Given the inherent nature of conduct risks and related issues arising throughout recent years, we would expect to see a firm’s conduct risk framework submitted as part of the applicant’s Regulatory Business Plan. This should incorporate the applicant firm’s developed systematic plan for carrying out conduct risk identification inherent to its business. We would be interested in:
- The applicant firm’s definition of conduct risk
- What tools the firm has in place to identify conduct risks
- First line of defence/ business involvement in conduct risk identification
- The alignment of conduct risk identification between different business units
We will carry out a wide-ranging review of conduct risk including, but not limited to, the following:
|
Assessment Category |
Assessment Group |
|---|---|
|
Business Model & Strategy |
How significant could the impact of external factors be on firm’s business model? |
|
Is the firm’s business model viable and sustainable? |
|
|
How significant are the inherent drivers of harm in the firm’s business model? |
|
|
Culture |
How effective is the firm’s purpose in reducing the potential harm arising from the firm’s business model? |
|
How effective is the firm’s leadership in reducing the potential harm arising from the firm’s business model? |
|
|
How effective is the firm’s people in reducing the potential harm arising from the firm’s business model? |
|
|
How effective is the firm’s governance in reducing the potential harm arising from the firm’s business model? |
|
|
How effective is the firm’s systems & controls in reducing the potential harm arising from the firm’s business model? |
|
|
How effective is the firm’s oversight of the business in reducing the potential harm arising from the firm’s business model? |