Wells Fargo: What Should Have Happened


When Wells Fargo fired 5,300 employees in September for inappropriate sales practices, then-CEO John Stumpf approached the scandal with an outdated playbook. In response to the $185 million in fines levied by regulators, he first denied any knowledge of the illegitimate accounts. Attempting to mitigate press fallout by distancing the company from a group of “bad eggs” acting independently is not the answer, however. Even if Stumpf had maintained this assertion of innocence, changes in the risk environment over the past few years demand a proactive approach.

Rather than simply deflecting responsibility in these situations, executives must be able to accomplish two things:

• Provide historical evidence of due diligence and risk management (if such a program was actually used)
• Demonstrate how the company is adjusting its policies and/or implementing new policies to ensure a similar incident doesn’t happen in the future

In 2010, the SEC’s Proxy Disclosure Enhancement (rule 33-9089) explicitly made boards of directors responsible for assessing and disclosing risk management effectiveness to shareholders. It mandates the use of risk monitoring systems to demonstrate that existing controls (mitigation activities) are effective. Under this rule, “not knowing” about an activity performed by employees is considered negligence. This is a crucial development; negligence carries the same penalty as fraud, but it does not require proof of intent. The Yates Memo (2015) gave the SEC ruling more “teeth” by requiring organizations to provide the Department of Justice with all the facts related to responsible individuals.

As a result, many companies have suffered significant penalties and frequently criminal charges, even though their executives were allegedly unaware of illicit activities. Consider the emissions scandal at Volkswagen and fines paid (to the SEC) by global health science company Nordion Inc. In both instances, deceptions were perpetrated by individuals below the executive level, but senior management’s inability to detect/prevent the incidents came back to bite them.

How to Prevent Risk Management Failures at Your Organization

John Stumpf’s approach should have started with an admission of Wells Fargo’s failure in risk management processes across the enterprise, followed by evidence that a more effective, formal enterprise risk management process is being implemented. For example, risk assessments must cascade from senior management down to the front lines and across all business silos. This ensures that the personnel most familiar with operational risks (and how to mitigate them) can keep the board informed.

In other words, instead of simply apologizing and attempting to provide restitution, Stumpf should have demonstrated that Wells Fargo is taking proactive risk management measures to protect its many stakeholders. It is the company’s duty to ensure that something like this never happens again.

The scandal is predictably following the same track as have previous failures in risk management: it starts with regulatory penalties, then leads to punitive damages, class action lawsuits, and finally, criminal charges and individual liability, depending on the particular case. The key to this pattern is the absence of adequate risk management, which means negligence under the new enterprise risk management laws, regulations and mandates passed since 2010.

The good news is that avoiding serious, long-term consequences is possible if proper actions are taken. For example, by providing a historical record of risk management practices, Morgan Stanley avoided regulatory penalties when an employee evaded existing internal controls. Other corporations that can provide evidence of an effective risk management program (risk assessments, internal controls that address risks, monitoring activities over these internal controls, and an electronic due-diligence trail) are largely exempt from punitive damages, class-action lawsuits, and possible jail time.

When implemented proactively, effective risk management systems have and will continue to prevent scandals, regulatory fines, litigation and imprisonment. For a more in-depth analysis of the Wells Fargo scandal, read the LogicManager blog post “The Walls Fargo Scandal is a Failure in Risk Management.”

Talking Insurance With Wells Fargo Insurance Services CEO Neal Aton

At RIMS 2011 Vancouver a few weeks ago, I got the chance to speak with Wells Fargo Insurance Services President and CEO Neal Aton to discuss the current state of the market and his company’s expansion over the past decade, something accelerated by the Wachovia merger at the end of 2008. Much like most other insurance executives I have spoken with over the past several months, he believes that the confluence of catastrophes and other market realities have led to a bottoming out of premium pricing for the P/C market.

“It seems that from a pricing standpoint, we’re finding the bottoms in the market,” said Aton. “There are a couple things I think are happening. We see global events that are going to drive reinsurance costs. You see local events which will drive direct losses in the marketplace. I think the property market is a place where there is … a sensitivity to events.”

