Banking regularly has a bout of extreme dysfunctional myopia. This has been evidenced throughout history by its love affairs with leveraging and leveraged lending, its adoption of fads such as the tech boom or the earlier Latin American and emerging market funding catastrophes. It has been compounded by its ignorance of the risks of unfettered mortgage based loans or the craziness of its willingness to accept exposure, with uncertain legality, to structures such as rehypothecated assets or liens based on uncertain precedent.
I have had concerns about the securities services business for some time ever since, after a few whimpers of protest, the concept of unlimited liability for the safety of assets was accepted under the EU’s alternative and UCIT rules. This aberration appears likely to be joined by several others.
Firstly, the critical risk vehicle of trading markets, the Central Counterparty, could soon, at least in the EU, see its risk policies subordinated to Central Bank monetary policy. Secondly, Investment houses are talking more of their suppliers being digital custodians and insuring them against the risks of cyber and other digital frauds or events. Allied to this, the major custodians are talking of broader outsourcing whereby the fund manager becomes the manufacturer, strategic distributor and operator of a fund with all other tasks and risks residing with a turnkey supplier meeting operational, technical, data management and some judgemental functions.
The latest EU data I have seen from the EBA shows non-performing bank loans at 6% of total loans and advances. That equates to the Spanish GDP. US banks perform better at 3% of loans and advances. In addition, banks have paid $321 billion in regulatory fines since 2008. Their continued imprudence, given that few banks have made an economic profit over this period, is staggering. In this light, it might be worthwhile highlighting the dangers of the recent additions to the custodian risk ladder as well as reminding ourselves of the risks implicit in asset safety rules. As a ratio of two dollars of assets under custody to each dollar of assets in their balance sheet is a common one for many custodians, the fact that custodial assets are seen as less risky is not a comfort but a necessity. As markets get more complex, as investments become more geographically diverse, as investment types expand, technology choice becomes ever more mission critical and as conflict of cross border law and regulation becomes more of a challenge, the relative scale of the two portfolios, custodial and direct risk bearing, is an issue. At what point could a risk in the custodial world translate into a balance sheet threatening event? The Central Counterparty issue and the challenges of changing liability across the post trade landscape, especially with growing outsourcing arrangements, could well be the driver for the next banking crisis.
Central Counterparties are the riskiest component of the post trade lifecycle. Having served on the board and risk committee of a systemically important CCP, I have the greatest respect for their risk management processes. The most material risks I see are firstly the fact that all major CCPs have a quite common client base, secondly the risks inherent in a margining algorithm that is largely based on historic performance and finally the redeployment risks on the cash, especially, that they hold as collateral. I also have, in some markets, reservations about legal certainty especially where the CCP gains priority over assets in bankruptcy. Added to these risks now are the proposed moves for Central Bank control of risk policies for EU CCPs whereby margining would be dictated not solely by an independent CCP assessment but also by the requirements of a country’s monetary policy. In other words, if the CCP margining strategy leads to interest rate hikes, the policy could be overturned without the instructing National Central Bank or the ECB having any liability for consequential losses.
Outsourcing has been a buzz word of the industry for many years. Early day outsourcings were marked by an underestimation of the complexity of transition in fast moving markets, fanciful estimates of future assets and transaction levels, a lack of contingency for changes in asset mix and far too general legal documents. This has been much improved over the years but at the same time the outsourcing market has become much more complicated and the key participants have become much more ambitious. The outsourcers look much more like technology companies with processing and risk absorption capabilities. They have technology partners although in legal terms these are technical risk takers mainly for hardware and software performance with areas such as data security often being covered in their agreements with, at best, legal ambiguity or, at worst, glaring loopholes. Outsourcing has gone down the path of maximum post trade outsourcing to component based outsourcing and now appears to be reverting to the full post trade model. Outsourcing has also moved from an institutional fund management model and market specific brokerage settlement model to a much broader one including a bank to bank model for small and medium sized transaction banks.
This creates two major risks. The first is concentration risk. The second is litigation risk.
On the concentration risk front, the danger is that many outsource arrangements will be difficult to reverse due to their complexity. In an era where regulators demand clear contingency arrangements the ceding entity needs to understand where they fit into the living wills of their suppliers and how they could activate alternative arrangements. On paper, these appear to exist but the practicalities and the lapsed time for transition are worrying. And there is a certain homogeneity among suppliers that leads one to believe that there is likely to be systemic contagion across suppliers in the event of one or another succumbing to an event risk that leads to their incapacity or inability to continue as supplier.
On the legal side, there are known risks and unknown risks. Asset safety is at the heart of these risks to the extent that it is a useful guide to logical maximum potential exposures. But asset safety is becoming ever more complex. The diversity of on and off market operating platforms across the globe means that risks are both local and global, instrument specific and generic. Technology is now so much part of the supply chain that the risks of technical failure, cybercrime or supplier malfunction is a real risk for one or both the parties to an outsource arrangement. And there are risks that are unclear such as the liability for hacking through market infrastructure, the handover point of risk between different suppliers to the outsourcing entity, the boundary of responsibility for actual loss and consequential loss or the different possible claims over assets in a collateral intensive age.
So how can this be taken forward? I believe that there are key actions incumbent on banks to take. The easiest is to reject interference into CCP risk management by Central Banks. In that field also there needs to be an assessment of the contagion risks across CCPs and the concentration risks within the four or five systemically important global CCPs. The more difficult area is in respect of asset safety. In truth, regulators need to be clearer about what risks are carried by whom. There is no such thing as constructive ambiguity when the ambiguity is a threat to the stability of the financial system. There is no such thing as genuine contingency when the complexity of the arrangement requires time not to be of the essence in changes in suppliers. There is no such thing as hot standby when the chain inevitably contains multiple single points of failure among utilities and other service providers.
And markets need to grab the risk issue and decide what capital is needed to back it at each stage of the transaction life cycle even if that leads to change that emasculates parts of the current model. The alternative is likely to be a visionary new entrant from outside the current industry constituents that marginalises banks across the bulk of the process and distances them from a core client constituency and a central revenue flow of their organisations.