Financial services regulation.
In part, the increased interest reflects immediate concerns. A series of events in the 1990s revealed weaknesses in the market infrastructure and supervisory arrangements that allowed problems to develop and grow too long unchecked. The most prominent of these events include the closure by regulators of the fraudulent Bank of Credit and Commerce International (BCCI) in 1991, the sudden failure of the U.K. banking firm Barings in 1995 after suffering over $1 billion in losses from futures and options trading, distress in a large number of major banking markets in the early 1990s, and the recent severe declines in market prices of Asian currencies and financial assets.
The lessons from the first two, firm-specific problems differ somewhat from the lessons learned from the second two. BCCI and Barings both raise issues about:
1. The division of responsibilities between the home country and host country supervisors of internationally active financial institutions;
2. The extent and quality of information sharing among supervisors, especially across banking, securities and futures regulatory jurisdictions in the case of Barings;
3. The ability of supervisors to recognize inadequate risk management, financial control, and internal control within financial institutions;
4. The ability of management, major counterparties, customers, and supervisors to prevent fraud or detect it at an early point.
In addition, the sheer speed of Barings' demise challenged implicit assumptions about the time financial market participants and supervisors would have to respond to stress events in the marketplace.
The banking problems experienced in many centers in the early 1990s, many centered on real estate lending, as well as the recent Asian market break, raise the following issues:
1. The quality of information available about individual borrowers, aggregate market statistics, and capital flows within countries and across international borders;
2. The possibility that markets have a greater tendency to boom-and-bust behavior;
3. The arrangements for workout of problem credit exposures and resolution through a bankruptcy process;
4. The strength of risk management and internal control systems within financial firms and supervisors' ability to provide adequate oversight of supervised financial institutions.
This last issue also involves issues of corporate governance, i.e., the decisionmaking process within the firm and the management of the conflicts of interest among its various stakeholders-stockholders, top management, business line managers, other employees and customers.
Beyond the issues revealed by these major events lies the reality that competition in the financial market has increased dramatically with the globalization of financial activity, the rapid pace of financial innovation and the reshaping of financial services by advances in information technology. The force of international competition during the past two decades has flattened the distinctions between banking and securities activities, and, increasingly, between these and insurance activities. International competition, combined with the ability of innovative products to provide viable substitutes for products in markets where regulation is too costly, have similarly flattened a variety of traditional financial and macroeconomic management tools. These tools include deposit ceilings, quantitative restrictions on credit, and capital controls.
In any number of countries, central banks and governments have dismantled various forms of credit allocation mechanisms and deposit rate ceilings during the course of the 1970s and 1980s. The predominant pressure to do so came from the development of alternative sources of finance and investment. These alternatives arose in the government bond markets (developed to finance the rising deficits in those decades), the Euromarkets, and in various nonbank activities.
The freer play of competitive forces is in no small part the result of an important intellectual victory for the supporters of free markets. Restrictions on volumes and prices of financial flows were dismantled gradually, principally during the 1970s and 1980s in the major countries; the process is more recent in the emerging markets. The United States has made a particular effort to achieve an opening of markets worldwide and the setting aside of restraints on competition.
The practical implications of a shift toward much freer markets and capital flows on a global scale were not really well understood, given the lack of experience in the postwar period. While the theoretical literature identified reasons to be uncertain of the stability in a global financial market unfettered by capital controls and quantitative restrictions on credit, the nature of the problems and strains in the financial system are perhaps more surprising.
The themes in many of the problems surfaced by events of market stress is the risk created by three general categories of problems:
1. The potential for corporate governance, risk management and internal control systems at financial institutions not to keep pace with the business strategy, risk profile and business and geographical reach of the firm;
2. The potential for supervisory arrangements across countries and industry sectors to fail to detect the development of significant risks or management lapses that could materially affect regulated financial institutions;
3. The potential lack of sufficient high-quality, timely information on which market participants could make decisions.
These three challenges can also be aligned with the three major pillars of a sound financial supervisory framework-the management activities of the financial institution's executives, financial supervision and market discipline. The balance of this article discusses these three challenges, what supervisors are doing to address them, and what future challenges appear to lie ahead.
A NEW EMPHASIS ON SOUND PRACTICES
The quality of corporate governance, risk management and internal control at financial institutions has assumed a central place in the concerns of financial firms and supervisors alike. The Group of Thirty, a private sector organization that has published occasional, influential studies on financial issues, published a survey of senior financial industry executives on potential sources of systemic risk in their July 1997 study, Global Institutions, National Supervision and Systemic Risk. One major concern for these managers was the potential for an internal control breakdown in their own firm or that of a major counterparty.(1) A second, related concern was the possibility that a rogue employee could defraud the institution.
