The conduct and risk culture of banks has improved significantly in the wake of the financial crisis and the many misdemeanours that have happened since, such as rogue trading, product mis-selling and Libor-rate rigging. The change of attitude has been driven not only by the regulatory response, but by a realisation among bank boards and senior management that they had to mend their ways. It was obvious after the events of 2008 that banks needed to enhance their credit and market risk management, and set aside more capital and liquidity to support their activities. But more recently it has also become clear that they should place more emphasis on managing the non-financial operational risks - in particular 'conduct risk' (the risk of acting unethically or illegally) and 'reputational risk' (the risk of damaged or destroyed reputations resulting from poor conduct). The responsibility for controlling all the risks generated by a bank's activities is a wide one. It goes beyond the remit of the chief risk officer (CRO) and the risk management function; it is a risk governance issue.
展开▼
