View original document

The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.

Remarks by Governor Laurence H. Meyer
At the Risk Management Planning Conference, Chicago, Illinois
June 1, 2000

The Roles of Banks, Supervisors, and the Market in Advancing Risk
Management
It's a little bit more than carrying coals to Newcastle to say to an audience like this that the
environment in which banks operate--by which I mean 95 percent the markets and only 5
percent the regulatory and statutory rules--is changing at what appears to be an accelerating
rate. Technology--and its associated competitive pressures--is affecting institutions of all
sizes. Banks and their supervisory counterparts are responding in many ways, not the least
of which is how they manage and evaluate risk
Before I get into risk management, however, let me note that in identifying technology as
the driving force of change, I do not mean to demean the importance of the Gramm-LeachBliley Act. It greatly reduced the cost of operating a modern financial institution by
explicitly authorizing a structure that had already largely been created--by technology, by
deregulation, and, let us be frank, by loopholes. That, and bankers' good sense in looking
before they leap, are, I think, the main reasons why we have not seen a rush to combine
banks, securities firms, and insurance companies. Banking organizations will, it seems,
continue to evolve with a wide range of strategies, in markets from local to global, with
structures ranging from more-or-less standard commercial banking to operations combining
trading, merchant banking, investment banking, and commercial banking. The financial
modernization legislation facilitates these choices.
Reflecting the subject of risk management, my remarks today will focus mainly on the
largest and most complex organizations because that is where the greatest change in the art
has, and will, occur in response to real needs. Because complexity is the driving force
requiring better risk management tools and practices, these new techniques will spread to
smaller organizations as needed. But less complex and even traditional organizations are
being affected by the changing technology; credit scoring and participations in
securitizations are two examples. Moreover, as new systems are applied at the larger banks,
other institutions are likely to find ways of using some of the new techniques. Thus, I hope
my comments and observations will be of interest to most of you, and that your attention
will not solely reflect the good manners characteristic of all bankers.
Internal Ratings
One of the most dramatic changes in risk management now underway is the development
and application of more sophisticated internal risk classifications for loan portfolios.
Virtually all large, complex banking organizations now have some form of internal risk
classification system. Cutting-edge banks, however, are classifying their loan portfolios into
risk classes of finer and finer gradation. They use those categories to control aggregate risk
exposure, to allocate capital internally, to price loans, to determine loan loss reserves, and

for other purposes. As with bond ratings, a probability of default, and a loss rate given
default, are calculated for each grade. These data provide not only valuable statistical insight
into a bank's evolving risk but also the information needed to control it.
This information could be critically important to bank supervisors. Indeed, central banks and
banking agencies around the world are considering using the same information produced for
internal risk classification systems as the raw material for the development of a much more
accurate regulatory risk-based capital requirement. The purpose of capital is to absorb
unexpected losses and, at least in principle, the probability functions I just described allow
the policymaker to determine how much of the loss distribution probability should be
covered by capital. Indeed, I believe a consensus of G-10 countries is developing around a
capital accord in which individual bank capital requirements will vary with their individual
credit risk profiles, based increasingly on the banks' own internal risk evaluations. To be
sure, supervisors will need to ensure that, first, the risk classifications are empirically based
and tested and, second, that they are also used by management for decision making. No less
critical is tying risk weights to internal risk classifications so as to minimize inconsistencies
of capital treatment among banks with similar risks. From the work I've seen, these
problems look solvable, at least in stages.
This dual use by supervisors and bank managers of internal risk classifications is a dramatic
innovation, creating a link between bank management and supervisory standards that has
been needed for some time. Let me explain why that linkage is so important for, I'd say
almost critical to, our evolving strategy of bank supervision and capital reform and why it
should be so important for you as well.
If both the supervisors and management are using the same information--reading from the
same prayer book as it were--the burden on banks should be dramatically reduced. Neither
the agencies nor the industry should be happy when supervisory policies become separated
from the reality of management and practice. Not only may one of us be doing something
irrelevant, but bankers may be forced to duplicate their efforts. I might add that burdens on
supervisors are also reduced when we both look at the same thing. Under risk-focused
supervision, the current paradigm of all the agencies, we will be reviewing internal risk
management practices anyway. There are real efficiencies if this review is also tied to the
evaluation of the bank's capital. Moreover, supervisors do not have the resources to review
each separate loan. The focus on systems and risk management provides a degree of comfort
about loan quality.
If supervisors are emphasizing the linkage between internal risk classifications and capital, I
think it quite likely that both will be interested in jointly developing improved internal risk
management systems. Bankers, I am sure you will agree, will always have a better
understanding of the credit quality of their customers than will the supervisors. The quality
of supervision will, I think, thus be greatly enhanced when supervisors are plugged-in,
literally, to the bank's risk management systems. I remind you again that, first, the
supervisors have to be comfortable with management's internal risk classification systems;
they have to validate its accuracy by reviewing it, by understanding it, by testing it. If the
system falls short, we are both better off when it is improved. When the supervisor accepts
the system, we both enjoy benefits: better capital regulations, greater efficiencies, reduced
burden, and, one hopes, better risk management.
Our working hypothesis is that the scale of capital reform for most banks in the United

