Conduct risk: “Risk associated to the way organisations, and their staff, relate to customers and the wider financial markets”
– Chartered Institute of Internal Auditors, 2018
Conduct risk is a form of business risk that refers to potential misconduct of individuals associated with a firm. Over a decade on from the financial crisis, firms still need to maintain sound and consistent management of conduct, in order to avoid regulatory action, fines and reputational damage.
Over the past year the risk of misconduct has gone up due to increased levels of remote working and is now ranked 6th in the top 10 operational risks for 2021 by Risk.net.
In this article we explore the main causes of conduct risk failures and how they are all interconnected.
Examples of conduct risk across financial institutions
This diagram illustrates where conduct risk failures typically arise in financial institutions:
“The incidence of financial sector misconduct has risen to a level that has the potential to create systemic risks by undermining trust in both financial institutions and markets”
-Mark Carney, G20, 2018
5 reasons for misconduct
Understanding and addressing the drivers of conduct risk is essential in improving standards of behaviour. While there is no one-size-fits all approach, there are five core areas at the root of conduct risk:
- Lack of leadership
A firm’s culture – its distinct set of shared values is at the crux of ethical lapses in financial institutions. Good conduct is driven by a strong, harmonious culture and organisational culture is determined by a company’s tone at the top and actions by the top.
Leadership is critical to a company’s risk culture as behaviour within an organisation is guided explicitly or implicitly by messages communicated by leaders. Leaders need to set the right tone and ensure the company’s mission and values are aligned throughout the organisation.
Over the past year the risk of misconduct has gone up due to increased levels of remote working and is now ranked 6th in the top 10 operational risks for 2021
In the UK, the recently enforced Senior Managers and Certification Regime (SMCR) has increased accountability for senior members of financial services firms for their conduct.
- Poor management of product life cycle
Poor conduct outcomes can arise when the commercial needs of a firm dictate product lifecycle practices rather than customer needs. Some companies do not adequately consider customer outcomes or market impact and this can foster misconduct, in particular mis-selling and irresponsible lending.
Often company staff, third-party distributors or other outsourcing vendors involved in sales or post-sale customer support are not given enough guidance and this can be especially problematic in cases where the customers are inexperienced or vulnerable. Post-sale, some financial institutions fail to investigate customer complaints, provide customer care or care that is provided is focused solely on procuring more sales rather than customer satisfaction. All serve to undermine good conduct as they disregard the customer perspective.
- Employee awareness
In some instances, financial institution staff or other representatives are not trained sufficiently or provided with the right tools to ensure customer and market interactions are conducted fairly and transparently. Employees may not completely understand the product features or potential impacts.
Complicated and labour-intensive policies and procedures can also be detrimental. Manual processes increase the chance of human error and accidental misconduct. Whereas, in large organisations, with intensive and intricate procedures, there may be a temptation for employees to overlook controls made to prevent misconduct.
- Wrong incentives
How an individual is incentivised plays a significant role in shaping their professional behaviour. In too many cases, remuneration still emphasises production and revenues over conduct.
Some firms could benefit from prioritising certain performance indicators over others. For example, rewarding customer satisfaction skills and risk awareness to encourage desired behaviours. However, even where financial institutions have modified incentive plans to align compensation better with company values, these programmes tend to apply to more senior level management and not necessarily all customer-facing staff.
- Inadequate management of reporting
Some financial institutions have inadequate processes for monitoring and reporting on conduct risks and have not implemented data analytic techniques to help identify root causes or perhaps even predict potential areas of risk.
Weak systems for monitoring and surveillance can result in misconduct going undetected and therefore risks not appropriately managed. A company culture may also discourage voluntary reporting of issues and problems. The result is a lack of transparency with an organisation’s leaders failing to identify and manage important risks.
These five reasons for conduct risk failures often overlap and as each firm is structured differently some may be more relevant than others. Nevertheless, they all ultimately point to the same source: a company’s culture. And changing a culture, although notoriously difficult is the shared solution to combat conduct risk failures.
Restoring trust – RegTech can help
A growing number of firms are adopting software solutions to better manage conduct risk. Such solutions help firms automate and streamline processes as well as track and monitor conduct-related compliance process flows. RegTech solutions can help support a firm’s conduct risk management and optimise outcomes in a more cost-effective way.
To restore the trust deficit, financial services companies must refrain from pursuing their own financial interests so recklessly that their actions might harm customers or the financial markets. They must demonstrate to regulators that they are a company that is serious about their conduct risk management systems. Designing the right conduct programme, supported by the right technological solution starts by bringing together business, technology, and regulation experts. Start your journey today by talking to our experts at 1RS. We can help you find a bespoke and sustainable technological solution that inspires trust.