Risk Management, PRMIA

It will be instructive to first define "Macro-prudential policy" (since I certainly didn't fully understand what this meant until a short while ago when I was buried in weighty tomes on systemic risk!). Regulation has hitherto been focused on individual institutions - a good example being the Basel II accord that was focused on individual banks. This is Micro-prudential policy. The goal of these regulations is to ensure the viability and solvency of the regulated institution.

Unfortunately the credit crisis that culminated in 2008 showed how ineffective micro-prudential policy alone can be as a regulatory instrument. The problem is that with the increasing complexity of the financial system, it is no longer possible to get a clear picture of an institution's risks (and therefore ensure its solvency) simply by looking at that institution's exposures. As an example, all banks who had considered themselves hedged against sub-prime CDOs by purchasing insurance from AIG suddenly found themselves naked when AIG was threatened with bankruptcy. A risk manager at one of these banks would have no way of knowing how unstable AIG had really become (and therefore had no chance to manage his counter-party risk to his insurer) without understanding the complete scope of AIG's operations. Of course he would have little opportunity to do this since he would have needed transparency into AIG's book of business (or fallback on the traditional approach of listening for scuttlebutt on the street). The solution is for regulators to not only study what makes a particular institution vulnerable due to it's own activity, but also its vulnerabilities due to its connections to other institutions. This is a new and hitherto unprecedented level of analysis of the financial network, and the regulation stemming from it, is referred to as Macro-prudential policy (while the paper itself does not hyphenate the word I like it this way - it's too long and unwieldy otherwise).

The paper is long and interesting (at least if you are into this sort of thing) - a highly profitable read. I won't steal it's thunder by summarizing it all, but will point out a few highlights:

• Financial risk is basically caused by 2 factors - increased leverage (i.e. too little capital and too much borrowing) and maturity mismatches (using short-term borrowing to hold long-term, illiquid assets).
  
• These risks can become systemic in one of two ways: a) The aggregate level of these risks in the financial system is unreasonably large or b) the risks become concentrated in a few, systemically important (aka "too-big-to-fail") financial institutions
• Managing systemic risk therefore becomes an exercise in managing these 4 factors.
  
• Aggregate risk can be managed by what's called "Counter-cyclical policy" - forcing Financial Institutions to build up overly generous reserves during the good times so that they can release these reserves during the bust - this ensures a dampening of credit during a financial boom and (crucially) a freeing up of credit during the bust so that the wider economy is not adversely affected. The suggestion of the author is to add capital surcharges (i.e. extra charges on capital) to every institution's existing regulatory capital that are based on that institution's exposure to "over-heated" businesses (e.g. residential mortgages).
  
• To manage network risk, the proposal is to increase the capital of an institution based on a judgment of it's size as well as connectivity to other institutions.
  
• The paper then discusses ways to make all this work the real world. Given the scale and diversity of the global financial system, it would be unrealistic to assume that a set of rigid rules would be able to address all the potential ways in which the system could get into trouble - it's clear that discretion and expert judgment are critical to the success of such regulation. Unfortunately expert judgment can fall prey to a number of difficulties - charges of inconsistency and favoritism, for example (think Lehman Brothers vs. Bear Stearns) So discretion must be done transparently.
• Finally there are the problems of logistics to address. Which institutions to cover? Just "deposit-taking institutions" aka commercial banks? Do we include Investment banks and hedge funds as well, since these can these can take over the role of banks in a form of regulatory arbitrage? How do we regulate international institutions - which raises the crucial issue of home-host regulation? And finally, do we have the data required to do the required analysis? 

I have not done justice to it's 37 pages with these highlights and highly recommend that you read the original. The purpose of this brief summary is to allow me to examine some of the technology issues raised by the proposals.

First, it's clear that the proposal will need a wider and more granular set of data than regulators currently receive from banks. The systemic and interconnected nature of such analysis also makes it very important to have clean and consistent data, especially when data will be submitted at a granular level (for example, the repo exposures to each counterparty by collateral type). Initiatives that have troubled the financial industry for a while - having a clean and uptodate list of counter-parties and their hierarchies for example - will become crucial under this new framework. By far the biggest technical hurdle is going to be the need to have all submitting financial institutions upto a minimum standard of data - this will mean ensuring that broad data management principles are disseminated across all these companies. This brings up the issue of scope noted earlier - if the scope is larger and covers hedge funds and other vehicles the issue of uneven technical capability across the regulated base will need to be addressed.

The need for discretion in regulation leads to the other technology implication. In such a situation, transparency becomes crucial. This means that not only must the decisions themselves be well-documented, but the way in which a particular decision was arrived at (such as the decision to apply a systemic risk surcharge to a particular product such as commercial mortgages) must be well-documented as well. This implies an advanced capability for visualization and ad-hoc analysis of detailed data.

In this context I will briefly mention the proposal to set up the National Institute of Finance (see the website of the Committee to Establish the National Institution of Finance or CE-NIF for short). Full disclosure - I have recently started working with this august group - because I find it's goals and methods particularly laudable. The CE-NIF is an entirely volunteer effort. One of its most positive aspects is that volunteers have signed up not only from the regulatory community but also the financial community. In my opinion, this is crucial if we are to have an effective regulatory regime. An effort that is only government-led runs the distinct risk of being heavy-handed or ineffective or both (remember Sarbanes-Oxley?). Check out the CE-NIF website for more information.

As promised, here are links to a couple of other documents I've been reading on systemic risk:

1) The Warwick Commission on International Financial Reform [pdf]
2) Rethinking the Financial Network by Andrew Haldane [pdf]

Before I go, I would like to thank the readers who were kind enough to leave encouraging and positive comments. It's amazing how far such comments can go in boosting one's motivation to produce more postings. My busy working schedule prevents me from posting more articles than I currently do, but the one promise I made myself when I started this is that I would only write a post when I had something worth saying. I'm glad it's working.