For all its peculiarities, the Wirecard scandal conveys a sense of déjà vu. The story of abuse at the now-bankrupt Munich fintech company reveals deep flaws in the way financial supervision is designed, organised and conducted. The answer must be to devise a new system in which the different supervisory entities communicate and act with greater speed and effectiveness.
There are some familiar patterns. Financial misconduct is found; it can be lending malpractice, money laundering, conflicted behaviour, or, in this case, fraudulent bookkeeping. It is discovered after months, even years, in which abuse was known about in relevant circles or at least widely suspected. The discovery is not made by the authority in charge but by an outsider: another authority, the judiciary, or the press. Under pressure to provide explanations, the authority supposedly in control pleads innocence: it had no jurisdiction, or no instruments to intervene, or insufficient evidence or powers. It claims to have done all that could be done. Regardless of whether such defence is justified, the loss – for investors, for market integrity, for institutional and national reputations – can be enormous.
In theory, supervisors are supposed to check compliance with existing rules and detect possible deviations. Supervisory practice, however, is very different. No set of laws describes all real-life situations; legal provisions must be interpreted and put in context. Rules can be circumvented, so formal legitimacy can conceal substantial abuse. When supervisors enter such uncharted waters, their guide must be the spirit, not the letter, of the law. Most real-world banking and market supervisors, have a legalistic, risk-averse mindset. They hesitate to intervene when their legitimacy is not fully certain.
In legal financial frameworks, there always is a grey area between what is unambiguously, provably forbidden, and what is unquestionably allowed. That area evolves with business practices; it grows in times of financial innovation. Laws do not keep up with new types of business and intermediaries. The scope for circumvention, free-riding and fraud increases. Supervisors are more easily caught off guard; risks for investors and the society at large increase.
Supervisory charters should be extended to deal with this problem. With many specialised authorities involved (accounting auditors, money laundering supervisors, and so on), there should be one in charge of connecting the dots and doing the synthesis. It does not need to possess all powers, but it must have the responsibility to raise the flag if needed.
In banking, this role naturally belongs to the prudential supervisor; in securities markets, to the authority responsible for efficient and fair market functioning, including investor protection and information. Such an ‘encompassing supervisor’ must possess a broad culture and understanding of financial markets. It must have the authority to obtain collaboration from specialised supervisors and to ask for supplementary investigation it cannot conduct directly, including from the judiciary. Its accountability should include an obligation to sound alarm bells when intervention beyond its powers is needed.
No existing supervisory framework today conforms to these standards, but some contain useful elements. For example, the EU’s regulation establishing the single supervisory mechanism grants the European Central Bank ample investigatory powers, including the right to obtain information through off-site requests and on-site inspections.
Its statutory goal – to maintain safe and sound credit institutions – is sufficiently broad to cover most relevant cases of banking malpractice. However, there are shortcomings. The need to apply national laws whenever EU law does not exist and to obtain national authorisation (including from the judiciary) to exercise investigatory powers, limits the ECB’s scope. More flexibility would have helped, for example, to put certain money laundering violations under the spotlight at an earlier stage.
Market manipulation is another example. Since 2016, EU countries have been subject to the market abuse regulation, compliance with which is checked in each country by the national market supervisor. The regulation prohibits the dissemination, by any means, of information giving misleading signals on the price of a security.
In Germany, the financial reporting enforcement panel, a privately regulated entity, examines financial reports on a sampling basis, conditional on the company’s co-operation. Bafin, the market supervisor, intervenes if the company does not co-operate or there are serious doubts on the outcome of the first step. The Wirecard episode exemplifies a misconnection between European and domestic law and a reluctance by the responsible authority to act in the grey area in between. An extension of EU powers would help fill this gap.
Whatever the scope of supervisory arrangements, undetected abuses will always exist. No supervisory framework can work without a good dose of ethics. But the Wirecard affair underlines that abuses are more likely to go unchecked if no authority feels compelled to take steps beyond those required by a minimalist interpretation of its mandate. In future, taking those steps should not be just an option. It should be the supervisors’ duty.
Ignazio Angeloni is Senior Fellow of the Harvard Kennedy School and the Leibniz Institute for Financial Research SAFE, and a former Member of the Supervisory Board of the European Central Bank. This follows a review of the wider implications of the Wirecard episode by John Orchard and David Marsh.