States will be rather modest. Indeed, for most banks in this country it may even be possible
to adopt a quite simple regulatory capital ratio consistent with the straightforward nature of
their operations. As the operations of a bank become more complicated--please notice that I
am not linking these gradations to size but to operational complexity--its capital regime
might be revised to reflect the closing of certain loopholes and perhaps somewhat greater
use of both external and internal grades. The most complex entities will require the most
complex capital rules but also the most complex risk management regimes, on which we
hope the capital rules will be based. The scope and complexity of supervision must reflect
the scope and complexity of the banks to which it is applied.
Getting the proposed risk-based capital numbers correct, both in science and as an art, is
especially critical for the most complex organizations. The current one-size-fits-all
regulatory capital regime, as you know, has led increasingly to a gaming of the regulatory
requirements. This amounts to at least a supervisor-permitted series of market-based
transfers designed to reduce regulatory capital and, one hopes, link it more closely to
economic capital. If we just create a few more risk weights and buckets we will, I submit,
have done no more than create new opportunities for this kind of capital arbitrage. In short,
we will simply continue to induce banks to retain their risky assets when their own internal
capital allocations exceed the regulatory levels and to sell, securitize, and otherwise shift
off-balance sheet those assets for which the regulatory capital requirement exceeds their
economic requirement. The net result is likely to be riskier banks--quite the opposite of what
policymakers and supervisors want.
Regardless of what we do, and I cannot emphasize this enough, the small but increasing
number of banks on the frontier of risk management, will continue along their current path
of ever more sophisticated use of internal risk classifications. And whenever regulatory
capital differs from economic capital by more than the cost of arbitrage, they will arbitrage.
Another way of saying this is that, regardless of supervisory actions, bank management will
always attempt to manage its business to earn competitive risk-adjusted rates of return on
equity. Today, our capital regulation encourages banks to withdraw from low-risk credit
markets, or to arbitrage, when regulatory capital requirements exceed levels consistent with
an activity's underlying economic risk. Not only is this situation costly and inefficient for
banks and their customers, it has become increasingly difficult for supervisors to assess the
residual capital adequacy of large, complex, banking organizations as relatively low-risk
assets have been removed from the banking book. Indeed, I am concerned that regulatory
capital is, as a result, becoming a safety and soundness irrelevancy and simply a compliance
requirement. That is why we need a new regulatory capital framework and why it is so
critical that both the bank and the supervisor use capital weights that are as risk-sensitive as
possible.
As I mentioned, supervisors, have to be comfortable with banks' internal risk classifications.
And the fact is that today supervisors would not have the necessary degree of comfort.
Indeed, the fact is that today some large banks are surprisingly behind the curve in
developing their own internal risk classifications. The major complaints are that categories
are too few, historical data and stress testing are insufficient, and assumptions are too
simplistic. That is why last year the Federal Reserve told lagging banking organizations that
they should catch up and required our examiners to evaluate efforts to do so. If you take
only one thing away from this conference, I hope it will be a resolution to put a high priority
on improving your internal risk classification system, virtually regardless of your size, but
certainly most critically as your operations become more complex. For their own benefit,

