An official website of the United States government
News Release 1996-20 | February 23, 1996
Share This Page:
Thank you. I am very glad to be here to speak on such an interesting and important topic. The information age continues to change the nature and scope of transactions such that financial opportunities are available almost anywhere on the globe, at any time, and in ways that can be tailored and customized to meet specific funding or investment objectives. The speed with which technology can make such transactions possible also continues to increase at a rapid pace. From this perspective, one may question whether it is possible to keep up with an institution's changing financial risk profile, or for that matter, whether anyone can fully understand the nature of an institution's risks. The question — what do we need to know and when do we need to know it? — has seldom been more important. But the question itself is instructive, so before we attempt to answer the question, it may be helpful to consider the question more carefully.
It is first necessary to identify who needs to know, why they need to know, in order to assess, what they need to know. For example, the nature and detail of information needed by a trader may not be the same as information needed by an institution's senior managers or the board, or an institution's counterparties, or regulators, or the investing public.
Much of the recent attention has centered on a need for more information and for information to be made available on a more frequent basis. But this may lead to "information overload". Specifically, there can be too much information to make sense of it all.
To make good policy, we must focus on why information is needed. In most cases, that can be answered by considering whether appropriate parties have sufficient information to identify, measure, monitor, and control the risk — the risk which can result from their decisions. Or do they have sufficient information to assure themselves that those responsible for controlling risk are appropriately doing so. Thus, a trader may require frequent access to detailed information about a narrow component of a financial market or markets.
Alternatively, a senior manager may require less detail, but should receive information at a similar frequency and for a wider variety of financial markets. Financial regulators may also be interested in a more aggregated view of an institution's health. Analysts and the investing public are generally interested in institution-wide information, but may also have very specific information requirements. Collection and presentation of information, therefore, is critical, but it is by no means an exact science.
The difficulty lies in determining the appropriate level of information aggregation. Some have even suggested that institutions should simply publicly release raw data and allow the users of that information to process it as they see fit. This approach, however, may fail to protect proprietary information and may not be cost effective for the information users who may find it difficult to sift through the volume of information in order to answer specific questions. Moreover, there are benefits to processing of data prior to its release. Information can be presented in a consistent manner and there can be some degree of assurance about the integrity of that information.
As bank supervisors, we are primarily concerned with how information is generated and used within a bank and whether we have sufficient information to ensure banks' safety and soundness.
The Office of the Comptroller of the Currency (OCC) collects its supervisory information through the examination process, which contains nonpublic information, and through quarterly Call Reports filed by banks, which primarily contain publicly available information. Call Reports allow us to receive a consistent and regular picture of a bank's condition and income. However, as market circumstances change, Call Report information often does not provide sufficient detail to allow specific assessments of a bank's safety and soundness. While on-site examinations allow us to obtain more detailed information, such information is generally gathered on a less frequent basis than Call Report information.
To bridge that gap, the OCC combines Call Report information with macroeconomics and regional economic data. These complementary information sources provide insights about banks' conditions that might not otherwise be apparent through regular reviews of Call Reports. For example, following the thrift crisis, regulators and market participants alike began to focus more attention on interest rate risk. However, the Call Report was primarily designed to convey a bank's financial health according to credit risk. It is generally not amenable to making inferences about price and interest rate risk. Quite obviously it is not cost effective for the OCC to be inside every bank on a continuous basis. The OCC has, therefore, been using "Data Filters" over the last several quarters to identify banks that might have material exposures to interest rate risk.
The Data Filters combine economic assumptions and current information about the financial environment together with selected Call Report items to provide an indicator which is suggestive of the presence of interest rate risk. The OCC then uses the examination process to determine whether high levels of interest rate risk are, in fact, present at the particular institutions and, if so, whether it is first, known by the institution, and second, appropriately managed. This form of off-site monitoring has allowed the OCC to utilize information in more cost-effective manners, as well as to deploy examination resources more efficiently.
In most cases, follow-up reviews of the banks that have been identified by these Data Filters have shown that examiners were already aware of problems and that bank management had developed or put into place a strategy for corrective action. In some cases, follow-up reviews revealed additional information that indicated that problems did not exist — in other words, the filters had produced "false positives." However, in a few cases, the filters identified banks which had not yet identified their potential problems or had not yet developed strategies to correct the problems. In those instances, examiners were able to work with the banks to pursue corrective measures.
