Barking Up the Wrong Tree

A few weeks ago, The ERM Current™ included a blog entry about former US House Speaker Newt Gingrich's call for the repeal of the Sarbanes-Oxley Act.  Many of Mr. Gingrich's claims supporting his rationale that Sarbanes-Oxley is responsible for our current economic downturn were simply wrong.  Well, someone else also noted his poorly constructed argument and provided an alternative view last week in an op-ed article for the San Diego Business Journal.  Wade Lindenberger provided a compelling counter-point argument in his column as well as a practical view of the evolving nature of Sarbanes-Oxley Act compliance efforts.  He noted,

"In a time like this, people are always looking to blame something for the financial meltdown and turmoil. Sure, we are in a serious financial situation right now, but Sarbanes-Oxley is not to blame. In the six years since Sarbanes-Oxley was enacted, failures like Enron and WorldCom, which resulted mainly from finance and accounting shenanigans, have been nonexistent. The most recent failures of companies like Bear Stearns and Lehman Bros. resulted from poor business decisions and absentee risk management, all driven by good old-fashioned greed."

Those who continue to seek to repeal Sarbanes-Oxley are simply attempting to skirt the real issues at hand and also avoid future accountability for business-related fraud.  Mr. Lindenberger sums up the situation nicely by stating the following,

"When it comes down to it, the steps legislated by Sarbanes-Oxley are really nothing more than what we would expect from any thorough, well-run company."

ERM Case in Point

This week's rescue of Citigroup serves as a prime example of how fragmented approaches to risk management can have disastrous consequences.  The New York Times presented a thorough review of the actions and inactions occurring within the ranks at Citigroup that ultimately led to far excessive risk-taking.  In short, the risk oversight was relegated to those in the business units who had the most to gain by taking excessive risks.  This, in turn, led to the creation of a culture that considered risk management as an after-thought and did not promote a full understanding of risks across the enterprise.  Lynn Turner, formerly the chief accountant at the Securities & Exchange Commission, offered his view of Citigroup in the article.

“If you’re an entity of this size,” he said, “if you don’t have controls, if you don’t have the right culture and you don’t have people accountable for the risks that they are taking, you’re Citigroup.”

Financial and non-financial corporations alike should use the case of Citigroup as an example of how not to structure their risk management programs.  To be truly effective, enterprise risk management programs should be supported by a strong culture, strong controls and strong competencies in risk management disciplines. Visit www.WheelhouseAdvisors.com to learn more about building an effective enterprise risk management program.

Restoring Trust

Former SEC Commissioner Arthur Levitt recently testified before the Senate Banking Committee and offered his perspective on how to strengthen the regulatory oversight system in dire need of repair.  

"As we move forward in the process, we must make sure that there is an agency that is independent of the White House, dedicated to mandating transparency with robust law enforcement powers, with the wherewithal and knowledge to oversee and if necessary guide risk management, and built around one mission: protecting the interests of investors.  If we do, investors will know that they have someone in their corner, that the markets will be free and fair, and that they will invest with confidence."

As Mr. Levitt suggests, the key to stabilizing the financial markets is by restoring trust and one of the critical elements to restoring trust is effective regulatory oversight and risk management.

Falling on Deaf Ears

An article in yesterday's Washington Post provided some interesting details behind the collapse of Washington Mutual.  It appears that the Office of Thrift Supervision ("OTS") failed in its job to provide effective oversight by allowing executives at the nation's largest savings and loan institution to ignore the advice of its own risk managers.  Here is an excerpt from the article.

In 2005, a small group of senior risk managers drew up a plan that would have required loan officers to document that borrowers could afford the full monthly payment on option ARM loans. The plan was shared with OTS examiners, according to a former bank official who spoke on condition of anonymity because the bank's practices are the focus of a federal investigation as well as several lawsuits. "We laid it out to the regulators. They bought into it. They supported it," the former official said.  But when a new executive team at the bank nixed the plan, the former official said, "the OTS never said anything."

This is another example of the breakdown in regulatory oversight and management that fueled the current financial crisis.  It also shows that what is needed most is not necessarily more regulation, but more effective regulation.

Risk Management Now a Top Concern

Corporate executives are beginning to shift their priorities in response to the financial crisis and deteriorating economic conditions according to a recent survey by The Conference Board as reported in yesterday's Wall Street Journal.  It is no surprise that risk management is now a top concern.  What is somewhat perplexing is that risk management was not a top concern when the same survey was conducted in July (see survey results below).  

Risk management should always be a top concern, but many do not consider it as a primary focus area until times of crisis.  While it is human nature to react in this manner, the full benefit of strong enterprise risk management programs is gained by averting such periods of crisis.  Risk management attention and investment at this time is certainly warranted.  However, let's hope the investment and discipline is maintained so another crisis of this magnitude never comes to pass.   