These concerns have several roots. The complexity in the financial business has increased dramatically because of the harnessing of information technology, the increased use of mathematical and statistical analysis in the pricing and risk management of financial products and services, and the globalization of financial activity. The speed and volume of decisionmaking has stepped up as information technology has enabled the transmission and processing of far more information. Further, capital markets activities, with their emphasis on active management of positions and portfolios, have taken on more prominence in financial flows, both within countries and across borders. The scale of some businesses, such as transaction processing, the credit-card business, and some trading businesses has increased dramatically because of the realization of economies of scale and the growth of global capital markets activities. Globalization of financial activity means that financial institutions will operate in a variety of markets, each with its own rules and conventions, and that financial institutions will be managing employees in locations far from headquarters.
In addition, the competitive environment of the 1990s has increased the pressure on financial institutions to examine closely their business strategy and fashion a strategy based on businesses in which returns are commensurate with risks. Global competition and structural changes in the financial sector, most notably the growth of institutional investors, have eroded the profitability of portions of the wholesale financial business, while economies of scale have led to fewer and larger players in other business lines, such as transaction processing. Because of this, the strategies of financial institutions have evolved considerably over time to include a wider array of markets and locations. These strategies have also become more individual to the firm.
The task of managing an internationally active institution has therefore become more complex. Not surprisingly, financial firms have devoted resources to strengthening the timeliness and quality of information within the firm, improving the decisionmaking process, and enhancing internal control.
The most prominent of these efforts is the development of risk management as a separate discipline within financial institutions. Risk management, which is perhaps better considered as the discipline of risk measurement, monitoring and control, has as its goal the independent assessment of risk in the financial firm's activities and the reporting of risk in a form that facilitates decisionmaking within the firm to respond to the risk. The use of statistical methodologies to assess market and credit risk has had several corollary benefits for financial firms, including more comprehensive and consistent information systems to report positions and risks and the capacity to conduct stress testing and other analysis of the potential risk in the portfolio.
In addition to risk management, firms have also devoted more resources to the internal control process. An important issue for many firms is the effort to provide incentives for business managers to take a proactive stance to ensuring a strong control environment in their business area. This has been achieved through greater use of control self-assessments, in which business lines analyze their risks and controls and establish control activities and monitoring, based on the COSO framework. Some financial institutions have begun to develop an approach to operational risk measurement, where operational risk is defined variously as the risk from human error, fraud or other breakdown or as the composite of risks other than market and credit risks. One goal of developing operational risk measures is to develop incentives for managers to reduce and control their operational risk.
Such incentives for controlling operational risk are part of a broader consideration of the alignment of incentives to the firm's employees with the firm's goals. Providing an incentive system that sufficiently rewards short-term performance and at the same time recognizes contributions to the long-term success of the firm has been difficult, especially given the competitive labor markets for individuals with the skills required in a complex business environment. This remains an area of continued experimentation and study.
Financial supervisors have also increased their attention to adequacy of risk management and internal control processes in the financial institutions they supervise. In part, this recognizes the diminishing value of point-in-time financial assessments when financial firms can rapidly alter their risk profile in response to market developments. In part, it recognizes that, given the sheer number and diversity of business decisions in a large, complex financial institution, supervisors need to adopt strategies to help them identify substantial pockets of problems.
In the United States, this has meant a shift to risk-focused examinations for banking institutions. Examiners are charged with identifying the inherent risks in the bank's activities and assessing how well the risks are controlled. This provides a roadmap by which examiners can set priorities for the areas or businesses that will be the focus of an examination.
Important areas of risk for financial institutions in many countries is the increasing involvement in businesses with relatively higher or more uncertain inherent risk-emerging markets, high-yield debt underwriting, subprime consumer lending. The growing involvement of G-10 financial institutions in the emerging markets and of emerging market institutions in the global capital and banking markets contributed to the awareness that many of the same issues of corporate governance, risk management and internal control are relevant to financial institutions in the emerging markets.
WORK OF THE BASLE COMMITTEE ON BANKING SUPERVISION
Much of the leadership in the international harmonization of supervisory standards falls to the Basle Committee on Banking Supervision. The Committee, whose members are representatives of banking supervisory agencies and central banks in the G-10 countries, was created after the Herstatt foreign exchange crisis in 1974, the first international banking problem of the postwar period. In the late 1970s, the Committee agreed on the principle of consolidated supervision of banking companies. The Committee then went on to make its signal achievement in the creation of risk-based minimum capital standards, set out in the Basle Accord of 1988.
