# Liquidity risk management sponsored forum: Experience shared is a lesson learned

The Panel
Calypso Technology

Suhas Nayak, Senior Product Manager, Liquidity Management
Moody’s Analytics
Nicolas Kunghehian, Associate Director – Product Manager, ALM Solutions
SmartStream
Phil Cantor, Senior Product Manager, Cash and Liquidity Management
Sybase
Kris Dabrowski, Senior Systems Consultant
Thomson Reuters
Alexander Dorfmann, Head of Product Management

Risk: The financial crisis has drummed home that not enough was done to tackle liquidity risk management by both regulators and banks. Banks have looked to address systems and processes as a result, while a whole host of standards and guidelines have been released by regulators over the past few years. Most notably, the Basel Committee on Banking Supervision published a proposal for two new liquidity ratios in December. Can you provide a view on the Basel II liquidity standards and, in particular, outline the scope of what the regulators were trying to achieve by that?

Nicolas Kunghehian, Moody’s Analytics (NK): The main idea underpinning Basel II was to create two ratios to determine the liquidity risk for the short, medium and long term. Before the crisis, we just had liquidity gaps that were calculated by banks to establish which funding sources they may need in the future. With the short-term ratio, especially with the liquidity coverage ratio, the Basel Committee tried to additionally find a solution for the crisis. Other than these two ratios, the Committee also provided a framework that could be used by banks to manage different stress scenarios in the future to calculate these ratios. Also, they offered specific assumptions for different parts of the world. There are different parameters, which could be used for the credit risk part as well as for Basel II. The idea is to replicate what has been done for the credit risk part. Essentially, financial institutions need to have liquid assets if they have negative liquidity gaps. The idea of this liquidity buffer is the same as economic capital for the credit risk side of things.

Risk: Could you discuss how liquidity management would change with some of the regulatory changes that have been proposed?

Phil Cantor, SmartStream (PC): There’s a fascinating dynamic going on with the regulators around the world, with the UK Financial Services Authority (FSA) having led out front first of all. There are interesting developments across the world: for example, in Hong Kong and Singapore, where they are using just the standard regulatory supervision powers to examine closely the intraday position-keeping and liquidity of some of the banks there. The regulatory tsunami of documents that comes out every month is huge. Regulation is a default solution to a situation nobody else can solve and regulators tend to come in late and unsubtly. Bigger buffers are like bigger plasters. From a bank’s perspective, satisfying regulators is a must have – clearly, that’s true – but the wider perspective is to understand how to be on top of all the information in the bank. It is vital to know where every penny is, at every moment of the day, in every place.

Risk: Can you describe in detail some of these regulations coming out of some of the supervisory bodies and, in particular, if there are any areas that are challenging for banks more than others?

Kris Dabrowski, Sybase (KD): The biggest point that most regulators are trying to get across is that financial institutions have all their information at hand. It doesn’t matter how much capital you need or how much liquidity you need, the most important thing across the board in all countries is having that information centrically viewed at any time, any place around the world. The regulators themselves are going to be gathering the information from the financial institutions and the financial institutions are going to have to make sure that the information that they currently have, across various systems, entities, locally or globally can be drawn upon and be made available from one central repository at a moment’s notice. Institutions are going to have to think about whether to build their own in-house systems to report; others are going to go out there to get vendors to supply; then there are going to be those who feel that their current spreadsheets are sufficient. The latter are the ones who may get hit very badly when the regulators step in and say that their reporting is insufficient and the capital they are going to have or liquidity buffers that they are showing are not sufficient in case of another scenario like we have experienced in the last couple of years.

Alexander Dorfmann, Thomson Reuters (AD): The new regulation coming from the liquidity risk side might have a bigger impact on the systems, the risk management and the banks themselves. The way we look at Basel II needs to change as it follows a capital adequacy approach driven mainly by the credit risk of the banking book. Many banks’ systems were built in a way that you can capture all your positions in the banking book. But now we are switching to a cash-flow approach, which is entirely different to the capital approach. The question really is how to bring these two different aspects into one regulatory framework.

Risk: Do you get the feeling that there are banks out there that are looking at liquidity as a cash management function, or are people now aware that there are regulatory changes coming through and that there are changes to their own processes that they have to make?

Suhas Nayak, Calypso Technology (SN): Banks had looked at liquidity as more of a cash management issue in the past, but that’s not entirely true either. Most banks have an asset liability management department of some sort. At the board level, they tend to have the asset liability committee and one of the committee’s responsibilities is to look at liquidity and ensure that banks have adequate cash or adequate resources to keep money flowing. It’s at multiple levels, it’s not just cash management, which is more of an intraday issue. There is a gap between the intraday and the more strategic view – that’s the gap that the regulatory recommendations are trying to fill. It’s more tactical.

There are three levels, in a sense: there’s the operational view of cash management and collateral management; the strategic view and traditional asset management; and the ground in between that fell through the cracks. That’s the bit that the regulatory bodies are trying to address by asking institutions to hold a certain pool of liquid assets that covers that gap in funding from one day to another. That’s the system that most institutions are looking to put in place today. It’s not that financial institutions hadn’t done that in the past – it’s just an intensely manual process. Unfortunately, during the crisis, it all fell apart because not all the information required was in one place, not all the data, the people required for it were in one place. That process was broken in places and in a crisis, that matters. Financial institutions need to put a system in place simply because they cannot afford for that process to be manual.

