If a camel is a cow designed by a committee, then "Camels" is clearly a product of bank regulatory design.
The proposed new bank ratings system could change financial industry management practices greatly, in ways not made clear in the Federal Financial Institutions Examination Council proposal.
The "S" in Camels stands for "sensitivity." Building on the risk- management examination guidelines issued earlier this year by the Federal Reserve and the Office of the Comptroller of the Currency, the new system formally incorporates an evaluation of a bank's or a thrift's ability to manage interest rate risk and any other risks to which the company may fall heir.
At the same time, the proposal makes significant changes to the "M" for "management," replacing the current requirement that managers ensure compliance with all relevant laws with a far broader mandate: that managers accept as their first responsibility the duty to understand and control risk.
Finally, the guidelines spell out the specific risks that affect all the other letters in Camels, outlining the way regulators will evaluate risk management for each.
In general, this shift to a broader and more modern method of evaluating a bank's condition is praiseworthy. In the last year or so, the financial industry and its regulators have learned some hard lessons about the importance of risk management and the devilish quick way that failures in this area can endanger even the largest banks.
The Camels system should help big banks incorporate risk management into their many evolving lines of business, while insulating small institutions from complacency that their more traditional activities bear no new risks.
However laudable, though, the proposal also raises some big questions about the complex process of managing complicated risks.
The proposal would require examiners to evaluate a thrift's or bank's vulnerability to an array of market and other risks, several of which are new in the official panoply of exposures. Defining and analyzing several of these risks - especially in nontraditional businesses - and then building a risk management system that passes regulatory muster will be a major challenge for many financial institutions.
Possibly because it is the risk on which regulatory work is the furthest along, interest rate risk is the area mentioned in greatest detail in the Camels proposal. Building on the earlier interagency guidelines, the Examination Council proposal makes clear that all banks and thrifts will need to demonstrate their ability to manage interest rate risk through both quantitative and qualitative - that is, managerial - systems.
The proposal also mentions another area of risk already highlighted in proposed guidelines to assess new capital charges on various types of "market" risk.
Market risk covers such areas as portfolio pricing changes due to market swings and changes in foreign-exchange values. The quantitative systems mandated by the market risk capital standards will apply only to the largest banks active in complex capital markets. Even small banks, however, will need to pay close heed to the qualitative risk management rules embodied now in the "sensitivity" portion of the Camels rating if they engage in any real trading or derivatives activities.
However new interest rate and market risks may be, they will look traditional beside several of the other risks the examiners will now consider. The proposal adds operational, reputational, strategic, and compliance risks to those that banks must carefully manage. Most institutions, one is sure, would be delighted to do so, but it would help immeasurably if the Examination Council in its final rule explains precisely what these terms mean.
Operational risk is reasonably well understood because it is already under extensive discussion. The Basel multilateral supervisory committee is working on operational risk-based capital rules like the interest rate risk and market standard, and this process has brought the concept into general circulation. In general, operational risk covers such problems as systems malfunction, settlement interruptions, and similar problems.
Unlike operations risk, "reputational" risk is a relatively new concept. Although referenced in the earlier agency risk-management examination guidelines, the concept is still imprecise. It is clearly intended to cover situations in which, for example, the sale of an unsuitable or inappropriate investment product damages a bank's reputation to the point that it is forced to make customers whole, pay large legal penalties, or absorb other costs that undermine the institution's solvency.
The way the agencies examine for reputational-risk controls in the new Camels environment will have a particularly important impact on banks actively engaged in the sale of nontraditional products, like insurance and mutual funds.
The Camels proposal also adds "compliance" risk to the list that institutions will need to manage. This is an even more elusive concept than reputational risk. Presumably, it is intended to cover situations in which, for example, the failure of a Bank Secrecy Act compliance effort leads to money-laundering problems, with big fines and other resulting costs. Fair- lending or even employment practices that could - in some regulators' eyes at least - create risk presumably also fall into this category.
Although it's not yet clear what the "compliance risk" factor means, it surely means that bank management - already required to ensure compliance with all relevant laws - will now also need to take an even more aggressive role in understanding, supervising, and containing any compliance problems.
The concept of "strategic" risk is even more elusive. Like compliance risk, it sounds like something regulators either were or should have been monitoring for eons. Strategic risk, presumably, means situations in which bankers want, literally, to bet the bank in an acquisition, investment, or new venture. Designing systems against stupidity may be the toughest task confronting the regulators in this new Camels environment, but it is undoubtedly a worthy cause.
Although one might raise questions like those above about some of the risks to be managed in the Camels environment, one cannot quarrel with the larger directive that they should, indeed, be managed. As case after case has demonstrated, the human factor is the critical determinant of the quality of risk management. All of the best systems and thickest manuals and most detailed audits matter little if their results are ignored, falsified, or misunderstood.
The Camels proposal, like the earlier risk management guidelines and capital standards, stresses "qualitative" risk management without providing a great deal of detail on it. Independence and auditing are the most heavily stressed elements of the management side of the new supervisory standards, but these concepts will clearly need to be developed and expanded into a meaningful structure for the many very different types of institutions that will, in the future, be governed by the new system.
Although a very' constructive change in bank regulatory practice, the Camels system will initially raise as many problems as it solves. It will call on auditors to become management consultants, directors to understand complex financial instruments, management to take criticism and accept independent judgments, traders to live by limits, and - most important - regulators to know when to stop. Risk is, after all, what financial institutions are about. If they take no risks, they garner no profits.
Ms. Petrou is president of ISD/Shaw Inc., a Washington-based financial institutions consulting firm.
