Deus Ex Macchiato

Karl Smith has a theory:

… lets imagine a simple model where we have two sources of risk. There is background you cannot avoid. And, there is personal risk that you create by through your own choices.

Policy makers have since Thomas Hobbes been attempting to drive down background risk. They have larger been successful. As a result our lives are getting more and more stable.

As that happens, however, folks are going to tend to take on more personal risk. There is a tradeoff between risk and reward. As you face less background risk, for which you not rewarded it makes sense to go for more personal risk for which you are rewarded.

When I take on more personal risk, however, it bleeds over slightly into everyone else’s background risk. People depend on me. If I take risks and lose so big that I debilitate myself then my family and my friends will surely suffer. But, so will my employer, my creditor and the businesses who count on me as a regular. When I go down, they go down.

So, putting it all back together and we come up with something of a risk floor, if you will.

Now, I should say at once that I don’t wholly buy this. But it is an interesting idea, and there is some evidence to support it. For instance, Australian research on compulsory cycle helmets suggests that cyclists that feel safer as a result of their helmet take more risk, resulting in little change in cyclist mortality* despite the new policy. However, it is not obvious that we can generalise from evident physical danger to financial risk.

Suppose we can though. That would mean, as Smith implies, that risk reducing policies can, if we are near the floor, cause risk to pop up again in a form that might be harder to spot. That suggests that a polluter pays approach, where we try to charge for the risk being taken rather than prevent it. Direct fees to price systemic externalities, then, rather than capital to prevent them. One might imagine that if FDIC deposit insurance fees were truly fair, then they would comprise a floor element plus a systemic surcharge (which was at least quadratic in bank size). Such an approach would attempt to charge for the cost of failure rather than capitalising the risks that might lead to it. As I say, I’m not necessarily recommending it, just suggesting that it is an interesting alternative.

Such laws are however good at discouraging cycling.

Posted in: Regulation, Risk Management by David /
3 Comments

I have been reading a useful and timely report on enhancing bank risk disclosures. Their objectives are sensible, and seven fundamental principles are suggested:

1. Disclosures should be clear, balanced and understandable.
2. Disclosures should be comprehensive and include all of the bank’s key activities and risks.
3. Disclosures should present relevant information.
4. Disclosures should reflect how the bank manages its risks.
5. Disclosures should be consistent over time.
6. Disclosures should be comparable among banks.
7. Disclosures should be provided on a timely basis.

As many commentators (notably Bloomberg’s Jonathan Weil) have pointed out, we are far from this world right now.

The report goes on to give a lot of reasonable detailed recommendations. This is what they have to say on overall capital requirements disclosures, for instance:

[Banks should] Present a table showing the capital requirements for each method used for calculating RWAs for credit risk, including counterparty credit risk, for each Basel asset class as well as for major portfolios within those classes. For market risk and operational risk, present a table showing the capital requirements for each method used for calculating them. Disclosures should be accompanied by additional information about significant models used, e.g. data periods, downturn parameter thresholds and methodology for calculating loss given default (LGD).

And here is the first of four paragraphs on market risk:

Provide information that facilitates users’ understanding of the linkages between line items in the balance sheet and the income statement with positions included in the traded market risk disclosures (using the bank’s primary risk management measures such as Value at Risk (VaR)) and non-traded market risk disclosures such as risk factor sensitivities, economic value and earningsscenarios and/or sensitivities.

It sounds elementary – of course you would want that – but it is a measure of how far banks’ disclosures fail to meet the standard of `what a reasonable person trying to understand the firm would ask’ that I cannot think of a single large bank today that meets that requirement. There is a lot of information in annual reports and Basel pillar 3 documents, but there is a lot that is missing too. These recommendations are a very good step towards filling in the gaps.

Banks will of course push back on this. The last thing that most of them want is (in the words of paragraph 26) to `provide information that facilitates users’ understanding of the bank’s credit risk profile, including any significant credit risk concentrations’. That is short sighted: investors would trust banks more if they could understand them. The reason that many trade below book is their opacity, and enhanced disclosure is the only solution to that.

Posted in: Accounting, Risk Management by David /
3 Comments

My response to the fundamental review of the trading book is here.

Posted in: Basel, Risk Management by David /
2 Comments

Last week, I mused a little on the cultural theory of risk and its consequences for financial risk management. Today I want to say something about risk reporting in that context. Specifically, I would suggest that one wants risk reporting that meets the needs and attitudes of all four cultural groups. That means

1. Individualists want ‘ordinary conditions’ risk reporting; things like 95% 1 day VAR. They will also focus much more on the P/L than on risk measures.

2. Egalitarians want to see different risks treated fairly, so they are a valuable resource in ensuring that the risk framework doesn’t give unfair advantages to some businesses. They will want to see a range of stress/scenario tests reflecting their belief in the fragility of ‘ordinary’ conditions.

3. Authoritarians want a strongly-policed and comprehensive limit framework, capital plans, and so on. For them it is all about risk-process-as-constraint. Focus your authoritarians on enforcement not design.

4. Fatalists are hard to please because they think (probably rightly) that no risk framework can avert disaster all of the time. However, giving them notional measures (if everything goes completely wrong we can still only lose x) and highly pessimistic stress tests helps. Their skepticism is a very valuable tool, and you want at least one prominent fatalist in any high level risk committee.

Construed this way, risk reporting can be a cross cultural communications tool. It needs to cater to all four attitudes if it is to be effective in that role. The key is to ensure that as one or other attitude becomes culturally dominant, the risk framework does not become too distorted.

Posted in: Organisational Culture, Risk Management by David /
3 Comments

Yesterday, we outlined four attitudes which the Cultural Theory of Risk advances as a fundamental classification. Today, I want to look at what that classification suggests organizationally.

David Ingram suggests (1) that you find

Individualists in Sales/Underwriting/Trading. They tend to be paid with a high proportion of incentives or bonuses. They prefer to get paid for what value that they bring to the firm. They will frequently argue with the nit pickers and bean counters about how good the deals that they do will be for the company.

Fatalists in Operations and IT. Their priorities are frequently changed without their knowledge. Many firms tend to value the flexibility of Fatalists who do not expect things to stay steady and predictable anyway. Fatalists in a firm are quite happy with a job where they do not know in advance what they will be doing from day to day. You probably want a Fatalist on your help desk.

Egalitarians in Compliance, Internal Audit, ALM and some CFO and Legal functions.
Egalitarians will tend to keep to themselves within the firm and have few connections with the other areas. They tend to think that the company is going into decline, but that their department is run well and things would be much better if people just listened to their group more.

Authoritarians populate the risk management area and are commonly CFOs. When there is an Authoritarian CEO or powerful authoritarian senior administrative officer, the firm will usually have a very organized planning process with regular update to short and long-term plans. The emphasis of Authoritarians in management will be to set goals and measure progress against those goals.

Now, if we read this as a broad tendency rather than a prescription, I think he has a point. Certainly the CFOs I have known tend to be authoritarian (sometimes sufficiently so as to be to the detriment of their firms), and you certainly want someone who believes in fairness and the rule of law in compliance. Where I think Ingram goes wrong, though, is in a statement that he gives emphatically

Enterprise Risk Management is clearly an Authoritarian risk perception

It can be, but it does not need to be. Risk managment infrastructure should be a decision making aid, no more. At its best, it provides good information – quantitative and judgemental – which allows management to decide on which risks to take and which to hedge.