Like the OCC, many institutions are also looking at the efficiency of their utilization of information in decision-making processes.
When considering information needs, two phenomena appear to be occurring at the same time. First, information in financial markets, especially in the area of financial derivatives transactions and products, is becoming more specialized as a result of newer and more complex instruments. These instruments often require a high level of expertise to understand and/or proprietary models to price. This can have the unfortunate effect of, at times, creating a reliance on a relatively small number of individuals within an institution who establish standards to determine what information is appropriate or relevant. As a risk management matter, this can create a form of "intellectual risk" for an institution — a risk which should be identified and addressed by senior managers. Information specialization issues are usually more pronounced during turning points in market trends or times of market stress.
Second, information is being organized and aggregated in new and different forms. Market participants are moving away from a product-oriented view of the financial world and have begun to view their business in terms of specific types of risk. This raises new questions regarding whether "apples are being combined with apples" when risks are aggregated at successively higher levels within institutions. For example, market risks are usually reduced to a common denominator — generally, the amount of loss associated with a pre-specified likelihood of occurrence over a pre-specified time period. Likewise, credit risks are reduced to loan equivalents or some other common denominator. In both of these efforts, "risk" is defined in terms of earnings and/or capital exposures. However, market risks and credit risks are generally not consistent with each other.
These problems can be further complicated when the separateness between the risk categories becomes blurred. For example, a change in an institution's measured market risk might also result in a change in that institution's measured counterparty credit risk exposure. This can occur when cash flows between the institution and its counterparty are indexed to the affected market factors. Complicating matters still further, the market change may have also broadly affected the business conditions of the counterparty and thereby changed the default likelihood of the counterparty. If the original institution had focused only on changes in counterparty credit exposure, and not the potential for changes in default probability, it would not have captured changes to credit risk.
Information organization and aggregation issues are receiving a great deal of attention as institutions attempt to identify and measure such "inter-connection risks" — including both cross-price and cross-risk correlations — to develop enterprise-based measures of risk.
It is useful to note that the evaluation of risk, as it generally pertains to an institution's earnings and capital stability, involves determining the effects of "tail events" — and strange things can happen in the tails. Markets can become less liquid or traditional counterparties may change their behaviors rapidly. And, since by definition tail events are rare, market participants and others have had few opportunities to learn about them.
The popular view is that more information is needed by everyone or that more information is better. Granted, much of what I have said would support such a view. But it is important to note that information is generally costly to collect, analyze, and present in an understandable manner. In this regard, the more an institution's proprietary information is made freely available, the less incentive there is for other institutions to develop new products or trading strategies. This is particularly relevant in a competitive market place where institutions might view information about trading positions and strategies as revealing the fruits of a competitor's research. In the aggregate this might lead to a decrease in innovation and an increase in the extent to which institutions might "piggy-back" off of one anothers' positions. Such herding among institutions may ultimately lead to undesirable consequences.
It is, nevertheless, important for regulators to find an appropriate balance between proprietary information and information that is necessary so that other interested parties, including financial supervisors and the public, have sufficient information to make informed decisions regarding the issues that they face.
In addressing the needs of outside parties for meaningful and timely information, we must also remain sensitive to the additional costs that institutions would likely face if new reporting and disclosure requirements require significant systems changes.
Banks use a number of complementary methods to identify, measure, monitor and control risk. Sophisticated risk measurement and reporting systems have been implemented, or are currently being developed, at the major trading banks. For example, in order to measure market risk, systems have been designed which project probable changes in market factors over a predefined holding period in order to determine the likelihood of specific reductions in the value of a bank's positions (i.e., value-at-risk), or the likelihood of specific reductions in the bank's future revenues (i.e., earnings-at-risk). (Note: In a markto- market accounting environment, value-at-risk and earnings-at-risk are essentially equivalent measures.) Similarly, measurement systems have been designed to project the potential credit exposure over the term of a transaction.
