Conduct risk: delivering an effective framework

Conduct risk: delivering an effective framework

Every company faces a unique set a conduct risks based on their industry and size. Building an effective framework for managing that risk can be a Herculean task. We have identified six core areas to simplify the process.


Also on

Since the Financial Conduct Authority (FCA) took over the supervision of consumer protection in 2013, conduct risk has risen to the top of executive agendas.

Conduct risk is broadly defined as any action of a financial institution or individual that leads to customer detriment, or has an adverse effect on market stability or effective competition. The FCA has deliberately set out a very wide definition of ‘conduct risk’, leaving the onus on financial services firms to prove how they are protecting customers.

Businesses that fail to bring conduct risk in line face regulatory action, fines, and reputational damage, which can harm a business for years beyond the event. We have seen significant financial impact on firms due to conduct-related regulatory action—and it can all stem from the actions of an individual. 

Because there is a high public interest in conduct risk infringements, it is increasingly important to take a holistic view for an effective defence.

Identifying conduct risk

Most businesses stress the importance of senior executives playing a role in conduct risk, particularly in helping to raise the visibility of a programme. Firms with in-house initiatives are intrinsically better at identifying drivers of conduct risk, such as conflicts of interest.

Even with a conduct risk programme already in place, some firms still focus too much on crystalised risk, such as fines and losses, as opposed to developing forward looking risk indicators. Another core question to consider is: when does a product or behaviour move from being reasonable to unreasonable? We call this the tipping point analysis.

Drivers of conduct risk

Understanding and addressing the drivers of conduct risk is essential in improving standards of behaviour. While the starting point for this journey varies from firm to firm, there are three core areas at the root of conduct risk:

  • Inherent factors: These are characteristics intrinsic to financial markets and their participants, such as information asymmetries between firms and their clients or the financial capability of clients. 
  • Structures and behaviours: The financial sector itself has entrenched behaviours and conflicts of interests that could prevent markets from working as well as they could. 
  • Environmental factors: Macro-economic developments that have the potential to impact financial markets and in turn the long-term needs of consumers. Firms ineffectively responding to these pressures can lead to poor conduct outcomes.

While measuring conduct risk can be a challenge, it may be helpful to assess drivers through three lenses: specific business units; the overall firm; and the strategic medium to long term outlook.  

Putting the framework together

Conduct risk programmes should be tailored to the needs of each firm based on size, business model, and geographic reach. The framework should take into account both short and long-term goals. The firms we have seen with the most successful programmes have regular board-level reviews that assess and challenge the programme. Scenario planning is a key consideration.

While there is no one-size-fits-all solution, we have identified six core areas for a successful conduct risk framework that can be seen in the diagram below. It covers governance, culture and behaviour, inherent and external risk assessment as well as key conduct controls and conduct management information.

Click to maximise the model.

Putting the framework together

© 2021 KPMG LLP a UK limited liability partnership and a member firm of the KPMG global organisation of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organisation please visit

Connect with us


Want to do business with KPMG?


loading image Request for proposal

Save, Curate and Share

Save what resonates, curate a library of information, and share content with your network of contacts.

Sign up today