Staff must act with integrity (doing the right thing) and promptly escalate observed non-compliance within or outside the organisation. The leadership promotes, monitors, and assesses the risk culture; considers the impact of culture on safety and soundness; and makes changes where necessary. Accountability Relevant employees at all levels understand the core values of the institution and its approach to risk, are capable of performing their prescribed roles, and are aware that they are held accountable for their actions. Effective communication and challenge A sound risk culture promotes an environment of open communication and effective challenge in which decision-making processes encourage a range of views; allow for testing of current practices; stimulate a positive, critical attitude among employees; and promote an environment of open and constructive engagement. Incentives Performance and talent management encourage and reinforce maintenance of desired risk management behaviour. Financial and nonfinancial incentives support the core values and risk culture at all levels of the organisation. Source: Guidance on Supervisory Interaction with Financial Institutions on Risk Culture, Financial Stability Board (2014)
46 Measuring and monitoring organisational culture Leadership and investors wish to monitor risk culture and typically done by qualitative and quantitative indicators. 1. Qualitative indicators such as: ▪ A code of conduct ▪ Stated organisational values ▪ Presence of a whistleblower programme ▪ Remuneration policy linked to conduct and compliance 1. Quantitative KPI metrics such as: ▪ Number of and type of compliance violations ▪ Number and amount of fines ▪ Number of whistleblower reports ▪ Number and type of customer complaints However, these are backward looking KPIs focussed on individual behaviour. ING introduced in 2019 specialist behavioural scientists in order to conduct leading behavioural risk assessments. They are experimenting with big data analytics to analyse key words in email communications as a way of measuring social values and normative behaviours within groups of staff.
47 Compliance is supported by business ethics and organisational culture Org Culture Compliance Ethics ▪ Ethics guides all decision making whether mandated by laws and policies or not. ▪ An ethically focused organisation will be more likely to comply with laws, policies and community expectations, and will support good risk culture reflected in stronger risk governance. ▪ Poor ethics will influence risk culture and undermine compliance.
48 The principles of ethical behaviour ▪ Ethics is concerned with the moral philosophy, values and norms of behaviour that guide a corporation’s behaviour within society ▪ There are seven principles of ethical business practices that should underpin all decisionmaking: ▪ Dignity: respect the interest of others ▪ Equitability: be just and fair in decisions ▪ Prudence : apply judgment and make a situation no worse ▪ Honesty : no cheating or lying ▪ Openness: don’t conceal ▪ Goodwill: be socially responsible ▪ Avoidance of suffering : takes steps to avoid damage
49 Key questions when assessing compliance risk
You've reached the end of your free preview.
Want to read all 63 pages?
- Spring '19