If objective risk measures are used in a purely authoritarian way, two things happen. First, the firm will miss out on opportunities that don’t look good according to the particularly risk framework. Individualists will see this, and some will leave in frustration. Second, other sneakier individualists will try to game the system. Sometimes they will succeed, and that can lead to disaster.

Firms with better risk management implicitly understand this. Their risk philosophy is a blend of egalitarian (let’s create a fair risk framework, including human decision judgement) and fatalist (how are those bastards trying to screw with me today?). Yes, sometimes you need an authoritarian to say ‘no, you can’t go over your risk limit’. But if that is all you have, you are in trouble; although perhaps slightly less trouble than if risk management is run by a bunch of fatalists (2). Risk management, as with so many other things, is better with if it has more cultural diversity.

(1) His discussion is based on insurers; I have adapated it slightly to be more bank-relevant.

(2) There is a school of thought that risk managers are simply short out of the money puts on the P/L, and that their aim in life is to be employed long enough to collect sufficient premium. This is an essentially fatalist view of the role (which is not entirely without basis).

Posted in: Organisational Culture, Risk Management by David /
3 Comments

There is a body of work known as the cultural theory of risk which identifies four attitudes towards risk taking. Like any sociological classification it is not precise, but nevertheless it is both interesting and insightful.

There have been a number of articles on this in Wilmott magazine: the following is a paraphrase of one by David Ingram.

Cultural Theory suggests that there are four ways that people approach risk:

1. Individualists believe that the world is self correcting… They believe in unfettered capitalism – self-regulating markets… That individual effort and imagination will create more for everyone (rising tide lifts all boats – growing the pie before you divide it).

Personally I quibble a bit with the ‘self-correcting’ part as I think that many people who intuitively seem to be individualists do not believe in mean reversion, but we will let that pass.

2. Egalitarians believe that the world is in a delicate balance. Any major change could result in disaster. Egalitarians focus on fairness and dividing the pie. Egalitarians are frugal.

Again, the ‘delicate balance’ part for me isn’t necessary; the key criteria to be an egalitarian is a belief in fairness.

3. Authoritarians believe that risk taking is acceptable only if controlled by experts. There is a need for rules and laws to keep risk taking under control.

4. Fatalists believe that the world is unpredictable and uncontrollable. Fatalists are those folks who will not conform to the rules of the Hierarchists, who cannot muster the fervor to become members of an Egalitarian group and who do not have the ambition to strike out on their own as an Individualist. They are outsiders and seldom control things.

Tomorrow, I want to say something about the consequences of these attitudes for the financial risk management. Meanwhile let me leave you with a link or two for further reading should you be interested.

Posted in: Risk Management by David /
Comments Off

In the theory of programming languages, you learn that parsing is a syntactical operation that doesn’t require any analysis of meaning. Therefore I shouldn’t complain that dealbook’s recent post, Parsing Jamie Dimon’s Testimony, doesn’t inform as, really, it doesn’t promise that it will. It does, though, set up enough clues that you can guess a little more of the JPMorgan story.

Here are the key pieces.

• Dimon said:

  In December 2011, as part of a firmwide effort in anticipation of new Basel capital requirements, we instructed CIO to reduce risk-weighted assets and associated risk. To achieve this in the synthetic credit portfolio, the CIO could have simply reduced its existing positions; instead, starting in mid-January, it embarked on a complex strategy that entailed adding positions that it believed would offset the existing ones. This strategy, however, ended up creating a portfolio that was larger and ultimately resulted in even more complex and hard-to-manage risks.

• The new Basel capital requirements will require a bank like JPM to calculate capital for the correlation trading portfolio using a new type of internal model, a CRM or comprehensive risk model.
• CRM models operate on a portfolio basis, and will recognise partial risk hedging. Therefore if you have a position and want to reduce capital somewhat but keep some of the risk, you can do that by ‘adding positions that [you believe]would offset the existing ones’.
• CRM models do not include investment positions, so if the broad theory that JPM was long deposits, long corporate credit risk to invest then, then using synthetic credit positions to protect the crash risk of the bonds is correct, the CRM model would only have included the last of these positions. Thus JPM would have had both an accounting and a capital mismatch: depos and bonds accural accounted and capitalized in the banking book; protection fair valued and CRM-modelled in the trading book.
• It seems a reasonable theory then that JPM was trying to address this mismatch by modifying its positions to reduce future regulatory capital (and accounting volatility) while still keeping their essential nature as crash hedges. The modifications introduced extra risk which caused the $2B hole.

That’s my current best guess; I await Jamie’s congressional testimony with interest.

Posted in: Basel, Risk Management, Writedown by David /
4 Comments

When Magellan emerged from the strait that bears his name into the Pacific ocean, he thought that he was only a few days sailing from Portugal and home. Good try, but no cigar. A similar navigational issue seems to be plaguing folks over last night’s $2B JPMorgan loss. Here are some things we can, and cannot conclude from this ‘egregious’ loss.

• Buying protection on a CDS index sometimes doesn’t hedge a long bond portfolio very well. (JP is supposed to have invested excess deposits in short dated corporate paper, then hedged the credit risk with index CDS; or perhaps bought tips then constructed a synthetic corporate linker portfolio by selling protection – can someone please get to the bottom of this?)
• Hedging is difficult, but if you have a position that a lot of people have noticed, and written about, then you call it a storm in a teacup, don’t lose a $2B on it. You look silly.
• Defining what a hedge is precisely enough to allow hedging but prohibit proprietary trading, as the Volcker rule must try to do, is very hard.
• This is not evidence that JPM (or anyone else) is under-capitalized. Sorry, but it isn’t; they absorbed the $2B with little more than mild embarrassment. (Of course, they may be under-capitalized, but you can’t conclude that from this story, however much you might want to.)
• When you have fair value items hedging accrual accounted items, then you get earnings volatility. Your risk measure looks kinda screwy, too, if you include the former but not the latter in it. (See the 10-Q here, pg 74.). The accounting rules probably have not served JPM particularly well here.
• Social media manager for Goldman Sachs is, today at least, not the toughest job in finance.

Update. FT alphaville makes a similar point about the difficulty of identifying a ‘good’ hedge here.

Posted in: Credit, Derivatives, Hedging and Convexity, Reputational Risk, Risk Management, Writedown by David /
Comments Off

A typically histrionic post on Naked Capitalism about interest rate risk in the banking book gave me pause for thought. (Don’t you wish there was a browser plugin that could turn down a website automatically; it would substitute ‘unexpected inconvenience’ for ‘hidden time bomb’ for instance… Also, NC, for reference, the duration of a bond does not increase ‘exponentially’ as the coupon rate falls.)

Their point is that at some point rates in the US will likely rise, and that this will have an impact on bank earnings. That’s true. The direct impact however is both minor and well-disclosed. Here for instance is the relevant table from Citi’s 2011 annual report, showing the impact of 100 bp move in rates.

These disclosures are mandated in Basel 2, and clearly the numbers are not material for Citi.

Note too that this disclosure should include both behavioural effects on mortgages and their hedges, so that you will see some convexity for large rate shocks in the mortgage book (which a bank might well hedge with caps or swaptions, for instance). These behavioural effects include prepayment behaviour and fixes of mortgages with front end floating periods that flip (or can be converted) to fixed. To get a feel for the convexity, I would also like to see Citi disclose the impact of a 200 bps move.

What is also not there, and what may be an issue, is the impact of rates on the credit risk in mortgages. Rising rates cause extension in mortages and that in turn means that the borrower is on risk for longer. In a poor credit environment with a foreclosures still going at a good rate, being on risk for longer is a bad thing. The estimated increase in provisions under the different rate scenarios would therefore be another useful additional disclosure. Still, ‘rate risk = hidden time bomb’ feels seriously overblown to me.

