Matters ranging from staff appraisals to cybersecurity discipline are thrown into sharp relief and challenged as never before when millions have to work from home. How do private bankers and other wealth managers fare? What issues do they need to consider?

Citigroup’s CEO is telling staff to stay off Zoom on Fridays; Royal Bank of Canada’s chief has told staff to take an additional day off during 2021, and several firms have made provisions so that staff may not have to be permanently office based again. On the other hand, the CEO of Goldman Sachs has stated that working remotely for months is “abnormal” and wants it to end. 

With the prospect of “vaccine passports” on the way in the UK and certain jurisdictions, and as COVID-19 throws its shadow over our working life, employers, employees and the self-employed have much to consider. Working from home for weeks on end might have been convenient for those with comfortable homes and a garden, but it’s been tough on young adults sharing apartments with few work spaces and spotty internet connections.

A pandemic that started a year ago meant that working from home went from being a bit of an adventure for some people into a slog. Offices may be less necessary now than a few decades ago, but for staff, especially younger members, they enable socialisation, building a team ethos and mentoring. And for all management levels, the benefits of a team culture are important, and offices allow that to happen. There is also cybersecurity to consider. (This news service has already begun to look at working life amid the pandemic - see here for a feature article.)

Perhaps one of the most controversial topics is that of so-called “vaccine passports”, and the extent to which firms can press staff to get inoculated as part of any update to contracts. A recent survey of 1,163 UK workers, carried out by HR software provider CIPHR, showed that 35 per cent of all workers said they would not work in the same office or work environment as someone who has refused the COVID-19 vaccination. It is Gen Z, alongside Millennials, who are the most vaccine-conscious co-workers with 38 per cent saying that they would not work in the same office or work environment as someone who refused a COVID-19 vaccine.

“The `no jab no job’ policy is much talked about and is a multi-layered issue. We are now starting to see employment tribunals dealing with employees who refused to attend work for fear of becoming ill at the height of the pandemic and before the vaccination roll out. Inevitably we will see disputes around the vaccination issue also,” Sarah Evans, employment partner of Constantine Law, said.

“Firstly, vaccination is not mandatory, and employers cannot force employees to be vaccinated. Whether they can dismiss or refuse to employ an employee who, against company policy, refuses to be vaccinated depends on a number of factors, chief amongst all being the reason for that refusal,” Evans continued. “Certain individuals will not medically be able to have a vaccine because of a physical condition or disability: cancer patients and survivors, and those on autoimmune suppressants, for example, are likely to fall into this category. Any dismissal or other sanction imposed by an employer in these circumstances will be discriminatory and unlawful.”

“Conversely, if an employee refuses because of a belief that COVID-19 is a hoax or is part of the anti-vax movement, it is unlikely that a dismissal/refusal to employ that individual will be unlawful on grounds of their philosophical belief because of the legal test that applies which requires such a belief to attain a certain level of cogency, seriousness, cohesion and importance. Accepted science and research suggest that the anti-vax/hoax movements do not reach that level,” she said. 

“Accordingly, where a company policy of requiring employees vaccination is in place, which would align with public policy and probably be appropriate for those who deal with the public face-to-face or travel abroad regularly, understanding the real reason for objecting to being vaccinated is key in assessing whether anti-discrimination protection and therefore liability arises. If an individual refuses to comply with the company policy for reasons other than disability, legitimate health and safety concerns or a genuine religious belief for example, that person may be legitimately subjected to the company’s disciplinary procedure for breaching company policy,” she said.

Caroline Walker, managing director at Cavendish Employment Law, said the key test on whether businesses can compel people to be vaccinated is whether refusing means a person cannot carry out their work.

Private bankers and wealth managers travelled a lot before the pandemic, so the vaccine passport issue is relevant here. “The new landscape has led to a number of new considerations: How safe is it for the employee to be required to travel, how the employer can support them if they are required to isolate or are prevented from returning and whether the employee has any health or other concerns that might affect their ability to travel,” Walker said.

Mentoring and control
The ability of firms to train, develop and appraise staff is pressured by working from home.

