Managing Conduct and Behavioural Risk

Conduct Risk

“Strategy or business model, causes or has the potential to cause, customer detriment and/or negatively impact market integrity”.

Conduct Risk is a key area of focus for regulators everywhere with the UK, Australia and the USA leading the charge

The focus is on how the business is run, rather than how it is controlled

Europe sees Conduct Risk as a Systemic Banking Risk

Misconduct is bad for business

Cash• Revenue loss

• Fines

• Redress costs

Capital

• Rating• Regulatory capital • Cost of borrowing• Goodwill

Strategic Control • Key managers suspended

• Lose licence, market access

• Governance challenged

‘No CEO enjoys explaining away conduct crises to investors and customers. Nor the penalties that follow it. In fact, its hard to think of a topic that is invested with

so much corporate energy’ Martin Wheatley, FCA

Clydesdale Bank….

“In order to achieve the proposed CYBG demerger and IPO, the Prudential Regulatory Authority requires capital support for CYBG of £1.7bn in

relation to potential future legacy conduct costs” Annual Report, Sept 2015

The provisions of £465m recognised by the Bank in the year ended 30 September 2015 will form part of the £1.7bn support package from National Australia Group

The £465m comprises: • £390m for payment protection insurance (PPI) including the expected

outcomes of the past business review and costs to run the remediation program and

• £75m in relation to interest rate hedging products (IRHP) / fixed rate tailored business loans (FRTBLs)

Conduct Risk is not …

Defined by Regulators: each firm must determine what it means

Defined in Terms of Appetite: by definition it must be “zero”

Values Statements: must be hard-edged and embedded in the business

“Tick Box” Compliance: “soft risks” e.g. behaviours, choices and values

Not limited to Product Mis-selling: competition abuse, IT, cybersecurity etc.

Customer Satisfaction & Experience: is not the same as being treated fairly

Preventing Innovation: its about trust, risk management and accountability

4 Main Types of Misconduct

‘We treat conduct risk like any other risk, and with a risk this big, you need to give us a very good reason why you are not taking proactive

steps to manage it’ Tracey McDermott, FCA

1. Mis-selling of financial products to retail customers e.g. the payment protection insurance mis-sold by UK banks;

2. Mis-selling of financial products to professional clients e.g. the US subprime mortgage-backed securities mis-sold by US banks;

3. Violation of national / international rules and regulations e.g. tax rules, anti-money laundering rules, anti-terrorism rules, economic sanctions;

4. Manipulation of financial markets e.g. the manipulation of LIBOR rates and foreign exchange benchmark rates

Source: European Systemic Risk Board

Main Risks for Retail Customers

• Products not developed with due regard to their best interests

• Not provided with clear information before, during and after POS

• Sold products which are not appropriate to their needs

• Receive poor quality advice

• Complaints and disputes are not dealt with in a fair manner

• Data & Information is not correctly protected

• Reasonable expectations are not met

Dawn of Behavioural Regulation

Old controls – econometric

• money-based• time lag: retrospective; consolidation delays• focus on numbers created “false certainty”• forced false binary [yes / no] compliance reports• ignored human decision factors: bias, habit, affect, culture

New behavioural controls

• econometric plus human indicators...• observe real-time interactions: “what actually happens?”• note biases: understand, challenge and correct them • scalar compliance: progress, commitment, responsiveness

‘Rules are generally easier to work around than principles. But boards need to ask whether the value of a loophole is worth pushing the boundaries of

acceptable behaviour’ Tracey McDermott, FCA

The De-biasing Challenge

Why regulators target this risk:

• retail customers buying on “illusion of understanding”• risk of “exploiting customers’ myopia”

New approach: regulators want you to...

• identify key biases, where and how they occur... in corporate risk, product design, sales-side and customer-side

• intervene to correct for bias effects• report on success of bias corrective actions

Recognise that you are not able to de-bias yourself

‘Customers remember tone at the till long after they have forgotten tone at the top’ John Griffith Jones, FCA

What does good look like?

‘Without a firm foundation in identifying the conduct risks inherent in your business, it will be hard to manage conduct, let alone show regulators and

others that it is being managed’ Tracey McDermott, FCA

1. How do you identify the conduct risks inherent in your business?

2. Who is responsible for managing conduct risk?

3. What support mechanisms do you have to enable people to improve the conduct of their business or function?

4. How does the board and the executive committees gain oversight of the conduct of their firm?

5. Are there any incentives or activities that undermine your efforts?

The Boards Role

‘NEDs need to ask: How do we actually make money today, what is it we will do in the future to grow the firm and why is it fair? ’ Clive Adamson, FCA

• In what practical ways does the firm put customers at the heart of its business and promote behaviours that consistently support this?

• Has the Board established a working definition of conduct risk that is in line with latest best practice? Is this evident in customer and business strategies?

• Is the Board satisfied that culturally the firm is engaged with conduct risk within the overall risk framework, not merely as box-ticking?

• Who on the Board focuses on the underlying behaviours behind customer complaints? How many products changed as a result of customer feedback?

Addressing Culture

‘We are still told that misconduct is the work of a few errant individuals within large organisations. But there does seem to be a growing recognition that the

issues are deeper and wider’ Tracey McDermott, FCA

• Culture is a significant driver of the behaviours of a firm; one size doesn’t fit all – firms must address micro cultures and understand what drives behaviours

• “Tone from the top” is vital but not sufficient on its own; values should be lived not just written down

• Culture is what actually happens, not what should happen; Senior Managers must lead by example and hold people to account

• Doing the right thing should be in the DNA of the firm; you don’t need a rule book to determine right from wrong

Embedding Product Governance

Business leaders must ask sensible questions. So not just “is this product or strategy legal?” but “is it right?” and “is it in the best long-term interests of

our clients?”. Martin Wheatley, FCA

1. Oversight & Governance Arrangements: “customer centric” 2. Involve All Stakeholders: include internal control functions from outset3. Target Market: clearly define and in the best interests of consumers4. Product Testing: assess impact on consumers (in stressed scenarios) 5. Product Monitoring: ensure suitability beyond POS 6. Remediate Quickly: mitigate problems and prevent re-occurrences7. Distribution Channels: ensure appropriateness to target market 8. Distributors: provide full facts - target market, features, price, risks etc.

Source: European Banking Authority

Managing Sales Incentives

‘Incentives are a powerful tool in setting the culture of the firm: by definition they identify the behaviour on which the firm places value’.

Remuneration policies should encourage responsible business conduct with the aim of preventing mis-selling practices, unreasonable risk taking, or other irresponsible conduct. It includes both financial and non-financial rewards.

Central Bank of Ireland thematic review of Financial Services found:• A high percentage of variable remuneration was paid based on the achievement of

sales volumes, revenue or targets• Focus on quantity v quality – insufficient emphasis on linking quality measures and

behaviours to unlocking incentives • Widespread use of risky features such as ‘accelerators’, sales targets and thresholds,

inappropriate product bias and multiple incentives paid for the same sale

Source: International Financial Consumer Protection Organisation

In Conclusion

1. Press on with practical compliance

2. Understand your customer’s view

3. Appreciate the regulator’s view

4. Start product design to the benefit of your customers

5. Hire high quality people, train and listen to them

6. Set incentives for doing right by customers

7. Take a forward looking view

Tony Moroney | Managing Director | International Financial Services

Berkeley Research Group, LLC6 New Street Square, 15th Floor | London, EC4A 3BFM +353 87 2556947 | O +44 20 3597 5167 | F +44 20 7853 9955tmoroney@thinkbrg.com | thinkbrg.com