banking organizations will, I trust, promptly revise the systems, not only to meet coming
revisions in the regulatory capital regimes, but also to avoid the market's criticism as
creditors become more familiar with best practices and come to expect it of their banks.
Market Discipline
Indeed, market evaluations will, I think, play an expanding role. Indeed, a discussion of risk
management would be incomplete without mention of the best risk manager in a market
economy: the market. As executives of banking organizations, I am sure that you feel the
pressure of the marketplace throughout your working day. But I'm referring here to a
different kind of market pressure or discipline that, the evidence is quite clear, is now less
effective on insured depository institutions than on other kinds of financial and nonfinancial
business. That is the market discipline that comes in a tight linkage between funding costs
and availability, on one hand, and risk-taking on the other. The reason why this linkage is
attenuated in banking is no great mystery. The safety net--deposit insurance, the discount
window, and access to the Federal Reserve payment mechanism--coupled with a kind of an
imprimatur that comes from supervision, both elevate the relative status of bank liabilities
and weaken the nexus between the riskiness of bank portfolios and bank funding costs and
availability. That is to say, the market gives banks a kind of pass to avoid the full costs of
their own risk-taking because of banks' special privileges and a belief that the supervisor is
acting as the market's agent, as it were. There is a kind of vicious circle at work here: The
less the market does its job, the more the supervisor is called upon, and the more the
supervisor is called upon, the less the market does its job.
Given the safety net, we cannot eliminate this circle. But it's time that we make it less
binding.
Because as markets have become more global and competitive and because technology and
deregulation have fostered more innovation, traditional supervision is no longer compatible
with a responsive and innovative financial services industry. At the same time, the
increasing concentration of banking and financial assets in a smaller number of very large
organizations raises real systemic risk and concerns about taxpayer liability. It seems to me
that we have a limited set of options: acceptance of greater risk coupled with prayer; or
heavier and more detailed supervision and regulation coupled with an increasing number of
outright prohibitions, a reversal of everything for which we've worked so hard; or a greater
reliance on market discipline, linked with the improvements in internal risk management
and capital reform I discussed earlier. Now, my rabbi and I support prayer, but I think the
Lord would like us to help ourselves, and it seems to me that the choices require us to give
market discipline a real chance.
There are certain prerequisites to expanding market discipline in banking. Uninsured
creditors and shareholders have to believe that bad management or bad luck exposes them to
loss; that the safety net is not a guarantee for other than insured depositors; and that the
resolutions both large and small problem banks will be handled similarly. To be sure, for
systemic reasons, under provisions of the Federal Deposit Insurance Corporation Act of
1991, the resolution of a larger problem bank may involve use of bridge banks and the
minimization of outright liquidations, but in all cases the uninsured stakeholders will bear
the cost of resolution. The rhetoric of the agencies and their actions must be the same if
market discipline is to be credible.
Credible policies are not sufficient. In addition, banks must disclose the information that

