In its Information Paper on Risk Culture APRA has focussed on the behaviour of boards and senior executives and industry remuneration practices as two of the drivers of risk culture in a range of banking, insurance and superannuation businesses.
APRA intends to conduct a stocktake of current industry remuneration practices later this year to gauge how well existing requirements in CPS 510 and SPS 510 are being implemented, and how they are interacting with the risk cultures of regulated institutions. This will include reviewing the remuneration arrangements and outcomes for some senior executives, risk and control staff, and material risk-takers at a sample of institutions.
Why is risk culture important and what is it?
Risk culture is the way in which an organisation’s culture shapes its attitude to risk-taking and risk management. APRA argues that if an organisation has a poor attitude to risk-taking and risk management, it can ultimately threaten an institution’s financial viability.
Financial stability can also be threatened when the community doesn’t have trust in the financial institutions whom they rely upon to provide them with key services.
Generally a poor attitude includes inappropriate, unethical or unlawful behaviour on the part of an organisation’s management or employees.
The Information Paper says that a poor risk culture is evidenced by:
- pursuing short-term financial interests, including personal interests, with little or no consideration of customer interests;
- observing the letter of relevant law and regulation, while contravening the spirit of those laws and regulations;
- treating risk management processes and/or controls as inconveniences which can be disregarded when expedient to do so;
- poorly defining management accountabilities for risks;
- failing to reward good risk management and/or apply consequences for poor management of risks;
- senior executives and/or directors failing to take timely actions to mitigate significant risks;
- concealing problems, rather than resolving the underlying causes of the problems; and
- failing to challenge the status quo and consider alternative viewpoints, resulting in a false sense of security and risk blind spots.
APRA’s paper argues that while there has clearly been a stronger focus on risk culture in recent years amongst APRA-regulated institutions, continued effort and ongoing attention is required by institutions to better understand and manage their risk cultures.
In his recent Opening Statement to the House of Representatives Standing Committee on Economics the APRA Chair Wayne Byres explained that:
“It is important to note that prudential and conduct regulators – that is, APRA and ASIC – both have a legitimate interest in the culture within financial institutions, but that our respective interests stem from different underlying objectives. ASIC’s focus on culture is from the perspective of ensuring fair outcomes for customers and investors. APRA’s focus on risk culture reflects our prudential mandate – that as a result of undesirable behaviours and attitudes towards risk-taking and risk management, the viability of an APRA-regulated institution itself – and in severe cases, financial stability – might be threatened. While we start with different objectives, our shared interest means APRA and ASIC need to work collaboratively on culture-related matters – and we are doing that.”
Remuneration and behaviour
APRA argues that performance-based components of remuneration must be designed to encourage behaviour that supports the regulated institution’s long-term financial soundness and the risk management framework of the institution.
In a recent submission the Australian Bankers Association said it recognised that remuneration structures are an important part of setting the right culture, the right practices, and the right behaviours.
Wells Fargo and sales incentives
The recent Wells Fargo scandal is a case study of product-related sales incentives driving poor employee behaviour. Employees opened as many as 2 million unauthorised accounts without customer knowledge in order to benefit from sales incentives. Senior management fired 5,300 employees over five years for related bad behaviour, but failed to tell its own board of the number.
The high-pressure sales culture is examined in this Wall Street Journal article.
The bank was fined $US185 million and the CEO/chair ultimately resigned. Case Study.
Accountability of senior managers
Under the UK Senior Managers Regime the UK Financial Conduct Authority can take enforcement action against Senior Managers if they are responsible for the management of any activities in their firm in relation to which their firm contravenes a regulatory requirement, and they do not take such steps as a person in their position could reasonably be expected to take to avoid the contravention occurring or continuing.
Mr Byres’ evidence to the Committee gives an insight to APRA’s views on increasing the accountability of managers for risk in Australia:
Ms BANKS: Don’t you think it is a bit soft to say that CEOs who earn millions of dollars a year are using as their defence for not having a robust framework in terms of culture and in terms of escalation of consumer issues, for example, that they are heading in that direction, that they will get there or that they are working on it? Don’t you think it should be at the top of the pyramid—right up there with commercial strategy decision making accountability—in terms of culture and compliance frameworks? I am just interested in your opinion.
Mr Byres: Yes, it should get the priority because it is essential to long-run financial health and long-term community trust in the financial system. The financial system—banking in particular—is a business of trust. If you lose that trust, you lose your franchise. I would say it is there, but it is an interesting dynamic at present. You probably would have seen some newspaper reports where banks are being criticised for trying to build into their executive’s remuneration arrangements and making improvements on culture. The criticism has been: ‘That’s soft stuff. That shouldn’t be part of the incentives they have.’ I take a different view. I think it is part of properly measuring performance.
Mr KEOGH: In terms of personal accountability, we have spoken to ASIC about a senior manager’s regime along the lines of what the UK has done. Obviously, a lot of that regime was targeted at the prudential regulation of banks and making sure that banks do not fall over and that where they do that there is someone responsible or numbers of senior management personnel identified as being responsible for certain actions. Can you tell me what APRA’s view is on that sort of regime?
Mr Byres: I will start by saying that it is difficult to argue against strengthening accountability. Broadly speaking, we would be very supportive of stronger accountability. There are some aspects of the UK regime that I would not want to copy here.
Mr KEOGH: For instance?
Mr Byres: A significant and highly resource intensive part of the UK regime is, in fact, that the regulator approves senior appointment. To me, that actually undermines the accountability for appointments. The appointment should be the responsibility of the organisation. The regulator should have responsibility to veto or remove but once you have an appointment that the regulator has approved, and that individual, subsequently, proves that they should not have been that position, well, who is at fault? Is it the organisation that appoints them or is it the regulator that allowed them there? I think it muddles the accountability. I would not advocate that sort of thing. There is a difference in the regimes between banking and insurance. There are different standards in the two. If you take the CommInsure case, and the various accountabilities within the organisation, having different regulatory standards within single a corporate group, I think, is a recipe for confusion and, potentially, for things to fall through gaps. With some caveats about the specifics of design, where I would say that I am not sure that is the path that we would want to go, the general concept of taking steps either through legislation through stronger prudential standards to improve accountability then it is very difficult to disagree with.