Difference between revisions of "Conduct Risk"

From MgmtWiki
Jump to: navigation, search
(Other Material)
(Other Material)
Line 36: Line 36:

Revision as of 07:09, 9 August 2021

Full Title or Meme

Conduct Risk is a recent addition to the public auditors repertoire in response to the huge loss that has recently impacted companies that do not conduct their business in an ethical manner.


Arthur Anderson, Wells Fargo, Equifax, all bring one thought immediately to mind, "what were they thinking when they conducted themselves in such an unethical manner?". McKinsey was a highly respected consulting firm[1] before it got engaged in several third world countries and took advance of their knowledge to create very unfortunate outcomes. The problems with disregard for their customer's interest has been a constant drum beat of the new since 2016 when, after the Great Recession it was learned that they opened accounts and charged unwarranted fees at the same time that their C.E.O at the time was bragging on earnings calls about the great results of their sales team, which was incentivized to push these unwanted products on customers. Recent reports by their regulator, The Office of the Comptroller of the Currency, has reported that they were "disappointed" causing their current C.E.O. to try to explain to Congress, yet again, how this wont happen again.[2]


  • Since executive compensation is often predicated on shareholder value, any risk must be measured strictly in that metric to become an important consideration for executive action by the bulk of public companies. A similar calculus will apply to public enterprises because of pressures from the population at large and thanks to the investigations of a free press where it still exists. In both cases Conduct Risk is a growing discipline that Enterprises have learned to fear through the experiences with general business cases describe on the page Conduct Risk as well as those cases that are specific to service providers.
  • The executive are not held accountable by any force but the risk that their bonuses will be cut. In a few cases, the company was put at existential risk of failure, but the executives generally do not suffer. Until the boards hold the executive accountable for this sort of action, there will be no change. Today the boards seem to be more worried about take-over attempts by dissident shareholders who are more concerned with next quarter's earnings than they are with the continued existence of the company.
  • Consumers are starting to take action based on data breaches. In a Ping Identity study[3] it was found that "81% would stop engaging with a brand online following a breach (up 3% from 2018), and 25% would stop all interaction whatsoever." In spite of this trend, breaches continue to occur on a daily basis. At a 2019-10-28 identity meeting-up there was consensus that the challenge in getting companies to spend money on security was showing a decrease in costs rather than a decrease in risk. CEO's, like Boeing's or GE's, have focused on short term financials rather than the overall health of the company. Both of those have fallen from highly successful to badly damaged based on misunderstanding the real objectives of the CEO's office.


Many of the risk factors arise because management is not equipped to deal with the rapid changes in technology and the impact that can have on business operations and customer expectations. For example both Google and Microsoft issued warnings in their recent filings on the risk that bad outcomes are highly likely as Artificial Intelligence becomes an increasingly large component of their operations.[4]


For example, since the 2016 US presidential election Facebook has been called on the carpet in several countries for numerous privacy lapses that continue to grow.[5][6] When Facebook reported that 3 million users in Europe had abandoned them it lost $120 Billion in market value and the stock has continued to lose value throughout 2018.[7] The loss to Equifax market cap after their privacy breach is more that 30% with some experts doubting that the company can continue in existence after all the legal cases are settled.[8]

Financial Innovation

The major culprit of the recent Great Recession has been blamed on new financial instruments. Even before that occurrence both Arthur Anderson and Enron were eliminated from their place as admired companies and ceased operation after discoveries of how the manipulated energy futures. This was an existential legal risk in their case, but there was substantial cost to their reputation even before they ceased operations.


  • Changing corporate habits can be difficult unless the CEO of the Enterprise makes and enforces a commitment to treating the employee and the customer with respect. [9]
  • Large accounting firms have all started “Conduct Risk” practices due to the growing demand, but also to the expectation of continued pressure from regulatory bodies to assure that Enterprises are positioned to absorb the costs of unsafe behavior.
  • The best solution would be for financial disclosure documentation to require the inclusion of a conduct risk assessment in every mandated disclosure, with privacy risk as a component of that section. This procedure will never anticipate changes brought about by radically new technologies, but it will require inclusion of risks as they are recognized. Large numbers of shareholder suits are based on misleading the investors on the risk of behavior.[10]
  • In Germany the boards are required to have representatives of the community and labor unions. This assures that there is some input as to the Common Good of the community and the workers at the company.


  1. Walt Bogdanich +1, How McKinsey Lost Its Way in South Africa 2018-06-26 New York Times https://www.nytimes.com/2018/06/26/world/africa/mckinsey-south-africa-eskom.html
  2. Emily Flitter, Wells Fargo C.E.O. Draws Ire of House Panel During Testimony. (2019-03-13) New York Times p. B3
  3. Ping Identity 2019 CONSUMER SURVEY: TRUST AND ACCOUNTABILITY IN THE ERA OF DATA MISUSE, https://www.pingidentity.com/content/dam/ping-6-2-assets/Assets/Misc/en/3464-consumersurvey-execsummary.pdf#study
  4. Tom Simonite, Google and Microsoft Warn That AI May Do Dumb Things. (2019-02-19) Wired Magazine https://www.wired.com/story/google-microsoft-warn-ai-may-do-dumb-things
  5. Kevin Roose, No gentile Giant, But a Juggernaut Playing Hardball. (2018-12-06) p. B1 New York Times
  6. Adam Satariano +1, Leveraging User Data To Show Favoritism Among Its partners. (2018-12-06) p. B1 New York Times
  7. Over $119bn wiped off Facebook's market cap after growth shock. The Guardian https://www.theguardian.com/technology/2018/jul/26/facebook-market-cap-falls-109bn-dollars-after-growth-shock
  8. Equifax’s stock has fallen 31% since breach disclosure, erasing $5 billion in market cap. (2017-09-14) Market Watch https://www.marketwatch.com/story/equifaxs-stock-has-fallen-31-since-breach-disclosure-erasing-5-billion-in-market-cap-2017-09-14
  9. Time magazine special report on Habits
  10. Brendan Pierson, Former Exxon CEO Rex Tillerson testifies in climate change fraud trial Reuters (2019-10-30) https://www.reuters.com/article/us-exxon-mobil-lawsuit/former-exxon-chief-rex-tillerson-to-testify-in-climate-change-fraud-trial-idUSKBN1X912M

Other Material

The wiki page on Privacy Risk shares some content with this page as privacy risk is becoming a significant factor in Conduct Risk.