Structured finance products show no signs of becoming simpler, so learning how to define these instruments is equally as important as understanding how to get the best value out of them.
The following roundtable discussion focused on the final statement on the complex structured finance transactions (CSFTs) of financial institutions. Issued on Jan. 5, the interagency statement focuses on an institution's policies for identifying CSFTs and their elevated risks. It also looks at the firms' risk management policies. The statement identifies three steps that financial institutions need to take in order to adequately manage risk: the identification, due diligence, and approval processes for elevated risk; documentation; and general risk management principles for elevated risk CSFTs.
The discussion also touched on the looming implementation of statement SFAS 157, which will address fair value measurements, as well as try to develop reliable estimates of fair value. What is elevated risk? What instruments have elevated risk? Are subprime securities part of the equation? Who is responsible for analyzing these complex transactions? Participants in this discussion answer these questions, and more.
The members of the roundtable also tackle the fair value measurement of these instruments and the associated mark-to-market risk, which could be considered integral elements in the identification of elevated risk CSFTs. They take a closer look at risk management principles applied by institutions that hold these instruments. Has increased regulatory scrutiny focused on appropriate mark-to-market activities affected market participants engaging in these activities?
ASR: There are two major themes to the statement concerning what's expected of these financial institutions. One's involving basically the management of risk, and the second is involving understanding their customers' business objectives. Could we discuss those two issues in a little more detail?
RIEGER: This is clearly a message to the industry that the complexity that is out there needs to have some risk-mitigation steps taken by these institutions that have this exposure. It was more around mitigating the replication of the legal risk of having exposure to these complex types of instruments and securities. And typically, it's going to be very few individuals within the firm itself that have a sound grounding as to how that complex structure or financial transaction actually works and the ramifications of having exposure to it.
ASR: What does the statement define as a complex structured finance transaction? There's a whole list of things that aren't, that are within the structured finance world, such as ABCP and credit card securitizations, MBS, and even hedging-type transactions involving plain vanilla derivatives and CLOs. All of these are on the list of things that they don't consider complex transactions. Can we have some examples of what would be considered complex?
BEAUMONT: What is complex to one may not be to another. Maybe what makes something complex, for example, is that it's a very simple structure of a bond and has a series of cash flow payments, but maybe the entity that issued the bond has gone into bankruptcy. Or maybe it was a special deal, not traded every day in the marketplace, so there's not a price that's quoted every day to observe, so there's a need to try to come up with an idea about what the value of this instrument really should be. There have been some who have said - and I think maybe it overstates the case a little bit - that if you were to try to pick one word to describe what it is or what it's all about, that that one word would be documentation. I think the rationale behind making a statement like that is when you start to get involved with securities that don't have a transparency in the marketplace then there's a judgment that can come into play, or there's a model that can be involved for part of the process of arriving at what is the value of this.
RIEGER: I think the intent was to identify areas of reputational legal risk. Once those areas are identified, to put in place a procedure for risk management and documentation and process and oversight into having exposure to that. Some of those that you listed actually could be complex structured financial transactions because they do raise reputational and legal risk of owning this type of instrument. The way I've been looking at it is if you can't identify or describe it easily, you don't have robust documentation, and if you can't get a reasonable mark-to-market outside of the folks who put the structure together, that could be a red flag saying this could be a complex structure.
ASR: So, is it more that you have to look at each transaction individually to determine whether the transaction has these requirements that would make it complex? Does subprime fall under this?"
RIEGER: Most of the structures you listed are, indeed, complex. I think the issue is, do they pose elevated risk to the people who have exposure to them? And that elevated risk can be partly defined to me as: If you can't readily describe it, you can't readily get a mark to market on it except from the counterparty who put it together for you or the trader on your own trading desk. These could be a red flag or a signal that you may have elevated risk here. It seems to me that the interagency statement is telling the institutions: Go ahead and take additional steps to mitigate the risk of having this ownership.
