In light of the startling $2 billion trading loss that UBS reported this week, my Friday Risk Reading selection is a speech from 1996 by New York Fed President William J. McDonough.
As president of the New York Fed from 1993 to 2003, when he was succeeded by Tim Geithner, McDononugh spoke often about bank safety, financial innovation and the impact of technology on banking. In 1996, he addressed a conference on Latin American banking in Buenos Aires and outlined the basic elements of sound risk management for banks. I’ve highlighted portions that are of particular interest for UBS.
At the New York Fed, we have long encouraged financial innovation. Innovation improves market efficiency by expanding the menu of products that serve the needs of market participants, both in financial and non-financial sectors, dealers and end-users. But with innovation comes the responsibility for each institution to engage in prudent risk management practices. Each institution’s evolving risk profile must remain consistent with the goals set by its management and directors.
I would like to share with you four basic principles that our experiences shows should be part of a successful risk management system.
- First, the risk management system should be subject to active oversight by the board of directors and senior management of the financial institution. Risk management is not a purely technical enterprise, but, rather, a practice undertaken to attain the strategic goals of the institution.
- Second, the system should incorporate state-of-the-art risk measurement and reporting systems. The information produced by these systems should be of high quality and the reports should be transparent to key individuals and groups responsible for the overall well-being of the organization.
- Third, the system should include comprehensive internal controls that emphasize the clear separation of trading and back-office operations such as recording, clearance and settlement.
- Fourth, the system should incorporate well-defined limits on risk-taking by individuals and corporate units at different levels, as well as oversight of those limits.
If we go back and examine some recent, well-publicized problem cases, we see clearly that in each case there was a significant failure to incorporate one or more of these principles in the design or implementation of the firm’s risk management system.
The principles of effective risk management have been around for years. At UBS, it seems they were either ignored, subverted or forgotten.