Which Way Is Up?

It appears that the US Congress is beginning to ask themselves once again why they voted for a hastily arranged piece of legislation.  In testimony yesterday to the US House Financial Services Committee, Treasury Secretary Paulson had a rough time explaining why he used his $350 billion "allowance" in a way that differed from the original expectations.  Here is what Rep. Spencer Bachus of Alabama, the panel's top Republican, had to say:

"Changing too quickly, without adequately explaining why you've changed or what you're going to do next, risks sending mixed signals to a marketplace that is in dire need of certainty and a sense of direction."

In addition, American Bankers Association Chairman and CEO Edward Yingling said during the hearing,

"...it (TARP) is also a source of great frustration and uncertainty to banks. Much of the frustration and uncertainty is because of the significant and numerous changes to the program and misperceptions that have resulted on the part of the press and the public."

The continued changes to the application of the rescue packages are leaving both Congress and our financial markets asking themselves the same question - "Which way is up?"  It seems no one knows the answer.

Silence in the Boardroom

Yesterday, Rick Steinberg wrote a great article in Compliance Week detailing the many failures of risk management leading to the recent financial market crisis.  For those of you who may not know,  Mr. Steinberg is a leading authority on the topic of risk management and a principal author of the COSO Internal Control Framework that has become the de facto standard for public corporations and their boards of directors.  As such, Mr. Steinberg has a unique perspective of the unfolding events in each of the firms that have contributed to the market collapse.  In particular, Mr. Steinberg points to boards and their responsibility for holding senior management accountable.  He states,

"....the board must understand what management is doing to identify, assess, and manage significant risks facing the company. It must be comfortable that management has a process in place, and that the process is working effectively. The board must be comfortable with management’s appetite for taking on risk, and that senior management is positioned to obtain accurate information about key risks and relays that information to the boardroom."

While he also notes areas of weakness with other players such as the regulators and credit rating agencies, it is this critical component of risk management and corporate governance that cannot be ignored.  Without a strong enterprise risk management process and frequent communication between board members and management, companies will not be able to navigate the critical risks and new regulatory environment that is now on the horizon.

No Time for Complacency

In a speech last week to the Banque Centrale du Luxembourg, Vice Chairman of the Federal Reserve Donald Kohn provided a thorough analysis of events leading to the current financial crisis.  A major portion of his remarks focused on the inadequate investment in risk management by many financial institutions.  In his view, the long period of relative stability in financial markets bred a high level of complacency and inattention to the growing risks.  As he stated,

"Complacency contributed to the unwillingness of many financial market participants to enhance their risk-management systems sufficiently to take full account of the new (perhaps unknown) risks they were taking on."

Risk management should be a primary focus of all companies, financial and non-financial, at all times.  It is precisely the moment when profits are at their peak and economic times are good that companies should be most vigilent.  Now, we are in catch-up mode and must make greater investment in risk management to ensure complacency does not become part of the risk equation again.

A Call for Action

The Group of Twenty ("G-20") met in Washington, DC on Saturday to jointly develop action plans to address the growing economic crisis sweeping the globe.  A need for greater transparency and accountability in our financial markets served as the primary theme for the meeting.  The result of their discussion was a strong declaration regarding the root causes of the problems we are facing and recommended actions to remedy the situation.  One of their action plans focused squarely on risk management.  Below are the related risk management actions to be taken by the end of March 31, 2009.  

• Regulators should develop enhanced guidance to strengthen banks' risk management practices, in line with international best practices, and should encourage financial firms to reexamine their internal controls and implement strengthened policies for sound risk management.


• Regulators should develop and implement procedures to ensure that financial firms implement policies to better manage liquidity risk, including by creating strong liquidity cushions.


• Supervisors should ensure that financial firms develop processes that provide for timely and comprehensive measurement of risk concentrations and large counterparty risk positions across products and geographies.


• Firms should reassess their risk management models to guard against stress and report to supervisors on their efforts.


• The Basel Committee should study the need for and help develop firms' new stress testing models, as appropriate.


• Financial institutions should have clear internal incentives to promote stability, and action needs to be taken, through voluntary effort or regulatory action, to avoid compensation schemes which reward excessive short-term returns or risk taking.


• Banks should exercise effective risk management and due diligence over structured products and securitization.

A great deal of work will be required to properly address these recommendations.  However, the end result will be a much stronger global economy.  Wheelhouse Advisors can help your company quickly assess its risk & control programs and provide cost-effective solutions to the recommended actions.  Visit our website at www.WheelhouseAdvisors.com to learn more.

A Return of Systemic Risk?

