May 22, 2018 / 9:27 PM / in a year

CULTURE AND CONDUCT RISK REPORT 2018 – Technology, tone from the top

NEW YORK (Thomson Reuters Regulatory Intelligence) - Thomson Reuters has undertaken its fifth annual survey of how financial services firms are managing conduct risk and embedding cultural change policies to meet growing regulatory expectations. The results highlight year-on-year and regional trends, enabling firms to benchmark their approach to the practical implications of culture and conduct risk with the wider industry. The report provides valuable insight into industry challenges and emerging best practices, with the aim to meet ever-increasing regulatory expectations.

An illustration picture shows a projection of binary code on a man holding a laptop computer, in an office in Warsaw June 24, 2013.

Compliance and risk practitioners from more than 600 financial services firms across the world, including G-SIFIs, banks, brokers, asset managers and insurers, took part in the survey, which closed in the fourth quarter of 2017.


From the rise of artificial intelligence to cryptocurrencies, the wave of technological innovation creates both opportunities and challenges for firms and regulators alike. The regulation of fintech and the potential disruption to firms and financial stability have risen to the top of supervisory agendas in recent months, such as the FSB’s findings on the financial stability implications of the growing use of artificial intelligence and machine learning in financial services.

In regard to potential challenges; central banks, firms, and regulators have increasingly cracked down on cryptocurrencies such as Bitcoin amid concerns over price volatility and its threat to financial stability. There has been a notable regulatory response in Asia, where Chinese authorities have reportedly aimed to ban the centralized trading of virtual currencies, as well as regulating Bitcoin miners’ power usage.

The Financial Services Commission (South Korea) announced measures on cryptocurrency trading effective January 30, 2018 to address transparency. Firms too have taken a stance on cryptocurrencies. In January 2018, banking group, Nordea, announced a ban for its employees from trading Bitcoin and other cryptocurrencies due to its high risks. Nordea’s ban will be effective from February 28, 2018.

In 2017, Thomson Reuters Regulatory Intelligence published the findings from its second annual survey on ‘Fintech, Regtech and the Role of Compliance’ . Among the key findings was the shift in opinion over the benefits fintech innovation may have on firms. Eighty-three percent of respondents reported a positive view (27 percent extremely positive). This is almost double from previous year’s results where 42 percent reported a positive view (18 percent extremely positive).

In terms of risk and compliance involvement in assessing the implications of fintech innovation, there was substantially more engagement in 2017. Eighty one percent of respondents reported involvement, with 37 percent being fully engaged and consulted (63 percent in 2016 with 21 percent fully engaged and consulted.) The number of firms who felt that they did not need to be involved in assessing fintech dropped from 16 percent to just 2 percent.

Regtech solutions are increasingly impacting how firms manage compliance and have risen by almost a quarter to 76 percent in 2017 (52 percent in 2016). The number of respondents who reported having already implemented a regtech solution almost doubled in 2017 to 30 percent (17 percent in 2016). The majority of firms (69 percent, and 74 percent G-SIFIs) believe that the successful deployment of fintech/regtech should drive up efficiency and effectiveness, allowing more time to focus on value-added activities.

Click( to view Figure11- Spotlight Analysis: Firms in Australasia

There is international agreement on the key components of conduct risk with the top three having held their place over the last five years of the survey. This year’s top three key components of conduct risk were again identified as:

- Culture, ethics, integrity (54 percent; 59 percent in 2016)

- Corporate governance, tone from the top (44 percent; 52 percent in 2016)

- Conflicts of interest (41 percent; 49 percent in 2016)

Click( to view Figure13- Year on year analysis: Top three key drivers or sources of conduct risk

As with all previous survey results, these results portray a distinct trend since our first conduct risk survey in 2013. Culture, ethics and integrity were reported as the most important component of conduct risk by firms across the UK and Europe, North America, Asia, Africa, Australasia and South America. Firms in the Middle East considered corporate governance and tone from the top as the key component of conduct risk (67 percent in 2017; 75 percent in 2016; 80 percent in 2015).

Although the relative importance of the top three sources of risk has not changed over the years, these findings suggest that there has been an evolution in the sophistication of conduct risk management: the relative share of the top three has shrunk, implying that firms are identifying increasing numbers of risks.