RUSSO: I don't think subprime is necessarily something that falls into this, because the statement actually specifically says that mortgage-backed securities don't. That doesn't mean that subprime doesn't have risk; it's just not the kind of transaction that the regulators are focusing on here. And what they do is they don't actually define a complex structured finance transaction - or a CSFT - but they give you a lot of illustrative examples of the type of things that are red flags, things that you ought to be looking at. They cite things like, for example, does the transaction lack economic purpose or business purpose or economic substance? So, in a subprime securitization, you may have a counterparty that is having financial difficulties, but there is an economic substance to the transaction. You need to separate transactions that have inherent credit risk or market risk or other risk. Another example is when there are circular transfers of risk, where you really don't understand what's going on with the transaction. Is the compensation disproportionate to the services that are being provided? Are there other agreements off to the side of the transaction that change the economic terms of the transactions that are undocumented? You really have to look at things that are basically doing something outside of the norm.
BEAUMONT: It's really almost like the opposite of saying "I'll know it when I see it." It is, "I'll know it when I can't see it." When I can't see what would normally come with a plain vanilla structured transaction.
ASR: Who are the individuals within a firm that need to have a sound grounding as to how complex financial transactions work and the ramifications of having exposure to it?
RIEGER: Well, the derivatives traders, people in the risk-management team who are putting risk-mitigation steps into place by purchasing or selling CDS-type exposure, or it could be even just simply owning an IO of a structured finance term. That could be considered something that's hard to identify, hard to understand, hard to value, hard to document, and in those cases, the risk, therefore, needs to be better defined. This is clearly a message to the industry that the complexity that is out there needs to have some risk-mitigation steps taken by these institutions that have this exposure.
BEAUMONT: If we were dealing with things that were completely transparent - where did the share of GE stock close last night - we all know 12 different places we can name off the top of our heads and where we can go and find a price or value for that instrument. The morning newsstand issue of The Wall Street Journal, for example.
ASR: So who is responsible for taking the lead in analyzing complex transactions and looking for these red flags? Is that what the board of directors and senior management should be doing?
RUSSO: The one thing the statement talks about is that the people who are approving the transactions in an institution need to have sufficient seniority and stature. They don't specify that it has to be a board, but they're just saying that, depending on the institution, it has to go to someone who is at a senior enough level that it's appropriate for them to be approving it. And they also have to be a senior control function. In other words, you really can't have the same people who are responsible for making the money off the transaction approving the transaction. They can't be tied to the same P&L.
HARE: There are also ethical considerations where they say they are going to look to the most senior levels of an institution to set the tone that we, as an institution, are risk-averse in certain circumstances. Obviously, profit is a driving force, but we need to have a risk-mitigating environment that addresses these things. And they're looking at senior people to set that tone and carry it through the institution as a whole.
ASR: Let's talk about the expectations regarding financial institutions' policies and procedures as they relate to CSFTs. What does a financial institution need to address?
HARE: I think the first line of policies that are stated as required, not even recommended, would be due diligence policies, the diligence of the transaction, the diligence of the parties, the diligence internally of what's involved to assess the risk, and the process of determining whether there's an elevated risk and, if so, how elevated and what reaction or what process needs to take place for approval. The regulators want written policies on due diligence that address that. I would assume that's maybe not something unique or new to the institution, but it's not necessarily been stated as from a regulatory perspective as a requirement. I would assume most institutions have such policies in place.
ASR: What's the next step once you've identified the risk?
RUSSO: Well, then you have to have a process for actually approving the transaction. I think it's more a recommendation as opposed to a requirement that you have some kind of a senior-level committee that is responsible for looking at these. And then you have to document that the information that was taken to the committee and also what the committee decided - whether it's to proceed with the transaction, or whether the committee requires any modifications to the transactions or requires disclosure from the counterparty. You do have to figure out how to document all that.
RIEGER: Don't forget the next step, which is risk mitigation. You now need to surveil what's going on in the marketplace and make sure the data you're using is proper and adjust your risk-mitigation process to evolve with whatever the current environment is, whether it be driven by subprime, all the way through CLOs or CDOs. The risk mitigation is driven more toward constantly obtaining more data and having perhaps a third party or somebody else in the organization who has the authority to say, "We've got to begin to make changes here and reduce our risk, whether it be legal or reputational."
ASR: What exactly is sufficient documentation?
BEAUMONT: This relates to the entire process from inception of whether this is an appropriate product to be involved with and how that is vetted and evaluated, through to the models and papers that might be available to support why a particular process was used. Things can change in different market environments with the different characteristics of the product involved, and how is that being monitored and what are the points that are decision triggers for when something happens or doesn't happen? Who reports to whom or who would be responsible for bringing something to someone's attention to review something in a proper way? And, again, it's the entire life cycle of what would be involved with looking at these.
