Integrating different risks in a single framework greatly benefits all financial institutions – leading to better communication, risk assessment, and long-term performance.
It started with the subprime crisis. Defaults in US subprime mortgages impacted the price of some structured instruments, mainly for credit risk reasons. Investors, realizing there were significant losses, decided to jettison these increasingly risky securitized instruments. Banks faced the difficulty of raising funds using these special purpose vehicles. As the market became aware of the situation, mainly because too many banks were selling assets to get liquidity, confidence between financial institutions disappeared. At that point, it was impossible to restore confidence in the interbank market. Credit risk in one specific market had been transformed into liquidity risk.
The story is now well known and other risk factors can be added to the whole process, like interest rates. When the interest rates went up in the US, it increased the number of defaults in US subprime mortgages – generally floating rate loans. Risk managers and regulators realized that it was necessary to take a risk inventory and analyze the combined impact of different risks, especially in a crisis scenario.
Furthermore, in light of the recent credit crisis and the emerging business and regulatory environment coming out of that crisis, many banks are rethinking their traditional operating structures. Banks are realizing that their legacy organization structures need to be closely revisited and some enduring organizational walls will need to come down – either physically or logically.
This article illustrates that a crisis can occur, or be exacerbated, when risks are managed in different silos in banks. It first defines the different types of risks that can be correlated and provides examples that illustrate how banks should model the different risks together. The second section highlights the benefits of having an integrated process for measuring the risks, not just in the context of stress testing. Finally, it describes the challenges of building such a framework and gives suggestions about how to improve it.
Mapping all the risks that banks face would create an extremely long list. Instead, this article provides examples of the links between some of the most important risks found in banks.
“The financial crisis has highlighted the need to better integrate solvency and liquidity stress testing. A sharp rise in their euro and US dollar funding costs, or quantitative rationing, was often the trigger for the failure of banks during the crisis, and for the difficulties that many banks continue to face.”1
Liquidity risk is linked to credit risk. When a loan is not repaid, the impact on the incoming cash flow is straightforward and the treasurer needs to find another source of funding to replace the inflows. Before the crisis in 2008, it impacted a bank’s P&L, but it was not a significant problem for a treasurer to find cash in the very liquid interbank market. However, after the financial crisis, stress scenarios where it is difficult or even impossible to borrow money from the interbank market have become plausible.2
Another connection is the impact of credit risk on the reputations of financial institutions. For example, a local bank in a region where the unemployment rate and therefore the number of defaults is high, will find it more difficult to get money from other banks who consider the bank more risky because of the local economy.
Finally, it has been proven that in difficult times, banks tend to lend only to good customers (i.e., lending less globally); thus creating fewer outflows, positively impacting the liquidity risk metrics.
Asset and liability management (ALM) teams have always worked on interest rate risk and liquidity risk. Basically, the maturity mismatch between assets and liabilities could be analyzed for both risks. Retail banks, for example, tend to lend money with longer maturities for mortgage loans and have short-term resources with non-term deposits. Contractually, all customers could go to their banks and withdraw money from their savings accounts.
For long-term loans, there is generally an implicit option for a customer to prepay their loan. This can be a so-called behavioral option (e.g., a customer decides to prepay because he is selling his house), or a financial option, because interest rates have decreased and a customer wants to renegotiate his loan.
There is not only a link between interest rate risk and liquidity risk, but also the impact of reputational risk on the two, as the behavior of customers can be driven by the bank’s image. Northern Rock is an interesting example because even with a guarantee of the Bank of England, confidence in it was difficult to restore.
When a bank decides to enter a new market, with a different currency, they have two possible options. The first option is to lend money in the local currency. In this case, a bank only has to deal with foreign exchange (FX) risk; that is, their exposure to unanticipated changes in the exchange rate between two currencies. But a bank could also decide to lend money in a more liquid currency (e.g., US dollar or euro). Their customers would benefit from this second option because interest rates are generally lower in US dollars or euros than in less liquid currencies. However, their customers would then be exposed to currency risk as their salaries are generally paid in local currencies. Hence, in the case of a challenging scenario, an increase in the exchange rate could lead to many more defaults than what was initially assessed.3
Again, the correlation may be very small in a normal scenario but could become very high in a stress scenario. Therefore, this link must be modeled carefully in the context of a stress testing exercise.
FX rates can have a big impact on liquidity. Most of the reports required by the different supervisors now have to be produced per currency, as there is a difference between having cash in a local currency and the US dollar. Even when the exchange rate is indexed on the dollar, some differences can appear when a crisis occurs. It is therefore very important to calculate two metrics in each currency. Even for liquid currencies it is not always easy to exchange one currency for another. At the end of 2012, French banks discovered that their US dollar funding dried up. Even if they had a sufficient amount of cash in euros, they could not easily find enough US dollars, which led them to decrease their reliance on US funding sources.