In response to the need for a summary of the key elements of bank supervision, in 1996 and 1997, the Basle Committee developed the Basle Core Principles of Effective Banking Supervision.(2) The twenty-five Core Principles cover key areas of bank supervision practice-preconditions for effective banking supervision, licensing of banking institutions, capital standards and other prudential guidelines for risk management and internal control, methods of ongoing banking supervision, information requirements, formal powers of supervisors and cross-border banking. The Committee intended the Core Principles to be applied in all countries and saw them as the essential elements for a supervisory system to be effective. The Core Principles are supported by a Compendium of documents produced by the Basle Committee covering the full range of supervisory activity.
The Basle Committee also reviewed the Compendium for possible gaps and has been developing additional papers on internal controls, internal audit and operational risk. While the Core Principles themselves are fairly fundamental, the development of more specific guidance to supervisors will be an ongoing process, as market practices and conceptual understanding of the nature of risk and its control change in the financial industry.
Given the broad range of countries and banking institutions affected by widespread application of the Core Principles, an important issue is the extent to which different rules are needed for different countries. Principles of risk management generally embody the philosophy that the sophistication and complexity of the firm's risk management should be commensurate with the sophistication and complexity of the firm's business activities. The same philosophy seems appealing in this context. That philosophy in turn suggests more of a continuum of approaches, rather than two very separate sets of rules. In addition, to the extent particular countries and or sectors of the banking system are active in the global financial markets-and the reach of those markets is long-the gap between the approaches used by the sophisticated countries and the less complex countries cannot be too large.
The development of the Core Principles has provided impetus to a major consolidation of supervisory thinking on the key elements of sound supervisory practice. Inevitably, such a reconsideration involves looking at the practices within the G-10 countries with a critical eye. The key issues begin with the legal and accounting infrastructure in which banks operate. In particular, crucial arrangements-the role and responsibilities of shareholders, directors and executive management, the rules governing the preparation and publication of financial statements and related disclosures, the operation of the bankruptcy regime, especially the potential for loss by shareholders in the event of extraordinary losses-are the focus of renewed attention.
A similar role is played by the International Organization of Securities Commissions (IOSCO) for securities regulators and by the International Association of Insurance Supervisors (IAIS) for insurance regulators. Together with the Basle Committee, these three organizations sponsor the Joint Forum on Financial Conglomerates, which provides the opportunity to discuss issues of supervision of conglomerates.
THE SUPERVISION OF GLOBAL FINANCIAL INSTITUTIONS
The growth of international financial conglomerates, defined as a financial institution active in at least two of the three main financial sectors (banking, securities and insurance) raises two important issues for supervisors. The failure of Barings highlighted most of the issues:
1. Barings pointed to the particular challenges of maintaining strong management accountability and internal control in an institution attempting to merge the very different banking and securities cultures;
2. The Barings case illustrated that networks of communication among supervisors, especially across sectors (in that case futures and banking), were not sufficiently developed either as a matter of ongoing supervision and monitoring or in emergency circumstances.
The issues of supervising financial conglomerates has been on the minds of international regulators since the early 1990s. In part, the issue arises from the complex corporate structure of a typical large financial firm. Most large financial firms have many subsidiaries under the parent entity, not infrequently numbering in the hundreds or even thousands. In addition, the parent entity and all its subsidiaries may be regulated by a single regulator if it is subject to consolidated supervision. Consolidated supervision is one of the Twenty-Five Core Principles described above. Consolidated supervision, however, is not common in the securities and insurance sectors, where the focus tends to be on regulated entities, raising the question of how an overall picture of the financial firm can be developed, especially if it is not subject to public disclosure requirements at the parent level. Finally, even a firm subject to consolidated supervision by one regulator will have multiple supervisors for the various activities and jurisdictions in which it is active.
The Joint Forum is the principal international body of regulators studying the challenges posed by financial conglomerates, with special emphasis on internationally active conglomerates. The Joint Forum consists of representatives of the Basle Committee on Banking Supervision, IOSCO and the IAIS. The Joint Forum was created in late 1995 to carry on exploration of issues by a more informal group of banking, securities and insurance regulators called the Tripartite Group.