The sudden about-face in the direction of the US Treasury's Troubled Asset Relief Program ("TARP") has brought on new fears of increasing systemic risk in the financial markets.  TARP was originally intended to lower systemic risk by ridding the markets of the toxic securities that currently plague the balance sheets of numerous financial institutions.  By leaving those securities on the balance sheets, many believe that a crisis in confidence will re-emerge.  Bloomberg.com noted the following comments yesterday from a credit strategist at BNP Paribas,

"Substantial risk still remains within the U.S. financial system,'' said Rajeev Shah, a London-based credit strategist at BNP Paribas.  "Uncertainty about existing troubled assets could lead to increasing systemic risk.''

Where do we go from here?  Who knows?  However, one thing is certain.  Changing plans in mid-stream is certainly no way to reduce uncertainty in the financial markets.

The Dukes of Moral Hazard

Yesterday, the Wall Street Journal discussed the impact of moral hazard on the behavior of both corporations and individuals.  With the ever increasing amounts of money being doled out to those who invested in risky derivative securities and their underlying assets, the impact of moral hazard cannot be ignored.  Wikipedia defines moral hazard in the following way.

Moral hazard is the prospect that a party insulated from risk may behave differently from the way it would behave if it were fully exposed to the risk. Moral hazard arises because an individual or institution does not bear the full consequences of its actions, and therefore has a tendency to act less carefully than it otherwise would, leaving another party to bear some responsibility for the consequences of those actions.

There is great debate about whether the current efforts by the US Government will lead to a greater risk of increasing moral hazard.  Some may compare today's situation to the behavior of the good ol' boys in the old TV show, "The Dukes of Hazzard".  They never crashed their car or went to jail even though they drove recklessly in every episode.  Sound familiar?

Speechless

Today's post leaves one speechless, both literally and figuratively.  In the figurative sense, few words can describe the ever increasing amounts of money that the US Government is pouring into financial institutions such as AIG.  Literally, there is not much more to say beyond what Barron's Bob O'Brien has to offer in his video post,  AIG Becoming a Money Pit?.

Repeal the Rescue Packages

Last week, former US House Speaker Newt Gingrich wrote an opinion in the San Francisco Chronicle renewing the call for a repeal of the Sarbanes-Oxley Act of 2002 ("SOX").  Mr. Gingrich's basic premise is that SOX went too far in regulating corporate governance and at the same time did nothing to prevent the collapse in financial markets.  As many others have complained in the past, Mr. Gingrich says that SOX is too costly and is preventing companies from going public.  Mr. Gingrich cites a $4.36 million cost per company from a recent Financial Executives International ("FEI") survey.  However, he fails to mention this figure is for the largest of companies (those with a market value greater than $700 million) and is out of date.  The most recent FEI survey figure for the largest companies is actually lower ($3.8 million) and for smaller companies that he is referencing in his IPO argument, the average cost is just over $600,000.  

Now, let's compare that to the updated "rescue" package for AIG.  Just this week, the package was increased to $150 billion.  That's right - billion with a "B".  And, as for the claim that SOX did nothing to prevent AIG's woes, it actually helped bring the woes to light.  It was the external auditor's disclosure of a material weakness in AIG controls (a SOX requirement) over credit default swap valuations that first held AIG management accountable and led to the departure of the CEO.  

Lastly, Mr. Gingrich says that SOX is driving companies overseas.  Well, if that is the case, then the "rescue" packages are certainly serving as a great incentive for companies to come back to the US.  Now, companies are lining up to receive US taxpayer money.  Those companies that do not want to be held accountable when accessing capital through public markets are probably better off in other markets.  SOX is not the problem - it is the "rescue" packages that need to be repealed.

Keep Your Eye on Compliance

The primary focus of most CFOs these days is credit and liquidity.  However, during a crisis such as the one we are experiencing, it is easy to become distracted and lose focus in other critical areas.  Compliance is one of these areas and with the recent election results, it is sure to be an area of great risk in the months and years to come.  Here's what Barry Bregman, a partner with CTPartners in New York, had to say about the topic at CFO.com.

That's not to say compliance has fallen by the wayside, especially at a time when the government is looking even harder at the operations of financial-services companies. "CFOs should make sure they have their eye on that ball and that they have the right people managing those functions."

Wheelhouse Advisors is equipped to help CFOs and their organizations maintain the proper focus on risk management and compliance with cost-effective solutions.  Visit www.WheelhouseAdvisors.com to learn more.

Responsible Investing on the Rise

According to recent studies by the CFA Institute, many people are looking to expand their concern for sustaining the environment to their investment portfolios.  In a publication released earlier this year, the CFA Institute noted the following.

A growing number of people are extending their social consciousness beyond driving hybrid vehicles or drinking fair trade coffee to pursuing a socially responsible investment strategy that reflects their values and core beliefs.... Socially responsible investing (SRI) integrates financial objectives with social and environmental objectives. SRI assets are growing at a faster pace than the broader universe of all investment assets under professional management.