“Firms that avoided significant losses appear to have a better ability to integrate exposures across businesses for both market and counterparty risk management. Other firms did not appear to have sufficient abilities to identify consolidated, firm-wide, single-factor stress sensitivities and concentrations.” 4
The Senior Supervisors Group’s findings should compel every banker to implement an integrated risks framework inside their financial institution. Unfortunately, many bankers still believe their institution will avoid significant losses despite not having an effective framework in place. More and more people in the banking industry, however, realize that, as Gillian Tett of the Financial Times says: “there was a problem of silos, or fragmentation, both in a structural and cognitive sense, which made it hard for both insiders and outsiders alike to take a holistic vision of how credit was developing.”5
One of the most important benefits of an integrated framework comes from the ability to efficiently respond to the frequent regulatory exercises that banks are required to perform, like with the Comprehensive Capital Analysis and Review (CCAR) and Dodd-Frank Act Stress Test (DFAST). Moreover, regular changes in market practices often drive the supervisors to come up with new ideas, sometimes at the last minute. This challenge can be extended to the internal requirements from senior management. But a common thread among these fluid requests is the need to analyze the relationships among the full suite of risk factors a bank faces.
Despite being mandatory, these regulatory-driven stress testing exercises have not convinced some financial institutions to build a new framework when they have different tools and departments for different types of risks. They generally prefer to stick to their business model, while aggregating the data from the different tools. By doing so, they forget that the cost of cleaning data and aggregating results can be very high, especially if the frequency of the stress tests increases. Beyond the tangible costs, there is the high inherent control risk associated with such inefficient and extensive processes, many of which include substantial manual intervention with poor controls.
The example explaining the link between FX and credit risk is instructive. In some banks, the fact that there are silos (e.g., people in charge of credit risk and others in charge of FX risk), leads to unmonitored – and so unmanaged – risk. The credit risk team could categorize a risk as FX while the market risk team could say that it is credit risk.
This example illustrates that risk departments will need to better understand all the connections between all the risks – particularly powerful when creating a contingency plan in case a similar scenario occurs. It also helps build consistent business plans for new strategic investments. For example, before buying another bank or creating a subsidiary in a foreign country, banks can perform simulations to pinpoint the worst impact of such an investment.
Even in a treasury, some banks see a strong opportunity to improve their profitability, as Jennifer Boussuge, Head of Global Treasury Sales, Bank of America Merrill Lynch, says: “One of the biggest hurdles in optimizing working capital is that responsibility for the various elements in the working capital cycle, such as purchasing, treasury, sales, accounts payable, and accounts receivable, are separate functions with different management structures, objectives, and key performance indicators (KPIs).”6
Finally, every team can ensure that the numbers are consistent in the various internal reports when aggregating the data (from credit risk, liquidity risk, FX risk, etc.).
“According to some risk managers, the larger the shock imposed, the less plausible the stress tests or scenarios are in the eyes of a business area and senior management.”4
It seems that the definition of a plausible scenario has changed significantly over time. A sovereign default in Europe was very unlikely five years ago but is now the basis of many stress tests. Using a comprehensive framework not only helps banks better understand why a scenario is plausible, it also makes it more difficult for senior managers (among others) to say that they do not believe that scenario X will lead to consequences Y and Z, as the full framework will be properly documented.
Using the same data, framework, and metrics also enable people to speak the same language. Some treasurers view their risk department as an impediment to effectively doing their job. Risk managers face challenges when explaining to the business lines to what extent one specific transaction could impact the bank. Simply put, business lines were speaking P&L, the credit risk team was speaking Probability of Default (PD) / Loss Given Default (LGD), and the ALM team was speaking "gaps."
Sharing information and having a common framework fosters communication across an entire organization, as input data, calculation engines, and reports are based on one platform. Everyone will then have the same level of knowledge about each type of risk. In the end, the strongest benefit is overcoming the barriers between different departments.
A few years ago, measuring different types of risk at the same time was only used to better define a diversification strategy, which mainly pertained to the allocation of economic sectors, countries, and currencies in a single portfolio. For asset managers, this applied to hedge funds, where the risk is not – or minimally – correlated with market prices. Only a few banks managed to implement comprehensive stress tests for two main reasons:
1. Quantifying the impact of the combined risk factors is a difficult task
“Many managers recognize that stress tests themselves should be dynamic – such that they consider new scenarios as business conditions evolve – yet still be stable enough to provide firms with a useful gauge for monitoring the evolution of their risk profile over time.”4
Methodologies have always been at the heart of risk management. Many quantitative experts write complex models that describe, as precisely as possible, the different risks that a bank can face. This is obviously a difficult task in the case of combined risk factors.
