Risk culture and conduct risk management
Risk culture and conduct risk management
A sound risk culture has been integral to Macquarie’s risk management framework since inception. Primary responsibility for risk management in Macquarie, including risk culture, is at the business level. The Board, assisted by the Board Risk Committee, is responsible for:
- Reviewing, endorsing and monitoring Macquarie’s approach to risk culture and conduct.
- Forming a view on Macquarie’s risk culture and the extent to which it supports the ability of Macquarie to operate consistently within its risk appetite.
Maintaining an appropriate risk culture
Macquarie’s approach to maintaining an appropriate risk culture is based on the following three components:
1. Setting behavioural expectations
Senior Management, with oversight from the Board, set behavioural expectations. Staff are made aware that Macquarie’s principles of What We Stand For - Opportunity, Accountability and Integrity must form the basis of all behaviours and actions. These behavioural expectations are specified in the Board approved Code of Conduct, which is actively promoted by management and cascaded through the organisation.
2. Leading and executing
Management implements behavioural expectations through:
- leadership actions and communication
- organisational governance
- incentives and consequence management
- organisational and individual capability.
3. Monitoring, measuring and reporting
Macquarie monitors and measures its risk culture to gauge effectiveness while promoting continuous improvement. Mechanisms include:
- Reports incorporating behavioural elements (such as policy and limit breaches) are prepared by all businesses, Risk Management Group (RMG), HR and Macquarie’s Integrity Office and escalated, where relevant, according to our governance framework. These include regular reports relating to risk culture which are provided to Senior Management and the Board
- The Risk Culture team in RMG Behavioural Risk uses a well developed assessment process. It undertakes risk culture reviews across the Operating and Central Service Groups to assess the relative strengths and areas for development within a business or function.
These mechanisms facilitate a feedback loop of sharing good practice and lessons learnt to enable cultural realignment where necessary.
Remuneration and Consequence Management
Macquarie’s remuneration framework and consequence management process is designed to promote accountability, encourage and reward appropriate behaviours and discourage inappropriate behaviours.
The Board considers that the effective alignment of remuneration with prudent risk-taking is fundamental to its remuneration approach. Performance-based remuneration reflects an individual’s performance which includes an assessment of a range of factors including risk management and compliance as well as behavioural measures to promote good conduct and commitment to the Code of Conduct and What We Stand For. In addition, the remuneration framework is characterised by significant retention and long deferral periods which enables risk outcomes to be taken into account over long periods.
The Board and Board Committees continue to take risk and conduct matters very seriously. There are robust processes in place to ensure that risk, reputation and conduct related matters, as well as financial losses and impairments, and other breaches of the risk management framework are specifically considered when assessing performance and determining remuneration outcomes. These processes may result in a downward adjustment to group and/or individual profit share allocations where appropriate.
Effective consequence management is a key component of Macquarie’s risk culture. Macquarie aims to apply consequences for non-compliance in a timely manner, and as fairly and consistently as possible.
Conduct Risk Management Framework
The risk of behaviour or action taken by individuals employed by, or on behalf of, Macquarie or taken collectively in representing Macquarie that may have a negative outcome for our clients, counterparties, the communities and markets in which we operate, our staff, or Macquarie.
Such behaviour or action may include:
- breaches of laws or regulations
- disregard for Macquarie’s principles of What We Stand For or the Code of Conduct
- negligence and/or a lack of reasonable care and diligence
Conduct risk can arise inadvertently or deliberately in any of Macquarie’s businesses.
Macquarie’s approach to conduct risk management is integrated in our risk management framework and is consistent with our three lines of defence model. Risk taking must be consistent with Macquarie’s principles of What We Stand For - Opportunity, Accountability and Integrity which must form the basis of all behaviours and actions. These behavioural expectations are outlined in the Board approved Code of Conduct.
Macquarie has a range of controls and processes in place to identify and manage conduct risk, including:
- new and emerging conduct risks are identified through the annual strategy and business planning process
- conduct risks that may arise when Macquarie establishes a new business or product, or makes a significant change to an existing business, product, process or system are identified and assessed through the new business and product approval process
- independent monitoring and surveillance conducted by RMG, in addition to front line supervisory activities performed by the business
- the Risk and Control Self-Assessment incorporates a conduct risk lens, requiring businesses to identify and assess their key conduct risks
- where incidents occur, we investigate the underlying contributing behaviours, the impacts and resolve the issues appropriately and in a timely manner. Behavioural matters are addressed in accordance with our Consequence Management Guideline
- performance based remuneration reflects an individual’s performance, which includes assessment of a range of factors including risk management and behavioural measures
- an Integrity Office that is an independent point of contact for staff to safely raise concerns about misconduct, unethical behaviour or breaches of the Code of Conduct
- a global Staff Hotline for staff who wish to speak up anonymously.