1 / 17

Assessing Dodd-Frank’s Impact on Security & Risk Analysis: Conflicts, Controls & Transparency

Assessing Dodd-Frank’s Impact on Security & Risk Analysis: Conflicts, Controls & Transparency. John W. Bagby, Professor of IST Pennsylvania State University. Statement of the Problem. Risk Assessment is Largely Unregulated Exception: ISO 31,000 a “family” of industry standards

sian
Download Presentation

Assessing Dodd-Frank’s Impact on Security & Risk Analysis: Conflicts, Controls & Transparency

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Assessing Dodd-Frank’s Impact on Security & Risk Analysis:Conflicts, Controls & Transparency John W. Bagby, Professor of IST Pennsylvania State University

  2. Statement of the Problem • Risk Assessment is Largely Unregulated • Exception: ISO 31,000 a “family” of industry standards • Some Significant but Narrow Exceptions: • E.g., Nuclear Power, FDAs Drug/Device Trials (NDA), SOX §404 Top Down Risk Assessment (PCAOB & SEC) • Several Recent & Spectacular Regulatory Failures • Permitted Significant Societal Hazards • Financial Engineering & Innovation • Food & Drug Safety • Petroleum Exploration & Production • Complex Computer-Controlled Vehicle Designs • Regulatory Failure Due to Failed Risk Assessment

  3. Government Regulation, Acting Alone, Cannot Control Systemic Risk • Traditional Financial Risk Management has only 3 narrow foci: • Hedging Financial Risks • Insurance Markets & Insurance Industry Practice • Actuary • Systemic Financial Risk Largely Left to the FRB • Fragmentation of Financial Risk Management Contributed Significantly to 2008 Financial Crisis • Federal Functional Regulators: • Fed, Comptroller, FDIC, OTS, NCUAB, SEC, CFTC, states

  4. Composition of Incentives for Risk Analysis: a Layered Institutional Structure • Market Disciplines: capital, product, factor • Social Responsibility: Voluntary • Industry (Best) Practice • Industry Standards • Independent Conformity Assessment (e.g., audit, credit rating) • Self-Regulation • State Regulation • Federal Regulation   • State Tort Liability • Federal Tort Liability • State Criminal Liability • Federal Criminal Liability

  5. Impacts of Layered Institutional Structure • THE Conundrum: • Robust Risk Analysis Attenuates Risk Taking • Cons: • Redundancies Constrain Liberty • Stifles Innovation & Competitiveness • Seemingly Duplicative & Complex • Potentially More Costly Compliance for Regulated Entities • Inefficient use of Societal Resources • Pros: • Checks & Balances have Proven Value • Redundancies are Typical in Complex Systems with High Potential Costs of Failure • Failure of Control Produces Pressure for Regulatory Complexity

  6. Financial Risk Control Institutions • Market Forces • Financial Analysts’ Reports • Ratings Agencies • Internal Control • External Audit • Board Oversight • Fragmented Financial Regs (Fed Funct’l, state) • Congressional Watchdog Comms, OIG, GAO

  7. The Regulatory Failure Hypothesis • Largely Undefined & of Recent Vintage • ‘08 Financial Crisis, Moncando well blowout, FDA, NHTSA • Considerable Related Roots • W. Wilson, New Freedom… (’14) • G. Stigler, Theory Economic Regulation … (‘71) • S. Breyer, Analyzing Regulatory Failure … (’79) • F. Hayek, Fatal Conceit …(’88) • Range of Outcomes • Trivial Bumbling to Catastrophic Failure • Public (over-)Reliance Trusting in Regulatory Perfection then Disaffection

  8. Causes of Regulatory Failure • Regulator Incompetence • Regulatory Capture • Regulatory Programs Frequently Suffer Political Compromise Implemented as: • Compromised Regulatory Program Funding • Insufficient Statutory Authorization • Clandestine Deregulation • Regulation is Decidedly Ex Post • Liberty & Laissez Faire Relegate Regulatory Solutions to Remediate Past Misconduct or Catastrophic Failure • Planned Economies Generally Fail to Incite Innovation & Prosperity • Regulatory Costs Impose Undue Burden on Growth

