Australia may emerge as a world-leader in RegTech adoption as a remedy to banking culture and misconduct issues, say Jeff Kupfer and Stephen Scott at Starling Trust.
On 30 March, Starling Trust released its annual Compendium, a report on global regulatory activities aimed at promoting improved culture and conduct in the banking sector.
In the first of a series of articles, in collaboration with Regulation Asia, we discussed how the UK Financial Conduct Authority (FCA) has been a definitive leader in driving the global supervisory agenda in relation to culture and conduct risk.
In this week’s article, we spotlight Australia, where issues of banking culture and misconduct took centre stage during 2018, “with implications that have reverberated around the world,” our Compendium observes, and that “continue to shape the global dialogue around culture and conduct risk supervision.”
In late 2017, primarily in response to allegations of misconduct at Commonwealth Bank of Australia (CBA), the Prime Minister tasked a Royal Commission with investigating conduct across the Australian financial sector, which was perceived to have fallen “below community standards and expectations.”
The Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry was also instructed to investigate whether any discovered misconduct was “attributable to the particular culture and governance practices of a financial services entity or broader cultural or governance practices in the relevant industry or relevant subsector.”
Following an extensive set of hearings, Royal Commissioner Kenneth Hayne issued an interim report in September 2018, and submitted his final report to the government in Feb 2019. Findings of gross misconduct detailed in the Royal Commission’s work outraged the Australian public and forms the backdrop to a federal election called for 18 May.
Prudential Inquiry into CBA
Just as the Royal Commission began its work, the Australian Prudential Regulatory Authority (APRA) appointed a three-person panel tasked with conducting a Prudential Inquiry into the Commonwealth Bank of Australia. The panel’s April 2018 report has been described as “damning” and “scathing.” With regard to the management of conduct and non-financial risks, the panel concluded that CBA’s senses were “dulled.”
Such risks, the panel stated, were “neither clearly understood nor owned, the frameworks for managing them were cumbersome and incomplete, and senior leadership was slow to recognise, and address, emerging threats to CBA’s reputation.”
A AUD 1 billion capital charge was assessed, to remain in place until CBA is able to demonstrate its compliance with a broad set of recommendations for reform issued by the panel. Through an “Enforceable Undertaking,” APRA is monitoring CBA’s implementation of remedial actions.
The APRA panel found cultural factors to be at the heart of CBA’s problems – echoing the Royal Commission’s CBA findings – as well as similar findings from across the entire Australian financial landscape. As such, firm culture and the (mis-) conduct it is seen to permit, and even to encourage, is now top of mind for Australian regulators.
Culture as Culprit
“The finance industry, and the risk profession that serves it, has a natural affinity for measuring things in dollars and cents, percentages and basis points,” noted APRA Chairman Wayne Byers in a September 2018 address.
“But that means the conventional risk management frameworks and processes find it difficult to grapple with difficult-to-quantify risks, such as those relating to behaviour and reputation. If what gets measured gets managed, then I suspect that has played some role in bringing the industry to where it is today.”
It is notable that Byers pointed to both the financial industry and the risk advisory profession that serves it as having failed to devise an adequate mechanism for measuring, managing and mitigating culture and conduct related risks. A lack of industry standard metrics to address such “soft stuff” is seen as a key contributor to the persistence of misconduct across the sector, and a consequent loss of trust in financial firms and their supervisors.
In remarks offered for inclusion in Starling’s Compendium, James Shipton, the Chairman of the Australian Securities & Investments Commission (ASIC), states that the Royal Commission’s final report “highlighted the widespread failure of culture and professionalism across the finance sector,” adding, “the industry has a long way to go to rebuild its reputation to engender trust again.”
“Trust is at the core of our financial system,” Australian Treasurer Josh Frydenberg declared after receiving the Commission’s Final Report, “and, as we’ve seen, once it’s lost it’s not easily regained.”
Observing that the industry suffered from what he called a “trust deficit,” Shipton offered the view that ASIC and other regulators have a crucial role to play in this regard but that, “ultimately, trust can only be restored if these companies work root and branch to change their ways … to rebuild their culture from deep within.”
ASIC Commissioner John Price likewise argued that the regulator’s role is to push companies to “shine a light on their own culture and see if it is sufficiently fit for purpose.”
“When we consider where trust in business comes from, we can draw a direct line from the public perceptions of a company to its corporate culture,” writes former ASIC Chairman Greg Medcraft in the Preamble to Starling’s Compendium.
Now heading the OECD’s Directorate for Financial & Enterprise Affairs, Medcraft adds, “Culture is the unwritten rules of how things are done in a business. It shapes employee behaviour and decision-making right through an organisation. As such, it is inextricably linked to a business’s ability to act in the interests of customers and to do the right thing.”
