FCA Conduct Risk Management is vital for ensuring firms act in the best interests of their clients and maintain market integrity. It goes beyond compliance by embedding a culture of ethical behaviour, transparency, and accountability.
Managing conduct risk — including non-financial risks such as reputational damage, culture, customer outcomes, and operational integrity — helps prevent regulatory breaches, enhances customer trust, and reduces the likelihood of harm to both consumers and the firm. In a regulatory environment that increasingly prioritises fairness and duty of care, effective conduct risk management is not just beneficial — it’s essential.
As with all our downloads, ‘+’ indicates Risk Navigator Membership or above, & ‘++’ Compliance Champion or above Membership.
Behavioural Misconduct
❌ Bullying or harassment (including micro-aggressions)
❌ Integrity breaches (e.g., lying to regulators or falsifying records)
❌ Abuse of position or trust within the organisation
Culture and Ethics
❌ CRCE 1-1 Toxic workplace culture or leadership-driven fear-based environments
❌ CRCE 1-2 Lack of psychological safety for staff to speak up or raise concerns
❌ CRCE 1-3 ‘Hero’ cultures that tolerate rule-breaking for performance outcomes
✅ Customer-Facing Conduct Risks
❌ Mis-selling: Recommending products unsuitable for the client’s needs or financial situation
❌ Poor disclosure: Inadequate, misleading, or overly complex information to customers
❌ Unfair charges: Hidden fees, excessive penalties, or unclear pricing models
❌ Unsuitable advice: Especially under MiFID II or Consumer Duty frameworks
❌ Onboarding discrimination: Inconsistent treatment of customers (e.g., vulnerable customers)
❌ Complaint mismanagement: Delay, deflection or failure to treat complainants fairly
🧮 DE&I Shortcomings
❌ Failure to monitor or improve representation and inclusion
❌ Unequal pay, opportunity, or advancement
❌ Bias in hiring, promotions, or disciplinary actions Conduct Risks Employee Driven
👥Conduct Risks Employee Driven
❌ Incentive misalignment: Sales bonuses or KPIs encouraging poor customer outcomes.
❌ Insufficient training: Staff unaware of compliance or ethical obligations.
❌ Personal conflicts of interest: Undisclosed or unmanaged personal benefits.
❌ Inappropriate personal conduct: Harassment, bullying, or misconduct at work.
🧑⚖️ Governance Failures
❌ SMCR role confusion or abdication of accountability.
❌ Poor board oversight on conduct matters.
❌ Inadequate challenge or diversity of thought in senior decision-making.
✅ Product & Service Conduct Risks
❌ Poor product governance: Products not tested for suitability or targeted incorrectly.
❌Inadequate product disclosures: Not meeting PROD and Consumer Duty requirements.
❌ Failure to test for foreseeable harm: No evidence of outcome testing or scenario analysis.
Leave a Reply