Rethinking Risk Management in Financial Services · 2013-07-25 · Rethinking Risk Management in Financial Services Report | 3 The World Economic Forum is proud to release this report

Rethinking RiskManagementin Financial ServicesPractices from other domains

COMMITTED TO

IMPROVING THE STATE

OF THE WORLD

Prepared in collaboration with The Boston Consulting Group

World Economic Forum

April 2010

The views expressed in this publication do not necessarilyreflect those of the World Economic Forum USA.

World Economic Forum USA3 East 54th Street, 17th FloorNew York, NY 10022USATel.: +1 212 703 2300Fax: +1 212 703 2339E-mail: [email protected]

REF: 110310

@ 2010 World Economic ForumAll rights reserved.No part of this publication may be reproducted or transmitted inany form or by any means, including photocopying and recording,or by any information storage and retrieval system.

All photographs are from www.shutterstock.com, except otherwise noted.

Rethinking Risk Managementin Financial ServicesPractices from other domains

Prepared in collaboration with The Boston Consulting Group

World Economic ForumApril 2010

Rethinking Risk Management in Financial Services Report | 1

Contents

Preface 3Letter from the Steering Committee 6Executive Summary 8

Chapter 1 – System-Wide Perspective 111.1 Introduction 111.2 Drive diversity 111.3 Simulate system disasters 151.4 Manage “fire” 18

Chapter 2 – Transparency and Information Flow 232.1 Introduction 232.2 Aggregate system-wide data 242.3 Scrutinize complexity 282.4 Innovate transparently 33

Chapter 3 – Governance and Culture 393.1 Introduction 393.2 Look for trouble 403.3 Value experience 443.4 Empower the front line 47

Chapter 4 – Conclusion 51

References 52

Appendices 54Appendix 1: Project Background and Approach 54Appendix 2: Summary of Risk Management Lessons from Aviation 56Appendix 3: Summary of Risk Management Lessons from Fisheries Management 56Appendix 4: Summary of Risk Management Lessons from IDC 57Appendix 5: Summary of Risk Management Lessons from Immunology 57Appendix 6: Summary of Risk Management Lessons from Pharmaceuticals 58Appendix 7: Summary of Risk Management Lessons from Telecommunications 58Appendix 8: Summary of Risk Management Lessons from Wildfire Fighting 59

Acknowledgements 60Project Team 62

2 | Rethinking Risk Management in Financial Services Report


The World Economic Forum is proud to release this report on the topic of Rethinking Risk Management inFinancial Services, which was part of the organizing theme for the Forum’s 40th Annual Meeting in 2010:“Improve the State of the World: Rethink, Redesign and Rebuild.” This report is part of an Industry Partnershipproject endorsed by the Financial Services Governors’ community at the Forum’s Annual Meeting in 2009.

The recent financial crisis acquired unparalleled proportions and inflicted long-term damage on economies,countries and people. As the true impact of the crisis becomes evident and the financial system stabilizes, it iscritical not to “let a good crisis go to waste.” Internalizing the lessons learnt and making the necessary improvementsnow will make the global financial system more resilient and better able to handle the next meltdown, when ithappens.

The crisis has highlighted the need to improve risk management strategies at both the system-wide and institutionallevels in the financial services industry. It has demonstrated that efforts limited to specific institutions or jurisdictionsare insufficient to address a problem that is global in scope. New thinking is required to rebuild a damagedfinancial system.

While other efforts have largely focused on improving risk management in financial services “from the insideout,” this report looks at it “from the outside in” – trying to learn from practices and patterns in domains suchas aviation, fisheries, wildfire fighting, immunology/epidemiology, telecommunication and pharmaceuticals.While not all of these practices are directly transferable to finance, many are and most of them provide muchneeded fresh perspective and thinking. Over the past nine months the World Economic Forum, in collaborationwith The Boston Consulting Group, analyzed the outside domains and engaged multiple stakeholders. Inputfrom over 100 subject experts, risk managers, academics and business leaders was sought in trying to answerthe question: What can the financial services industry do to better monitor, manage and maintain the resilienceof the financial system?

We trust that the report will stimulate your thinking, introduce new ideas and add to the broader discussionaimed at improving the long-term stability of the global financial system.

On behalf of the World Economic Forum, we wish to particularly thank the members of the Steering Committee,the Working Group, the interview and workshop participants, Project Manager Isabella Reuttner and our partnersat The Boston Consulting Group (notably Duncan Martin, Kenny Pun and Rachel Hirsch) for their boundlesssupport.

Kevin Steinberg Gian Carlo BrunoChief Operating Officer Director and Head of Financial Services IndustryWorld Economic Forum USA World Economic Forum USA

Preface


DISCLAIMERThe members of the Steering Committee and the Working Group support the recommendations and viewsexpressed in the report. However, they do not all necessarily agree on every detailed point made herein.

The opinions expressed are of a personal nature and do not necessarily reflect the stance of the companiesrepresented by the Steering Committee and Working Group members


Co-Chairs

Lázaro Campos Chief Executive OfficerSWIFT

Axel Lehmann Chief Risk OfficerZurich Financial Services

Members

Iain AbrahamsHead of Liquidity, Risk and Capital MarketsBarclays Capital

Karl GuhaChief Risk OfficerUniCredit Group

Simon LevinMoffett Professor of BiologyPrinceton University

Erwann Michel-KerjanManaging DirectorWharton Risk Management and Decision Processes CenterThe Wharton School, University of Pennsylvania

David RhodesSenior Partner and Managing DirectorThe Boston Consulting Group

Luke SavageDirectorFinance, Risk Management and OperationsLloyd’s of London

Cüneyt SezginMember of the Board of DirectorsGaranti Bank

Raj SinghChief Risk OfficerSwiss Re

Paul SmithTreasurerState Farm Insurance

Jim WebberChief Risk OfficerAviva

Tom WilsonChief Risk OfficerAllianz SE

Vanessa WittmanChief Finance OfficerMarsh & McLennan Companies Inc

Mark YallopChief Operating OfficerICAP Plc

From the World Economic Forum:

Gian Carlo BrunoDirector and Head of Financial Services IndustryWorld Economic Forum USA

Kevin Steinberg Chief Operating OfficerWorld Economic Forum USA

Steering Committee


The financial crisis has, to put it mildly, seriously challenged our traditional approach to risk management.Consequently, a number of individuals and institutions have advanced ideas for improving not only the analyticalframework, but also the status and relevance of risk management.

This report, not only reacts to the most recent episode (although we indeed reference many relevant examples),it also attempts to address a deeper problem: the demonstrated inability of the global financial system toconstructively mitigate and deal with financial crises. Over the past 40 years, the IMF has counted 88 bankingcrises. Hence, a fundamental question presents itself: Can the financial services industry benefit from experiencesin other domains that, over time, have developed sound practices and successful patterns to deal with risk?We believe the answer to be an emphatic “yes”. This report explores both what these practices and patternsare, and how they can be applied to the financial services industry.

Obviously, there are efforts already in progress to improve risk management in the financial services industry initiatedby such bodies as the Financial Stability Board and the G20. Many of these efforts are highly relevant, such asthe re-alignment of individual compensation with institutional and systemic goals. To avoid replication, our reportwill not dwell further on initiatives already underway.

In contrast to other and perhaps more conventional studies, our report tries to shed new light by focussing onthe lessons that the financial services industry can learn from other environments. We take an “outside-in” perspective,thereby differentiating this report from others that focus on improving risk management using traditional concepts,tools, and ideas that always have been and will continue to be inherent and very relevant to the financial sector.

It is important to recognize that risk-taking is an integral part of many financial institutions’ business models.This is a crucial difference to some domains that we have examined. Also, we are well aware that outside domainsmay not provide ready guidance to all aspects of financial services (see Appendix). This report concentrates onstylized patterns and lessons that are potentially transferable to the financial sector while acknowledging thatno domain is perfect at managing risk or indeed fully comparable to financial services.

We further acknowledge that some of our commentary on the industry is by default overly generalized for reasonsof brevity. We do realize that no two financial institutions are identical: relative performances during the crisis haveborne that out. We ask readers to keep these caveats in mind if, at times, what we depict or suggest does notresonate with what they know from their own institution’s vantage point.

Letter from the Steering Committee


Our goal is to provide food for thought rather than an off-the-shelf solution. Many of the outside practices weexplore are somewhat distant from conventional thinking. We are aware that some of our ideas will be controversial.We therefore do not necessarily speak of them as “recommendations.” Instead, we hope that our report willinspire a fruitful discussion between those stakeholders that have an interest in a more resilient financial system:policy-makers and supra-national bodies at a global level, regulators and governments at a national level, andsenior managers at a firm level. It is our intention to stimulate, provoke, and challenge – and by doing so tohelp transition the financial system to a more resilient and less failure-prone state.

The Steering Committee and the Working Group would like to thank those individuals who generously gavetheir time to support this project. We hope that all will find our report as stimulating to read as we found it toresearch, debate and write.

Steering Committee Co-chairs

Lázaro Campos Axel LehmannChief Executive Officer Chief Risk OfficerSWIFT Zurich Financial Services


The recent financial crisis exposed many weaknesses in risk management in financial services. Issues aroundincentives, governance and culture at many market participants have been well documented and need no furtherdiscussion. However, the trouble ran deeper than that: reading any account of the last years’ events that broughtthe financial sector to the brink of collapse, it is obvious that many of the actors ‘flew blind,’ with neither adequateinformation nor preparation. Moreover, what was good for an individual firm or country in the short term wasnot necessarily good for the system as a whole in the long run. Regulators thought nationally, not globally, untilit was too late; firm, product and trading strategies became complex yet homogeneous, leading to a stampedeonce positions did deteriorate. While some of the decisions made under intense pressure have so far held upto the test of time, it is hard not to conclude that things could have easily been much worse.