Posted in: Mortgages, Risk Management by David /
3 Comments

I am sitting in a deeply disappointing FSA seminar on risk management. It’s disappointing because of the failure to take responsbility. I’ve heard the usual analysis of losses in the crisis. They said, as usual (because it is true) that mortgages played a key role. But rather than asking the obvious question – what were the capital rules for mortgages? – the room has been subjected to an injunction to do risk management better. How about we do regulation better instead? Why not let’s try fixing the massive Basel 2 incentive to take mortgage risk in the banking book. Why not fix the capital charges for supersenior ABS which are still, 3 years after the crisis, very generous. Why not strip away the ridiculous complexity and double counts of the trading book rules and produce a simple, risk sensitive framework that capitalizes the risk that matters – that of a systemic crisis – properly while not hitting risks that don’t matter far too hard? Oh, wait, but that would involve Basel committee members admitting that they were wrong. OK then, as you were.

Update. The FSA also had the audacity to criticise the progress firms had made in risk management since the crisis. Now if only they had given those same firms a moment’s relief from new regulations; if only 99% of what a risk manager does in a bank these days was not mandated by the regulator: well, then that criticism might be fair. But if you want a man to dance a jig it helps to take your boot off his throat first.

Posted in: Basel, Risk Management by David /
2 Comments

From the FT:

Hong Kong’s exchange has admitted that risk management and financial resources at its clearing house are not up to international standards.

Ah. Oops.

Posted in: Clearing and Collateral, Risk Management by David /
Comments Off

The Streetwise Professor responded to my post on HFT with a number of good points.

I am skeptical that requiring trading on a central order book (CLOB) will eliminate flash crashes. Note that flash crashes have occurred on futures markets with CLOBs.

Fair enough. But with a CLOB, you can suspend all trading at once, you have some hope of definining what best execution means, and you can impose behavioural restrictions in one place. Now granted you can do all of those things with some difficulty in more diverse market infrastructures, but they are a lot harder.

I’m also skeptical that dark pools have anything to do with flash crashes, and am also not convinced that the dark pool structure–which as DEM notes, has effectively supplanted the block market for facilitating large trades–is detrimental to the interests of those who want to trade in size.

What dark pools have done is dramatically reduced the average size of trade, and forced everyone to cut even retail sized positions into multiple trades, while obscuring what the current price is, precisely. In the old market maker system, the market maker provided block trading capacity without loss of transparency to the market. My main problem with dark pools is exactly that they are dark.

I suspect I’m not too far from TSP here though, as he goes on to say

Top-of-book protection provides a way for HFTs to make money by exploiting fragmentation of liquidity. Creating a real CLOB entails a whole set of issues … but these can be avoided through the creation of a virtual CLOB that protects the entire books of the various liquidity pools.

And that, frankly, would do provided that you can also suspend trading, protect best execution, and so on (which you can, with effort).

One of the suggestions which I stand by, and which TSP doesn’t like, is a minimum quote time for orders. He says:

… restrictions on quoting–e.g., DEM’s suggestion that quotes be good for one second–could well be counterproductive in that regard. The current evidence suggests that order floor became much more toxic on 6 May 2010, and that’s why HFTs stopped supplying liquidity. Forcing them to keep their quotes good for longer than they would choose to on their own in such circumstances makes it more likely they will not quote at all.

Two things. First, very short term feedback loops are a key component of flash crash like behaviour. If the bots can’t react that fast, they can’t crash that fast. Crashes must happen on human timescales if at all so that we have the chance to intervene. The sand-in-the-machine of requiring quotes to be good for half a second is vital to preventing rapid phase changes in market behaviour: emergent behaviour is much less common in discrete than continuous systems.

Second, because you can’t put out an order for a few shares good for a millisecond, you can’t make as much money per second on a given order size. That means that you have to quote in bigger size to make money. Instead of cents per order, you have to make hundreds of dollars; hence, quotes in bigger size, which is good for market liquidity. Now, will anyone volunteer to explain ‘emergent dynamics’ to the SEC?

Posted in: Emergence, Risk Management by David /
1 Comment

How much frictional cost do you want in a market?

Just enough, obviously.

The question and answer were brought to mind by a recent speak by Myron Scholes reported in Risk magazine. He warns:

“If you restrict or require more capital of banks, what will happen is that they have to wait until the deviations [in price] get larger before they intermediate, because they have to make a return on the capital they are employing,” he said. “As intermediary services stop, markets then become more chaotic.”

Scholes is right. The all-in cost of a trade depends on its capital usage. If banks have to hold more capital, fewer trades are profitable after the cost of capital is included, so fewer trades happen. Thus markets are less well arbitraged and hence less efficient (unless other players step in, at least).

If frictional costs are very low then you get a huge amount of trading – as in HFT – and that in itself is destabilizing. But if they are too high, you get inefficiency. I would love to see some academic work on where the sweet spot is.

Posted in: Emergence, Regulation, Risk Management by David /
7 Comments

From a wise Bloomberg column (HT FT Alphaville):

Complacency is baked into our species. We can’t resist thinking that recent experience defines the future. Give us a run of good luck, and we are apt to turn that into an implicit expectation that our luck will continue — even that we are entitled to it.

This kind of thinking was instrumental in the run-up to the financial crash of 2008. Too many private and public institutions assumed that an extraordinary run in prosperity, particularly in the real estate market, was just normal. It didn’t occur to them that things could go so wrong. Even when token stress testing or risk assessment was done, it largely excluded the possibility of a bad shock or a protracted slump. Risk wasn’t systematically measured; it was ignored…

Mistakes are common in big natural disasters. If such events happened frequently, response teams and the people who direct them would have practice, as trauma teams in hospital emergency rooms have. Unfortunately, responders rarely get the opportunity to rehearse large-scale disasters. When the inevitable finally occurs, and a tsunami hits a nuclear reactor, or an earthquake reduces much of a major city to rubble, the people in charge often are caught napping and react ineptly…

The lesson is simple to state, but hard to follow: Risks with heavy consequences must be taken seriously even if the probability of their happening tomorrow is low. That means incurring small, but real, costs in the here and now to mitigate the damage from some disaster that may lie far in the future — even though “far” means beyond the present budget cycle, after the current chief executive officer has retired, or after the current politicians have left office. Only by thinking and training in anticipation of the inevitable can authorities avoid getting blindsided.

Posted in: Risk Management by David /
Comments Off

I have been involved in risk analysis, measurement and management for more than half of my life. That’s a scary thought, but it does perhaps mean that I might have some insight. It helps (and apologies if this is sounding like a boast; bear with me) that I have worked not just in finance, but also in real time safety critical systems. Not nuclear, admittedly, but nonetheless things that you really don’t want to screw up. Based on that experience, there are two types of error that seem to me to be pretty common in risk analysis.

The first is mis-estimating the probability of an occurence. That is, you have considered that something can happen, but you thought that it was a lot less likely (the error is usually that way around) than it turns out to be. This is often the kind of mistake that we make in financial risk management.

The second is somehow more grievous. This type of error occurs when we fail to consider that something can happen at all. An event – that turns out to be both possible and material when it occurs – is completely ignored in our analysis.

The first error is less worrying simply because it can be hedged, partly at least, by a worst case analysis. Forget the probabilities, just suppose the worst thing that we can think of happens. If that really is the worst thing, and we can live with the outcome, then there is some reason for comfort – unless we have made an error of the second kind. (This, by the way, is why reverse stress tests, where you assume a really bad thing has happened, are so useful.)

