Barclays boss Jes Staley will be fined by regulators for trying to identify a whistleblower at the bank.
Mr Staley tried to identify the author of an anonymous letter in 2016 which led to investigations from the Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA).
This morning (20 April) Barclays has said the regulators concluded Mr Staley breached the rules and they have proposed he pay a financial penalty.
But the bank stressed the FCA and PRA were not alleging Mr Staley acted with a lack of integrity or that he lacked fitness and propriety to continue to perform his role as chief executive of the bank.
The bank said its board continued to have unanimous confidence in Mr Staley and would recommend his re-election as a director at its annual general meeting on 1 May.
But the board will consider making adjustments to his pay.
Mr Staley has been given a period during which he can review the draft warning notices and make representations to the authorities.
The FCA and PRA found Mr Staley breached the the Individual Conduct Rule 2 (requirement to act with due skill, care and diligence), but will not take enforcement action against the bank.
Instead, they proposed both Barclays Bank PLC and Barclays Bank UK PLC will need to report to the regulators on certain aspects of their whistleblowing programmes.
The Barclays board had already commissioned independent reviews of Barclays' whistleblowing policies in May 2017 and changes have since been made, the bank said.
The board found out about the breach early last year and "promptly" told the regulators.
The bank also instructed law firm Simmons & Simmons to investigate the matter, which concluded that Mr Staley "honestly, but mistakenly, believed that it was permissible to identify the author of the letter".
The letter, written by an employee of Barclays in June 2016 had raised concerns about a number of matters at the bank, including the adequacy of its whistleblowing procedures.
It also outlined concerns about a senior employee at Barclays.
Mr Staley considered this an "unfair personal attack” on the senior employee and asked the information security team to identify the author.
But the author of the letter was not identified and no further action was taken.