Financial services is not the only domain with issues of system-wide stability or conflicts between the individual(short-term) and systemic (long-term) good. In this spirit, seven domains outside financial services were analyzedwith the belief that their risk-management techniques might hold lessons for finance. The findings were groupedinto three non-mutually exclusive areas of focus: (1) system-wide perspective, (2) transparency and informationflow, and (3) governance and culture.

(1) System-wide perspective:

Drive diversity. Homogeneous systems are less resilient than diversified ones. For example, in 2007, a viruskilled millions of farmed Chilean salmon. The fish had been farmed at high density, treated with similar antibioticsand subjected to similar preventive measures. They were, therefore, all vulnerable to a single threat. Applyingthis lesson, financial institutions could encourage diverse and contrarian approaches towards modelling riskand selecting business strategies. Competitive forces would make this difficult to achieve at an institutional level.Regulators could, therefore, encourage variation in institutions’ risk management approaches and increasecapital charges for systemically crowded high-risk/high-return business strategies (this initiative would need tobe carried out with sound understanding of the strategies, rather than as a blanket measure). In promoting alevel playing field one should recognize that diversity in risk management is important and complete regulatoryconvergence should be avoided. The overall approach towards achieving diversity in financial services shouldbe based on broadly agreed principles as opposed to strict one-size-fits-all rules.

Simulate system disasters. The World Health Organization (WHO) helps nations develop action plans activatedby the global pandemic alert level and encourages simulations and real-life rehearsals to prepare for crises andto improve planning. Pilots train extensively on realistic flight simulators to prepare for emergency situations.Similarly, the financial services industry should put more emphasis on creating and rehearsing contingencyplans for large systemic events across institutional and national boundaries. Such plans and simulations shouldbe realistic and concrete and should address not only short-term operational concerns, but also longer-termstrategic issues.

Manage “fire”. Since forest ecosystems need fire to rejuvenate, some wildfires that do not endanger humanlives and property are allowed to burn out. Controlled burning is also conducted selectively to reduce fuel build-up.The parallel in financial services could be that failure of some individual institutions is acceptable, even desirable,for the overall system, and therefore government guarantees should be limited. In addition, the financial servicesindustry could consider developing “fire breaks” to contain incidents locally and prevent system-wide spread.One such measure, as suggested by the United Kingdom Financial Services Authority (FSA) is to require institutionsto create “living wills” so that, if necessary, they could be wound down with minimal impact to the system.

Executive Summary


(2) Transparency and Information Flow:

Aggregate system-wide data. The aviation regulator in the US conducts a collaborative government andindustry programme known as the Aviation Safety Information Analysis and Sharing programme (ASIAS), whichaggregates national aviation incident reports and safety data. The programme provides a comprehensive andconsistent data environment that enables systemic issue analysis and identification. This ultimately helps detectsystemic issues earlier and more effectively. In financial services, large amount of data is already collected fromfinancial institutions, but this data is not aggregated or exploited for systemic issue detection. On its own, theaggregation of data will not increase the resilience of the system. Therefore, the industry should first focus on“asking the right questions” in order to determine a set of critical systemic stability indicators that could contributeto an efficient early-warning mechanism. Development of these indicators should be adaptive to keep pacewith technological and financial innovation, and could work alongside efforts to enhance data mining andmanagement techniques.

Scrutinize complexity. The pharmaceutical industry conducts in-depth studies to analyze the efficacy, sideeffects of, and interactions between new drugs .The fishery industry models the effects of fishing on the ecosystemas a whole, and restricts methods that also kill untargeted (or “by catch”) species. Similarly, the financial servicesindustry could mandate deeper and broader assessments of the impact of new products and business strategieson financial markets. These assessments would look beyond the direct impact and explicitly target the secondand third order effects. Regulators could then consider performing “unintended consequences” studies on productsthat breach system-wide threshold volumes, and could be empowered to restrict volumes if the products weredeemed potentially unsafe to the system. Obviously, such restrictions would have to be set with a deep technicalunderstanding of the products.

Innovate transparently. In immunology, pathogens that mutate before the adaptive immune response cankick in are particularly dangerous, as the immune system perpetually lags the pathogen’s invasion. Moreover, ifthe host immune system misinterprets the nuances of the new strain, it may be deceived by apparent familiarityand gear up to fight an old strain. Similarly, financial institutions and regulators should be wary of rapidly “mutating”products by carefully monitoring instruments with exceptional growth and variation. They must also make surethat established risk management techniques continue to apply when “new strains” have developed. In thetelecommunications industry, the best practice is to write simple code in discrete modules so that system-wideerrors are hard to make and easy to find. The financial services domain could consider instituting a standardizedmodular nomenclature covering all products so that their risks could be better decomposed and understood.New products originally seen as complex and “leading edge” do generally become more standardized as volumesincreased, suggesting that it is not impossible to break down complex products into simpler components.

(3) Governance and Culture:

Look for trouble. The World Health Organization utilizes web crawlers and an extensive informal human networkto seek out emerging infectious disease outbreaks, especially unfamiliar ones. This enables early detection andtherefore swift mitigation. In immunology, white blood cells constantly circulate in the human body, seeking dangerouspathogens. The financial services industry should encourage and adopt a culture of actively searching for emergingthreats at both the institutional and system-wide level – “looking for trouble” – and in addition respecting individualswho raise warning signals. Institutions and the industry could create dedicated teams to proactively investigateinstitutional and systemic risks and continuously experiment with new warning-indicators.


Value experience.Wildfire fighters value the experiences of those who have fought very large fires, and document theirstories. Airline companies and regulators conduct in-depth analyses on all accidents and near-misses and convertthe lessons learnt into new regulations and procedures that improve safety. Similarly, the financial services industrycould emphasize the value of experienced employees (both at institutions and regulatory bodies), improve their retention,and have a cadre “on call” to respond when a new crisis occurs. In order to ensure that lessons from past crises arepassed down, institutions should carefully analyze events and document and aggregate experiential testimonyfor training new generations.

Empower the front line. Pilots, co-pilots, and mechanics can delay a take-off if they deem the aircraft to be unsafe.In the cockpit, co-pilots are encouraged to raise safety issues. Front-line wildfire fighters are empowered to maketactical decisions at the fire scene. Similarly, financial services institutions could consider further encouraging front-linerisk managers and business-unit employees to take charge of local risk management issues, and raise alarms withoutfear of retribution. Since the financial services industry (in theory) already has much of this capability in place, upgradingit is more a case of reinforcing the existing framework than radically redesigning the process. As an example, seniormanagement could explicitly reward proactive flagging and management of risk issues, improve channels foranonymous reporting, and communicate that consistent smooth sailing would be considered ‘too good to betrue’. Clearly this will require an appropriate set of incentives.

The adoption of one or more of the suggestions could aid in strengthening the financial services industry as awhole. In assessing appropriateness of the suggestions, it might be helpful to consider a framework that looksat the nature of a risk event (exogenous shock vs. endogenous systemic malfunction) and its consequence(large non-systemic event vs. systemic melt-down). Depending on what the reader is trying to combat, someanalogies are more powerful than others. For example, many risk management practices in aviation try to avoidlarge non-systemic events such as plane crashes, and have limited consideration for the system as a whole(other than where events pertain to a component or process affecting many aircraft).1

While the financial system appears to be stable for the immediate future, the financial industry should pause andreflect on past risk-management practices and actively explore potential changes that could be made goingforward. The following questions are critical:• How can the industry make the proper trade-off between information protection and disclosure as it seeks toenable system-wide risk monitoring and management?

• How can the “rejuvenation” and safety of the financial system be balanced without either creating moralhazard or system fragility?

• Is the industry on the right track with the current regulatory approach? How can the benefits and vulnerabilitiesassociated with regulatory convergence be balanced?

• How can the industry adapt (structurally and culturally) to new threats and innovations of the future, giventhat it does not yet know the products, the markets, the players, and the consumers of the future?

• Given that the next crisis is very unlikely to be prevented by a central controller, how can the industry resist the temptationto “solve” stability issues by over-centralisation and instead strengthen the resilience of individual systemic nodes?

The implementation of any needed changes will neither be easy nor can it happen overnight. Some require aphased approach; others require voluntary initiatives from the private sector; yet others require regulatory mandates.Above all else, international and cross-industry cooperation and trust are crucial to achieving system-wide resilience,and it is in this spirit that this report has been researched and written. The project team thanks those who havecontributed to this effort, and looks forward to the ongoing debate.

1 The Project Background and Approach section in the Appendix of this report provides a detailed framework


1.1 Introduction

Managing risk in a complex environment requires a comprehensive view of the entire system. Leading up to therecent crisis, many financial institutions had similar risk exposures, although this fact was not widely deemedimportant. Institutions held near-identical classes of investments, most used a high degree of leverage, and manyfinanced themselves through short-term funding. Thus, when liquidity receded following the collapse of housingprices and subsequently of financial assets linked to mortgages, many institutions suffered losses simultaneouslyand sought to close similar positions. As these institutions had similar funding structures, risk-managementpractices, and mitigation strategies, it was as if someone had yelled “Fire!” in a packed theatre, and all ran tothe same exit.

Global regulatory uniformity also encouraged homogeneity, particularly concerning the reliance on rating agencies.Regulation in all major financial centres allowed the same solutions to reduce capital (such as through conduitsand structured investment vehicles). Moreover, many practitioners relied on historical correlations of individualunderlying risks to calculate diversification benefits, forgetting correlations could change in a stress scenario.

