‘Start With Why’ and the Value of Risk Management in Financial Services

A conversation with a friend about a book called ‘Start with Why’ helped me to put some order to my thoughts about the value of risk management. 

At one level the question of ‘why risk management’ can be answered by saying that it adds value to the business in the medium to long term. 

This is not a rhetorical question given the sums of money and senior management time that are being devoted (or is it diverted?) to risk management.

But, how can we identify the value of risk management? 

This is not a simple question.  I believe that there are two broad aspects to consider to answer this question.  Firstly, it is about identifying the right objective.  Secondly, it is about evidencing that pursuing the objective of risk management generates value. 

I intend to cover these issues in future posts from the perspective of financial services.  It will also be interesting to hear your thoughts and evidence about the value of risk management.

If you found this post interesting, you can subscribe to future posts at http://crescendo-erm.blogspot.co.uk and receive them by email; you will need to provide an email address and then confirm the subscription; your email address will not be shared.  Alternatively, you can choose "follow" Isaac Alfon in the relevant LinkedIn group.

The Map and The Territory - Alan Greenspan Book

The latest issue of the Central Banking Journal includes my review of the latest book from Alan Greenspan.  It is an interesting book with insights about economics and about the man.  You can read the review here or below.

Book review of ‘The Map and The Territory. Risk, Human Nature and the Future of Forecasting’ by Alan Greenspan, Allen Lane, 2013

‘The Map and the Territory’ is an enigmatic title for a book written by a former Chairman of the US Federal Reserve, which also seeks to cover ‘risk, human nature and the future of forecasting’.  I set out to review the book thinking how long it will take me to understand the rationale for the title. 

The introduction made an impression.  A reasonable acknowledgement that economic forecasting failed in the lead up to the crisis and of the need “to understand how we all got it so wrong”.  I use the word ‘reasonable’ judiciously.  Given the author’s position as Chairman of the US Federal Reserve before the crisis, I was not expecting an acknowledgement that the Fed or the US authorities fell asleep under Greenspan’s watch so “we all got it so wrong” – my emphasis.   Equally, I am not sure if other central bankers have acknowledged that much.  The assessment is usually about bankers going bonkers. 

One of the issues that Greenspan tackles in the book is the extent to which it is appropriate to rely on rationality assumptions for forecasting economic behaviour.   One of the challenges that Greenspan identifies for forecasters is that behavioural responses are unlikely to be symmetric.  For example, the collapse of asset prices would be sharp and, probably, deep while recovery would be gradual.  Overall, Greenspan concludes that economic behaviour is not random and that most economic choices are stable over the long run.  In his own words, ‘we are driven by a whole array of propensities ... but, ultimately, our intuitions are subject to reasoned confirmation.’

This does not mean that errors would not occur.  Greenspan singles out the secular underestimation of tail risks based on the last quarter century of observations.   As for the ability to eradicate those propensities that can give rise to the tail risks, Greenspan dryly note that ‘there was no irrational exuberance in the Soviet Union and none in today’s North Korea’.

It is difficult not to read the book seeking to understand the man – the musician, the economist (or is he a forecaster), the businessman and the economic technician.   Greenspan uses the term economist and forecaster in ways that seem fully synonyms.  I can only wonder how many people in his position would see things that way.  Typically, I guess they don’t but I found it an honest recognition of the main economic role of leading a central bank. 

For Greenspan, there is also small gap between the forecaster and the businessman.  His business, Townsend-Greenspan & Co, was industry forecasting so he had to delve into the details of markets such as oil, natural gas, coal, pharmaceuticals.  I remember learning about price elasticity of demand and about the challenge of estimating it.  As I recall it, the example that Samuelson’s textbook mentioned was the elasticity of the global demand for oil.  Here is someone who saw that challenge from the first row.  Greenspan admits getting his estimates about the oil consumption after the rapid escalation of oil prices in 1973 off the mark.

