Regulators and regulated are running scared after the events of August and September last year. "I'm more confused about valuation [of financial assets] than I have been for some time, said a leading risk manager at a brain-storming session in Geneva last month.
But the shock to the risk-management community is producing some new, or perhaps old, thinking: a financial firm's risk assets can only truly be valued in relation to its liabilities. For example: take an illiquid investment such as a venture-capital stake. If a firm is funding that stake in the money market it runs a liquidity risk and must mark the investment at liquidation value. If it's funding the stake with its own equity, then marking it to market at liquidation value makes economic nonsense: accrual or cost accounting are more appropriate.
Applying that principle to the different parts of a complex investment bank could prove a nightmare. But ultimately it may make more sense than marking all assets to market, especially since historical volatility has proved such a bad guide to the future.
Russia's default on August 17 1998 and the near-collapse of Long-Term Capital Management (LTCM) a month later jolted banks and their supervisors out of the comfortable notion that the prevailing market price is the best guide to valuing assets. Even add-ons for liquidity risk and credit factors didn't get close to anticipating the correlated market chaos of last year. Value-at-risk (VAR) matrices – nicely compartmentalized credit and market risk buckets with some offsetting correlation factors - are handy fair-weather trading tools, but they don't work in a storm.
With the generally accepted 99% confidence level and the assumption of a day's delay before offloading the position, there are still three days a year when mark-to-market losses are expected to go off the scale. There were many more days like that in 1998. JP Morgan in its 1998 annual report admits to 23 trading days when it experienced losses or gains outside its DEaR (daily earnings at risk) figure – admittedly it uses a 95% confidence level, which gives it an expected 12 days a year outside its DEaR. UBS, which uses a 99% confidence level, experienced three days in excess of its VAR in August and September alone – enough breaches for the entire year.
Regulators now worry that they were too hasty in agreeing back in 1996 that banks could use their internal (approved) VAR models as a basis for setting regulatory capital for their trading book. Last month they held back proposals for parallel recognition of internal models designed to calculate credit exposure. That was hardly surprising considering regulators' sceptical reactions as recently as last September to a roadshow of credit models – "half-baked" was the adjective used by one German regulator. And that was before the LTCM debacle.
Current, expensively learned, wisdom is that market risk and credit risk cannot be that easily separated: they influence each other. Although the separation may be a useful division of man and computer power at trading level, it can no longer be countenanced at senior or risk-management level.
Seeking a new paradigm
In Geneva, at the fifth round table of the International Finance & Commodities Institute (Ifci), a select band of risk managers, accountants, risk takers and regulators tried to anticipate the new paradigm for assessing the risk-management ability of financial firms. One investment banker talked of the "silo effect" – the compartmentalization, even at senior level, of areas that should be part of the integrated risk management of the firm: accounting, market risk, credit risk, asset-liability management. "Just as we have seen linkages between market and credit risk," the banker said, "there should be linkages between these different functions."
Financial firms need to persuade regulators, shareholders, and their counterparties, that they can identify and manage their firm-wide risk, and that the risk-management culture extends to senior management. The most obvious place to disclose this is in their annual reports, although few firms to date give much information about the risks they run and how they manage them.
Rajna Gibson, professor of finance at Lausanne University, kicked off the Ifci brain-storming with a paper recommending much fuller risk disclosure in annual reports. Her requirements concentrate on quality rather than quantity of information. Annual reports have a reputation for being more marketing tools than databases: much weight is given to written explanations of risk-management approach and culture, accounts of scenario analysis and stress-testing. However, Gibson suggests matrices should also be published that include VAR tables broken quarterly and by maturity, into currency, interest-rate, equity and commodity risk, with a 10-day and a one-day holding period. Other tables should analyze the credit risk in the trading portfolio, broken down by geographical area, business sector and counterparty rating. The tables include gross and net replacement cost, level of collateralization, and potential future credit exposure. Then, to further identify concentration risk, exposures to the top 10 significant counterparties and the top five currencies should also be listed.
Gibson's requirements include the interest-rate sensitivity of the firm's assets and liabilities, together with a discussion of its hedging policy. There is a similar exercise for the loan portfolio, broken down into consumer and commercial loans by sector, with entries for non-performing assets, net recovery and loan-loss provisions. The bank's top-10 borrowers must also be identified by sector. Finally there is an analysis of cross-border risks, by sector.
The assumption is that most top financial institutions do this anyway, for reporting purposes; so it's just a question of how much they are prepared to disclose to counterparties, shareholders and the general public.
The consensus was that such information would help market stability. The markets would have a better idea of the risks a bank is running and its level of expected, run-of-the-market losses. They would also possibly have more confidence that senior management understand the bank's risk profile. But there was some concern that too much information could lead to misinterpretation and panic.
What price annual reports?
However, annual reports hardly carry up-to-date information, and they are only a snapshot. A study, quoted by one delegate, of the effect of earnings announcements on a company's share price suggests that there is some impact on the shares of non-financial companies, but none at all on those of financial institutions. Annual reports are likely to have even less influence on banks' shares. So what is their value? Some delegates suggested they would be valuable as a back test, revealing how a firm's risk assessment has fared in subsequent market conditions.