In addition, financial institutions and investors had become accustomed to the idea that governments wouldarrest severe market downturns and, as the rescue of Long-Term Capital Management (LTCM) illustrated, interveneto mitigate the impact of failing institutions. Markets may have even assumed, rightly so to some degree, thatan institution could be “too big or too interconnected to fail.” Some participants considered that tail risk wasidiosyncratic in nature, effectively denying the existence of systemic risks.

Ultimately, neither regulators nor the industry were prepared for a systemic crisis. Most regulators had failed todevelop a system-wide perspective and were still figuring out contingency plans as the crisis unfolded. At theinstitutional level, most senior management teams had never experienced a significant crisis. They operatedunder the belief that a system-wide crisis would never happen. Although sound decisions were eventually madethat helped bring the system back from the brink, the danger should have never been permitted to develop.

How does the industry construct an all-encompassing, system-wide view, and enhance the resilienceof the global financial system?

The financial services domain could (1) drive diversity (as homogeneous systems are less resilient), (2) simulatesystem disasters, and (3) manage “fire” (to maximize system resilience).

1.2 Drive diversity

“Increases in complexity did not come with more diversity. On the face of it, market participantslooked more and more different in their legal status, investment strategies, and business objectives.It has now become apparent that, behind these veils of diverse colours, there was a profounduniformity in the approach to risk, its measurement, its management, as well as in the drivers ofrisk appetite. This uniformity had very destabilizing consequences.”

Jean-Pierre Landau, Deputy Governor, The Bank of France, 8 June 2009 2

Chapter 1 – System-WidePerspective


Chilean farmed salmon suffered from a viral disease in a homogeneous environment

Chile is the second largest farmed salmon producer in the world. The industry is crucial to the economy andemploys tens of thousands of people. Thus, when a viral disease hit its salmon farms in 2007, killing millions offish, many plants had to be shut down. Thousands of jobs have been shed since the outbreak.

The viral disease, infectious salmon anemia (ISA), was first detected in Chile in 2007. ISA is a highly contagiousand lethal virus in the salmon population, but does not affect humans. It can cause severe anemia and haemorrhagesin salmon internal organs.

ISA is not a problem unique to Chile and has previouslycaused trouble in other countries, including Norway,Canada, and Scotland. However, the scale and speedof infection in Chilean salmon farms were unprecedented.Environmentalists have reported that Chilean salmonfarms yield (on average) 25 kilos of fish per cubic meter,compared to 15 kilos per cubic meter in Norway. Thisover-crowding further encouraged ISA, as its transmissioncould be aided by sea lice that plague overcrowdedfarms. In addition to saturated facilities, Chilean salmonfarms were characterized by close facility proximity,making disease control even more difficult.3

To combat diseases, farmers began to use a high levelof antibiotic treatment.4 Yet this step made the farmedsalmon as a whole more vulnerable to contagion inthe long run. When the outbreak occurred, the combi-nation of high density, close proximity and drug resis-tance resulted in rapid spread and catastrophicdamage.

2 Landau, J. “Introductory remarks by Mr. Jean-Pierre Landau at the Conference on “The macroeconomy and financial systems in normal times and in timesof stress”, jointly organized by the Bank of France and the Deutsche Bundesbank, Gouvieux-Chantilly”. Bank of International Settlements,http://www.bis.org/review/r090806c.pdf, 8 June 2009.

3 “Chile Government Recommends Salmon Crisis Measures”. The Patagonia Times, http://www.patagoniatimes.cl/index.php/20080609542/News/Salmon-News/CHILE-GOVT-RECOMMENDS-SALMON-CRISIS-MEASURES.html, 9 June, 2008.

4 “Salmon Virus Indicts Chile’s Fishing Methods”. The New York Times, http://www.nytimes.com/2008/03/27/world/americas/27salmon.html, 27 March 2008.


Robust Systems: Heterogeneity, Redundancy, and ModularityBy Simon Levin

In complex systems, strong non-linearities may lead to the magnification of disturbances, thereby to lossof robustness and to regime shifts. Examples include desertification, eutrophication, and disease outbreaks.Economic analogues include market collapses and recoveries, bank runs, and shifts in social preferences.

Sudden transitions are driven by feedbacks. Positive feedbacks, which directly enhance perturbations,are clearly destabilizing. Each new case in an epidemic has the potential to cause others. Less intuitively,strong negative feedbacks, which initially correct deviations, can destabilize, as in the collapse of thedynamically unstable Tacoma Narrows Bridge.

Robustness hinges on the balance between heterogeneity, redundancy, and modularity. Heterogeneityrepresents adaptive capacity, the ability to find new solutions in the face of change. Genetic heterogeneityis the essential ingredient on which natural selection acts. However, redundancy, which trades off in obviousways against heterogeneity, also confers robustness, compensating for the loss of key elements. In 2004,a lack of robustness was evident when one of the major suppliers of flu vaccine to the United States


could not deliver. Fortunately, the flu season was mild. Finally, modularity creates both barriers to theuncontrolled spread of disturbance and building blocks for recovery after disturbance. Diseases mayspread rapidly within particular risk groups, like drug users, but then slow down because of the modularnature of social contacts. Forest fires are contained through fire breaks, which confer modularity. Similarly,the recent economic meltdown can be attributed, in large part, to the excessive over-connectednessof the banking system – that is, to an absence of sufficient modularity – as well as to the absence ofheterogeneity and redundancy.

Simon Levin, PhDMoffett Professor of BiologyPrinceton University

Application to financial services

Prior to the financial crisis, many financial institutions were running similar business and risk management strategiesat the product-line level. As evidenced by players’ relative performance through the crisis, only a few institutionswere pursuing a more diversified approach. Indeed, many institutions were simultaneously building large positionsin structured credit products derived from the same underlying asset classes, utilizing short-term money-marketfunding, and making risk management decisions with similar assumptions and techniques. Capital requirementswere calculated under similar methodologies, with similar underlying models. Reliance on external credit ratingswas pervasive. When the U.S. sub-prime housing bubble burst, financial institutions with the same vulnerabilitiesall went for the same exit door. The financial services industry needs to rethink how it can foster diversity inorder to make the system more resilient.

Indeed, while some measure of emotional comfort can come from herding, financial institutions should avoidcrowded business strategies and vary modelling assumptions for risk management. Boards, executives andinvestors should think for themselves rather than implementing me-too strategies and obsessing with benchmarks.It is understandable that when everyone is judged on relative performance financial institutions should seek tocompare themselves, but just copying strategies (or even trading positions) is not healthy for either the organisationor the system. As it turned out, many institutions assumed that super-senior tranches of collateralized debtobligations (CDOs) were safe based on their AAA credit rating. This view failed to account for the fact that theratings were based on precarious assumptions about default risk, house prices, and cross-correlations amongthe risks of the underlying assets. Financial companies also kept large inventories on their balance sheets, andultimately suffered substantial losses – failing to recognize that there would be a penalty on homogeneity and aprize for diversity. Thus, financial institutions should seek diverse and contrarian approaches and opinions interms of risk modelling, business strategies, and assumptions. The winners in the next crisis (as indeed in thelast) will be those organizations that get these difficult calls right.

Of course, when competitors are all apparently winning from a given strategy, and shareholders demand the samehigh level of return on equity, it is difficult for financial institutions to stand on the sidelines. It is also challengingfor them to strike the right balance between building consensus in decision making and encouraging variedopinions within their organisations internally.


Regulators should refrain from promoting complete systemic uniformity, and perhaps endeavour to encouragea larger degree of systemic heterogeneity. They could encourage institutions to manage risk with varied approachesand increase capital charges for systemically crowded high risk/high return business strategies (this initiativewould need to be carried out with sound understanding of the strategies, rather than as a blanket measure).Since homogeneity leads to shared vulnerabilities, counter-intuitive as it may seem, not all practitioners shouldadopt the same “best-practice” risk management techniques, methodologies and assumptions – both domesticallyand across borders. The trend of complete regulatory convergence is simply not desirable.

Although convergence leads to benefits such as the interoperability and comparability of institutional financialhealth across jurisdictions, homogeneous supervisory practices create a future selection bias, exposing thefinancial system to as yet unknown threats. Although differences in regulatory approaches could lead to “arbitrage,”properly-managed diversity can help close loopholes and make the system more resilient in the long-term.

Needless to say, a balkanization of regulatory regimes could be equally (if not more) detrimental to the stabilityof the global financial system. One of the problems leading up to the recent financial crisis was that the demarcationbetween various players in the financial market had become blurred Commercial banks began behaving likeinvestment banks and hedge funds – creating a large shadow banking system – and certain insurers startedbehaving like banks. Consequently, levelling the playing field according to outdated institutional demarcationlines is inefficient and potentially a source of systemic risk. A more promising approach would be to regulateand supervise according to functional and activity lines that better reflect the fluidity in the modern financial world.In other words, regulation should emphasize a principles-based and behavioural approach over a rules-basedand institutional approach.

1.3 Simulate system disasters

“As the crisis developed, in too many instances supervisors (…) were not prepared to discusswith appropriate frankness and at an early stage the vulnerabilities of financial institutions whichthey supervised. Information flow among supervisors was far from being optimal, especially in thebuild-up phase of the crisis. This has led to an erosion of mutual confidence among supervisors.”