I don’t know how you reliably catch errors of the second kind. I could descend into platitudes – hire smart people, avoid group think, look at the problem in as many ways as you can – but they won’t help much. There really are more things in heaven and earth, Horatio, than is dreamt of in anyone’s philosophy, and that makes the problem quite hard.

TED throws up his (carefully manicured?) hands in horror up at this point and suggest a large dose of Carpe Diem. Jonathan Hopkin, meanwhile (perhaps reflecting a slightly less good cellar than TED) takes this as a cue to suggest a healthy dose of conservatism in risk management:

We need to err on the side of avoiding the unthinkable, rather than risking the unthinkable just to get the desirable.

This is entirely sensible of course. But the fundamental problem of figuring out what the unthinkinable is, exactly, remains. This for me is a very good argument against nuclear power at least in its current form. When you are dealing with something that has a half life of more than 700 million years (U235), you can be certain that you can’t think of everything that might happen. Your risk assessment, in other words, is bound to be wrong due to errors of the second kind. And with something as dangerous as Uranium and its byproducts, that is a problem.

Update. FT alphaville has interesting coverage of a presentation about storage of fuel rods at the Fukushima reactor here. They say:

it’s once again not quite clear if anyone is really taking account of the full storage time needed for these fuels.

Off-site storage for Fukushima coming online in 2012 will store 20 years of fuel for 50 years. And then? You can count many fuels’ half-lives in the 10,000s of years.

That, by the way, is very conservative. To be safe you need to go to at least ten half lives. That’s 7 billion years for U235, and 40 billion for U238. Humanity has not built anything that has lasted 10,000 years, let alone a billion. We are, in other words, at least a hundred thousand times less skilled than we need to be to take on nuclear fuel storage safely.

Posted in: Risk Management by David /
3 Comments

Let me explain. Macroprudential regulation is about the whole system, and ensuring its stability, while microprudential regulation is about protecting individual firms. As this note puts its

Here is an example of macro-prudential concerns. Selling an asset when it appears to be risky may be considered a prudent response for an individual bank and is supported by much current regulation. But if many banks do this, the asset price will collapse, forcing risk-averse institutions to sell more and leading to general declines in asset prices, higher correlations and volatility across markets, spiraling losses, and collapsing liquidity. Micro-prudential behavior can cause or worsen systemic risks. A macro-prudential approach to an increase in risk is to consider systemic behavior in the management
of that risk.

A good example of this is the series of Irish repo haircuts. Microprudentially, LCH Repoclear is doing the prudent thing. It is protecting itself. But macroprudentially a systemwide increase in margin on an already distressed asset class can be undesirable. Certainly anything that makes lots of people want (or be forced to) sell at once is a bad thing. Sometimes, then, macroprudential concerns must trump microprudential ones.

I take a different line to Avinash Persaud here. He says:

Macro-prudential regulation is about encouraging different behaviour than a prudent firm would follow, wherever this prudential behaviour could undermine the financial system if followed by everyone.

For me it is more about making sure that the prudent behaviour is not necessary in the first place. Thus in the repo case if haircuts initially were bigger than it would not be as necessary to increase them.

Macroprudential regulation, then, does not take asset price bubbles and subsequent busts as a given. It attempts, albeit falteringly, to make them less likely. Constraints on leverage are part of this (and after all a repo haircut is just that – a constraint on leverage). So too are interventions into market dynamics, for instance by requiring all stock quotes to be good for a minimum of half a second (something that would dramatically lower the risk of HFT with minimal impact on lower frequency trading). A more dramatic example would be banning firms from making dramatic changes in margin or risk levels, thus forcing them to be more prudent from the beginning. It is by no means clear that this is required: we do not know enough about macroprudential regulation yet to say.But it might be and, if it is, such an intervention would mark the coming of age of macropru. It’s only a young prince so far, callow and naive, but it has the potential one day to be the king of regulation. My only fear is that microprudential regulation is playing, if not the role of evil usurper, then at least that of Falstaff.

Posted in: Risk Management by David /
Comments Off

The Psy-fi blog has a nice post on the desirability of having small errors in your risk systems to keep people alert (HT FT Alphaville). They begin by introducing the Titanic Effect:

If you’re sailing icy seas you’d generally want to keep a watchful eye open for icebergs. Unless, of course, you’re in an allegedly unsinkable ship, in which case you’d probably prefer to opt for a spot of partying and an early snooze on the poop deck instead. The craft’s designers will likely not have bothered with wasteful luxury items like lifebelts, emergency flares or lifeboats either: what would be the point?

Thus belief in safety produces behaviour which, if the belief is incorrect, is highly dangerous. A small accident, not enough to sink the ship, but enough to remind people that ships do sink, would reduce risk taking. In financial terms it means being alert to, and managing, the loss given (bad thing) as well as reducing the probability of the bad thing happening.

The Psy-fi blog suggests that

The real route to safer systems is to make sure that they’re not safe at all without human intervention: which is always true anyway, but oft-times needs positive reinforcement.

One example of a mechanism for keeping people alert I saw recently involved a procedure whereby banks had to contribute prices on a financial instrument. The common good was best served by good prices but everyone saw the average and so at the margin had no incentive to be accurate themselves. The answer was to put the outlier firms into a real trade based on their price. Thus the lowest offers and the highest bids were actually executed, in small size. The resulting losses kept banks on their toes.

Well designed stress tests can have the same effect, forcing people to look at the consequences of an event that is not foreseen by the risk system. The problem is to avoid the resulting set of controls itself being seen as safe. In truth, good risk management is often best served by a large dose of paranoia about the performance of any man-made system.

Posted in: Risk Management by David /
Comments Off

Ahmass Fakahany says according to Bloomberg:

I don’t know anyone who wouldn’t have done certain things differently in retrospect,

Now to evaluate this, you need to know that Risk Management reported to Ahmass when Merrill had its little problem in 2008, and that some people think that it was on his watch that many of the people who were most trusted in that area at Merrill moved on. So, um, given who Ahmass knew, is this really credible? I have my suspicions, dear reader, but of course I cannot know for sure… Hypothetically though it would be interesting if one of these people were to stand up and say ‘I knew Ahmass, and not only would I have done things differently, I tried to, and I was stopped…’ That might make some waves.

Posted in: Mother of all Bailouts, Risk Management by David /
4 Comments

Is all quantitative financial risk management bunk?

No. Next.

OK, I will honour this idiotic question with a more detailed reply than it deserves.

Quantiative financial risk management is not an attempt to understand the fundamental dynamics of the market. It does not pretend to model the world they way that physics does. It simply aims to provide a set of tools which are useful in managing financial risk. Risk management, as she is practiced, is like woodwork: you want a table, we’ll make you a table to fit your budget. If you’re cheap, it might not look pretty. It certainly won’t bear the weight of an elephant. But you will be able to sit around it and eat dinner.

No one believes that Black-Scholes is right, for instance. If it were, there would be a single implied vol for every strike and maturity, and that vol would not vary from day to day. But Black-Scholes is a useful tool for managing options risk. Like a good carpenter, we deal with the issues by shaving a bit off here and bashing it into shape there. The result is, 99.9% of the time, useful. Things go wrong when the results of this process are used outside their domain of applicability. Don’t try to sit a pachyderm on a charity shop* table and you won’t hear splintering sounds.

*Thrift store for my American readers.

