What does your bonus system say about your risk culture? And how does that affect People Risk?

  • Subscribe to updates

  • Privacy
  • This field is for validation purposes and should be left unchanged.

In this blog we talk about pay, reward and bonuses and their effect on managing people risk. Operational Risk Software can be key to supporting this discipline.   

Taken from: Mastering Risk Management 

Reward

Rewards are a key lever to drive employee performance, engagement and retention, as well as hiring. But reward is not just about remuneration. Remuneration – base pay, variable pay, share options, other benefits – is the financial aspect of reward. 

There are non-financial aspects of reward which can be just as important to employees. Recognition – whether praise from the boss, leadership attention, or empowerment and responsibility – is important to all of us, as is the opportunity to develop skills, career opportunities or to have a work-life balance that suites the employee. They all form part of the overall reward package and may be decisive in retaining a valued employee or recruiting a new one – just one aspect of people risk mitigation. 

Promotion is also part of reward. If you seriously believe in the firm’s values, you do not promote somebody whose behaviour fails those. If you do, forget your thoughts about culture. 

Remuneration, like appraisals, should reinforce the performance and behaviours we require and discourage unwanted behaviour. It should be based on what the firm considers to be good performance and help the business achieve its strategic objectives, which should themselves be rooted in sound risk management and a healthy risk culture. The purpose should be long-term sustainability. People are being entrusted with the firm’s capital and brand over the long term. 

Incentives are intended to change behaviour, especially short term. However, they can be a force for bad as well as good. On the one hand, if incentives are insufficiently high powered, they are unlikely to have a significant impact on managers’ behaviour. On the other hand, high-powered incentives may create unintended consequences, including excessive risk taking. If remuneration is linked to performance targets, both financial and non-financial, which are closely allied to business objectives, you will have gone a long way to linking remuneration also to risk appetite.

Another reflection of the balance between reward and risk is the balance between fixed and variable remuneration. Bonuses are not an evil in themselves, but they should be used to drive non-financial behaviours and performance as much as respond to the achievement of targets and profitability. 

The word ‘bonus’ is itself emotive in the eyes of the public and politicians. Following the banking crisis, guidelines were published on remuneration for banking and financial services. In the guidelines, it was suggested that where a significant proportion of remuneration is in the form of a performance-related bonus, the majority should be: 

  • Deferred for a minimum period (which will reflect the risks involved in the transactions giving rise to the bonus)
  • Subject to claw-back (on the deferred elements)
  • Risk-adjusted, through quantitative criteria and human judgement, and reflect all types of risk.

Ideas which often lead to higher risk, might be: 

  • Salaries and bonuses based on volume, profitability or productivity
  • Staff whose pay is largely or entirely variable
  • Payments that are dependent on reaching targets or thresholds
  • Commission rates that vary with volume or by product
  • Incentives for selling finance that is linked to the sale of other physical goods, or sales of non-financial products that may be purchased with finance. 

In principle, awarding performance bonuses in the form of shares should align reward with shareholder value. But it can mean that executives spend more time trying to manipulate the share price than running the business properly and profitably over the medium to long term. In fact, economic theory suggests that equity-based variable remuneration schemes tend to increase the risk appetite of managers. 

An additional point made in the guidelines is that there should be greatly increased public disclosure of the basis for remuneration. Of far more importance from a people risk management point of view is that the internal culture of openness and transparency should extend to remuneration. People are entitled to know the basis on which they and their peers will be remunerated, so that they see the process as being fair and open. There has to be differentiation in pay, otherwise remuneration loses its power to incentivise good performance and drive out bad behaviours. But the reaction is often to shroud remuneration in secrecy. The risk of upsetting people by paying them at different levels is dwarfed by the negative impact of being secretive. 

Finally, who polices remuneration and remuneration policies? Apart from externals such as investors, the media and legislative committees – all of whom seem reasonably ineffectual – there are the board and the remuneration committee. Boards must tie remuneration back to performance criteria which are transparent. In addition, there are various drivers which support remuneration policies: 

  • Market discipline – does the market oblige firms and individuals to behave in ways that are consistent with regulatory goals?
  • Business model – does this include fair treatment of consumers and risk-taking?
  • Governance – if the board establishes a fair business model, do governance arrangements (e.g. controls) ensure that the model will be followed?
  • Behaviour – business models and governance (systems and controls) are designed with rational responses in mind: do they allow for realistic behavioural biases?

Not only will that mean that excellence will justifiably and publicly be rewarded, but poor performance, including that of the CEO, can be immediately dealt with, again, justifiably and publicly. 

In our next blog we discuss Mitigating People Risks.    

Mastering Risk Management by Tony Blunden and John Thirlwell is published by FT International. Order your copy here: https://www.pearson.com/en-gb/subject-catalog/p/mastering-risk-management/P200000003761/9781292331317    

For more information about how Operational Risk software can help your organisation, contact us today on sales@risklogix-solutions.com 

Related Posts

Actionable Insights: Automating Workflows and Assigning Tasks for Effective Operational Risk Management
In the dynamic financial services landscape, operational risk data has emerged as a strategic asset for organizations seeking to strengthen their resilience and business performance. By harnessing all available data sources, including expert-driven assessments like Risk and Control Self-Assessments (RCSAs), and integrating them into robust technology platforms, firms can gain unparalleled insights into their risk …

Actionable Insights: Automating Workflows and Assigning Tasks for Effective Operational Risk Management Read More »

Data is King: Building a Golden Source of Risk and Control Information for Banks
In the ever-evolving world of financial services, data has emerged as the new ruler, holding the capability to unlock operational proficiency, mitigate dangers, and confirm adherence to regulations. For banks, possessing a centralized, thorough, and easily accessible collection of risk and oversight material is no longer an extravagance; it’s an indispensable necessity for survival and …

Data is King: Building a Golden Source of Risk and Control Information for Banks Read More »

How to Foster a Culture of Risk Awareness in Your Bank: The Role of GRC Technology
The financial industry underpins the entire economic system by fostering trust and stability. Banks, a cornerstone of this ecosystem, play a critical role for individuals and businesses alike. For individuals, they act as trusted custodians, safeguarding hard-earned assets in the form of checking and savings accounts.  On a broader scale, banks facilitate commerce by offering …

How to Foster a Culture of Risk Awareness in Your Bank: The Role of GRC Technology Read More »