While the methods used by risk measurement systems are similar, banks tend to employ slightly different market and mathematical assumptions in their measurements based on their experience, their portfolio construction, and theoretical perspectives. Such differences typically reflect differences in the level of technical sophistication among institutions and/or genuine differences of opinion about the underlying nature of financial markets. The existence of these differences, however, tends to become evident only when market factors experience sudden and extreme changes — in other words, when a tail event occurs. This is because it is easy to disagree about something that we know so little about. That is, of course, until it occurs. It is important, therefore, that banks select, monitor, and adjust their assumptions in order to maintain valid systems. Among the most common assumptions are the length of the historical time horizon for calibrating measurement parameters, the degree and extent of correlation among various market factors, and the length position liquidation periods. These assumptions are validated at inception and verified thereafter by independent parties. An additional layer of control is added through bank management's comparison of actual performance versus model projections.
For many banks with small or matched-book trading operations, the cost of sophisticated systems that quantify value-at-risk on a consistent basis across the organization currently may outweigh the benefits to be achieved. That may change as vendor valueat- risk systems are developed. As a result, most end-user banks, and some major banks, measure exposure by setting and monitoring compliance against notional or par limits. These can be used to control the type of instrument, maturity, or market that may be traded. Also, most banks do not currently have true "real-time" information systems for their global trading networks which can be used to measure intra-day exposures. However, the need to establish real-time measures is largely based on the nature of the bank's activities, historical experience and expectations regarding the future volatility in a certain position size, tenor, or market.
Virtually all banks supplement these risk measurement and control mechanisms with both risk limits and loss control limits and/or management action triggers. A loss control limit requires specific management action if a defined level of loss is approached or breached. Exceptions may require that a position be closed or that an additional level of management be contacted for approval of the exposure. In many cases, limits are established to foster communication rather than to limit management's ability to maintain a position. At this point, decisions are made regarding the desirability of maintaining or reducing the position. As a consequence, risk measures that are based upon the effects of statistically simulated market changes on a static portfolio may not properly capture the extent to which management may take action to mitigate potential losses before they materialize.
The precision and accuracy of risk measurement methods, and the timeliness of reports, will vary according to the types, volumes, and the riskiness of the activities undertaken. For example, most of the larger trading banks currently utilize "near realtime" position and scenario information covering specific traders, products, and geographic locations. In contrast, managers at smaller banks with considerably less turnover and less complex transactions may successfully measure and monitor positions by physically reviewing traders' written ledgers and daily trade summaries generated by the operations area.
The level of detail required for effective communication of risk levels, profitability results, and related trends will increase as the business focus moves from senior management to the specific line areas. For example, management directly responsible for a trading area should receive detailed reports with adequate information to assess risk, return, and the ability to meet stated business objectives. In contrast, information provided to senior management and the board of directors at large trading banks will likely illustrate consolidated exposures, trends, compliance with policies and risk limits, and performance compared to risk assumed.
A critical aspect of risk measurement and reporting is the implementation of systems that provide for information independent of trading personnel. The valuation of positions, as well as formal reports comparing positions relative to policy limits, should be constructed and validated by areas that are not associated with trading decisions. This speaks to the need to ensure that the incentives of the people who generate the data are consistent with a desire to see the accurate reporting of that information. This is a fundamental internal control practice that should not be compromised.
In sum, risks are quantified in a variety of ways. Risks are aggregated at many different levels and these measures are subjective to the extent that they are ultimately based upon personal judgment. Information must also be gathered and processed with diligence to ensure its integrity. In short, risk measurement is as much an art as it is a science.
Ultimately, the informational issues associated with the question, "What do we need to know and when do we need to know it?", speak as much to the management of information and how it is used as to the specific information items themselves. It is currently popular to call for more information. However, more does not always mean better. Regulators have always had access to bank-specific information, but have worked to use information more creatively and to balance their information needs against the costs and burdens to the institutions providing such information.
Nevertheless, surveys continue to show that the principles of financial disclosure are improving as institutions are finding more effective means of providing information while protecting proprietary interests. Regulators, too, are disseminating more information specifically related to current areas of public interest (e.g., the quarterly derivatives data releases from the OCC). Institutions should be encouraged to go beyond regulatory filing requirements and to find more innovative ways of disclosing information and bank management should take it upon themselves to provide high quality information to help demystify current discussions about trading activities and derivatives. Such information should be both quantitative and qualitative.
The public outcry for more information has been framed by debacles where one party had superior information. However, many of those situations involved fraud, which is related to, but different than concerns about risks and risk management. It is important to maintain perspective when answering the who, the why, and the what, of the information question.
Public Affairs (202) 649-6870