The interest in the detail of the economic forecaster is evident through the book.  There is a fair amount of slicing and dicing of US statistics to understand the underlying reality.  I was particularly interested on (I believe) his development of an indicator of a time series of maturity of GDP and his use to measure the degree of risk aversion in the economy.  Another example that caught my attention was the use of patent data to measure productivity.  The examples could be particularly useful to any Central Bank analyst looking for innovative ways to analyse the economy.

In terms of banking regulation, Greenspan acknowledges – not surprisingly – that regulatory capital requirements were too low before the crisis.   His analysis suggests an increase of regulatory capital from 10% before the crisis in terms of book value to 13% and 14% in 2015.  Greenspan is also clear that designating banks as “systemic” is simply enhancing their ability to fund themselves at a lower cost.  Greenspan quotes IMF estimates of 40 to 80 basis points funding advantage, which, as he also points out, is a significant advantage in a competitive financial market.

The books also looks beyond financial regulation to wider economic issues around productivity and the rise of entitlements culture, which makes for an interesting reading.  I would recommend it to post-graduates that want to develop an appreciation of the breadth of economic thinking and analytical skills that can be accumulated over a lifetime, even if you do not necessarily share every idea or conclusion.

As I completed reading the book, I still had not found an explanation for the rationale of the ‘map and the territory’.  I had a few hypotheses but nothing.  I was worried that I might have missed something fundamental about the book.   I was reassured to find references to maps in the inside cover of the book. 

If you found this post interesting, you can subscribe to future posts at http://crescendo-erm.blogspot.co.uk and receive them by email; you will need to provide an email address and then confirm the subscription; your email address will not be shared.  Alternatively, you can choose "follow" Isaac Alfon in the relevant LinkedIn group.

The Godfather of Freakonomics has passed away

Last week it was announced that Gary Becker had passed away.  He formulated his economic career around the application of the tools of economic analysis to broader social issues like human capital, crime, racial discrimination and family.  This wider application of economic analysis makes him the godfather of Freakonomics.  As a recognition for his research contribution, he received the Nobel Prize in Economics in 1992.

Becker’s Nobel lecture provides a good overview of his work and how he extended the traditional analysis of individual rational choice by incorporating a much richer class of attitudes, preferences, and calculations.  In this lecture, he also shared his inspiration to apply the tools of economic analysis to crime.  He was driving to an examination and was late.   He realised that to arrive on time, he would need to park his car and risk a parking fine.  He knew that enforcement was patchy so there was a chance of not getting a fine.   He made a decision to risk a fine.  The private benefits exceeded the costs!     

Understanding these cost-benefit considerations and non-market interactions matters to economic and social policy.   As he aptly said in one of the speeches at the Nobel Prize award:  “the widespread poverty, misery and crises in many parts of the world, much of it unnecessary, are strong reminders that understanding economic and social laws can make an enormous contribution to the welfare of people.” 

Daniel Finkelstein wrote an interesting article in The Times in which he stressed Becker’s contribution to the world of economics, by emphasising that economics is much broader than understanding how money moves in the economy and that it’s about: “understanding people’s incentives, and structuring social institutions in response to them”.  

When I studied economics, I don't think I appreciated the extent of this imbalance. Furthermore, there is a lot to be done and said to address it beyond the scope of this post.  Though I am with Becker that this is not about re-inventing economics and abandoning rationality, or as he put it eloquently: "no approach of comparable generality has yet been developed that offers serious competition to rational choice theory".  The key test is the generality of the predictions that arise from rational choice.   

So the Godfather of Freakonomics is not with us anymore.  Finkelstein summed it up much better:  “The world has lost one of its great thinkers.  Fortunately, we still have the power of his thoughts.”

If you found this post interesting, you can subscribe to future posts at http://crescendo-erm.blogspot.co.uk and receive them by email; you will need to provide an email address and then confirm the subscription; your email address will not be shared.  Alternatively, you can choose "follow" Isaac Alfon in the relevant LinkedIn group.

More on the ‘C-factor’ in Regulation: Business Model Analysis

Business model analysis (BMA) is one of those terms that are becoming common currency in regulatory discussions, hence the reference to a ‘c-factor’ or common factor in an earlier post (here).  