De Larosière Report to the European Commission, February 25, 2009 5

The WHO sets the global alert level to activate national contingency plans

On April 27, 2009, considering cases of H1N1 in the United States, Mexico, and Canada, as well as potentialspread to other nations, the WHO raised its global pandemic alert level from 3 to 4. On April 29, nine countrieshad officially reported 148 cases of H1N1, including one death in the United States and seven in Mexico. Level5 alertness was declared. A month and a half later, on June 11, the highest alert level, level 6, was activated asalmost 30,000 confirmed cases were reported in 74 countries.6

5 The de Larosière Group. “The High-Level Group on Financial Supervision in the EU Report”. http://ec.europa.eu/commission_barroso/president/pdf/statement_20090225_en.pdf, February 2009.

6 World Health Organization, http://www.who.int/, 2009.


The WHO is responsible for setting global pandemicalert levels, which correspond to actionable responsemeasures based on the current degree of epidemicspread. These levels refer solely to spread of theinfection, not to its severity or potential deadliness.Levels 1 through 3 indicate that the disease residespredominantly in animals with limited human infection.Level 4 indicates a sustained level of human-to-humantransmission. Levels 5 and 6 indicate widespreadglobal human infection.7

Member states are encouraged to develop specificaction plans to manage epidemics in their region.These plans typically activate based on shifts in theglobal pandemic alert level. The WHO builds toolsto support nations in developing detailed responseprocedures. Action-plan categories are organized byplanning and coordination, situation monitoring andassessment, communication, reduction in the spreadof disease, and continuity of health-care provisions.

The WHO also encourages nations to test their plans, outlining three types of simulations8: (1) table-top exercises,in which major stakeholders discuss scenarios and how they should respond; (2) functional exercises, in whichseveral entities complete simulations for a given scenario without deploying resources; and (3) full-scale exercises,in which participants enact scenarios as realistically as possible. These exercises involve all participants outlinedin the plan – ideally from multiple nations and regions – and include deployment of resources. The lessons fromthese simulations can then be used to modify and improve overall crisis plans.

Pilots simulate disasters

Pilots train extensively on flight simulators to prepare for multiple emergency scenarios, including severe (yetinfrequent) events. These simulators vividly recreate real-life situations using visual cues, motion sensors, andactual cockpit tools. Pilots feel like they are experiencing a critical event, such as facing an engine failure inconjunction with an electrical system malfunction while attempting to land in a storm.

Most commercial pilots are required to log a minimum number of simulator hours every year to stay up-to-dateon procedures. In some countries, pilots must be re-evaluated and re-trained on simulators every six months inorder to keep their licenses.

7 “WHO pandemic phase descriptions and main actions by phase”. World Health Organization, http://www.who.int/csr/disease/influenza/GIPA3AideMemoire.pdf, 2009.8 “Considerations on exercises to validate pandemic preparedness plans”. WHO, http://www.who.int/csr/disease/influenza/ExerciseConsiderations.pdf, 2009.


Source: Courtesy of Thomson Reuters

Practitioners in the Telecommunications industry develop contingency plans

Telecommunications providers also make detailed contingency plans for emergency situations. These plans aretailored to specific regions since the probability of various threats – especially those related to weather – differby geography. There are also generic contingency plans that providers put in place. For example, if the centralcontrol room shuts down, mobile trucks with operating equipment can be used to avoid network failure.


During the course of the recent financial crisis, a series of financial institutions faced bankruptcy. In each casethe response of regulators and the government differed: some were bailed out while others were propelled intoshotgun marriages. In September 2008 it was Lehman Brothers’ turn. The Federal Reserve Bank of New Yorkcalled in prominent financial CEOs to figure out a plan. However, the government declined to rescue the firm,and potential suitors backed away. Lehman Brothers had to declare bankruptcy, the largest in US history.When the markets opened the following Monday, trust had disappeared and trading froze. This took marketparticipants and regulators by surprise and almost led to the collapse of the global financial system. Reflectingon this ‘near miss’, the financial services industry could benefit from better preparation for severe events andsystemic crises, utilizing detailed contingency plans based on associated simulations.


When creating sweeping contingency plans, it is important to understand what each party is responsible forregulating, so that all angles are covered. Equally, it is also important that institutions and regulators acrossjurisdictions coordinate efforts. All should agree on a priori protocols concerning how to collaborate in the faceof a large-scale crisis and test those through realistic simulations. At the extreme, the industry could explore thepossibility of publishing these plans – sanitized for corporate confidentiality where necessary – to help engendertrust in the stability of the system.

Contingency plans need to be simulated to ensure they are applicable and implementable. Simulations shouldnot only address operational concerns such as infrastructure failure or natural disasters but also strategicissues such as capital, buy/sell activities, and shifts in management/ownership – possibly involving multipleinstitutions and across jurisdictions. Simulated crisis scenarios should of course be highly realistic, like flightsimulations, and could be run with “fake feeds” when markets are closed (such as over a weekend), similar tothe disaster recovery exercises that financial institutions already conduct. Such “fire drills” could highlight potentialvulnerabilities, and increase preparedness for systemic events. The lessons learnt from such simulations wouldof course be incorporated into contingency plans.

1.4 Manage “fire”

“The Government’s macroeconomic framework has delivered unprecedented stability, with 62consecutive quarters of GDP growth in the UK – the longest sustained expansion on record.”

Gordon Brown, John Hutton, Alistair Darling, March 2008 9

Wildfire fighters manage fire risk by controlling the fire’s environment

For most of the twentieth century, full fire suppression was the official policy in the United States. After 79 wildfirefighters were killed in a fire in the Southern Rockies in 1910, the U.S. Forest Service adopted a zero tolerancepolicy. In 1933, after another large wildfire in Oregon wiped out three million acres of forest, the strict “10 (acres)by 10 (a.m.) rule” was instituted, requiring all fires of over ten acres in extent to be extinguished by 10 a.m. theday after they had broken out.

However, nature needs to burn. In fire-prone climates, fire is part of the ecosystem. Organisms have evolvednot just to cope with fire, but to depend on it. Fire reduces fuel loading, clears land for new shrubs and flowersto grow, and attracts birds that do not inhabit trees to nest in burned areas. It removes forest litter that nurturesinsect infestation and kills diseased trees.

9 Brown, G, Hutton, J, Darling, A. “Enterprise – Unlocking the UK’s Talent”, HM Treasury Department for Business Enterprise & Regulatory Reform,http://www.berr.gov.uk/files/file44993.pdf, March 2008.


Decades of full fire suppression in the United States resulted in significantly harmful landscape alteration.Therefore, in 1978, the U.S. Forest Service revised its wildfire policy to be consistent with land and resourcemanagement objectives. Today, wildfire fighting has evolved into wildfire management. Wildfires that do notthreaten human lives and property are left to burn out. Furthermore, prescribed burning – igniting small firesintentionally to reduce fuel build, create fire breaks, and clear land – has been affirmed as an appropriate fire-management practice.10

Prescribed burning is highly controversial, however, and requires balancing the interests of multiple stakeholders.Wildfire is hard to control. Wind direction and weather patterns can change suddenly, spreading the wildfire andpotentially causing a much larger fire than intended. Fire management politics have become more complicatedas real estate development has encroached on forests that border urban areas. Prescribed burning efforts inthese regions can interfere with highway traffic and make residents ill at ease.

10 “Fire Ecology Eco-link”, Temperate Forest Foundation, http://www.forestinfo.org/Products/eco-links/Fire-Eco2.PDF, 2002.


Creative Destruction in Nature’s EconomyBy Stephen J. Pyne

In recent decades, the realization has grown that fire is not something that happens to biotas from theoutside like a flood or an ice storm. Rather, it is an integral process that many biotas expect and need.Simply put, fire recycles nutrients, rearranges ecosystem structures, and recharges landscapes thathave fallen into lethargy. It is the quintessential agent of creative destruction in nature’s economy.

People had long recognized this fact, and had used controlled fire in domains such as hunting, foraging,herding, and farming. But industrialization, particularly when combined with colonization, shook up theseancient arrangements. Fire came to be perceived as mostly destructive, and state-sponsored conservationintervened. Officials misidentified fire, qua fire, as an agent of damage and sought to suppress it. At first,this movement seemed to succeed. Over time, however, it became apparent that burning could not beabolished and that even the attempt to do so was disruptive and led to even greater damage.

Successful programmes have thus shifted from fire suppression to fire management. Agencies appreciatethat they cannot just shut down fires, nor can they simply stand by and let a transcendent nature haveuntrammelled sway. Accordingly, many agencies fight fires only when wildfire threatens life and property.They allow fires some room to roam when flame and smoke do not pose hazards to people or hard assets.They deliberately start fires to stimulate ecological benefits and to compensate for past suppressionprogrammes. Also, they seek to shape the general landscape so that whenever fires occur – whether byaccident, arson, or lightning – they will have properties that promote fire’s benefits and lessen its costs.

It’s a tricky business, to be sure. But the concept that techniques must be mixed and that fire cannot beremoved from land management overall provides a strong analogy to the economic crises of recent years.

Stephen J. Pyne, PhDRegents’ ProfessorSchool of Life SciencesArizona State University

Author of over 20 books including Year of the Fires: The Story of the Great Fires of 1910 and Tending Fire: Coping with America’s Wildland Fires.


While many banks have failed in the past, this reality was far from the public mind in the years leading up to therecent crisis. Recent government intervention, including explicit and implicit bailouts such as LTCM and BearStearns, made many financial practitioners believe that the government would bear the consequences of poorinstitutional risk management. In order to change this perception, it is essential that governments and regulatorsallow institutional failure or creative destruction as part of a necessary, rejuvenating process.


