Wells Fargo is one of the largest banks and most recognisable Financial Services (FS) brands in the world. In 2019 it was the world’s fourth-largest bank by market capitalisation and with operations in 35 countries serving more than 70 million customers globally, it would appear to be the model of a well-run and successful business.
Yet earlier this month (21 February 2020) it was announced that Wells Fargo had settled with the United States Department of Justice (DOJ) and the United States Securities and Exchange Commission (SEC) to resolve investigations into Wells Fargo’s sales practices.
This included opening millions of fake customer accounts, collecting millions of dollars in fees, misusing customer information and damaging the credit rating of customers and this recent settlement of around $3 billion comes four years after the scandal first became public.
Risk management is a highly important element of business for all FS firms, but this case just highlights the need to include human risk in any risk management strategy and enterprise risk management software.
The Wells Fargo crisis
The recent financial penalty has been a long time coming for Wells Fargo and is the culmination of a long-term failure to manage risk effectively and to demonstrate good governance. The saga began in 2002 when the bank started setting particularly onerous sales targets, which led to staff setting up fake accounts and charging customers higherand / or unanticipated fees.
Who was responsible for this fraud has never been 100% clear. Initially, Wells Fargo branch workers took the blame, who were said to be responding to lucrative sales incentives from cross-selling and upselling. However, the blame was later shifted to a top-down pressure to open as many accounts as possible.
Quite how high the ‘top-down’ pressure went, is also unclear. But in January 2020, the former Wells Fargo chief executive John Stumpf was ordered to pay $17.5m by the Office of Comptroller of the Currency, the administrator of the federal banking system in the US.
In what was an extremely rare example of a banking executive being punished personally over a bank’s misconduct, Stumpf was also given a life ban from working in the financial industry, ‘in any manner’. Wells Fargo will hope the recent penalty will see this chapter in its history close, but perhaps some of the damage caused cannot be undone.
The danger of human risk
Human risk can come in many guises in an FS organisation. Simple human error is possibly the most common, but it’s also common enough to see disgruntled employees stealing data or not working hard enough because of tiredness or demotivation.
There was a significant increase in such behaviour after the financial crisis of 2008, according to a study by Oxial partner, the University of Applied Sciences Western Switzerland (Hes-so). Executives from European private banks were interviewed, and evidence found of neglect and a lack of leadership. This led to a toxic corporate culture, with employees left wanting revenge against those they perceived to be responsible.
Such acts of revenge included: stolen data; abuse of internal or customer accounts; and unjustified charges applied to customers – all familiar sounding to those cited in the Wells Fargo case. This failure to manage risk effectively and to deploy risk management software to mitigate such risk can have an impact on profits but also leave a permanent stain on the company in question’s reputation and brand.
Mitigating human risk with enterprise risk management software
Reputation in FS is very important – which customers would want to keep their money with an organisation that has been proven to not behave properly and that has been found guilty of misconduct? There is more choice than ever in FS, so customers – B2C or B2B – have no real reason to reward banks with unwarranted loyalty.
So, one must question why banks do not do more to mitigate this human risk much more effectively than they do. Operational risk management is a well-established part of business in 2020 and organisations are more prepared to invest in the best enterprise risk management software to ensure that more traditional risks – cyber-attack, non-compliance, economic turbulence – are managed and mitigated.
Oxial has always been aware of the potential threat with human risk and has also included that as part of its risk management solutions. We have a long history working with FS organisations and our technology can help identify and amplify the weak signals that signify signs of employee unrest of misconduct.
We also work with a range of partners that can help assess the impact of risk and can advise on what measures should be taken to minimise and mitigate that. It’s a flexible, accessible, comprehensive and affordable risk management software that adds to clients right from the off.
Whether Wells Fargo had truly factored in human risk during its period of misconduct is not clear, but any FS organisation should take this threat seriously. Please get in touch with one of our risk management experts if you think that your firm could benefit from managing human risk better.