Posted in: Derivatives, Hedging and Convexity, Model risk, Risk Management by David /
Comments Off

The Economics of Contempt has an interesting post on supervising large banks:

First, significantly expand the dedicated supervisory teams for the dealer banks that qualify as Tier 1 FHCs. It’s not enough to have a 5-10 person supervisory team for dealer banks like JPMorgan, BofA-Merrill Lynch, Morgan Stanley, etc… The supervisory team for each Tier 1 FHC needs to have at least 50 people. Again, I am deadly serious.

Second, and most importantly, at least half of the supervisory team needs to be on-site full-time.

The reasoning is a little dodgy:

The banks’ trading books turn over constantly, and given how large these trading books have become (relative to the bank’s total consolidated balance sheet), the risk profile of a dealer bank can change very rapidly.

The key word here is ‘can’. The reality is that they don’t. While the microstructure of the book changes a lot, the big risks typically stay broadly the same, even if their sizes change a little. You would be surprised how repetitive the top ten risks report is from week to week.

Broadly speaking, though, I think the economics of contempt post is on to something. What you need is not lots of supervisors though, it is well qualified, tenacious supervisors. The Epicurean Dealmaker had it right when he wrote a little while ago

It’s time for the chickens to band together and hire themselves some foxes to guard the chicken coop.

In other words, some of the supervisors need to be real, honest to goodness traders. Ones who have run big books with complex instruments in them. Not superannuated cash equities traders from second tier houses or (Lord save and protect us) people who once spent an hour and a half on the government bond options desk at Goldie – no, people who have actually have run risk. I honestly think that that would be single most effective change many supervisors could make.

Posted in: Regulation, Risk Management by David /
2 Comments

Naked Capitalism quote an article by Pimco’s global strategic adviser Richard Clarida and CEO Mohamed El-Erian in the FT. They point out that the expectations of future economic conditions are much wider than normal. From here they make two leaps, neither foolish but leaps nevertheless.

• They assume that not only are expectations more volatile, but they are fatter tailed. In other words, a normal distribution is a less good model. This may well be true, but Clarida and El-Erian don’t present any evidence for it.

• They also assume – and this is a bigger leap – that this means that actual returns will be fatter tailed. Now this seems intuitively plausible, given the degree of economic uncertainty at the moment, but it is an assumption. We could be on the edge of a low-volatility high-growth phase: this is unlikely, perhaps, but it is possible.

Let’s run with it, though, and assume the Pimco guys are right. They suggest five implications:

First, investing based on “mean reversion” will be less compelling. Even though flatter distributions with fatter tails have means, the constituency for mean reversion investing will shrink as those means will be much less often realised in practice. A world where the realised return rarely equals the expected valuation creates a bigger demand for liquid, default-free assets; it also lowers the demand for more volatile asset classes such as equities. These shifts are already taking place.

This makes sense. The problem is there just aren’t enough safe assets, and attempts to manufacture them by the private sector have proved catastrophic. One very useful thing that governments could do is to increase the supply of very low risk bonds. World Bank issued twenty and thirty year linkers in GBP, EUR, USD, CHF and JPY anyone?

Second, frequent “risk on/risk off” fluctuations in investors’ sentiment are here to stay. Investors, based on 25 years of rules of thumb that “worked” during the great moderation, thought they knew more about the distribution of risk than they in fact did.

Again, I think that this is right, but I don’t know. Andrew Haldane has produced some useful pictures of the actual return distributions during various periods before: I would love to see what distributions look like for the last year or so.

Third, tail hedging will become more important. An understandable consequence of the crisis is less trust in diversification as the sole mitigator for portfolio risk. We are already seeing increased investor interest in tail hedging, though the phenomenon is still limited to a small set of investors.

The problem is tail hedging is really difficult, as counterparty risk is a big issue in the tail. Finding the right hedge is hard enough: finding a counterparty willing to sell it to you who is sure to be around in a tail event is even more difficult.

Fourth, historical benchmarks and correlations will be challenged. In this new “unusually uncertain” world, many investors will need to fundamentally rethink the design of benchmarks and the role of asset class correlations in implementing their investment strategies. The investment industry is yet to give sufficient attention to this.

That is very true: many investors are still comfortable with correlation-based models that simply don’t work very well. Diversification is getting harder to get, and conventional wisdom about balanced portfolios is increasingly out of date.

Finally, less credit will be available to sustain leverage and high valuations. Even apart from the inevitable response to regulatory actions aimed at derisking banks, a world of flatter and fatter distributions will reduce available supply of leverage to finance trades and balance sheet expansion.

I was chatting to someone from a major investment bank yesterday about prime brokerage. Our conclusion was that it is not clear that this business makes sense at the moment, because the returns from providing leverage are simply not high enough. If we are right, then leverage costs are going to rise for hedge funds. This is certainly part of the trend Clarida and El-Erian identify. Low leverage, long tail protection, and skeptical about diversification: this is the new normal in investment management.

Update. Matthew Lynn has a related (if whimsical) take here.

Corporate bonds are a better bet than most government bonds. Would you rather have your money in Vodafone Group Plc, with millions of customers paying their mobile-phone bills every month? Or in U.K. government bonds, with a weak economy, a massive welfare bill and a budget deficit equal to more than 10 percent of gross domestic product?

Small companies are safer than blue chips. Just think of the problems that BP Plc has run into in the past few months. Giant enterprises can run into giant trouble. The smaller businesses can flourish under the radar.

Private-equity and hedge funds beat bank deposits. It was the banks that ran into trouble in the credit crunch, not the alternative-investment industry.

We don’t know precisely what will emerge as “safe” once the dust has settled on both the credit crunch and the sovereign-debt crisis. But emerging markets are safer than developed ones, equities beat property, and corporate bonds are preferable to government notes.

Now, some of those examples are foolish. But the broader idea that what is safe is changing is reasonable. The conventional wisdom will have to be updated.

Posted in: Economic Theory, Hedge Funds and Investment Management, Risk Management by David /
Comments Off

With the (justified) fuss over Repo 105, some of the earlier material in the excellent report by Anton Valukas of Jenner & Block on the Lehman failure seems to escaped much comment. Here, then, I would like to comment on the rather depressing perspective the report casts on risk management. My sources are in volume 1 of the report, and I’ll cite the starting page number of the relevant section as I go.

First the risk management failings as identified by the report:

• One of Lehman’s major  risk  controls was  stress  testing.  As Lehman’s exposure to  real  estate  and  private  equity grew, the firm did not modify its stress testing to address its evolving business strategy, so the largest risks were not stress tested, or were tested inadequately (pg. 66). 
• Lehman had a series of “risk appetite limits” that it considered the “center of its approach to risk.” Yet Lehman was repeated over both the whole firm limit and its concentration limits. It repeatedly raised the limits yet still violated the increased limits (pg. 71).
• Management’s presentations to the board about risk were limited, optimistic, and in places misleading (pg. 92, 116, 139). In particular board risk information did not include all transactions which, had they been included, would have shown the firm to be substantially in excess of its risk limit (pg. 141).
• Lehman did not even have an ALCO until July 2007, and came to realise the need to manage their daily liquidity properly only very late in the Crunch (pg. 125).
• Materials presented to the board also overstated Lehman’s liquidity position and did not mention the firm’s internal view of the problematic nature of its funding (pg. 148).
• The firm’s Risk and Finance committee was not kept informed of the results of the worst stress tests, nor were they aware of substantial changes to the risk appetite calculation (pg. 155).

As corporate governance failures relating to risk go, those are substantial.