Simply put, national governments could actively manage financial fires that are burning. Of course, it is alsoimportant to try to contain fires locally and prevent broader spread. A potential example of such a fire break isa “living will,” as suggested by the FSA.11 If all else fails, a living will can be activated to minimize the impact ofan institutional failure on the financial system as a whole. In order to be effective, such a will would need to beupdated regularly to reflect the pace of business change among successful industry participants. Regulatorswould need to set incentives (such as capital relief) to ensure that institutions take preparation efforts seriously.In the spirit of a level playing field, they also need to watch out that transparency around such living wills doesnot unfairly penalize some institutions, for example via reduced credit ratings. On the other hand, just as firebreaks restrict the size of forest fire, taken to the extreme, this could mean some entities too big to fail need toshrink – which should be evaluated on a firm-by-firm basis, taking into account its management structure andcapabilities. Extreme care needs to be taken around defining an appropriate time horizon for such changes.If unchecked, such side effects could lead to the very type of destabilizing shock that the measures aim to prevent.

What is more, arbitrage within the legal framework could help identify vulnerabilities in the system. It could weedout weak practices and players that could potentially contribute to another systemic crisis. Allowing arbitrage(even of the regulatory kind) is analogous to a small fire, and can be systemically helpful as long as appropriatemonitoring is in place and quick counteraction available if needed.

In other words, small fires are essential to the overall health of the financial system. Indeed, the absence ofsmall institutional failures in a certain business niche could be seen as cause for concern rather than evidenceof stability. Of course, it will at times be difficult to differentiate what is truly a “small fire” from a situation thatcould degenerate into a systemic event.

11 “FSA’s Turner backs living wills for banks”. The Financial Times, http://www.ft.com/cms/s/0/d67f2976-9805-11de-8d3d-00144feabdc0.html, 2 September 2009.



Chapter 2 – Transparencyand Information Flow

2.1 Introduction

In finance, information advantage often translates into profit opportunities. However, when the pendulumswings too far, asymmetric information can create conditions for systemic meltdown and catastrophic valuedestruction.

Prior to the recent crisis, simple products were packaged into complex structured products (such as singlemortgages into CDOs, and from there into CDO-squared). This was often done with good reason, and solvedgenuine risk-management problems for clients. However, in the absence of necessary transparency, such complexinstruments made traditional risk assessment and portfolio aggregation more difficult. For example, a specificindividual mortgage will, over its lifetime, behaviourally and dynamically “select” which tranche of the CDO it ispart of. Although product specifications were documented, few customers, practitioners, or regulators couldtruly understand the details involved even if they had taken the time to read them. Thus, institutions had difficultymanaging the associated risks, and some institutions did not even know their own risk exposures.

Securitization was originally intended to spread risk across the financial system to institutions that were willingand better able to hold the risks. However, when the usage of some structured products “mutated” from theiroriginal intent (e.g., from risk management to yield enhancement), complexity grew - blurring the boundariesbetween risk origination and risk ownership and complicating accountability for risk management. Few couldunderstand where the risks truly resided in the system.

Packaging complex products as off-balance-sheet, special-purpose vehicles exacerbated the problem, hidingultimate liabilities from the market. Investors and regulators could no longer discern institutional risk exposure.Moreover, different accounting standards, regional exemptions for capital treatment (e.g., domestic lendingportfolios), and a large, less-regulated “shadow banking” sector made it nearly impossible to get a consistent,system-wide view of overall risk.

Thus, in the period leading up to the financial crisis, there was insufficient transparency in the financial system;no one was really aware of the aggregate system-wide risk (e.g. total credit derivative exposure, overall leverage,counterparty interconnectedness). The industry did not or could not fully understand institutional and productinteractions. What started off as the bursting of the sub-prime housing bubble in the United States evolved intoa global, system-wide liquidity problem and ultimately turned into a solvency crisis for some financial institutions.The speed and ferocity of this evolution caught most industry practitioners and regulators by surprise.

The lack of transparency and insufficient consideration of complex interactions prevented virtually everyonefrom fully comprehending cascading effects at the systemic level. Regulators did not see the need to intercedeearlier or knew how best to address the situation when they did react. Also, adaptations in regulations, alongwith the processing of information relevant for supervisors, significantly lagged behind innovation and industryevolution.

How does the industry increase transparency, thereby reducing the odds of a systemic meltdown?

The financial services domain could (1) aggregate system-wide data, (2) scrutinize complex products (consideringsecond- and third-order systemic effects), and (3) innovate transparently.


2.2 Aggregate system-wide data

“The task of a systemic regulator will be superhuman without the transparency and tools to instilmarket discipline. The trouble with the old system is it is too easy for institutions to deny problemsthat allow systemic risks to fester and grow. This denial contributed significantly to the distrust thatfroze the system.”

Lloyd Blankfein, CEO, Goldman Sachs, 13 October, 2009 12

Aviation aggregates incident data to enable systemic safety analysis

Aviation is a highly complex system. Since plane crashes can cause many deaths, there is zero tolerance forsafety risk in aviation. Over the past 50 years, practitioners have greatly improved safety by intensely focusingon improving technology and learning from past incidents.

As accident rates began to plateau in the 1990s, theindustry has looked for new methods to continue toimprove safety in the new millennium. In the U.S.,many agencies collect aviation safety data, including,for example, the Federal Aviation Administration(FAA)’s Aviation Safety Action Program (ASAP) andNASA’s Aviation Safety Reporting System (ASRS). Theseprogrammes rely on voluntary reporting of incidentsand near misses by commercial airlines and by individualaviation professionals; they have processed aroundone million incident reports to date. To encouragereporting, all reports submitted are de-identified sothat names of individuals and carriers are secure. Atthe individual airline level, many operators also collectand analyze flight operation data, or what is calledFlight Operation Quality Assurance (FOQA) data, toimprove aviation safety. Nevertheless, since multipleindependent efforts are involved, the data are oftenfragmented and not very effective at unravelling deepand complex systemic issues. Therefore, to addressthis problem, the FAA developed the Aviation SafetyInformation Analysis and Sharing (ASIAS) programmein 2007.

12 “To avoid crisis, we need more transparency”. The Financial Times, http://www.ft.com/cms/s/0/3de2aab8-b78f-11de-9812-00144feab49a.html,13 October 2009.


The ASIAS programme is a collaborative government and industry initiative allowing national aggregation ofexisting aviation safety data from different data sources. It also complements incident and flight operation datawith contextual information on weather, terrain and air traffic control. By combining isolated data sources, theASIAS programme provides a comprehensive and consistent data environment that enables systemic issueanalysis and identification.

Additionally, the ASIAS board – a mix of public and private constituents including the FAA, NASA, engine andairframe manufacturers, airlines and pilot unions – flags specific issues and employs analysts to dive into datain search of answers. Ultimately, through more extensive data sharing and better safety information extractionfrom the data, the goal is to more effectively detect potential systemic safety issues before they occur and tomitigate them.

13 Basehore, M. “National Transportation Safety Board, FAA Presentation - ASIAS”. National Transportation Safety Board,http://www.ntsb.gov/Dockets/Aviation/CEN09MA142/426930.pdf, 23 September 2009.


ASIAS ProgrammeBy Margaret Gilligan

Aviation is one of the safest human endeavours, yet the industry is always looking for ways to identifyrisk – as well as to eliminate, mitigate, and manage it. Because commercial aviation accidents are sorare and random, we cannot wait for the risk to manifest itself in a system failure. We have to find waysto identify emerging risks before they cause catastrophes.

An industry/government initiative has been forged to collect safety data across the aviation community.Named the Aviation Safety Information Analysis and Sharing (ASIAS) initiative, it integrates data from manysources to accomplish several objectives. First, data can help determine whether a risk that occurs atone operator is common to other operators. Then, safety professionals can fashion mitigations that improvethe entire system. Second, data can measure whether the safety initiatives have been implemented andare having the intended effect of improving safety. Ultimately, data analysis can uncover risks that no onehas yet identified and allow the community to develop safety improvements. It has been said that ASIASis the closest thing to a “crystal ball” that the aviation safety community will ever have.

While this initiative is just getting underway, we have already seen its potential. It enables analyses thatintegrate pilot reports as well as data collected on aircraft, routes flown, air-traffic procedures, and topo-graphy. It has shown that we can improve pilot training, aircraft automation, and air-traffic practices toenhance safety. It is a multidimensional solution that has addressed potential risk in many ways.

Margaret GilliganAssociate Administrator for Aviation SafetyUnited States Federal Aviation Administration


There are clear differences between aviation and financial services from a risk management perspective. Mostpertinently, taking risk is undesirable in aviation, whereas it is a vital part of the business model in many areas offinancial services. However, both industries generate large amounts of data in their operations and rely on it tomanage risk.

Financial services firms already process significant data volumes and share them with their regulators and otherparties (e.g., market and pricing providers). Similar to the aviation industry pre-ASIAS, this information is currentlyfor the most part fragmented and not consistently structured, ultimately preventing a coherent view of riskacross the system. During the recent crisis, it was therefore not possible to get a precise system-wide readingon key parameters of systemic stability, such as leverage, liquidity and counterparty connectedness.


The direct ASIAS analogy in financial services would be to create a complete system-wide database of transactionlevel data for every trade made to monitor risk. While such a deep and detailed data repository in the financialsystem is neither feasible nor desirable, the broader analogy has some merit, particularly with regards to how theaviation industry uses the aggregated data. We, therefore, propose a two-step approach for consideration: 1. Through a working group between regulators, experts from research institutions, and industry participants,

determine a framework of critical systemic stability indicators for which ongoing collection of data would bebeneficial (i.e. identifying the right questions to be asked). A starting point for discussions, based on lessonsfrom the recent financial turmoil, could be indicators including the following:

2. For those indicators, aggregate the relevant (which does not necessarily mean most granular) data to bothmonitor ongoing systemic risk, and allow deep-drill analyses in case of ‘near misses’. The exact nature of a‘near miss’ is harder to define in financial services than in aviation, but could include hedges that did notwork as intended, or losses in single product lines that, while significant, did not ‘bring down the house’. Thedata would have to be at a level of granularity appropriate for each indicator (e.g., aggregating the embeddedleverage in many derivative products). While ultimately the analyses need to be anonymous for competitivereasons, the data should be available to the analysing body on a named basis wherever relevant for measuringsystem connectedness.

