Barclays Bank CEO Jes Staley has been fined £642,430 (U.S. $870,619) by U.K. financial regulators for attempting to unmask a whistleblower. Additionally, Staley will see £500,000 (U.S. $677,599) hewed from his bonus.

The Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) have jointly fined Staley for his failure “to act with due skill, care, and diligence” in the way he responded to an anonymous letter received by Barclays in June 2016, which “risked undermining confidence in Barclays’ whistleblowing procedures,” noted an FCA news release.   

“Protection for whistleblowers is an essential part of keeping the financial system safe and sound,” said Sam Woods, deputy governor for prudential regulation and chief executive of the PRA in a statement. “Staley’s behaviour fell below the standard we require.”

This is the first case brought by the FCA and PRA under the Senior Managers and Certification Regime (SMCR), which came into effect in 2016 as a way of holding individuals directly accountable for key risk areas within banks.

Barclays announced on 20 April that the bank’s CEO would likely be fined for his actions, while the FCA warned that it would be a “substantial sum.”

“Given the crucial role of the chief executive, the standard of due skill, care, and diligence is more demanding than for other employees.”
Mark Steward, Executive Director of Enforcement and Market Oversight, FCA

Staley earned £2.35m (U.S. $3.18 million) in 2016 and received a bonus of £1.3m (U.S. $1.8 million), so the fine amounts to about a sixth of his total compensation. It would have been £917,800 (U.S. $1.24 million), but he was given a 30 percent discount for settling at an early stage.

While Staley breached Individual Conduct Rule 2 of the FCA Handbook, however, the FCA and PRA do not believe that he acted with a lack of integrity or that he lacks fitness and propriety to continue to perform his role as the bank’s group CEO.

Nonetheless, he now has the distinction of being the first boss of a major financial institution to have been fined by regulators and to have kept his job. In a statement, he said: “I have consistently acknowledged that my personal involvement in this matter was inappropriate, and I have apologised for mistakes which I made.”

As a result of Staley’s interference, Barclays is now subject to enhanced monitoring and scrutiny. The bank must report annually to the FRC and PRA on how it handles whistleblowing, while the senior managers responsible for the bank’s whistleblowing systems and controls must provide personal attestations about their effectiveness.


In July 2016 Barclays’ CEO Jes Staley tried to identify the author of two anonymous letters sent to the board the previous month, which raised concerns about the recruitment of Tim Main, a friend and former colleague of Staley’s from his days at JP Morgan, who had been appointed as head of the bank’s financial institutions group in New York.
Although the board and bank’s compliance team regarded the author as a whistleblower, Staley considered the letters an unfair personal attack on Main. He then tried to hunt down the author, using the bank’s information security team, led by Troels Oerting, who formerly worked for Europol. Because the letter had a U.S. postmark, Oerting contacted and received assistance from a U.S. law enforcement agency (though to no avail). Staley’s attempts to identify the author first came to the attention of the Barclays board in early 2017, which informed regulators and launched its own internal investigation.
It found—and the board accepted—that Staley “honestly, but mistakenly” believed that it was permissible to identify the author, but that he had “made an error in becoming involved with, and not applying appropriate governance around, the matter, and in taking action to attempt to identify the author of the letter,” whose identity is still unknown.
At the time, Barclays’ whistleblowing policy applied only to employees. It was not until 7 September 2016 that the FCA and the PRA introduced new rules requiring firms to provide whistleblowing protections for “reportable concerns” raised by “any person” (i.e. not just workers).
In an April 2017 statement, Staley said: “Our whistleblowing process is one of the most important means by which we protect our culture and values at Barclays, and I certainly want to ensure that all colleagues, and others who may utilise it, understand the criticality which I attach to it.”
—Neil Hodge

These measures—which apply until the end of 2020—are the first of their kind applied to a regulated firm in regard to whistleblowing.

Mark Steward, the FCA’s executive director of enforcement and market oversight, said in a statement: “Given the crucial role of the chief executive, the standard of due skill, care, and diligence is more demanding than for other employees.” He added, “Chief executives must act with a high degree of care and prudence at all times. Whistleblowers play a vital role in exposing poor practice and misconduct in the financial services sector. It is critical that individuals are able to speak up anonymously and without fear of retaliation if they want to raise concerns.”

If either Staley or Barclays thinks that agreeing to the regulators’ demands will draw a line under the matter, however, they are mistaken; and some commentators have already queried why Staley has kept his job and what his actions mean for the safety of other whistleblowers if even the chief executive of an organisation is unaware of what whistleblower protection really means. 

Nicky Morgan MP, chair of the U.K. Parliament’s Treasury Committee, has warned that in its next evidence session with the FCA, members “will ask why it believes that the fines are appropriate, and what it believes the implications are for the senior managers regime.”

And across the Atlantic, Barclays says that it is continuing “to provide information to, and cooperate with, authorities in the U.S. with respect to this matter.”