What is a sensible level of capital for a custodian? There used to be absolute levels of capital required by U.S. SEC regulations for sub-custodians, but those were really there to ensure that custodians had substance, albeit modest. The answer to this question is complex, and that may be the reason why many, including regulators, are ducking it. The reality is that, as for commercial bank or investment bank capital assessments, the answer is both judgemental and scientific around the business model of the custodian.
A sub-custodian in a local market or a CSD operating only the notary function will need less capital than an ICSD or a complex global custodian. Risk experience is less of a valid guideline in computing required custodian bank capital, for it is based on history, whereas capital needs are based on future performance. And, in this day and age of material changes in regulatory attribution of risk and the politicization of markets, the past is an even poorer guide, than previously, of the future. Hence, judgment becomes more important than science in the assessment of risk capital requirements.
The major risks of a custodian or CSD, whether of the international or national variety, appear to be operational, business model, transactional, counterparty and ethical.
Much of the focus is on operational risk, with scare stories abounding around corporate event risk. However, I have been involved in manifold assessments of the capital buffer needed for such risk, and, invariably, it is far below the level at which capital would actually be hit to cover any losses. In reality, operational losses are capable of being absorbed by profit. Experience over time in the pure custody business, according to my best real and apocryphal information, is that operational losses over time usually account for just ten or 20 basis points of gross revenues. However, similar data on the industry loss experience on its fiduciary or depository activity is much different. The losses, there, can be material, with fund re-pricing risk and asset protection risk being the major challenges. One can therefore assume that pure custody operational risk can be allocated to the P&L account but fiduciary risk should be backed by capital. In turn, fiduciary risk needs to be assessed by the risk profile of each relevant fund, with a long-only, low-activity, OECD-invested fund at the lower end of the scale and a complex-strategy, highly leveraged, derivative-overlaid, exotic-asset fund at the highest end.
Business model risk is again a variable. The key challenge is concentration risk, where a supplier lacks spread of risk due to their concentration on specific segments of the market. Prime brokerage of exotic funds again appears at the higher end of the scale and basic sub-custody at the lower. But business model risk also embraces the quality of on-boarding clients, the focus on risk management and management compliance with their own rule book. It covers the resilience of a firm’s infrastructure, their contingency plans and a range of other areas, all difficult to assess.
And that also leads into sub-custodian risk, especially under the new AIFMD and UCITS rules. If a sub-custodian model is used, the agents’ business models are critical to minimize such risk. It is important to assess their integrity and operational competence to ensure asset segregation. It is critical to understand the strength of their bank capital structures against its own risk profile. And an understanding is needed of the legal structure of their market to assess the scope of its recognition of the rights of beneficial owners in any default situation.
Transactional risk again ranges from the banal to the extreme. At one end, stock settlement is low risk, yet OTC derivative settlement and documentation management is high risk, especially given the bespoke nature of many such transactions. Transactional risk also covers stock lending with the pitfalls of maturity mismatching on the collateral side, indemnification risk (for which, quite rightly, regulators are now proposing capital backing) and rehypothecation risk (where even with the SEC constraints in the U.S. on quantum, a substantial risk remains). And we should not overlook transactional risk on tri-party transactions, repos or debt-equity swaps, for many may involve both value mismatch, potential challenge of their DVP processes and complexities around income or corporate events.
Counterparty risk appears along the entire transactional lifecycle of any fund or portfolio. The critical risk, though, is the intraday risk incurred due to the mismatch of payment flows and stock settlement or other value transactions. At one level, such risks appear manageable, given that the actuarial likelihood of an entity going into default during a working day in any market, when exposures are highest, are low. But although intraday liability may be a short-term concept, in transaction banking it is a longer-term obligation. This assumes that the bank providing such facilities will not destroy its clients by removing one of their major sources of liquidity at short notice. Although there is some rationale in assuming unutilized at bank option credit should be excluded from bank capital computations, there is less rationale in doing so, for transaction banking intraday obligations due to their de facto term characteristic, at least from an ethical and systemic market risk need if not in the strictly legal sense of the matter.
And finally there is a question of ethics. Some years ago, I wrote the first broker-dealer industry risk management paper for my firm. The key risk was reputation, and it was a judgement call based on the client’s ethical record, their business model and their management structure, as well as the market perception of their business. This was incredibly judgemental and difficult to explain when we closed out facilities to a certain major broker-dealer way back in the 1980s. A large proportion of that broker-dealer’s product range was high risk, there had been questions around its sales techniques and its management structure was quite dysfunctional with individual power barons ruling their areas of operation. The firm exists no more; some of their principals ended up in prison. Some of the market practices they promoted are now strictly illegal, although, to be fair, theirs was a default without loss to creditors due to one of their major strengths – a superb operational team.
So how do we assess capital on firms in our sector? My comments above suggest capital is needed, but assessment of the capital needs is incredibly complex. On a simplistic basis, I would assume that for every basis point of revenue earned by the average firm, around a half to point seven basis points is allocated to firm costs. The balance should cover risk and return. Working backward, given the average two-basis-point return in the industry and a logical 15% return on equity, we can come to the assumption that the industry is saying, on average, that capital needs should be around four basis points of the assets held under custody. In other words, for each trillion dollars under custody or administration, each supplier needs on average $400 million of capital. That implies $16 billion of capital across the world’s custodian banks and infrastructures. Is that enough or are the figures too high for the risks I have discussed, or, I am sure, the many other risks people will propose for consideration?