A Starling Insights Deeper Dive Report

Supervisors on Supervision

Public Exposure Draft

Norman Chan

past-CEO

Hong Kong Monetary Authority

Picture of Norman Chan
View Full Report

Contributions to the Supervisors on Supervision Stocktake

What does culture mean in the supervisory context?

1.1.1a There is recognition among stocktake participants that culture lacks a commonly agreed-upon definition, which makes it difficult to discuss, examine, or assess.

“[The work done on culture is] never enough. I sense that professional supervisors tend to be more comfortable with quantitative and prescriptive rules because they are easier to measure and report. Culture is harder; it's subject to interpretation.” 

1.1.1b Some participants argue that supervisors should focus on a subset of organizational culture (“risk culture”) that directly applies to risk and compliance functions and outcomes.

“Risk culture is when the board or senior management defines the risk appetite — how much risk the institution is prepared to take — and then sets quantitative benchmarks to stay within those parameters. It’s top down. Culture risk is about whether the board is fully sensitive to the risks the bank is exposed to. It emerges from the bottom up.”

What is the relationship between culture and governance and how does ambiguity about that relationship contribute to uncertainty?

1.1.3a Participants shared differing perspectives on which comes first, culture or governance.

If society could only have one of two things — a set of rules or a strong culture — which would you choose? I would always choose culture.”

Should culture, and the conduct proclivities it may promote or discourage among employees, factor into supervisory engagements?

1.2.1a Many participants see culture as a precursor to misconduct and consumer harm, making it of key interest to conduct regulators.

“As fee and non-interest income have become more important for banks, and as the community needs help managing its wealth, culture has become very important. 

The bank isn't just risking its own capital; it's advising or enticing customers to buy products to earn a fee. The more volume they generate, the higher their income, which creates an inherent potential for mis-selling.

We introduced many reforms to ensure banks would not sell financial products to unsuitable customers, including complicated processes and safeguards. But to me, in my heart, it's still about the culture.

Conduct supervision is very simple. It’s ensuring your staff adhere to a single principle: is this a product you would be prepared to sell to your grandmother or your brother? If you have doubts, you should think twice. Beneath this simple, almost joking, principle is a very profound philosophy. It's culture. If you don't know what you're selling, don't sell it. If you know a product is very risky, you wouldn't recommend it to your close friends or relatives. 

A culture based on the simple logic of not selling something to a customer that you wouldn't sell to your own mother or brother is timeless. It doesn't matter if it's Bitcoin or some new product 20 years from now; the philosophy remains the same. 

Would a bank's management be willing to use the common-sense "grandmother" approach? If they do, then the bank won't do enough business, it won't generate enough profits, and people won't get paid bonuses. That's the difficulty.”

1.2.1b Other participants note that misconduct that results from cultural problems often lead to prudential failures.

“Non-financial risks will eventually have financial consequences for the banks. Reputational damage can have very real and significant financial consequences. It could be misconduct, mis selling, or IT insecurity. If a bank's system is attacked by hackers, even if it recovers, depositors may move their money, and that could cause a run on the bank.”

What role do international standard-setters have to play in coordinating culture supervision?

1.3.3a Many participants point to the need for global coordination on standard setting

“Whether [global standards for culture] metrics themselves would be of ethical help is less relevant than the fact that they would stimulate debate and discussion among central banks and top supervisors. It's a good idea because it keeps the topic from losing steam.”

What role does culture play in governance failures that ultimately require supervisory attention?

2.1.1d Participants observe that culture can undermine incentive programs, employee engagement efforts, and other common management measures aimed at shaping behavior in desired directions, making it even more so a challenge for large, complex organizations.

“Conduct is the actual practice or behavior you can observe, whereas culture is the set of values that guides thinking and behavior. You would rarely find a board that condones bad ethics. The problem is not that directors are bad people; most of them are decent. The problem is that they are often not able to influence the management or the culture of the bank.”

2.1.1d Participants observe that culture can undermine incentive programs, employee engagement efforts, and other common management measures aimed at shaping behavior in desired directions, making it even more so a challenge for large, complex organizations.

“Culture is a complex matter. Although it should be prescribed from the top down, practicing it requires bottom-up acceptance. The incentive system plays a huge part in this. The board can set appropriate risk parameters, but if the bank continues to reward excessive risk-taking, managers will take excessive risks.”

How do supervisors approach culture as a factor in governance failures in the absence of clear frameworks?

2.2.1a Participants discuss how the relationship between governance and culture risk presents unique challenges for supervision.

“I favor a two-track approach: introducing sensible rules that seek to prohibit/restrain excessive risk taking or behavior that would jeopardize the interests of the customers, alongside with efforts that cultivate the appropriate cultural values within the bank from top down.”

How is supervision made more challenging by a reliance on judgment?

2.2.2a Many participants describe challenges with engaging management teams and boards on questions related to culture risk supervision.Many participants describe challenges with engaging management teams and boards on questions related to culture risk supervision.

“Supervisors look to the board, as the highest governance authority, to do the controlling. But in reality, many boards are unable to monitor this closely or influence behavior to align with what the board has aspired to.”

Why have supervisors found it challenging to identify and assess culture-related risks prior to a risk event?

2.3.2c Some participants note that data is sometimes collected but then it may be unclear how it may be properly used for risk assessment or enforcement.

“I don't want to see [culture] metrics becoming just another quantitative tabulation of so called objective parameters. Culture is hard to measure.”

3.1.2c Some participants noted that questions as to whether and how culture should be approached by conduct regulators vs prudential regulators can create organizational challenges.

“Prudential concerns are easier for both supervisors and banks to understand. They know what prudential safety is about. In contrast, conduct is a perennial problem.”