Conduct Risk can be defined as the risk of customers suffering
poor outcomes as a result of a firm's actions.
For retail financial services firms, successfully managing Conduct
Risk is more important than ever, particularly given the
significant public and regulatory focus in this area. The intensity
of this focus is expected to increase following the creation of the
Financial Conduct Authority (FCA) which came into force on 1 April
2013.
Common challenges experienced by building
societies
Many firms invest financially in a significant amount of Quality
Assurance (QA) and monitoring activity within both the business and
oversight functions, such as Compliance. We have observed that in
many firms, the QA and monitoring activities focus on monitoring
adherence to internal processes and policy without making an
appropriate assessment of whether customer outcomes are fair in
practice.
In addition, an assessment that is made in relation to customer outcomes is often siloed such that it does not give sufficient consideration to the end-to-end customer journey. In this respect, Management Information in many building societies does not contain actual measures of whether customer outcomes are being delivered fairly in practice derived from robust outcomes testing. Key risk indicators, such as complaints and product persistency rates, are often considered but whilst these can provide useful insight, without outcome focused measures, do not provide the full picture.
Many societies have also not clearly thought through and articulated their Conduct Risk management framework in one document; this is important to allow senior management to review and challenge the firm's Conduct Risk framework. Societies must clearly define the components that make up their framework and their respective purposes, including components such as a Conduct Risk strategy, Conduct Risk appetite, Product Governance Process and relevant policies. The framework document should also provide coverage of roles and responsibilities in the context of the three lines of defence model, and how the components interact both with other elements of the framework and also the firm's broader Risk Management and Governance arrangements.
The final challenge societies face concerns the skills, experience and competency of key staff in assurance functions regarding the nature of the conduct risks over which they must provide assurance. We have observed many Internal Audit and Compliance functions where robust and frequent outcome testing does not occur. In some instances, this is because the assurance plans of these functions are inadequate, however in other instances the work of these functions is compromised by the lack of appropriately experienced staff. There is a defined skillset to making judgments in relation to whether customer outcomes are being delivered fairly in practice, particularly in areas where there is an increased level of judgment required, such as customers in financial difficulty or investment advice.
In summary, societies must act now to ensure that their Conduct Risk management framework is adequately designed and that the framework is operating effectively in practice. Addressing these challenges is not the whole answer, but it would certainly be a step in the right direction.
This article was first published in Building society update: Maintaining the momentum on 8 May 2013.
Thomas
Simpson
Thomas leads our Conduct Regulation team in the North of England
and has eight years experience working with a variety of firms
across the Financial Services sector. Thomas has led numerous
Conduct Risk related projects including skilled persons reviews,
Conduct Risk related due diligence as part of transactions and has
worked extensively to asses and improve assurance functions within
UK Financial Services firms. Connect with Thomas on LinkedIn.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
