Conduct risk continues to be a priority for regulators, but worryingly, a vast majority of firms remain unclear of what it is and how to deal with it.

An astounding 81% of financial services are still unsure of what conduct risk is and how to address it, according to a comprehensive Thomson Reuters survey.

This lack of clarity, along with growing worldwide actions by regulators, are leading financial service firms to create specific teams or employ conduct risk specialists at all levels of the organisation.

“In ensuring that conduct risk is effectively managed, Boards of Directors will have to play a critical role in setting the right tone for the firm and holding senior leaders accountable to ensure that the required change has taken place, as well as ensuring conduct risk issues are managed competently throughout the organization,” Niall Coburn, Asia Pacific regulatory intelligence expert at Thomson Reuters, said.

The Thomson Reuters Conduct Risk Report 2014/15, in which more than 200 compliance and risk practitioners from financial services firms in Asia, Australia, America, Africa, Europe and the Middle East were surveyed, follows up on last year’s study by looking at what practical actions firms have taken and what changes and progress have been made over the past 12 months.

With no universally-agreed definition of conduct risk, it is left to individual financial services firms to define what conduct risk means to them and how to manage it, leaving regulators to focus more firmly on the behaviour of companies on all levels.

“It takes time for new approaches, such as conduct risk, to take hold and many firms are just coming around to seeing the importance of managing and mitigating risk and employing specialists at all levels of the organization,” Coburn said.

As far as regulation is concerned, international regulators have underlined the importance of conduct with numerous rules, guidance, reviews and enforcements. In the UK the Financial Conduct Authority (FSA) has introduced powers to make interventions in the market place to ensure the interests of consumers are put first. The European Union has introduced a number of initiatives such as the markets consultation on amendments to the ‘Market abuse directive’ to better protect investors.

“In Australia, ASIC has intervened in a number of circumstances in relation to consumer credit issues such ‘leaseback’ arrangements and ‘payday’ loans to better protect consumers,” Coburn said. “Additionally, the recent Financial Systems Inquiry Report (FSI), made recommendations to better protect consumers and the way information is disclosed to them.

“This will cause firms to look at the way they can improve customer outcomes in terms of product disclosure, accountability, technology and improving complaints handling processes.  The report bares out the need for firms to better align their interests with those of the customers.  In Hong Kong, there has been an increased emphasis on protecting investors, with the SFC being very proactive in market misconduct matters and going to great lengths to protect investors and pursuing cross border misconduct as seen in the Tiger Asia case.

“International regulators have also penalised global banks and imposed billions of dollars of fines for misconduct especially in relation to benchmark rigging, with more civil and criminal proceedings underway all around the world.

“These fines have been the largest penalties in regulatory history. Governments have also played a significant part at the G20 in Brisbane for example, where world leaders agreed on the policy framework of what is an acceptable adequacy of loss absorbent capacity of major financial institutions.” 

The underpinning of these reforms is building a framework to actively strengthen supervision and risk management amongst the global players. These are all inroads to reducing consumer risks in the event of another financial meltdown.

The survey found a developing picture when it came to the maturity of a firm’s approach to conduct risk. Many firms rated their approaches as either implemented but requiring further work (37%) or in development (31%); only 14% considered their approaches to be robust and embedded.

For G-SIFI firms, 21% of respondents claimed to have a robust and embedded network, with 46% rating their approach as implemented but requiring additional work, 25% as in development, and only 7% reporting they had no formal framework.

The issue of personal liability is a major concern to financial services firms around the world with 67% of respondents stating that the regulatory focus on conduct risk would increase the personal liability of senior managers.

“Conduct risk ensures that there should be clear lines of responsibility for all business operations within firms,” Coburn said. “In essence someone should be ‘on the hook’ when things go wrong.

“With some firms having complex management structures, when things have gone wrong, as occurred in the global financial crisis, it was difficult to hold individuals to account as structures were clouded and confused. The ramifications of enhanced management responsibility and accountability is that ultimately someone is responsible or liable when things go wrong and that the buck stops somewhere.”

Coburn believes that the proposed UK framework seeks to cure this weakness within firms and introduces laws and guidance that make senior managers and non-executive directors personally liable for major breaches of compliance or regulatory requirements.

“The real challenges going forward are for firms to spend more time to make sure they understand the conduct risk issues arising within their organisation and dedicate the resources needed to deal with the risk alleviation issues relevant to their line of business,” Coburn said.

“There will be more emphasis on middle and senior management to improve and ensure that the systems and controls are effective to counter perceived risks and that risks indeed are effectively dealt with and proved to be so.”