To manage operational risk, banks increasingly use data from consortiums formed by peer institutions. Although existing data consortiums seem to work appropriately, it is worth examining why banks report properly (that is, thoroughly and truthfully), since in several countries where new data consortiums are planned, there are fears that banks may choose to report untruthfully or hide information (what we call misreporting). We show that if misreporting cannot be detected, then, even in an infinitely repeated setup, the game has multiple equilibriums, so proper reporting is not the unique outcome. We then analyze two types of sanctions. When the punishment is nonmonetary (eg, exclusion from the consortium for a given number of periods), then for some parameter values even the harshest punishment cannot bring about proper reporting as the unique outcome. Nonetheless, a numerical example suggests that by designing the data consortium adequately, proper reporting can be advanced, without overly compromising anonymity. When a monetary fine is imposed on misreporting banks, a sufficiently severe punishment results in proper reporting, even if anonymity is maintained in the limit.

Please click here to download PDF