To ensure that this effort is targeted it should apply to all financial institutions where systemic risk is accumulatedrather than to specific types of institutions (e.g., insurers or banks). This will ultimately allow treatment of similaroperations in the same way, while not trying to fit a solution to institutions where it does not apply. It should benoted that while building such a data collection will not be trivial, a lot of the data already exist (e.g., withexchanges, regulators, BIS, market data providers), and it will often be only a matter of improved coordinationand common taxonomy between data sources, rather than building systems from scratch. The move towardscentralised clearing for many products should also make this endeavour easier.

Some regulators are already going down this route in certain instances – e.g., the UK FSA is mandating near-livereporting of banks’ liquidity. The Financial Stability Board is engaging in an exercise that is similar in spirit towhat is described here.14 By getting the indicators (the ‘questions to ask’) right and moving away from blanketdata dumps, it is our hope that such efforts can be made both less cumbersome and more effective.

Indicator Rationale

Connectedness of counterparties Measure of potential for contagion

Leverage Key ingredient in most financial crises

Liquidity Expression of viability of systemic nodes

Significant changes in transaction volumesPotentially linked to product ‘mutations’ and crowded tradingstrategies

Concentration of exposures Monitoring the knock-on effects from price or valuation volatility


Ultimately, the information should be gathered and monitored at a global level, due to the global nature of financialmarkets. But starting the effort at a national level with all relevant institutions (particularly collecting ‘near misses’in a systematic fashion) will be initially more feasible and still be an improvement from today’s situation.

The practical details of such a scheme need to be further worked through and the industry’s concerns overimplementation need to be addressed. However, the experience in aviation (and that of the recent financial crisis,where system-level data were often unavailable at crucial moments) suggests strongly that such a repository, ifproperly constructed, will be of great value to maintaining systemic stability in financial services. When doingthis, it needs to be understood that simple product-level data composition will not enhance stability on its own –the data need to be complemented with systemic understanding (as expressed in “asking the right questions”).

It could be argued that crashing an individual plane is unlikely to cause a systemic issue in aviation, whereasfailure of a single financial institution can more easily be systemic (as proven by Lehman). So the ASIAS analogyneeds to be applied carefully – it is relevant where it identifies common components or procedures that, if leftfaulty, could cause a plethora of crashes and thus destroy confidence in air travel. In that spirit, the ‘near miss’concept in particular is very pertinent. Finally, this report does not propose that financial services and aviationshould converge to an identical regime of supervision and monitoring.

2.3 Scrutinize complexity

“The shortcomings of the originate-to-distribute model can be attributed mainly to the failure ofindividual players to develop a holistic view on the risks due to excessive focus on their narrow,individual perspective, losing sight of system-wide drivers of risk and interdependencies.”

78th Annual Report, Bank of International Settlement, 30 June 2008 15

The pharmaceutical industry seeks out adverse drug effects

Taking Paracetamol while drinking large quantities of alcohol could cause liver failure. Mixing some formulationsof Warfarin (used to reduce blood clots and prevent heart attacks and strokes) with Naproxen could lead toserious gastro-intestinal bleeding.

Drugs are used to treat diseases or alleviate symptoms. However, many also come with adverse (side) effects,some of them serious or even lethal. According to the U.S. Center for Disease Control (CDC), nearly 20,000Americans die each year because of unintentional drug poisoning, usually the result of harmful drug mixes.Such mixtures are now the second-leading cause of accidental death in the United States, after automobilecrashes.16

14 The Financial Crisis and Information Gaps – Report to the G20 Finance Ministers and Central Bank Governors,http://www.financialstabilityboard.org/publications/r_091107e.pdf, 29 October 2009

15 78th Annual Report. 30 June 2008. Basel: Bank of International Settlement.16 Paulozzi, L. “CDC Congressional Testimony: Committee on Energy & Commerce, Subcommittee on Oversight & Investigations, United States House of

Representatives”. Centers for Disease Control and Prevention, http://www.cdc.gov/washington/testimony/2007/t20071024.htm, 24 October 2007.


Drugs may have natural side effects (second-order effects) and also react differently when in contact with other drugsor environmental factors (second- and third-order effects). Pharmaceutical companies conduct extensive clinicaltrials to try to understand side effects and interactions by gradually increasing the sample size so that small or rareeffects and interactions are detected. However, since drug effectiveness is measured on average across a population(rather than for a particular individual), individual patients with particular health or disease traits may react differently.Some researchers now conduct pharmacogenomic studies which examine individual genetic variability in responseto a drug with the hope of enhancing the effectiveness of drug reactions and one day personalizing medicine.

Post commercial release, the sample size is much bigger (the entire consuming population) and the environmentis not controlled, so unknown interactions will surely occur. Pharmaceutical companies work with regulators todetect this (post-marketing) and change labelling information if needed. Regulators have begun requiring companiesto develop ex-ante risk management plans prior to product launch for certain new drugs deemed particularlycapable of producing side effects.

Since drug consumption can potentially be lethal, regulators have a critical role to play in product approval. Indeed,regulators are engaged at an early stage in the drug development process – which typically lasts eight to fourteenyears – and are the ultimate arbiters on whether a drug’s benefits outweigh its risks. Once a drug is approved,regulators impose strict labelling rules to ensure that potential adverse effects are clearly communicated.

Nonetheless, there have been cases in which drugs were withdrawn after launch because companies and regulatorsdiscovered adverse side effects. For example, Vioxx, an anti-inflammatory drug administered to millions of consumersfor five years, was believed to have caused between 88,000 and 139,000 heart attacks, of which about one-thirdproved fatal, before the drug was taken off the market.17

17 Graham, D., “Testimony of David J. Graham, MD, MPH”. United States Senate Committee on Finance,http://finance.senate.gov/hearings/testimony/2004test/111804dgtest.pdf, 18 November, 2004.


Fisheries management considers the overall ecological system

When a fishing vessel retrieves its net, along with the target species, other types of fish, or “by-catch,” oftenget caught in the web. In 2005, the Food and Agriculture Organization of the United Nations noted that theaverage proportion of the global catch discarded between 1992 and 2001 was 8%.18 Apart from being a sheerwaste of resources, by-catch can include endangered species such as sea turtles, sea lions, and dolphins.Similarly, when fishermen use certain deep-sea trawling techniques, they can damage the ocean floor anduproot coral reefs.

In order to avoid such second or third-order consequences to the ecological system, fishery managementagencies explicitly restrict certain fishing activities and techniques. For example, they require fishing nets to beof a certain type and length with specifically-sized holes.

In addition, scientists model fish stock levels and predict species behaviour as inputs to management decisions.Certain species such as blue fin tuna are more commercially valuable than others and naturally attract moreresearch. While scientists initially used single-species models, they gradually – realizing the importance of thepredator-prey relationship – began utilizing ecological models that consider all species in a given area.

18 Kelleher, K. Discards in the world’s marine fisheries – An update. 2005. Rome: Food and Agriculture Organization of the United Nations.


19 It is worth pointing out that in many countries, catch limits are determined by fishery councils incorporating inputs (including scientific inputs) from multiplestakeholders and experts. The catch limits are specified at maximum sustainable yield (MSY), a fixed equilibrium concept that stipulates the level at whichthe fish stock can replenish itself continuously.

Recognizing that fish are part of a larger ecological system, and especially after several fish-stock collapses,some fisheries are gradually learning the importance of sustainability. Indeed, over-fishing is a risk that needs tobe managed. Thus, in some fishery regions, an annual threshold called “total allowable catch” limits the overallyield for each species. The goal of this limit is to ensure that the population rejuvenates and sustains itself overtime.19 In some countries, within certain restrictions, quotas can be bought, sold, or leased to competing fishermen –an interesting analogy to the recent “cap and trade” schemes for carbon emissions.

The immune system screens out antigens that target “self”

One of the wonders of the human adaptive immune system is the astonishing variety of antigens that it canproduce. The immune system generates around a hundred million antibodies housed in the body at any onetime that can respond to the many variants of pathogens. However, some antigens mistakenly identify humancells as pathogens. Therefore extensive self/non-self screening is performed so that only antibodies that do nottarget “self” are released in the body. This prevents the second order effect of the body attacking itself.

Non-Linear Models: A Paradigm ChangeBy George Sugihara

Most models utilize idealized linear, stable equilibrium dynamics. These are acceptable in engineeringapplications where linear approximations around an equilibrium point are reasonable. This works, forexample, for springs and transistors. According to this view, systems can be decomposed into theirparts, and their dynamics are statistically stationary. The “fit” of a model to the underlying observations(post hoc correlation) is its main measure of merit.

However, what works for springs and transistors will not necessarily work for natural systems. Recentlythis paradigm has been challenged by the behaviors of non-engineered systems, such as the catastrophiccollapse of some fisheries and financial markets. Such non-linear behavior cannot come from stable linearsystems. Moreover many natural systems can show bursts of volatility that look anything but stationary,much to the chagrin of fisheries and financial risk managers.

