Introduction
The recently released Basel III Endgame proposal has received much attention since it was released by regulators at the end of July. Certain elements of the proposal such as the proposal’s treatment of mortgages and renewable energy investments have received considerable public attention due to their high public profiles and the significant negative impacts the proposal would have on these sectors of the economy.
In this Capital Insights post, we focus attention on a more obscure but critical aspect of the recent capital proposal that would have significant negative ramifications for the whole economy: operational risk capital. Unlike the proposal’s treatment of mortgages or renewable energy investments, operational risk capital requirements would impact the cost and availability of all financial products and services provided by large banks, ranging from lending to securities underwriting to asset management services. These new requirements are the key driver of the estimated 19 percent increase in required capital cited in the proposal. As a result, the new operational risk capital requirements serve as a very large tax on all products and services provided by large banks. Accordingly, it is critical that stakeholders understand this aspect of the proposed capital requirements, its magnitude, and its potential impact on the economy. In the remainder of this post we discuss operational risk, the significant impact of the proposed requirements, conceptual problems with the proposed requirements, and specific problems with the technical details of the proposal.
What is Operational Risk?
Most of the risks that we think about in relation to the banking sector are financial risks. As an example, a bank might make a loan that the borrower defaults on and is never repaid. Because the primary business of banking is assuming and managing financial risk, it is understandable that most people associate banking risk with financial risk.
At the same time, banks – like all companies – are exposed to what can best described as “operational risks.” As an example, a bank may sustain damages to its bank branches from a severe hurricane. Alternatively, a bank may be defrauded and could be responsible for any resulting costs. In general, all companies are subject to operational risks that are part and parcel of running or “operating” any business, whether it be a grocery store, a car service repair shop, or a bank. These risks are not central to their underlying business, but can and do generate financial losses from time to time and need to be appropriately managed.
Operational Risk Capital Requirements Under the Basel III Endgame Proposal: The Steak on the Plate
Currently, banks manage and capitalize their operational risks through ongoing risk management and a risk-sensitive, model-based approach that considers actual operational risk losses that have occurred over time. Under the regulators’ Basel III Endgame proposal, a completely new standardized capital charge for operational risk would be created. The new standardized approach to operational risk would replace this risk-sensitive, model-based approach because the Basel III Endgame proposal, by and large, removes such approaches from the large bank capital framework.
The impact of these new operational risk capital requirements would be substantial for large banks. In the table below, data for Risk-Weighted Assets (RWA) under current regulation is compared with RWA under the Basel III Endgame proposal. We present RWAs for three separate risk categories: Credit Risk, Trading Risk, and Operational Risk. In the last column, we show the proportion of the overall RWA increase in the Basel III Endgame proposal attributable to each category.
|
Standardized Operational Risk and Large Bank Risk-Weighted Assets (RWA) |
||||
|
Risk Category |
Current Standardized RWA |
Proposed Standardized RWA |
Increase |
% Total Increase |
| Credit Risk |
6,900 |
6,700 |
(200) |
(11) |
| Trading Risk |
430 |
1,020 |
590 |
33 |
| Operational Risk |
0 |
1,400 |
1,400 |
78 |
| Total |
7,400 |
9,200 |
1,790 |
100 |
| Source: Prudential Regulator Basel III Endgame Proposal | ||||
The first thing to note from the table above is the outsized influence of the proposed standardized operational risk RWA on total RWA. The new operational risk capital requirements account for 78 percent of the total increase in large bank RWA, which leads to a 19 percent increase in large bank capital, according to the proposal. Accordingly, it is not possible to address the significant increase in large bank capital without addressing the new requirements for operational risk capital. In addition, given the outsized influence of the operational risk capital requirements on the overall increase in bank capital, it is critical that these new requirements be appropriate and thoroughly considered by regulators and the public.
It is also critical to recognize that operational risk capital requirements would impact every financial service provided by the largest U.S. banks. Operational risk capital is applied on an enterprise-wide basis. Accordingly, lending to a small business, underwriting a bond issue for a local city government, providing mutual fund offerings for retirees, and all other services would be impacted by the additional capital associated with these proposed operational risk requirements.
Against the backdrop of the size and breadth of these proposed requirements, it is critical to ask whether there is any clear evidence to suggest that operational risks are either so important or currently mismeasured as to require a double-digit increase in required capital for the largest banks.
