Businesses that fail to bring conduct risk in line face regulatory action, fines, and reputational damage, which can harm a business for years beyond the event. We have seen significant financial impact on firms due to conduct-related regulatory action—and it can all stem from the actions of an individual. Because there is a high public interest in conduct risk infringements, it is increasingly important to take a holistic view for an effective defence.

Conduct risk programmes should be tailored to the needs of each firm based on size, business model, and geographic reach. The framework should take into account both short and long-term goals. The firms we have seen with the most successful programmes have regular board-level reviews that assess and challenge the programme. Scenario planning is a key consideration.

While there is no one-size-fits-all solution, we have identified six core areas for a successful conduct risk framework that can be seen in the diagram below. It covers governance, culture and behaviour, inherent and external risk assessment as well as key conduct controls and conduct management information.

How we can help

Our Bermuda based team is experienced in conduct regulation and risk management, including a number of individuals that are experienced in jurisdictions where conduct regulation has been a feature for many years, for example, the Financial Conduct Authority in the UK. Our local team works closely with conduct risk specialists from across wider jurisdictions to ensure our work brings local knowledge as well as broader global insight and expertise.

We can help with:

  • Advising and supporting the implementation of a conduct risk management framework, including: (i) policy design and writing; (ii) integration of conduct risk into your existing Enterprise Risk Management framework; (iii) undertaking conduct risk assessments and prioritisation; (iv) advising on appropriate ongoing processes and practices to embed sustainable conduct risk management into your business model. Our framework includes an assessment of the governance framework, organisational culture and behaviours, risk assessments, conduct processes and controls (including product governance) and conduct management information/ reporting.
  • Advising on product governance frameworks;
  • Assessing the effectiveness of your conduct risk management framework and processes, including benchmarking against industry practices;
  • Assisting in conduct regulatory risk assessments; and
  • Advising on remediation of any conduct risk issues that may exist or arise within your business.

Contact Us