How To Build A High Performance Risk Management Program


Each bank board faces unique challenges, but every bank board today is faced with the universal challenges of operating in a safe and sound manner, finding profitability in tough economic times, and implementing an effective enterprise risk management program. In this short video presentation, Fidelity National Information Services, Inc.’s Sai Huda addresses these challenges and offers five key steps to success.

Highlights include:

  • Implementing a high performance risk management model
  • Finding the sweet spot between risk and reward
  • Developing a risk dashboard to manage emerging risks


Regulatory Guidance on Stress Testing: What Every Board Must Know and Should Do


frayed-rope.jpgThe banking agencies (the Federal Reserve, the Federal Deposit Insurance Corp. and the Office of the Comptroller of the Currency) recently issued the Supervisory Guidance on Stress Testing (the “guidance”).  This guidance becomes effective July 23, 2012 and applies to banking organizations with more than $10 billion in total consolidated assets. 

However, all banks regardless of size should pay close attention and follow the principles outlined in the guidance in order to implement an optimal risk management program at the bank. 

This article highlights what every bank board must know about the guidance and should do, regardless of the bank’s size. 

What the Guidance Says

The guidance says that a banking organization with more than $10 billion in total consolidated assets should implement stress testing as a key component of its risk management program. The main purpose is to enable the organization to fully understand its risk exposures and impact from stressful events and circumstances and better equip the organization to handle a wide range of adverse outcomes in the future.  

The guidance says banking organizations should incorporate five principles into a stress testing framework so that:

  • It is tailored and captures the organization’s enterprise risks
  • It employs multiple stress testing approaches
  • It is forward looking and flexible
  • It produces stress test results that are clear, actionable and support informed decision making
  • It includes strong governance and effective internal controls

The stress testing framework should cover all risks such as credit, market, operational, interest-rate, liquidity, country and strategic risk.

A banking organization’s senior management needs to design and implement the stress testing, while the board should approve the framework and policies.  The board should then monitor compliance.  The board also needs to use the results from stress testing to assess the impact to the risk profile, risk appetite and strategic plan. There should also be an independent review and validation of the framework used in the stress tests.

What the Board Must Know

Failing to follow the guidance and implement a stress testing framework commensurate with the banking organization’s size and risk profile will be deemed an unsafe and unsound banking practice. Bank examiners will closely evaluate the board’s role and ultimately hold it accountable.

Ultimately, the board is responsible for ensuring the banking organization has an effective enterprise risk management program that includes an appropriate stress testing framework.  The board should make sure senior management covers all risks and utilizes stress testing techniques such as scenario and sensitivity analysis and reverse stress testing.  Stress testing should provide the board with critical intelligence that ultimately can result in optimal risk management performance.  The board should also ensure that the stress testing framework’s adequacy and effectiveness is evaluated and validated independently.  

What Community Banks Should Do

While banking organizations with $10 billion or less in consolidated assets are exempt from the guidance, it would be prudent for the boards at these organizations to closely review the guidance and consider implementing a stress testing framework commensurate for their size and complexity, as a best practice. 

For example, a community bank could incorporate reverse stress testing as described in the guidance as a tool.  Reverse stress testing means the banking organization identifies “break the bank” type adverse outcomes, such as suffering material credit losses that result in severe undercapitalization, an employee committing a large fraud that results in a material loss, the bank being used for money laundering that results in criminal penalties or the bank being accused of lending discrimination and prosecuted by the Department of Justice (DOJ). The bank should then deduce the types of events that could lead to such an outcome.  This can reveal potential blind spots or previously unknown sources of risk that can then be mitigated through enhanced risk management.  Community banks in particular, due to their size, limited resources and less diversification in geographic location and product mix, may be more vulnerable to “break the bank” type of adverse events and may not be able to withstand such surprises unless they have planned for such an outcome. 

Ultimately, stress testing provides critical forward looking risk management intelligence that the board should use to guide the banking organization to attain optimal risk management performance and maximize shareholder value, regardless of the size of the organization.

Will Citigroup Shareholders’ “No” Vote Change the Compensation Game?


monopoly.jpgIn its discussion of its pay package this year for Vikram Pandit, Citigroup’s chief executive officer, the company extolled the accomplishments of the man brought in to clean up the mess that was left in the midst of the financial crisis.

Citigroup has been profitable for eight consecutive quarters. It has repaid the government’s Troubled Asset Relief Program money. Pandit had gone two years without drawing a salary in the midst of the company’s trouble, and was rewarded in 2011 with a salary and a bonus. Plus, the company had taken steps to align its incentive pay with future performance: 60 percent of top executives’ bonuses will be deferred over a four-year period based on performance.