Now the good news for Lehman execs:

The Examiner Does Not Find Colorable Claims That Lehman’s Senior Officers Breached Their Fiduciary Duty of Care by Failing to Observe Lehman’s Risk Management Policies and Procedures …

The Examiner Does Not Find Colorable Claims That Lehman’s Senior Officers Breached Their Fiduciary Duty to Inform the Board of Directors Concerning the Level of Risk Lehman Had Assumed.

This is not because they didn’t do anything wrong, but simply because the standard of proof under Delaware law is so high. Thus for instance (pg. 184)

During 2007, there were a number of instances in which management did not provide information to the Board. For example, management did not disclose its decision to exceed or disregard the various concentration limits applicable to the leveraged loan business and to the commercial real estate businesses, including especially the single transaction limit, contrary to representations to the Board that management took steps to “avoid [] over‐concentration in any one area.”

Yet because the board did not explicitly direct management to provide it with this information, management are fine. As Valukas says, Establishing a violation of the duty of candor with respect to risk management is particularly difficult.

The Directors too are off the hook: the examiner did not find Colorable Claims that they breached their Fiduciary Duty by failing to monitor risk either.

The firm left the impression that their risk controls were firm, when in fact they were advisory, and that advice was rejected. Thus for instance (emphasis mine):

Lehman’s management decided to treat the firm’s risk appetite limit as a soft limit rather than as a meaningful constraint on management’s assumption of risk.

This, it seems, is fine, at least under Delaware law. Management can behave like this and the Board can oversee it, and no one can sue when it goes wrong. That surely is one of the lessons of Lehman. If we want better risk management, then we need changes in the US regulatory framework so that when something like this happens again — as it will — someone senior goes down for it. The FSA in the UK already has such a regime, through its approved persons regime. (This was introduced after Barings, when the directors managed to successfully argue that no one was responsible for the failures of control that let Leeson bring the bank down.) The Americans need something like it – or they might as well abandon any pretence that risk management acts as significant protection for their firms.

Update. It belatedly occurs to me that Sarbanes Oxley might do the job. Does anyone know? If it does, why doesn’t Valukas think there is actionable case?

Posted in: Legal Risk and Trade Documentation, Risk Management by David /
2 Comments

Financial risk is the risk of loss. That implies that you know the current value of your portfolio. After all, saying that you might lose $10M from market moves is not that helpful if the portfolio is already worth $20M less than you think it is. Valuation, then, is absolutely fundamental to financial risk management. It is also very difficult to get right: checking the valuation of every instrument in even a moderate sized portfolio is difficult, especially if there are OTC derivatives or illiquid securities in it. So I suppose it is no real surprise that firms continue to the numbers wrong. But getting the process wrong – failing to a complete methodology for checking the valuation of the portfolio – that is fairly shocking.

It happens, though. From the Guardian:

The London branch of Toronto-Dominion Bank has been fined £7m by the Financial Services Authority for repeatedly breaching the rules governing the pricing of financial products…

The FSA found that the bank – one of the largest in Canada – had repeatedly failed to follow established procedures in ensuring that a proprietary trader’s books were independently verified, and did not have adequate controls in place that could have detected the pricing issues.

Posted in: Fair Value, Risk Management by David /
3 Comments

In typically breathless style, Zero Hedge picks up a recent survey by reported Finextra.com of quantitative analysts:

A staggering two thirds of quantitative analysts think their supervisors do not understand the work they do

Now these numbers are likely to be distorted, firstly because the survey was done by a training provider, and secondly because there is a natural tendency for people to think that their boss knows nothing. Nevertheless, the fundamental proposition that the people who manage investment banks do not understand the details of quant trading is likely to be mostly true. It can hardly be a surprise that people who have been away from mathematics for thirty years, and trading desks for ten, are not in touch with the state of the art. What is more impressive is when the managers admit this. I once spoke to a very senior investment banker at a leading bank with regulators present: he frankly admitted that he had no idea how it all worked, but that he had people who worked for him did. He then explained the controls around the business: they were comprehensive and effective. Sometimes honesty and fear of the unknown produce a positive effect.

Posted in: Organisational Culture, Risk Management by David /
Comments Off

The Epicurean Dealmaker has a post about risk and uncertainty. He makes some good points, and I want to expand on one of them, that is the respect we should have for the random nature of the markets.

Think about it like this. Mostly in finance we assume that we have the equivalent of a standard dice. That is, while we assume we don’t know what number will come up next, we think that we know the distribution of numbers perfectly. In fact the real situation is much more akin to throwing a dice where we have imperfect knowledge of what numbers are on the faces. They might be 1 to 6; but they also might be 1 to 5 with the 1 repeated; or 2 to 7; or something else entirely. Worse, the numbers are changed by the malevolent hand of chance on a regular basis. Not so often that we know nothing about the distribution, but often enough that we cannot be sure that the current market will be like the past.

Thus our risk estimates are potentially wrong for at least two reasons. We might have been wrong about the past distribution. And even if we got that right, it might be different in the future. In other words, you can’t manage risk effectively by assuming you know the distribution – to be effective, you really must assume that you don’t. Thus you don’t just want your risk to be low enough based on one model: you want it to be low enough based on all (or at least all likely) models.

Posted in: Model risk, Probability Theory, Risk Management by David /
Comments Off

Prompted by an article in the WSJ on foreclosures, I did a little research. The basic issue is to what extent banks are delaying selling foreclosed inventory, or delaying the foreclosure process, either because they do not want to realise the loss, they do not want to increase their volume of REO (real estate owned) or they do not physically have the capacity to process all the foreclosures they have. So, how long can a bank delay an auction once the property has been foreclosed? In CA at least, the answer is a year. The relevant portions of the CA state code are here, if you have tolerance for US law, and the key paragraph reads:

There may be a postponement or postponements of the sale proceedings, including a postponement upon instruction by the beneficiary to the trustee that the sale proceedings be postponed, at any time prior to the completion of the sale for any period of time not to exceed a total of 365 days from the date set forth in the notice of sale. The trustee shall postpone the sale in accordance with any of the following:

1. Upon the order of any court of competent jurisdiction.
2. If stayed by operation of law.
3. By mutual agreement, whether oral or in writing, of any
   trustor and any beneficiary or any mortgagor and any mortgagee.
4. At the discretion of the trustee.

So we are in a situation where property is dripping out of the bottom of the bucket through foreclosure sales, property is entering the bucket through delinquencies turning into foreclosures, and property cannot stay in the bucket for more than a year, ordinarily. This is clearly going to lengthen the duration of the real estate downturn, at least until the bucket starts to empty. Clearly it is in banks’ economic interest to get this done, but I wonder whether they have the capacity to sell at a much faster rate than they are doing now, or whether the market in parts of California, Nevada, Florida and Illinois will support that volume of sales.

Update. Foreclosure volumes are rising fast in CA: 1,300 a day are now being executed according to the LA Times, or more than three times the rate of a year ago. I’d really like to see a detailed industry wide analysis of the levels and trends in delinquencies of various ages, foreclosures, and REO to get a sense of how full the bucket is. My sense is that the banks are effectively long rather more property than they would have us believe but pinning this down is difficult.

Another update. Further background is here (an LA Times update) and here (a discussion by Sacramento Real Estate Statistics of a Deutsche research report on Shadow Inventory).

Posted in: Mortgages, Risk Management by David /
Comments Off

Finally my book, Understanding Risk: The Theory and Practice of Financial Risk Management has appeared. Here’s a link for the book’s entry on amazon.

