Banks
are considered to be stable, reliant and dull by the world, or that’s what we
would like them to be.
Instead banks are inherently risk managers, as we have now specifically
realised in the past five years.
Banks can be basket cases if they manage risk badly or high return
investment vehicles if they manage risk well, but it’s all about risk management.
This is because banks make money out of lending and the art of
lending is to ensure the customer will pay back and pay back at a profit with
interest.
This is the basics of banking and goes back to usury in the times of
the Romans.
It all sounds so simple, and it is, but the complexity of the
modern world is breaking that simplicity.
Just thirty years ago, the simplicity was there because we had just
two types of risk to manage: market and credit.
Credit risk speaks for itself: will the customer pay back; whilst
market risk is also fairly obvious: are the markets good enough to support our
position?
Then Barings Bank collapsed and another sort of risk appeared:
operational risk. Operational risk is the risk of our own organisation
screwing itself up through inadequate internal controls. This one is also
simple, although harder to manage because the bending of internal rules is all
too easily achieved if the interests of the few dominate the survival of the
many, especially if the interest of the few lie near to the top of the tree.
Today, we think of Jérôme Kerviel and Kweku
Adoboli as operational risk illustration of modern day
organisations that got out of hand, but I would also place Fred Goodwin (RBS),
James Crosby (HBOS) and Adam Applegarth (Northern Rock) in this space.
Now that may be unfair as there is another form of risk that appeared
in much more recent times, post-2008, that had gone under the radar pre this
crisis, and that is the risk of not being able to keep ourselves funded.
It is now called liquidity risk and it’s a good name, as I think
of it as the ability for a bank to remain buoyant and a bank sinks if its funds
run out. You see a bank’s job is to maximise returns by leveraging its
lending as far as it can. That is how a bank makes money by lending it
and getting interest back. Admittedly, banks also made money by
investing it, and that’s where market risk comes in.
As you can see, these four sorts of risk are interoperable, interdependent
and inter-related, but they have to be treated separately and in harmony to
make sure that one does not explode at the expense of the others.
RBS, HBOS and Northern Rock were all good banks that went bad
because they had modelled and managed their market and credit risk analytics, but
had not taken into account the risk of markets closing the doors to funds.
It was when this liquidity risk exposure appeared that they also realised they
had an operational risk: CEOs that have been overambitious and who had
overleveraged the balance sheet because they believed markets would provide
never-rending funding (liquidity).
I’m blogging about this today because of two banks that I’ve been
talking to or about over the past two days.
One is the Co-operative Bank, the small UK ethical bank that has
been a mutual but is now becoming a proprietary shareholder owned bank.
Why?
Because
it has a £1.5 billion capital shortfall under the new regulatory rules, and has
to fill that hole by converting bondholders into shareholders. The
bondholders aren’t happy about it but, if they don’t accept the plan, they will
probably become the holders of nothing as the bank will close.
How did the Co-operative get into such a mess?
Because
they – like RBS, HBOS and Northern Rock – over-stretched the balance sheet and
created unmanageable liquidity risk.
In this case, everyone is wondering how come a bank that the regulators
and media all thought was decent, small, mutual bank, has suddenly become a
basket case.
And the answer is the arrogance of management in stretching the
bank’s balance sheet when buying a bad bank called Britannia, along with
another form of risk.
Again it is wrapped into the other four (market, credit, liquidity,
operational) but has its own designation today: compliance risk.
The Co-operative had an 8.8 percent capital ratio – the amount they
hold to cover a crisis- and this has been deemed unacceptable under the UK implementation
of Basel III. Under this regulation, banks must achieve capital ratios of
10 percent or more, and the Bank of England recently came out with an analysis
that said the UK banks each had some form of shortfall.
For a big bank, such as shortfall can be covered by selling non-core
assets (RBS, Lloyds) or a rights issue (Barclays), but for a non-proprietary
mutual, how do you find £1.5 billion you don’t have and find it fast?
That is the challenge that Cao-operative Bank face and so they’re
converting £1 billion of bond debt into shareholder equity and then selling a
few other bits, like their insurance business, to survive.
Or that’s the plan anyway.
So I finish that conversation and pick up the annual report of a
bank I will present to tomorrow.
In their report of lots of interesting bits and bobs, but the real
inspiration for this blog post hit me at the end as I picked up their risk
section.
They defined their five types of risk that they must manage as
follows:
Credit
risk: the risk
of loss which arises if customers and counterparties cannot meet their payment
obligations.
Market risk: the risk of changes to the results caused by
variations in market prices, and comprises equity, interest rate, spread and
currency risk.
Liquidity
risk: the risk
that the group cannot meet its obligations when they fall due without incurring
substantial costs in the form of expensive refinancing or the need to sell assets.
Operational
risk: the possibility
of losses arising from inadequate or unsound processes or systems, human error or
external incidents, as well as legal risk.
Compliance risk: the risk of breaching legal enactments, statutory
regulations, other relevant official provisions and internal regulations which involve
the threat of official sanctions, financial loss and loss of reputation.
Excellent.
Nevertheless, are these the only risks we need to manage and what
other ones will appear in the future?
Environmental risk, technological risk, social risk, political risk,
reputational risk … there are so many forms of risk that what it convinces me
to realise is that banks are not boring, dull, stable businesses at all.
They are risk managers.
And now, when I think this way, I realise that banks are not the
issue here, but the risk managers.
You
can have the most leveraged bank in the world with a one percent capital ratio,
as long as the risk managers are second-to-none whilst you can have the safest
bank (the Co-op) with a ten percent capital ratio that’s as flaky as a fruitcake
if it ignores its bad loans business (which the Co-op did).
Chris M Skinner
Chris Skinner is best known as an independent commentator on the financial markets through his blog, TheFinanser.com, as author of the bestselling book Digital Bank, and Chair of the European networking forum the Financial Services Club. He has been voted one of the most influential people in banking by The Financial Brand (as well as one of the best blogs), a FinTech Titan (Next Bank), one of the Fintech Leaders you need to follow (City AM, Deluxe and Jax Finance), as well as one of the Top 40 most influential people in financial technology by the Wall Street Journal's Financial News. To learn more click here...