BY: ComplyLog|July 13, 2022|General compliance
The global financial crisis of 2008 drove repercussions across all sectors and provoked a culture shift in how institutions approach conduct risk in banking.
In the aftermath of the crisis, banks suffered detrimental financial effects. Those found to have acted inappropriately were sanctioned, with EU-situated banks alone issuing €45 billion in fines, settlements and redress costs in Europe and the US. The European Systemic Risk Board (ESRB) reports that the Common Equity Tier 1 ratios of European Union G-SIBS (global systemically important banks) “would be, on average, around 2 percentage points higher without such fines.”
According to the Edelman Trust Barometer, in terms of reputational damage resulting from the crisis, financial services remain the world’s least-trusted industry sector for an eleventh consecutive year in 2022.
To mitigate conduct risk in the financial sector, the European Union implemented legislation, including the Market Abuse Regulation (MAR) and Markets in Financial Instruments Directive II (MiFID II). This article describes the conduct risk landscape in banking today concerning the current regulatory environment and how financial institutions can manage their conduct risk framework.
Table of Contents
III) Conduct risk challenges faced by banks:
IV) How to manage conduct risk
Conduct risk relates to actions performed by individuals within an organisation that generate adverse effects on its customers or the markets it participates in, or that reduce competition in some manner. Such behaviours might be associated with the prevailing corporate culture of the organisation or could comprise the actions of rogue individuals. The organisation should develop robust frameworks to manage and mitigate conduct risk in both cases.
Examples of risks relating to employee conduct include:
|Insider dealing||Taking advantage of non-public information that, if made public, would have a significant effect on the price of a financial instrument, in order to inform trades.|
|Conflicts of interest||When an individual within the company benefits from an action that is detrimental to the organisation or its clients.|
|Retaliation against whistleblowers||Causing detriment to a person who has made a report of wrongdoing in the workplace. Retaliation includes laying a whistleblower off, disciplining them or giving them a negative assessment for no other reason than punishment for issuing their report.|
Banks must prioritise managing conduct risk for the following reasons:
There are many challenges banks face in terms of conduct risk. Here are the most important ones:
The tone from the top is a key driver of corporate culture, and if leadership is taking a soft line on conduct risk, it filters through the organisation.
If your senior directors are not seen to practise good conduct within the business, employees might feel that there is no point in doing so themselves. Even if employees do endeavour to act appropriately, a culture that does not value exemplary behaviour might discourage them from reporting wrongdoing. They could believe that they will be ignored or, in some circumstances, be punished for escalating instances of unethical behaviour that they witness.
Other potential conduct failures of leadership include not applying standards equally to all departments. This is particularly concerning if executives, for example, spare scrutiny to the most profitable units, even when there are reports of wrongdoing.
Conduct risk does not just relate to purposeful compliance breaches. There can be circumstances in which non-compliant behaviour results from inadequate employee training.
Whether it is in-house staff or contract workers, you should ensure your training programmes are tailored to cover all relevant compliance requirements and provide training promptly. This could entail an understanding of the impact of the company’s products on consumers or the market in general, the correct way to handle a whistleblowing report, the process for pre-clearance of personal trades, and so on.
By concentrating solely on financial metrics when determining remuneration packages, an issuer can incentivise behaviour that could be categorised as a conduct risk. If the focus is purely on making money to receive a valuable benefits package, this can cause employees to prioritise revenue over conduct, with potentially disastrous results.
Banks should seek to implement payment plans that align with company values and apply them from senior roles downwards, across the organisation. Many executive remuneration packages now incorporate environmental, social and governance (ESG) metrics, which helps to concentrate them more keenly on conduct than simply profit. You can apply the same or similar principle to employees in other positions.
Banks and other financial institutions must manage conduct risk as a priority. With the possibility of receiving dissuasive penalties and damaging the brand’s reputation, neutralising the drivers of misconduct is essential. Here are the necessary steps to take a proactive approach to manage conduct risk, rather than waiting for misconduct to occur before taking action.