BUSINESS STRUCTURE, CONTROL STRUCTURE, AND LEGAL STRUCTURE
One task the Joint Forum took on was to improve its understanding of how financial conglomerates are managed in practice. In the course of its work, the Joint Forum mapped fourteen financial conglomerates. It discovered that practices varied among conglomerates as to the degree of centralized or "global" management they applied to their various business, risk management and control activities. The conclusions of the review, however, were that the organization of two types of activities were especially important for understanding the information needs of supervisors. Those activities were the business activities of the firm on one side and the risk management and control activities on the other.
Each combination of business line organization and control function organization raises particular information questions. For firms that are managed globally at both the business line and the control level, host supervisors in particular may find that the local business management has incomplete knowledge and limited decisionmaking power relative to more regionally organized firms. The regionally organized firms, however, may pose greater challenges in developing an aggregate picture of the firm's risk profile, either because the resources are not devoted to aggregating the information or because inconsistencies in approaches across businesses or locations make aggregation difficult.
For supervisors, this raises two important questions. The first is the extent to which all relevant information flows to the primary supervisor (in the language of the Joint Forum documents, the coordinator). One of the important failures of Barings was overlooking important information about unusual positions in the Tokyo futures market and the concerns rising on the Simex, the Singapore futures exchange. These warning signs, along with the problems of the auditors, suggested that communication networks across supervisors were not working well.
Indeed, the issue for supervisors is cross-industry communication. Banking regulators have well-established channels of communication, emergency contact lists, and sufficient legal underpinning to share information among themselves. Sharing information with securities and insurance supervisors may face a variety of hurdles, most especially knowing whom to call and whether there is sufficient legal authority (or the absence of legal impediments) to share information.
Not surprisingly, much effort has been devoted to ascertaining the extent of legal impediments to information-sharing. Many of the impediments identified by supervisors tend to be less matters of absence of legal authority than uncertainty and procedural impediments. Even within the United States, the authorities have been seeking to establish a clearer foundation for information sharing among the financial supervisory authorities.
The G-7 Finance Experts Group has also developed Ten Key Principles for Information Sharing, which were endorsed by the G-7 Finance Ministers in connection with the 1998 Birmingham economic summit. These Principles are directed at identifying remaining impediments to information, such as lack of statutory basis to share information with supervisors in other industries, reciprocity requirements, and confidentiality requirements.
The papers by the Joint Forum lay out a few principles for information sharing. They are:
1. Sufficient information should be available to each supervisor to supervise effectively the regulated entities within the conglomerate;
2. Supervisors should be proactive in raising material issues with other supervisors and should receive satisfactory responses;
3. Supervisors should communicate emerging issues to the primary supervisor;
4. The primary supervisor should share relevant information with individual supervisors;
5. Given the sheer volume of information about these firms, supervisors expressed a preference to receive adverse or unusual information, rather than a large number of routine reports.
TRANSPARENCY OF INFORMATION
A significant problem is the huge volumes of information, much of which is not meaningful enough to be useful. It particularly follows from the emphasis on risk management and the quality of information available to financial institutions and other market participants. Regrettably, in spite of the extensive development of more advanced analytical techniques for understanding the risk and return profile of firms, the disclosures by financial firms have lagged far behind. Further, in spite of globalization, the quality of statistics on both domestic and international financial flows has also lagged well behind.
Perhaps the two most important developments in the postwar period is the growth of globalization in financing activity, creating the potential for foreign exchange gaps in the financing structure of the firm, and, in the 1980s, the advent of derivative instruments. Derivative instruments permit transactions in the changes in values of price variables without incurring an initial funding obligation or principal that would appear on the balance sheet. Derivatives allow market participants to alter the risk characteristics of assets or liabilities. Traditional financial analysis attributes certain risk properties to the assets and liabilities on the balance sheet. Derivatives and foreign exchange can alter the risk properties of those instruments and in turn those ratios. However, in order to take account of the additional risk dimensions, much more information about the composition of on- and off-balance sheet items is required.
In the United States, the Financial Accounting Standards Board and the Securities and Exchange Commission have responded to the evolving recognition of risk dimensions to be disclosed. The result is a not entirely consistent framework of disclosures. Elsewhere, far less information is disclosed.
The Eurocurrency Standing Committee, a group of senior central bank officials sponsored by the G-10 governors of central banks, published a report in 1994. This report outlined a series of disclosures that should be considered by major financial market participants. The innovation in the study was to propose that market participants publish both measures of their market and credit risk, as well as measures of performance, e.g., trading income and credit losses, respectively. A series of surveys by the Basle Committee and the International Organization of Securities Commissions, IOSCO, revealed that, in spite of substantial progress since 1995, many internationally active financial institutions reveal relatively little about their derivatives activities.