In addition to the many, many loss events that have battered insurers, he sees a reactionary mentality developing across the industry. And he thinks that once pricing starts to go in the other direction, many carriers will follow suit.

“I think the psychology of the market is such that it seems to me that there is a willingness to follow a price leader,” said Aton. “While the facts may refute that, I think there’s just a mentality that the market’s finding a bottom. I wouldn’t call it a hardening of the market but I think there’s a firming of the market.”

Of course, the P/C industry is not some monolithic collection of policies all moving in unison. Different market segments will continue to behave differently. He doesn’t see the same level of firming in casualty as with property, for example. And he certainly doesn’t see it in D&O. “There’s still plenty of capital running around,” he said.

As for workers comp, he expects a drastic change.

“However, in workers comp, it’s hardening,” he said. “Clearly.”

For Wells Fargo, this will be the first major market shift that the company has undergone as a major player in the insurance market. It  jumped into the business with its acquisition of Accordia in 2001, and while it did navigate through the ensuing market cycle, it did not have nearly the same scale of operations as it does today. Its subsequent acquisition of ABD Insurance & Financial Services (in 2007) and merger with Wachovia (in 2008) have changed the game, turning it into the fifth largest brokerage in the world, according to Business Insurance.

While Wells Fargo Insurance Services is headquartered in Chicago, this growth has caused it to remain a very decentralized operation with 6,000 employees spread out in 200 offices. For Aton, that is a good thing, since the different offices can maintain “a deep commitment to a local market” but also retain “a window into a national resource.”

But you can be too decentralized to an extent that the mothership loses track of what each location is doing. So Aton thus spends a lot of his time trying to devise ways to maintain a good balance between a vast, dispersed network of employees who can reach all segments of the market and ensuring that the whole team remains connected with a common mission. Keeping this connectivity between company resources and the insurance buyer is not easy, but it is the goal.

“It’s hard to deliver, but when you deliver it, boy, it’s magic for a customer,” said Aton.

The main reason the company sees insurance as such a good area of business is that its banking operations allow different units to “cross sell” very easily. It already has so many corporate clients receiving financial services from other parts of the company that adding insurance to their portfolios seems like a natural fit. Right now, about 25% of the insurance side’s business comes from such cross sales with the remaining 75% coming from the market. “I aspire to have that grow to about half-and-half…not by shrinking that side but by making the pie bigger,” said Aton. “We’re on track to do that.”

Currently, Aton’s team supplies one out of every 13 to 15 of those customers who already do other business with Wells Fargo. Aton wants that number to be one out of every five. “That would imply somewhere around tripling our business,” said Aton, later adding that “getting to that is as much about marketing ourselves not only in the marketplace [but] marketing ourselves within Wells.

As the insurance side becomes more a core piece of Wells’ overall business, this will become increasingly easy, he believes.

“We start a conversation with another business [unit] not by saying ‘should we work together?’ It’s ‘how do we work together?’ It’s assumed that we’re working together. That’s the culture—we share our toys. That has taken building muscle memory.”

When I asked him if increasing revenue on the insurance side will also entail expanding through acquisition, he was unequivocal. “Absolutely,” he said. “Absolutely. I think it’s a good time to continue to acquire.”

Integration is never easy, but the Wachovia experience has left Aton optimistic for future opportunities. “In the insurance space, I don’t want to say [the Wachovia merger] was easy, but I wish they all worked so perfectly as that one did,” he said. The key benefits, aside from the integration ease (something they finished on the insurance side in 15 months) were the greater market reach the merger gave Wells Fargo into the Southeast and the complementary risk management and employee benefits talent that Wachovia brought.

Right now, 20% of Aton’s company’s business is in the employee benefit space. He wants to double that over the next five years. This is something that was evolving naturally on its own. And then health care reform came around and provided an even larger impetus to expand in the benefits area. “Number one, it’s a good business,” said Aton. “But the major driver is that our customers need help. There are just so many questions in flux in the health care space.”

So in health care, as in insurance and risk management services, he doesn’t see any end in sight to his company’s expansion.

“There is just a huge demand as customers, from small business owners up to CEOs and CFOs, say that the relevance of insurance and risk management is huge — huger than it’s ever been,” he said.