The contents are as follows:

Part One: Risk Management and the Behaviour of Products

Chapter 1 Markets, Risks, and Risk Management in Context
1.1 Financial Markets Overview
1.2 Trading and Market Behaviour
1.3 Basic Ideas in Risk Management
1.4 Culture and Organisation
1.5 Some External Constraints

Chapter 2 Derivatives and Quantitative Market Risk Management
2.1 Returns, Options, Sensitivities
2.2 Portfolios and Risk Aggregation
2.3 Understanding the Behaviour of Derivatives
2.4 Interest Rate Derivatives and Yield Curve Models
2.5 Single Name Credit Derivatives
2.6 Valuation, Hedging and Model Risk

Part Two: Economic and Regulatory Capital Models

Chapter 3 Capital: Motivation and Provision
3.1 Motivations for Capital
3.2 Capital Instrument Features
3.3 Regulatory Capital Provision

Chapter 4 Market Risk Capital Models
4.1 General Market Risk Capital Models
4.2 Some Limitations to and Extensions of Value At Risk Models
4.3 Risk Systems and Risk Data

Chapter 5 Credit Risk and Credit Risk Capital Models
5.1 The Banking Book: Introducing the Products and the Risks
5.2 Credit Risk for Small Numbers of Obligators
5.3 An Introduction to Tranching and Portfolio Credit Derivatives
5.4 Credit Portfolio Risk Management
5.5 Political and Country Risk

Chapter 6 Operational Risk and Further Topics in Capital Estimation
6.1 An Introduction to Operational Risk
6.2 The Tails and Operational Risk Modelling
6.3 Allocating Capital and Other Risks

Chapter 7 Bank Regulation and Capital Requirements
7.1 Regulatory Capital and the Basel Accords
7.2 Basel II: Beyond the capital rules

Part Three: Treasury and Liquidity Risks

Chapter 8 The Treasury and Asset/Liability Management
8.1 An Introduction to Asset/Liability Management
8.2 Banking Book Income and Funding the Bank
8.3 ALM in Practice
8.4 Trading Book ALM

Chapter 9 Liquidity Risk Management
9.1 The Liquidity of Securities and Deposits
9.2 Liquidity Management
9.3 Contingent Liquidity and Contingent Funding
9.4 Stresses of Liquidity

Part Four: Some Trading Businesses and their Challenges

Chapter 10 An Introduction to Structured Finance
10.1 Contractual Relations
10.2 Asset Backed Securities
10.3 Securitisation Structures and Technology

Chapter 11 Novel Asset Classes, Basket Products, and Cross Asset Trading
11.1 Inflation-linked Products
11.2 Equity Basket Products
11.3 Convertible Bonds
11.4 Equity/Credit Trading
11.5 New Products

Posted in: Publications, Risk Management by David /
2 Comments

Faced with that title, the experienced reader will immediately say ‘it depends what you mean by safety’. Let’s start with a seemingly innocuous proposition: ‘if you can make something safer at no or little cost, you should’. One potential counterexample here is bicycle helmets. While the evidence is by no means definitive, it does suggest that making people wear helmets makes cycling less safe. What seems to happen is that people feel safer when wearing a helmet and hence take more risks. They are not that much safer, so the extra risks they take introduce more risk than the helmets remove. It may well be the case that helmets make bike accidents involving banging the head safer, but they make accidents in general more likely, it seems. In short requiring their use involves risk transformation rather than risk reduction.

Another good example is safety glass. Some forms of safety glass (as I have recently found out) don’t shatter: a sheet is in fact composed of two pieces of glass bonded either side of a transparent but tough plastic film, so even if the individual glass sheets break, they remain bonded to the plastic. That’s all very well if you want to avoid glass shards flying all over the place in the event of a breakage. But it does mean when you want to remove the glass you can’t just cover the area with some material to pick up the shards then smash it: you actually have to cut the sheet out of the frame. This is a much more dangerous job than removing ordinary glass as a number of small cuts on my fingers testify. Very minor injuries aside, though, what is interesting is that something that was created as a safety feature actually turns out to increase risk in certain situations. A good question therefore in designing any kind of safety mechanism – in mechanisms, electronics, software, finance or regulation – is:

When might the behaviour we think is unsafe actually be useful? And what will happen then if the safety mechanism prevents it?

One might even argue that collateral is functioning that way at the moment. Clearly in ordinary conditions, calling collateral reduces risk. But if the failure to post collateral actually pushes your counterparty into default, as happened to Carlyle Capital Corp, it might not be such a good idea after all. And, as JPMorganChase recently pointed out, the banking system is currently facing a systemic margin call. Hmmm….

Posted in: Risk Management, Rules, Worst case scenarios by David /
Comments Off

The Senior Supervisors Group recent document, Observations on Risk Management Practices during the Recent Market Turbulence is a more interesting read than the Financial Stability Forum interim report not least because it compares leading firms who have come through recent events relatively unscathed with those that suffered some of the largest impacts.

Some of the highlight follow, with my emphasis. First the SSG identifies four firm-wide risk management practices that differentiated performance:

Through robust dialogue among members of the senior management team (including the chief executive officer, the chief risk officer, and others at that level), business line risk owners, and control functions, firms that performed well through year-end 2007 generally shared quantitative and qualitative [risk] information more effectively across the organization.

This is pure risk culture. Firms which keep risk data to the high priesthood of risk management and a few senior business leaders are not using as much of the brainpower of their organisation as they could. Further, this kind of culture tends to go with authoritarian, vertical management styles which makes it much harder to discuss issues openly and honestly.

At firms that performed better in late 2007, management had established, before the turmoil began, rigorous internal processes requiring critical judgment and discipline in the valuation of holdings of complex or potentially illiquid securities. These firms were skeptical of rating agencies’ assessments of complex structured credit securities and consequently had developed in-house expertise to conduct independent assessments of the credit quality of assets underlying the complex securities to help value their exposures appropriately. Finally, when they reached decisions on values, they sought to use those values consistently across the firm, including for their own and their counterparties’ positions. Subsequent to the onset of the turmoil, these firms were also more likely to test their valuation estimates by selling a small percentage of relevant assets to observe a price or by looking for other clues, such as disputes over the value of collateral, to assess the accuracy of their valuations of the same or similar assets.

Clearly anyone trading complex securities should have independent expertise to value them. Equally clearly once they have been valued, that value should be used consistenly throughout the firm. What’s shocking here is that some leading firms – this survey comprises eleven of the largest banks – did not have these basic control processes in place.

Those firms that avoided more significant problems through our year-end review period aligned treasury functions more closely with risk management processes, incorporating information from all businesses in global liquidity planning, including actual and contingent liquidity risk. These firms had created internal pricing mechanisms that provided incentives for individual business lines to control activities that might otherwise lead to significant balance sheet growth or unexpected reductions in capital. In particular, these firms had charged business lines appropriately for building contingent liquidity exposures to reflect the cost of obtaining liquidity in a more difficult market environment.

It so often comes down to incentive structures doesn’t it? If you charge businesses for actual and contingent liquidity, including writing liquidity lines to conduits, then they will make sure the firm is paid enough for these structures. If you don’t, they will be pretty much given away.

