Saturday, June 6, 2009

Tasks for the Systemic Risk Regulator

As policymakers look to establish systemic-risk regulators, information is the key to success.

Note: This article was published in Institutional Investor magazine.

The more we understand about our wrecked financial system, the greater the clamor for a systemic-risk regulator. We want someone to save us from ourselves — or from the financial engineers who could blow the whole thing up again a few years down the road. Demand for a risk regulator, an idea that arose from the Treasury Department early last year, has now been embraced by the Group of 20 nations. Everyone wants a cop on the beat. But what would such a regulator do that the hodgepodge of current regulators cannot?

To answer that question, let’s first understand what we mean by systemic risk, and why it needs to be monitored. Systemic risk is driven largely by leverage. Leverage — borrowed money — is the force that amplified risk in the meltdown. Investment banks that once borrowed $10 for every dollar of equity were allowed to boost that to more than $30. As for hedge fund leverage, well, we can only guess. When a market downturn forces such highly leveraged investors to sell to meet their margin requirements, a crisis can cascade quickly. Selling pushes prices down, leading in turn to more forced selling.

The downward momentum is just the start of the problem. Many of those under pressure discover they no longer can sell in the market that is under stress. If they can’t sell what they want to sell, they have to sell whatever else they can, which leads to a downward spiral. This phenomenon explains why a crisis that started in the hinterland of subprime mortgages spread through the credit markets generally.

This contagion can expand beyond natural economic links. When the silver bubble burst in 1980, for example, the price of cattle suddenly came under pressure. Why? Because when the Hunt family had to meet margin calls on their silver positions, they sold whatever else they could. And they happened also to be invested in cattle.

To regulate systemic risk, then, we must understand systemic leverage, crowding (that is, when many speculators move into the same trade, pushing up prices in the process) and aggregated position holdings. Whatever their own risk-management capabilities, individual institutions cannot protect against systemic risk because they do not have this broader information. It is as if each player is sitting in a theater unaware of the others who might run for the exit.

Under current arrangements, regulators also lack the data to monitor systemic risk. They cannot track the concentration of investors by assets or by strategies, nor can they assess the risks inherent in the huge swaps and derivatives markets. Thus, they cannot map out how a failure in one market might multiply into others.

To solve this problem, financial products should be monitored the same way that food and drugs are. When salmonella was found in a peanut factory in Georgia in January, the Food & Drug Administration identified the contaminated products and tracked them all the way to the store shelf. This was possible because consumer products are tagged with a bar code. Why don’t we do the same for financial products? Require tags — bar codes if you will
to be attached to financial products so that regulators know what products are being held by each bank and hedge fund. This step would allow us to understand the potential for crisis events to have systemic consequences and help us anticipate — and hopefully prevent — the course of a systemic shock. It would allow us to identify situations where investors, even though they might be acting prudently on an individual level, are posing systemic risk through their aggregate positions.

Regulators also need to hold bank risk officers accountable. Why financial institutions ended up in such a mess is not much of a mystery. It was not the malfunction of sophisticated risk models or some 100-year flood that swamped the risk controls, it was a huge and unrelenting inventory buildup of illiquid and often complex securities — a buildup that was there to be seen and corrected. How did so many people miss this elephant in the room?

One likely factor is that the problem was passed up the chain of command until it got high enough to be ignored. In other words, the risk management failure within the banks was largely organizational; it had to do with incentives, lack of communication and plain old-fashioned bureaucracy.

To deal with this potential source of failure, the systemic-risk regulator must have direct lines of communication to the chief risk officers of major financial institutions. The regulator can act as the CRO’s ombudsman, an outside voice with the power to get things done if the risk officer’s own voice is not being heard within the firm. Having a link with the CROs of major banks and hedge funds would also allow the systemic-risk regulator to discern "flavor of the month" strategies and instruments that might portend crowding.

In addition, the regulator needs the capacity to learn from market crises. Imagine if the National Transportation Safety Board did not bother to investigate crash sites or review flight recorders. Yet that is where we are in the financial sphere. In the aftermath of a market crisis, regulators must analyze the firm-level details of what has occurred. They also must eyeball new financial products for their systemic-risk potential. Does a new product increase the complexity or leverage in the marketplace? Does it make the market more opaque? This gets back to data: You can’t manage what you can’t measure, and you can’t measure what you can’t see.

Finally, for a systemic-risk regulator to be successful, we must change the mind-set behind regulation. Marching into a bank with a subpoena in one hand and a 60-page questionnaire in the other is not the way forward. Systemic-risk regulation is rocket science — and is probably beyond the experience of even the best lawyers at the Securities and Exchange Commission and bank supervisors at the Federal Reserve Board. We need to entice market professionals into government service. It might cost some Wall Street–type money to get them on board, but the bill will be way south of the $1 trillion or so we’ll spend on the bailout.

Adopting this strategy will not be pleasant; it will mean stepping on a lot of toes. But it doesn’t have to be tackled all at once. The first step — getting the data — is the critical one. Data can be collected efficiently and maintained securely by the regulator, starting first with the largest banks, then gradually moving to other banks and the larger hedge funds. The process of collecting the data can provide the inroads for connecting with the CROs and amassing industry expertise. And if we let the data speak, we will learn more about how to pursue the other tasks.


  1. hi rick, here's why the systemic risk regulator doesnt sound like a good idea to me.

    in my view, if one wants to see why things happened the way they did, the first thing is to look at what people have been rewarded for. everybody involved wants some reward in all this, if possible short term, and will act to maximize it, pushing the whole system in one direction or another. myself and thousands of others have been rewarded quite generously for simply adding risk, as long as the model said we were making money, mainly because nobody cared much how our unrealized mark to model "profits" will ever be turned into cash profits. kept printing tickets and collecting bonuses until the whole thing blew up, and I am pretty sure that's what the subprime CDO and CDS boys did too. poeple don't just increase leverage and put on risk (or do anything at all, for that matter) unless there is some big reward for doing so. we are basically rewarded for building the bubble. if the world of finance were less in love with "mark to something" accounting and people expected us to realize gains, the incentive for printing a mountain of toxic assets would largely disappear.

    as long the incentive system stays as it is, having some regulator telling people to stop when too much risk accumulates is not going solve things. basically the regulator says "stop", but the shareholder says "do it, I'll pay you". people will always find a way to bypass this extra level of complexity as long as they are rewarded for it, that assuming the systemic risk regulator would overcome all the operational difficulties, disclosure issues and all, and be able to function one day. I think changing the reward system, by rewarding gains when realized and being reluctant towards "mark to some number on a screen" type of profits would have a better overall impact. for that, the accounding standards need to change.

  2. Here's a link to Galbraith's congressional testimony on July 9, 2009. It suggests why the FRB is not the institution to act as "systemic risk regulator."