Systemic risk is on everyone's agenda and was at the center of the agenda at the Group of 20 summit in London.
Ideas are floating about — a European Union risk supervisor; the U.K. Financial Services Authority's "college of supervisors"; Treasury Secretary Timothy Geithner's call for a single independent regulator with responsibility over systemically important firms and critical payment and settlement systems; Securities and Exchange Commission Chairman Mary Shapiro's call for a "college of regulators."
These echo back to concerns heard 35 years ago, when Germany's Herstatt Bank failed. Then the world was confronted with systemic risk: failed currency transactions between counterparties across different time zones. The prescriptions for change then — more transparency, more capital, harmonized regulations, centralized clearing and standards of good conduct and technology — are still the correct solutions today.
The problem, then and now, is getting beyond regulators' policy statements and framework declarations to detail implementations, and doing it more quickly than in the past.
The solution back then took advantage of the 1973 launch of a global communications system, the Society for Worldwide Interbank Financial Transactions, and the creation of the continuous linked settlement platform launched in 2002, almost 30 years later. Today the Swift-CLS structure is still the one and only global clearing mechanism, even though most capital and contract market transactions are global.
The Herstatt event spawned another global institution, the Group of 10, an association of economically advanced countries. This group (which has evolved into the Group of 20) formed the Basel Committee on Banking Supervision under the Bank for International Settlements, the same committee that oversees the global capital standard known as Basel II.
The capital regime fostered by Basel II is under fire today but effectively illustrates that a single regulatory standard for financial risk can be applied across diverse national financial systems, even though the implementation itself has fallen short, left to each country's self-imposed schedule and specific methods.
Regulators have been forced for too long to rely heavily on moral suasion to get market participants to strengthen risk practices and adhere to best practices. What is good for the industry overall confronts issues of competitive disadvantage and a "what's in it for me" mindset.
The elimination of systemic risk can no longer be left wanting as industry members move at their own pace and with their own agendas.
Having been put on notice 35 years ago, why are we again dealing with systemic risk as a global issue? And why are we still at the same point of appointing a systemic regulator and considering the institutions needed to mitigate such risk?
It is because the Basel global capital standard was only one piece of the puzzle, always intended to exist within an overall framework that includes a financial enterprise's risk culture, risk-adjusted performance and incentive methods, along with an integrated enterprisewide risk management system. We did not get far along on this path when the industry fell over. Regulators expected that provisioning capital for extreme loss events would sustain banks in periods of stress and prevent them from failing.
Now, in the midst of this financial crisis, perhaps a more appropriate view of capital is that it is the ruler by which an organization counts down to failure, not the system that proactively prevents it.
What offers a bank the greatest protection against failure, if it isn't capital? Quite simply, it is the risk culture embedded in its people and processes, along with the early warning systems that highlight growing exposures to risk.
Here, the Basel regulations designated for such things as model risk, fraud, control weaknesses, faulty product structures, process and control risk, inappropriate sales to counterparties, incentive compensation, and myriad other business-level details were left to be implemented last. They were actually pushed backed by the industry's leading risk managers, with complacency of their managers and regulators.
And what about the call for more systemic risk mitigation through centralized clearing in the form of central counterparties for over-the-counter derivatives? This was the mechanism that was adapted by so many other transaction markets to prevent a financial crisis. Now, belatedly, it is being accepted as an appropriate mechanism for the derivatives — not that it wasn't offered up by the Commodity Futures Trading Commission 10 years before.
Also entered into this debate is change within firms themselves, requiring that systematically important firms be able to aggregate counterparty risk exposures on an enterprisewide basis within a matter of hours, as Secretary Geithner has suggested. Here, too, the industry has failed to join together to develop common identifying data standards for product and business entities — a precursor to the proposed near-real-time risk identification and aggregation of counterparty exposure.
In the end, it may well be the will and determination of the systemic risk regulator to prescribe change and oversee its implementation in a time frame closer to today's real-time business, rather than the decades it has taken in past attempts.
