Regulatory Scrutiny in APAC: Strengthening Conduct Risk Management in Financial Institutions

Summary

• APAC regulators, including MAS and HKMA, are tightening conduct risk oversight following high-profile misconduct cases.

• Financial institutions struggle with defining benchmarks, using risk analytics, and integrating data, limiting proactive misconduct detection.

• Strengthening conduct risk management requires policy updates, automation, enhanced 1LoD controls, and data analytics.

Driven by increasing regulatory scrutiny and hefty fines, consumer protection and conduct risk management emerged as a critical focal point for financial institutions (FIs) worldwide. Asian regulators like the Monetary Authority of Singapore (MAS) and the Hong Kong Monetary Authority (HKMA) are sharpening their oversight, particularly in response to recent misconduct cases.

These actions show that regulators are increasingly becoming vigilant about conduct risks, focusing on accountability at both institutional and individual levels.

The private banking segment has traditionally required more stringent conduct risk monitoring due to its bespoke products, complex pricing, and cross-border activities. However, in recent years, regulators have increasingly focused on conduct risk within the retail and mass affluent banking segments.

In 2021, MAS revealed weaknesses in the implementation of safeguards for selected clients (SCs), a group determined through criteria, such as age, education level, and language proficiency. This focus stems from Singapore’s ageing population,⁴ which includes retirees who may be more vulnerable to mis-selling, as well as a financial literacy gap,⁵ where 1 in 2 adults identify as financially illiterate.

In response, MAS issued two consultation papers in 2021⁶ and 2024,⁷ respectively, seeking feedback on proposed enhancement to pre- and post-transaction safeguards for retail clients, particularly SCs. If implemented, FIs will be required to:

Regulators in Hong Kong are also tightening oversight. In a December 2024 circular,⁸ the HKMA noted that audio recordings have proven effective in ensuring proper records of sales processes for suitability and disclosure, urging banks to streamline this process for better risk management.

Also, in an August 2024 circular,⁹ the HKMA urged all FIs to explore big data analytics, including GenAI, to improve consumer protection. This includes identifying SCs who may need additional support, financial education, or further clarification on product features, risks, and disclosure terms.

Implementing an effective conduct risk management programme remains a significant challenge for FIs in an evolving regulatory environment. As FIs face increasing scrutiny, they must navigate various complexities to ensure ethical behaviour and compliance.

Below are some of the key challenges hindering the development of robust conduct risk management frameworks:

Challenge 1: Measurement and benchmarking

Defining clear, measurable indicators of conduct risk is challenging for FIs due to the absence of industry-wide benchmarks. FIs struggle to assess their performance relative to peers, making it difficult to determine whether their conduct risk management efforts are effective or adequate.

Challenge 2: Underutilisation of risk analytics

Many banks fail to fully leverage advanced risk analytics to detect and predict misconduct among their client-facing staff. Instead, they often rely on traditional methods, such as post-transaction quality checks, which may not effectively capture subtle behavioural patterns leading to misconduct. This underutilisation of analytics impairs proactive risk management and hinders the development of more sophisticated conduct risk frameworks.

Challenge 3: Technology integration and data aggregation

Data is often dispersed across multiple systems with varying formats, making integration a significant challenge. The lack of standardised data complicates the process of creating a unified view of conduct risks. Without automation, consolidating data requires extensive manual effort, increasing the risk of errors and inefficiencies and making the use of risk analytics even more difficult.

Considering recent regulatory fines and evolving regulations, FIs must take proactive steps to strengthen their conduct risk management frameworks. Implementing the following measures can help FIs ensure compliance and manage risks effectively:

1. Review and update existing conduct risk-related policies and procedures

FIs should regularly review and update their conduct risk policies and procedures to ensure they are robust and aligned with the latest regulatory standards. This includes:

• Strengthening the client classification framework: Develop clear, detailed criteria for identifying and managing SCs to ensure consistent and effective risk management.

• Revising procedures: Incorporate comprehensive pre-trade suitability checks, involve trusted individuals as required, and enhance documentation protocols to maintain thorough records of all client interactions and decisions.

