Implementing effective conduct risk management: lessons from offshore

Conduct risk management

Ask an oil rig engineer about their day-to-day health and safety regulations and you’ll be met with a hard hat full of knowledge. Ask a banker what conduct risk management means and, well, you may be met with a blank stare.

What is conduct risk?

Conduct risk is a facet of a bank’s culture and operation. It deals with leadership and values, customer outcomes and fraudulent behaviour, among many other risks. In many ways, it’s the banking equivalent of the oil and gas industry’s health and safety regulations. Fail to manage conduct risk and you and your customers could be seriously affected. FCA (Financial Conduct Authority) regulations, for example, state that, if found guilty of misconduct, business owners can even be found personally liable.

Unfortunately, many organisations remain unaware of what ‘conduct risk’ is. In fact, over half of financial firms have no set definition for it and, as a result, employees are unable to identify, prevent and account for risk. And without solid ‘health and safety’ regulations, accidents will keep happening.

As far-fetched as it may sound, the oil and gas industry went through a strikingly similar situation. After a history of accidents, the industry took action to develop and integrate health and safety regulations into its culture.

The offshore wake-up call

It’s safe to say that the oil and gas industry has its fair share of risks. Up until the late 1900s, however, health and safety wasn’t an industry priority. Companies put speed before safety to keep up with rising demands.

In 1988, Piper Alpha – an oil rig that accounted for ten percent of the North Sea’s oil and gas production – burst into flames. This was due to a lack of: safety, communication and technical checks. The explosion killed 167 workers; it was a tragic wake-up call for the industry.

As a result, the subsequent Cullen Enquiry and the £1bn invested into safety measures across the industry marked the start of a new, safer era. The post-Piper legal framework in particular made improvements to six prominent areas of the industry, with the help of the OILC (the Offshore Industry Liaison Committee).

Consequently, the likelihood of offshore injuries is now down to 0.7 in 100. Despite this improvement, the industry still works hard to maintain and improve their health and safety regulations.

Although banking has had its fair share of crises, such as the 2008 crash and the LIBOR scandal, there has yet to be an industry-wide wake-up call loud enough to force people into action. Since 2008, ten of the world’s largest banks have paid out a total of £143bn in conduct costs. Now that regulations are finally focusing on culture and conduct, however, the need to define and implement conduct risk management is an urgent priority. If left, your firm may face serious financial and reputational damages.

Lessons bankers can learn from offshore

The oil and gas industry’s health and safety regulations are extensive. But, believe it or not, they contain many lessons that we can apply to conduct risk in banking. Here are just a few examples from the government’s offshore oil and gas sector strategy:

  1. Leadership. Instead of delegating conduct risk management to a separate firm, put your leaders in charge. For example, in the oil and gas industry leaders have ‘effective arrangements for identifying, sharing and learning lessons for controlling major hazard risks.’ Define who has responsibility for conduct risk in your firm, educate them and make sure they manage risks effectively.
  2. Competence. The oil and gas industry ‘ensure that leaders, staff and contractors, at all levels in safety critical roles, are competent.’ Similarly, as a manager in your firm, you are responsible for the performance and attitude of your employees. Make sure they are aware of how to identify and manage conduct risks.
  3. Worker engagement. In the UK oil and gas industry, workers fill in surveys about their environment. Industry leaders analyse the results to identify strengths and weaknesses and possible improvements. Workers need to be an important part of your ‘health and safety’ regulations. Try to engage them with practical training by professionals and access to regulatory information.
  4. Regulatory approach. In the oil and gas sector strategy guide, regulations are: consistent, transparent and accountable. The financial industry should adopt the same ideals. Target the issue, maintain standards transparently and hold your firm accountable for any wrongdoings.
  5. Investigations and securing justice. HSE involves the law to overlook the oil and gas industry’s hazard risks. It’s important to own up to your firm’s mistakes, hold the right people accountable and try to learn from your errors. Since 2013, the FCA’s focus on conduct risk and culture has meant that there is now more oversight into how industry behaviours result in conduct risks. It’s no longer a case of ‘don’t break the law’, but make sure you tackle the motivation behind why people might.

What now for conduct risk management?

Conduct risk is an undeniably important aspect of your firm, hence why it should be a business priority. Leaving it undeveloped will only result in risks to your company, workers and customers. So gather your employees, grab a pen and paper and define what conduct risk should mean to you.

Download Templar's eBook: 7 essential steps for successfully managing conduct risk

Send an Enquiry