“It is understandable that appraisals, training and the ‘usual’ level of supervision of juniors will not have been possible during the last year for those in financial, legal and blue collar sectors because the majority of us will have been able, and therefore required to work from home,” Constantine Law’s Evans said. “This throws up practical and contractual issues: where a trainee has a contractual right to receive training, that contract may not have been possible to fully comply with.”

“This potential `breach’ is probably rectifiable, especially as lockdown eases, but may have delayed progression of some careers and promotion schemes. More tricky scenarios may well emerge where an employee is not performing as obliged, but in the absence of effective supervision or appraisals and reviews, it will be peremptory to commence a performance management process, or, equally risky, a fair one. In regulated sectors there are additional risks for both the junior members of a team and their supervisors who are potentially on the hook in the event of a regulatory breach,” she said. 

Cavendish’s Walker broadly agreed. 

“It appears those who are most adversely affected by remote working are the new junior members of the organisation. Not only are they requiring more supervision and interaction from their colleagues, but a recent national HR survey showed they were the least likely to want to work remotely for work/life balance and preferred the social experience of attending work,” she said.

What happens if a member of staff, like a private banker, has been stuck abroad, cannot return home to his or her family? 

“Where an employee works in another jurisdiction and is prevented from returning to the UK as planned, the firm will need to consider the impact on their tax obligations as well as their rights and entitlements as an employee,” Walker replied.

Duty of care
When a pandemic is raging, the crisis also puts the obligations employers may have to staff under the spotlight. 

Padma Tadi, senior associate solicitor at Irwin Mitchell, noted the following points: “Ultimately employers have an overall obligation to protect the health and safety of staff when working. The requirements and guidance in this regard will inevitably develop as travel and `stay at home’ restrictions lift.”

“We suggest that a case-by-case analysis and risk assessment would need to be done depending on what risks are identified for that role. For example, if whilst out in the field social distancing and contact can be limited, a mask and a supply of sanitiser may be sufficient. Compared to if an individual has to attend a client’s site, it might be wise to consider advance due diligence and questions in advance of attending the site, such as asking a client to provide a copy of their risk assessment as to what steps have been taken to make the place a COVID-secure environment,” Tadi said.

Safe and secure
Almost as soon as working from home started on a mass scale, there were alarms about cybersecurity risks. Some reports can make one’s hair go grey. One in five UK home workers has received no training on cybersecurity, according to a survey by legal firm Hayes Connor Solicitors (source: BBC, 1 February 2021). That report showed that two out of three employees who printed potentially sensitive work documents at home admitted to putting the papers in their bins without shredding them first. Another UK study in 2020 found that 57 per cent of IT decision-makers think remote workers will expose their firm to the risk of a data breach.

“The proliferation of new channels of digital communications, and the increase in volume and variety, requires robust oversight,” Constantine Law’s Sarah Wallace said.

“Online work increases cybersecurity risk. The Prudential Regulation Authority and Financial Conduct Authority have historically felt strongly that operational resilience (of which cyber resilience is part) and a firm’s ability to provide a seamless service during times of disruption is a non-negotiable,” she said.

“The challenge of supervising employees virtually gives rise to the risk of mistake, rule breaches or fraud. Most organisations are realising that lots of controls, oversight and cultural practices are built on pre-existing relationships - so when those pre-existing practices are turned on their head there is a risk that things may be at risk of breaking down,” Wallace continued.

And there are wider disciplinary issues to consider, Wallace said. 

“The lack of not having a physical presence of senior leaders or supervisors on the floor or not being able to easily get hold of colleagues, will mean that rules or red flags may have been ignored, internal investigations shelved, or staff may have failed to escalate issues appropriately. Errors, breaches, complaints, or system alerts may have been disregarded, putting firms or individuals at risk of a retrospective enquiry or investigation by FCA supervisors or enforcement staff,” she said. 

"Any internal review of complaints or failings must be carried out now in the context of the Senior Managers & Certification Regime – for example by looking at the competence and capability of senior managers and whether individual or senior manager conduct rules or prescribed responsibilities have been breached,” Wallace said.