Skip navigation
Ensuring a Safe and Sound Federal Banking System for All Americans Site Map | Text Size: S M L

NR 1995-129
Contact: Public Affairs
(202) 649-6870

Remarks by Doug Harris before the Fourth City of London Central Banking

Good evening, and thank you for asking me to share my thoughts — as a U.S. regulator — on the proper supervision of bank's derivatives activities. I always welcome the opportunity to participate in forums such as these, because I find them invaluable to our collective understanding of derivatives and what is necessary to anchor derivatives against the buffeting of the global marketplace. The need for regular communications — between regulators from different countries and with different experiences — continues to grow as financial services become increasingly complex and interrelated.

Effective communication, of course, is also the key to ensuring common understanding. So I'd like to clarify the Office of the Comptroller of the Currency's (OCC) position on sales practices and the use and appropriateness of generic risk disclosure statements. Because, as some of you know, the General Counsel of Credit Suisse Financial Products (CSFP) and I have exchanged correspondence recently regarding the risk disclosure statement prepared by CSFP and sent to all of its clients.

Let me be very clear. The OCC wholeheartedly supports voluntary efforts by industry groups, trade associations, and individual firms to self-regulate their over-the-counter (OTC) derivatives market activities, to bring greater transparency to derivatives transactions, and to foster a greater understanding of the various derivatives products and their risks. In this regard, the effort by CSFP to develop a generic OTC derivatives risk disclosure statement — the first that I am aware of — is to be commended.

In the OCC's existing guidance to U.S. national banks, we require that a dealer bank make an assessment as to whether a particular OTC derivatives transaction is consistent with its counterparty's policies and procedures for engaging in derivatives transactions. And we strongly suggest that a dealer bank should refrain from engaging in a transaction with a counterparty that does not sufficiently comprehend the risks of the proposed transaction. In our view, to engage in such a transaction would possibly expose the dealer to unanticipated credit risk and unnecessarily expose the dealer bank to potential litigation and reputation risk.

Risk disclosure statements are the vehicles typically used in the exchanged-traded derivatives world to inform futures and options traders of the risks inherent in trading those products. Such statements have become standardized — sometimes as required by regulation — and generic in the sense that they generally do not vary in form and content from broker to broker. While I have, in the past, personally questioned the effectiveness of these documents, there is no doubt that a standardized risk disclosure statement is best-suited to standardized and fungible products. Clearly, such statements are likely to be less informative and, therefore, less effective when used in connection with an individually-tailored, privately-negotiated, one-off, over-the-counter transaction. That should go without saying.

Obviously, if a counterparty is to appreciate fully the risks unique to a particular transaction, in the absence of having the necessary expertise to identify and comprehend those risks on its own, some effort must be made by the dealer to inform that counterparty of the particular risks associated with the transaction. In fact, the OCC's guidance to banks would suggest that such disclosures ultimately help the bank to manage its own credit and reputation risk. A generic risk disclosure statement is, then, a useful starting point for identifying broad categories of risk — such as credit risk, interest rate risk, and liquidity risk. But often more information is necessary to properly pinpoint the level of each risk a transaction entails and to devise strategies to control these risks. I must add, however, that there is increasingly a good deal of standardization that occurs even in the OTC derivatives market, and for transactions such as a three- to five-year fixed/floating Libor rate swap, a standardized risk disclosure statement may, in fact, be adequate.

At the OCC, we have given a lot of time and thought — over the last two-and-a-half years — to the issues involving banks' OTC derivatives activities. One of the things we have found is that the issues are several, they are sometimes complex — often political — but rarely are they relevant only to OTC derivatives trading and investment. These issues cut across bank products, services and activities, and the process of developing the proper framework for the supervision of banks' derivatives activities has caused us to rethink generally how we supervise banks. Derivatives — and many other new and, sometimes complex, products — have changed the way banks conduct and control their business. Not surprisingly, it has also changed how we supervise banks and how we approach new developments in the constantly changing financial services marketplace.

We attack derivatives issues on several fronts: accounting, capital, disclosure, regulatory reporting and sales practices. But it is clear to us — as I'm sure it is to you — that the anchor for derivatives is sound internal controls and prudent risk management. That is true with respect to any financial entity - - whether it is a commercial bank, thrift, building society, insurance company, pension plan, or money market mutual fund.

In fact, if there are three words that transcend the various worlds of financial regulators, the different types of financial institutions and the cornucopia of trade groups it's these: "internal controls matter." What else matters? Maintaining proper relations with your customers and counterparties. Senior management's role and board oversight in ensuring the establishment and maintenance of such controls matter. Although derivatives raise many issues for us, our fundamental concern with them is what we do not understand about them and ensuring that banks themselves are asking the right questions — questions such as "Where is the risk?", "What is the risk?" and "How do I control the risk?"

And these are the right questions to be asking about any capital markets activities and about most banking activities, including the core functions of taking deposits and making loans.

Daiwa and Japan's Ministry of Finance learned this basic truth the hard way. The product was not derivatives, but U.S. government securities — a product that until last week was considered the safest of investments because the risks are easily identified, measured, monitored and controlled. But Daiwa lost at least $1.1 billion trading in these products. Why? Because of the failure to have in place one of the most fundamental of internal controls — the separation of the front office from the back office, of the risk-takers from the risk monitors.