Risk: I’d like to go into more detail about what exactly regulators are asking financial institutions to do. It seems to me that the most recent Basel Committee recommendations can be split into three – the reporting requirement and the two liquidity ratios. Do you agree with that?

AD: You’re perfectly right in saying that it’s reporting. Regulation is accounting and accounting is expressed in reporting standards. This reporting is then divided into different blocks and what they’re looking into is the short-term funding, the long-term funding related to the businesses and then the intergroup funding and, of course, the off-balance funding and the risk you’re incurring here. The reason I don’t think you can express these different categories in ratios is that, in my opinion, ratios will never reflect what the business is actually doing. In the same way that you cannot express a bank’s risk by a percentage or capital ratio, you cannot express how much liquidity risk a bank is taking into a ratio either. In the same way you cannot express how much liquidity risk a bank is taking into whatever ratio you’re implementing at the moment. As long as the regulatory ratios are not linked to profit and loss (P&L), you do not disclose how much profit or loss you’re making and banks are not disclosing at what price they are willing to take or sell a risk, the ratio simply doesn’t make sense. It’s a simple number that doesn’t tell you anything about the risk that banks are taking.

Risk: How important is it for regulators globally to agree on a consistent set of standards, and are you seeing much significant difference in what the regulators are proposing?

SN: When it started out, there certainly was a significant difference. The earliest starter was by far the UK, which put out a draft regulation or consultation on it as far back as September 2008. The Committee of European Banking Supervisors put out a paper in 2009 and, towards the end of 2009, the Basel Committee also came in. In the early part of this, there was the danger that there was going to be some fragmentation of policies that would amount to a regional management rather than a global view of things. So, for larger institutions, there was a danger that they would have to manage subsidiaries on a more local basis, giving them less economy of scale.

In the early days, institutions had expressed time and time again that harmonisation is very important, otherwise they could double-count their risks, so they end up holding more local capital or liquidity and therefore reduce any competitive advantage they might have. That’s changing now. Part of the reason the FSA has taken its foot off the gas is because they are waiting for the other regulators to catch up, otherwise there’s a risk of fragmentation. That’s why the Basel Committee coming in last year and putting their consultation paper out was timely and key because they went into a little more detail than the FSA did. They talked about two ratios, not one.

Going back to what Alexander said, he’s right in saying that a single ratio is not enough, but how else do you express that risk and how do you set a standard? To some extent, the two ratios that the Basel Committee put out are probably addressing the two aspects of it – the longer-term, strategic, more stable view of the world, which is what happens over a one-year horizon, a period that you want to leverage as much as possible if you can, but you also want to try to reduce your leverage for your shorter-term business. You don’t want to fund too much of your long-term business with short-term money because that’s where the risks were. That’s what undid most institutions that failed during the crisis. That’s what the liquid asset coverage ratios are about, to ensure that a financial institution has its own means to fend for itself in a crisis.

That said, when you have a pool of liquid assets, you’re not likely to dip into it the moment there’s a crisis. If you have a proper system in place – and if you’re unlucky enough to get to the point where you’re falling off the cliff during a crisis – you have a big enough parachute so you don’t plummet to the ground. That’s the kind of thinking that regulators are trying to push financial institutions down the path of. The FSA is right, but that’s not going to please everybody. The FSA has got the right approach in that sense – it’s going to be modification-based, they will go on a case-by-case basis, they will assess each institution and provide modification for each institution that suits it, but the general philosophy isn’t going to change. Financial institutions realise that way ahead of the regulators. As soon as there was a hint of a crisis, financial institutions hunkered down and started to think along those terms. Our users are not waiting for the regulators to finalise details, they’re trying to go down their own paths and, at some point, they’re trying to converge with the regulatory thinking.

Risk: This brings us into what financial institutions are actually doing to address these issues. Are some of the changes primarily being driven by regulation or are people changing their practices based on lessons learned? Are people holding off implementing significant changes or are they doing it now?

AD: Financial institutions are reacting in three ways – a major technology change, a major regulatory change and, last but not least, this being the most important case, business requirements. Business requirements are related to the uniformity or non-uniformity of markets. Financial institutions will run different business models as they will look for diversified markets to run their P&L. Therefore, we should make sure that regulation reflects the business needs of banks. We need non-uniform global regulatory standards to address the different business requirements in different areas. As such, we are looking for ways to better explain how to calculate risk or how to implement regulatory standards.

Risk: What changes specifically are people making now? Is it primarily to reporting systems, to stress-testing processes, to a combination of the above? And do you have an average figure for cost implications for financial firms?

