Thank you Sally. It’s great to be here again this year to open up the IIB’s annual seminar on Risk Management and Regulatory/Examinations Compliance Issues. I appreciate the opportunity to address this group and to continue the dialogue that we’ve been having over the past several years.
Given that we are celebrating the five-year mark of what was probably the worst part of the financial crisis, I thought I’d take this opportunity to take a step back and reflect a bit on how far we’ve come since the crisis in addressing some of the most pressing issues. Then I’d like to share with you some of my thoughts on areas that still need to be addressed and where I think more concerted effort is needed.
As always, my remarks reflect my own views and not necessarily those of the Federal Reserve Bank of New York or the Federal Reserve System.
It’s hard to believe that it has already been five years—and I’m not sure whether it feels longer or shorter than that! But one thing I’m certain of is that a lot has changed in those five years—and much of it for the positive in terms of addressing some of the key weaknesses that led to the crisis.
Where Progress Has Been Made
I thought I’d start first by reflecting on several areas where we’ve seen progress. Importantly, the balance sheet repair that was necessary is underway.
- Banks are building capital—both the quantity and the quality of capital have improved markedly in the past several years. For example, by some measures, the largest banks in the U.S. have more than doubled capital levels over the past four years.
- Banks are also building liquidity, and liquidity levels far exceed those that most firms had going into the crisis in 2008.
- While progress on both fronts is somewhat uneven across jurisdictions, there are efforts underway, including through such mechanisms as the Basel rulemaking process and EU initiatives, to continue to make bank balance sheets more resilient to stress in the future.
In the area of recovery and resolution, with the second round of plans in for the largest firms (and the first round in or due shortly for the remaining firms), a lot of learning has happened through this process. Firms have made good progress in better understanding the complexity of their own operations, including strengthening the overall management of organizational/legal structures, identifying all legal entities (and this was huge for some firms), and beginning the difficult task of identifying additional impediments to resolving a large internationally active firm.
I think there’s also good recognition that the financial system is more than just banks, with processes at both the domestic/U.S. level and globally to identify the set of systemically important financial institutions (non-banks like insurance companies for example) and to ensure that stronger regulation and oversight is exercised over these firms.
Locally, within the New York Fed, I noted last year that some of the changes we had made to our supervisory processes were yielding some good results, and I’m pleased to share with you today that progress has continued on a number of fronts.
- We have continued to increase our interactions with senior management and boards of directors of the firms we supervise, including most of the largest foreign firms. We have built important channels of communication with senior management and board members—and we appreciate the enhanced level of dialogue and candor that is resulting from these interactions. And, we know that board members also appreciate the engagement and frank dialogue.
- Of course, we’ve been working closely with home country supervisors to ensure we have good communication and are coordinated in our messaging.
- Through the work of our business line specialists, we are developing a better understanding of the businesses you all are engaged in, including improving the dialogue with the front office and getting to know those business leaders. This has given us a much improved window into your strategies—into how you are thinking about the changes you will make and need to make in the face of increased regulation, increased regulatory pressure, competition and future economic growth.
Areas Where Work Remains
Of course, there are many more areas where progress is being made, but those are the ones that I would highlight for you today. And, while I tend to be a “glass half-full” kind of person, I am also a realist and recognize the tough road ahead to continue implementing the kinds of changes needed across the system to achieve the end state of a more resilient, better managed and less complex financial system. In this regard, I’d highlight four areas where additional work is needed across firms and supervisors/regulators:
- Resolution planning
- Coordinating supervision across global organizations
- Bank Secrecy Act/Anti-Money Laundering (AML/BSA) compliance
- Culture of firms and the system
I noted earlier that resolution planning was an area where progress had been made—and it has. At the same time, though, the complexities of resolution planning, including resolving a number of cross-border issues, make this one of the more difficult issues facing both firms and regulators/supervisors and there is still considerable work to do.
Through the reviews we’ve done thus far, we identified five capabilities that we asked firms to focus on in the near-term to enhance resolvability. These include:
- Collateral management
- Firms need to have systems capable of tracking and analyzing collateral received from or due to other parties—not just by counterparty, but also by legal entity and by jurisdiction.
- In addition, firms need to have the analytical capabilities to understand collateral requirements—both inflows and outflows—under a variety of stress scenarios, including resolution.
- And, in addition to the systems and analytics, firms need to have the people with sufficient knowledge of legal and operational differences in managing collateral across jurisdictions.
- Effective MIS around payment, clearing and settlement activities
- Firms should have a full understanding of all obligations and exposures associated with payments, clearing and settlement activities. This should include (but is not limited to):
- Information by legal entity for all customers and counterparties for these activities;
- Financial market utility memberships and participation; and
- Analyses on liquidity needs and operational capacity required to meet all payments, clearing and settlement obligations, including under stress scenarios.
