Donate today to get yours!
Why Banks Don’t Listen to their Risk Managers
Woodbine Associates sent me an opinion piece this morning. It’s a bit long, but it makes for interesting reading.
Why Banks Don’t Listen to their Risk Managers – and Risk Losing Billions
While details are thin, the announcement last week of an unprecedented $2 billion equity trading loss by UBS in London, and the arrest on criminal fraud charges of the alleged 31-year-old “rogue trader,” have attracted global attention. This would be the third-largest trading loss of its kind in banking history.
Onlookers are scratching their heads asking — once again — how one person, trading basic instruments, could accrue such eye-popping losses under the supposedly watchful eyes of experienced management.
The problem is decades old and rampant in financial services. Strong risk management oversight in financial institutions is perceived as hindering production and eroding profit potential, thus is often underfunded and overruled. Senior managers must face their responsibilities and run – not walk – to adequately fund, develop, and support enhanced risk management. Otherwise they are gambling (like UBS) with firm capital and shareholder interests and risk failure of the entire enterprise — and make no mistake, the failures will be those of management, not of so-called “rogue traders.”
Need for Controls.
Enterprise-wide risk management has been an industry best practice since the Barings Bank failure in 1995. Infamous “rogue trader” Nick Leeson was able to sink Barings thanks to substantial oversight and control deficiencies; these enabled him to trade AND oversee settlement operations in the firm’s Singapore office. Leeson lost roughly $1.3 billion due to speculative investing, primarily in futures contracts.
Since then, virtually all substantial financial services entities have implemented risk management functions that are fully independent of business development groups. Risk managers quantify and aggregate risk, develop controls, and create oversight plans. Their role is perceived as essential. Publicly, senior management and line managers praise and support risk managers.
While senior management is often publicly pleased to have risk groups measure consolidated market, credit, and operational risks, they can be considerably less pleased when risk managers attempt to block transactions that generate considerable outright revenue. It is not uncommon for management to overrule risk managers in these instances. Such actions can belittle the risk managers’ role — and place a firm at risk.
Conflicts of Interest.
There has always been an inherent conflict between risk management and revenue generation in financial services. Risk managers “puts the brakes” on business units. On the margin, they stop traders from doing transactions that are either too risky outright for the firm’s established guidelines, or where potential returns may not be commensurate with risk.
Conversely, both firm performance and individuals’ compensation packages are often based on metrics related to outright revenue production. This can provide dangerous incentives to bring in revenue, whatever the risks. Traders and line management also believe they understand the risks associated with marginal transactions better than risk managers, creating inherent tension.
Risk management, as a control function, is sometimes relegated to second-class status when attempting to stop a large, revenue-generating transaction that does not make sense on a risk-adjusted basis or fall outside of the firm’s risk guidelines. As cost centers, risk management groups also frequently become second-class at budget time. Despite platitudes from senior management (themselves former revenue producers, in almost every case), risk managers often are perceived as a direct drag on revenue and profitability. They thus may be forced to do more with fewer resources, particularly in lean times.
Traditional performance measures such as return-on-equity (ROE) have their basis in outright, “dollar-for-dollar” accounting. Revenue and expense realized in an accounting period passes through a firm’s income statement at full (dollar-for-dollar) value. In financial services, revenue booked for accounting purposes for all transactions, “risky” as well as comparatively safe, pass through the firm’s financials on an equally weighted basis. There is no differentiation for risk. Transactions providing the greatest revenue therefore have the most value. Expenses pass through financials in the same way.
Risk-adjusted performance measures, unlike traditional ones, take into account the possibility of future loss. Webster’s dictionary defines risk as the “possibility of loss.” How that possibility is quantified can have a very real impact on required revenue and profitability that, in a competitive financial services environment, may result in a transaction not being done or going to a competitor. If losing a deal or failing to do a transaction results in a performance – and compensation – hit, traders are likely to take it very personally.