None of this was enough to please investors and shareholder advisory groups such as Institutional Shareholder Services (ISS). Investors voted down this week the CEO’s pay by 55 percent in an advisory vote made possible by the Dodd-Frank Act.  ISS claimed Pandit’s compensation was misaligned with total shareholder returns (Citigroup’s stock price was down 23 percent during the past 52-week period and it was down 93 percent during the past five years.) Future bonuses would be “essentially discretionary” based on a variety of factors such as execution of long-term strategic goals and return on capital, according to ISS.

Basically, the pressure is on for Citigroup and other publicly traded companies to tie incentive pay to specific metrics that benefit shareholders, rather than more vague goals that give the board wide discretion.

It didn’t help matters that Citigroup was one of few big banks to fail the federal government’s stress tests this year, meaning it won’t be able to return capital to shareholders in the form of dividends or stock buybacks.

Plus, ISS determined that Pandit would be paid more than his peers at other big financial firms. Although Citigroup reported that his total compensation for fiscal year 2011 was $15 million, ISS determined that future awards could be worth as much as $34 million. A $10 million award is tied to the company earning pre-tax income for a two-year period of at least $12 billion, which “does not appear challenging given that the company’s income from operations exceeded $15 billion in each of the last two fiscal years.”

Citigroup may be scrambling to deal with the bad publicity now from the “no” vote on pay, even if technically, the advisory vote is non-binding. But will other banks scramble to make sure they don’t suffer the same fate?

Maybe not, says Peter Miterko, a managing director in New York City for Pearl Meyers & Partners, a compensation consulting firm.

“It may be a more subtle impact, rather than everyone saying ‘Let’s redo our pay packages,’’’ he says.

Most banks already have sent out their proxy statements for the year, making it hard to revamp any pay practices. But Miterko thinks the publicity will encourage companies to communicate better in the future with shareholders about why they pay what they do.

A typical problem in proxy statements is that it’s not clear to shareholders what performance metrics must be met for an executive to get incentive pay, he says.

“The positive development [with say-on-pay] is that shareholders tend to see a lot more clear connect with how they’re better off,’’ he says. “Shareholders want to know that executives are told in the beginning of the year, ‘This is what you have to do to get your bonus.’ They want to know the goals are stretch goals and the financial improvement will warrant the incentive payment.”

Don Norman, an attorney for Barack Ferrazzano Kirschbaum & Nagelberg LLP in Chicago, who handles compensation issues for community banks, says many banks have already made changes in order to defer a portion of incentive pay for executives and many have tied it to specific performance that benefits shareholders.

Much of that was set in motion following regulatory guidance on incentive pay in the aftermath of the financial crisis and the compensation rules for banks that received Troubled Asset Relief Program money.

But tying pay almost entirely to shareholder returns can place too much emphasis on short-term performance and thereby create undue risk, he says.

“The market doesn’t have a long-term focus,’’ he says. “It’s ‘what have you done for me lately?’”

Instead, he thinks it is not unreasonable for bank boards to maintain some level of discretionary decision-making over bonuses.   This is much easier in the private bank setting.

“If there’s no discretion, why do you need a compensation committee?” he says. “You have an intelligent and educated group of board members for a reason and there should be some level of deference to their judgment. There are management efforts that should be rewarded that are not always reflected in formulas.  Good or bad, this should be part of any pay assessment.”

Banks without a lot of institutional ownership will have less reason to worry about shareholder advisory groups such as ISS. Still, no one wants to find a majority of their shareholders voting down their pay packages.

Last year, 41 firms in the Russell 3000 (or less than 2 percent of the total index) reported that they failed to win majority approval from investors on pay, according to ISS. This year, 175 companies have had proxy votes and the average shareholder vote has been 90.4 percent in favor, ISS says.

So ending up as one of the firms with a no vote doesn’t look so good.

McLagan, another compensation consulting firm, offers some advice to avoid a “no” vote:

  • Analyze the shareholder base to determine the level of ISS or other advisory firm influence.
  • Monitor changes in each of your institutional investor’s proxy voting guidelines.
  • Audit your compensation and governance plans and programs for any potential exposure to guidelines of proxy advisor groups and institutional investors.
  • Track 1-year, 3-year, and 5-year total shareholder return relative to your ISS-established peer group.
  • Use the proxy compensation discussion section to clearly tell the “story” of executive pay and explain pay and governance decisions.
  • Be prepared to engage in meaningful dialog with shareholders.