A Conceptual Flaw with Operational Risk Capital: Mental Accounting and the Mayonnaise Jar Theory of Capital
Capital is a fungible resource. A dollar of capital can be used to absorb any loss experienced by a bank. But the proposal is designed as if there is, or should be, a special container or holding pen for “operational risk capital.” This mode of thinking about capital is flawed and is related to the well-known problem of “mental accounting” that behavioral economists have studied for years. Some people, when making financial decisions, organize their financial resources into discrete “accounts” in their mind as though their money was allocated to several mayonnaise jars on their kitchen windowsill. One jar might contain “rent money,” another might be for “entertainment,” while another could be for “groceries.” Of course, all of your money is your money and you can always use money that you may have expected to use for one purpose for another purpose. As an example, if you held a party and splurged on some fancy cheese, you could decide to pay for that by foregoing a movie. In reality, there is no specific, isolated pool of money that is predestined to be used for one and only one purpose. The mayonnaise jars are an unhelpful figment of the imagination. In the case of consumer behavior, behavioral economists have documented the prevalence of mental accounting as well as its contribution to poor financial decision making.
Unfortunately, much the same form of mental accounting has come to influence regulators’ views on bank capital. There is no logical sense in which banks need a special, isolated pool of capital for “operational risks” and every other discrete risk that one can imagine. Rather, all the capital maintained by large banks can support any operational risk losses as well as losses that arise from financial risks. Moreover, the “mayonnaise jar” approach to capital is directly counter to the Nobel prize-winning notion of portfolio theory and diversification that has pervaded modern financial risk management since at least the 1960’s.
This conceptual flaw in how regulators think about operational risk capital has been recognized by economists and key policymakers. Federal Reserve Governor Christopher Waller, both an economist and a policymaker, drew attention to this issue in his statement on the Basel III Endgame proposal. Specifically, he stated, “more importantly, there is no discussion on why operational risk capital needs to be an additional charge as opposed to just using the existing capital stack to absorb operational losses.” Further, Governor Waller pointed out that a separate operational risk capital requirement “is similar to asking individuals to establish separate emergency funds for shocks to their income, such as losing their job, and shocks to their expenses, like a fire in their house or their car breaking down.” As discussed, such “mental accounting” is at odds with good financial decision making whether we are talking about a single household or a regulator that oversees the entire banking sector. Ultimately, what matters is the amount of capital relative to the overall portfolio of risks faced by the bank. Counting and measuring capital as one would measure the number of marbles in a jar is at odds with fundamental notions of risk and portfolio theory that are well accepted and understood.
The Shoe that Doesn’t Fit: Operational Risk and the Stress Tests
The foregoing discussion raises basic concerns with the entire conceptual framework for operational risk capital. Beyond those fundamental concerns, there is another reason to doubt the validity of the proposal’s requirements – operational risks are already accounted for in the Federal Reserve’s stress tests.
Over the past several years, the Federal Reserve’s stress tests have added roughly $200 billion in additional losses to the stress tests. These hypothetical losses have a real and sizeable impact on the actual, required level of capital for large banks through the Federal Reserve’s stress capital buffer.
And beyond providing yet another layer of capital for operational risks, the inclusion of operational risks in the stress tests is itself controversial. The stress tests were designed to simulate the performance of banks during a period of financial turmoil. Accordingly, during a financial stress event we expect the stock market to decline precipitously, and we also expect loan defaults to increase, but do we really expect an increased incidence of operational risk events in a financial panic? To the extent that operational risks cover events like losses from hurricanes and floods or losses from customer fraud that are not driven by financial risks, it is not at all clear that operational risk losses should even be included in the annual stress tests. Once again, Governor Waller recognized this point in his statement: “An additional layer of operational risk capital would make sense if large operational risk losses tend to occur contemporaneously with credit and market losses. But there is little evidence of that.”
As a result, the very inclusion of operational risks in the stress tests is itself controversial and unrelated to the key rationale for having the stress tests in the first place – ensuring sufficient capital during a period of financial stress. Be that as it may, large banks are already maintaining more capital for operational risks through the stress tests, which makes the additional requirements in this proposal all the more questionable.
Turning Up the Microscope: The Illogic of the Technical Specification of the Proposed Requirements
Beyond conceptual issues, we must also contend with the actual technical specification of the proposed operational risk capital requirements. Below, we lay out three key technical problems with the proposed requirements and the likely implications. As is often the case, casting aside data-based and risk-sensitive models for crude, one-size-fits-all standardized regulatory solutions invites a host of problems that are as problematic as they are unsurprising.
1. Crude financial measures of size are not a useful proxy for operational risk
The proposal replaces what was a risk-sensitive approach to operational risks with a rough-and-ready “standardized approach” that is overly coarse and crude. The replacement of risk-sensitive models with crude standardized approximations is a problem that pervades the entire Basel III Endgame proposal, but is particularly problematic in the case of operational risk.