Foreign exchange and derivatives are also major factors introducing more complexity and opacity to international financial flows. Fundamentally, the problem starts with the same complex legal entity structure described above. For international transactions to be reflected accurately in the flows of funds, the residence of the parties to financial transactions need to be accurately recorded. Interpreting these statistics requires understanding that "U. S. residents" include corporations chartered in the United States, as well as subsidiaries of foreign corporations, including corporations that in some cases are created largely to channel funding from the U.S. market to the home market. Institutions such as hedge funds and other investment arrangements make it difficult to trace the ultimate source of funds. In addition, many flows of funds go over the capital markets, in which financial firms that act as agents for those flows often stand in for the identity of the beneficial owners.
Some of those flows may appear to take on a certain character, but in fact the risk may have been transformed. One good example is the flows into Asia, in which corporations and banks in some countries took on foreign exchange risk, creating both a vulnerability to declines in the value of the home currency and the potential for creditors' claims to rise in an adverse environment. Studies of the Asian crisis also are studying whether exposure of one emerging market country to another was in part the cause of some of the contagion of the Asian crisis.
What means are available in order to determine whether these vulnerabilities exist? Central bankers have considered a number of approaches. The first is to assemble a better data collection on a semiannual basis of derivatives data. These data should provide additional information for analysis to help central bank economists and statisticians to establish some link between flows in the derivatives markets, other capital market flows and financial prices and macroeconomic events.
Central bankers are also considering the role of stress testing by major financial firms as a way to assess vulnerabilities. Supervisors are also interested in an expanded role for stress testing in the risk management practices of the firm. As a framework for rethinking the role of reserves and capital in the management of credit risk, some practitioners speak of expected losses, unexpected losses and stress losses. With the experience of Asia, as well as other market events, a few financial firms are giving a more prominent role to stress testing in their overall risk management.
The data issues discussed above require a more thorough rethinking of the statistical framework. Frequency is another issue. Events such as Barings unfolded extremely quickly, and the need for timely data has grown. At the same time, controlling the complexity of global management information for a major financial firm remains a cutting edge issue in risk management.
The basic thrust of information needs is to have greater capacity to slice and dice the information on a wide variety of dimensions. In theory, developments in information systems are bringing about a greater degree of connectivity of data. But the underlying framework needs to be rethought.
In many respects, industry practitioners have developed at least three frameworks in which to understand the management processes of the firm. The first is the accounting framework, and not surprisingly, the accounting framework has provided a benchmark for thinking about the firm for some time. The second framework is the internal control framework. As set out in COSO and other documents, the internal control framework is a comprehensive view of the systems of the firm, with a special emphasis on the control aspect - the safeguarding of assets, production of accurate records and the enhancement of the effectiveness and efficiency of the firm's operation. The final framework, developed more recently, is the risk management system. This also starts with board of directors and executive management oversight and strategy setting, a measurement and monitoring system and, finally, a set of internal controls over the process.
The risk for the United States and other G-10 countries in a far more open global financial system is the risk that the pressure to open up will be viewed as a largely competitive move. The United States has tremendous competitive advantages in the global financial market, resting on innovation, depth of the underlying U.S. markets and strong, well-capitalized financial institutions. The United States, among other countries, has pressed to dismantle the types of restrictions that limit the competitive capacity of U.S. financial institutions in emerging markets countries through the WTO process and others.
The globalization of the financial sector, advances in information technology and new insights into the nature and measurement of risk continue to transform the issues confronting global supervisors. The challenge of new business combinations - financial conglomerates combining banking, securities, insurance activities and possibly other activities - is considerable. One of the important implications is that the financial technology has outstripped both the regulatory and the information collection framework put in place in the first half of the postwar period.
1 Group of Thirty, Global Institutions, National Supervision and Systemic Risk. Washington: Group of Thirty, 1997.
2 Basle Committee on Banking Supervision, Basle Core Principles for Effective Banking Supervision. Basle: Bank for International Settlements, September 22, 1997.
Christine M. Cumming is Senior Vice President, Federal Reserve Bank of New York. The views expressed in this article are those of the author and not necessarily those of the Federal Reserve System or the Federal Reserve Bank of New York.
|Printer friendly Cite/link Email Feedback|
|Author:||Cumming, Christine M.|
|Date:||Oct 1, 1998|
|Previous Article:||Conducting monetary policy in a global economy.|
|Next Article:||Financial services in the United States: the next decade.|