The PRA published a useful article in the Bank of England March Quarterly Bulletin setting out how they intend to apply BMA to insurance.  It suggests that there are two aspects to a BMA.

Firstly, there is a company dimension, which is obviously not spelt out in great detail for the obvious confidentiality reasons.  In general terms, this would recognise that:

• there is an ‘inverse production function’ in insurance – the fact that insurers collect premium before the service has been delivered and can earn an investment return until claims are paid; and
• insurers must price the product without full knowledge of production costs – hence the ‘experience analysis’ of reserves.

Secondly, there is a market dimension, which recognises that a business model is not static and will respond to changes in regulation, culture, society and technology.  This is evidenced in the article by reference to two developments:

• price comparison web-sites in the UK motor industry; and
• non-standard annuities.

Overall, the PRA sets out a helpful and clear vision about BMA:

‘The PRA’s capital requirements help to make insurers resilient against short-term shocks.  But to be confident that insurers will remain viable over the longer term, the PRA needs to know whether an insurer’s profits are sustainable.  In other words, the PRA will need to analyse the risks of an insurer’s particular business model.’

I found quite remarkable and refreshing to see this level of clarity from supervisors. 

The recent UK budget announcement about removing the requirement for compulsory annuitisation will provide wide ground to test the practice of BMA from a regulatory perspective and, probably, from a company perspective as well.

If you found this post interesting, you can subscribe to future posts at http://crescendo-erm.blogspot.co.uk and receive them by email; you will need to provide an email address and then confirm the subscription; your email address will not be shared.  Alternatively, you can choose "follow" Isaac Alfon in the relevant LinkedIn group.

Risk and Compliance Management: Horizons for 2014/15

The UK’s FCA published recently its Risk Outlook and its Business Plan for 2014/15.  They provide a useful indication of the breadth of the regulatory challenges and evidence of a top-down approach to address them. 

The structure of the Risk Outlook is similar to last year’s.  The inherent risk factors such as information asymmetries, do not change overnight unlike the economic and market environment.  The main aspects of the changing market environment that caught my attention were:

1.    the continuing household indebtedness reflecting the growth of unsecured lending, mainly credit card, and forecast increasing household leverage (Figures 6, 18 and 19 of the paper);

2.     lenders’ forbearance in the mortgage market, supported by low interest rates; and the FCA concerns about the cost to consumers (fees and accrued interest);

3.     the stable and risky profile of mortgage lending; about 40% of mortgages have high-risk features – LTV in excess of 90%, loan to income ratios in excess of 3.5 and terms in excess of 25 years (Figure 22);   

4.     the differential impact of increasing interest rates (mortgage customers, those accumulating wealth and near retirement and those considering an annuity purchase).

The FCA then translates these observations into statement about risks.  Again, the ones that caught my attention were:

1.     the challenge of making ‘appropriate’ profits; for example, making profits from non-core activities could undermine fair treatment of consumers or financial crime responsibilities; for insurers, this could manifest itself in the response to the Retail Distribution Review and moves to direct sales;

2.     the implications of short term cost-cutting strategies materialise as demand starts to grow and could result in poor management of firms’ back book;

3.     the adoption of technology may not be supported by adequate systems and controls or expertise; this could manifest itself on insufficient spending on existing technology or the use of big data without appropriate controls;

4.     plans to mitigate the risk of failures do not give adequate consideration to conduct implications such as in respect of the changes to terms and conditions in stress conditions.

The Business Plan then identifies priorities for the key sectors.  For life insurance, the priorities appear to be:

1.       suitability of products and services sold;

2.       fair treatment of the back book;

3.       the governance of with-profits funds.  

Interestingly, the FCA business plan also reflects new responsibilities which include supervising 50,000 firms in respect of consumer credit, enforcing competition law, implementing changes to the approved persons regime and the establishing a new payment systems regulator.   

All in all, it’s going to be a busy 2014/15 for everyone.