In addition, those same investors are clamoring for stronger corporate governance and risk management within the companies that they are considering for investment.  Yesterday, the Financial Times quoted a proponent of responsible investing.

“Responsible investors benefit from better risk management, greater transparency, and an active engagement with companies to promote better management,” says Helena Vines Fiestas, a policy analyst for Oxfam. “Social, environmental and governance issues are also key features of their investment analysis. In this climate, responsible investors offer a real way forward.”

What's good for the environment can also be good for companies looking to navigate the ever changing world in which we live.

Playing with Fire? You Get Burned.

For those of you who have studied Finance and Investments, you are certainly familiar with the father of Modern Portfolio Theory, Harry M. Markowitz.  Mr. Markowitz earned the Nobel Prize in Economics for his recognition of the benefit of diversification in reducing risk in a given portfolio of securities.  In yesterday's Wall Street Journal, Mr. Markowitz was quoted on the role of financial engineers in today's financial crisis.   Below are his remarks.

"Diversifying sufficiently among uncorrelated risks can reduce portfolio risk toward zero," he says in an interview. "But financial engineers should know that's not true of a portfolio of correlated risks."

More specifically, Mr. Markowitz is referring to the financial engineers who created the mortgage-backed securities using tranches of various types of mortgages and touting their diversification benefits.  What they failed to mention, was the fact that risk is not mitigated when using similar types of securities with correlated returns.  Not only is risk not mitigated, it is exacerbated like throwing gasoline on a fire.  I guess those involved in creating this mess either fell asleep in class the day Modern Portfolio Theory was discussed or simply sold a pack of lies.  In either case, they were playing with fire and a whole bunch of people got burned.

A New Day

A new day has dawned in America with the results of a historic presidential election.  What will this mean for corporations?  Will new regulations be placed on business?  What will the impact be on the economy?  Well, with the economic challenges facing not only the United States, but also the entire world, one thing is for certain - change is coming.  Change can be embraced or feared.  For those prepared for change, it represents huge opportunity.  For those focused on the past, change can be the ultimate risk.  Is your company prepared for change?  Share your thoughts here.

Growing Systemic Risk - Revisited

If you have been following The ERM Current™ over the past few weeks, you will probably recall discussions about systemic risk permeating the financial markets.  Well, yesterday the Wall Street Journal chronicled the making of the engine that fueled the systemic risk.  Much of the credit derivative problem emanated from AIG and their use of sophisticated computer models to value the risk within each of their financial products. An academic consultant from Yale University promoted these models and was paid handsomely for it.  His name is Gary Gorton and here is what he had to say just last month.

"You have this very, very complicated chain of the movement of the risk, which made it very opaque about where the risk finally resided. And it ended up residing in many places. So the whole infrastructure of the financial market became kind of infected, because nobody knew exactly where the risk was." 

The primary objective of these financial products was to be "opaque" so investors would unwittingly buy into the scheme.  However, when the institutions who peddled these products placed their faith in the computer models to value the risks, their fate was sealed.

The Auditors Are Coming!

Last week, the Public Company Accounting Oversight Board ("PCAOB") released proposed standards for auditors to examine and utilize risk assessments in their upcoming audits of major corporations.  These standards could prove to be significant in the evolving audit approaches for internal control over financial reporting (i.e. Sarbanes-Oxley Section 404).  Mark Olson, PCAOB Chairman commented on the purpose of these new standards,

“An appropriate assessment of risk is the foundation of a high quality audit. Today’s proposals are intended to strengthen that foundation, which should result in improvements throughout the audit.”

In performing their assessment of risk, auditors are guided first to examine the company's own assessment of risk.  For those companies that do not have a solid framework and/or understanding of their risks, this new standard could be problematic.   The standard states,

The auditor should obtain an understanding of management's process for:

a. Identifying risks relevant to financial reporting objectives, including risks of material misstatement due to fraud ("fraud risks"), b. Assessing the likelihood and significance of misstatements resulting from those risks, and c. Deciding about actions to address those risks.

Factors that should be evaluated in determining which risks are significant risks include:

a. Whether the risk is a fraud risk; Note: A fraud risk is a significant risk. b. Whether the risk is related to recent significant economic, accounting, or other developments; c. The complexity of transactions; d. Whether the risk involves significant transactions with related parties; e. The degree of complexity or judgment in the recognition or measurement of financial information related to the risk, especially those measurements involving a wide range of measurement uncertainty; and f. Whether the risk involves significant transactions that are outside the normal course of business for the company, or that otherwise appear to be unusual due to their size or nature.

If your company is looking to strengthen its risk assessment process or build a new risk assessment framework to prepare for the new proposed standard, then click here to contact us and learn more about how our firm can help your company Navigate Successfully™.