We are all aware that breaking someone’s trust can take months, if not years, to repair. What if that ‘someone’ was your customer and it wasn’t just one customer, it was thousands?

Historically the banking industry was ranked as one the most highly trusted industries since the end of World War II. The GFC of 2008 put an end to that. What followed in the years after served to erode trust even further through the uncovering of banking scandals and misconduct across the globe.

Closer to home the Hayne Royal Commission has directly called into question the integrity of our financial institutions. Indeed some scandals are still coming to light now through recent court cases and multi-million dollar remediation programmes to compensate thousands of affected customers.

So how do you rebuild that broken trust? Show them you’ve changed. Show them you’ve learnt from your mistakes. And do all you can to ensure you don’t repeat the past.

Now more than ever firms have the opportunity through good conduct to increase their opportunities to gain ‘profit with purpose’ after all trust underpins an organisation’s social licence to operate.

Firstly, do you know how trustworthy your organisation is? In KPMG’s report Trustworthy by design: a practical guide to organisational trust constructive questions are provided to assess the trustworthiness of organisations across six elements of an organisation’s infrastructure.

At the heart of this is the need for firms to go above and beyond to deliver fairer – even exceptional – outcomes for their customers.

In turn reaping financial rewards by building a more sustainable business model.

To be able to deliver this firms need ‘good’ conduct', and good conduct starts from within with your conduct risk framework at the centre.

So you’re learning from your mistakes and you’re implementing a conduct risk framework to ensure the past is not repeated. But what does good conduct actually look like? Taking learnings from the UK and across the globe here is a brief summary of what ‘good’ looks like across the framework.

Firms need to move away from a business strategy that is focused on commercial drivers and profit and skewed towards shareholder return. To achieve ‘good’ firms need a clear and transparent business strategy that is aligned with fair and suitable outcomes for customers and market integrity. The firm’s values must also reflect this and resonate with employees to allow them to be used proactively to embed the right behaviours across the firm.

There must also be clear links between key areas such as strategy, business model, risk management, processes, controls, people and culture, with a focus on managing conduct. It is also important to have defined conduct outcomes or principles that are linked to the strategy and values of the firm.

The 2019 ASIC Corporate Governance Taskforce review into Australia’s largest financial services companies highlighted shortcomings in the oversight and management of non-financial risks. A key finding was that the risk appetites of several companies did not appear to match their actual tolerance levels. This was shown by these companies consistently operating outside their boards’ stated risk appetite.

An organisation’s conduct risk appetite statement (RAS) provides management and the board with an effective lens to identify and mitigate both current and emerging risks and therefore must reflect the firm’s actual risk position as well as being aligned with its overall strategy, values and key stakeholder expectations.

A well-positioned RAS allows the firm to demonstrate good conduct through an understanding of its risk position and a dissemination of clearly articulated risk management through policies, standards and business procedures which are understood and enacted throughout the firm. This also allows the conduct risk appetite to be actively considered in key business decisions.

To measure compliance with the RAS, key risk indicators (KRIs) should be established to serve as early warning indicators of issues requiring monitoring, root cause analysis or remedial action. Robust KRIs are integral to achieving this and rely on information sourced from across the business.

As an example firms can look toward cancellation rates of products within and outside of cooling off periods as a KRI and one potential indicator of mis-selling. Customers may feel pressure to buy the product but on reflection it may not be suited to them and their circumstances or may be unaffordable.

Accountability is key in underpinning the conduct risk framework. Organisations must take the time to clearly articulate and design their accountability model. At an individual level there must be accountability for managing conduct in their area including demonstrating that they are taking 'reasonable steps' to do the right thing for customers and markets.

We’ve seen across the globe the implementation of senior accountability regimes since 2016 with the launch of SMCR in the UK, to BEAR in Australia, MCR & MAI in Hong Kong, and Ireland announcing their forthcoming regime, SEAR, in 2019.

These regimes when coupled with firm-wide conduct behavioural expectations, such as the Conduct Rules (UK) or Conduct Standards (IRL), truly then have impact across the organisation as it embeds the right behaviours and calls to account all employees from back-office to front-office, customer facing and support functions. Indeed the FCA in the UK is reporting seeing a shift in the conduct landscape to focus on behavioural testing within organisations.

The Operating Model touches on the following areas that must all be aligned with the desired outcomes:

• governance and organisation
• products, markets and clients
• business processes
• technology and data
• people
• conduct-related metrics and MI.

Firms that have ‘good’ operating models have robust policies and control standards processes in place to enable staff to make sound and timely judgements. Culture is also critical; firms must operate in an open and transparent environment that enables employees to raise concerns and issues confidently without fear of repercussion.

Conduct MI should be reported in a way that enables meaningful discussion and is used to make informed decisions. A common failing is that firms have the data, but no idea of how to use it proactively and align metrics with desired outcomes. This results in metrics and packs being reported to Board Risk Committees that are overly voluminous and so dense it’s hard for management to determine if there are key issues¹.

Organisations that have the best complaint management practices view complaints as everyone’s responsibility and complaints are recognised and valued as opportunities to rectify issues, drive continuous improvement and provide better customer outcomes. A key learning from KPMG’s insight article into customer-centric remediation is that customer complaint and remediation interactions should be moments that matter; a chance to build customer trust and loyalty and form a new and more engaged relationship.

If things go wrong customers want that to be recognised, to be treated fairly and to be put back in the position they’d be in if things hadn’t gone wrong.

In KPMG’s Major Banks Full Year 2019 Results Analysis report, costs associated with customer remediation increased 268 percent to $4.5 billion in FY19 compared to FY18.

But remediation isn’t only about issuing customer compensation. It’s also a key opportunity to rebuild customer trust and engagement, identify and repair processes, and evolve and simplify financial products to achieve better alignment with evolving customer needs.

To get this right, banks should balance an urgency to compensate customers with an effective communications strategy that places customer relationships at the heart of remediation programs. Employees across the organisation need to be engaged in the remediation process in order to create positive customer experiences.

Underpinning the framework above is ‘culture and behaviour’. This can be one of the most difficult areas to address as embedded behaviours and cultural assumptions are hard to shift.

Firms with good conduct culture have clearly defined expectations aligned with values. There is a clear tone from the top and leaders across the firm model good conduct culture and behaviours through their actions. They are ambassadors for the firm’s values, behaviours and the importance of conduct risk management, championing this through day-to-day customer-centric decision making.

Importantly, employees need to understand how conduct applies to their decisions and actions, and so this must be clearly communicated and processes put in place to enable employees to practice good conduct. Key points of contact, or conduct risk champions, can bring conduct principles to life across an organisation. This also serves as a gateway for management to understand the real activities and challenges faced by employees and can bring conduct metrics to life.

Not only this but under the ever-watchful eye of the regulator firms now must be able to evidence how they are managing conduct. Employees therefore need to be give the training and the tools to be able to do this.

Rebuilding broken trust takes time. It also takes action. Building a robust conduct framework is the cornerstone and first important step on that journey to restoring trust.

Show customers you’ve changed. Show them you’ve learnt from your mistakes. Do all you can to ensure you don’t repeat the past.

Those firms that go above and beyond to deliver fairer – even exceptional – outcomes for their customers will reap financial rewards by restoring trust and building a more sustainable business model.

Banking was once one of the most highly trusted industries – let’s reclaim that title!