If you found this post interesting, you can subscribe to future posts at http://crescendo-erm.blogspot.co.uk and receive them by email.  You will need to provide an email address and then confirm the subscription.  Your email address will not be shared.

Risk Management Lessons: Reacting to a Regulatory Breach

My last post covered the breach by the Yorkshire BS (YBS) of the FCA mortgage rules related to the calculation of arrears charges. The FCA's announced this breach in February 2014 together with a brief outline of the lender’s reaction and the FCA decision not to take enforcement action. 

As a result, the FCA did not have to publish a detailed outline of the circumstances of the case.  It was therefore difficult to develop a practical sense of the steps that the YBS may have taken to mitigate the risk of FCA enforcement after the breach was discovered.  I thought there might be a similar enforcement case of ‘back-office’ related activities which enabled an inference of what actions may mitigate the risk of enforcement action when errors are discovered. 

I found a similar case from September 2013 regarding Clydesdale Bank (CB; enforcement notice is here).  The details of the CB breach itself are relatively simple: an unintentional error in the bank's IT system in 2005 meant that mortgage payments were incorrectly calculated when there was a change in interest rates.  This was discovered in April 2009.  The outcome of the case was a fine of £8.9m and the write-off of the amounts not charged to customers (about £22m). 

There are five main lessons for regulated entities about how to mitigate the risk of enforcement action in these circumstances. 

1.  The starting point for the "relevant period" of the breach that the FCA refers to as the basis for enforcement action is the point when the CB discovers the error (April 2009) and management has the possibility of taking remedial action. 

2.   Timely reaction to correct the error after it has been discovered and alert customers who may be relying on the firm’s communication while the issue is fully addressed.   CB took six month to fix the IT error.  There were no interim measures taken in respect of any new mortgages sold between April and September.

3.  A regulatory expectation that recovering a mortgage underpayment should not be targeted where the underpayment arises from an administrative error and the lender is fully to blame.  CB initially aimed to avoid this and recover up to £22m.  The YBS offered a generalised redress to customers.  

4.   The need to actively consider the Ombudsman precedents and guidance, where available and relevant.  This was available in the case of CB.  Further, the materiality of the expected shortfall from not recovering the underpayments has limited relevance from a regulatory perspective.

5.  Fair and clear customer communications about the issue and the potential customer outcomes. Where a phone discussion is required to assess a customer’s position, staff are briefed appropriately to proactively gather relevant data.  In the FCA’s view, this did not apply in the CB case.  The YBS avoided much of this by offering a generalised redress to customers.

And finally a puzzle.  Enforcement notices tend to outline how the issue was discovered.  This can be an aggravating factor where it is discovered by the regulator as in the case of the YBS.  Alternatively, where the firm discovers the breach, it represents a mitigating factor.  In the case of the CB, I could not find any reference to how the issue was discovered.  I am not inclined to view this as an oversight.  At the same time, I don’t really understand this outcome: either party would want to take credit for discovering the issue. 

I would be interested to hear your thoughts.

If you found this post interesting, you can subscribe to future posts at http://crescendo-erm.blogspot.co.uk and receive them by email.  You will need to provide an email address and then confirm the subscription.  Your email address will not be shared.

Continuing 'Music' Lessons from FCA Enforcement – Even When There Isn’t

I continue my review of FCA enforcement cases to draw practical lessons about risk management.  See my previous posts here and here.  One example of a music note is a ‘rest’, which tells you not play your instrument.  I have come across a similar one in terms of FCA enforcement.  This is about an FCA announcement that explains a breach of FCA rules where no enforcement action in terms of a fine is mentioned.  

The case relates to charges of mortgages arrears by the Yorkshire Building Society.   The FSA handbook only allows charging cost-reflective arrears fees (MCOB 12.4R).  However, arrears is defined in the FSA glossary as missing more than two payments.    

