Conduct risk is top of mind for conduct regulators as we move into 2017. But conduct risks are also increasingly a vital issue for prudential regulators and for those charged with maintaining financial stability. Given the size of the penalties handed out for poor conduct over the past few years, it is easy to see why. According to the European Central Bank, the cumulative costs (including damages, fines, settlements and litigation costs) for a sample of 26 banks have totalled almost $275 billion since 2008.

Good conduct on the part of individuals and firms is critical to public trust and confidence in the financial system. But when it reaches the scale witnessed over the past few years, misconduct is also relevant to prudential regulation, as a potential threat to the soundness of financial institutions.

As a result, for example, the Financial Stability Board (FSB), working with other standard setters, has a significant misconduct strand to its work programme. As well as addressing issues in fixed income, currency and commodity markets, and coordinating reforms to major financial benchmarks, the work also includes studying how effective reforms to governance frameworks and compensation structures are in heading off misconduct.

One cannot disagree with the importance of the topic and the urgent need for solutions to put honesty and integrity, and serving the client and the customer, back at the heart of everyday behaviour in the financial sector. But is there a risk that with just about every regulatory authority getting engaged in the debate, the resultant approach will become over-determined?

System control

It was Jan Tinbergen, the joint winner of the first Nobel Prize in Economics, who emphasized that policymakers need to have at least as many policy instruments as the number of variables or outcomes they want to target. But this "system control" issue could equally apply in reverse. That is, it could be a problem if there is one target, conduct risk, addressed with two sets of instruments wielded by two different (sets of) authorities.

One purported benefit of a "twin peaks" regulatory model is that each authority can focus on its own clearly defined objectives. This was certainly one of the advantages cited by the U.K. government in refashioning the U.K.'s regulatory system. As the then Chancellor of the Exchequer, George Osborne, noted in June 2011, "creating these centres of regulatory excellence will enable each part of the framework to focus on what it knows best."

A "twin peaks" model needs good coordination between the regulators, a significant point which is written into the U.K. legislation, not only in terms of general coordination mechanisms, but also on how specific regulatory processes, such as authorisation and the making of rules, operate.

The path of cooperation and coordination between prudential and conduct regulators has sometimes been bumpy. For example, it took some time for a settled approach to tackling systemic risk in asset management to emerge, as the initial FSB-led consultations focused on developing methodologies for identifying systemically important non-bank non-insurer entities, mirroring approaches originally used for banks and insurers.

Only after some rounds of discussion and consultation was there a shift of focus toward structural vulnerabilities in asset management activities and away from a methodology designed to capture individual entities, on the basis that it is really in activities where the potential systemic risk may lie.

Where might the coordination pinch points be in relation to the misconduct agenda, particularly around the compensation and governance issues?

First, there is the challenge of defining which sectors and firms we are talking about. Because of the concern about the size of the penalties, the misconduct work in the FSB initially started with banks (and bank holding companies). It has now broadened out to cover the insurance and securities and asset management sectors, in line with the scope of the FSB's original compensation principles. Not all firms are in scope, only "significant institutions," reflecting the FSB's systemic remit, and the prudential concerns of the principal actors.

Boundary problem

This wider scope certainly engages all conduct regulators (whereas some were not engaged by a focus only on banks). But the "significant institution" dimension creates a boundary problem, as conduct issues are not particularly divisible by size of firm. Poor behaviour is poor behaviour, significant institution or not.

Second, when it comes to influences on conduct risk, compensation needs to be considered in the context of a full range of other issues, such as governance, risk and wider performance management policies and practices.

Third, and relatedly, governance is also a broad topic and could encompass, for example, the structure and responsibilities of the board of directors, individual accountability, internal controls, compliance and audit, culture, as well as financial and non-financial incentives.

These are all areas which are of detailed interest to prudential and conduct regulators alike. But hitherto, the prudential regulatory interest in these issues has mainly been directed towards "prudential" outcomes. To put all these into play for prudential regulators as "conduct" risk controls would risk creating a wide area of overlap and tension with conduct regulators. Even if the two respective sets of requirements were compatible, it would raise the question of who was in the lead in policing the issues, and in determining what an acceptable approach or interpretation would be.

Finally, there could be discussion about the appropriate mitigants to the various risks. For example, is conduct risk something that regulatory capital is well-tuned to addressing? It may be that additional capital may be valuable for backward-looking risks (i.e., misconduct that has already occurred, but not yet been accounted for). But is it likely to be better to tackle risks around future misconduct with different techniques, such as systems and controls frameworks, buttressed by active supervision and enforcement?

Complex and multifaceted

It is unsurprising to find the analysis is showing that the conduct risk issues are complex and multifaceted. They are not capable of a simple solution, and a self-contained, prudentially-relevant set of issues cannot be easily hived off. Even more importantly, nor can a self-contained, prudentially-relevant set of regulatory interventions be easily identified, separate from the interventions which conduct regulators might also pursue.

These debates still have some way to run, and having a separate set of conduct-focused interventions in the hands of prudential regulators may not be where things end up. It would however be inefficient if the authorities' collective response to the conduct risk challenge created more overlap than is necessary.

This first appeared on Thomson Reuters Regulatory Intelligence.