What is it with banks and huge losses?
A story of misaligned risk cultures and bad governance
14 Apr 2021 | Keith Mullin
Keith Mullin
Keith Mullin

Here we go again: big banks on the wrong side of things that blow up in their faces and cause centimillion to multibillion-dollar losses. There’s been a barrage of industry chatter about this in Europe, centred on Credit Suisse and its ability to step on all of the land mines. But the chatter has spread to sector-wide issues.

The seemingly endless trail of doom stalking the banking sector has rendered us almost numb to the news. But why does it keep happening and on such a grand scale? One thing it isn’t is a lack of risk measurement tools. Those who say it’s the nature of banking have a point. Others blame naked greed. And abysmal risk governance.

Let’s take a step back. Following the great recession and the taxpayer-funded bailouts of the global financial crisis, banks are supposed to have shifted their business models such that they resemble risk-light capital-heavy utilities focused on serving clients’ needs as agents and intermediaries. I’ve lost count of the number of times I’ve been told that by senior bank executives, consultants, investors, rating agencies, lawyers and regulators.

Since the start of the pandemic, we’re supposed to have added a whole new suite of altruistic behaviours: banks fulfilling public-service duties and serving the needs of communities; banks as part of the solution, not part of the problem; banks putting people before profit. (Utter nonsense in my view.)

I’ve never bought the altered ego narrative. A lot of change in the past 10 years or so has been imposed by regulators rather than been self-imposed. Sure, the unbridled, high-risk, high-leverage, proprietary-tinged, bonus-led casino culture that led us into the 2007-08 crisis has been curtailed. But not destroyed. I’ve never thought it would take much for banks to revert to form (if you even accept they veered from form in the first place).

The interest-rate and bond-yield environment isn’t helping. Nor is the central bank stimulus that’s caused massive asset-price inflation and destroyed risk-return. Banks and their institutional clients have been forced to seek out risk to earn a reasonable return; reasonable return in fixed income starting at anything above zero!

To be clear, I’ve never believed that banks should be free of risk or immune from making losses. Regardless of any Road-to-Damascus revelations or Eureka moments, banks are in the risk business. From their unsecured consumer lending, to financing businesses, entrepreneurs and startups, to engineering complex solutions for institutional consumption. Risk defines banking. Risk compensates stakeholders through the value chain; the value chain including whole countries, whose wheels of economic activity and cycles of innovation and creative destruction are greased by finance.

So if banks are in the risk business, perhaps a question to ponder is whether their risk functions are sufficiently high-performance and underpinned by robust frameworks and architectures that give them a real-time firm-wide view of the risks they face. The answer here is some are better than others, but, generally speaking, yes.

Think about it: risk managers at big banks today are armed with a bulging suite of enabling and facilitative tools, from Big Data and data science, to automated data capture, machine learning and artificial intelligence, to advanced analytics and cutting-edge statistical modelling techniques, to behavioural science overlays. These things and more assist banks with internal stress testing, loss quantification and measurement, creation of potential loss curves, default probabilities and expected-loss outputs.

So with all of the scientific progress made in the area of risk management, how can banks still make losses? Because all of the science in the world won’t pinpoint the exact moment they need to get out of the way of harm – accepting they need to be exposed to some form of latent harm to generate a return.

But it’s more than that. The central issue is not how banks can get out of the way of harm when they need to but how much risk and what sort of risk they should be exposed to in the first place. Risk management can only ever be a function of a firm-wide risk culture and the governance framework put in place to capture it. That’s a CEO and board issue. Not a systems issue.

So many of the accounts describing these most recent bank losses have blamed risk management shortcomings. Who’s the first person to get fired when things go wrong? It’s invariably the chief risk officer or senior people in the risk and compliance area. Followed by the people in the business who pressed the wrong buttons. And, more for PR flourish and stakeholder virtue-signalling, the head of the business that’s suffered the loss.

The chief risk officer may report to the chief executive on paper, but who will the boss side with? The risk people, widely seen by the business as killjoys, dullards and jobsworths? Or the business people, who are there to serve clients and make money for the firm (and for the CEO)? No prize for guessing.

Greed and FOMO push senior executives and boards to ignore the best efforts of the risk people who put dubious clients on watch lists, special lists or blocked lists. That’s why banks end up … I don’t know … greenlighting the extension of huge leverage to, say, convicted insider traders. Because they can supercharge the trading P&L, boost quarterly earnings, and service bonus accruals.