Upload
eversheds-sutherland
View
132
Download
0
Embed Size (px)
Citation preview
Conduct Risk – What can corporates learn from the financial sector?
SHINE Webinar
6 July 2017Lee O’Connell MScCorporate Compliance Director
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
Overview
Conduct Risk – What can corporates learn from the financial sector?SHINE Webinar
An introduction to Conduct Risk
Issues in the Financial Services (FS) sector
Lessons learned
Relevance to non-FS corporates
Implementing the lessons learned for non-FS corporates
A compliance programme for corporates
2
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
An introduction to Conduct RiskSHINE Webinar
What is conduct risk?Risks attached to the manner in which firms do business. These may
include:• The treatment of customers• The remuneration of staff• How you behave in the market• How you deal with conflicts of interest
These risks are likely to be associated with a firm’s:• business model and strategy• culture & behaviours• governance
4
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
An introduction to Conduct RiskSHINE Webinar
Poor conduct in the FS sector:• Financial penalties from regulators;• Expensive remediation programmes;• Reputational damage;• Criminal convictions.
Relevance to corporates outside of FS?• Different regulatory context, but there is read across. The most obvious
examples relate to issues such as: anti-bribery & corruption; sanctions; competition; and markets compliance.
• The FS industry has invested heavily in organising their businesses in a way which will mitigate against conduct risks. Corporates in other sectors can learn from this.
5
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
Issues in the Financial Services sectorSHINE Webinar
Mis-selling• Products: PPI, interest rate swaps, mortgage endowments, pensions,
packaged bank accounts. • Estimated Cost: £57bn in penalties and redress since 2000
Treatment of customers• Foreclosure abuses in the US• Penalties: USD 25bn in 2012
Market Abuse• Examples: LIBOR fixing, manipulation of foreign exchange rates.• Penalties: £17bn since 2012
Sanctions• BNP Paribas – USD 8.97bn settlement with US authorities in 2014
AML• HSBC – USD 1.9bn settlement with US authorities in 2012
7
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
Why did things go wrong in the FS sector?SHINE Webinar
Senior management did not “set the tone from the top”
Inadequately defined corporate expectations and risk appetite
A focus on the short term gains
Inappropriate incentivisation of staff
Lack of individual accountability
Poor governance, systems and controls
9
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
Non-FS corporates are exposed to similar risksSHINE Webinar
Mis-selling• VW emissions scandal• Cost: USD 20bn
Treatment of customers• Npower Ofgem findings of mishandling billing issues and complaints• Penalty: £26m (2015)
Market Abuse• Google internet shopping antitrust finding in June 2017• Penalty: EUR 2.42bn
Sanctions• Chinese telecoms firms fined in US for breaching sanctions on Iran• Penalty: USD 1.19bn
Bribery & corruption• Worlds largest meatpacker agreed to pay a record setting $3.2bn fine for
its role in corruption scandals in May 2017
11
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
Factors for FS-Corporates to considerSHINE Webinar
Ever increasing regulatory burden on unregulated sectors• AML• Sanctions• Anti-bribery and corruption• Competition and markets• modern slavery act• Data privacy • Health and safety• Advertising standards
The internationalisation of regulation• Cross-boarder business may have more than one regulator• Increasing international cooperation between regulators
Regulators in previously light touch sectors gaining more teeth e.g.• Ofgem (SSE Plc shares slide)• Ofwat• Ofcom
12
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
Why is culture important?SHINE Webinar
It is the key determinant of employee behaviour within an organisation
Without cultural integrity, ethics and compliance programs are seen as “tick-box” exercises or “obstacles” to business
Corrupt leadership or influential insiders will permeate a culture of bad practice throughout an organisation
Behaviour breeds behaviour
Good culture leads to satisfied customers, increased marketshare and better brand recognition e.g. John Lewis
The ‘Tone from the top’ is crucial in addressing ethical risks and fraud – it should set the culture of ethics and compliance throughout an organisation
14
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
Setting the tone from the topSHINE Webinar
Tone (and attitude) from the Top – not just talking the talk! Do as they say
Risk appetite “What would a conduct risk appetite look like: no more than two attempts to
