Fed’s risk proposal puts banks on the defensive
New supervisory guidance will make business heads responsible for risk management
Banks are resisting an effort by the US Federal Reserve to hold individual business units accountable for risk management.
Proposed supervisory guidance issued by the Fed in January assigns responsibility for risk governance and controls to business heads, independent risk managers and senior management – a departure from existing guidance, which focuses almost exclusively on the role of boards and senior managers.
“The Fed has made a very important change” with the proposed guidance, said Richard Cech, a senior bank examiner for operational risk at the Federal Reserve Bank of New York, at the OpRisk North America conference on March 21. “Ten years ago, all the supervisors were loading everything onto the board. The proposed rules are more realistic about the behavioural dynamics of an organisation.” He was speaking in a personal capacity.
Under the new approach, business heads must ensure the risks emanating from their units are managed effectively and in a manner consistent with the firm’s overall strategy and risk tolerance.
However, some banks worry the language in the proposal will expose every part of their operations to additional supervisory scrutiny and review. “The guidance employs a very broad definition of ‘business line’, which has the potential to capture nearly any business unit or function, in a manner that does not necessarily correspond with … an understanding of whether that unit or function is the source of material risk,” writes Stefan Gavell, head of regulatory, industry and government affairs at State Street, in a comment letter dated March 15.
The Fed’s proposal defines a business line as a “unit or function of a financial institution, including associated operations and support that provides related products or services to meet the firm’s business needs”.
This may lead to a duplication of effort and potentially create confusion for senior management
Robin Vince, Goldman Sachs
Banks say that definition is too broad, and could result in back-office and technology teams being subjected to supervisory examinations and review.
In a separate comment letter, Eric Varvel, chief executive of Credit Suisse’s US operations, criticises the Fed’s definition as a “one-size-fits-all approach” that would apply business line management principles to non-business functions.
Other banks have objected to the proposal on the basis that it requires business heads to take on responsibilities that are typically performed by the risk function. For instance, the guidance requires business line management and the risk department to report to senior management on the risk profile of individual businesses. “This may lead to a duplication of effort and potentially create confusion for senior management,” writes Robin Vince, chief risk officer at Goldman Sachs, in a comment letter dated March 15.
A spokesperson for the Fed said it is reviewing the comments received on the proposed guidance.
3LOD model
The controversy over the Fed guidance is part of an ongoing debate over the three lines of defence (3LOD) model for risk management, which has proved to be unwieldy to implement. While some have praised the 3LOD model for helping to promote a stronger risk culture, others say embedding risk and controls personnel within the first line boosts overheads and blurs the distinction between the risk and business functions.
Some banks have tried to address this blurring of the lines by creating intermediaries between the first, second and third lines. HSBC, for example, has identified five different roles: first-line risk owners; first-line control owners; business risk and control managers; second-line risk stewards; and second-line op risk officers. “Business risk and control managers bridge the gap between the second line and the true risk owners, such as the trading desk heads or the head of the mortgage business,” said Kathleen Stack, deputy head of US operational risk at HSBC, at the OpRisk North America conference on March 21.
The Fed has never officially endorsed the 3LOD model, which formed an important part of the Basel Committee on Banking Supervision’s 2011 Principles for the sound management of operational risk. However, the Fed’s examiners employ the 3LOD concept in their supervision of banks. “Our approach is to look at independent challenge and feedback,” said Cech. “Lines of reporting can be extremely important in terms of levels of candour in communications.”
Editing by Kris Devasabai
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@risk.net
More on Risk management
Risk Technology Awards 2024: AI hopes and holdups
Live AI use-cases are limited, as vendors warn on over-regulation
The post-Archegos risk model rebuild begins… slowly
Following regulatory prodding, banks start to overhaul counterparty risk models. A flurry of new research on the topic may aid the effort
Let’s grow the third-party risk playbook – CME security chief
CrowdStrike outage highlights need for financial sector to adjust its game plan
Bankers hope EBA op risk taxonomy will go global
Proposed update to 20-year-old risk map is welcomed, but international co-ordination urged
Op risk data: Payday lender Skytrail sees $1.4bn disappear
Also: Cartel claims cost European bond dealers dearly, plus oil price gouging and crypto cover-ups. Data by ORX News
Marex plots interest rate clearing push
UK broker is live on LCH and plans to be a “day one” clearing member on FMX
Eurex default fund reshuffle leaves members frustrated
Clearing members say concentration margin add-ons would be fairer than buffer on all portfolios
Tired of fat-finger blunders, G-Sibs turn to robots for help
Big banks speed up shift towards control automation and AI adoption to counter costly human errors, Benchmarking survey finds