To continue reading the rest of this article, please log in.
Create free account to get unlimited news articles and more!
The final report of the Prudential Inquiry into the Commonwealth Bank of Australia (CBA) has been released today (1 May), outlining concerns relating to the governance, culture and accountability within the CBA Group, after several “incidents” were brought to light that “damaged the reputation and public standing of CBA”.
The report includes a range of issues that have been brought to light in the past year, including misconduct by financial advisers, mis-selling of insurance and allegations that it rigged the bank bill swap rate and had repeatedly breached anti-money laundering and counter-terrorism laws.
Building on from its progress report, the panel conducting the inquiry — comprising Dr John Laker AO, chairman of the Banking and Finance Oath; company director Jillian Broadbent AO; and Professor Graeme Samuel AC, Professorial Fellow in the Monash Business School — was damning in the censure of the bank’s behaviour over the past five years.
Success had “dulled the senses” of the bank
The panel argued that the bank’s continued financial success had “dulled the senses of the institution”, which was particularly apparent in the management of operational, compliance and conduct risks.
Of the many damning issues that the panel found were affecting the bank, the most worrying included:
- “inadequate oversight and challenge by the board and its committees of emerging non-financial risks”, “unclear accountabilities”;
- “a remuneration framework that, at least until the AUSTRAC action, had little sting for senior managers and above when poor risk or customer outcomes materialised (and, until recently, provided incentives to staff that did not necessarily produce good customer outcomes)”;
- weaknesses in how issues, incidents and risks were identified and escalated through the institution; and
- an operational risk management framework that “worked better on paper than in practice” supported by “an immature and under-resourced compliance function”.
Overall, it highlighted four broad and interlinked cultural traits that have impacted the bank. These include:
- “a widespread sense of complacency [that] has run through CBA, from the top down” which made the bank “desensitised to failings with customers”;
- a “slow, legalistic and reactive, at times dismissive, culture also characterised many of CBA’s dealings with regulators”, which had led to a “sense of ‘chronic ease’”;
- a lack of “intellectual curiosity and critical thinking about the ‘bigger picture’ and the full depth of risk issues”, which “inevitably limited CBA’s ability to learn, anticipate and adapt”; and
- the “collegial and collaborative working environment at CBA, which places high levels of trust in peers, teams and leaders” that has “impeded accountability and the individual ownership of risk issues” and “lessened constructive criticism and has led to slower decision making, lengthier and more complex processes, and a slippage of focus on outcomes.”
Speaking of the failings, the report reads: “These risks were neither clearly understood nor owned, the frameworks for managing them were cumbersome and incomplete, and senior leadership was slow to recognise, and address, emerging threats to CBA’s reputation. The consequences of this slowness were not grasped.”
As such, the report makes 35 recommendations for addressing these issues within CBA focused on five key levers:
- more rigorous board and executive committee-level governance of non-financial risks;
- exacting accountability standards reinforced by remuneration practices;
- a substantial upgrading of the authority and capability of the operational risk management and compliance functions;
- injection into CBA’s DNA of the “should we?” question in relation to all dealings with and decisions on customers; and
- cultural change that moves the dial from reactive and complacent to empowered, challenging and striving for best practice in risk identification and remediation.
Specific recommendations include establishing an effective Non-Financial Risk Committee at the group executive level, assessing remuneration outcomes for group executives to “reflect individual and collective accountability for material adverse risk management and compliance outcomes”, and “clear accountability for program delivery and remuneration consequences for unsuccessful outcomes”, among others.
“Do not allow financial success to mask or detract from other important measures”
APRA chairman Wayne Byres said that the inquiry panel’s findings show that CBA’s governance, culture and accountability frameworks and practices were in need of “considerable improvement”.
“CBA is a well capitalised and financially sound institution, but CBA itself had acknowledged shortcomings in governance, culture and accountability ahead of this inquiry. The comprehensive review, and set of recommendations set out by the panel, provides CBA with a clear path towards restoring its public standing,” Mr Byres said.
Mr Byres thanked the panel members for their work, saying that they had delivered “a comprehensive and high-quality report that goes to the heart of the issues that led to the damage to CBA’s reputation”.
“More importantly, the report’s recommendations provide a roadmap for the CBA board and executive team to deliver organisational and cultural change across the CBA Group,” the chairman said.
Mr Byres concluded: “The panel notes in its report that regaining community trust will require time, hard work and an undistracted risk and customer focus, and that its recommendations should assist the CBA board and staff in translating CBA’s undoubted financial strength and good intent into better meeting the community’s needs and expectations.
“[T]he findings of the report provide important insight for all financial institutions, particularly about the need to maintain a broad focus on all aspects of risk and stakeholder interest and not allow financial success to mask or detract from other important measures of an institution’s performance and risk profile.”
APRA has said that, given the nature of the issues identified in the report, all regulated financial institutions would benefit from conducting a self-assessment to gauge whether similar issues might exist in their institutions.
APRA has also said that its supervisors will also be using the report to aid their supervision activities and will expect institutions to be able to demonstrate how they have considered the issues within the report.
For the largest financial institutions, APRA will be seeking written assessments that have been reviewed and endorsed by their boards.
More to come.
[Related: CBA denies new AUSTRAC allegations]