manipulate global benchmarks? No more than £10m of products mis-sold that day?… Clearly a statement of conduct risk appetite on this model does not work…. [the appetite for conduct risk] can only be zero” (December 2014, Martin Wheatley, then Chief Executive of the FCA)
Lead by example, understand the culture
15
Consistent and visible executive sponsorship for ethics and compliance
Reward and recognise good behaviours
Enforcement for bad practices – open and transparent
Embedded systems and processes to support ‘Tone’ as BAU
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
Getting the culture rightSHINE Webinar
16
The Top 10
1. Organisational Values 6. Accountability
2. Tone at the Top (or attitude) 7. Recruitment practices3. Message consistency 8. Incentives & rewards4. Middle Management 9. Procedural advocacy 5. “Speaking up” 10. Actions and enforcements
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
Risk & Compliance Programme
Prevention Methods
Detection Methods
Response Methods
Stakeholder buy-in
Organisation aligned
Responsibility & Oversight
Compliance Policy
Training & Awareness
Risk Assessment & Due Diligence
Monitoring & Audits
Regulatory Compliant
Enforcing & Rewarding
Integrated Approach & Technology
Clearly defined code of conduct
Defined policies / Core Standards
Training & employee engagement
Management Implementation and review
Establishing business specific compliance policies
Input to risk assessment
Incorporation of learning from investigation
Feedback on benchmarking
Technology
Support for early warning
Review and reporting to management
Hotline
Risk assessment triggers
Risk based audit
Due diligence
Third party screening
Effectiveness verification
Investigation and action
Investigations policy
Support in the legal team
Monitoring and follow up
SHINE Webinar
Driven by a governance and cultural change strategy
What good looks like?
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
U.S. Department of Justice FrameworkSHINE Webinar
Evaluating Corporate Compliance Programs – The 11 steps 1. Analysis and Remediation of underlying misconduct
2. Senior and Middle Management
3. Autonomy and Resources
4. Policies and Procedures
5. Risk Assessment
6. Training & Communication
7. Confidential Reporting and Investigation
8. Incentives and Disciplinary Measures
9. Continuous Improvement, Periodic Testing and Review
10. Third Party Management
11. Mergers and Acquisitions (M&A)
19
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
The DriversSHINE Webinar
Consider: Board endorsement and leadership
Right culture within the organisation
Proper and proportionate systems and controls
Monitoring and review
Third Party Vendor Management
Questions:
1. How do you identify the conduct risks within your business?
2. Who is responsible for managing the conduct of your business?
3. What support mechanisms do you have to improve conduct?
4. What Board and committee oversight of conduct is in place?
5. Are bonus and incentives schemes working for the good of the company?
20
Eversheds Sutherland | 10 July 2017 |Eversheds Sutherland | 10 July 2017 |
What it means for compliance in your department?SHINE Webinar
Conduct Risk programme: highly visible CEO sponsorship together
with engagement and challenge by the Board
regular discussion at Board level of conduct and culture
senior executives taking leading roles in conduct risk design covering all functions
detailed roll-out plans with clearly defined short-term and long-term goals
clear ownership and responsibility for programme implementation by senior executives, sometimes supported by conduct specialists within the organisation
programmes integrated within strategic or operational risk management frameworks
use of a standardised conduct risk self-assessment process across the firm
21
a firm-wide taxonomy for conduct risk types, enabling consistent data capture and risk reporting
a forum to compare conduct risk across business lines and functions
active engagement by internal audit, including monitoring conduct risk and early stage effectiveness
training, promotion, performance management and remuneration all linked to conduct and culture objectives
long-term conduct risk initiatives becoming fully embedded in business as usual
for international firms, adoption or at least support of the UK conduct risk programmes from the head office
eversheds-sutherland.comThis information pack is intended as a guide only. Whilst the information it contains is believed to be correct, it is not a substitute for appropriate legal advice. Eversheds Sutherland (International) LLP can take no responsibility for actions taken based on the information contained in this pack.
© Eversheds Sutherland 2017. All rights reserved.
Lee O’Connell MSc CIACorporate Compliance DirectorEmail: [email protected]
Tel: 029 2047 8012Mob: 0778 900 5320
Eversheds Sutherland (International) LLPOne Wood StreetLondon EC2V 7WS
CAR_LIB1-#13517375CAR_LIB1-#13517375