Fed to Make Banks Pay for Lax Risk Management

By Barbara Rehm

We have been obsessing over risk management for more than a decade, and yet too many large financial institutions still don’t do it very well. Why is that? There are lots of excuses, even some good ones, but the fact remains that few companies have devoted enough resources to managing the myriad risks hurled at them day in, day out. That’s about to change. A sliver of the Federal Reserve Board’s massive proposal to enhance its supervision of the largest banks spells out exactly what enterprise wide risk management should look like. Qualifications for chief risk officers and board risk committees are detailed and certain reporting lines are required. It may be the single best shot at preventing another financial crisis because, once the rule is adopted, the executives and boards of our largest firms will all be held to a single risk management standard. And perhaps even more important, regulators will be held accountable if they fail to ensure compliance with the new mandates. Not surprisingly, some financial companies oppose hardwiring a subjective practice like risk management. Karen Shaw Petrou, co-founder and managing partner of Federal Financial Analytics, is slightly less diplomatic. “Everyone talked a good game about enterprise wide risk management, but the regulators didn’t do anything more than speechify and the banks did nothing to implement it,” she says. “So I think they need rules to ensure, not only that banks do it, but that regulators are held accountable for it.”