Fields ranging from finance to environmental science are now recognizing that many real world phenomenaof interest are more accurately viewed as being part of a complex web of interacting parts that are fundamentallynonlinear – i.e., non-equilibrium, unstable, and non-stationary – in their dynamic behavior. At the leadingedge of research nonlinear state space models describe multiple “attractors” instead of single equilibriumpoints. These models use the accuracy of real-time prediction as their measure of merit, in place of simplepost hoc fitting or correlation.

It is hoped that these models will not only be more useful in real-world applications, but also give insightinto a whole class of general metrics that can tell whether a system risks transitioning into an unstableor catastrophic state. The benefits for monitoring systemic stability and enabling early counter-measurescould be immense.


Reflections on Cooperative Hierarchical Networks

Cooperative networks are common in nature, a classic ecological example being plants and their pollinators.While both plants and animals compete for resources within their respective groups, they also obtainmutual benefits across groups (nectar rewards for competing animals, pollination services for competingplants). Such cooperative-competitive networks also exist in the financial world – e.g., hedge funds andprime brokers, or retail stores and payment systems.

In cooperative ecological networks, hierarchies between generalists and specialists develop in which newspecialists associate with generalists (rather than other scarce specialists). Such nested specializationhas been shown to decrease overall competition in the system, thus allowing a larger number of speciesto co-exist than could happen otherwise. This results in a self-reinforcing mechanism in which the existinggeneralists gain more connections/size with every new specialist entering the system. The system growslarger as competitive feedback declines.

In biology, cooperative hierarchical networks can collapse if a generalist species dies out, thereby increasing thecompetitive intensity of the many specialists that are affiliated with it. This is the equivalent of a systemicallyrelevant institution collapsing in finance. Cooperative hierarchical networks can also, due to the abundanceof species they support, reach a level where they become too big for their environment and collapsedramatically – the equivalent of a global systemic crisis in finance. These analogies suggest that viewingfinance as an ecosystem and applying some of the associated scientific modelling – such as identifyingnetworks of counterparty risk and keystone institutions whose removal could cause systemic collapse –might well have merit for risk managers.

George Sugihara, PhDProfessor of Biological OceanographyMcQuown Chair Professor of Natural ScienceScripps Institution of OceanographyUniversity of California, San Diego


The crisis has shown that many financial institutions created complex and opaque products because such productswere usually associated both with higher margins and deeper client relationships through bespoke solutions.However, by their very nature, these offerings are difficult for general mainstream practitioners to understand.Many financial professionals thus had trouble managing the associated risks. It can be argued that the “sideeffects” of complex derivative structures were high leverage and opaque counterparty exposure, and that theseelements were unclear to many stakeholders.

At the institutional level, it is critical that senior managers mandate deeper and broader assessment of new-productbusiness strategies on financial markets beyond the products’ direct impact. Senior managers should questionhigh-order effects that products may have on other business units – even those that appear completely unrelated,such as retail or wealth management – as well as on customers and on the system as a whole, via a committeeof all product representatives in a firm.


Of course, individual institutions cannot necessarily see the impact of their products on the overall system. Inorder to allow for the possibility of such a systemic examination, it would be beneficial if the industry had a bettercoordinated data environment, as suggested earlier. This could lay the foundation to enable the analysis of systemicsecond- and third-order effects that cannot be easily carried out today.

As discussed above , pharmaceutical companies actively examine side effects and involve regulators early in theproduct-design stage on a “sign-off” basis. Although pharmaceuticals and financial services are different industries,the latter can in our view leverage the lesson of involving regulators early in the product-development processto help identify systemic second- and third-order effects. However, to preserve the financial services industry’sspeed of innovation, this needs to happen on an informational rather than a “sign-off” basis. Regulators willlikely need to upgrade their staffing levels and capabilities to engage meaningfully, but this would be a smallcost compared to that of a full-blown crisis.

Financial services regulators could perform “unintended consequence” analyses of complex new products oncethey have reached pre-determined aggregate volume thresholds. Equally, if a product is deemed “systemicallycritical,” it could be subjected to increased regulatory scrutiny. While the term “systemically critical” needs to bedefined by the industry, once a class of products reaches this status, regulators could proactively examine itspotential aggregate effect on the system. This could include regulators tracking where the potentially risky productsreside, whom the products could impact in case of adverse market conditions, and how interactions betweenproduct sets and market dynamics might play out. Furthermore, as in the example of fisheries management,financial-services regulators could (in principle) be empowered to limit product activities that are deemed to poseexcessive systemic risk. The caveat mentioned in “aggregate system-wide data” applies here also – simply lookingat product-level analyses without a systemic view is unlikely to be helpful or successful.

To enable a renewed and true working relationship for assessing side-effects, trust between regulators andpractitioners is essential. One way to jump start the process is by creating more public and private dialogue aroundhow to best create “positive transparency” as opposed to excessive intrusion into the industry’s operations tomerely appease some parties’ desire for tighter supervision for the sake of it.

2.4 Innovate transparently

“The cash flowing from mortgage payments into a single CDO had to filter up through severallayers. Assets were bundled into a pool, securitized, stuffed into a CDO, bits of that plugged intothe next CDO and so on and on. Each source of a CDO had interminable pages of its own docu-mentation and conditions, and a typical CDO might receive income from several hundred sources.”

The Economist, 22 January, 2009 20

The immune system is vulnerable to rapidly mutating pathogens

Some of the most dangerous pathogens, such as certain variants of plasmodium, the parasite that causesmalaria, are those that mutate faster than the human body can initiate an adequate, specific immune response.In these cases, the adaptive immune system perpetually plays catch up, producing antibodies for an old versionof the pathogen even as a new one launches a round of infection. Rapid change conceals a threat.

20 “In Plato's cave”. The Economist, 22 January, 2009


Other pathogens exploit a related loophole in our immune response: antigenic memory. After an infection by apathogen, the immune system will retain “memory” in the form of the cells that generated the specific antibodiesrequired to fight it. This allows rapid response should an identical infection occur in the future. However, somepathogens, such as the influenza virus, exploit this feature by emerging with slight variations each season. Ifthese differences are sufficiently slight, the immune system may not process and communicate the nuances ofthe new strain. White blood cells adapted to the old strain of the virus will reproduce and attack the intruder,but with diminished effect.

This is known as the original antigenic sin, in the sense that the original antigen is the template for fightingfuture infections. Thus, the immune system must be vigilant. Not only does it need to constantly watch for foreignintruders, some of them rapidly mutating, but once a threat is recognized the immune system must initiate anappropriately customised response. Public health authorities can assist as an “external immune system” withthe latter process by developing and distributing vaccines customised to the most recent variant of the virus.However the punch line is the same: Mutations pose problems for any immune system.

Telecommunications engineers “keep it simple” to increase transparency

The telephone system was originally an analogue network. Connections were point to point, routed through physicalexchanges by physical operators. Amplifiers were needed to boost signal strength periodically over long distances.Since then technology has evolved and Voice Over Internet Protocol (VOIP) is replacing the traditional network. Analoguevoice signals are now digitized and data is transmitted in packets as 0s and 1s. There is no longer a simple signalroute connecting geographies of the connected parties. Partly as a result, the network is now truly global.


In writing the programmes that enable the new digital network, one important strategy that practitioners havedeveloped is to “keep it simple” and modularize. This is necessary since the extent and complexity of the systemmeans that programmes will often end up functioning in an environment unimagined by the original programmers.Since the environment mainly consists of largely unconstrained “virtual” machines rather than physical ones –i.e. software not hardware – this is an everyday occurrence. Even small errors can have unexpected consequenceswhen far from home. As a result, best practice is to write programmes in small, easy-to-understand chunks.This helps programmers avoid errors in the first place, and detect or fix them more easily if they do occur. Inaddition, users distant in time and space can more easily read and understand the programme. Keeping it simpleand modular increases comprehension and makes error-detection quicker, helping to reduce developmentcosts. Simplicity and transparency co-exist.

Aircraft engineers use modular design

Like computer programmers, aircraft engineers also design in modules. Most aircraft components can be detachedindividually for maintenance and can be tested independently. Components can also be reused as they are moreflexible and installation is quicker and easier. From the system-wide perspective, if there is a problem identifiedwith a modularized component, the component can be easily identified in all aircraft and if needed, substituted.Reusing tried and tested modular components in new designs reduces the risk of unexpected consequences.


The pharmaceutical industry conducts drug testing with gradually increasing sample sizes tounderstand behaviour in broader populations

Drug development is a long process involving sequentially expanding sample populations in order to examineand understand the system-wide risks and benefits of a drug. The process is staged into well defined modules,each of which is carefully and transparently documented. Development begins with in silico (i.e. in a computer)and in vitro (i.e. in a test tube) experiments to characterize chemical structure and drug activities. Testing proceedsto cell cultures and then to animals where scientists learn how the drug interacts with natural biological systems.Afterwards, multiple stages of clinical trials involving humans are conducted with increasing sample sizes. Phase Iinvolves dozens of people, and trials gradually expand to several thousand people. Testing is conducted carefullyto assess drug efficacy and side effects, while not exposing the entire population to uncertainties all at once.At any phase, if the testing process reveals adverse side effects or interactions that outweigh the calculatedbenefits, the drug development programme ends and the drug will not go to market.

