Ever greater regulatory complexity, coupled with an increasingly integrated world is making risk management ambiguous.
For years, financial innovation and international diversification were seen as the golden path towards an optimal allocation of risk in the economy. Then came the financial crisis of 2007 and 2008. Fear and uncertainty sent shockwaves through a complex and connected world. Regulators, under the pressure of public opinion, had to react. Their response to the misdeeds of financial institutions has been unprecedented, the fines so large that even advocates of tougher regulation have wondered whether the response was proportionate to the crimes.
The enforcement action against banks deemed to be laundering money, no matter how thin the association, is a notable example. Rafts of new rules have also been unveiled. In banking, higher capital requirements, bans on proprietary trading, caps on leverage ratios and new conditions attached to pay and bonuses are forcing the financial industry to hunker down for a more staid future.
Devil in the details
But what started as sound regulatory principles degenerated quickly into a blizzard of detailed regulations. One simple example is the number of pages in the Basel banking regulations. Basel I had 30 pages, Basel II had 347 pages and the latest iteration, Basel III is a staggering 616 pages. The Volcker rule, which broadly prohibits banks from making speculative investments, started as an 11 page long memorandum but is already 1,000 pages long now. With more rules to comply with and the increasing complexity of those rules, compliance is becoming a much harder task.
To make matters worse, regulators are not working in a globally integrated framework, leading to many different national rules for companies to comply with, many which stretch across borders, some which are inconsistent with each other. This is having detrimental effects on companies that may just have an association with the host country’s regulations and creates additional systemic risk. BNP Paribas, one of the biggest European banks, was destabilised when its Swiss subsidiary failed to comply with a piece of U.S. legislation that was triggered by the mere fact it transacted in U.S. dollars.
Firms have responded to this onslaught of legislations by dedicated an increasing amount of resources to compliance. Last autumn, HSBC said it was hiring 3,000 more compliance officers. JPMorgan is hiring a similar number to try to stop the flood of fines coming its way. Some two thirds of compliance practitioners expect their team’s budget to grow this year, according to a survey by Thomson Reuters Accelus. But no matter how much they try, firms seem to lose the compliance challenge. General Motors, one of the biggest industrial corporations in the world, admitted in its annual report lacking ‘expertise’ to ensure compliance with pronouncement on accounting for derivatives.
Confusion all round
Even regulators are getting confused. Take the private equity industry as an example. While investment banks are regulated as broker-dealers by the Securities and Exchange Commission (SEC) for their role in buyouts, the private equity industry in the U.S. doesn’t know where it stands on the same issue. Marlon Q. Paz, a partner at Locke Lord, a law firm and a former SEC official was quoted as saying, “There appears to be growing confusion even among SEC staff as to conduct by private equity firms and their consultants and employees that subjects them to broker-dealer registration requirements.”
Unable to comply or too happy to exploit loopholes, the financial system has adapted with more financial innovation. Securitisation, for example, is bouncing back, with asset-backed securities finding a strong footing in the U.S. auto market. Firms are also finding more creative ways meet equity requirements. Contingent convertible (CoCo) bonds are now being issued by banks to meet both increased investor appetite for risk and regulatory urges for banks to have more equity. This new innovation, like the previous ones that contributed to the crisis, is not fully understood. A recent survey by Royal Bank of Scotland found that 90 percent of investors thought their understanding of CoCos was better than average. Some large firms are reducing their exposure to complexity. Citigroup, for example, has recently announced that it would refocus its strategy. But shadow banking is taking off as regulators scramble to catch up, pushing risk into more opaque corners. Risk hungry investors are salivating as regulators grow increasingly worried.
Ironically, the regulatory process that started in the aftermath of the last financial crisis may be sowing the seeds of the next one. Volumes of regulation, critically analysed by legal and financial experts and supervised by over-extended regulators are unlikely to be sufficient to maintain the integrity of the financial system. The development of compliance-centric procedures is not conducive of good risk management. It gives an illusion of control over an increasingly complex and integrated system. Ironically, it perhaps reinforces the root causes of the previous crisis. The starting point of the next financial crisis is still unknown. But it is highly likely that when it comes, fear and uncertainty will send shockwaves through a more complex and connected world.
Gilles Hilary is an INSEAD Professor of Accounting and Control and The Mubadala Chaired Professor in Corporate Governance and Strategy. He is also a contributing faculty member to the INSEAD Corporate Governance Initiative.