This week's guest blog is from the very excellent Sandra Quinn on the subject of getting a grip on managing Conduct Risk or to put it another way the risks arising from how your firm and your staff behave – no, no please don’t stop reading, I promise it will be interesting and it may just save you and your business from going to the wall. Here are a few recent headline examples of how this can cost a few quid.
1. During the 00’s the costs to firms of miss-selling of Payments Protection Insurance (PPI) is estimated at around £9bn,
2. BP has made a provision of $41bn in its 2010 accounts to cover the costs for the Deepwater Horizon disaster
3. Societe Generale and UBS rogue trader incidents are estimated to have cost more than $9bn
4. In October the share price of Homeserve plunged 50% amid claims of misselling and the suspension of telephone sales.
As Sandra explains, managing this kind of risk to date has generally not been top priority. But now, with the “beefed up” regulators keen to ensure positive outcomes for customers and a public keen to ensure that firms are environmentally sensitive, socially responsible and ethically sound the challenge of managing conduct risks is now firmly on the agenda. If nothing else, the new Bribery Act brings the issue of managing conduct risk home to every firm and executive, with the potential for criminal sanctions and possibly gaol time if you get it wrong.
“Most organisations have a history of and a structure for managing their credit risk, their operational risk and their cash flows. To date though, very few businesses have systematically defined and managed the risks inherent in employing human beings and asking them to act with integrity in a complex and pressurised environment (Conduct Risk). Regulators have been focusing for some time on the fair treatment of customers. Now increasingly they are pressing for firms not just to ensure they have decent processes but to go further and ensure they are getting fair outcomes for their customers. The problem for firms is that it's not just a proper process that defines the outcome. It's people who design and follow process and adding more process and more prescription doesn't necessarily mean you get a fair outcome. And what applies for financial services applies more broadly too. Think Bribery Act and the aggressive enforcement agenda of the SFO. Think data privacy. And more besides.
If we are to learn the lessons about how to manage this risk then we will need to look again at our enterprises through the lens of conduct risk and people. Of specific interest and a good place to start will be to review how we treat our customers, how we set business targets, manage performance, reward and incentivise staff as well as deliver training and manage compliance to the front line. After all, few, if any, people got up one morning and said “hey, I think I’ll go out and miss sell some PPI/endowment policies/pensions” or "I think I will cut a few corners in how I install or maintain that piece of kit". Most I bet did what they thought the organisation wanted or valued, constructively if not explicitly.
Much of the focus in financial services firms on this comes through compliance trying to ensure that regulatory obligations are met. Other firms are starting to implement responsible business programmes, training, ethics and integrity seminars. Compliance and trying to reboot ethics can only do so much. But the reality for most organisations is that they run on business objectives, management information, financial and other incentives, and devolved decision-making. These are the levers which make organisations and their people work So, if we are going to really reduce Conduct risk we know that any successful solution for identifying, assessing and mitigating people and conduct risks has to get to grips with the DNA of organisations. After all, what gets measured and what gets valued, gets done.
Which leads me nicely to a major dilemma businesses are facing: the potential for firms to save money through better management of conduct risk is clear but ... with tight margins, pressures on costs, spans of control increasing and decreasing job security for staff in a tricky employment market, the conditions are arguably right for more not fewer conduct risk issues.
So the option is for an organisation either to bury its head in the sand or to take a good hard look at a lot of the ground breaking work that is being done in this field to construct solid, reliable Conduct Risk frameworks that allow businesses to seriously reduce and manage their exposure.
I hope for all our sakes they take the latter option”
Sandra Quinn is CEO of Quinnity Limited and is working with Capgemini to provide clients with real solutions to the myriad of Conduct Risk challenges they face. Having worked for both the FSA and Lloyds Banking Group, where she set up a people risk framework, Sandra understands the challenges of both the regulator and the regulated. She is currently applying her learning from financial services with a client in multiple sectors.
No comments:
Post a Comment