Conduct risk is the threat of financial loss to an organization caused by the poor judgment of managers and employees. Conduct risk management gained more attention in the corporate sector, and especially the financial field, after it was revealed that unethical behavior was a primary cause of the 2007 global financial crisis.
A sound governance framework should help drive a positive culture that makes compliance and ethical behavior a responsibility for every employee, at all levels. Rather than measuring or providing an opinion on culture, Internal Auditors is increasingly including substantive testing of culture, holding a mirror to the organization on what staff have shared confidentially across each individual audit, and across multiple audits across the organization.
As the third line of defense, internal audit provides an independent and end-to-end view on how those at the first line (business units) are encouraging and promoting the appropriate culture, and how the second line (risk and compliance) is monitoring and challenging the organization to keep on the right path.
Traditionally, internal audit (IA) has focused on providing assurance with respect to known risks and the effectiveness of controls in mitigating those risks. Regulators, however, are increasingly interested in an organization’s ability to identify blind spots, unknown risks, and other vulnerabilities that may undermine the integrity of the risk management environment, including the risk of misconduct.
When we talk about ‘conduct risk’ we often go on to describe the risk of customer or client product controls failing, or maybe, \'treating customers unfairly\'. And, as we know, conduct is on the radar of regulators, leading to penalties or even delicensing. This course leads you through strategies for auditing this subject.
Who should attend?
The course is open to all.
What will I learn?
Upon completion you will be able to: