For custodian banks, UCITS V liabilities are a matter of life-or-death
The liability regime in a classic global custody agreement is straightforward. The global custodian undertakes to provide the safekeeping services to the high “standard of care” – this is the actual phrase used – expected of a first class service provider. Asked to describe what makes a custodian firdst or second class, Peter Richards-Carpenter, a consultant to London law firm Berwin Leighton Paisner, draws on 30 years’ experience of grimy commercial realities. “The first class global custodian is the one that clients expect to make them whole in the event of loss,” he says. For years, that liability did not extend to the sub-custodians to which they delegated large parts of their safekeeping duties - provided they chose those delegees carefully and monitored them regularly for signs of backsliding, financial fragility or incompetence.
True, even a standard global custody agreement of recent times made the global custodian liable for any direct losses caused by the negligence, wilful default or fraud on the part of its sub-custodians, as well as on the part of its own operations, including any assets held in its nominee or omnibus account structures. Historically, however, global custodians were not liable for losses in the ordinary course of business at the sub-custodian level (unless of course, the sub-custodian was part of the same group, which became a natural part of the sales pitch for global custodians with sub-custodian networks such as BNP Paribas and Citi). Global custodians undertook only to assist the client in pursuing a sub-custodian if assets went missing or – the worst case scenario – the sub-custodian became insolvent.
This exclusion of liability for losses at the sub-custodian level often remains the case under American law, though it is now fast disappearing even in the United States. By contrast, most agreements for large clients concluded under English law have for at least the last ten years made the global custodian liable for losses in the ordinary course of business caused by negligence, wilful default or fraud at the sub-custodian level as well. Only in cases where a client wants to invest or trade in markets where the global custodian is not convinced that it can manage the risks effectively are less generous terms likely to be agreed in a separate schedule to the main global custody agreement.
Attempts are occasionally made by global custodians to exclude liability for the insolvency of the sub-custodian, provided it was chosen carefully, but any global custodian that failed to fulfil its duty to choose a sub-custodian carefully would be liable anyway. Nor are clients sympathetic. After all, the quotidian risk that securities are delivered and cash is not received before the sub-custodian fails, or vice-versa, is a real risk. Any cash owed by a counterparty becomes, like any cash sum in the banking industry, an unsecured debt of the sub-custodian.
Since the financial crisis, some clients have tried to obviate this risk by insisting their global custodian sweep cash into an account in the home jurisdiction of the global custodian (usually London or New York) or establish cash accounts in the name of the client at the sub-custodian. An account in the name of the client at least ensures the client has an unsecured debt with the sub-custodian directly rather than indirectly, but it cannot alter the fact cash is both fungible and belongs to the bank.
Traditional global custody agreements excluded another risk too. This is indirect losses incurred by a client (such as loss of profit when cash or securities were not delivered on time, causing a subsequent transaction not to take place) or losses incurred because assets were held in a central securities depository (CSD) which custodians have no choice but to use in order to settle securities transactions. “I do not think I have seen a custody agreement which did not exclude losses arising in connection with a CSD or other securities system,” says Richards-Carpenter. “More often than not, the global custodians have no say whatsoever about the contractual terms on which they use those systems. Use of the systems is usually mandatory . If something goes wrong at that level, they cannot be expected to take responsibility for it.”
Until now, this denial of responsibility was unaffected even by the regulatory obligation of American fund managers under Section 17(f)7 of the Investment Company Act of 1940 to ensure the assets of their clients are always held in reputable CSDs that they monitor regularly for their safety and soundness – a task they generally entrust to global custodians. “The banks draw a clear distinction between their contractual and their regulatory responsibilities,” explains Richards-Carpenter. “They are answerable to the regulator under Section 17(f)7, but they are not willing to take contractual responsibility for CSD risk.”
Of course a lawyer can always be found to argue that this distinction between regulatory and legal obligations is casuistical. Indeed, Richards-Carpenter says that he has long questioned the wisdom of including in global custody agreements a general obligation on the bank to abide by all legal and regulatory regimes in the jurisdictions where it operates. He adds that he has usually succeeded in ensuring its excision. However, recent legislation covering the European funds industry - namely, the Alternative Investment Fund Managers Directive (AIFMD) that became effective in July 2014, and especially the fifth iteration of the Undertakings for Collective Investments in Transferable Securities (UCITS) regime that will be implemented in March 2016 – make such distinctions irrelevant.
Even under the current UCITS IV regime, the custodian - known in this context as the depositary, which has to be based in the same jurisdiction as the mutual fund whose assets it safekeeps – has obligations additional to those of a classic global custodian. The depositary is responsible for protecting the interests of investors in the fund by having oversight of the investment functions; monitoring the flow of cash in and out of the investments bought and sold by fund; reporting on and monitoring compliance with the description of the fund given in the prospectus; and monitoring the safekeeping of assets (custody) and the valuation of the assets and registration of ownership (fund accounting and transfer agency).
