Basel II and Corporate Governance in Financial Institutions

Transcription

1 in Financial Institutions Tel Aviv, *connectedthinking

2 Agenda Basel Committee Corporate Governance Principles CEBS Guidance on Corporate Governance Governance issues identified during the financial crisis Revised Corporate Governance Guidance in response to financial crisis Slide 2

3 Basel Committee Corporate Governance Principles The first set of Corporate Governance Principles were issued in 1999 In its guidance, the Basel Committee defines corporate governance as: The manner in which the business and affairs of individual financial institutions are governed by their boards of directors and senior management As such, corporate governance affects how banks: - set corporate objectives (including generating returns to owners); - run the day-to-day operations of the business; - consider the interests of recognised stakeholders; - align corporate activities and behaviours with the expectation that banks will operate in a safe and sound manner; and - protect the interests of depositors. The principles were revised in 2006 to reflect guidance on corporate governance issued by the OECD in 2004 Slide 3

4 Basel Committee Corporate Governance Principles Basel Committee Principles on Corporate Governance (2006) 1. Board members should be qualified for their positions, have a clear understanding of their role in corporate governance and be able to exercise sound judgment about the affairs of the bank 2. The board of directors should approve and oversee the bank s strategic objectives and corporate values that are communicated throughout the banking organisation. 3. The board of directors should set and enforce clear lines of responsibility and accountability throughout the organisation 4. The board should ensure that there is appropriate oversight by senior management consistent with board policy 5. The board and senior management should effectively utilise the work conducted by the internal audit function, external auditors, and internal control functions 6. The board should ensure that compensation policies and practices are consistent with the bank s corporate culture, long-term objectives and strategy, and control environment 7. The bank should be governed in a transparent manner 8. The board and senior management should understand the bank s operational structure, including where the bank operates in jurisdictions, or through structures, that impede transparency (i.e. know-your-structure ) Slide 4

5 Agenda Basel Committee Corporate Governance Principles CEBS Guidance on Corporate Governance Governance issues identified during the financial crisis Revised Corporate Governance Guidance in response to financial crisis Slide 5

6 CEBS Guidance on corporate governance The Committee of European Banking Supervisors incorporated the Corporate Governance Principles in its Pillar 2 guidance In 2006, the Committee of European Banking supervisors issued 21 Principles of Corporate Governance as part of its Pillar 2 guidance to European financial institutions; While Basel focuses on the Board and Senior Management, additional guidance on the internal control functions is included at CEBS level: - Risk Management; - Compliance; - Internal Audit. Slide 6

7 CEBS Guidance on corporate governance CEBS guidance on internal control functions Institutions should establish, making adequate allowance for the principle of proportionality, the following three primary functions in order to implement an effective and comprehensive system of internal control in all areas of the institution, namely: i. risk control function; ii. compliance function; and iii. internal audit function. The risk control function should ensure compliance with risk policies. The compliance function should identify and assess compliance risk. The internal audit function should allow the management body to ensure that the quality of the internal controls is both effective and efficient; The internal control functions should be independent of the business lines they monitor and control. Slide 7

8 CEBS Guidance on corporate governance Independence of internal control functions conditions: Staff do not perform any tasks that fall within the scope of the activities the function is intended to monitor and control; The function is organisationally separate from the activities it is assigned to monitor and control; The head of the function is subordinated to a person who has no responsibilities for managing the activities that are being monitored and controlled; The head of the function reports directly to the management body and/or the audit committee, and is present at least once a year at meetings of the body it reports to; The remuneration of the control function staff is not linked to the performance of the activities that the control function is intended to monitor and control. Slide 8

9 Agenda Basel Committee Corporate Governance Principles CEBS Guidance on Corporate Governance Governance issues identified during the financial crisis Revised Corporate Governance Guidance in response to financial crisis Slide 9

10 Governance issues identified in financial crisis The financial crisis highlighted a number of issues with respect to Corporate Governance in Financial institutions The Senior Supervisors Group (comprising supervisors from the US, UK, Germany, France and Switzerland) identified a number of differences in the approach of senior management to the market turmoil in 2007; These differences centred on four areas: - the balance that a firm s senior management in general achieved between its desire to do business and its appetite for risk as reflected in the tone set for developing or enforcing controls on the resulting risks; - the role that senior management played in identifying and understanding material risks and acting on that understanding to mitigate excessive risks; - the efforts that senior management undertook to surmount organizational structures that tended to delay, divert, or distort the flow of information up the management chain of the firm; and - the breadth and depth of cross-disciplinary discussions and communication of insight into relevant risks across the firm. Slide 10

11 Governance issues identified in financial crisis Governance issues identified in firms that experienced larger losses Firms appeared to have been under pressure over the short term either to expand the business aggressively, to a point beyond the capacity of the relevant control infrastructure, or to defend a market leadership position. Senior management championed the expansion of risk without commensurate focus on controls across the organization or at the business-line level. Senior management s drive to generate earnings was not accompanied by clear guidance on the tolerance for expanding exposures to risk. For example, balance sheet limits may have been freely exceeded rather than serving as a constraint to business lines. Focus on growth without an appropriate focus on controls resulted in a substantial accumulation of assets and contingent liquidity risk that was not well recognised. Some of the executive leaders did not have a sufficient degree of experience in capital markets and did not advocate quick, strong, and disciplined responses. Hierarchical structures served as filters when information was sent up the management chain, leading to delays or distortions in sharing important data with senior management The existence of organizational silos tended to compartmentalise information. This inadvertent restriction on the flow of key information left different business areas to make decisions in isolation and in ignorance of other areas insight. Slide 11

