The co-operative movement—organizations owned and democratically operated by their workers—has a proud history in Britain. But the more salubrious recent past of one of the country’s most trusted and ethical brands came back to haunt it with a savage vengeance.

Firstly, on 6 March, the Financial Conduct Authority (FCA) banned former Co-operative Bank chairman Paul Flowers from ever working in the financial services industry again following conduct that “demonstrated a lack of fitness and propriety.” Flowers was fired for using his work e-mail to send sexually explicit messages, using his co-op mobile phone to call premium rate chat lines, and for abusing cocaine, GHB, and ketamine. Flowers was once a Methodist minister, but his drug habit earned him the nickname “the crystal Methodist” in the U.K. press. He stepped down as chair in 2013 and in 2014 he was convicted for drug possession. The fact that the bank had a £1.5 billion (U.S.$1.9B) hole in its accounts when he was sacked did not help his cause either.

Just hours after Flowers received his prohibition order, the U.K. government launched an independent review of the Co-operative Bank for the period between 2008 and 2013, when Flowers was chairman and when the bank pulled out of buying 632 bank branches from Lloyds Banking Group, a strategy known as “Project Verde.”

To add to their woes, two days later, the Groceries Code Adjudicator (GCA), the industry watchdog, said it was launching an investigation into the Co-operative Group, the U.K.’s largest consumer co-operative, having formed a “reasonable suspicion” that the retailer may have broken the Groceries Supply Code of Practice between 2016 and 2017 by making “unreasonable” charges and delisting suppliers. It is only the second formal investigation to date that the regulator has conducted (the first was Tesco in 2015 for delaying supplier payments), but—as bad luck would have it—it will be the first in which it can levy new penalties of up to 1 percent of turnover, which would equate to over £70 million (U.S.$86M) in Co-op’s case (though no one seriously expects this). Co-op has acknowledged that its conduct has “fallen short” and has so far refunded 110 of its suppliers with around £500,000 (U.S.$616,000).

There’s no doubt that it was a bad month for the co-ops. But they are not the only organisations under increased scrutiny—or set to be criticised—for governance and compliance failures. The FCA, and its forerunner the Financial Services Authority (FSA), are likely to take a hit on the ducking stool too.

The revelations about Flowers’ conduct came out in 2013 and, by 2014, he had already been sacked and convicted. But it has taken the financial regulator over four years to formally ban him, and the FCA’s delay in banning Flowers has pushed back the Treasury’s own independent investigation.

The Treasury said back in November 2013 that it would launch an inquiry into what went wrong at Co-op Bank, but up until last week’s announcement the process had not even begun. Nicky Morgan MP, chair of the Treasury Select Committee, has already asked the FCA’s CEO Andrew Bailey for answers. Bailey, however, may not be the best person to approach—he was CEO of the Bank of England’s Prudential Regulation Authority (PRA) at the time, and he will not play an active part of the investigation because of a potential conflict of interest—it is his own conduct that will be examined (in part).

The catastrophic leadership at Co-op Bank has not only raised questions about regulatory oversight, but also about the state of U.K. corporate governance.

Furthermore, the Treasury investigation is not just looking at what went wrong at Co-op Bank, it is also examining the shortcomings of the regulators. The investigation will consider the actions of former regulator the Financial Services Authority and its successor the PRA, which both had obligations to regulate Co-op Bank during the period. The enquiry will focus on questions raised in a 2014 report of the Treasury Select Committee regarding Project Verde, which includes whether or not the Co-op Bank’s bid for the branches should have been halted sooner when it became apparent that the bank could not finance the deal or absorb the branches into its network easily.

The catastrophic leadership at Co-op Bank has not only raised questions about regulatory oversight, but also about the state of U.K. corporate governance. At the time, Flowers was chair of an unfeasibly large board of six executives and 15 non-executives, which was not in accordance with corporate governance best practice, particularly as few of these board members had banking expertise—Flowers included. His background was serving on boards of religious, local authority, and charitable organisations, but despite this obvious lack of qualification, he received unanimous backing following an interview and a psychometric test. His role as chair was to get through the agenda by banging heads together around the table, rather than to question the intricacies and risks surrounding financial products and strategy. Somehow this arrangement passed muster with the regulator.  

As for the GCA investigation, no one expects any potential fine to be substantive, even though the regulator now has stronger powers to impose stiffer financial penalties; it prefers engagement and remediation, rather than punishment. For example, Tesco was only asked to pay £1m (U.S.$1.23M) towards the costs of its investigation and to make significant changes to the way it dealt with suppliers, despite “serious breaches” of the GCA’s legally binding code of conduct.

Many will applaud the GCA’s take on compliance and regulation, but there are questions over whether the United Kingdom’s style of corporate governance and enforcement continues to make sense: the co-op scandals are a reminder that companies are still breaking the rules (with or without board knowledge), and regulators still tend to be reactive rather than proactive, so that governance failures are not prevented, and companies are punished after the event. Investigations into corporate failure also tend to be open-ended, and can rumble on for years.

For 25 years, the United Kingdom has prided itself on promoting a “comply or explain” approach to corporate governance. However, the Corporate Governance Code—in its various forms—has been revised five times in the past decade alone, reflecting the fact, perhaps, that even a principles-based approach to corporate governance cannot keep pace with stakeholder concerns over how companies are run, nor boards’ failure to govern properly.

And while there is a focus on how companies should be better managed, perhaps there should also be a review into how well regulators are suited to the task in hand—both in terms of their approach and their ability and willingness to enforce the rules.