creditors and shareholders need to evaluate the underlying risk profile of the individual
bank: not some boilerplate statistical report, but the information that is useful for
understanding that particular organization's risk. Fear of loss, if linked with the availability
of sufficient information about the banking organization to determine the entity's real risk
profile, should in turn induce the uninsured creditors to behave like those of any nonbanking
business. That is, uninsured creditors could be expected to command a risk premium linked
to the portfolio and other risks of the organization. Such a risk premium should in turn act
both as a governor on the risk-taking behavior of banking organizations and as a
supplementary signal to supervisors. But, to do either, the uninsured creditors must have
both a credible fear of loss and the necessary information about the individual institution to
make judgments and decisions.
In late April, the Federal Reserve, in cooperation with the Office of the Comptroller of the
Currency and the Securities and Exchange Commission, set up a private sector advisory
group on public disclosure, under the chairmanship of Walter Shipley, former chairman of
Chase Manhattan. We have asked the group, composed of senior executives of banking and
securities firms, to review the state of the art on public disclosure, to identify best practices,
and to suggest improvements in those practices. Their report will be public. While I have no
idea what will be in their report, it is my hope and expectation that we will learn more about
how to use market discipline both to strengthen our banking system and to avoid the
necessity of additional regulation and supervision of global financial institutions. At the
Federal Reserve, we plan, however, to require that at least the large, complex banking
organizations establish and implement a disclosure policy that is designed to provide
information stakeholders can use to evaluate the risk profile of the banking organization.
Our examiners, as part of both the holding company inspection and the state member bank
examination, will review and evaluate these disclosures to ensure that they conform to best
practices and contribute to stakeholders' understanding of their risk at that organization.
We should all be aware that additional public disclosure is not a free good, especially if it
works. Banks will find that additional market discipline constrains their options, and
supervisors will be concerned about creditors' response to bad news. But both constrained
options and swift market punishment are desired effects of market discipline. And, I say
with great regret, our failure to use market discipline or the failure of market discipline to
work as advertised will lead, I fear, to re-regulation, a return to more invasive supervision,
and a general reversal of the freeing of banking markets.
Supervision
Even with effective market discipline, better internal risk classifications and systems, and an
improved regulatory capital framework, supervision will not disappear. So long as there is a
safety net, there will be supervisors, and I would advise young supervisors that they have a
lifetime opportunity in their present employment. But I do believe that the nature of bank
supervision will change and evolve if and as banks are successful in developing meaningful
internal risk classification and disclosure systems and the authorities are successful in
modifying capital regulations and procedures for resolving problem banks.
The nature of the change I anticipate in supervision is more evolutionary than revolutionary,
with an ever-expanding emphasis on understanding of, and comfort with, a banking
organization's risk classification and risk management systems. As I noted, this undoubtedly
will involve transactions and stress testing. But the more that the safety and soundness of
banks come to depend on their risk management systems--and on the judgments the bank

manager brings to bear in their use--the more supervisors will come to focus their
evaluations on the same systems as bank management. Again, if and as supervisors become
comfortable with individual bank's risk classification and management systems, the tighter
their focus will be on providing the bank management with comments, evaluations, and
suggestions on improving the systems rather than duplicating the efforts of bank
management.
In short, it will, I think, be increasingly the job of the supervisor to evaluate and test systems
and to evaluate and criticize the accuracy and helpfulness of the information banks disclose
about their own risk profiles. I anticipate that market discipline at the complex banks will
play an important role as a supplement to the evolving supervisory paradigm. Internal
systems and public disclosure are the real first line of defense in the safety and soundness of
our banking system. The only alternative for the large and complex banking organization, as
I have noted, is a degree of supervisory intrusiveness and detailed regulation that would
dramatically reduce flexibility and innovation in our banking system.
We have, I believe, already started down the road I have outlined. But several problems
remain to be solved, and any one of them could slow or even stop our progress. I have
already mentioned validation procedures for risk classifications and efforts to convert risk
classifications into risk weights on an equitable basis across banks. The process of reaching
a consensus at Basel that works in addressing the problems I have outlined is another. But
whatever we develop, either here or on an international basis, we will be relying on the
development by banks of better risk classification and management systems, on market
discipline, on the good judgment of the nation's examiners, and on the development by
examiners of the skills needed to keep pace with the activities of banks.
Conclusion
The changes in financial markets, technology, and law and regulation create new
opportunities and risks for banks and supervisors. As institutions become more complex--let
alone larger--and financial markets more complex and diverse, the requirement for better
risk management increases exponentially. A critical component of better risk management
systems will be an empirically based internal structure of risk classifications. Supervisors,
once comfortable with the accuracy and sensitivity of such systems, will be able to use them
in constructing and evaluating improved regulatory capital requirements. Supervisors will
increasingly rely on market discipline and focus on critiquing risk management systems.
Return to top
2000 Speeches
Home | News and events
Accessibility | Contact Us
Last update: June 1, 2000, 1:45 PM


Federal Reserve Bank of St. Louis, One Federal Reserve Bank Plaza, St. Louis, MO 63102