Companies would be unwise however to think that this is purely a debate for government and regulatory bodies. Preparing now for a switch to systemic risk regulation is something which no company can afford to ignore as John Farrell of KPMG’s Advisory practice explains.
If this crisis teaches us one thing, it will be that the business world should pay more attention to the issue of systemic risk. It has grabbed our attention in the most spectacular fashion imaginable and is likely to shake the foundations of future risk management to their very core.
It was an inability to cope with the systemic risks which brought us to where we are today. Such systemic risks — the rapid decline of leading banks, the tightening of credit, spiraling unemployment, the collapse of consumer spending — rarely became the focus of any single regulator’s efforts.
Instead, the focus was predominantly on individual risks. Businesses considered risk at a micro level but this crisis has shown that more effort should have been expended at a macro level. Globally, the realization is dawning that the regulation which was in place has been somewhat ineffective.
A problem may well have arisen from the fact that there were so many regulations —covering so many individual risks — and so many regulators to enforce them. What was lacking was any real, solid understanding of where and how new regulation should have been generated. Much of the regulation was highly reactionary; driven by localized needs and tailored to local market conditions. Drawn into such risk minutiae, it is perhaps no surprise that the looming issues at a systemic risk level went unnoticed for so long.
That may now change. President Obama’s administration has already confirmed the selection of the Federal Reserve as the body tasked with addressing systemic risk in the U.S. Other governments may follow suit; tasking various regulatory bodies with a mandate to monitor companies’ ability to cope with key systemic risks. Trying to second guess exactly what form such regulation might take would be a pointless and thankless task. However, what is for certain is that businesses around the world need to anticipate a significant advancement in systemic risk regulation.
This will not happen immediately. I do not believe that large, fundamental changes will be implemented until we can properly see the light at the end of the tunnel and can be confident that the economic corner has been turned. When that does happen, we may see a significant rationalization of the current body of regulation, recognizing the fact that certain regulation simply doesn’t work any more and that systemic risk regulation will only add to the already onerous compliance burden. Such changes should result in major, sustainable improvements to the system.
If there is one area in which companies can be preparing themselves for this now, it is in their capability to undertake worthwhile scenario planning. Systemic risks – and the subsequent fall-out from them — are massive concepts to come to terms with intellectually. Their potential impact cannot be quantified in the far simpler way that you could assess, for example, the impact of the loss of a key supplier.
Extensive scenario analysis and the posing of numerous ‘what if’ questions is one way forward here. The outputs of any such activity can prove helpful in dealing with the kind of enquiries likely to be posed by any global regulator eventually tasked with overseeing systemic risk. Better therefore to be preparing for that now rather than panicking at a later date.
As mentioned previously, while a regulatory overhaul appears inevitable, there are still few clues as to exactly what shape this overhaul may take. This is a debate clouded by the fact that it raises so many fundamental questions around the future role of those agency branches of government which sit at the heart of risk monitoring and regulation. What is for certain is that any company sitting back, waiting to see how this will pan out, is likely to miss the boat.
— John Farrell is an Advisory partner with KPMG in the U.S.
- The risk & compliance think tank