ASR: The statement also says that an independent review can be conducted by the institution's audit department. How much flexibility does the audit department have to conduct these reviews effectively?
RIEGER: Flexibility is critical, and autonomy and independence, but also the skill set and knowledge have to be there in that auditing function. Most of these really complex, high-risk structures are new to the marketplace, and that skill set may not be necessarily readily available to that auditing group. That auditing group needs to continuously stay ahead of the curve, and that's got to be pretty difficult for an auditing group to do. But for them to do their job effectively, that's really what they need to do. They need the tools that traders use to determine that structure. They need to understand and use those tools to really perform their art successfully.
ASR: Should the financial institutions be providing training to the auditing department or requiring that they keep up with this area?
HARE: I don't necessarily think they need to provide the training but to encourage it, permit it, maybe not internally, but through other sources outside the institution. You would want your audit group to have a third-party education source or a third party involved in helping them to understand the product to get the most efficient use out of your audit program.
RUSSO: One thing that we do is we have audit groups who are aligned with the business unit. They're obviously independent, but they're familiar with the business unit and audit that business. So, they get to know what that business does. And maybe they're not as expert as the traders, but they certainly understand that business, and you're not just taking someone from a totally different area and saying, "Please go audit this complex structured products business."
The other thing that we do is - and I'm sure other institutions do it as well - is the audit department partners are working closely with people like legal, compliance, the financial areas, all the other control areas that monitor that business. Because we're independent of the business, but we also understand the business and understand those transactions, sometimes probably better than the auditors, because we work with them day to day.
RIEGER: I think it probably comes down to transparency. From day one, if whatever was put together is transparent and can be understood throughout the organization, whether it be legal or risk mitigation or management compliance, and then the poor souls in the back office who have to database this as well as get whatever it is, mark to market, that transparency effort really is critical for everyone to understand what it is that's going on here or what's being put on the books at the moment.
ASR: Do you think that the statement provides sufficient guidance for those involved in creating these policies and procedures?
Hare: Typically the banking agencies - I work more closely with the banking agencies than the SEC - they probably use similar protocol, but because it's a guidance, it doesn't have the force of law. But it is designed to be transparency on their side, something that when their examiners are coming in looking at the same things the institution is looking at. So there isn't a surprise. So, the staff from the various agencies are guided by the same triggers, the same issues that the institution is aware of going in and all along.
RUSSO: It's not an absolute rule, but it does provide you a lot of guidance as to what you do need to do as an institution. And the other thing the guidance does say is that it's not meant to apply to every institution. There are a lot of institutions that aren't engaging in complex transactions, so they wouldn't be subject necessarily to this. And they provide a lot of guidance that makes it clear that you're supposed to tailor it to what works for your institution; it's not a one-size-fits-all.
BEAUMONT: I think that point is an excellent one in the sense that I think there's a certain latitude provided for a corporate culture and the idea that in proper situations there is the awareness from the senior management part on down through the organization, and there's a philosophy and encouragement of discussion about risk, understanding risk and the educational component and the support of that and so forth, and needing to let the document breathe a little bit.
HARE: I think the distinction between what was the initial statement as proposed in 2004 and 2006 is the idea of it being principles-based, which is what we're talking about. It's more fluid; it's more easily adopted and adapted to your particular institution.
And what Institution A does doesn't necessarily mean under the same statement that it's the exact same thing that Institution B needs to do.
ASR: Are there any parameters that tell you, okay, there's too much risk here and maybe we shouldn't go through with this transaction?
RUSSO: The statement says that if after you've done all your due diligence and you've gone through your entire approval process and maybe you've gone back and come up with some mitigants for the risk, if the transaction still presents an unacceptable risk to the institution or would result in a violation of law - you would think that that would go without saying - you should decline to do the transaction. So, it's not hard-and-fast, but they basically say if, at the end of the day you're not comfortable, don't do it.
HARE: The interesting piece of that, too, is that they expect that process and decision to be maintained in the documentation. Even if the decision is no, they want to be able to follow through that process with you. Wherever that final decision is made, the documentation should reflect. We elected not to do this transaction for Reason A, B, or C, or A, B and C, whatever they may be.
ASR: Do you think that the majority of financial institutions have established policies and procedures in place to determine an accurate level of risk in these transactions?