Firms that tended to avoid significant challenges through year-end 2007 typically had management information systems that assess risk positions using a number of tools that draw on differing underlying assumptions. Generally, management at the better performing firms had more adaptive (rather than static) risk measurement processes and systems that could rapidly alter underlying assumptions in risk measures to reflect current circumstances. They could quickly vary assumptions regarding characteristics such as asset correlations in risk measures and could customize forward-looking scenario analyses to incorporate management’s best sense of changing market conditions. Most importantly, managers at better performing firms relied on a wide range of measures of risk, sometimes including notional amounts of gross and net positions as well as profit and loss reporting, to gather more information and different perspectives on the same exposures. Moreover, they effectively balanced the use of quantitative rigor with qualitative assessments.

This is very interesting. If you have different tools with different assumptions, you have a reasonable handle on model risk. If you have one system, or multiple systems which all use the same assumptions, then you don’t. Flexible systems are clearly important, but perhaps even more significant is the mindset of looking at risk in different ways, and being sceptical about the results of any one analysis.

The report then goes on to look at three business lines where varying practices produced different outcomes. The first, unsurprisingly, is CDO structuring, warehousing, and trading businesses. Here the key issue was whether

Internal incentives were missing or inadequately calibrated to the true risk of the exposures to the super-senior tranches of CDOs.

To be fair, I doubt anyone really got this right. What may have happened, though, is that positions that were originally acquired with the intention of selling them on became prop positions when they couldn’t be sold at the mark rather than being written down until they did sell.

Next, syndication of leveraged financing loans:

Some firms worked aggressively to defend or expand market share in the syndication of leveraged financing loans, and many of those that later faced challenges in this business did not properly account for the price risk inherent in the syndicated leveraged lending pipelines.

Buying business is fine. But if you are going to pay for league table position, then at least know how much you paid for it.

Finally in conduit and SIV business we find:

Several firms did not properly recognize or control for the contingent liquidity risk in their conduit businesses or recognize the reputational risks associated with the SIV business.

For me the interesting part here is the reputational incentive. All the accounting and regulatory arguments that got these assets off balance sheet depending on the risk really passing to SIV and conduit investors. Firms that recognised that their reputational risk tolerance meant that this risk really had not been transferred clearly did better than those that pretended that the accounting and regulation followed the reality.

Posted in: Organisational Structure, Ratings, Regulation, Risk Management by David /
Comments Off

The financial stability forum working group on the crash has produced an interim report. It is an insightful document as it gives some clues about the regulator’s thinking (and lack thereof). I will focus on the suggested areas of action at the back of the document: the first part discusses the causes of the crash, and that is rather old ground.

1. Supervisory framework and oversight
Capital arrangements: A resilient framework for capital requirements is central to creating appropriate capital buffers in the system and the right incentives for risk management. The implementation of Basel II, and the use of its three reinforcing pillars, is an important step to achieve this.

I read that with a heavy heart. Basel II is fatally flawed, as a number of authors have demonstrated, and just pressing on with it is tantamount to fiddling with Rome burns.

The Basel Committee will take account of the lessons from recent events and assess whether refinements to the Basel II framework are needed, including with respect to the calibration of certain aspects of the securitisation framework.

It is not just the securitisation framework. It is the entire philosophy behind and calibration of the accord. Remember that residential mortgages were one of the bigger winners in Basel II. Remember that ratings are central. Remember the bizarre behaviour of the IRB formula. The supervisors need to start again.

The turmoil has demonstrated the need for larger and more robust liquidity buffers and an internationally shared view among supervisors on sound liquidity risk management guidelines.

How about capital for liquidity risk? Or if the regulators are not willing to go that far, they will at least have to say what they mean by an adequate liquidity buffer. How would you work out how much is enough?

Firms’ managements need to act proactively in response to stress test results.

This is the hardest thing for a supervisor – forcing firms to conduct stress tests is easy. Forcing them to respond to the results of them is much harder. How exactly are they going to require firms to act without taking over management’s role?

Off-balance sheet activities: Basel II strengthens incentives in the financial system to manage risks appropriately and will reduce the regulatory arbitrage that generated large off-balance-sheet risk exposures.

Basel II just creates different regulatory arbitrages, at least as currently drafted. Putting a cap on the benefit from any securitisation would be easy first step towards removing those, but the suspicion is that the supervisors are mired in attempts to revise the already complex language of Basel II without seeing the bigger picture. Off balance sheet vehicles are fine provided they are genuinely off balance sheet and there is no implicit support. The problem is that supervisors currently have a set of rules which is penal with regard to genuine risk transfer and laughably generous with regard to sham transfer. Until they can figure out which is which any attempt to revise the rules is likely to damage perfectly reasonable trades.

2. Underpinnings of the originate-to-distribute model
The underpinnings of the OTD model – including origination and underwriting standards, transparency at each stage of the securitisation process, the role and uses of credit ratings – need to be strengthened. [...]

This paragraph is motherhood-and-apple-pie. Pious hope may be necessary, but so are concrete proposals.

3. The uses and role of credit ratings
Investors, many of whom have relied inappropriately on ratings in making investment decisions, must obtain the information needed to exercise due diligence.

Investment guidelines should recognise the uncertainty around ratings an differentiate products according to their risk characteristics.

Yes, but you don’t regulate many of the investors, so while this is true it does not amount to a mug of beans.

CRAs must clarify and augment the information they provide to investors on structured finance products. They should ensure that uncertainties surrounding their models and rating methodologies are made transparent. We welcome that CRAs are considering differentiating ratings of such products from corporate ratings. [...]

That is a reasonable idea but it is hard to see how to standardise model risk disclosure. The concern will be that these disclosures will turn out to be boilerplate text rather than a real attempt to analyse the sensitivity of a securities’ value to the choice of model.

CRAs need to take adequate steps to address concerns about potential conflicts of interest, including concerns about their remuneration models.

Clearly. That bullet is going to be very difficult for the agencies to dodge.

4. Market transparency
Financial institutions need to improve the usability of disclosed information about risk exposures and valuations, including those related to structured products and off-balance sheet vehicles

Again, the industry has proved adept at making disclosures that meet the required standards but don’t actually disclose much useful information. Just look at the memo accounts for any big investment banks. So while one can sympathise with the idea of more transparency, it will need very careful management to be effective.

Further improvements are needed in firms’ valuation methodologies and in the data that they use as inputs to their valuation processes, in particular when markets are illiquid.

You can’t improve the view in a mist. Valuation in the presence of size issue, liquidity issues, or model risk is inherently uncertain. Instead the users of financial statements need to be aware of that uncertainty, and we need to develop ways of quantifying it.

5. Supervisory and regulatory responsiveness to risks
Supervisors, central banks and financial authorities – individually and collectively – need to become more effective in translating risk analysis into action.

The point above applies. It is easy to say this. What are you going to do to make sure that this action actually happens?

6. Authorities’ ability to respond to crises
Central banks’ operational frameworks must be able to supply liquidity effectively when markets and institutions are under stress. Central banks are actively investigating what lessons they can draw from recent experiences for their operational frameworks, including the capacity to provide liquidity broadly and flexibly under stressed conditions, for their communication with markets, and for the steps that might be advisable across central banks to address liquidity needs in globalised financial markets.

All of this is a little depressing. It feels as if the FSF is flailing around at roughly the level of an undergraduate seminar. We are going to need more than a bit of disclosure, a wider range of collateral at the window, and management promising on the life of their favourite pet that honestly they will take action if risk gets too big to get us out of this mess.

Update. The FT uses the FSF paper as a launchpad to discuss the broader lessons of the crunch here. Meanwhile Larry Elliott in the Guardian makes the interesting point that the FED, the ECB and the Bank cannot all be right about rates. I might get to that on Wednesday.

Posted in: Basel, Liquidity and liquidity risk, Regulation, Risk Management by David /
1 Comment