Poor risk culture is a major reason for many financial institutions’ failure. It often manifests in top management not walking the talk – the vision and mission statements are on paper only and do not hold in practice. The recent incident at Wells Fargo provides several insights into the financial industry’s risk culture and its association with poor leadership, improper incentives, weak controls and unethical employee behaviour.

While the importance of culture is well recognised, boards have a tendency to take it as a given rather than something they can create and influence. Risk culture is all about behaviours by organisational actors that translate into organisational norms, values and practices. The UK Financial Conduct Authority (FCA) has highlighted that culture is not optional; it exists everywhere, whether we like it or not. Companies and their boards need to think about what the right culture is, and how to achieve it.

Risk culture in financial organisations has received the attention of financial regulators and professional bodies worldwide. The International Institute of Finance (IIF), the Financial Stability Board (FSB), the Institute of Risk Management (IRM) and very recently the Australian Prudential Regulation Authority (APRA) have emphasised that organisations are responsible for their risk culture. The split of the UK regulator, Financial Service Authority (FSA), into the Prudential Regulatory Authority (PRA) and the Financial Conduct Authority (FCA) in 2013 was a stepping stone in this direction.

Apr-Jun 2019 Issue

Indian School of Business (ISB)