In principle, we should expect that the proposal measure operational risk with respect to some observable, verifiable, and data-based attributes that clearly relate to operational risks — as an example, if a new and emerging business were subject to considerably more legal risk then increased operational risk capital requirements might be warranted. Unfortunately, the proposal measures operational risk with regard to a number of crude and internally inconsistent financial measures of “size” that bear no substantive relation to incurred operational risks.
Under the proposal, there are three components or proxies of operational risk, and each is based on some crude measure of size. One of the measures is the absolute value of the amount of trading revenue generated by a bank. A higher amount of trading revenue would lead to a higher amount of required operational risk capital. Trading revenue, and any type of revenue for that matter, is a financial metric and not an operational risk metric that has any clear or direct relationship to operational risk. Consider a situation in which financial market risks increase. When financial risks increase, trading revenues also tend to increase as banks are rewarded for bearing greater risk. Yet this increase in trading revenue has nothing at all to do with operational risk. Rather, it signals an increase in financial risk that is already capitalized through other requirements. As a result, a higher level of financial risk is being completely mis-characterized as operational risk. Alternatively, consider one bank operating a small trading desk in an asset that is subject to a high degree of operational legal risk such as derivative trading in emerging market instruments. Now consider another bank operating a sizeable trading operation in an asset that is subject to considerably less operational risk – perhaps trading in “pure vanilla” U.S. Treasuries. Why should the Treasury trading operation be deemed more operationally risky than the emerging market derivative trading operation simply because it is larger? Simply put, this approach makes no sense and has no bearing on the actual level of operational risk. Measures of operational risk that are crudely linked to size and do not attempt to measure real operational risks are misguided and do more harm than good.
2. Proposed measures of operational risk are not internally consistent
As discussed, the size-based measures of operational risk are so crude as to be highly objectionable on their face. At the same time, the specific measures included in the proposal, as crude as they are, are not even internally consistent within the proposal.
In the case of the “interest, lease and dividend component,” operational risks are measured on a net basis with respect to net interest income, or revenues less costs. In the case of the “services component,” however, operational risks are measured on a gross basis with respect to the maximum of revenues and costs. This “apples and oranges” feature of the proposal is highly problematic. Importantly, bank businesses that are service oriented such as asset management would have operational risk measured on a gross basis and tend to be assigned more operational risk than other businesses such as direct lending, where operational risks are largely measured on a net basis. As a result, banks would find that their incentives to diversify into steady, fee-generating businesses that do not take significant financial risks would be measurably diminished by higher capital requirements unrelated to actual operational risks. The harmful effects of these mal-incentives are hard to overstate. After the financial crisis, a number of large banks took active steps to increase their footprint in asset and wealth management because it was an excellent source of diversification and risk reduction. These new operational risk requirements would penalize these successful efforts to diversify risks. This is an unacceptable feature of any regulatory scheme that purports to manage risk.
3. Interest-generating activities are subject to a cap while fee-based activities are not
The interest, lease and dividend component previously discussed is subject to a cap that is equal to 2.25 percent of the bank’s interest income-generating assets. As a result, a bank that has a well-run, well-managed and profitable interest income-generating business would realize a lower interest, lease and dividend component than would otherwise be the case without a cap whenever its net interest margin exceeds 2.25 percent. In the case of the services component there is no similar cap. As a result, a bank with more profitable fee-generating business lines would be disadvantaged relative to a profitable bank that focuses on lending and other interest income-generating businesses. Again, this disparate treatment of interest income-generating and fee-generating business lines has perverse incentive effects and is not driven by any substantive assessment of differential operational risks. As a result, the proposal inappropriately penalizes fee-generating businesses that have proven to be important sources of diversification and risk reduction for large banks.
Conclusion
Banks, like all businesses, are subject to operational risks. These risks are important and need to be managed. Further, banks should maintain robust capital to account for these risks. At the same time, however, there is no clear or compelling evidence to suggest that operational risks present a concern commensurate with a $1.4 trillion dollar increase in RWA that would represent the key driver of increased large bank capital requirements. Rather, banks already maintain significant capital levels that are available to absorb operational as well as financial risks. Further, the stress tests already capitalize operational risk losses even though the conceptual basis for doing so is dubious. Finally, “opening the hood” on these proposed standardized requirements lays bare several basic conceptual problems that raise serious doubts about the proposed framework. Taken together, these observations suggest that regulators and the public should have serious concerns about moving forward with the standardized operational risk framework as presented in this proposal. The current proposal would inflict a usurious tax on all large bank products and services that is not justified on the merits and stands to weaken our economy.