Outsourcing, the Central Bank of Ireland noted, is an "integral part" of the business model of BNY Mellon Fund Services (Ireland) DAC, the fund administrator it has just fined a sum of €10.78 million and reprimanded for an extensive list of regulatory breaches.
BNY, the Irish subsidiary of fund administration giant Bank of New York Mellon Corporation, said on Thursday that it sincerely regretted the breaches and had taken the necessary steps to rectify the deficiencies that gave rise to them.
Although no client money was lost, the charge sheet doesn’t make pretty reading. BNY repeatedly failed to notify the Central Bank and obtain its approval prior to the commencement of new outsourcing arrangements. It repeatedly failed to monitor and assess the financial performance of the firms to which it had outsourced services.
It also repeatedly failed to submit correct annual outsourcing returns and it failed to notify clients prior to the commencement of an outsourcing arrangement.
With the breaches dating from 2013 and the first engagement by the Central Bank on the issue coming in 2014, this has been a long-running affair, undoubtedly prolonged by BNY’s “inaccurate notifications”, which the regulator said “served to minimise the seriousness and extent of the breaches”.
But BNY’s conduct is one thing. The potential risk to the financial system inherent in incorrectly managed outsourcing practices is another.
Guidance note
To its credit, the Central Bank has stepped up its focus on the pervasive use of outsourcing by regulated firms in recent years. The cross-industry guidance it issued last December is a 73-page document that should leave regulated entities in no doubt that it will take a dim view of sloppy outsourcing practices that impair its ability to properly supervise financial firms.
One complicating factor, this guidance note outlines, is the use of sub-outsourcing, also known as chain outsourcing. This is, as it sounds, where an outsourcing service provider in turn outsources certain aspects of their business, creating “outsourcing chains that can become long and complex”.
It’s not hard to see how the regulator’s visibility might swiftly become quite poor. The BNY case represents the biggest string of outsourcing breaches the Central Bank has uncovered to date. But it wasn’t the first and it’s unlikely to be the last.