2. Automate the SC identification process and pre-trade alerts

Automation can significantly improve efficiency and accuracy in identifying SCs and managing pre-trade processes. This includes:

• Automating SC identification: Utilise predefined criteria, such as age, language proficiency, and financial literacy, to automate the identification of SCs, reducing human error, and ensuring consistency.

• Enhancing CLM and order management systems: Integrate real-time pre-trade alerts into client lifecycle management (CLM) and order management systems. These alerts should flag SCs during order-taking and remind relationship managers (RMs) to involve trusted individuals when necessary.

3. Enhance the existing 1st line of defence (1LoD) ex-post control framework

Improving the first line of defence is crucial for effective conduct risk management. This includes:

• Uplifting control frameworks: Increase monitoring of RMs to ensure adherence to SC identification processes and pre-trade checks.

• Utilising smart sampling methods: Implement intelligent sampling techniques to optimise sample sizes, maintaining control effectiveness while improving efficiency.

4. Leverage data analytics to pre-emptively identify risky RMs

Data analytics can be a powerful tool in identifying and mitigating conduct risks associated with RMs. This includes:

• Developing RM conduct risk scoring models: Create models that analyse transactional patterns and RM behaviour to identify RMs with higher potential for non-compliance.

• Dynamic dashboards for targeted interventions: Use real-time, dynamic dashboards to monitor RM risk profiles and enable timely, targeted interventions for those with elevated risk levels.

By adopting these measures, FIs can build a more resilient conduct risk management framework that not only meets regulatory requirements but also promotes ethical behaviour and safeguards client interests.

How can Synpulse help?

Synpulse has been a trusted partner to the global financial services industry for over 25 years, assisting institutions in navigating today's challenges and seizing tomorrow's opportunities in a rapidly evolving regulatory environment.

We achieve this through:

• Extensive industry experience in the Asian market: Our deep understanding of the region's financial landscape positions us to offer insights and solutions tailored to local and international market dynamics.

• Subject matter expertise in regulatory compliance and risk: We bring specialised knowledge to help institutions stay ahead of regulatory changes and manage risks effectively.

• Front-to-back project implementation successes: Leveraging our proven change management expertise and adaptable project management methodologies, we ensure the successful execution of projects across different scales and complexities.

• Access to global ecosystem partners: We collaborate with leading technology providers to offer innovative solutions that best meet our clients' needs.

Our expertise in non-financial risk management and data analytics empowers FIs to:

• Conduct comprehensive regulatory gap analyses: We identify areas of non-compliance and recommend actionable steps to meet regulatory standards.

• Optimise risk and control frameworks: Synpulse works with FIs to review and refine our clients’ existing frameworks, aligning them with evolving regulatory requirements and industry best practices.

• Implement advanced analytics solutions: We deploy cutting-edge tools that enhance risk identification and enable predictive modelling, improving the institution's ability to foresee and mitigate potential issues.

• Integrate regtech solutions: Synpulse helps institutions leverage regulatory technology to streamline compliance processes and reduce operational challenges.

• Tailor segment-specific strategies: With a strong understanding of retail, mass affluent, and private banking, we deliver customised solutions that address the unique challenges of each segment.

^References:

^{1. SFC bans Chan Ka Him for life for insurance fraud (SFC, 6 January 2025).}

^{2. MAS Imposes Civil Penalty of $2.4 million on JPMorgan Chase Bank, N.A. for Misconduct by its Relationship Managers (MAS, 2 December 2024).}

^{3. MAS issues Prohibition Orders against Mr Loh Sheng Yang for Cheating, Forgery and Acquiring Benefits of Criminal Conduct (MAS, 26 November 2024).}

^{4. Aging population of Singapore - statistics & facts (Statista, 21 December 2023).}

^{5. 7 Financial Literacy Statistics in Singapore: Survey Findings (2025) (SmartWealth, 6 January 2025).}

^{6. Consultation Paper on Enhancing Pre and Post-Transaction Safeguards for Retail Clients (MAS, 24 August 2023).}

^{7. Consultation Paper on Enhancing Pre and Post-Transaction Safeguards for Retail Clients (MAS, 24 August 2023).}

^{8. Streamlining of Audio-recording Requirements for Sale of Investment and Insurance Products (HKMA, 20 December 2024).}

^{9. Consumer Protection in respect of Use of Generative Artificial Intelligence (HKMA, 19 August 2024).}