The risks that affect your institution are different from those of other organisations in the sector, so you must identify those risks that are more pertinent to you. Once you have pinpointed those risks that affect your firm, you must assess them to decide where your priorities should lie.
Potential risks include:
Once you have identified the primary risks at play within your organisation, you must analyse performance and activity to understand which to prioritise. As part of this process, you should:
To monitor your management of conduct risk effectively, you must identify the key metrics to measure. Identifying the metrics will enable you to display the progress of your efforts and allow you to distribute your resources more effectively.
Make management information (MI) readily available to enable senior leaders to access the metrics. Liaising with the board to understand how they will use the information relating to conduct risk management is also essential for understanding how implementing an ethical culture benefits the organisation and, by extension, its customers.
Create key risk indicators (KRI) in addition to underlying metrics to quantify progress and inform future strategy.
Metrics that you could measure include:
With the necessary training, employees and leaders should understand their responsibilities relating to conduct risk. It takes a collaborative effort to ensure an organisation remains compliant with regulations and that employees conduct themselves in an ethical manner.
Some examples of relevant responsibilities are:
It is the institution’s responsibility under MiFID II to “take all appropriate steps to identify and to prevent or manage conflicts of interest between themselves, including their managers, employees and tied agents.”
You should have systems in place to reduce the potential for conflicts of interest before they occur. This could be achieved by setting up a rigorous pre-clearance system, avoiding situations where you are providing financial advisory services for any transaction to two competing parties, setting up information barriers between teams, or any other preventative measure.
By utilising automated surveillance tools, you can track activities such as employee personal trades and generate notifications in the case of an infraction or suspicious behaviour.
Using the example of employee trades, TradeLog allows organisations to automate their pre-clearance processes by setting parameters based on the company’s priorities and policies. Trades that fall within these thresholds are cleared, whilst those that don’t are rejected. This simplifies the pre-clearance process, improving the speed and efficiency of the system to allow employees to make acceptable trades in good time, reduce the workload of the compliance team and ensure the firm adheres to all MiFID II requirements.
TradeLog also monitors cases on an ongoing basis, flagging violations and producing both standard and customised reports for your audit trail.
Rather than incentivising just financial performance, which has the potential to lead to employees taking on excessive risk or recommending unsuitable products because they may receive a larger commission, you should introduce non-financial factors into remuneration packages.
This package could mean rewarding employees who have achieved high customer service satisfaction ratings, contribute to CSR activities and perform well relating to the ethical codes of the business or similar.
Many companies are already linking executive pay to ESG considerations, which encourages directors to make sound ethical choices and strive to increase profit.
Failure to create an effective risk culture has been named a key driver for banks’ failings leading to the financial crisis and beyond. If the prevailing culture is one of putting profit before ethics, this increases the conduct risk for the organisation. A culture that prizes compliance and good conduct through leadership, training and reward is less likely to incur financial penalties and reputational damage.
Choosing metrics that relate to the organisation’s specific situation, aims, and requirements will help measure conduct risk accurately. For example, you might target reducing the number of suspicious transaction reports or whistleblowing reports to understand if your efforts are effective.
Training and development opportunities help employees understand their obligations, and incentives ensure that they work towards a fairer and more just environment. Leading by example is another way that companies can improve their conduct. If executives are seen to embody the culture they promote, it spreads to all levels of the organisation.
Conduct risk in banking has never been so significant. With the compliance environment growing ever more complicated, being able to direct employees towards an ethical culture is essential for protecting the organisation’s reputation and minimising the risks it faces. The financial penalties experienced by much of the banking sector following the financial crisis at the end of the 2000s are still fresh in the mind of many in the industry who want to prevent that from happening ever again.
By using monitoring tools, you can automate your conduct risk management. TradeLog is one of the solutions you can add to your toolbox to help you automate the monitoring and pre-clearance of employee trades while remaining entirely compliant with your MiFID II obligations. Request a free demo for your business today.