The role of a senior manager is to take responsibility for assessing major risks facing the business and challenge assumptions around this. A top-level risk management strategy should set out the overall approach to risks, which should feed into the business’s strategy, projects and operations.[1]

Andrew Bailey (deputy governor, Prudential Regulation Authority) recently spoke about the need for executives to enable rigorous challenge[2] and be able to set a strategy and risk appetite and oversee implementation.

To do this, senior managers need information—managing conduct risk is no different to any other risk in this regard.

Many UK firms have undertaken a review of the conduct risk management information (MI) they produce as a result of the Senior Managers Regime, increased Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) supervisory questioning, and ever-increasing customer expectations.

Conduct MI is seen by regulators and by firms as a key approach to preventing future damaging scandals and helping senior management discharge their responsibilities.

The focus on Conduct Risk MI is not just coming from the United Kingdom. A recent speech[3] from Leslie Caldwell (assistant Attorney General of the US Department of Justice) shows American regulators are also interested in the metrics that compliance counsel will use to assess a particular program. Metrics of particular note include these:[4]

  • Does the institution ensure that its directors and senior managers provide strong, explicit and visible support for its corporate compliance policies? 
  • Do the people who are responsible for compliance have stature within the company?  
  • Are there mechanisms to enforce compliance policies?  Those include both incentivizing good compliance and disciplining violations.  Is discipline even handed? 

As Conduct Risk MI gains prevalence, it will be increasingly critical for senior managers to understand what makes good information, and how best to assess its use. I’ll provide more of these details in my second post on Conduct Risk MI.

[1] “The Independent Director The Non-Executive Director’s Guided to Effective Board Presence,” Gerry Brown, Palgrave Macmillan (2015)

[2] “Governance and the role of Boards,” speech given by Andrew Bailey (deputy governor, Prudential Regulation and CEO of PRA), London, November 3, 2015. Bank of England. Access at:

[3] Assistant Attorney General Leslie R. Caldwell Speaks at SIFMA Compliance and Legal Society New York Regional Seminar, New York, November 2, 2015.The United States Department of Justice, Justice News.  Access at:

[4] Ibid

Submit a Comment

Your email address will not be published. Required fields are marked *