A failure to manage financial risks among banks triggered the 2008 Financial Crisis, costing Americans more than $10 trillion. The next crisis may well follow from their failure to manage “conduct risks.”
The standard method for addressing conduct related risks in the banking sector is an exercise in what might be called “applied hindsight”: we identify and inspect misconduct only after it has taken place or is discovered to be well underway. Over the last decade, this too-little-too-late approach has led to hundreds of billions of dollars in punitive fines levied by governments and industry sector regulators, notwithstanding the billions that the banks have spent annually on their governance, risk, and compliance control infrastructures.
After the collapse of Wirecard last summer, in the wake of a years-long fraud that was missed by German regulators despite “hiding in plain sight,” followed then by the leak of the “FinCEN Files,” reporting on suspicious trillions flowing through global banks, many are asking – yet again – why financial sector misconduct appears to be so intractable.
Our answer is simple: such misconduct persists because it is permitted to.
Misconduct scandals occur in every industry, of course, but in the financial sector they seem almost commonplace. As 2020 drew to a close, conduct- related governance lapses were seen to have led to enforcement actions at several systemically significant global banks, and billions of dollars in punitive fines. Because they are ‘Too Big to Fail,’ these firms are rarely prosecuted. Rather, they are forced into Deferred Prosecution Agreements and Consent Orders that commit them to doing better going forward, and that require them to set aside enhanced budgetary resources that typically go to fund solutions that promise “more of the same – but better.”
Shareholders carry these financial costs. But persistent misconduct scandals exacerbate a loss of faith in the industry and also work to erode public faith in our core institutions as well. This is a cost that society is made to carry, and the public outrage that understandably follows from such intolerable “negative externalities” compounds their harm. As Banco Santander’s Ana Botín reminds us, over a decade on from the Financial Crisis, bankers remain distrusted around the world, directly contributing to today’s political populism and civil discord.
In recent years, financial industry regulators have formed the view that misconduct follows from “toxic cultures” that promote illicit self-dealing and other forms of malfeasance. Increasingly, they are turning their supervisory attention to such ‘soft stuff’ in the course of their oversight. Unsure what will satisfy regulatory inquiry in this direction, banks struggle to produce regular, credible and compelling evidence that they have their conduct risks well in hand.
Here, predictive technologies can be of help.
Banks invest heavily in predictive technologies that allow them to anticipate behavior externally: tools that forecast market movements, for instance, affording them some investment “edge”; or marketing tools that permit for ‘precision targeting’ of those consumers most likely to respond favorably to advertised offerings, and tools that assess the risk a borrower will default.
But when asked to anticipate their own internal behavioral propensities among their own staff, these same firms regularly insist that such targeted foresight is impossible to achieve. An intolerable air of resignation hangs over the industry: human behavior is unpredictable, bad apples will poison the barrel, it is what it is, what’s to be done? Psychologists call this sense of powerlessness and futility “learned helplessness.” But such torpidity is no longer defensible: we now have tools that permit for higher standards in conduct risk identification and mitigation.
We have demonstrated that it is possible to sift through standard company data sets to identify where risk-management failures are most likely to appear— before they occur— and to identify where a propensity for misconduct is most likely to spread, contagion-like, to permeate a firm. When armed with such foresight, leaders can take proactive measures and direct scarce risk-management resources in a more timely, efficient and effective manner. We all benefit by this.
As Einstein once quipped, “intellectuals solve problems; geniuses prevent them.” This is a time for genius. As trillions in taxpayer dollars are funneled through the banking sector to support pandemic- strained businesses and households, we have already seen abuses of these critical support programs. Popular backlash is inevitable as more abuses are (inevitably) discovered.
This will not just damage the industry; it will sap support for the extraordinary measures needed to get our economy growing again, and further erode public faith in capitalism—and even in our already-strained democracy itself. When he chaired the Financial Stability Board, Mark Carney argued that firms require a “social license” to operate. They must demonstrate an ability to prevent misconduct, not merely to punish it, if this social license is to be maintained.
An airline that cannot assure the safety of its aircraft before takeoff is not allowed to put planes and passengers in the air. With people’s livelihoods and the integrity of our financial system at stake, why should we permit financial institutions to exercise lesser standards of vigilance?
If bankers cannot muster the gumption to protect the interests of their customers, shareholders and the societies that host them, they may well expect a Biden Administration and the next Congress to step in and force the issue.
This piece first appeared in The American Banker on January 26, 2021 under the title "BankThink It's not enough for banks to admit misconduct. They've got to prevent it."
JAMES FREIS was the longest- serving Director of FinCEN and was made CEO of Wirecard after he exposed the fraud that led to its collapse. He is a member of the Risk & Governance Advisory Board at Starling.
THOMAS CURRY was appointed by Barak Obama to serve as Comptroller of the Currency, the U.S. agency that regulates and supervises national banks. He is a Senior Regulatory Advisor to Starling.
GARY COHN is Vice Chairman of IBM, was President and COO of Goldman Sachs, and served as Director of the National Economic Council in the White House. He leads the Risk & Governance Advisory Board at Starling.
STEPHEN SCOTT is a risk management expert and CEO of Starling, a globally recognized leader in the RegTech space. Operating at the nexus of data science, network science, and behavioral science, Starling's Predictive Behavioral Analytics tools are used by leading financial services firms to assess and mitigate culture and conduct related risks.