Backgrounder: Culture Risk Management – Regulatory Notice
Backgrounder -
Overview
The Regulatory Notice on Culture Risk Management sets expectations for managing culture risk. It focuses expectations on:
- governance of culture risk
- fostering a desired culture
- enterprise-wide culture management
The Regulatory Notice applies to all financial institutions, including foreign bank branches and foreign insurance company branches. It is the result of an extensive consultation process over the past three years. The Notice integrated stakeholder feedback, including the suggestion for more practical guidance, which OSFI has incorporated in the form of questions to help institutions with implementation.
Why it’s important
An institution’s culture supports sound decision-making, prudent risk-taking, and effective risk management. It can materially support or weaken a financial institution’s safety, soundness, integrity and security.
The Regulatory Notice on Culture Risk Management guides stronger oversight of financial institutions that supports a sound financial system by streamlining and clarifying expectations for an enterprise-wide approach.
Links to other OSFI guidance
Institutions should refer to the expectations of boards of directors set out in the Corporate Governance Guideline, and expectations for branches set out in Guideline E-4 on Foreign Entities Operating in Canada on a Branch Basis.
The Regulatory Notice on Culture Risk Management also supports integrity and security expectations outlined in OSFI’s Integrity and Security Guideline.
Effective date
The Regulatory Notice on Culture Risk Management is effective immediately.