- Firms should have a full understanding of all obligations and exposures associated with payments, clearing and settlement activities. This should include (but is not limited to):
- Stronger analytics around funding
- Firms should have be able to produce analyses by material legal entity on a timely basis about its funding arrangements, including:
- Inter-affiliate funding arrangements;
- Where liquidity reserves are held;
- Stressed funding and liquidity outflows and inflows at the legal entity level; and
- Impact of restrictions on transfer of liquidity between entities imposed by regulatory or resolution regimes.
- Firms should have be able to produce analyses by material legal entity on a timely basis about its funding arrangements, including:
- MIS by legal entity
- Firms should be able to produce on a timely basis detailed monthly balance sheets by material entity, as well as identify all credit exposures with a level of specificity including type of exposure, counterparty and maturity.
- Firms should also have inventories of key management and support functions; property owned, leased or licensed; internal shared services; and key third party contracts.
- Finally, firms should have inventories of key legal information, including legal entity types, purpose and relevant licenses, physical location, regulator, senior management and directors; and applicable resolution regime and authority, as well as sufficient information on legal agreements, such as parties to the agreements, key terms of agreements, and any relevant interdependencies.
- Arrangements for shared or outsourced services
- The final area for additional work is ensuring robust arrangements for the continued provision of shared or outsourced services needed to maintain operations.
- Firms should understand and have sufficient information available on its internal and external dependencies, including continuity or replacement strategies for each service, as well as contingency arrangements in place to retrain or replace personnel or services needed to maintain operations.
- While there are many areas that supervisors/regulators and legislators need to continue to work on to make cross-border resolution a reality, these five areas are ones that we have highlighted for near-term focus by firms.
- And just a note for firms in the next tiers, including the wave two and three filers—as I know that concerns have been raised about the depth and breadth of work required—particularly for the “non-systemically important” foreign banking organizations (FBOs):
- As we’ve indicated in our discussions, our reviews of your plans, which we are conducting jointly with the FDIC, will be a learning experience for us—as much as it is for you. We are viewing this process as iterative—as it has been for the first wave filers, and we expect to learn quite a bit through the reviews, including much more about your U.S. operations, that will help us and you ensure a robust planning process that works for each firm.
Turning now to the second area where I think more work needs to be done—coordinating the supervision and oversight of the large systemically important institutions. While the crisis has provided a great opportunity to enhance our dialogue across supervisory boundaries, there are still impediments to realizing a more seamless and coordinated approach.
Among the impediments are the challenges in information sharing, where there continue to be barriers to freely sharing information among supervisors. While some of these impediments are cultural—or trust-related—ones, there are still legal barriers to sharing information that need to be addressed. We need to address the legal impediments for supervisors on the ground to be able to share information in a more routine and natural way.
We also need to continue to build the working relationships among the supervisory teams on the ground. Much of this kind of dialogue is underway, but more could be done to move ahead on this issue. In this vein, we need to work more collaboratively together, be candid about concerns we have, and agree on the range of work necessary across these largest firms.
Steps in this direction, some of which we have already started implementing, include embarking on efforts like joint examinations or concurrent examinations, with similar scopes across legal entities/jurisdictions, to ensure a more holistic understanding of issues can be obtained.
We also need to make supervisory colleges more effective, including:
- Constructing the colleges with the appropriate members reflecting the key jurisdictions based on the scale or criticality of activities;
- Ensuring robust dialogue between supervisors and firms in college settings;
- Providing direct and candid feedback to firms and supervisors following from the interactions; and
- Agreeing on key messages to firms or areas of supervisory focus to ensure consistency across home and host supervisors.
I don't mean to suggest that coordination isn't underway already—because there is—but there are many reasons to be hopeful that even more progress will be made in the near-term.
- There are efforts such as those of the Financial Stability Board (FSB) and the Senior Supervisors Group (SSG) to promote enhanced information sharing and collaboration among supervisors.
- I’m particularly excited about the recent opening of the BIS’s Data Hub—a move designed to provide a more efficient and practical mechanism for supervisors—and eventually central banks and other relevant bodies—to share information on global banks’ activities and exposures.
3. AML/BSA Compliance
A third area I wanted to touch on is one that I raised last year—AML/BSA compliance.
Last year, I noted that I had had a similar conversation almost ten years ago with a nearly identical audience—in which I raised the question of whether the industry was going to finally tackle this issue and get it right.
I find myself here again this year wondering the same thing. But, rather than just raising the question, I thought I’d offer a couple of areas where we—collectively—could be thinking about how to “get it right.”
First, I do think this is an area that got short shrift during and following the crisis. Much of management’s attention was directed at the issues of the day, and decisions on where to invest resources were directed at the most pressing—and most obvious—areas. Thus, I think we are where we are: an area of compliance that didn’t get sufficient attention, didn’t keep up with evolving standards and now we find ourselves in a race to get it right. So, increased attention and investment is obviously needed.