Click( to view Figure14- Indicators of a sound risk culture

The FSB’s indicators of a sound risk culture remain one the foundational building blocks for firms in assessing their approach to culture and conduct risk management.


Despite the apparent progress made in other areas on the approach to culture and conduct risk, the board level tone from the top element has remained static. Of perhaps most concern is the persistent levels of the ‘yes but still to fully embed’ response – if a board has considered and set the tone from the top then it is incumbent on the firm to cascade that message as a matter of urgency and to ensure it is rolled out consistently throughout the business.

Click( to view Figure15- Year-on year analysis: Does the board level tone from top set the appropriate cultural and governance messages

The implications of conduct risk are a staple in the board room and the focus has risen again this year with over half (57 percent) of firms reporting that the amount of focus on conduct risk at board level has increased over the last year. Firms’ approach to conduct risk also appears to be maturing in recent years. Over a third (36 percent) of firms reported no change over the last year (25 percent in 2016; 21 percent in 2015).

Click( to view Figure16- Year-on year analysis: At board level, the amount of focus on conduct risk

Click( to view Figure17- Has your firm developed a formal risk appetite

As part of the suite of resources available to help boards and senior managers to consider conduct risk issues is the list of five conduct questions produced by the UK FCA. The questions set regulatory expectations in the UK but are useful for all financial services firms as a checklist of areas to consider.

Click( to view Figure18- FCA-Five conduct questions

A further resource to help manage culture is the FCA’s four levers of behavior which are used by the FCA to supervise firms’ cultures. These four levers were reinforced in Discussion paper 18/2: Transforming Culture in Financial Services (March 2018).

Click( to view Figure19- FCA- Four levers of behavior


Establishing and embedding an appropriate conduct risk framework, closely followed by adapting to an ever-changing regulatory environment, were identified as the greatest challenges for board in the next 12 months. Other challenges include appropriate metrics and management information, changing business model, and senior management accountability.

Click( to view Figure21- Analysis: Have you discarded a potentially profitable proposition due to risk

In 2016, a new question was posed to examine the practical ramifications of the regulatory focus on culture and conduct risk, looking at whether culture or conduct risk concerns had affected decision making with regard to potentially profitable business opportunities.

The results have remained about static with more than a quarter of firms (28 percent) continuing to report that they had declined potentially profitable business opportunities due to culture and/or conduct risk concerns. Firms would be well advised to maintain detailed documentation on those opportunities declined as a critical part of their suite of evidence on a positive compliant culture in action.

Conduct risk factors have remained firmly on firms’ agendas when discussing business strategy. In 2017, 75 percent of firms said they considered, or in part considered, conduct risk factors when discussing business strategy, continuing the trend from previous years. In comparison, more than half (52 percent) of G-SIFIs said conduct risk factors were considered in their entirety on business strategy. It is notable though that the proportion of firms responding Yes has fallen from 50 percent in 2013 to 37 percent in 2017, possibly indicating that the passage of time since the global financial crisis is dulling the need in some firms to maintain awareness of the risks they present to the financial system.

Click( to view Figure22- Are conduct risk factors considered when business strategy is being discussed

To access the full report click (

(Stacey English is head of regulatory intelligence and Susannah Hammond is senior intelligence expert at Thomson Reuters Regulatory Intelligence.)

This article was produced by Thomson Reuters Regulatory Intelligence and initially posted on May. 10. Regulatory Intelligence provides a single source for regulatory news, analysis, rules and developments, with global coverage of more than 400 regulators and exchanges. Follow Regulatory Intelligence compliance news on Twitter: @thomsonreuters

0 : 0
  • narrow-browser-and-phone
  • medium-browser-and-portrait-tablet
  • landscape-tablet
  • medium-wide-browser
  • wide-browser-and-larger
  • medium-browser-and-landscape-tablet
  • medium-wide-browser-and-larger
  • above-phone
  • portrait-tablet-and-above
  • above-portrait-tablet
  • landscape-tablet-and-above
  • landscape-tablet-and-medium-wide-browser
  • portrait-tablet-and-below
  • landscape-tablet-and-below