HARE: I think there is attention. There will be probably instances of mistake, but I think that as an industry it's getting significant attention, significant focus, great resources. So, overall I think yes, but, obviously, I think there will be instances where we can point to that not being the case.
BEAUMONT: I think Jeff's right, because ultimately in many respects this is going to be in the self-interest of the organization anyway, that they're going to want to have a clear idea of what's going on within the organization, what are the litmus tests that are being used to decide whether something is done or not. So, it's good business practice.
ASR: Lets look at the SFAS-157, the fair value measurement standard. How do pricing services fit in?
RIEGER: S-157 is leading the way not just from a U.S. perspective, from an international perspective. In the U.S. markets alone there are more than three million fixed-income-like instruments that are outstanding. And on any given day very few actually will transact in the marketplace. So, the fair value measurement actually plays a pretty big role now in the evolution of mark-to-market, particularly in the U.S., but also with the international account standards.
So, when we're looking at three million instruments outstanding on any given day, Trace and MSRP report about 50,000 transactions or fewer actually happening in the fixed-income marketplace, fair value and the approach used becomes critical. And this standard outlines, finally, for the marketplace the steps necessary to fair value. But not only the steps, what disclosures now institutions need to make with regard to what steps they took to fair value.
Critical in the process is the approach taken to valuation, whether it was a market approach or other approach that's been approved, the inputs used in that valuation, and then the level of input. And the accounting standard actually details three specific levels of inputs: Level 1 is trade data, but in the fixed-income markets that's few and far between, given the number of bonds outstanding; Level 2 is prices or marks derived from data that comes from observable market inputs; and Level 3 is marks that are generated purely by mathematical models without any observable market inputs driving the results. And now users, institutions, when they're providing their financial statements, have to outline in the financial statements which level they were using.
So, it's a big step. In the fair valuation or mark-to-market arena it's really truly impacting, again, the pour souls in the back office who've got the day-to-day aspect of trying to mark to market assets and liabilities. They've got that day-to-day responsibility, and now they've got to link all this data and try to understand the data, insuring their prices are appropriate for the use as defined in the accounting standard.
BEAUMONT: One just quick add-on to JR's comment in going through the three levels, Level 1 being the really transparent level and working toward Level 3. I think one thing that is going to be more of a topic at institutions is at that third level where the model becomes a very important consideration. Models have assumptions, and there's more than one model out there that can be referenced, and the difference between what Model A might produce versus Model B might produce. What is an acceptable variance to have? That variance for more traditional complex products - like maybe an interest rate swap - would be much narrower than it would be for, maybe, a digital cap option on an exotic currency. So, this becomes one more step. It's just a reminder that however far we think we've come in terms of addressing these issues and thinking creatively about what they are and categorizing them in various levels and so forth, there's always that next step. It's just the idea that there's always going to be something else to think about and putting that into place in terms of an approach and a risk metric, as well as how to monitor it and how to manage it.
ASR: Has increased regulatory scrutiny focused on appropriate mark-to-market activities affected your customers?
RIEGER: Well, we provide services to institutions like mutual funds, banks, dealers and insurance companies, and they all use mark to market for slightly different purposes.
They can use it to value positions in margin accounts or they can use it to strike net-asset values if they're a mutual fund, for risk management, for valuing the traders' inventory.
Various purposes are used for mark to market, and now the scrutiny is on the appropriateness of the price used for the purpose.
So, if a fund owns $20 million of position in a particular security or instrument, if the price isn't relative to where that position can be liquidated, the institution now shouldn't be using that price. They should be adopting the fair value accounting standard as what basically drives them to say, Where can I liquidate this particular position given the current economic conditions, market conditions,' or what have you.
Subprime is an excellent example of that. You've got questions about how instruments or securities are being carried from a value perspective on the books. Well, they're relatively illiquid securities to begin with, and now with potential liquidations coming they can be even harder to value. So, the independence of the valuation process should really be considered, and the accounting standard actually helps those decision-makers use independent sources of pricing apart from the people that they sold the bonds from and the people who bought them on their own trading desk.
Thacher Proffitt & Wood
J. R. Rieger
VP of Global Evaluations
Standard & Poor's Securities Evaluations
(c) 2007 Asset Securitization Report and SourceMedia, Inc. All Rights Reserved.