First of all, senior management does not want to know about formulas or models. They are more interested in a global view and do not want to dive into the details. Moreover, liquidity risk issues are completely different than credit risk. For the treasury, liquidity risk is an intraday risk, requiring less complex models and faster – even real-time – observation techniques. Even if modeling is still considered important, infrastructure often receives a larger share of the budget.
Second, stress testing is about a few macroeconomic variables. Most economists only provide frequently used statistics, such as gross domestic product, unemployment rates, consumer price index, equity index, and only two points on the yield curve. A bank must then translate this information to retrieve all the variables needed for every type of risk (e.g., PD, LGD for credit risk, cash flows for liquidity risk, prices for market risk, etc.).7
But most importantly, a bank must write an equation that describes the state of their future balance sheet when reacting to multiple scenarios, such as:
- If one of a bank’s counterparties defaults, the bank will stop lending to that counterparty
- If the equity prices drop below a given limit, the bank will reduce their exposure to the equity market
- If the liquidity buffer is not sufficient enough (e.g., the liquidity coverage ratio falls below 100%), the bank could stop lending or buy high-quality liquid assets
2. Having the adequate framework to store data, models, and scenarios
“Several firms emphasized the need to improve the applicability of forward-looking scenario analysis to the business practices of the firm. […] System flexibility was cited as crucial, although some firms may not have had sufficiently flexible systems to handle customized scenarios and stress tests.”4
The main types of risk have different risk drivers, time horizons, and metrics, making integrating everything complex. That is why it is necessary to have a framework and a methodology. A framework often does not exist in banks because risk management is typically organized by a silo-based approach. Building a framework leads to internal political discussions, which determine who is in charge and what priority is given to the unified project. Banks implement this type of project when senior management realizes that risk appetite can only be defined for the entire balance sheet, not just for a single risk department. In this case, a bank would create a team to define the different needs of each department (risk, finance, treasury, capital management, etc.).
The workflow concept is an important requirement for trading portfolios and is also relevant for balance sheet management. In a world where decisions must be made by the right person at the right moment in the right market, information that travels lightning fast through an organization is beneficial. This is indeed the case for limit monitoring and the origination process.
Integrating different risks in a single framework greatly benefits all financial institutions – leading to better communication, risk assessment, and long-term performance. Most financial institutions started working on a framework because of regulatory pressure. Senior management, however, also recognize the benefits of integrating risk. For example, they do not want to discover that their institution became bankrupt overnight because the balance sheet of a subsidiary abroad was insufficiently analyzed. These stakeholders now see the real benefits of having a system that can quickly provide the information required to make the right decision at the right time.
Integrated stress testing tools can achieve this goal. Unfortunately, this is not an easy task. The people building a framework must not focus too much on the details. They must acknowledge the limitations and should not try to create an ultimate model that will never be realized. They must also accept that each person in a bank has a field of expertise and can help in the design of the global framework. This is a team effort which will provide a real-time big picture of their institution under different stressed scenarios. Senior management will better understand all the options for defining their strategy and the risk appetite of their financial institution; thus increasing the long-term profitability of shareholders.
If a platform for integrated risk management provides many benefits for banks, what are the key points for successfully organizing a stress testing platform?
First of all, data management is crucial. Building a robust and consistent data warehouse, however, is a difficult task – especially when multiple teams are involved. There is always one team that seems to be less concerned by such a big project. Some treasury departments may see a data warehouse as a burden and with no added value for their day-to-day job. Experience shows that, for this reason, the CFO should be designated as the project manager. Leading the project provides an opportunity for the CFO to add features that will benefit his or her team. The data warehouse will then become a real risk and finance project.
The other important task consists of convincing the different stakeholders that a stress testing framework will tackle not only adverse effects, but also upside effects. Viewing risk management as an opportunity to improve business is a cultural shift in most banks. Risk departments will then be able to deliver more insight and discover more opportunities. Many business lines will then see the risk department as an ally, rather than a pessimistic risk controller.
1 International Monetary Fund, Stress Testing of Banks (Technical Note), 2013.
2 Bank for International Settlements, Principles for Sound Liquidity Risk Management and Supervision, 2008.
3 Morrison, S., Barrie & Hibbert, Aggregation of Market and Credit Risk Capital Requirements via Integrated Scenarios, 2013.
4 Senior Supervisors Group, Observations on Risk Management Practices During the Recent Market Turbulence, 2008.
5 Gillian Tett, Financial Times, Silos and silences: Why so few people spotted the problems in complex credit and what that implies for the future, July 2010.
6 Jennifer Boussuge, Head of Global Treasury Sales, Bank of America Merrill Lynch, Breaking Down the Working Capital Silos, July 2013.
7 Basel Committee on Banking Supervision, Range of Practices and Issues in Economic Capital Frameworks, 2009.
Director, Business Development - EMEA
Nicolas is responsible for thought leadership on ALM, liquidity, and market risks for the EMEA region to help financial institutions define a sound risk management framework.