Presentation is loading. Please wait.

Presentation is loading. Please wait.

Risk Culture: Measuring the Qualitative

Published byAnthony McBride Modified over 9 years ago

Similar presentations

Presentation on theme: "Risk Culture: Measuring the Qualitative"— Presentation transcript:

1 Risk Culture: Measuring the Qualitative
Jane Walshe Head of Compliance Curriculum, Moody’s Analytics & Director, Compass Compliance 4th November 2015

2 Agenda What do regulators mean when they talk about ‘culture’?
Risk Culture: good and bad Identification, measurement and mitigation

3 What is Culture? What do regulators mean when they talk about “culture”? The global drive towards good conduct Fair customer outcomes Market integrity

4 Financial Stability Board
Tone from the top A firm's leadership should promote, monitor and assess risk culture, consider its impact on safety and soundness and make changes where necessary. Board and senior management should make clear staff expected to act with integrity; non-compliance within or outside the organization should be promptly escalated. Accountability Relevant employees at all levels understand the core values of the institution and its approach to risk, are capable of performing their prescribed roles, and are aware that they are held accountable for their actions in relation to the institution's risk-taking behavior. Staff acceptance of risk-related goals and related values is essential Effective communication and challenge A sound risk culture promotes an environment of open communication and effective challenge in which decision-making processes encourage a range of views; allow for testing of current practices; stimulate a positive, critical attitude among employees; and promote an environment of open and constructive engagement. Incentives Performance and talent management encourage and reinforce maintenance of the financial institution's desired risk management behavior. Financial and non-financial incentives support the core values and risk culture at all levels of the institution.

5 Conduct Regulation 'the lessons of the last few years illustrate clearly that firms need to take proactive steps to improve conduct. Without a firm foundation in identifying the conduct risks inherent in your businesses, it will be hard to manage conduct, let alone show us and others that it is being managed. We know that most firms now understand the value in getting it right and not simply the cost of getting it wrong, and the benefit of good conduct in terms of building customer trust and analyst confidence. However, there is a long way to go, and it will not happen by regulatory osmosis. Firms and individuals need to take responsibility for their own actions.' Tracy McDermott, acting CEO of the FCA, July 2015, Wholesale Conduct Risk

6 5 Conduct Questions for Firms
How are the conduct risks inherent within the business identified? Who is responsible for managing the conduct of the business? What support mechanisms does the business have to enable people to improve the conduct of their business or function? How do the board and executive committees gain oversight of the conduct of the organisation? Finally, do firms have any perverse incentives or other activities that may undermine any strategies put in place to answer the first four questions? Tracy McDermott, July 2015

7 How the FCA Assess Conduct
Having a culture which puts customers and market integrity at the heart of the firm's business is an important component of conduct risk. No specific definition: FCA said it will be assessed by "joining the dots“ – looking at: how a firm responds to, and deals with, regulatory issues; what customers are actually experiencing when they buy a product or service from front-line staff; how a firm runs its product approval process and what factors it takes into account; the manner in which decisions are made or escalated; the behaviour of that firm in certain markets; and even the remuneration structures.

8 Evaluating a Firm’s Risk Culture
Is there a conduct risk management culture at all levels of the business? Are there clear reporting lines? Do managers feel they can raise risk-related issues? Do staff feel that they can raise risk related issues? Are managers’ ideas supported? Do they feel that concerns raised will be considered and/or acted upon? Are staff comfortable questioning existing practices and suggesting more effective ways of doing things? Are managers authorized to identify opportunities that reinforce, and issues that destabilize their risk appetite? Do existing monitoring and reporting systems ensure that action will be taken when issues are raised? Can the board demonstrate an effective “tone at the top”? Is conduct risk management part of the established way of planning and executing departmental activities? Compliance has to focus on ethics, intergrity, and rules

9 Warning Signs on Risk Control & Culture I
Effectiveness of the Risk Management and Internal Control System Managers who might not see the need for the more formal processes that the board needs if its oversight is to be effective Unclear lines of accountability Defective internal communication flows Mechanical and static processes Organizational complexity Risks associated with major transactions or projects not adequately assessed or discussed at board level

10 Warning Signs on Risk Control & Culture II
The Right Culture A culture where people are reluctant to admit mistakes and do not welcome challenge Failure to communicate a consistent attitude to risk and mitigation Inability to assess if employees are listening to or understanding what the board is saying Senior management does not give a clear lead on risk management nor visibly support the risk and internal audit functions Misaligned incentives that encourage either inappropriate risk-taking or excessive risk aversion Risk managers and internal auditors are prevented from addressing risks emanating from the upper echelons of the company An inability to stop bad projects once they have gathered momentum Significant regulatory problems

11 Warning Signs on Risk Control & Culture III
Effectiveness of the Board and Committees Insufficient breadth of experience and expertise in the board or board committee Delegating too much responsibility to board committees so that some directors are not involved Lack of clarity about which board committee is responsible for ensuring reward schemes reflect the company’s approach to risk Non-executive directors are not getting out and about enough to really understand the business and its people Board papers and processes that cause time to be used unproductively A lack of understanding of the risks inherent in the company’s business model