12 Agenda Basel Committee Corporate Governance Principles CEBS Guidance on Corporate Governance Governance issues identified during the financial crisis Revised Corporate Governance Guidance in response to financial crisis Slide 12

13 Revised guidance in response to the financial crisis Substantial new guidance on corporate governance and risk management has emerged in response to the crisis Report of the IIF Committee on Market Best Practices setting out principles of conduct and best practice recommendations; Basel Committee consultation paper on enhancements to the Basel II framework; CEBS consultation paper on high level principles for risk management; Numerous additional papers from G10, G20, Financial Stability Forum, etc. on aspects of corporate governance and risk management. Slide 13

14 Revised guidance in response to the financial crisis Basel Committee provides guidance on firm wide governance and risk management Clear expectations for boards of directors and senior management to: - understand the firm-wide risk profile; - aggregate firm-wide exposure information in a timely manner using easy to understand and multiple metrics; - define the risk appetite in a manner that considers long-term performance over the cycle; - ensure that accountability and lines of authority are clearly delineated; - embed risk management in the culture of the bank; and - set clear incentives across the firm to control risk exposures and concentrations in accordance with the stated risk appetite. Slide 14

15 Revised guidance in response to the financial crisis In addition, focus is put on managing risk and returns over the longer term Banks should establish appropriate incentives throughout the firm to reflect the long-term risks and rewards associated with their respective business models; Sound compensation schemes are seen as key part of the risk management process: - Compensation policies should not be linked unduly to short-term accounting profits. They should be linked to longer-term capital preservation and consider risk-adjusted performance measures; - Banks should provide adequate disclosure on its compensation policies to stakeholders; - The Board and senior management have the responsibility to mitigate risks arising from remuneration policies to ensure effective risk management. Banks should also focus on effective and efficient capital planning as well as longterm capital maintenance: - Capital planning process to include rigorous, forward looking stress testing; - Banks should hold capital buffers that can be drawn down in crisis situations. Slide 15

16 Revised guidance in response to the financial crisis CEBS issued high level principles on risk management in response to the crisis, echoing the Basel Committee guidance Review of existing risk management guidelines identified gaps in the areas of: (i) governance and risk culture; (ii) risk appetite and risk tolerance; (iii) the role of the Chief Risk Officer and risk management functions; (iv) risk models and integration of risk management areas; (v) new product approval policy and process Slide 16

17 Revised guidance in response to the financial crisis Governance and risk culture Banks should establish a comprehensive and independent risk management function under direct responsibility of the senior management. The management body should have a full understanding of the nature of the business and its associated risks. Every member of the organisation must be constantly aware of his responsibilities relating to the identification and reporting of risks and other roles within the organisation and the associated responsibilities to these roles. Institutions must implement a consistent risk culture and establish sound risk governance supported by an appropriate communication policy. Slide 17

18 Revised guidance in response to the financial crisis Risk appetite and risk tolerance Risk tolerance (defined by CEBS as the level of risks an institution can accept to take within regulatory and supervisory constraints) should take all relevant risks into account and depends not only on intrinsic risk aversion, but also on the current financial situation of the institution and its strategic direction. It is important that institutions set risk appetite targets, and that the targets be consistent with one another. In setting a risk appetite or risk tolerance level, the institution has to take all relevant risks to the institution into account. The management body and senior management are responsible for setting the institution s risk appetite or risk tolerance at a level which is commensurate with sound operation and the strategic goals of the institution. The roles of the management body and senior management in the oversight of risks should be clearly and explicitly defined. Senior management should be responsible for risk management on a day-today basis, under the oversight of the management body. Slide 18

19 Revised guidance in response to the financial crisis Best practice recommendations on risk appetite (IIF report on market best practices) A firm s risk appetite will contain both qualitative and quantitative elements: - Its quantitative elements should be precisely identified. - Clearly defined qualitative elements should help the Board and senior management assess the firm s current risk level relative to risk appetite as adopted; - By expressing elements of the risk appetite quantitatively, the Board can assess whether the firm has performed in line with its stated risk appetite. Risk appetite should be the basis on which risk limits are established; The firm s risk appetite should be connected to its overall business strategy (including assessment of business opportunities) and capital plan; Firms should involve the risk-management function from the beginning of the business planning process to test how growth or revenue targets fit with the firm s risk appetite and to assess potential downsides. Slide 19

20 Revised guidance in response to the financial crisis The role of Chief Risk Officer and the risk management function The institution should appoint a person responsible for the risk management function across the entire organisation, and for coordinating the activities of other units relating to the institution s risk management framework. Normally this person is the Chief Risk Officer (CRO). The CRO (or equivalent) should have sufficient independence and seniority to enable him to challenge (and potentially veto) the decision-making process of the institution. The CRO should have expertise which matches the institution s risk profile. The risk management function should also have expertise which matches the institution s risk profile. The risk management function should be actively involved, at an early stage, in the elaboration of the institution s strategy and decision-making on business activities. Institutions should ensure that the risk management function is independent from the operational units whose activities they review. The management of risks should not be confined to the risk management function. The management body and senior management should be responsible for allocating resources to the risk management function in sufficient amounts and quality to allow it to fulfil its missions. Slide 20

21 Thank you for your attention* Contact details: Monika Mars All rights reserved. refers to the network of member firms of International Limited, each of which is a separate and independent legal entity. *connectedthinking is a trademark of LLP (US).