how can the cro influence sentiment, values and behaviours throughout the firm
TRANSCRIPT
Putting the Customer at the heart of our company’s culture
Wilfred Nagel, CRO ING Group
How can the CRO influence sentiment, values and behaviours throughout the firm
Amsterdam, 8 December 2015
0 10 20 30 40 50 60
Spain
Germany
Ireland
France
Sweden
Netherlands
Poland
Italy
UK
Japan
United States
Canada
Global
2009 2015
Trust mostly still below
2009 levels
2015 Edelman Trust Barometer: “How much do you trust your bank to do what is right?”
3
Misconduct severely affects the financial industry Trust in the financial sector remains low Increasing fines are hitting profitability, and do not
improve the reputation of the industry
-15,000 5,000 25,000 45,000 65,000 85,000
Bank of TokyoING
SocgenStanChartRabobank
SunTrustGoldman
Credit SuisseMorgan Stanley
UBSDeutsche Bank
HSBCBNP ParibasWells Fargo
RBSBarclaysCitigroup
LloydsJPMorgan
Bank of America
US mortgages UK mis-sellingSanctions/AML FXLIBOR/IR Tax avoidanceOther
Twenty of the world’s largest banks have paid more than $235bn in fines since 2008, many of them
related to mis-selling to customers
Banking misconduct bill – Thomson Reuters ($ mln), May 2015
Banks face some specific industry-wide challenges…
4
Taking calculated risks is at the core of our business model, leading to the delegation of risk-taking to less senior employees compared to other industries.
Complexity of the business model leads to challenges in retaining a clear overview of all risks present as well as on effective monitoring of risk-taking staff.
Potential failure of market discipline due to information asymmetry and the lack of incentive for small depositors to monitor bank actions as they are protected by a DGS, resulting in large banks being liable for the risks taken at smaller institutions.
Compensation practices not always properly adjusted for risk/reward and historically linked to short-term results, while successful banking requires long-term considerations and vision.
Banks have a large influence on the lives of their clients:
• Most banking products are based on long-term relationships and contracts. • Banking products often amount to a significant portion of disposable income of our clients. • Banking products are often “must-haves” instead of a “nice-to-haves”.
Products are complex: • Due to complexity of banking products, bankers are responsible for ensuring product-client suitability.
Clients often do not have a clear understanding of the products themselves. • Client fees and fines are often misunderstood: clients do not understand the underlying mechanisms in
place to fund and hedge the client proposition.
…as well as more scrutiny from society and clients
5
6
Typical causes of misconduct
Rationalisation
Motive and Pressure
Opportunity
Misconduct
Fraud Triangle by Donald R. Cressey
Insufficient monitoring and control and limited accountability: no clear ownership of risks, as well as breaches being inadequately noticed and escalated. Without adequate risk data and systems, accountability for risk is undermined which can damage the culture.
Unclear vision and values: short-term vision and uncertainty
on what the bank is trying to achieve, as well as uncertainty on what is acceptable behaviour and
what is not.
Improper incentives and sales-driven culture: performance management and incentives which focus
on short-term gains not incorporating risk/return.
7
Addressing causes for misconduct Ra
tiona
lisat
ion
Mot
ive/
Pres
sure
Op
port
unity
Unclear vision
Unclear values
Unclear desired behaviours
What are our long term objectives?
What values do we live by?
How should we behave?
Insufficient accountability Who’s responsible?
Insufficient monitoring and
control How are we measuring compliance?
Sales-driven culture What is good performance?
Improper incentives How are we rewarding people?
• Clear strategy and sense of purpose: every employee should be familiar with the bank’s long-term objectives.
• Strong ethical culture: organisational commitment to purpose, values and desired behaviours.
• Strong risk culture: organisational commitment that risk is everyone’s responsibility.
• Strong 3LoD: primary responsibility for risk is on the risk takers: 1st line of defense, with every line adding value.
• Clear governance: defined vision is consistently supported within a risk governance framework.
• Proper control mechanisms: ensure all risk types are measured and managed properly, by means of quantitative methods as well as by soft controls.
• Open culture: people should be encouraged to admit and correct mistakes as well as challenge each other.
• Proper performance management: incorporating the risk appetite as well as soft metrics related to the strategy, values and preferred behaviour of the bank.
• Proper incentives: remuneration should be rewarded on a risk-adjusted basis and linked to long-term objectives.
Define and Com
municate
Monitor and M
anage Enable and Encourage
8
Defining a common purpose : placing the customer central to everything we do Our Purpose Our promise to the customer
• Senior management must lead by example. • Tone from the top: top of organisation has to promote, as well as be willing to educate. • Acceptance necessary at various level of the organisation (including middle management) that risk
culture is key. • Establishing a culture takes time and requires regular, clear and consistent communication.
• Primary responsibility for risk has to lie with risk-takers: they are far more informed and involved than
the second line. • Proper escalation processes and clear consequences need to be in place. • Collaboration and interaction between the 3 LoD is a key success factor: risk managers who are
structurally independent and have the right incentive and evaluation structures can be more hands-on and proactive, yet retain objectivity. Risk is not supposed to be an extension of internal audit.
• Open culture needed with willingness to admit and address mistakes quickly. • Individual assessment on KPIs set by the CRO MT for staff marked as having a material impact on the
risk profile of the bank, performance on which is translated into a modifier on variable remuneration. • Risk and Front office exchanges strongly encouraged for talent development and succession planning. • Desired behaviours will be incorporated in performance management for all employees by means of a
common set of KPIs.
Proper embedding of culture: key elements
10
Defin
e an
d Co
mm
unic
ate
M
onito
r and
M
anag
e En
able
and
En
cour
age
• As a ground rule, culture should be a board-wide responsibility and the importance of the culture needs to be acknowledged at every level of the organisation.
• However, CROs do have the responsibility for deciding on what is acceptable: • Business lines and product owners sometimes lack vision on the bigger picture and might struggle with
balancing local market practices with the bank’s global view. • CROs are responsible for challenging and forcing decisions on the continuation of a product or business line,
a bank does not function optimally as a democracy. • Example at ING: revising the sale of Structured Notes in retail units.
• It is important to invest in talent management: • A long-term sustainable institution is established by investing in talents. • It is important to pass on knowledge to the next generation. Example at ING: CRO sponsors the International
Traineeship, over past few years there has been a clear shift to more content in the programme. • Instilling clear values and standards should be initiated at the very start of a career. • For promotion and succession planning experience in Risk Management should be deemed important.
The role of the CRO
11
“We tackle every crisis by imposing more rules, but we are often unable to make those rules universally binding. We resolve the problem by identifying exceptions. The result is an accumulation of rules of conduct and exceptions to those rules. However, this mechanism only creates more confusion. Certainty is possible only if one follows the letter of the rule, and this encourages, even forces, people to disconnect their moral compass. Moral judgments are made on automatic pilot. In other words, too many rules discourage rather than promote good behaviour.” George Möller, Banking on Ethics, Euromoney Institutional Investor, 2012.
Food for thought
12
“With hindsight we can now see that the risk management catastrophes of the past 3 years were (…) due to (…) the failure to bring collective human judgment to bear on critical decisions. In fact, companies current focus on compliance process – in reaction to regulatory zeal – is likely to give Boards and shareholders false confidence about their risk defenses”. T. Monahan, CEO of The Corporate Executive Board Company