Q (gtnews): Counterparty risk regularly features as one of treasury’s most pressing concerns. Obviously the 2008 global financial crisis pushed it higher on the agenda, but have there been other contributory factors?
A (James Gellert):
A greater emphasis on compliance, governance and controls has brought counterparty risk to the forefront of treasury’s focus. The 2008 financial crisis certainly precipitated this shift in attention, though I would argue that it only accelerated an already-pressing issue.
As a result of greater scrutiny and increased pressure from investors, companies need to sharpen their efforts in third-party risk management. Organisations recognise the benefits of enhanced intelligence on their counterparties’ financial health – and need to be cognisant of the potential risks they pose to all aspects of an organisation’s business.
Could you briefly outline the main types of counterparty risk and how they are caused?
‘Counterparty risk’ used to refer to a company’s banks and entities with which the company traded and entered into swap contracts. This expanded to include customers where credit risk was being taken, and post-crisis, also includes suppliers, vendors and all other firms with which a company interacts. KYC has expanded from ‘Know Your Customer’ to ‘Know Your Counterparty’ and counterparty is widely defined.
Given this, counterparty risk can arise from almost anywhere: supplier failure, delayed payments from a customer, bank or trading partner insolvency, and the list goes on.
The omnipresence of drivers only intensifies the looming hazard of counterparty risk. Treasury professionals need to ensure they’re not limiting their due diligence to first-tier counterparties, but that they are also assessing their second-, and even third-tier counterparties in a 360-degree manner. It’s vital to understand the companies with which they’re doing business, and even how those firms measure the risks of their own counterparties.
Have studies identified specific countries and/or industry sectors where counterparty risk is particularly bad?
The countries, regions and industries where people believe there is greater risk are typically the areas where there’s been less transparency historically. But this is changing as more companies recognise that transparency is integral to building trust, and that this can have material commercial benefits.
When we source financials from our clients’ private counterparties on their behalf in order to rate those companies, we are currently seeing an 86% success rate across both emerging and developed markets as counterparty transparency increasingly becomes the status quo. Historically opaque markets are far less so in today’s business environment.
What lessons have been learned in recent years for mitigating counterparty risk?
One key lesson is that the length of relationship is not a proxy for risk management. Just because you’ve had a corporate relationship with a company for many years doesn’t remove the possibility that risks exist or can emerge.
Whereas 20 years ago, bankruptcy might have been viewed as a terminal diagnosis, it has recently developed into a more accepted corporate finance strategy. Measurements – such as payment history – that once suggested vulnerability are more susceptible to manipulation or are not sensitive enough as companies may pay their bills as expected until the day they file for bankruptcy. Moreover, these days many companies are more likely to employ bankruptcy filing as a strategy, knowing that there’s “life after bankruptcy.” Therefore, risk management processes have to be of the utmost sophistication so as to identify those companies whose credit is of weakening financial quality.
Of course, in addition to financial health, insight into counterparties may also wish to incorporate sanctions, liens, legal issues, compliance with anti-money laundering (AML), the Office of Foreign Assets Control (OFAC), the Foreign Corrupt Practices Act (FCPA) and minority status or certification, plus any number of other factors that contribute to a comprehensive understanding of that company’s stature.
Reports have, though, suggested that major financial firms are still not doing enough in assessing the risk to them from counterparties. Why are so many still not meeting regulatory requirements or best practice guidelines?
Given that we’re in the very early stages of having regulatory clarity, we’re just now getting to a point of knowing what those reporting requirements actually entail. Many US banks, for example, are just now beginning to grasp what exactly the Office of the Comptroller of the Currency (OCC) and Fed are demanding from them in terms of counterparty risk reporting and are acting as quickly as possible to adopt them.
When the treasury department is formulating a counterparty risk strategy, what issues should they be considering?
Depending on company and industry, there are myriad elements that treasury departments should weigh while defining a counterparty risk strategy. One critical issue to consider is the breadth of internal adoption – ensuring that the ultimate risk management framework has buy-in from all the various constituents that the policy will ultimately touch. Disparate departments or teams may be affected by decisions that treasury makes.
Take an example such as vendors or suppliers and the risks they pose. To most effectively manage vendor risk, treasury may need access to information from the procurement team, and procurement will likely be affected by the decisions that treasury makes.
Many companies run supplier risk management from the procurement operations without any involvement from treasury or credit. Others have finance staff within procurement’s domain. Others still leverage the treasury and credit groups to evaluate key suppliers. There are many permutations. The bottom line is that companies need to make sure that stakeholders are aligned, and that the processes and tools they adopt suit their specific needs.
Bodies such as the Basel Committee on Banking Supervision and the European Securities and Markets Authority (ESMA) has addressed counterparty risk as it pertains to financial services industry. Which other regulatory bodies and industry watchdogs have also developed guidelines and regulation?
Virtually every regulator globally has either formed or will be forming guidelines for addressing counterparty risk. For instance, the OCC’s ‘Third-Party Relationships’ guidelines (Bulletin 2013-29) outline the need for ongoing monitoring of counterparties’ activities and performance, as well as for documentation that facilitates oversight, accountability, and risk management.
In addition, federal banking agencies, through the Federal Financial Institution Examination Council (FFIEC), have set standards to ensure that financial institutions oversee the stability of their IT vendors and their services.
Has the risk lessened as global economic conditions improve since the depths of the crisis?
No, and perhaps even the opposite – the improvement in economic conditions is masking potential landmines. The current low-interest rate environment has created such a search for yield in the capital markets that entities of even dubious financial quality have had access to capital in recent years.
In particular, growth in the bond market has allowed most companies with outstanding bonds to extend their maturities and remove short-term refinancing risk. Those companies are the current or future counterparties of many treasury departments. A rise in interest rates, or the presence of negative economic inputs – such as extended low crude oil prices – will shift us back to an environment where some companies have access to capital, while others don’t. This will bring about more volatility and a higher rate of defaults; the result will be an even greater need for acute counterparty risk programmes in the coming years.
Fortunately, there’s a growing focus on this topic now in a lower-volatility, lower-default rate environment. The contrary is approaching, and the better-positioned that companies are ahead of that shift, the better off they’ll be.
Regulation technology is fast gaining currency by transforming how financial institutions can tackle compliance in a swift, comprehensive and less expensive manner.
Many banks around the world, large and small, continue to experience major security failures. Biometric systems such as pay-by-selfie, iris scanners and vein pattern authentication can help.
The implementation date of Europe's revised Markets in Financial Instruments Directive, aka MiFID II, is fast approaching. Yet evidence suggests that awareness about the impact of Brexit on MiFID II is, at best, only patchy and there are some alarming misconceptions.
Banks might feel justified in victim blaming when fraud occurs, but it does little for customer confidence.