Many firms continue to make the mistake of treating AML compliance as a static exercise, while AML standards and best practices continue to evolve. Two critical areas where this mistake appears to keep being made are failures to update customer due diligence and transaction monitoring programs as the firms’ business model changes.
Second, this is an area where the fragmentation in supervision is quite apparent. Multiple supervisory agencies examine BSA/AML compliance, oftentimes at a single firm, which can result in mixed messages, delays, and overlapping and redundant work for you and for us. This is an area that warrants additional attention.
Third, there are several other areas where the industry and supervisory community should consider working together, including issues like conflicting laws/regulations associated with an international footprint; subjectivity in some of the AML guidance that drives differences in approach by firms and by supervisors; and, the potential negative impact of AML compliance on the ongoing provision of vital banking services.
And, finally, I still wonder whether communication has reached far enough into organizations to ensure that decisions made at both the top of the house and at the ground level don’t expose firms to ongoing AML/BSA risks.
Weak BSA/AML compliance programs are often attributable to the failure by the boards of directors and senior management to actively and meaningfully promote AML compliance as a priority and take responsibility for it. AML needs to be managed on an enterprise-wide basis, while also addressing the unique aspects of every business line.
4. Culture
This last point brings me to my final thought—on culture.
I think it’s pretty safe to say— after one reads the newspaper on any given day—that we may be at a low point of confidence and trust between the public and the financial sector—with a series of high profile events over the past 18 months that raise issues of both basic compliance with laws and regulations and of governance and culture in firms and in the system more broadly.
Culture can be a complex topic—and I know it’s one that firms are spending a lot of time thinking through and trying to figure out how to ensure a strong culture. As we are thinking about it, we’re asking ourselves a series of questions—and I thought I’d share a couple of these with you as food for thought on this topic.
Culture starts at the top of the organization—“the tone at the top”
- Do the directors/CEO set the right tone for behavior at the organization?
- Is there effective challenge and debate at the board meetings/committee meetings?
- Do personalities interfere/get too big within the company for effective risk management?
- What’s the dialogue like between supervisors and the firm?
In a strong risk culture, incentives within the firm set the right expectations for behavior.
- How are audit and supervisory findings handled?
- Does the performance management system reward both good behavior and punish bad behaviors or lapses?
At the end of the day, culture is fundamentally about people.
- No organization can fully identify all policies or procedures for every type of issue that might occur.
- The culture needs to be embedded deeply enough in the organization and be strong enough to ensure that sound decisions are made throughout the organization—from top to bottom and from side to side.
- So, a strong culture identifies risks or issues that are new or unexpected and quickly escalates problems. Bad news needs to travel quickly.
Culture can be a difficult characteristic to measure, but there is good work underway at the international level to further the dialogue on risk culture in particular. Following on the FSB’s work on risk appetite, the FSB’s Supervisory Intensity and Effectiveness group has undertaken additional work on risk culture and how firms and supervisors should be assessing risk culture within firms—and we expect to see the results of that work in the next month or so.
FRBNY Organizational Changes
I’d like to close with a couple of comments about some recent changes we’ve made to our internal organization. Earlier this year, we formed two new units within the Financial Institution Supervision Group—the Large International Financial Institution (LIFI) unit and the Regional, Community and Foreign Institution (RCFI) unit.
The LIFI area is currently is responsible for roughly the top 23 foreign firms based here in New York with the largest U.S. presence (outside of the four firms that are covered in our Complex Financial Institutions portfolio); and, the RCFI unit is responsible for the remaining large group of smaller foreign firms.
Our rationale for making this change was three-fold:
First, we wanted to better tailor our supervisory approaches to the firms in each of these portfolios.
- In this regard, the LIFI portfolio approach will use a combination of on-site and off-site monitoring over the course of the year, as well as examinations—but the program will evolve over time as the rules are finalized for applying enhanced prudential standards for FBOs.
- The RCFI approach will largely be point-in-time examinations, using, where possible, a more streamlined process, more off-site analysis, and continued coordination with our colleagues at the other supervisory agencies.
Second, we wanted to leverage the portfolio approach to ensure better dialogue with supervised firms, as well as to develop better cross-firm metrics and benchmarks that we can use to evaluate firms and to provide more robust feedback on key issues.
And, third, it provides an opportunity to realize efficiencies across our supervisory activities, with similarly sized (and similar complexity) organizations examined by a common core of examiners; this also gives us more targeted training and development for our staff.
Conclusion
I think I’ve covered a lot of ground in my remarks this morning. I look forward to continuing our dialogue in the coming year—and appreciate the opportunity to talk with you this morning.
Thank you.