1. Post-pandemic financial risks
The spread of and response to the COVID-19 pandemic have dramatically changed the world and not least in the area of portfolio management. It has created additional, and complex, qualitative factors in the credit risk management framework. As we emerge from the pandemic, financial institutions have especially been asking themselves, “What does the underlying creditworthiness of borrowers look like when public support measures are withdrawn?” This creates needs for more greater sophistication in terms of models and scenarios.
Portfolio managers need to explore the questions such as: “Which loans are inherently riskier after the pandemic because of structural changes to the economy? Which loans were already risky when the pandemic began, but government support has obscured their underlying creditworthiness? What will be the performance of certain asset classes in certain geographies when European economies are back to normal? And what if we are blown off course again by (for example) the emergence of another variant?
The complexity and inconsistency in some segments adds to the challenge. Residential real estate is broadly performing well. Commercial real estate (CRE) assets by contrast have been particularly badly affected in many hospitality sub-sectors: lodging, food and drink services, event planning, theme parks, travel and tourism etc. Non-grocery retail is another sector that has yet to fully recover, and office assets have also nose-dived as companies have grown used to home-working and the “great resignation” has taken hold.
The ECB reported in its November 2021 economic outlook, “The outlook seems particularly poor for lower quality CRE assets, with market intelligence flagging remote working, health concerns and the rush for greener property as channeling demand towards the prime segment. This intersects with elevated vulnerabilities among those sectors most affected by the pandemic, namely retail and office assets.”1
CRE exposures constitute a large share of credit portfolios held by financial institutions. For portfolio credit risk management, it is essential to understand how various exposures correlate with one another. This is especially true in Europe: In the UK, CRE loans comprised approximately 8.3% (£ 239 million) of all outstanding loans and approximately 51% of all loans to non‐financial corporations (NFC) as of 31 December 2020. Moreover, CRE modelling is not as sophisticated as more traditional asset classes such as corporate loans and equities.
A further major post-pandemic financial risk stems from the loosening of lending standards. The rise in leveraged finance in many European economies points to increased risk of financial stress over the coming years. Much lending during the pandemic was channeled towards the worst-hit sectors and borrowers. Some borrowers are likely to struggle to repay the debts they took on to survive the pandemic, especially if policymakers decide to apply the brakes, for example to contain rising inflation.
Credit portfolio managers need to examine their books for excessive exposure to more leveraged finance. We are nowhere near to the peak vulnerability of 2008, but we should be alert to the possibility of a new bubble in the coming months and years, and this means putting in place the tools and models to monitor the risks.
2. Climate risks
Portfolio managers also need to address a number of emerging financial risks, the most important being climate or environmental risk, especially in the light of the recommendations of the Task Force on Climate-Related Financial Disclosures (TCFD). In October 2021, just before the COP26 Summit, the UK Government confirmed that large UK-registered companies will have to disclose climate-related financial data from April 2022. The TCFD requirements are also gaining momentum around the world as G20 countries consider how to integrate the urgent recommendations into their own ESG policies. One thing is clear: the TCFD requirements are rapidly changing from a voluntary to a globally binding regulation that will sooner or later have a major impact on the way all companies do business, beyond the financial sector.
What does this mean for portfolio managers? Climate change will affect portfolios in two ways. First through the physical impact of rising sea levels and extreme weather events such as the floods and wildfires that occurred in Europe in 2021.
Second, financial institutions are exposed to transition risks such as the rapid changing patterns in energy consumption as a result of carbon taxes and price rises as economies move towards net zero emissions. With the conflict in Ukraine, the situation has become many times more unpredictable. For example, Germany is seeking to reduce its reliance on Russian fossil fuels in the long term, but in the short term this may involve shelving its plans to decommission its own coal-fired power stations.
As the threats from climate change mount, financial institutions need to quantify the impact of physical and transition risks on their portfolios. “Greenwashíng” is a related risk as there is growing investor interest in green investment but a lack of information and standards to rate companies effectively. Consequently, the question for portfolio managers is how to integrate these factors into their risk appetite.
The recent ECB stress tests came to a number of interesting conclusions on this subject, notably that climate-related risks are (if not mitigated) highly concentrated by geography and sector, and that “that if policies to transition towards a greener economy are not introduced, physical risks become increasingly higher over time; they increase in a non-linear fashion, and due to the irreversible nature of climate change such an increase will continue over time.” Moreover, if climate risks are not addressed, the impact on those banks and financial institutions that are most at risk will be highly significant. 2
3. Cyber and technology risks
Cyber risks are still often seen as operational risks, which an organization can remediate by purchasing a cyber insurance policy. However, today it is one of the top credit risks. Say, for example, a bank makes a corporate loan to a company to invest in an IT system; the new system is then the victim of a ransomware attack or phishing attack. The initial loss of the hardware and software investment may be covered by an insurance policy, but the disruption to business and loss of reputation may make it impossible for the borrower to repay its debt. If the bank then writes off the debt this may send shockwaves through a large portion of its commercial loan portfolio.
Research into the scale of cyber risk is still a work in progress; the future is uncertain. The latest Threat Landscape 2021 report from the European Union Agency for Cybersecurity (ENISA) highlights that cybersecurity attacks continued to increase through the years 2020 and 2021, not only in terms of vectors and numbers but also in terms of their impact.
The COVID-19 pandemic accelerated the digitalization of Europe’s economy and the number of key knowledge workers working from home, further compounding cyber risks.
Cybersecurity Ventures expects global cybercrime costs to reach a phenomenal $10.5 trillion annually by 2025. Europe has lagged behind the USA on this issue, spending 41 percent less on cybersecurity. The European Union addressed this with draft legislation in 2021, noting that differing national cybersecurity measures make EU banks and companies more vulnerable. 3
There are also more general technology risks – risks that banks are particularly exposed to, for example if they are tied to obsolete technology or legacy siloed systems, which can leave them exposed to a variety of risks such as reporting errors and data breaches from forgotten and exposed systems, as well as competition from more agile market entrants. Digital transformation also brings with it risks of project delays or failures, which is driving the shift to the software-as-a-service (SaaS) model to improve and streamline operations at a lower cost of ownership.
The need for an integrated view
In the foregoing we have discussed what we regard as the main financial and non-financial risks confronting European financial institutions. There are others we could add but what is becoming clear is that there is a convergence of all types of risk so the ability to manage them holistically is paramount. In an uncertain world, senior managers and boards of directors want a 360-degree view of their risk profiles and the exposures that need active management.
For credit portfolio managers, this means gaining the ability to identify, measure, and manage emerging risks such as climate and cyber risk alongside credit risk, market risk, interest rate risk in the banking book and operational risk.
Financial institutions played a vital role in helping companies through the crisis. Now, coming out of it, they must attend to their own good health. They will need to draw on CPM’s unique expertise to show the path to profitability while managing all of these risks. To do so portfolio managers will need access to powerful tools and data sources to build the models and scenarios that provide quick and actionable insights into risks in all their dimensions.