It’s official, it’s war.
David Murray kicked the war off this week with his rather immoderate potshot at the corporate regulator, ASIC, for its efforts to address banking culture
And to be perfectly candid again, there have been people in the world who’ve tried to enforce culture. Adolf Hitler comes to mind.
Mr Murray, ex-head of the Commonwealth Bank, is at least consistent in his distaste for regulators. The final report into the Financial System Inquiry, which he headed, states very clearly
To expect regulators to create the ‘right’ culture within firms by using prescriptive rules is likely to lead to over-regulation, unnecessary compliance cost and a lessening of competition. The responsibility for setting organisational culture rightly rests with its leadership.
However, Mr Murray wants to have a bet each way
Australia needs strong, independent and accountable regulators to help maintain trust and confidence in the financial system. This is critically important for attracting investment and supporting growth. The quality of oversight and supervision is vital in maintaining financial stability and achieving positive consumer outcomes. Appropriate firm culture is critical, but needs to be supported by proactive regulators with the right skills, culture, powers and funding.
However, Mr Murray does not appear to have an answer to the questions raised by the FSI’s recommendations, what is to be done if financial firms do not “act with greater integrity and accountability” or “focus on consumer interests and outcomes”?
And what exactly is a “proactive” regulator to do when faced with lack of integrity and intransigent financial firms?
The FSI also stated “responsibility for culture in the financial system ultimately rests with individual firms and the industry as a whole”.
In Mr Murray’s world then, who is responsible for “culture”? The leadership, the firm (presumably including shareholders) and the “industry as a whole”, which industry - banking, financial services, in Australia or worldwide? So why pick only on local regulators?
“Culture” has to be in line for the Macquarie Dictionary word of the year. It’s on everyone’s lips, even the prime minister. Culture is one of those words that people use, assuming that everyone understands precisely what it means, even if they don’t themselves.
At conferences in Sydney last year, the heads of ASIC (Greg Medcraft) and of APRA (Wayne Byres) agreed on a few things about culture: banking culture is rotten; culture is “hard” to deal with; and regulators are basically at a loss what to do about it. Mr Medcraft joined up some of the dots:
When culture is rotten it often is ordinary Australians who lose their money. And that is my point – markets might recover but often people do not. So that is why we need to clean up culture because people suffer. And people are sick of it. They want to have trust and confidence in the institutions they are dealing with.
The premise that there is only one culture in an organisation is patently silly. For example, does the CEO of CommInsure share the same attitude to customers as a manager in a small town Commbank branch - one would hope not! They work in different industries (insurance and banking), they work in different environments (large city versus small town) and they have very different reward structures. The only thing they share is the logo on their business cards and, of course, an ex-management consultant CEO, Ian Narev, who believes that “culture” can somehow be imposed from above.
But such a belief is not unusual. Ground breaking research by Assoc. Professor Elisabeth Sheedy and Dr Barbra Griffin of Macquarie University has shown that senior managers in banks have a much more positive and rosy view of the “risk culture” in their organisations than their staff. [In that instance, who is more likely to be right, management or staff?]
The researchers concluded that
The findings suggest that senior leaders and regulators should place greater emphasis on risk culture, focusing on differences at the business unit level. Reliance on governance alone does not guarantee good behavioural outcomes.
Mr Murray, however, does have a point about misplaced regulation.
Just last month ASIC, released a report on “Culture, conduct and conflicts of interest in vertically integrated businesses in the funds-management industry”.
To say this report is grave disappointment is an understatement. And to say that ASIC has gone its own way on culture is not an exaggeration. Burke and Wills were less lost.
First there is an enormous literature on “culture” especially by Edgar Schein and on organisational culture by researchers, such as Robert Quinn and Kim Cameron. It is probably one of the most studied topics in organisational studies. And there has also been an enormous amount of work on the related topics of culture and “conduct risk” by regulators, especially the UK Financial Conduct Authority (FCA).
But that means little to ASIC.
Rather than look at how academics, practitioners and regulators other than themselves, define and attempt to measure “culture”, ASIC has come up with its own definition and identified seven “key indicators of culture”. Where these indicators come from is not explained but ASIC repeats somewhat outdated concepts such as “Tone from the Top” and “Communication and Challenge”. The scheme inexplicably links “Recruitment, training and remuneration” as if remuneration on its own was not a key driver of cultural attitudes and staff behaviour.
But if the report was just another analysis of the industry, this lack of quality analysis would not be that bad. But based on fairly flimsy foundations, ASIC then lays out what it considers to be “some good practices in relation to the management of conflicts of interest”.
While the recommendations do lay out some very sensible processes for managing conflicts of interest, such as a formal due diligence process for the selection of investments or investment manager, the report does not make any recommendations on how firms should actually change culture.
For example, it does not address one of the key prerequisites for improving culture, how employees are developed (which is different to training) and how control functions, such as audit and risk managers can be an important line of defence against bad culture.
It is also interesting that the good practices do not include formal “whistleblowing” processes even though “employees are responsible for reporting all potential, apparent or actual conflicts of interest to appropriate parties”, whoever they may be.
In other words, the ASIC report is recommending another set of quite sensible rules about how firms should avoid conflicts of interest. It does not address what it says on the packet – how to change a firm’s culture to restore trust, and confidence that conflicts of interest are being managed.
Mr Murray has little to worry about, ASIC is no Panzer Division, more Dad’s Army.