12 Poor Culture in Practice
Three Lines of Defence to Address IT Risk – Failings FIRST LINE: Technology Services Risk Had a culture of reacting to events, and a team with insufficient experience and skills SECOND LINE: Business Services Risk Had limited IT skills Group Internal Audit THIRD LINE: Responsible for identifying and managing IT risk across the Banks. Challenged by Devote sufficient time and attention to specific risk management activity, instead reporting risk upward to obtain “sign-off” instead of understanding and managing IT risk Did not take the initiative to identify risks, instead reacting and responding to incidents WEAKNESSES IN COMMUNICATION BETWEEN ALL THREE LINES FAILED TO AND Appropriately challenge the completeness and depth of the First Line of Defence’s coverage of IT risk Did not understand the breadth and depth of its work because it concentrated on collating and reporting of risk information Did not focus enough on understanding IT risk, instead focusing too much on systems and processes Responsible for challenging First Line FAILED TO Independent assessment & review of IT risks including IT infrastructure and systems risks Did not close IT audit issues in a timely fashion, instead it brought forward incomplete IT audit plans from previous years Did not explain in its final audit report that it had lacked the documentation it needed to test fully the controls for backing out the batch scheduler software Explain its different view of IT Risk to the First and Second Lines of Defence FAILED TO

13 Tone from the Top, Middle and Bottom
“Ultimately this is also about creating what we sometimes call a culture of appropriate escalation, where people can speak up when they observe poor behaviour or are unsure about what to do. Too often people are unwilling to do this, or are penalised if they do.” Tracy McDermott, July 2015

14 Tone from the Top, Middle and Bottom
“is for the boards of banks to take responsibility for how the business delivers within this regulatory framework. And it is, more subtly, the responsibility of the board to influence the culture of the whole business – the famous "tone from the top" - AND to take responsibility for making sure that this is both understood and acted on in all parts of the business, from the committed top, through the middle and right across the front line. Moving from "tone at the top" through "action in the middle". By the middle, I mean those hard to reach parts, which are found in any business, not just banking, where messages get lost, communication falters, and "tone from the top" can seem utterly remote from what people are actually doing.” BSB chair Dame Colette Bowe, June 2015

15 11 March 2014 © Moody’s Analytics, Inc. and/or its licensors and affiliates (collectively, “MOODY’S”). All rights reserved. ALL INFORMATION CONTAINED HEREIN IS PROTECTED BY LAW, INCLUDING BUT NOT LIMITED TO, COPYRIGHT LAW, AND NONE OF SUCH INFORMATION MAY BE COPIED OR OTHERWISE REPRODUCED, REPACKAGED, FURTHER TRANSMITTED, TRANSFERRED, DISSEMINATED, REDISTRIBUTED OR RESOLD, OR STORED FOR SUBSEQUENT USE FOR ANY SUCH PURPOSE, IN WHOLE OR IN PART, IN ANY FORM OR MANNER OR BY ANY MEANS WHATSOEVER, BY ANY PERSON WITHOUT MOODY’S PRIOR WRITTEN CONSENT. All information contained herein is obtained by MOODY’S from sources believed by it to be accurate and reliable. Because of the possibility of human or mechanical error as well as other factors, however, all information contained herein is provided “AS IS” without warranty of any kind. Under no circumstances shall MOODY’S have any liability to any person or entity for (a) any loss or damage in whole or in part caused by, resulting from, or relating to, any error (negligent or otherwise) or other circumstance or contingency within or outside the control of MOODY’S or any of its directors, officers, employees or agents in connection with the procurement, collection, compilation, analysis, interpretation, communication, publication or delivery of any such information, or (b) any direct, indirect, special, consequential, compensatory or incidental damages whatsoever (including without limitation, lost profits), even if MOODY’S is advised in advance of the possibility of such damages, resulting from the use of or inability to use, any such information. The ratings, financial reporting analysis, projections, and other observations, if any, constituting part of the information contained herein are, and must be construed solely as, statements of opinion and not statements of fact or recommendations to purchase, sell or hold any securities. NO WARRANTY, EXPRESS OR IMPLIED, AS TO THE ACCURACY, TIMELINESS, COMPLETENESS, MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OF ANY SUCH RATING OR OTHER OPINION OR INFORMATION IS GIVEN OR MADE BY MOODY’S IN ANY FORM OR MANNER WHATSOEVER. Each rating or other opinion must be weighed solely as one factor in any investment decision made by or on behalf of any user of the information contained herein, and each such user must accordingly make its own study and evaluation of each security and of each issuer and guarantor of, and each provider of credit support for, each security that it may consider purchasing, holding, or selling. Any publication into Australia of this document is pursuant to the Australian Financial Services License of Moody’s Analytics Australia Pty Ltd ABN AFSL This document is intended to be provided only to “wholesale clients” within the meaning of section 761G of the Corporations Act By continuing to access this document from within Australia, you represent to MOODY’S that you are, or are accessing the document as a representative of, a “wholesale client” and that neither you nor the entity you represent will directly or indirectly disseminate this document or its contents to “retail clients” within the meaning of section 761G of the Corporations Act 2001.

