Risk management on the forefront
BY JOHN ALAN JAMES
With Congress returning to work Nov. 13, there will be critical discussions over the “fiscal cliff” and over unresolved issues relating to the implementation of the Dodd-Frank Wall Street Reform and Consumer Protection Act, passed in June 2010.
During the recent political campaign, millions of dollars were contributed to Republican causes by individual financial institutions and numerous executives in banks, hedge funds and broker/dealerships.
Each of these groups has its own reasons for wanting parts or all of Dodd-Frank to be repealed. Banks, in particular, fear the impacts of the Volker Rule, requiring them to split banking and investing functions.
Both U.S. and foreign banks with American operations are also very concerned about the potential impact of the so-called “living will,” which, if mandated, will require banks to provide federal authorities with their specific plans for liquidating their corporations in the event of a financial crisis.
My own concerns regard the underlying, and not frequently discussed, aspects of the living will/liquidation provisions relating to the “quality” of the risk management policies and procedures of each financial institution.
Risk management provisions have long existed in the examination procedures of all the federal and state agencies overseeing banks and other financial institutions. The goals of the Bank of International Settlements (BIS) in its Basel I, Basel II and the currently discussed Basel III standards also focus on the adequacy of the capitalization of the individual financial institutions in meeting unforeseen risks.
What Dodd-Frank brings to the current scene that troubles me greatly are the new, not clearly written, provisions giving the regulatory agencies the power to require the directors and executive management of a financial institution to discuss its basic mission, risk-appetite definitions, goals and strategies and define the risks their own risk management program indicates could possibly lead to their financial demise.
Each of these provisions has been, up to now, the sole responsibility, under corporate law, of the shareholder elected board of directors. Corporate law in the 50 states defines the role of the individual director as a “fiduciary agent” of the equity shareholders.
I query whether the authors of the Dodd-Frank legislation have had in mind a “federalization” of corporate law similar to the process of taking over state laws regarding financial reporting that occurred with the passage and implementation of the Sarbanes-Oxley legislation of 2002.
Risk management, especially enterprise risk management, has been with us for more than 50 years and has actually been adopted as a “standard” by the International Standards body in Geneva.
Defining the key risk issues, their sources and possible impacts have always been the sole responsibility of an individual firm”™s board of directors. Corporate governance, the control of both external and internal governance policies and procedures, has been the foundation of corporate charters dating back to the original Anglo-Saxon entities organized to separate the corporate affairs from the interference of the king.
No responsible person, including myself, will deny the need for regulation and oversight of corporate financial reporting and the health of the shareholders”™ equity as defined in the strategic plan. Strategic plans are usually designed by corporate executive management and approved and overseen by the board and its separate committees.
Strategic planning and risk management are inseparable ingredients of a corporation”™s mission statement, which defines who we are, why we are in business, what are our goals for products and ways of doing business, our ethical standards and the policies and procedures, including internal controls, to make sure that as a company and individual employees that these goals are being achieved.
I can see no reasons for the examiner for a regulator to be able to legally overturn or redefine these basic mission statement goals.
Of course, “audits” of the efficiency and effectiveness of the policies and procedures are needed for assuring transparency for investors and controlling deviant behavior from the new and complex regulations from the more than 100 mandates submitted for passage into the Federal Register as law under Dodd-Frank. With many more to come, I am concerned about the intent of the executive branch with its regulatory goals.
These are issues demanding a public debate of the clearly stated objectives of the Financial Stability Oversight Council, which unfortunately have not been provided.
The council has met only twice in the two years since Dodd-Frank became law. There is lack of clarity regarding each of the regulatory agencies”™ has for long-term goals. The conflicts between agencies, for example, SEC and CFTC over trading regulations, also create uncertainty as to goals and purpose.
I would hope that our newly re-elected administration will provide all of us a far more clear picture of the goals and objectives for the current and yet to come regulations, and soon.
John Alan James is executive director, the Pace Global Center for Governance, Reporting & Regulation at the Lubin School of Business. He is also program director for the Certified Compliance and Regulatory Professional certificate program, organized in conjunction with the Association of International Bank Auditors and now in its second cycle.