Regulators are now focusing more on operational risk. This has been driven by events in bank principal activity rather than in the custody field, but both areas will be scrutinized. And it is likely that they will be treated more similarly in terms of liability and capital allocation than many assume.
The drivers for regulatory attention are the well-publicized losses, costs and penalties of several major banks and financial institutions. These may relate to alleged misspelling of products, absent control over trading positions, commingling of client and principal accounts, defective internal procedures or faulty valuations of complex derivative positions.
At one level, the regulators will recognize that these relate to trading or front-office activities. But they do have repercussions on custodians, and especially fund administrators. We can gauge the directional approach of regulators by scrutinizing the new wording in the AIFMD. There is now an obligation for the administrator to implement a cash-flow monitoring process that mirrors those of a fund. In effect, in this case, the regulators are maintaining their deep-pocket strategy of ensuring that, if things go badly wrong, there is a substantial entity required to step in and protect investors.
The challenge of the AIFMD cash decision is that it transforms the administrator from being a safe-keeper of assets, the responsible party for ensuring compliance with regulation and the fund prospectus or like documentation, and, usually, the secondary pricing check to becoming an equal party to the fund in an asset-management function. The path to further liability across other responsibilities of the fund has been opened.
If regulators apply capital haircuts to cover the one-off, but often multi-million or even billion-dollar hits to cover the event risks noted above, what will be the impact on custodians? By their nature, it is always difficult to identify what could constitute an event risk. The problem for the regulators is that custodians hold several tens of trillion dollars of assets; the headline figure is scary rather than any specific risk. If Lehman, as an example, had not unwound efficiently, if the netting and settlement arrangements had not worked, what would custodian loss have been? If MF Global, perhaps, were a bigger and broader organization, who would have been liable for their problems? If assets were frozen in one of the major securities settlement systems, who would carry the cost of money, and would custodians avoid the consequential costs? A far-fetched list perhaps, but the very nature of event risk is that it is not foreseeable!
If we look at the events that are concerning the regulators, they could identify parallels between the front office and the custody world. On alleged misspelling of products, there have been ample cases, in court or in process, on aspects of custody with hundreds of millions of dollars of resolution costs. If we are looking for control liability, we only have to consider the intentional ambiguity around liability of custodians, with the Madoff affair being the most high profile, to be concerned. And, in the regulators view, there may be questions around the structure needed to segregate client and principal assets. After all, there is a renewed move to designation at CSDs and transfer agents, and some are looking at account operator structures to reduce (although, personally, I have doubts as to its effectiveness) sub-custodian risk. And there has always been a lack of clarity around the exact liability of the administrator in fund pricing, and, with exotics and OTC instruments still being much in use, valuations are more of an art than a science for all concerned.
I suspect we are moving into a world where custodians will have to assume they could be liable rather than hope they will not be liable. Regulators, as they look at capital allocation for operational risk, will undoubtedly consider the treatment of custodians and fund administrators, as well, it should be remembered, as fund managers. If regulators opt for full separation of custody, perhaps in line with one of the possible banking models proposed in the EU CSD Regulations, and require any separate legal entity to be fully capitalized, treatment of event risk will be critical. And that is the risk that the regulators appear to be focusing on at the moment.