Back in 2013 when the FCA was first created, ‘conduct risk’ was certainly not a hot topic. Things have much changed since then, but there are many people in the wealth management and private banking industry who are still unclear about precisely what conduct risk is and what it means for their organisation. Neil Herbert, Director of training and competence software firm HRComply, answers those questions.
The greatest challenge facing compliance and risk professionals today is trying to define the acceptable levels of conduct in the multiple market, investment and client sectors that the FCA regulates.
Conduct risk is a central component of enterprise risk management and as such should be embedded at the very foundation of a firm. This means developing appropriate policies and procedures for the firm’s markets and clients. These elements must be benchmarked and monitored, with management oversight mechanisms deployed.
What is conduct risk?
Conduct risk is, in effect, the danger that the conduct of a regulated firm will hinder the FCA from achieving its objective of making relevant markets work well so consumers get a fair deal. This objective is supported by three broad outcomes that the FCA desires. These outcomes are that:
- consumers get financial services and products that meet their needs, from firms they can trust;
- markets and financial systems are sound, stable and resilient, with transparent pricing information; and
- firms compete effectively, with the interests of their customers and the integrity of the market at the heart of how they run their business.
What does it mean for organisations?
If conduct risk is not just another type of risk that needs to be ‘ticked off’ by the compliance team, how should it be approached? Here are eight typical elements of a conduct risk strategy that the FCA might expect to see within wealth management firms.
- An independent client feedback programme
For example, the FCA might ask for ten client suggestions that have actually been implemented. Online questionnaires may form part of this process, to ensure that the ‘fix’ to a known problem has worked.
- ‘Mystery’ shopping
‘Mystery shopping’ is where the firm employs a number of external individuals (e.g. consultants) to pose as clients and then relate their experiences of interacting with the wealth management firm.
- Conduct risk dashboard
A conduct risk dashboard would monitor likely outcomes for clients, covering items such as complaints and incidents, tracking sales and analysing the ‘quality of the sale’, in terms of the outcomes for clients.
- Rigorous schemes for managing conflictsThis would certainly include an analysis of gifts and entertainment, but also personal trading.
- New product development plans
The wealth manager should be able to provide evidence that these new products suit the target market for which they are intended (and will therefore not be miss-sold).
- Sales incentives
Wealth management firms should be avoiding formulaic remuneration schemes based on sales volumes, which are a real ‘red flag’ to the FCA. An example might be if a salesperson passes £500,000 in sales and then gains a bonus on the entire amount.
- Provision of ‘lower level’ attestations
Attestations are now being requested by the FCA in many more circumstances than they were in the past. For example, when follow up is to be undertaken by the firm after an FCA review, the FCA will commonly ask for an attestation that the follow up tasks have been completed.
- Monthly client committees
A firm might set up a client committee, whose purpose is to give clients a voice that would be heard by management, not the Compliance team. In this way a firm’s business model, not just compliance processes, are regularly put to the test.
Looking for the right path
There continues to be little evidence that the issue of conduct risk is being addressed at its root. Yes, Barclays has established its very own ‘Compliance Career Academy’ (in association with Cambridge University’s Judge Business School) after a series of scandals, but too few firms are placing conduct risk at the top of the management agenda and taking responsibility for the issue at board level.
Yet this is the only way that conduct and compliance strategies will ever be embedded from the ‘top down’, in the manner that the FCA seeks.