Financial institutions are yet to address properly reputational risk, despite all the fall out from the crash in 2008, says Andrea Bonime-Blanc
We’ve all heard about, read about and maybe even personally experienced the parade of risk, legal and compliance horrors that have plagued the financial sector since the meltdown of 2008. And the parade has continued fast and furious since then. Despite copious investigations, settlements, prosecutions, probes, fines and castigations by a broad cross-section of local, state, federal, national and international regulators and agencies, the financial sector continues to get into trouble. Witness the continuing fallout from the Libor scandal, with lawsuits and criminal charges yet to unfold.
There is a list of various and sundry transgressions, crimes or misdemeanours attributable to a variety of financial institutions over the past decade:
- Highly complex and opaque products such as credit default swaps and derivatives that often nobody (including the bankers) fully understood, many of which eventually imploded, depriving many of their savings.
- Subprime lending with weak or fraudulent underwriting practices.
- Predatory and “liar loan” lending.
- Money laundering services for all manner of underworld denizens (terrorists, narco-traffickers, criminals, rogue governments).
- Commodities markets fixing and fraud.
- Corruption and alleged corruption in China and elsewhere.
- Rogue traders of various shapes and sizes.
For these infractions and more, the financial sector has collectively incurred north of $30bn in fines alone over the past few years (among them the biggest ever in several categories) and paid more than $100m in legal fees. And yet the sector continues to do well financially. Their shareholders are more or less happy and they continue to attract new investors. How do they do it?
Herein lies the conundrum: the financial sector continues to make robust profits while collectively and, in some cases, individually, shrugging off billions of dollars in government fines and settlements, all with little or no apparent impact on reputation.
Few if any senior executives (or boards) who presided over the transgressions of the past decade have suffered consequences of any note, and in the US at least, none of the financial institutions themselves (other than Lehman Brothers and Bear Stearns) have disappeared or been restructured in any significant way. Some restructuring and more serious consequences have been seen in the UK financial sector, however, in the case of a few institutions – Northern Rock collapsed and RBS and others brought into public ownership.
Fines and settlements continue to come in but are treated pretty much as part of the cost of doing business. With a couple of notable exceptions, neither boards nor shareholders seem terribly troubled by all of this or appear to deeply question their own oversight or investment decisions.
All of which raises the question: does reputation risk even matter in the financial sector? One might conclude that the cost of non-compliance or shoddy compliance is already priced into the business model. Reputational hits, while causing a momentary dent on financial return, don’t really matter in the larger scheme of things.
How is it that a sector that has so much legal and, theoretically, reputational trouble continues to thrive? Is there something specific or systemic to the financial sector that encourages unethical, high risk and even illegal behaviour? Let’s look at a few possible explanations.
The business of money. Is it that the business of finance is money, pure and simple, and money encourages riskier behaviour? Is it the fact that remuneration in this sector has far outpaced remuneration in other sectors and that the incentive structure encourages high-risk behaviour and unmitigated competition for the biggest bonus? Are there many other industries in which the backdrop of behaviour (both financial and personal) exhibited in the “Wolf of Wall Street” is plausible?
Compliance overkill and underkill. Is it a regulatory system that swings from going wild to going mild? A system with so many overlapping regulations, laws and regimes and almost incomprehensible national and international patchworks of legal layers and labyrinths, that it is nearly impossible for financial institutions to manage risk and compliance rationally? Such a complex regime can push organisations in a couple of wrong directions: a “compliance overkill” culture where dollars and people are thrown at the problem but no overarching strategy or culture exists, or a “compliance underkill” culture where hubristic cowboys reign supreme not expecting to get caught. Neither scenario is built on a strategic, smart-risk culture. A smart-risk culture is built upon an internal system where enterprise risk management, compliance, audit, ethics and corporate responsibility are well integrated and aligned to business strategy. This requires smart leadership that believes that these risk and reputation-related internal functions should be aligned with the business plan and strategy of the institution.
A flawed regulatory system. A regulatory regime of such complexity and Kafka-esque opacity with a tangled web of overlapping burdensome and multilayered rules also has the capacity to “go mild”. Governments don’t enforce the laws that they have made, don’t have the resources to monitor compliance with them or don’t have the competence to do so in a way that properly protects the customer. Regulators do not appear capable of keeping up with their own creations, let alone the creativity of those they target. Or even worse, the political lobbying systems of certain “advanced” economies allow for the elimination, watering down and/or eviscerating of rules and regulations that make sense.
The best and the brightest.Maybe it’s the people that the financial sector attracts: always the best and the brightest, aggressively recruited from the “best” schools, moulded to a certain image and then focused like lasers on a culture of winner-take-all and high risk, high reward. A congregation of many such personalities in one business whose sole focus is making money can be a toxic mix and a possible recipe for recidivist scandal.
A few “unimportant” victims. And when the financial sector’s best and brightest, paid handsomely for their education and ambition, go toe to toe with their regulatory counterparts who are often poorly remunerated by an overburdened and under-resourced government, who wins? Usually the well remunerated and resourced – with a few mostly mid-level casualties who are “caught”, fined and/or incarcerated along the way.
Internal organisational flaws. There are additional internal organisational themes that help explain our conundrum:
- A skewed performance management system.
- A premium on creating overly complex, mysterious and opaque products and services (that might get you into trouble).
- A pay system driven by unattainable goals and oversized bonuses.
- An overindulgence on compliance.
- An under-appreciation for ethics and integrity.
- Absence of a smart-risk strategy or culture.
- Lack of effective ethical and risk dilemma training.
- Boards that don’t think about smart-risk or have access to real risk results.
- Investors and shareholders who don’t care as long as they’re making good returns.
Solution to the conundrum?
But, what if we look at this conundrum a little differently? What if a more ethical smarter-risk approach to business actually caused better financial results? Has anyone tried that lately? What if we turned these root cause issues on their heads and decided to attack them from a more positive perspective creating:
- A calibrated performance management system with integrity metrics.
- A focus on creating understandable, transparent products and services (that won’t get you into trouble).
- A pay system driven by a mix of rewards and attainable goals.
- Less reliance on compliance as the be-all and end-all.
- More reliance on ethical decision-making models.
- Building a smart-risk strategy and culture.
- Ethical and integrity dilemma training and problem solving.
- Boards with members with risk and culture expertise (and independence).
- Investors and shareholders that reward a balanced scorecard.
One could ask: if change didn’t happen in the financial sector after the 2008 global meltdown, why would it happen now, especially in view of the fact that shareholders and investors seem to be okay with the current model?
There are three developing reasons for the financial sector to pay attention. First, an important generational change is taking place: young people are more interested in living a quality life, with money being only one of several motivators. Second, a cadre of investors is also rising with increasing clout and voice requiring better governance, sustainability and transparency from its targets. And third, technology is changing at lightning speed and with vast and still unknown consequences that will affect the financial sector in unexpected ways, perhaps through a “black swan” business model risk event, a workforce event or a big-data driven change.
The financial sector should adopt a resilient smart-risk model for these reasons and more: because “he who gets there first” may have a competitive advantage and reap the more holistic rewards.
Dr Andrea Bonime-Blanc is chief executive of GEC Risk Advisory, a global governance, risk and reputation consultancy to boards and the C-suite. She is chair emeritus of the Ethics and Compliance Officer Association, a member of Ethical Corporation’s editorial advisory board, a programme director at the Conference Board and a life member of the Council on Foreign Relations. @GlobalEthicistbanks Executive financial institutions Globalethicist Risk and Reputation risk management