In fact, published reports indicate that the internal controls situation with Japanese banks is quite serious.

On November 6, an executive in the New York branch of the Industrial Bank of Japan was quoted in The Wall Street Journal as saying that "Japanese banks, including mine, have no internal controls in their home office or in their branch offices . . . It's all based on trust and the buddy system. What happened at Daiwa could happen at any Japanese bank." Needless to say, the bank executive requested anonymity. However, more recent reports also indicate that Japan is ready to end this honor system.

The failure to have separate and independent risk management and operations support units was also a major cause of the problem at Barings.

Two weeks ago, the OCC issued guidance to our examiners as to how they should examine the activities of a bank subsidiary that brokers futures and options contracts on futures and options exchanges — the business in which the Barings subsidiary was involved. This guidance built upon our existing examiner guidance with respect to financial derivatives activities. This guidance focuses on what I've been talked about this evening — the importance of board and senior management oversight, as well as strategic risk, reputation risk, credit risk, liquidity risk, transaction risk and compliance risk management practices and procedures.

I'd like to emphasize seven specific elements of that guidance:

First, brokers are expected to have a risk control unit that is separate and distinct from the unit that trades or brokers the futures and options. Strong risk management requires that the unit assessing risk be separate from the unit taking on the risk.

Second, an independent risk control unit must report to either executive management, the bank's board of directors or a designated management committee. And the risk control unit must periodically communicate findings to senior management and the bank's board.

Third, when establishing the broker's risk limits, senior bank management and the board should consider the interrelationship between the risk assumed by the broker and the risk assumed by other affiliated entities, including the bank.

Fourth, the bank's board should approve aggregate risk-taking limits at least once a year. These limits should be directly related to the nature of the bank's strategies, historical performance, and the overall level of earning or capital that the board is willing to place at risk.

Fifth, as the culture fostered by senior management of the broker will directly impact the amount of reputation risk faced by the bank, bank management should ensure that policies and procedures guiding the activities of the management of the broker direct and reinforce actions which are consistent with the risk profile approved by the bank's board.

Sixth, to protect the bank's reputation, the broker should implement policies and procedures which address the issues of soliciting new customers, analyzing customer credit-worthiness, performing ongoing monitoring of customer accounts, and handling customer complaints.

And finally, capital to support risk exposures should reflect the level and complexity of the risk assumed and not be limited to minimum regulatory requirements.

As you can see, for the most part, these important elements of our guidance are applicable, and should be applied, to activities other than the brokerage of exchange-traded derivatives. And the same can be said for our guidance on emerging markets trading activities that we are developing. But there is one element of that guidance that I would like to talk about in advance — the very touchy issue of trader compensation.

In the past, the OCC has expressed our concerns that a bank's compensation policy be sufficient to attract and maintain qualified individuals to perform back office and risk control unit functions.

However, over the last couple of years — and largely as a result of some of the widely reported derivatives fiascos — we have become increasingly concerned that compensation policies at some banks may unnecessarily create incentives for excessive risk-taking. In our forthcoming emerging markets guidance, we will state that compensation programs should not motivate a trader to take risk which is inconsistent with the bank's risk appetite, prevailing rules or regulations. We will also strongly suggest that when establishing or reviewing compensation programs, as well as when determining specific payments — such as bonuses — senior management considerations should include:

  • The employee's compliance with bank policies, laws and regulations
  • Bank performance relative to the bank's stated goals
  • Relative quality of earnings, for example risk-adjusted returns
  • The competitor's compensation packages for similar responsibilities and performance
  • The individual's overall performance
  • The levels of risk inherent in and caused by relevant trading activities.

As you can see, we are trying to ensure that our policies and our guidance to banks and our examiners keep pace with the newest developments in the financial marketplace, whether they are product innovation, new methods of calculating risk or new methods for controlling it. This is how we anchor derivatives on an individual bank basis. But this is no longer sufficient. We must also be concerned about anchoring derivatives in the international and global sense. After all, our markets are no longer isolated, and the risk we are all concerned with — and one that is always in the back of our minds — is systemic risk.

There are ways to anchor or strengthen the markets against systemic risk — for example, enhancing the payment and settlement systems, strengthening laws and regulations to provide greater legal certainty with respect to multilateral netting and the rights and obligations of counterparties upon insolvency or default. However, as regulators, it is clear from the fiascos of Metalgesellschaft, Barings and Daiwa, that one of the most important steps we can take is to reestablish, strengthen and maintain, the lines of communications between us.

Cooperation and coordination among regulators are key. Whenever I dispense that bit of common sense I'm reminded of something my college advisor once told me. He said, "Learning from others and learning with others speeds up the education process. So you absolutely must learn from the mistakes of others. Besides," he added, " you couldn't possibly live long enough to make them all yourself."

Well, anyone who has been a regulator these past couple of years probably feels as if they've led a few lifetimes. But it's more than a matter of longevity. We simply cannot afford to make mistakes on our own. And we simply cannot afford not to provide the banking industry the benefit of our collective knowledge and our shared determination to anchor derivatives.

# # #