Amid the many risks that financial institutions face in today’s environment, organisations are increasingly seeing a focus on supervisory failings in terms of staff misconduct.
Panel speakers
• Zane Pritchard, Head of Singapore Compliance and Operational Risk Control, UBS
• Kit de Halpert, Co-Head of Asia-Ex Japan Private Wealth Management Compliance, Goldman Sachs
• Alison Fidler, Head, Compliance, Wealth Markets Products & Sales, Standard Chartered Bank
• Vincent Koo, Regional Head of Wealth Management Compliance, Asia Pacific, BNP Paribas Wealth Management
• Stephanie Magnus, Principal, Baker & McKenzie
Regulators around the world are building conduct into regulations – as seen in the case of MiFID II – in terms of rules around price transparency, appropriateness tests for non-advised trades in complex products, enhanced conflicts of interest disclosures and enhanced product governance rules.
There are also changes to the Private Banking Code of Conduct in Singapore along some of these lines.
Yet it is often much harder to assess if there has been a supervisory failing compared with the misconduct of staff themselves.
What institutions need to do, therefore, is to demonstrate that the right governance and frameworks are in place as a defence.
Tied to this, there is also a much bigger focus on compensation, and how negative and poor risk behaviour impact compensation. Robust frameworks are needed, with an appropriate impact on compensation, especially as the industry has seen more enforcement and fines by regulators against commissions-related fines.
Shock to the system
Although predicting the next specific conduct enforcement shock is difficult, some compliance practitioners believe it might relate to retail investors and pricing.
There needs to therefore be increased regulatory scrutiny around pricing – with best execution/differential pricing of products for different client segments.
At the heart of conduct risk, however, is human mis-behaviour. So managing conduct risk relies on managing that element.
The focus on conduct risk therefore brings in several different concepts to consider.
First, compliance practitioners ask by what reference point should mis-behaviour or mis-conduct be measured. They are observing regulators taking the view that mis-behaviour should be measured by whether it causes detriment to the clients, the markets or the firm itself.
The UK Financial Conduct Authority, for example, talks about delivering good outcomes for customers, market integrity and to promote effective competition in the interests of consumers.
Secondly, there needs to be a sharper focus on the culture of the individual financial institution as both a driver, and potential mitigator, of conduct risk.
As a result, compliance practitioners say that the qualitative value of the ‘tone from the top’ is reinforced. With regulators using language like the “board and senior management are ultimately responsible for..., the whole premise is that the boards have to drive culture.
The culture, based on shared values and norms, and the mind-sets that drive behaviour, therefore become paramount.
Thirdly, practitioners must determine what’s realistic in terms of whether human behaviour (or mis-behaviour) can be predicted.
Traditionally, lagging information/indicators are used, such as compliance breach information and training records. Instead, financial institutions could explore ways of predicting risk conduct outcomes and/or enforcements to allow action to be taken before the risk materialises.
Evolving enforcement
Senior compliance specialists believe that the most likely way the regulatory and enforcement environment around conduct risk will evolve in 2017 is greater personal accountability for all bank staff – including managers and compliance officers.
Some practitioners think even the regulators will concede that the pace of regulation should slow in order for the industry to digest and apply existing requirements correctly.
However, 2017 is likely to see stronger enforcement around breaches and failures, both in terms of faults made public and stronger sanctions against deliberate or repeated failures.
One of the positive outcomes of greater internal and external expectations and personal accountability on senior management might be additional support to help them to fully perform their role to expectations.
It is also important to note that conduct is not restricted to misconduct and inappropriate behaviour. Practitioners also say that good conduct is essential to maintaining high risk management and compliance standards.
2017 risk heat-map
When looking at some of the biggest expected risks in 2017, customer protection goes up in the heat-map, along with disclosure and investment suitability, in terms of detecting mis-selling.
Singapore is also following Hong Kong in a number of measures around investor protection – namely, the opt-in Accredited Investor regime and increased transparency requirements.
At the same time, technology risk is coming back into focus, with cyber-crime a big concern among compliance professionals.
Further, sensitivities around defaults in the bond market might see further detailed guidance for banks how to deal with impacted investors. Practitioners say clients feel ‘surprised’ by the administrative burden to deal with defaults and are not really prepared how long it takes to claim monies back.