Culture as Contagion
A firm’s culture, thus, is a key contributor to perceptions of its trustworthiness. And since firm culture is seen to drive employee conduct, it becomes a matter for supervisory inquiry.
Traditional management theory elevates the importance of incentives in driving employee behavior, and these incentives are seen as primarily financial. But people are not motivated only by money, nor are they always rational, nor do they act in isolation, and nor do they necessarily realise the factors that shape their own behaviors. As social critic Eric Hoffer once opined, “When people are free to do as they please, they usually imitate each other.”
The social circumstances in which people find themselves – their social networks, and the norms within those networks – are extremely powerful forces motivating behavior, often much more powerful than monetary incentives or individual desires. Dishonesty, proscribed behaviors and fraud tend to spread via processes of social contagion, like all other observed human behaviors. Behavior, in short, is contagious, and transmitted via cultural norms: people will behave in a risky manner when they perceive that their peers are doing similarly.
De Nederlandsche Bank – the central bank of the Netherlands – uses an iceberg metaphor to depict the way in which culture operates: observable behaviour is shaped by underlying “group dynamics”, or “patterns of interaction” that work to affect overall group effectiveness. Deeper below the surface is the “mindset” that prevails among employees – “mental models” and “assumptions about reality” that implicitly inform individual and group decision-making and behaviour. It is the supervisor’s task to surface these underlying cultural drivers of behaviour.
It is perhaps unsurprising, therefore, that the word “culture” appears 471 times in the Royal Commission’s Final Report. In concluding remarks, lead Commissioner Hayne wrote, “financial services entities must now accept that financial risks are not the only risks that matter … Financial services entities must give sufficient attention, and devote sufficient resources, to the effective management of non-financial risks.”
RegTech as Remedy
Firm culture and employee behavioural tendencies have been viewed traditionally as “soft stuff.” As such, a series of “soft approaches” to managing these matters has been typical – online ethics training; employee engagement and “360” surveys; town hall meetings that aim to broadcast the right “tone from the top”. While perhaps necessary good hygiene, these approaches have failed, manifestly, to curb misconduct and resultant costs.
There is now therefore a call for a new approach, and regulators are increasingly looking to the promise of “RegTech” – regulatory technologies – in this connection.
“Obviously traditional practices of good corporate governance, exemplary leadership and robust board oversight have a strong role to play,” Greg Medcraft notes in his Preamble to our Compendium. But so too does technology, he emphasises. “Machine learning and big data analytics have enabled ‘regtech’ solutions capable of interpreting organisational data, predicting conduct and culture risks and suggesting remedies.”
In laying out his vision for ASIC’s post-Royal Commission supervisory approach, Chairman Shipton indicated that ASIC would move beyond inquiry into known breaches “to look at factors that create significant risk of future breaches.” Cultural factors are among such predictors.
An important element of this approach is an embrace of “new frontiers,” described by Shipton as “regulation’s ‘next generation’ of tools and approaches through leading developments in behavioural economics, data analytics and regulatory technology.”
ASIC Commissioner Price also explained that “regtech should be top of mind for both regulators and industry,” arguing, “The reason for this is simple — the regtech sector has enormous potential to help organisations build a culture of compliance, identify learning opportunities and save time and money relating to regulatory matters while improving compliance and — most importantly — outcomes for consumers. It also has potential to support ASIC and our regulatory peers in the way we undertake our own work.”
Testifying before a Senate Committee in May last year, Shipton stated, “ASIC believes Australia can position itself as a world leader in the development, and adoption, of regtech solutions,” adding, “and we will look at new ways to encourage this.”
In related remarks made at a conference this past March, ASIC executive director Michael Saadat indicated that the regulator would adopt an “if not, why not” approach in an effort to nudge banks either to trial the latest technology offerings from start-ups, or to force them to explain why they are not doing so.
“I don’t think we would say: ‘you must use a particular type of technology’, but it will probably reach the point where if you aren’t using a type of technology, you have some explaining to do,” Saadat said.
Given such emphasis, Australia may ultimately emerge as a world-leader in early RegTech adoption, and we expect other regulators globally will watch closely as Australian regulators and firms trial these new technologies.
In the coming weeks, we will continue to produce our series of articles further discussing some of key themes and findings from the Compendium, a full copy of which is available here.
Jeffrey Kupfer and Stephen Scott are co-founders of Starling Trust Sciences, a US-based RegTech firm recently announced to be one of the first companies to pass the initial screening by GFIN (Global Financial Innovation Network) regulators to begin cross-border testing of new FinTech and RegTech offerings.
Starling has been invited to present its ideas and capabilities at the SEACEN Policy Summit for APAC Central Bank and Monetary Authority Leadership (Kuala Lumpur, 13-14 June) and at the SEACEN/Financial Stability Institute High Level Meeting for regional Directors of Bank Supervision (Hanoi, 26-27 June).