Regulators urged to enhance op risk oversight post September 11

NEW YORK -- Financial regulators must enhance their monitoring of individual firms and the linkages between them after the September 11 attacks in New York showed the vulnerability of the financial system to op risks.

That was the verdict of management consultants McKinsey & Company in a November report on the impact on New York’s financial services of the attacks.

McKinsey, acknowledging regulators re- examining their policies, said agencies must ensure firms’ business recovery plans take account of the problems of access and telecommunications connections. Regulators should also ensure mandatory industry-wide stress testing of linkages between firms and markets.

As an example of the stress testing McKinsey had in mind, the firm cited the possibility that in the equity markets, regulators and industry groups -- the US Federal Reserve, the Securities and Exchange Commission (SEC) and the Securities Industry Association, for instance -- could sponsor joint connectivity tests of selected firms, key clearing houses and major customers. Other organisations, including perhaps the US Treasury and the Bond Market Association, could sponsor tests for the bond markets with particular focus on clearing and settlement processes.

The attacks exposed deficiencies in the financial system and its vulnerability to key ‘choke points’ -- telephone switches and other hubs through which key information flows, McKinsey said (see box).

The underlying ‘connectivity’ of the telecoms and power infrastructure was surprisingly fragile, with single points of failure such as at the New York telephone carrier Verizon’s central office at 140 West Street. Both the energy and telecoms infrastructures lacked alternative networks that could be activated swiftly, the report said.

Industry analysts noted that Bank of New York (BoNY) officials blamed much of the disruption to the bank’s crucial securities processing services after the attacks on the loss of telephone connections to its customers, rather than on BoNY’s systems.

BoNY, one of the world’s biggest processors of securities trades, had major problems paying out funds due to failed communications lines. Some market sources estimated its payments backlog reached $130 billion on September 13, leaving a number of big European institutions with large overdrafts with other banks.

The McKinsey report said there was a lack of geographic diversity in back-up plans, insufficient access to back-up sites, a lack of alternative networks and systems for telecoms and power. "These weaknesses could pose a significant threat in the event of future system-wide disruptions," it said.

Forty percent, or 1,700 of the civilians killed in the attacks on the twin towers of the World Trade Center, worked in the financial services industry, McKinsey noted.

But the report said the immediate impact was modest relative to the overall size of the financial services sector. The industry was shocked by the suspension of most trading for several days, but financial systems performed well overall.

Only about $4.4 billion of the $30 billion in total property damage was attributable to financial services firms, since most firms rented office space. And as most of the property damage was covered by insurance, the net loss to the sector will be even lower, the report said.

The cost of business disruption, a combination of lost revenues due to market closure and dislocation expenses, was about $1.8 billion and was partly covered by insurance.