Therein lies the rub. Quantifying or modeling risk is statistically-based and always subject to interpretation. Interpreting profitability more generously, questioning the risk model, emphasizing uncertainty, and focusing on transaction revenue can make compelling arguments to those at the helm to take significant (even unwarranted) risks. Such action is essentially a gamble.
While performance measurement (and line unit compensation) is usually based on outright revenue generation and related metrics, in financial services, the more telling performance measures are risk-adjusted metrics. Managers and traders live in a world of revenue; risk managers focus on risk-adjustments. This represents an obvious conflict, and revenue generators usually win.
A loss may or may not happen. Plainly speaking, if risk is introduced into performance measurement, future returns may – but not necessarily will – be reduced. The potential for loss, regardless of the degree of math involved in determination, is subject to interpretation. In the abstract, if one chooses to believe that a low probability of loss means that a loss will not happen, that may turn out to be correct.
Behavioral scientists study aspects of psychology pertaining to hindsight bias and planning bias. Without going too deeply into either topic, humans tend to overstate their success in predicting the outcome of events in the past. Humans also tend to be overconfident in their abilities to successfully apply past experience to future events. These biases are highly relevant to decisions made to override risk management decisions.
In financial institutions, risk is managed daily by people charged with generating business. A proprietary trader evaluates the potential return of a strategy, transaction, or series of transactions against perceived risk. A bank lending officer evaluates a company for creditworthiness and charges an interest rate on a loan or line of credit commensurate with the perceived risk. A competent trader would never enter into a strategy guaranteed to lose, nor would a lending officer extend credit to a company certain to fail.
Yet proximity can compromise judgment. A trader may believe that his or her particular skills uniquely provide for a profitable outcome to a particular trading strategy. A loan officer may believe that his or her particular insight into the borrower ensures that the borrower will not fail. If these two individuals have been successful in the past and not experienced substantial losses, they may be overconfident in their respective abilities to evaluate and manage excessive risk. The incentive for each to take excessive risks may be amplified if each is compensated on the basis of outright revenue generation.
Management is Not Immune.
Senior managers view firm operations from a different, higher-level perspective. In most cases, they are far removed from day-to-day operations. They deal with press, analysts, regulators, legislators and a host of other matters related to strategic direction. While most rose through the ranks and generally understand risk, in their executive roles they usually remain tied to traditional (non-risk adjusted) performance measurement — the metrics used by analysts to value the company and compare performance among competitors. For this reason, senior management may have the same biases as line traders when it comes to revenue, returns and perceived risk.
This quagmire puts risk managers between the proverbial rock and a hard place. They are charged with the responsibility to protect a firm from loss. They view risk impartially. Still, they are subject to the same bias from above as they are from below.
How does this play out? Traders unabashedly will seek approval from senior management to incur substantial risk for the potential of outsized returns, even over the stringent objections of a risk manager. The senior manager will focus on the revenue projections while diminishing the associated risk, and approve the transaction. If no loss is incurred, the trader most likely will be empowered to repeat the exercise; the senior manager will be further empowered to approve such exceptions, thanks largely to his or her “superior insight.” The risk manager will be left out in the cold — and not missed.
Back to UBS. Since details remain thin at this time, no one is sure of anything. However, it appears that UBS permitted unauthorized and excessive risk taking on the part of at least one individual. Time will tell how involved senior managers were in this case. From the early reports the whole incident is symptomatic of a major failure in UBS’s enterprise-wide risk management framework. It is likely attributable to inadequate risk assessment budgeting and resources, since in recent times financial services companies have been quick to cut expenses in cost centers — risk management among them.
The effective management of risk and return is essential for successful enterprise management in financial services. Conflicts abound, however, many of them rooted in deep behavior biases. Even traders and managers acting in the best faith may make sub-optimal decisions based on a range of pressures and influences. In light of these realities, senior management must take decisive (if difficult) steps to adequately build, fund, and trust their risk management operations. Only by taking such overt steps can the integrity of equity capital be truly protected, shareholder value preserved. Without them the “rogue trader” losses at UBS will be the latest — but certainly not the last.