These tasks have become more complicated as the UCITS regime has become more liberal, permitting managers to invest in a wider range of asset classes (including, since UCITS III, derivatives) and undertake ancillary activities (such as securities lending). This is why early drafts of UCITS VI indicate that the European regulators will narrow the range of permissible investments for UCITS funds, leaving AIFMD to govern investment by more sophisticated investors. But the work of driving retail investment strategies towards the orthodox is already under way in UCITS V, which will from the spring of next year greatly increase the risks faced by depositaries to UCITS funds.
Even under UCITS IV depositaries to UCITS funds must live with the knowledge that they are liable for losses caused by a failure to execute certain administrative functions – notably the settlement of transactions, and the registration of ownership of units in the fund by investors –properly. This was never the case under a standard global custody agreement. Although depositaries to UCITS funds can delegate the tasks of settlement (usually to a custodian bank) and registration (usually to a transfer agent) they remain liable for the performance of these third parties unless they can show that the decision to delegate was reasonable, the delegees were and remain competent to do the work, and that sufficient care was taken in selecting them. “The burden of proof is quite substantial, but it is reversed,” notes Richards-Carpenter. “Establishing liability in these cases inevitably revolves around the exact words used in the depositary agreement. Where individual losses can be traced to individual mistakes, generally the depositary has coughed up. It has proved to be a regime the industry can live with quite comfortably.”
The same cannot be said of the AIFMD. Under the AIFMD, the depositary is obliged to replace the lost securities on a like-for-like basis, and in a timely manner. The depositary is also liable for all losses that are occasioned by its own negligence, wilful default or fraud, or that of its sub-custodians. “There is no provision in AIFMD to restrict those losses to direct losses, so indirect losses such as loss of profit are in scope,” explains Richards-Carpenter. “The wording customary to a standard global custody agreement, excluding liability for indirect or consequential losses, such as loss of profit, is not effective under AIFMD.”
AIFMD also restricts the scope for a depositary to delegate its responsibilities. It can do so only if the delegation is “objectively” justifiable. This is a philosophical term that is inevitably hard to demonstrate in a court of law, even if the depositary collects considerable evidence of the due diligence it has performed on the delegee – not least because neither party would have found themselves in court if the delegee had not fallen down on the job. Yet, whenever a court finds a delegation unjustifiable, the depositary will be liable for any losses. “In all such circumstances, a customer could argue that the systems and performance of the delegee manifestly failed the test of adequacy,” says Richards-Carpenter. “And if it fails the test, the depositary has strict liability.”
In fact, AIFMD makes depositaries strictly liable for any loss of securities by delegees in almost all circumstances, possibly including losses caused by a CSD in which it is forced to settle transactions and hold customer assets. This is why custodian banks lobbied hard during the protracted negotiations that preceded the implementation of the AIFMD on 22 July 2014 for limitations on their liability – especially to prime brokers, who held assets of AIFs in custody as an integral part of prime brokerage agreements with fund managers, and usually had unlimited rights of re-hypothecation over those assets. The regulators conceded that depositaries could escape liability for losses caused by delegees (such as prime brokers) if they secured the express consent of the customer to the arrangement, the delegee agreed it was liable to make the customer whole, and the customer agreed it would seek to recover its losses from the delegee.
Delegating responsibility for losses in this way is of course extremely difficult to negotiate commercially. Delegees are unlikely to expose themselves to multiple claims from fund managers (and their underlying investors) that a depositary is unwilling to wear. It is also challenging to make claims stick against delegees with which the client has no direct contractual relationship, and which may be located in a faraway country subject to laws quite different from those of the depositary agreement. As Richards-Carpenter says, this ostensible concession by the regulators is in practice “a nonsense.” This has not prevented clauses excluding liability for losses occasioned by delegees appearing in depositary agreements, especially those contracted by so-called “depositary lites.” But the depositaries and their delegees know it is merely a cosmetic gesture to enable the business to be done. Both sides know the depositary cannot meet meaningful losses, and that its delegees will not do so either.
The same applies to the notorious compromise reached between depositaries and prime brokers. Under this compromise, prime brokers have indemnified depositaries against loss of client assets, and depositaries have secured a discharge of liability provided an “objective reason” can be found why they could not have prevented the losses occurring. “I have advised depositaries never to appoint prime brokers as sub-custodians because I do not think the depositary can ever meet the real obligations that are laid upon it in those circumstances,” says Richards-Carpenter. “What they need to do is define, as far as possible, the circumstances in which the client can instruct that assets be transferred to a prime broker. In so far it is cash, they can. In so far as it is securities, it is trickier, because the depositary retains responsibility for all the securities in the fund. There is no reason why a fund should not choose to lend its cash to a prime broker, and the depositary is not liable for that.” He thinks that all parties, including the regulators, have chosen not to confront the realities of prime brokerage – and that investors are as a result at greater risk of incurring losses than they realise.