NK: For the most part, it’s the IT systems that are being changed because that is certainly the hardest part for banks. Specifically, banks have to improve their information-gathering processes and ensure that information is gathered in a single place. For the FSA, it’s obvious: if it’s a daily process, you cannot have two or three different systems if you want to launch a process that could be quite long, because we’re talking about generating cash flows for all the transactions for the whole group. It can be complicated, so this is definitely the first step. The second step is to put in place a framework – not merely a framework of an IT system but also a strategy, a process for communication between people. Such processes would then also shape the timing of decisions. The right decision may need to be taken right now by a bank’s treasury department, maybe within the hour. The third step is the actual reporting. On balance, if banks know that they have to make various changes – that is, if they have the IT systems to do the cash flows and all the systems to define what they have to do in case something going wrong – then the actual reporting will be the last part. It may not be that easy to do as there are many regulations in different countries, which are governed by different regulators and different formats.

PC: We’ve had discussions with banks who love the approach of doing something at the industry level rather than at the bank level. Theoretically, if everybody pays each other in the morning, it would save everyone money but, of course, you can’t do that because one or two banks breaking ranks can then make more money individually. The second thing is, anything we want to do in the back office, let’s do across the whole bank. That’s hugely difficult. A lot of banks have just been forcibly merged and wish to retain the ability to merge and divest, some of them are going to be forcibly divested. So you have your own internal view of what your position is, you have your counterparties telling you, so then you have several versions of the truth, which come in with different timeliness and different degrees of accuracy. So the value of the ability to reconcile all of these different versions of the truth is what we’re finding people are extremely interested in. Reconciliation is the heart.

What people are doing now is getting on the first rung of the ladder. The markets divisions are already real time in limited areas – credit risk, market risk, trading – but banks are now beginning to look for real time across the whole bank, wanting to break down the silos. The interconnectivity is what matters: everybody knows they’ve got systems. What matters is how you can break silos down, get systems to work together and how you can reconcile the different versions of messages coming in.

The introduction of true competition into banks is the long game here. I think that’s behind the thinking of some regulators that are trying first to put in capital buffers – and those will do in the short term. But they are starting to look at how they can make sure that banks really are competitive because, although I think there are many factors and many people to blame in the crisis, lending incompetence was certainly one of them.

KD: Financial institutions are going to have to look at extracting information that they hold in a variety of places. A lot of people will think of payment or cash-flow information as being sufficient, but it’s information along the whole route, from the inception of any transaction, to payment, right to the final entry because, at any one time, it may be in a different state. For example, a payment may have been released, but you cannot take that as cash that has really gone out of the bank because you may still have it pending in a queue. Or you might be keeping a payment in a hold status ready to release in case you want to keep your liquidity a bit higher for a period of time. We know of one case where, during the analysis phase of the implementation of our system, the bank found a payment system that they were not aware of in treasury and where the odd payment was being released. That could be absolutely disastrous if somebody pays out a few billion, only then to tell the treasurer two hours later that they have just made a payment that needs funding. Thus the importance for financial institutions is to be able to consolidate all of their information into one place.

Risk: In your experience, is it the larger firms that are looking to develop their own systems, to take their own approach? Is it the smaller firms that are looking for vendor packages?

AD: Times are changing for both the bigger and smaller institutions. We’re looking at four major changes: data accuracy and completeness; central pricing and market data; stress testing and speed. It is a complete process, we call it the inclusion of the banking and the trading book into one holistic picture. It’s not only about looking at the risks as such, it’s stress testing the risk and taking decisions on stress-tested results. Decisions, especially from an investment and strategic perspective, will not only be based on risk but also on returns, which need a central pricing and market data practice so that banks can explain their strategy and investments against one consolidated framework. This will only add value where risk computation can be done on an intraday basis, which means you need to be as fast as possible.

Will this be done by the banks themselves? Yes and no. There are software companies in the market having already solved these issues. Banks are not software companies, they need to look for third-party products or software, they need to look for vendors who are able to provide the adequate tools and systems. Last, but not least, I see an important change coming in the risk management world for financial institutions. The position of the chief financial officer will become much more important than it is at the moment. The reason is that once you have the data completeness and the results from your stress test based on a central pricing repository it’s the chief financial officer who decides on the allocation of equity and liquidity.

Risk: How much will it cost the average institution to tick all of these boxes? What kind of ballpark figure are we looking at?

SN: The FSA has identified some of those costs in the UK. For the larger institutions, they’re expecting that cost to be between £1 million and £2 million ($1.46–$2.92 million) one time plus £1 million a year of recurring expenses going forward. The smaller the institution, the lower the costs. In reality, there’s a fragmentation. There’s the regulatory side of things – institutions obviously need to comply with regulations, but there are more sophisticated institutions that will try to leverage that. They are trying to use it so that they become more resilient in their business or it will lower costs or increase revenue opportunities.

The cost there is really hard to put a finger on. We’re seeing a bit of a trend. There are institutions that are looking to consolidate information across the board and have a single view of it – a lot of it was driven by Basel II and a lot of it by the new regulations. The other side of it is the operational view, which says, “I have all that information, now what am I going to do with it?” That is the more interesting view because it’s moving you towards crisis management and planning for a crisis. That’s where the industry is moving towards. That is to say we need to get the information together in one place and that is the first step, and once we have the information in one place, we need to do something with that. That’s the general trend of what banks are doing.