The Royal Commission: Corporate culture spotlight - Where is all this heading

By James Beck / 03 May 2018

Article One – Setting the Scene

Headed by Commissioner Kenneth Hayne AC QC, the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry was established in 2017 to inquire into and report on misconduct in the banking, superannuation and financial services industries. The Commission was given the power to recommend changes to the Australian Government that is necessary to improve:

  • the legislative framework of the banking, superannuation and financial services industries;
  • the practices within those industries; and
  • the powers of the industry regulators, i.e. Australian Prudential Regulation Authority (APRA) and Australian Securities and Investment Commission (ASIC).

The Commission can also refer instances of misconduct by the banks and its officers or employees to relevant Commonwealth, State or Territory agencies who may pursue criminal or other legal proceedings.

Given the failings uncovered by the Commission since it began its hearings in February 2018, these industries should be prepared for a shakeup, from both a legal and governance standpoint, like never before. For example, Treasurer Scott Morrison warned wealth management company AMP Limited (AMP) that its executives could face ‘penalties which include jail time’ after misconduct involving overcharging customers and lying to ASIC was revealed.1 The CEO of AMP subsequently resigned and there are now calls for the AMP board to be held accountable for misconduct it had known about since at least May 2017.2

One theme that continues to arise at the Royal Commission is ‘culture’. For example, a senior executive admitted that the culture in ANZ’s financial planning business had put growth ahead of clients’ interests.3 Both ASIC and APRA have previously recognised that an inappropriate culture is at the root of many cases of corporate malfeasance, as this 2015 speech by then chair of ASIC, Greg Medcraft, reveals:

Culture matters to ASIC because poor culture can be a driver of poor conduct. Culture has been at the root of some of the worst misconduct we’ve seen in the financial sector. Looking at cultural problems can give us an early warning of where things might be going wrong to help us disrupt bad behaviour before it happens and catch misconduct early. Importantly, it helps with identifying not just individual instances of misconduct but broader, more pervasive, problems.4

Medcraft went on to say to directors that, if they did not fix the culture within their organisations, they left themselves open to law changes that would enforce it.5

The Schedule to the Criminal Code Act 1995 (Cth) (Criminal Code)6 sets out the general principles of criminal responsibility as it applies to corporations. Under the Criminal Code, a company can be convicted of criminal offences which have an ‘intent’ element. Importantly for boards, a conviction can result if it is established that the company had a ‘corporate culture’ that directed or encouraged, tolerated or led to non-compliance, or that the body failed to maintain a culture that required compliance with relevant legislation.7 However, it is likely that the Royal Commission will recommend establishing further legislation and regulation around culture, so company directors will be actually held to account for any future failures, and not just let off with a reprimand. For example, for serious criminal misconduct, directors could be liable for a breach of the duty of care and diligence, if the organisation’s culture contributed to that conduct.

We predict the focus on cultural accountability by directors will receive even more scrutiny than the harmonisation of work health and safety (WHS) legislation across the Commonwealth, states and territories, which began in January 2012. This legislation placed increased liability on directors, who must exercise a greater range of due diligence in relation to WHS, such as ensuring the organisation has appropriate resources and processes available to eliminate or minimise WHS risks arising from any work being done, and ensuring WHS and legal compliance.

The challenge for boards is to demonstrate proactive oversight of their organisation’s culture and the risks associated with that culture. As the Royal Commission is highlighting, rather than merely thinking about ‘corporate culture’, which can mean different things to different people, what boards should be focusing on is ‘people risk’, which specifically refers to the hidden attitudes and behaviours of employees and managers that can be found at the heart of all corporate scandals. A high people risk exposure can result in significant financial and reputational damage to an organisation.8 Indeed, we contend that effectively managing people risk, not undertaking staff engagement surveys, is the key for directors to demonstrate that they have oversight of their organisation’s culture.

Identifying an organisation’s ‘people risk’ requires advanced analytic techniques to unearth risky behavioural patterns that are hidden from the eyes of management and the board. Understanding your ‘people risk’ can expose the ‘shadow culture’of informal social rules and system-gaming by digging into the day-to-day attitudes of employees to identify clusters of high risk factors that could exist in any part of the organisation. Oversight of your ‘people risk’ requires specialised risk reports for boards and management, along with targeted remedial strategies to address areas of concern. The result is a more robust governance system that not only provides oversight for financial, regulatory and strategic risks, but also monitors the less visible risks within an organisation’s people and social systems that cannot be found in regular culture or employee engagement surveys.

This is the first of a corporate culture series produced by the experienced lawyers and governance professionals of HopgoodGanim and Effective Governance, that will provide directors and executives with practical legal and governance solutions to address the upcoming fiduciary duty of ‘cultural care’.

For more information or discussion, please contact James Beck, Managing Director of our Effective Governance team.

1. Frost, J., 2018, ‘Scott Morrison, ASIC warn AMP conduct could attract “jail time”’, Australian Financial Review, 18 April, accessed 20 April 2018,

2. Chanticleer, 2018, ‘Banking royal commission: Time for AMP to show board accountability’, Australian Financial Review, 20 April, accessed 23 April 2018,

3. Neil, M., 2018, ‘ANZ put growth ahead of clients' interests’,, 23 April, accessed 23 April 2018,

4. Medcraft, G., 2015, ‘Corporate culture and corporate regulation’, A speech by Greg Medcraft, Chairman, Australian Securities and Investments Commission, Law Council of Australia BLS AGM seminar (Melbourne, Victoria) 20 November 2015, accessed 23 April 2018,

5. Ibid.

6. Criminal Code, Part 2.5.

7. Corporate culture is defined in s 12.3(6) of the Criminal Code as ‘an attitude, policy, rule, course of conduct or practice existing within the body corporate generally or in the part of the body corporate in which the relevant activities takes place’.

8. Blacker, K. & McConnell, P., 2015, People Risk Management: A Practical Approach to Managing the Human Factors That Could Harm Your Business, London: Kogan Page.

9. Egan, G., 1994, Working the Shadow Side: A Guide to Positive Behind-the-Scenes Management, San Francisco: Jossey-Bass.

James Beck
Effective Governance
James is the Director at Effective Governance - Part of the HopgoodGanim Advisory Group.
Receive email updates of our new publications.