Risk management

Risk culture

A sound risk culture has been integral to Macquarie’s risk management framework since inception. Macquarie sets, promotes, monitors and reflects on the effectiveness of our risk culture. All staff have a role in managing risk. Ownership of risk, including risk culture, is at the business level. The Board, assisted by the Board Risk Committee, is responsible for forming a view on Macquarie’s risk culture and the extent to which it supports the ability of Macquarie to operate consistently within its risk appetite. The Board also identifies and monitors any necessary or desirable actions to change the risk culture.

Macquarie’s approach to maintaining a sound risk culture is based on three components:

Senior Management, with oversight from the Board, set behavioural expectations. The way we fulfil Macquarie’s purpose is defined by our principles of What We Stand For: Opportunity, Accountability and Integrity. Staff are made aware that these principles must form the basis of all behaviours and actions. These behavioural expectations are specified in the Board-approved Code of Conduct, which is actively promoted by Management and cascaded through the organisation.

Management implements behavioural expectations through:

  • leadership actions and communication
  • organisational governance
  • incentives and consequence management
  • organisational and individual capability.

Macquarie monitors and measures its risk culture to gauge its effectiveness while promoting continuous improvement. Mechanisms include:

  • Reports incorporating behavioural indicators (such as policy, limit and training breaches) prepared by all Operating and Central Service Groups, including reports prepared by Risk Management Group (RMG), Human Resources (HR) and Macquarie’s Integrity Office, and escalated where relevant, in accordance with our governance framework. These include regular reports relating to risk culture which are provided to Senior Management, the Board and relevant Board Committees.
  • Risk culture teams in both RMG Prudential Risk and Internal Audit undertake a range of business level and thematic assessments of risk culture and behaviour.

These mechanisms facilitate a feedback loop of sharing good practice and lessons learnt to enable cultural alignment.

Remuneration and consequence management

The Board considers that the effective alignment of remuneration with prudent risk-taking is fundamental to Macquarie’s remuneration approach. Risk considerations are embedded throughout the remuneration process, including through the determination of individual profit share allocations, business group and company-wide profit share pools, as well as through the way in which remuneration is structured and delivered. Effective consequence management is a key component of Macquarie’s risk culture. Macquarie aims to apply consequences for non-compliance in a timely manner, and as fairly and consistently as possible. 

Conduct risk 

Macquarie defines conduct risk as the risk of behaviour, action or omission by individuals employed by, or on behalf of, Macquarie or taken collectively in representing Macquarie that may have a negative outcome for our clients, counterparties, the communities and markets in which we operate, our staff, or Macquarie.

Such behaviours, actions or omissions may include:

  • breaches of laws or regulations
  • disregard for Macquarie’s principles of What We Stand For or the Code of Conduct
  • negligence and/or a lack of reasonable care and diligence
  • failure to escalate improper conduct
  • inadequate product design and distribution

Conduct risk can arise inadvertently or deliberately in any of Macquarie’s Operating and Central Service Groups.

Macquarie’s approach to conduct risk management is integrated in our risk management framework and is consistent with our three lines of defence model. Risk-taking must be consistent with Macquarie’s principles of What We Stand For and the Board-approved Code of Conduct.

Macquarie has a range of controls and processes in place to identify and manage conduct risk, including:

  • New and emerging conduct risks are identified through the annual strategy and business planning process
  • Conduct risks that may arise when Macquarie establishes a new business or product, or makes a significant change to an existing business, product, process or system are identified and assessed through the new business and product approval process
  • Independent monitoring and surveillance conducted by RMG, in addition to front line supervisory activities performed by the business
  • The Risk and Control Self-assessment requires businesses to identify and assess their key conduct risks
  • Supporting the efficient operation of markets through appropriate controls and monitoring
  • Where incidents occur, businesses investigate the underlying contributing behaviours and are responsible for recording all conduct related issues and incidents in Macquarie’s Governance, Risk and Compliance system, and escalating within the set timeframes 
  • Performance-based remuneration reflects an individual’s performance, which is assessed against a range of financial and non-financial factors including approach to risk management and compliance
  • An Integrity Office that is an independent point of contact for staff to safely raise concerns about misconduct, unethical behaviour or breaches of the Code of Conduct, and protects those who raise concerns under Macquarie’s Whistleblower Policy
  • A global Staff Hotline for staff who wish to speak up anonymously
  • A Customer Advocate Office (ANZ only) to promote fair and reasonable customer complaint outcomes and to review and assist with determining escalated customer complaints.