10 Ways Banks Can Grow in 2012


water-grass.jpgIt’s old news that banks are operating with fewer avenues for growth than in years past,  and it’s no surprise that bankers are scrambling for new ways to make up for this lost growth. In doing so, however, bankers need a smart and focused strategy to make the most out of the opportunities available. In a recent report,  “Top 10 Ways Banks Can Grow in 2012,” Grant Thornton LLP comes up with a priority list for growth in the current financial environment.

1. Focus Strategic Plan on Growth

Strategic plans should not be viewed as simply a regulatory requirement, but as a valuable instrument in the assessment, and often continual reassessment, of goals. Grant Thornton writes, “Now that many companies are shifting from survival mode to seizing opportunities in an improving economy, banks should develop and modify their 2012 strategic plans with a renewed focus on growth objectives.” This includes examining whether you are properly incentivizing your growth goals with employees, taking a new look at where you should and shouldn’t be cutting expenditures in your marketing, and rethinking previous decisions about which products are most relevant to today’s market.

2. Examine an Acquisition

While there are many current roadblocks to a successful M&A transaction, ranging from new regulations to uncertainty about future pricing, M&A is still considered a popular avenue for growth. Before incorporating an acquisition into the growth plan, however, banks need to consider post-acquisition issues.

 Aside from preparing for the complex accounting and financial aspects of an acquisition, directors need to be prepared for potential cultural conflicts. “Communication and leadership are probably the most important prerequisites for a successful integration. It’s critical that there be transparent communication between the acquirer and the acquired entity, so that important cultural issues, such the composition of the combined institution’s senior leadership team, are handled in a timely manner,” says Grant Thornton.

3. Implement Smart Tax Strategies and Structures

Banks need to ensure their tax strategies are taking advantage of all new federal benefits, as well as being up-to-date with state and local rules that cover their operating area. “Incentive credits that apply to banks should be implemented in all applicable jurisdictions. Federal benefits from credits (e.g. new market tax credits, energy credits, low-income housing tax credits) and bonus depreciation should be analyzed,” says Grant Thornton.

4. Develop New Service Offerings

Banks should consider adding new services to their existing line-up, as well as maximizing the potential of the services they already have. In terms of maximizing current potential, bankers should increase cross-selling to their established clients and determine which services need a renewed focus after being pushed aside during the downturn. 

For new areas of growth, bankers should consider teaming up with other entities that can help them expand services such as brokerage and financial planning. At the same time, they should consider participating in quality loans that are recently becoming available through other institutions trying to increase capital ratios.

5. Make Technology Work for You and Your Customers

Putting money into new technology expenditures may be hard to stomach for banks during a downturn, but it also may be necessary if their competitors are making those same investments. Grant Thornton suggests supplying tablets or iPads to your field staff which can be used to personalize customer marketing materials and complete loan applications remotely.  Grant Thornton also recommends considering a switch to cloud computing services—after first evaluating the inherent risks—if you haven’t already. “Cloud computing offers a number of distinct advantages over its predecessors, including a more efficient and cost effective use of internal resources, greater speed to deployment, lower operating and capital costs, and higher performance,” says the report. 

6. Send the Right Message with Social Media

Larger financial institutions, and even many smaller ones, are interacting with their customers in new and creative ways across a wide spectrum of social media platforms. Whether it is to bolster public image or to spread information about new products and services, social media offers an inexpensive way to communicate directly with clients.

“Social media provides the opportunity for banks to demonstrate their commitment to corporate social responsibility and help regain confidence from their customers and the public after being largely maligned during the recession,” says Grant Thornton. 

Banks should be cautious, however, as such open communication is a two-way street, and it can be difficult to control negative feedback. In addition, social media provides an avenue for both fraud and privacy breaches, and this risk should be examined as part of any social media plan. 

7. Ready Your Bank for Risk

All banks prepare for risk, but banks should take the extra step of incorporating an enterprise risk management (ERM) approach that fits each organization’s individual needs and objectives. “(ERM) is an approach to assessing and addressing the full risk profile of the bank, including strategic risks such as operational, financial, regulatory, credit and market risks. The assessment process allows all parties to fully understand the impact of major new initiatives across the bank, and enables clear, strategic decision-making,” says Grant Thornton.

8. Understand Regulations

Keeping up and complying with new regulations can be a difficult task given the recent influx of rules stemming from the Dodd-Frank Act and the formation of the Consumer Financial Protection Bureau, but no bank wants to find themselves in noncompliance. Fortunately, as long as the bank’s overall risk management approach is sound and the most potentially costly regulations are given special attention (i.e. the Fair Lending Act, the Unfair or Deceptive Acts or Practices program, and the Bank Secrecy Act) then banks can still see growth while staying compliant. 

