed a range of arguments, including that this was inconsistent with the company law review group’s report. Following extensive lobbying and discussion, the Department of Finance wrote to the authority in November 2006 asking it not to proceed with the necessary consultation process, “without first consulting the Department” – a clear signal to us that this did not have Government support. In retrospect, I believe we were mistaken not to have pressed ahead with this measure despite the extreme resistance that we faced.

Banking supervision collected data from the banks and carried out on-site inspections. The principles-based approach focused on checking banks’ internal control systems and board minutes to assure the supervisors that their internal controls were operating. Instead of, for example, random sampling of loan files to challenge bank managements' assertions, the inspection methodology left actual judgements of what was prudent to the banks' managements. The dramatic rise in credit called for new information to be collected from the banks. However, the Central Bank just did not have the IT change management capacity to specify that data need or to implement it quickly, while also implementing Basel II and doing everything else it was doing for the Central Bank and for the ECB.

Within an often crowded agenda, the CEO and the prudential director reported on their supervision responsibilities at the monthly authority meeting. The prudential pack, which contained detailed data on an institution-by-institution basis, was a quarterly standing item on the authority’s agenda and was discussed at length. Solvency ratios of the banks under supervision were examined and were continually seen to be within the defined limits. The pack included some details of major exposures of Irish banks including those to property developers. These exposures were examined by the executive and were the subject of detailed discussion with the institutions themselves. The executive assured the authority that all these loans had strong asset backing. With the benefit of hindsight, the valuations on which this was based depended on some kind of soft landing.

Chairman, I've omitted the next sentence which was in my written statement as I realised after I had submitted it that it was not fully correct.