Salz Review - Wall Street Journal
Salz Review - Wall Street Journal
Salz Review - Wall Street Journal
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Salz</strong> <strong>Review</strong><br />
An Independent <strong>Review</strong> of Barclays’ Business Practices<br />
154<br />
12.20 We consider that the Group-wide management and Board Risk Committee oversight<br />
of these risks would be improved if the management information provided included<br />
a more granular assessment of risk against appetite to identify divergence.<br />
Recommendation 28: Risk culture and control framework<br />
To develop a consistently strong risk culture, Barclays should communicate<br />
clear statements as to its Group risk appetite for all types of risk; embed<br />
adherence to Group risk appetite into all business units; reinforce limits with<br />
strong management action for breaches; and embed risk and compliance criteria<br />
in performance evaluations, and in remuneration and promotion decisions.<br />
Barclays should review its control framework and ensure that it covers all risk<br />
types and clearly articulates roles and responsibilities across the three lines of<br />
defence. The business (front office) responsibility for risk should be reinforced.<br />
Barclays should endeavour to embed the framework consistently in all its<br />
businesses.<br />
Conduct and Operational Risk<br />
12.21 Conduct and operational risk management in the banking industry are less mature<br />
than credit and market risk management. While Barclays has not had a formal<br />
conduct risk framework, it has had an operational risk framework for some time and<br />
has developed its capability to quantify operational risk losses and capital.<br />
12.22 Following the incidents described in Section 6, in June 2012 Barclays enhanced its<br />
product approval process, with approvals required at various points in the product<br />
development process. It required a product risk assessment considering control<br />
environment reliability, intended customer outcomes and internal capabilities. In<br />
addition, Barclays introduced a product review process to review continually the<br />
suitability of existing products.<br />
12.23 Both internal control and regulatory compliance concerns suggest, however, that<br />
conduct and operational risk have not been managed as the framework intended.<br />
― The extent of control and compliance issues in the investment bank following<br />
the Lehman acquisition suggests that management may not have adequately<br />
prioritised operational risk matters in the integration plan.<br />
― Barclays has complex systems which have not been integrated and necessitate<br />
manual intervention, including in critical areas such as risk-weighted asset<br />
calculations, client money segregation and transaction reporting.<br />
― Operational indicators for risks, which are difficult to quantify, are less well<br />
developed, reducing the effectiveness of key management and Board<br />
Committees.<br />
12.24 As we noted in Section 6, there were also several crystallised conduct risk matters:<br />
― Barclays’ fine for attempted LIBOR manipulation in the investment bank;