Conduct and regulatory risks
RBS remains focused on putting in place adequate measures to ensure that the conduct failings from the past never occur again. We are committed to ensuring that the behaviour of RBS and its staff towards customers, or in the markets in which it operates, always promotes fair and appropriate customer outcomes and avoids reputational damage, financial loss or both.
Conduct and regulatory risk exists across all stages of RBS relationships with its customers, from the development of its business strategies, through governance arrangements, to post-sales processes. It can arise from a diverse range of activities including product design, marketing and sales, complaint handling, staff training, and handling of confidential inside information. Conduct risk also exists if RBS does not take effective action to prevent fraud, bribery and money laundering. Regulatory risk arises from the regulatory, business or operating environment and from RBS’s response to it.
In 2015, RBS established a Conduct Risk Appetite Framework and it continues to be embedded across RBS. The Framework is divided into seven pillars, ensuring that conduct risk exposures are understood and managed in accordance with agreed risk appetite. It is designed to ensure a consistent approach to risk appetite – the amount and type of risk we are willing to take in order to achieve our goals – across the bank. The conduct risk objectives provide a framework that helps RBS staff to think about the lifecycle of a product, focusing on its suitability for customers. This has helped us to simplify our product structure, making the products we offer more consistent, transparent and easy to use.
The Conduct Risk Appetite Framework also requires regular, consistent assessment through the Conduct Performance Assessment and reporting of risk exposures and the operating effectiveness of controls, across the businesses.
Other activities undertaken to address regulatory risk included:
- Migration to simpler, principle-based policies with accountable executives identified and roles, accountabilities and responsibilities defined;
- Roll-out of RBS-wide policies, processes and strategic systems to identify and manage conflicts of interest better;
- Enhancement of the RBS-wide surveillance programme; and
- Significant investment in anti-money laundering controls, governance and training.
RBS defines appropriate standards of conduct and drives adherence to those standards through its framework for managing conduct and regulatory risk. The Board and its senior committees receive updates on conduct risk exposures and action plans through regular reporting.
Key elements of the governance structure are set out below:
- The Conduct & Regulatory Affairs (C&RA) Executive Committee considers emerging material risks and issues, and implements Board and Executive Committee risk management policy decisions;
- The Financial Crime Accountable Executive Committee (accountable to the Executive Risk Forum) ensures that the customer businesses and the Services function fulfil strategic objectives by identifying and managing their financial crime risks effectively; and
- The Mandatory Change Advisory Committee, reports to the Bank-Wide Investment Committee, acting as the reception committee for reviewing externally mandated changes that may affect RBS. It also recommends appropriate responses, including change implementation activities. In doing so, it determines which businesses or functions own individual risks; and commissions and reviews impact assessments from customer businesses and functions.
Plans to merge parts of the function with Risk management were announced in December 2016 to take effect from 1 January 2017. The change is designed to take advantage of synergies across the risk, conduct and regulatory agendas. Regulatory Affairs will move to Corporate Governance & Secretariat, and Remediation and Complaints will move to Services’ Chief Operating Office.
Our Code and the YES Check
We have a number of tools that guide the way we work together. Our Code provides guidance on the behaviour we expect from all employees, and lays out the standards of conduct that support our values. It sets out what we expect of each other and what our customers and communities expect of us. The YES check is a simple tool that asks five questions to guide the thinking behind our decisions and actions. Our customers expect each of us to exercise good judgement and to do the right thing. We use our values to help us think through decisions and make sure we do the right thing. When in doubt, we use the YES check for guidance.