Governance and conduct video series: 5 key improvements firms must make when using conduct risk metrics

Tunde Fasoyiro

I'm here with Christian Blackwell to talk about five key improvements firms must make when using conduct risk metrics. How can firms use qualitative and quantitative data in measuring conduct risk?

Christian Blackwell

Thanks, Tunde. It's really a little bit different with conduct risk, it's not like market risk or credit risk, where there are established industry metrics. Conduct risk there's no one size fits all, but there are certain things firms should really look at, both internally and externally. Internally, they should look at complaints data and doing, specifically doing very robust root cause analysis and then mining that data for conduct information around the global business is a good idea, and is a good metric. Externally, you can actually now get data about sentiment, about your company, which can give indicators, or even benchmarking data, benchmarking peers and other organisations. This data is available and companies should really start looking to use that.

Tunde Fasoyiro

And now a company has collected all this data. What do they use it for?

Christian Blackwell

They can use it for a number of different things, and it – one really important area is actually using this data in the risk assessment process. This can really help in terms of making that process more robust and allowing better development of controls and better and earlier mitigation of the risk.

Tunde Fasoyiro

Are there any lessons we can learn from the past?

Christian Blackwell

I think it's really important to look back and learn the lessons. We can look at whistleblowing cases that have happened, investigations and getting the data out of those is really valuable in terms of actually checking the temperature of how an organisation is performing, and it's a great indicator of conduct around the business.

Tunde Fasoyiro

And how about the robustness of systems?

Christian Blackwell

Yes, it's all very well having the aspiration to gather a lot of this data, but if you haven't got the robust systems, you won't be able to have that data in the right form to be able to use it. So, organisations, compliance functions should be looking at their systems and seeing if they are mature enough, capable to pull out the data that they need. If not, then that should be something they're requesting or building into their plans for the future.

Tunde Fasoyiro

And how does this link into reporting mechanisms?

Christian Blackwell

Constructing the appropriate reporting mechanisms is really important. So, we've gathered the data, we may have got the right systems, but the analysis of that data, and then the reporting to different audiences is critical. So, what the compliance management needs will be different to the board reporting, and that should be considered so that you have the appropriate information on the different dashboards that you're constructing.