Depositaries argue that a second concession by the regulators - the exclusion of CSDs from the strict liability for losses caused by delegees – is more meaningful. They told the regulators it was impossible for them, in their role of depositary, to perform adequate due diligence on all of the CSDs they are obliged to use, so it was pre-ordained that they would lose any litigation that followed losses at the CSD level. The regulators duly conceded that the use of a CSD did not amount to a delegation - but the concession was a limited one. It still does not necessarily permit custodians to exclude liability for losses at the CSD level, as they do in a standard global custody agreement.
Indeed, Richards-Carpenter argues that the concession may even have left depositaries worse off. “The exclusion provisions are still in there, in the depositary agreements, but their effect is less certain because of the limited nature of the concession,” says Richards-Carpenter. “Arguably, too, and this has not been tested as far as I know, precisely because the use of a CSD does not amount to a delegation, the exclusion of liability that is in principle available to a depositary when it does delegate a duty is not available in relation to the use of a CSD because, by reason of the concession, it is not a delegation. Because of the concession, a depositary cannot delegate its responsibilities to a CSD, so it is in this sense harder to escape strict liability for losses at the CSD level. The concession is a double-edged sword.”
But the most damaging consequence of AIFMD is a commercial one. Clients that were once told no global custodian accepted strict liability for losses occasioned by CSDs or sub-custodians, and certainly not for indirect losses such as loss of profits, now find AIFMD depositaries accepting liability for some if not all of these risks. “You still see depositaries seeking to exclude liability across the board for indirect and consequential losses, but then putting in weasel words such as `subject to compliance with applicable regulatory provisions,’” explains Richards-Carpenter. “We know now that the applicable regulatory provisions make it impossible, in most circumstances, to achieve this kind of exclusion. It leads to uncertainty, and uncertainty increases the potential for litigation.”
But if AIFMD has exposed custodian banks to a new range of potential liabilities, it is UCITS V which ought to prompt them to consider either restricting the business they are prepared to support to the lowest risk profiles, raising their prices significantly, restructuring how they service clients in Europe, or exiting the business. The new UCITS regime, which comes into effect in March 2016, extends to retail investors in mutual funds similar protections to those already available to investors in AIFs under the AIFMD. However, there are two significant differences between AIFMD and UCITS V. The first is that a depositary bank cannot under any circumstances delegate its liabilities to anyone – even to prime brokers. The second is that CSDs are not excluded from the obligation never to delegate liability.
“UCITS V is not saying that the use of CSD will in all circumstances be regarded as a delegation,” says Richards-Carpenter. “But it is not saying that it will not. So you have to look at the circumstances in each case. If using a CSD is deemed to be a delegation, the depositary is strictly liable, and it cannot delegate its liabilities.” It is hard to conceive of circumstances under which depositaries will not have to use CSDs. It is even harder to think of any under which it would not be a delegation. And there is every possibility that it is only a matter of time before strict liability is extended to AIFs as well as UCITS funds. This is why custodians active in European markets now face the choice of exit, shrinkage, raising prices, or a fundamental restructuring of their business. Until now, regulators have conceded enough under AIFMD, and commercial pressures have argued strongly enough for compromises between prices and risks, for custodians to avoid making drastic choices. Procrastination is no longer a viable strategy.
By making custodians strictly liable for every operational and safekeeping risk their clients incur UCITS V will force custodians to choose. “The only remaining defence available to depositaries against the assertion of strict liability for any loss of securities is the force majeure clause,” says Richards-Carpenter. “They can avoid liability if they can prove – and again, the burden of proof is reversed – that the losses incurred by their clients would in all circumstances have been unavoidable by any reasonable action they could have taken. That is a very difficult one to run.”
After all, even in the most catastrophic circumstances it is not difficult to argue that a depositary should have foreseen the disaster. “An eminently plausible danger is Armageddon in a particular jurisdiction, by which I mean, say, a mega-fraud at a CSD, which is not inconceivable, or negligence on the part of the leading sub-custodian in that jurisdiction, possibly amounting to connivance in the fraud,” says Richards-Carpenter. “That could in theory lead to the whole system in a particular jurisdiction snarling up. Once settlement of transactions ceases, and litigation begins, potential losses become open-ended. They could run into trillions of dollars. No bank could support losses of that magnitude.”
So what options do custodians have? Regulators are unlikely to endorse any restructuring which isolates European depositary risk from the rest of the bank. Global fund managers will either fail to warm to a custodian which offers them less reassurance in Europe than elsewhere, or stop doing business in Europe themselves. Re-pricing of the risk can only encourage them to do that. Besides, raising prices is not possible when not only CSDs, but a host of FinTech start-ups, are manoeuvring to take the business of the custodians. It follows that the only viable solution for European custodians is to become CSDs themselves. As it happens, BNY Mellon hit upon exactly this solution back in 2010. Earlier this year the bank abandoned the idea, though its retention of a CSD licence indicates it may reconsider. If Peter Richards-Carpenter is right, the management needs to get on with that reconsideration urgently, before one of the risks it is running becomes real.