Download ppt "Risk Culture: Measuring the Qualitative"

Similar presentations

Sovereign Credit Quality after the Crisis MARCH, 2010 Steve Hess, VP – Senior Credit Officer.

Sovereign Credit Quality after the Crisis MARCH, 2010 Steve Hess, VP – Senior Credit Officer.
Chinas Economy in the Post-Crisis World Carnegie Endowment, Washington, D.C. Tom Byrne, Senior Vice President, Asia-Middle East Regional Credit Officer,

Chinas Economy in the Post-Crisis World Carnegie Endowment, Washington, D.C. Tom Byrne, Senior Vice President, Asia-Middle East Regional Credit Officer,
Credit Impacts of De-Risking Pension Plans January 29, 2014 Wesley Smyth, Vice President – Senior Accounting Analyst.

Credit Impacts of De-Risking Pension Plans January 29, 2014 Wesley Smyth, Vice President – Senior Accounting Analyst.
© 2013 Sri U-Thong Limited. All rights reserved. This presentation has been prepared by Sri U-Thong Limited and its holding company (collectively, “Sri.

© 2013 Sri U-Thong Limited. All rights reserved. This presentation has been prepared by Sri U-Thong Limited and its holding company (collectively, “Sri.
Core principles in the ASX CGC document. Which one do you think is the most important and least important? Presented by Casey Chan Ethics Governance &

Core principles in the ASX CGC document. Which one do you think is the most important and least important? Presented by Casey Chan Ethics Governance &
Housing Climbs Back CELIA CHEN, SENIOR DIRECTOR NOVEMBER 13, 2013.

Housing Climbs Back CELIA CHEN, SENIOR DIRECTOR NOVEMBER 13, 2013.
Finance Directors will Play an Important Role in Securing Grants for Research October 1, 2012 EDITH BEHR, VICE PRESIDENT-SENIOR CREDIT OFFICER.

Finance Directors will Play an Important Role in Securing Grants for Research October 1, 2012 EDITH BEHR, VICE PRESIDENT-SENIOR CREDIT OFFICER.
The Economy’s Chicken-and-Egg Dilemma RYAN SWEET, SENIOR ECONOMIST Connecticut Business & Industry Association, September 7, 2012.

The Economy’s Chicken-and-Egg Dilemma RYAN SWEET, SENIOR ECONOMIST Connecticut Business & Industry Association, September 7, 2012.
Innovations in Structured Products October 25, 2010 An Innovator’s Dilemma?

Innovations in Structured Products October 25, 2010 An Innovator’s Dilemma?
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Прогноз развития банковского сектора России НОЯБРЬ 2010 ЕВГЕНИЙ ТАРЗИМАНОВ, ВИЦЕ-ПРЕЗИДЕНТ.

Прогноз развития банковского сектора России НОЯБРЬ 2010 ЕВГЕНИЙ ТАРЗИМАНОВ, ВИЦЕ-ПРЕЗИДЕНТ.
Copyright  2003 McGraw-Hill Australia Pty Ltd PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett Slides prepared by Roger Simnett.

Copyright  2003 McGraw-Hill Australia Pty Ltd PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett Slides prepared by Roger Simnett.
Trinidad & Tobago Corporate Governance Code 2013

Trinidad & Tobago Corporate Governance Code 2013
Opportunities & Implications for Turkish Organisations & Projects

Opportunities & Implications for Turkish Organisations & Projects
This Time is Different MARK ZANDI, CHIEF ECONOMIST FROM MOODY’S ECONOMY.COM.

This Time is Different MARK ZANDI, CHIEF ECONOMIST FROM MOODY’S ECONOMY.COM.
Education’s Value Proposition MARK ZANDI, CHIEF ECONOMIST FROM MOODY’S ECONOMY.COM.

Education’s Value Proposition MARK ZANDI, CHIEF ECONOMIST FROM MOODY’S ECONOMY.COM.
Control environment and control activities. Day II Session III and IV.

Control environment and control activities. Day II Session III and IV.
Chapter 4 Internal Controls McGraw-Hill/Irwin

Chapter 4 Internal Controls McGraw-Hill/Irwin
Chapter 4 Risk Assessment.

Chapter 4 Risk Assessment.
Andrea E. Keenan Vice President – Research & Ratings Criteria Session VI: User Perspectives September 27, 2013 A.M. Best - Oldwick, NJ OECD – ASSAL Regional.

Andrea E. Keenan Vice President – Research & Ratings Criteria Session VI: User Perspectives September 27, 2013 A.M. Best - Oldwick, NJ OECD – ASSAL Regional.

Similar presentations

Ads by Google