There was nothing tricky in fixing this problem before it got out of hand. When you are seeing the inventory of complex structured products grow from a few billion dollars to ten billion, then on their way to 20 or 30 or 40 billion, a natural question to ask in the course of the build-up is “why aren’t we selling any of this stuff”. And a natural answer to that question is “maybe we aren’t pricing it correctly”. Any risk manager with a fifth grade education will note that if the price of the inventory is off by just ten percent, that will mean a loss of billions of dollars, and so will propose selling some of the inventory, say a few billion dollars worth, and see the price at which it clears. At that point, the gig will be up.
So why didn’t this happen?
One hypotheses is asleep-at-the-switch incompetence by the risk mangers: they just missed the inventory build-up. But given the simplicity of the problem and the fact that any of these banks have hundreds of personnel in the risk management division, that’s hard to believe.
A second hypothesis is incompetence or poor incentives in senior management: the problem was passed up the chain of command and then ignored. This seems reasonable; there are, after all, tensions that pull against the in-house Cassandra. Senior management is reluctant to reduce risk because it means lowering earnings. And management gets backing for this from a powerful constituency, the traders who control the profit centers and make their money by taking risk. The traders are at loggerheads with the risk manager because of skewed incentives, the so-called “trader’s option” where if the firm wins they win while if the firm loses big time they miss their bonus for the year and head off to greener pastures. Indeed, senior management might be swayed by similar incentives.
Under this hypothesis the risk failure within the banks is organizational; it has to do with incentives, communication and plain old fashioned bureaucracy.
So how do you fix it?
The government needs to create a market risk management function with direct lines to the Chief Risk Officer of each financial institution. The CRO should be required to provide full risk information to the government risk authority. It sees whatever he sees. And it should go one step further, to require the CRO to notify the government risk authority of any risk concerns that have not been resolved by senior management. In essence, the CRO would have dotted-line reporting to his government counterparts. Think along the lines of the Sarbanes-Oxley Act, which requires the CEO to attest to internal controls and certify the accuracy of the financial statements.
As important as the specifics of the structure is the spirit with which the regulatory role is executed. For the CRO engaged in fulfilling his responsibilities, the government risk authority can act as his ombudsman, an outside voice with the power to get things done if his own voice is not being heard within the firm. The CEO is less likely to ignore risk concerns if he knows who might be making the next knock on his door. And if the CEO has a legitimate disagreement about the degree of risk, he might welcome the outside view.
For this to work, we need to change the mindset behind regulation. Marching in with a subpoena in one hand and a sixty page questionnaire in the other is not the way forward. Which means we also need a different type of regulatory staff. Some jobs cannot be done by SEC lawyers or career government workers. We need to entice market professionals into government service, market professionals who are on par with those in industry. It might cost some money to get them on board, but I bet the bill will be way south of a trillion dollars.
"A Demon Of Our Own Design"
"The End Of Theory"
