Skip to content

Conduct risk in the spotlight after first fine under SMR

Tiffany Robertson
Freelance Legal Writer
Pedestrians make their way through Times Square in the rain in the Manhattan borough of New York January 18, 2015. REUTERS/Carlo Allegri. Conduct risk
REUTERS/Carlo Allegri

The first regulatory fine issued under the UK’s senior managers regime (SMR) by the Financial Conduct Authority (FCA) and the Bank of England’s Prudential Regulation Authority (PRA) has highlighted importance of addressing conduct risk. Industry opinion on this subject was gauged by the Thomson Reuters’ fifth annual survey of more than 600 compliance and risk practitioners.


  1. Financial Conduct Authority (FCA) and the Bank of England’s Prudential Regulation Authority (PRA) issued a fine of 1.1 million pounds for misconduct.
  2. A Thomson Reuters survey of global compliance and risk practitioners discovered that 70 percent believe there will be a greater focus on senior managers’ misconduct.
  3. Surveys reveal that a lack of training programs within companies is a significant factor that increases conduct risk.

In May 2018, following a year-long investigation, the Financial Conduct Authority and the Bank of England’s Prudential Regulation Authority issued the first fine under Britain’s new senior managers regime (SMR) for a combined 1.1 million pounds ($1.5 million) for misconduct.

Highlighting the importance of conduct risk in today’s business environment, the FCA stated the individual failed to act in accordance with “the standard of due skill, care and diligence expected of a CEO in a regulated firm.”

Find out how Thomson Reuters Compliance Learning can help train your workforce to understand their compliance obligations

Global search for whistleblower’s identity

The regulatory charges stemmed from apparent attempts by the CEO in question to determine who wrote letters expressing concerns about a senior bank employee.

As the letters originated in the U.S., investigators claim the CEO sent a copy of an envelope of one of the letters to a U.S.-based bank employee “who engaged with their contacts in the U.S. to try and identify the author.”

Information passed back to the CEO gave them the date, time and location from which the whistleblower purchased postage for the letter. Thereafter, the CEO unsuccessfully used bank security to try to obtain video recordings of the individual who purchased the postage.

An example of a Thomson Reuters Compliance Learning Conduct Risk online training course. Conduct risk
A snapshot of Thomson Reuters Compliance Learning online training course.

CEO’s actions undermined conduct risk efforts

According to the FCA, the CEO “acted unreasonably in proceeding in this way and, in doing so, risked undermining confidence in [the bank’s] whistleblowing policy and the protections it afforded to whistleblowers.”

This statement is illustrative of the importance regulators place on proper conduct and the “risk” inappropriate behaviors can place on an organization.

Broadly defined to include any action that results in harm to customers or adversely affects the financial markets, properly managing conduct risk requires that organizations implement measures to foster appropriate behaviors within the organization’s overall culture to minimize harmful outcomes to customers and/or financial markets.

Our 2018 Culture and Conduct Risk Report is now live — find out how you compare

Conduct risk high on corporate agendas

Such conduct risk was the focus of Thomson Reuters’ fifth annual survey of more than 600 compliance and risk practitioners around the world.

Seventy percent of respondents see regulatory focus on culture/conduct risk, such as the FCA’s scrutiny seen above, as increasing potential personal liability for senior managers.

Three-quarters of them consider conduct risk factors when discussing business strategy, with the top three key components of conduct risk reported as culture/ethics/integrity (54 percent), corporate governance/tone from the top (44 percent) and conflicts of interest (41 percent).

An example of a Thomson Reuters Compliance Learning Conduct Risk online training course

Read the Culture and Conduct Risk report blog to see the key highlights

Training and conduct risk

Nonetheless, researchers voiced concern over the continuing number of firms who have yet to implement training programs on conduct risk, despite acknowledging the need to do so.

Likewise, three-quarters (76 percent) of respondents in yet another survey did not feel the skills currently available were at the same level as those required for compliance.

Thomson Reuters researchers point out that organizations should take heed of such findings, given that regulators view training as a key indicator that a firm is serious about its compliance obligations and has maintained and updated its staff’s knowledge and skill sets of all staff as needed.

An example of a Thomson Reuters Compliance Learning Conduct Risk online training course
An example of a Thomson Reuters Compliance Learning online training course

Our online training engages your workforce and supports your business in building a culture of compliance

Training on conduct to minimize risk

Organizations can help stem regulatory scrutiny with Thomson Reuters’ Conduct Risk Suite. This online training is an easy and effective way to ensure all organizational staff understand the importance of minimizing conduct risk.

Its eight courses familiarize employees with the various areas of a firm’s culture and operations that present conduct risk and explain how to mitigate such risk. Such training reduces conduct risk by encouraging ethical behavior from all individuals within the organization at all stages of business operations.

Compliance Learning. Conduct risk