Banks urge Cebs to rethink operational risk guidelines

LONDON – Banks are urging the Committee of European Banking Supervisors (Cebs) to reconsider its proposed guidelines (CP35) on operational risk in market-related activities, expressing strong concern the text is too prescriptive and detailed.

“Although dressed up as an operational risk document, it is in fact a control framework that contains a number of principles and detailed guidance relevant to our day-to-day activities under a whole range of areas, from front office through to human resources,” says one London banker.

The financial industry’s worries came to light at a public hearing at Cebs’ London headquarters on March 9. Bankers in attendance made it clear that, while they broadly agreed with the guidelines’ principles, the detailed practical rules were “confusing” and at times raised issues that were not directly pertinent to operational risk responsibilities.

“There is little to disagree with at the level of principles, but I am concerned about some of the details. Some might be impractical, others we disagree with and some we don’t understand,” says John Wertheim, head of operational risk for Europe, the Middle East and Africa at Citi in London.

John Whittaker, group operational risk director at Barclays, agrees: “The principles are fine, but when it gets into the detail the proposal is too prescriptive.”

We support the principles, but it is not clear the text supports the principles. Sometimes the detail pushes you in a direction you would not take

Participants are worried the guidelines would  impinge on areas that do not directly fall under operational risk’s remit. Most participants wanted clarification about the wording of the text. “We support the principles, but it is not always clear that the text supports the principles. Sometimes the detail pushes you in a direction you would not take,” says Vincent Baritsch, head of prudential policy at Royal Bank of Scotland.

Many questions have been raised about practical requirements, ranging from real-time reporting of trades and cancellations to conciliation of accounts, how an audit trail should be managed and, more generally, communications and reporting requirements. One banker asked whether the guidelines had been discussed with supervisors outside Europe to avoid the risk of regulatory arbitrage.

The level of concern seemed to surprise the Cebs officials at the hearing. Marco Moscadelli, responsible for the validation of internal models at the Bank of Italy and chair of the Cebs subgroup on operational risk, said: “This document is consistent with what is being done by other supervisory authorities around the world,” and that it should be read along with other related Cebs documents.

“It is important firms have a proper classification of operational risk. We found it necessary to focus on the way operational risk is managed. We felt op risk management needed a push,” he said.

He urged banks to send their comments in writing. “Most of the comments raised today would have been better outlined in the written procedure,” he said.

A group of operational risk managers at leading international banks will be pushing for changes to the text through the British Bankers’ Association (BBA), a senior source close to the discussions told OR&R.
“It is unusual for the group to provide feedback in this way, so it gives you some indication of the concern,” the source said.

The group, which meets once a month, includes senior managers from a wide range of international banks, including: Barclays, Bank of America, Citi, Credit Suisse, Deutsche Bank, Dresdner, Goldman Sachs, HSBC, JP Morgan, Nomura and UBS.

“We get together to talk about current issues. After the Société Générale rogue trading incident in 2008, for example, we compared notes. It is all in the spirit of raising standards of risk management,” the source said.
The consultation was set to end on March 31, and final guidelines are to be published three months later. The guidelines set out principles and practical requirements that financial firms will have to implement to ensure they have robust governance and risk controls.

The hearing generated a lively debate between 30 participants from major international banks and the Cebs officials.

One participant complained management boards already had many responsibilities and that “operational risk is not the only thing they have to control”.
Moscadelli said the criticisms and suggestions made at the hearing and in writing would be taken on board in the final guidelines and sought to play down the criticism. “Most of the comments were related to terminology and wording,” he said.

But this is unlikely to satisfy the bankers present. “Each firm will have to comply with the principles, but it should be up to them to decide how to implement them. It should not be so prescriptive,” says one banker, who did not want to be named.

“It gets dangerous when regulators start telling banks how they should structure themselves,” Barclays Whittaker says.

Responding to questions, Bernd Rummel, a member of the Cebs secretariat, said it would be premature to say what might be changed in the guidelines. “It would not be fair or practical to amend the guidelines just on the basis of the public hearing,” he said.
He defended the approach taken by Cebs. “If we didn’t provide the detail, you could have a situation where supervisors interpret things in different ways. Without detail you would not reach harmonisation. You need a balance with the right level of detail.”

Banks, he said, should remember that the principle of proportionality will operate, which allows fine-tuning depending on the size, capacity and business of each institution.

Asked whether a further hearing might be needed because of the many doubts about the text Rummel said an extra consultation could take place if Cebs’ members agreed, although this was unusual.