The FCA press release (here) does not provide a lot of details about the case.  It suggests that the issue was discovered after the FCA raised concerns.  It is usually not an ideal starting point when a regulatory breach is discovered in the course of a supervisory visit.  The Yorkshire Building Society found that “some of its customers in arrears may have been charged fees incorrectly”.  So in this case, we cannot learn what the actual breach was.  Was it that the building society charged arrears too early? Were the charges “excessive”, i.e. with respect to costs?  I don’t know but we can still learn from this silence.  

The FCA press release says that the building society “will voluntary refund all administration fees for mortgage arrears since January 2009”, which means that “borrowers who were charged correctly will also receive a refund”.  The amounts involved are not trivial: £8.4m to be refunded to nearly 34 thousand customers.  Just to put this in context for the business, this represents about 5% of the societies' profits in 2013.  This would probably underestimate the total cost which will include running an operation to reach out former customers and make the refunds as agreed with the FCA.  

The FCA handbook includes a section on enforcement, which sets out the considerations that the FCA will take into account to decide whether to take action for a financial penalty or public censure.  There are two considerations for the FCA: the seriousness of the breach and the response of the regulated firm.  You read about the specific considerations in the enforcement notices as part of the decision process to set the fine.  They usually include a reference to the co-operation of the firm in the investigation of the breach.  The considerations also include “any remedial steps the person has taken in respect of the breach” and “the likelihood that the same type of breach will recur if no action is taken”.  

The lesson is rather simple.  We focus on risk management as the tools of reducing the likelihood or impact of events.  However, the unpredictable can happen and then proactive risk management is about working with the regulators to address the issue in a way that minimises legal costs and reputational costs.  Compensating customer is the ultimate form of redress.  It suggests that delivering extensive compensation (here to all customers on mortgage arrears since 2009) and, I guess, quickly can have an effect.  

The FCA has shown that it is willing to read the Handbook in the round and not take enforcement action when, in its judgement, it’s in consumers' interest.  

Solvency 2 Training

Solvency 2 implementation is approaching fast.  I am running a training course in early April organised by Euromoney.   Over three days, I will provide a solid overview of Solvency 2.

Further details about the course, including an overview and dates, can be found here.

More ‘Music’ Lessons from FCA Enforcement

I mentioned in my previous post (here) about the contrast between the inability to learn music from the noise that a grand piano would make if dropped down a staircase and the ability to learn lessons about risk management from FCA enforcement actions.   On this occasion, I am reviewing the FCA enforcement notice against ‘JLT Speciality Limited’ (JTLSL) from December 2013 (here – all references are to this document).  

JTLSL provides insurance broking, risk management and claims management.   The enforcement case concerns failures of its anti-bribery and corruption arrangements.  This is a specialised area of the FCA Handbook.  However, the lessons are quite wide and applicable to other areas of financial regulation.

The ‘relevant period’ of the breach appears relatively long: from Feb 2009 to May 2012.   The resulting fine was £1.9m. 

Interestingly, while the FCA has been emphasis outcomes as a driver of regulatory intervention (‘The FCA approach to advancing its objectives’, July 2013), in this case the FCA seems less keen on it.  The FCA acknowledges that there is no evidence that the company had permitted any illicit payment or inducement to any overseas introducer.   

As it is usually the case, there were policies and other high-level statements setting out the company’s expectations in terms of how the risk of bribery and corruption should be managed.  At different times, it appears that the shortcomings were related to the:   

(a)   lack of practical requirements to enable the appropriate activities to take place; this includes the lack of requirement on employees to take steps to establish whether the introducer was connected to the client (para 4.22); and the lack of ‘any’ guidance to enable employees to operate the high-level anti-bribery and corruption procedures in place (paras 4.11 and 4.12);

(b)    failure to follow the company policy requirements;  the FCA refers to the failure to gather the required information to assess the risk (para 4.36) and to follow up the actions required in the policy, typically, an enhanced sign-off if certain conditions were evidenced (paras 4.37 and 4.38).

These are important lessons to anyone working in the implementation of regulatory requirements.  

