conduct risk


Conduct risk


Conduct is a lens into the culture of an organisation. By understanding and addressing the fundamental drivers of misconduct, Deloitte helps organisations drive a sustainable and robust risk culture to protect themselves for future growth.

Conduct failings seem to be widespread across several jurisdictions, many of which have been recently bought to light as regulators step up their activities to address such occurrences.

In New Zealand, there is a unique opportunity to take control of the conduct agenda by proactively addressing the drivers of a positive risk culture and conduct through an organisation’s operations and overall governance processes.

The recent conduct and culture reviews by the Financial Markets Authority (FMA) and Reserve Bank of New Zealand (RBNZ) have further stressed the significance of a proactive and organisation-wide approach to managing conduct risk. Banks and life insurers are now required to report on plans to address the regulator’s feedback; with deadlines of end of March 2019 for banks and 30 June 2019 for insurers.

Embracing this approach drives the prevention of misconduct and the achievement of fair customer outcomes – both of which are influential in building an organisation’s reputation in the market and generating trust amongst customers.

A summary of the findings and the implications for the financial industry can be found below.


Key themes from the FMA and RBNZ review findings

  • Ownership rests with you – conduct risk is your organisation’s responsibility; you can obtain assistance to manage risk however ultimately ownership ends with you.
  • Accountability is organisation-wide – everyone is accountable and has a role to play in managing conduct risk; from boards to front line employees and advisers.
  • Good culture is essential – a well-entrenched positive risk culture is fundamental to ensuring good customer outcomes.
  • Demonstrate your proactive approach – you must be able to demonstrate how you are focused on good customer outcomes with your processes, culture, systems, practices and overall business strategy to ensure ongoing product suitability.


Understanding the implications of the findings

Responses from banks and life insurers to regulators should factor in the following aspects:

Short term considerations

  • Incentives – determine whether to retain hard and soft sales incentives. To maintain incentives, an organisation must articulate how they will ensure good customer outcomes will be met and monitored.
  • Clear customer identification – be clear on who your customers are and what their needs are.
  • Develop a baseline culture – perform a risk culture assessment to identify areas of strength and focus areas for improvement.
  • Regulator engagement – begin an open dialogue with the regulator demonstrating your progress towards addressing areas of weakness.

Medium term considerations

  • Define company purpose – identify the company’s purpose and how you will keep customers at the heart of your activities.
  • Build team, processes, systems & culture – ensure all elements of the company are centred on the purpose and working cohesively in the same direction.
  • Identify what good looks like – articulate what good looks like for your company when considered through a conduct and customer outcome lens.
  • Implement feedback loops – ensure you set up processes to continuously monitor and improve and to drive a learning culture. Focus on learning more about your customers and the impact of your decisions to inform future decisions.
  • Ensure compliance with proposed new legislation – compliance with the proposed new Financial Services Legislation Amendment Bill will be part of the conduct journey.


How Deloitte can help

Our team can support you and your organisation in your conduct and risk culture journey through:

  • Performing risk assessments throughout your operations, covering people, channel, product and customers, to identify potential ‘hot spots’ and immediate focus areas.
  • Working with Boards and senior management to help them understand the key conduct issues and risks.
  • Assisting with culture assessments to understand where strengths and focus areas lie.
  • Enhancing existing governance and monitoring processes to protect you against conduct risks.
  • Development of a project plan and road map to understand and mitigate your conduct risk.
  • Supporting your engagement with the regulators.


Further information

Conduct and building a positive risk culture

In this five-part article series, our experts, in association with Newsroom, investigate key issues organisations need to address around conduct, the fair treatment of customers and how to build a positive risk culture.

Read the article series here.

Get in touch

Aloysius Teh

Aloysius Teh

Government and Public Sector Leader

Aloysius provides a range of financial, IT and operational risk management and internal audit services to clients in the public and private sectors. He has assisted a number of clients develop their i... More

Catherine Law

Catherine Law

National Leader - Risk Advisory

With over 30 years’ experience in business, both in New Zealand and the UK, my goal is to help clients be better businesses by doing ‘the right thing’ and being able to demonstrate it. The wider impac... More

Roopa Raj

Roopa Raj

Partner - Financial Services

In today’s ever-changing world, managing risk and regulatory compliance is often complex and requires organisations to understand their business in a number of different lenses. I am passionate about ... More