Risk management

Risk culture

Risk culture is foundational to risk management, supporting our ability to operate within risk appetite. Maintaining an appropriate and effective risk culture continues to be integral to Macquarie’s risk management framework. The Board, assisted by the Board Risk Committee, is responsible for forming a view of the risk culture within Macquarie and the extent to which it supports the ability of Macquarie to operate consistently within its risk appetite. Through its oversight, the Board can also identify necessary or desirable changes or focus areas required to strengthen the risk culture.

Macquarie’s approach to maintaining an appropriate and effective risk culture is based on an integrated and iterative cycle of:

  • setting behavioural expectations, including through the Code of Conduct
  • promoting risk culture by embedding the behavioural expectations into day-to-day practices. This is enabled through structural mechanisms, including performance-based remuneration and consequence management
  • monitoring through qualitative and quantitative indicators, targeted assessments and reviews, and enabling the identification of focus areas
  • reflecting to support the identification of necessary or desirable changes or focus areas.

Remuneration and consequence management

The Board considers the effective alignment of remuneration with prudent risk-taking as fundamental to Macquarie’s remuneration approach. Risk considerations, and recognition of behaviours that support positive risk outcomes and strengthen Macquarie’s risk culture, are embedded throughout the remuneration process. This includes the way remuneration is structured and delivered, and the determination of individual profit share allocations, business group and company-wide profit share pools.

Effective consequence management is a key component reinforcing Macquarie’s risk culture. Macquarie aims to apply consequences for non-compliance in a timely manner, and as fairly and consistently as possible.

Conduct risk 

Macquarie defines conduct risk as the risk of behaviour, action, or omission by individuals employed by, or on behalf of Macquarie, or who represent Macquarie or its business activities, and which may have a negative outcome for our clients, counterparties, the communities and markets in which we operate, our staff, or Macquarie.

Such behaviour, actions or omissions may include:

  • breaches of laws or regulations or Macquarie policies
  • disregard for Macquarie’s What We Stand For principles or the Code of Conduct
  • negligence and/or a lack of reasonable care and diligence
  • failure to escalate improper conduct
  • inadequate product design and distribution.

Conduct risk can arise inadvertently or deliberately in any of Macquarie’s Operating and Central Service Groups and may result in customer, client or market harm, or adverse financial, regulatory or reputational consequences.

Macquarie’s approach to conduct risk management is integrated in our risk management framework and is consistent with our three lines of defence model. Risk-taking must be consistent with Macquarie’s Purpose, our principles of What We Stand For: Opportunity, Accountability and Integrity, and the Board approved Code of Conduct.

Macquarie has a range of controls and processes in place to identify and manage conduct risk, including:

  • new and emerging conduct risks are identified through the Annual Strategy Review and Business Planning process
  • conduct risks that may arise when Macquarie establishes a new business or product, or makes a significant change to an existing business, product, process or system are identified and assessed through the New Product and Business Approval process
  • independent monitoring and surveillance conducted by Risk Management Group, in addition to front line supervisory activities performed by the business
  • the Risk and Control Self-Assessments require businesses to identify and assess their relevant risk event types related to conduct risk, supporting the efficient operation of markets through appropriate controls and monitoring
  • where incidents occur, businesses investigate the underlying contributing behaviours and are responsible for recording conduct-related issues and incidents in Macquarie’s Governance, Risk and Compliance system, and escalating within the set timeframes 
  • performance-based remuneration reflects an individual’s performance, which is assessed against a range of financial and non-financial factors including approach to risk management and compliance
  • an Integrity Office which is an internally independent function where staff can safely raise concerns about improper conduct, unethical behaviour or breaches of the Code of Conduct, and protects those who raise concerns under Macquarie’s Whistleblower Policy
  • an Integrity Hotline for staff and external parties who wish to speak up anonymously.