Founded in 1807, JohnWiley & Sons is the oldest independent publishing company in

Download 5,45 Mb.

Pdf ko'rish

bet	60/114
Sana	23.07.2022
Hajmi	5,45 Mb.
	#845333

1 ... 56 57 58 59 60 61 62 63 ... 114

Bog'liq
chapelle a operational risk management best practices in the

“Laws control the lesser man . . . . Right conduct controls the greater one.”
Mark Twain
D E F I N I T I O N S
C o n d u c t
From a regulatory perspective – especially in the UK but increasingly also
internationally – a conduct event is any event that breaches the three conduct
regulatory objectives of consumer protection, market integrity and effective compe-
tition. Therefore, conduct goes beyond customer treatment, quality of information,
product design or sales practices. Failure to properly perform anti-money laundering
(AML) checks, for instance, is a conduct issue that does not involve sales, but it
breaches market integrity. Also, when business disruption negatively impacts cus-
tomers, perhaps because of negligent maintenance of IT systems, it can be regarded
as a conduct issue. Conduct issues – like reputation issues – can arise from incidents
classified in any of the seven Basel operational risk categories. This is why regulators
mention “conduct” rather than “conduct risk.” Conduct is not a risk category in its
own right: it is a possible consequence of other risks materializing, like reputation
damage.
It follows that the quality of a firm’s management of conduct is directly linked to
the quality of its risk management framework. Importantly, because conduct is not a
standalone risk type, it does not have to be managed in a separate department, by a spe-
cific management team, with a different database and yet another silo. In every activity
it undertakes, a firm needs to ask whether the activity could negatively impact any of
the regulator’s statutory objectives. It is essential for a firm to recognize the possible
consequences of its actions on conduct objectives and demonstrate that the manage-
ment considers risks arising from internal behaviors and practices and then mitigates
those risks. Some common metrics of conduct, demonstrated by certain behaviors and
outcomes, are presented in Chapter 15, dedicated to risk reporting. Before moving on
119
Operational Risk Management: Best Practices in the Financial Services Industry, First Edition.
Ariane Chapelle.
© 2019 John Wiley & Sons Ltd. Published 2019 by John Wiley & Sons Ltd.

120
RISK MITIGATION
to the concrete aspect of measuring and reporting on conduct, we must focus on target
culture and ways to identify and drive desirable behaviors.
1
C u l t u r e
To use the phrase popularized by Bob Diamond, CEO of Barclays, at the height of the
Libor-rigging scandal: “Culture is what happens when no one is looking.” Culture
underpins behaviors of people, driven by individual values and beliefs. To a large
extent, culture will drive conduct, i.e. behaviors. Culture, as a set of values that mat-
ters to individuals, is not measurable. Behaviors, however, are observable and therefore
traceable. We cannot measure values, but we can track behaviors; we cannot measure
respect, but we can observe respectful language – and we can measure the frequency of
respectful versus disrespectful communication. Equally, we cannot observe integrity,
but we can measure fair pricing. Over the last few years, regulators have developed
the trend for behavioral regulation. By influencing good behaviors, good conduct is
encouraged and can be monitored.
K e y B e h a v i o r s
O b j e c t i v e
Target culture and desirable behaviors depend on the firm, its history, its
ethos, its vision and its top management. Risk culture is part of a wider corporate cul-
ture and intimately linked to it. The tools and the research mentioned in this chapter
are not limited to risk management in the financial sector. However, the way they apply
to other corporate cultures is beyond the scope of this book. This chapter focuses on
desirable behaviors for better risk management and on some concrete ways of influ-
encing them.
2
Defining the objective is the first step for any action. Whether you want traders
to respect their risk limits, staff to speak up about risks or issues, or incidents to be
reported as soon as they arise, define your goals as clearly and precisely as possible.
C o n c e n t r a t e o n K e y B e h a v i o r s
Research and experience show that focusing on
one or two key behaviors to promote change is effective because it reinforces and sim-
plifies the message. Key behaviors are central to unlocking the path to the desired
objectives.
1
Much of this chapter is inspired by a highly recommended book:
Influencer: The Power
to Change Anything
, Patterson et al., McGraw-Hill, 2008, 299p. Further worthwhile reading
includes
Willful Blindness: Why We Ignore the Obvious at Our Peril
, M. Heffernan, Simon &
Schuster, UK, 2011, 391p.
2
For a more general overview of influencing techniques and their applications, please refer to
Patterson et al., op. cit.

Conduct and Culture
121
Some are obvious, like key behaviors for succeeding at school (“work hard, be
nice”) or for staying healthy (“eat well, exercise”). Another example is the familiar
warning in hospitals to prevent the spread of infection (“wash hands between every
patient”). Less well known in the hospital context is the principle of “200 percent
accountability.” This means that in addition to being 100 percent responsible for
their own actions, every member of a team should be 100 percent responsible
for the actions of others. For example, they should feel compelled to speak up in
the event of safety breaches: if anyone, regardless of his or her grade – assistant,
nurse, consultant – notices a breach of safety procedures, he or she is 100 percent
accountable for reminding the offender of the procedure, while the offender is 100
percent accountable for thanking the person for the reminder and then complying with
the rules. This particular behavior, one of empowerment, has proved necessary in U.S.
hospitals, where a strong sense of hierarchy may prevent people from speaking up.
3
Similarly, in the many risk culture workshops that I have run with firms, the most
frequently cited behaviors to improve proactive risk management are speaking up
about issues and risks, reporting incidents and raising alerts to allow early intervention.
“Blame culture” and fear are most often cited as powerful hurdles to these desired
behaviors. The most common aspiration of the risk function is to build a relationship
of trust and respect with the first line. Knowledge and understanding of the business,
competence in risk management and empathy are the recommended behaviors to
achieve this objective. The case study below presents more behaviors and the language
used to describe them.
C A S E S T U D Y : K E Y B E H A V I O R S F O R B E T T E R R I S K C U L T U R E I N
F I N A N C I A L F I R M S – I N T E R N A T I O N A L B A N K A N D I N T E R N A T I O N A L
A S S E T M A N A G E M E N T F I R M
I have conducted numerous workshops where risk functions and first-line man-
agers reflect on the key behaviors required to achieve a better risk culture. Most
answers relate to transparency of information, particularly in case of risk events
or anomalies.
The phrases below emerged from some of these workshops. The interna-
tional retail bank, based in Northern Europe, was responsible for the first-line
behaviors, and the international asset manager, based in the U.K., was responsi-
ble for the second-line behaviors.
(
Continued
)
3
Patterson et al., op. cit. For a case application by one of the authors in operating rooms, please
visit: https://www.beckershospitalreview.com/or-efficiencies/6-steps-to-build-of-a-qculture-of-
safetyq-in-the-hospital-operating-room.html

122
RISK MITIGATION
Key behaviors to adopt by risk owners (first line):

Download 5,45 Mb.

Do'stlaringiz bilan baham:

1 ... 56 57 58 59 60 61 62 63 ... 114