A slightly different, and equally interesting, remark in the enforcement notice is about the challenges of gap analyses, in particular where FCA rules and legislation (Bribery Act, 2010) cover the same area.  Typically, financial services regulators impose more onerous and comprehensive requirements than general legislation so the choice of benchmark is vital.  This means that the extent to which gaps may be identified and the reassurance provided by a gap analysis would depend heavily on the benchmark selected. 

I mentioned earlier that this enforcement case relates to a period of over 36 months. During this time supervisors visited the company three times to assess systems and controls in relation to bribery and corruption.  JTLSL also accepted a voluntary variation of permission such that it ‘was unable to enter into a new relationship with third parties without prior approval from an independent skilled person’.  

Not surprisingly, the FCA recognises the costs incurred by JTLSL, in terms of financial costs, opportunity costs and management time. 

I am therefore left with a simple question: why wasn’t this fixed in a timely manner to avoid enforcement action?  I don’t really know.  I have read and discussed the importance of the ‘tone from the top’ on regulatory issues which sets out priorities for employees.  I wonder if this could have been a factor.  

The Piano, FCA Enforcement and Lloyds TSB, Halifax and Bank of Scotland

I heard once that you can’t learn music from the noise that a grand-piano makes when you drop it down a staircase.  Alas, we should be able to learn something about risk management from the FCA’s enforcement notices.  That’s one of my ambitions for 2014. 

I am starting with the FCA’s enforcement action on Lloyds TSB, Halifax and Bank of Scotland announced on 10^th December 2013 (here – all references are from this document).  The case relates to the lack of appropriate controls around financial incentives to advisers in branches.   

The FCA clarifies at the outset that there is nothing in the rules against “[incentivising] staff to sell a particular product” provided that a firm’s “systems and controls are sufficiently robust and sophisticated to mitigate effectively the risk of any adverse impact the incentives may have on staff behaviour”.

It is therefore not entirely surprising that the FCA articulates in detail the specific features of the remuneration system that added to the risk of consumer detriment, including

1.       variable basic salaries;
2.       bonus thresholds disproportionate effects for marginal sales;

3.       uncapped bonuses; and
4.       advanced bonus payments that could result in advisers being in debt. 

The FCA makes an interesting comment about the sophistication of the performance reward and the concern that senior management did not appreciate the potential consequences.  “The root cause of these deficiencies was the collective failure of the Firms’ senior management to identify sufficiently remuneration and incentives given to advisers as a key area of risks.” 

I was puzzled as to why this could happen.  Here are my own explanation from reading the details of the case.

1.     The complexity of the system makes it challenging understanding the incentive properties.  It seems that the system involved: (a) translating premium and product features into “points” (see example in page 15); (b) checking against target “points” monthly and on a rolling three months basis; and (c) translating points into pounds.  Inferring the incentive properties and potential product bias would not have been straightforward for busy executives. 

2.      A possible misunderstanding of the incentive properties of headline bonuses.  In some cases, the incentives could be small in absolute terms, e.g. £5,000 over a year if monthly targets were consistently met.  However, I wonder if there was an appreciation of the impact on behaviour for someone on a £33k salary (mid-tier adviser, para 4.29)  Indeed, the FCA says that the relevant governance committee “only considered the [remuneration] schemes at a high level” (para 4.104(1)).

Given that, it is not surprising that these performance incentives were not backed by appropriate controls.  In particular, it is not surprising that quality controls such as file reviews focused on sales that were regarded as ‘high risk’ by reference to customer rather than the adviser profile or track record. 

There are also two interesting comments in the enforcement notice about controls. 

1.       The main failure was not the absence of controls but the lack of appropriate linkages between relevant controls.  In particular, while there were certain quality assessments of sales, advisers could receive their bonuses even if issues had been identified.

2.       “The large number of people involved in the process [of governance over the incentive schemes] and the fragmented nature of the controls.” 

This is a good illustration of the observation that the main challenge of risk management is to apply the appropriate “top down” vision and strategy.  In its absence plenty of activity and resources, leading to potential complexity, will take place as evidenced here but with limited effectiveness.  In this case, the fine was £28m which excludes remediation costs, compensation and management time.