  9. The Seeds: Recent Regulatory Heritage • GLB • Universal Banking Frustrates Risk Isolation by Compartmentalization • Strict Prudential Activities Abandon in Favor of Promised Returns from Financial Innovation • SOX • PCAOB, Auditor Independence, Conflicts, Disclosure Responsibility (§302) & Controls Assessment (§404) • OTC (exoitic) Derivatives De/Non Regulation • Regul.Capture, Conflicts, Risk Disregard

  10. Inspiration for the SEC’s Pre-Emptive Attempt to Expand Boards’ Risk Duties

  11. SEC’s Response pre-DoddFrank • 33-9089 Proxy Disclosure Enhancements 12.09 • FY ending after 2009 & proxy solicitations after 2.28.10 • Firms must now Disclose Board’s Role as: Risk Oversight • Must Discuss & Analyze: • Links: how risk management addresses risks from compensation policies & practices • Threshold: if reasonably likely to have “material adverse effect” • Prediction: Will Expand Enterprise Risk Management (ERM)

  12. Dodd-Frank: HR.4173 & S.3217 • 848 page long, complex & “taxonomy challenged” • Systemic Risk • Capital Markets • Hedge Funds & Private Equity • Swap Dealers & Major Swap Participants • Derivatives & Securitization • Financial Institutions • Insurance Industry • Nonbank Financial Company • Minimum Capital, Margin, Recordkeeping and Disclosure • Proprietary Trading • Consumer Protection & Mortgage Markets (retail, wholesale) • Corporate Governance & Executive Compensation • Misc. Congo “Conflict Minerals” (gold, tin, tungsten) • Alt: Conflicts, Controls & Transparency

  13. DoddFrank Conflicts • “Skin in the Game” credit risk retention • Whistleblower Bounties enhanced (SEC) • Compensation Consultants & Committee Independence • Volcker Rule (Insured Institution Proprietary Trading • Credit Rating Agencies

  14. DoddFrank Controls • New Regulators & Regulatory Powers • Financial Stability Oversight Council (FSOC) • Bureau of Consumer Financial Protection (BCFP) • All Federal Functional Regulators • Compensation • Comp. Committees & Consulting Contracts • Exec & Golden Para “Say-on-Pay” (non-binding) • Clawback • Risk Committees for Non-Banks • Orderly Insolvency Resolution “2 big 2 fail” • Derivatives Markets Mechanisms (Swap Dealers & Participants, Clearance, Market Mechanisms)

  15. DoddFrank Transparency • Disclosure of Golden Parachutes (merger compensation) • Acquisition Disclosure Timetables Shortened • Executive (Trader) Compensation Disclosures • Asset Backed Security (asset & loan levels) • Derivatives Markets Transparency

  16. Will Political Forces Move To Produce Yet Another Regulatory Failure? • Political Losses • Society’s Laser Focus on the Perverse Incentives of over-Compensation • Lobbying Must now Shift to “Soften” Regulations • Political Wins • Only Gentle Constraints on Ratings Agencies? • Tough Regulators Still too Fragmented & Dispersed • What Lies Ahead? Weakening DoddFrank • Est: 800 new SEC Staff needed to Enforce DoddFrank • De-Fund CFTC & SEC: Budget Woes Argued to Justify • Slow Funding of Comprehensive Studies Restrains Rule Changes (see Davis Polk )

  17. Tentative Findings: • Expand & Reinforce Effective Risk Awareness Mechanisms • DoddFrank Expands Risk Assessment: Conflicts, Controls, Transparency • VCSB Standards AICPA Risk Assessment Standards for Financials SAS 104, (amends SAS 1) SAS 106, Audit Evidence SAS 107, Audit Risk and Materiality in Conducting an Audit SAS 108, Planning and Supervision SAS 109, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement SAS 110, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained SAS 111, Amendment to SAS 39 , Audit Sampling • FDA’s NDA Model: Shift Some of the Burden of Proof from • Risk Averse to Prove Risk Magnitude Ex Post Calamity to • Risk Takers Ex Ante Show Reasonability of New Approaches

More Related