RegTech Intelligence

Culture, conduct and how RegTech can help

conduct risk, regtech and conduct, regtech conference

Improving the culture and codes of conduct within financial services firms has been a longstanding issue of contention since the financial crisis.  Combatting negative behaviours and inefficient controls has proven difficult to regulate and tackle head on.

In 2013, the FSB officially acknowledged business conduct as a new category of business risk and now, in 2016, we’ve witnessed firms being subject to millions in fines and regulatory penalties for conduct risk failures. The issue of defining conduct risk and determining where its boundaries lie has proven difficult for regulators across the globe, however, with an estimated international tally of £252 billion in fines between 2011 and 2015, the industry cannot ignore the extent of the problem.

What is conduct risk and where does it stem from?

In a speech from May 2016, prior to commencing his position at the FCA, Andrew Bailey expressed that culture and conduct “is a product of a wide range of contributory forces:  the stance and effectiveness of management and governance, including that well used phrase “the tone from the top”; the structure of remuneration and the incentives it creates; the quality and effectiveness of risk management; and as important as tone from the top, the willingness of people throughout the organisation to enthusiastically adopt and adhere to that tone.” With that in mind, can RegTech offer a solution for managing conduct risk, or is it a behavioural contagion that can only be stamped out by implementing a cultural shift across firms?

Knowing controls = keeping senior managers out of jail

What role could technology play in rectifying bad conduct?

RegTech offers an opportunity for firms to implement more stringent controls that negate the risk of human oversight or inefficiency by automating compliance.  This creates a system that places transparency at the heart of business operations by minimising the risks associated with malpractice across front, middle and back-offices.

How are regulators approaching the issue?

Regulators across the globe are slowly realising the benefits that RegTech can offer firms in managing the expansive array of complex and technical regulatory requirements.  Therefore, what can it do in terms of mitigating the widespread issue of conduct risk?

  1. Regulatory sandboxes

One of the FCA’s latest initiatives, which has seen similar incarnations being discussed or established in Australia, the US, Singapore and Hong Kong, has been the concept of a regulatory sandbox.  This ‘sandbox’ allows businesses to test innovative products, services, business models and delivery mechanisms in a ‘safe space’ without the fear of being penalised or fined by the regulator.  This means that potentially high-risk concepts can be vetted prior to going live on the markets.

This can be viewed as a move to instigate open dialogue between firms and the regulator about the creation and distribution of new products and services.  This also serves a long-term objective of creating a collaborative atmosphere where firms are not afraid of engaging with the regulator in order to minimise potentially high-risk decisions.

2. Artificial intelligence (AI)

Artificial intelligence is no longer just the topic of sci-fi films and conspiracy theories, but is now being utilised on trading floors as a means of monitoring behaviour patterns and creating automated alerts for compliance teams when a rogue trade is executed.  The benefits of such a system mean that human oversight is almost completely eliminated and compliance becomes less complex and subjective.

Is bad conduct not derived from bad culture?

Of course, the counter-argument to the idea of RegTech improving systems and controls that can have a beneficial effect on conduct is that the issue of conduct is behavioural and, therefore, ingrained in human thoughts and actions. In many cases of misconduct, unrealistic targets and corresponding incentives may put employees under pressure and eventually lead to deceptive cross-selling practices. Human bias, irrationality and deceit are often markers in conduct risk cases. Indeed, in a recent speech by John Griffith Jones, Chairman at the FCA, on ‘What makes good conduct regulation?’, he affirms that ‘we need to understand psychology as much as being financial analysts. Behavioural economists have shed light on the way that real people behave, and it is not necessarily in line with econometric models.’

However, when RegTech is used in tandem with other controls, we get closer to the point of stamping out occurrences of conduct risk.  For example, the UK’s Senior Managers Regime represents one such control that has directly sought to improve the culture within firms by instituting changes in the ‘the tone from the top’. Ensuring that senior management is accountable for the tone and behaviour of their firm and its reputation is a starting point that, used in conjunction with automated RegTech controls, can transform the financial services industry and the way in which it operates.

Mitigating the risk of bad conduct is clearly not a black and white issue but, with RegTech offering some potential opportunities to shift the tide of negative public opinion of financial institutions and their operations, it is at least a start.

You can join the discussion at our conduct roundtable during our RegTech Capital Markets Conference which will be held on 28 February in London.  For more information on the agenda, speakers and to find out how to register, please click here.

To deepen the discussion on RegTech, JWG will also be running a series of new special interest groups, covering:

  • Trade surveillance. What can be traded, where it can be traded, which types of firm can trade it and what systems are needed to do so
  • Client management. The holistic obligations of KYC regulations on client data
  • Reporting and reference data. Reporting to regulators including, but not limited to, transaction reporting formats, standards, collection mechanisms and holistic data models
  • Data and security. Data security, privacy and associated technology risk and risk data requirements from a wide range of regulations.

If you would like to find out more about the groups, please contact

To promote global dialogue on how to deliver regulatory change JWG post hundreds of focused articles a year to thousands of subscribers. Get involved and join the mail list.

By hitting the subscribe button you agree to our Privacy Policy