9. Plan for the Worst-Case Scenario: Stress Testing

While recently made mandatory for some of the nation’s top banks, stress testing can be a valuable tool to any bank wanting to fully understand potential risks and prepare its growth plans accordingly. “Continual stress testing should be relevant to the bank’s specific portfolios, balance sheet and customer base. Stress testing should cover: asset concentration and credit quality; contagion risk, such as exposure to European debt; and capital structure and availability,” says Grant Thornton. By understanding possible future risks and building contingency plans, banks can more confidently and strategically take advantage of growth opportunities.  

10. Build a Stronger Foundation for Mortgage Lending

Despite potential roadblocks stemming from recent mortgage reform, banks should still consider growing mortgage banking efforts in areas where there is still a large or expanding market. 

“The recent improvement in housing starts and sales of existing homes indicate that there is still a large market for home mortgages.  If properly managed, a new or expanded mortgage banking effort could be very profitable,” says the report.  

Aside from home mortgages, banks should also take a look at new growth sectors in commercial real estate such as apartments, which look promising due to a high number of rental customers and a relatively low number of new apartments being built in the past few years. 

The full article can be accessed on Grant Thornton’s web site.

Top Issues for Audit Committees in 2012 and Beyond


We asked audit committee chairmen (and women) what their committees are grappling with in the year ahead. With the passage of the Dodd-Frank Act in 2010, it’s obvious from their responses that compliance with government regulations has become a huge concern. But so is monitoring the organization’s risks, including IT risks, and figuring out how to make a profit in an environment of low interest rates.

What do you believe are the top issues facing audit committee members in 2012 and into 2013?

 

Coleman-Robert.jpgStress Testing

We need to focus on developing the appropriate stress tests for our institutions to determine, monitor and support our capital adequacy; focus on liquidity risk as macro-economic conditions improve and many of our institutions face a run-off of deposits to higher earning assets; and institutionalize the lessons learned during this credit cycle. 

– Robert F. Coleman, audit committee chairman, PrivateBancorp, Inc., Chicago, IL


 

Stafford-Ingrid.jpgGrowing Profitability

I think the top issues are sustaining a risk-based focus with executive leadership, adapting risk oversight at the board level to new Dodd-Frank and Fed requirements and figuring out how to make money in a flat interest rate environment for the next two years. 

– Ingrid S. Stafford, audit committee chairman, Wintrust Financial Corporation, Lake Forest, IL



Copeland-Dave.jpgIT & Security Risks

I agree that compliance, particularly trying to understand what is coming with Dodd-Frank, is growing in importance.  IT risk is also taking a bigger share of our time. Everything from privacy and security (including cyber-security), to emerging technologies like the cloud, social and mobile are going to be a focus for us. 

– David L. Copeland, audit committee chairman, First Financial Bankshares, Abilene, TX



Compliance Issues
Budke-Gordon.jpg

Compliance continues to be one of the top issues. More and more internal resources are being directed to the ever growing compliance requirements. Disclosure is another struggle. I suspect that eventually, the 10-Qs and 10-Ks will become so lengthy that no one will read them with footnotes that now span multiple pages and are seemingly redundant to matters covered in other sections of the submissions.  Risk is a concern. Each of us hopes that we do not overlook the obvious. 

– Gordon Budke, audit committee chairman, Banner Corporation, Walla Walla, WA



Seward-John.jpgExpanding Responsibilities

The exponential acceleration of regulations will become an increasing challenge for audit committees of all banks, regardless of size.  The compliance area alone, where banks are being required to implement government policy initiatives, is a prime example of this challenge.  In addition, regulators are requiring extensive documentation of all actions taken and not taken in a culture where risk is to be reduced to zero. Therefore, the audit committee’s role is changing rapidly and must constantly be reassessed with these increasing responsibilities.

– John E. Seward, Jr., audit committee chairman, Bank of Tennessee, Kingsport, TN and Carter County Bank, Elizabethton, TN


tim-matz.pngRisk Monitoring

I believe the top issues confronting audit committees this year and next are developing, implementing and monitoring audit plans, including internal audit. These plans are focused on the identification and weighting of risk elements arising out of the transition of the banking industry from the defensive/capital conservation strategies of the past three years to the growth/capital deployment strategies to be implemented over the next several years.  The economy and the need for bank financing will expand together with the regulatory risks presented by the Dodd-Frank legislation.

– Timothy B. Matz, audit committee chairman, PacWest Bancorp, San Diego, CA