Information Management in Biology: A Model for Financial SystemsBy Harvey Rubin

Integrated and efficient information flow and management is essential for living systems. Bacteria, for example,are far from being vulnerable tiny creatures. They have a robust, adaptive regulatory system that optimizesthe growth of the colony given any external and internal set of conditions. They adapt to the compositionof the growth media, the temperature, acidity, and salinity of the environment, the presence of damagingradiation, attack by other organisms that produce toxins or even antibiotics, and many other colony-threateningconditions. Growth and division of healthy human cells are strictly controlled or premature cell death mayoccur, or unregulated cell-growth – malignancies – may arise. Successful adaptation depends on sensingthe environment in combination with regulatory mechanisms that are built into the system itself. Controlengineers call this “supervisory control,” where “controllers” share certain information and communicatewith each other as well as with a “supervisor” that can switch between local controllers based on otherinformation flows. Robustness of the system in “unpredictable” environments is directly related to the successof the controllers. Much like these complex engineering systems, control in living systems works over a rangeof temporal and spatial scales, can be autonomous or central or both, and works only if relevant informationis sensed, processed, and distributed to the components of the system that need it. It is important to note thatnot every component of a complex system needs every bit of information for the system to work optimally.In fact, quite the opposite is true. Complete sharing of information in biological systems, where every molecularreceptor would recognize and respond to every signal, is not compatible with life. Biological systems arereplete with exquisitely specific molecular receptors tuned to respond to very specific signals and information –and no others. Breakdown of the specificity can leads to disease or death. In nature, innovation exists evenin regulated and tightly controlled systems.21 Indeed, controllers allow innovation to emerge through selectionfor fitness in an evolutionary sense. It all depends on assiduous and appropriate information flow and management.

Harvey Rubin, MD, PhDProfessor of Medicine, Microbiology and Computer ScienceDirector, Institute for Strategic Threat Analysis and Response (ISTAR)University of Pennsylvania

21 Regulation in biology refers to changes in the frequency, rate or extent of a process that generally leads to a more robust living system.



In financial services, opaque products and markets often translate to increased short-term profit but also longer-termsystem instability. For example, leading up to the recent crisis, complex products were created – largely at the customers’request, it should be noted – that were hard to understand in and of themselves, let alone at a systemic level. Customersand institutions had difficulty managing the associated risks of many products, especially when they “mutated” beyondtheir original intent of spreading risk across institutions and/or were deployed in quite different environments. For example,numerous variants of risk management products were extensively deployed for speculation or yield enhancement. Thisopacity also reduced the industry’s overall understanding of the aggregate risks in the system.

The “mutation” of financial products and their uncontrolled environmental spread – either through unexpected volumegrowth, proliferation to unintended clientele, or use for different purposes – can pose issues for systemic stability. Similarto how the immune system detects pathogenic nuances to adequately respond to a specific strain, risk managementdepartments need to understand how products have evolved over time. While there is no natural central intelligencein the immune system to speed up or direct detection, financial institutions can bolster risk monitoring to detectmutations. Product transparency is crucial in detecting these “mutating” instruments. Institutions and regulatorsshould be especially concerned with product volume increases that seem out of line with growth in the underlyingtarget market. Once potential threats are identified, institutions need to ensure that measurement and controlframeworks remain effective in managing the associated risks, and adapt risk management strategies if needed.

At the system-wide level, innovations or mutations often exploit loopholes in the regulatory framework. If theloopholes identified are properly addressed by altering risk management techniques, system stability can bestrengthened. However, regulators should consider rethinking the process and pace of updating regulatory requirementsto address gaps in a timelier manner. Several years are too long in a market that innovates monthly.

To further increase risk, transparency and understanding – and following the lead from telecommunications – institutionscould keep things simple when crafting new products. This could mean breaking them down into recognizablemodules with appropriate documentation. In fact, new products that are originally seen as complex and cutting-edgedo generally become more standardized. This suggests that it is possible to create bespoke risk-managementproducts aimed at addressing unique client needs by breaking down complex products into simpler components.However, since transparency often makes life easier for copy-cats, many institutions might not be able to fully mandatethis on their own. Regulators should therefore encourage simplicity and modularization in product design.

One technique for regulators to consider is to institute a standard nomenclature framework that institutions could use todescribe their products and the associated risks. It could be beneficial to have a common language for the buy-side, sell-side,regulators, and consumers who are not necessarily aware of a product, to be immediately able to codify the risks andrewards a product embeds. Such a framework could help consumers better understand risk/reward trade-offs and helpregulators better monitor system-wide risk exposures. The framework would be effective only if it could “fit” all new productsand meaningfully describe them. Since there is a fine line between standardization and homogeneity, it would be critical thatthe nomenclature describes, not restricts, product innovation. The framework should fit the products, not dictate product design.

Regulators could also consider lowering capital and compliance requirements for new products that consist ofexisting, well-understood modular components, similar to the modularity principle in aircraft design. This wouldincrease transparency, and hopefully help the financial services industry better understand component interactionsthat could be dangerous to the system. In addition, once a component or a collection of components is deemedunsafe, it can be identified and managed throughout the system.



3.1 Introduction

In many domains, the threat of personal harm, especially physical harm, creates a healthy fear of taking risks andcreates a strong risk-sensitive culture. By contrast, this type of threat does not exist in finance: no matter howbad things get, nobody dies. Moreover, the financial-services industry is in many instances highly asymmetricwhere risk taking is concerned. The potential for windfall personal compensation from institutional risk-takingcreates a culture that is more sensitive to reward than to risk. Much commentary on the recent crisis has frequently,and rightly, pointed to issues with governance and culture in the industry – which includes regulators as well aspractitioners.

In addition to asymmetry, a focus on relative performance prior to the recent crisis encouraged herd behaviour.This homogeneity and lack of contrarian voices was a key cause of the accumulation of similar risks across thesystem, as well as to a synchronized run for the exit when those risks started to become apparent. The impliedview, that an absolute loss was acceptable as long as it was less than that of the competition, collided with thereality that an institution’s capital does not tolerate absolute losses above a certain magnitude.

Furthermore, it is fair to say that an industry so heavily focused on relative performance would find it difficult tolisten to cautious voices. “Looking for trouble” is not something that comes naturally in this environment. Onehighly-publicized illustration of this point is the Bernard Madoff scandal. The few who had long claimed that theperformance of Madoff’s investments was technically impossible were ignored by the many because thereturns, and the marketing, were so attractive.

In some corners of the finance industry, arrogance took hold, particularly when it was supported by such apparentfinancial success. This undermined the effectiveness of controls set by institutional risk departments and regulators.

Finally, a culture of specialization often meant that staff operated in silos with little sense of responsibility for theoverall business. In cases where the silos were linked, the linkage was often through processes or technology –neither of which created a sense of empowerment or ownership. In areas where the linkage was personalized –frequently only at the senior management level – there was typically not enough detail to spot some of the risksin very technical products.

How can the industry instil risk-sensitivity into its governance and culture?

The financial services domain could more proactively (1) Look for trouble, (2) value experience, and (3) empowerthe front line.

Chapter 3 – Governanceand Culture


The Tragedy of the CommonsBy Glenn Reed

Until the latter half of the 20th century, over-harvesting of ocean fish was popularly thought to be impossible.Culturally, many people had – and in some places continue to have – a strong belief that access to thiscommon “publicly owned” resource was a birthright. One consequence of this attitude has been thateven when fishermen could see resources declining, they would continue to harvest at unsustainablelevels. They knew that if they didn’t harvest the fish, someone else would. The term “race for fish” wasused to describe this self-destructive behaviour. Yet it was recognized that the continued treatment ofthe seas as a common resource would lead to additional problems unless a management regime couldbe devised to prevent it.

Attempts to control fishing through restrictions such as “license limitation programmes,” in which thenumber of fishermen is limited, have proved difficult. Iceland and New Zealand have had greater successby creating “privatized” fisheries through government regulation, and have become models for more recentprogrammes in the United States. In this privatization model, also called rationalization, the “tragedy ofthe commons” is replaced by allowing fishermen to “own” a tradable share of the former commonresources. Once the resource is owned by fishermen, or other stakeholders, it becomes as asset to beprotected over the long term and not overexploited for short-term gain.22 Each fisherman has a share ofthe total allowable harvest, and must stop fishing when that limit is reached.

Rationalization and quota-based management approaches can only flourish after a change in culture.Once in place they are usually embraced, as illustrated, for example, by the economic benefits of privatization.An additional benefit in a rationalized sea environment is that fishery managers and industry have greaterability to minimize negative impact to ocean habitat.

Glenn ReedPresidentPacific Seafood Processors Association

22 It is worth pointing out that Dr. Elinor Ostrom, the 2009 co-Nobel Prize winner in economics, has made an important contribution to our understanding ofhow the tragedy of the commons can be avoided by exploring public and private ownership. See: “Scientific Background on the Sveriges Riksbank Prize inEconomic Sciences in Memory of Alfred Nobel 2009: ECONOMIC GOVERNANCE”. The Royal Swedish Academy of Sciences,http://nobelprize.org/nobel_prizes/economics/laureates/2009/ecoadv09.pdf, 2009.

23 Krugman, P. “Innovating Our Way to Financial Crisis”. New York Times, http://www.nytimes.com/2007/12/03/opinion/03krugman.html?_r=1, 3 December 2007.

3.2 Look for trouble

“Why was this allowed to happen? At a deep level, I believe that the problem was ideological: […]committed to the view that the market is always right, [practitioners] simply ignored the warning signs.”

Dr. Paul R. Krugman, Professor of Economics and International Affairs, Princeton University, andrecipient of the 2008 Nobel Memorial Prize in Economics, 3 December 2007. 23


The WHO looks for trouble

In the 1990’s, the World Health Organization, mandated to provide leadership on global health matters24, principallyperformed passive infectious disease pandemic surveillance. Member nations reported outbreaks to the WHO,which in turn generated responses. However, national reporting was slow and often incomplete, and as a result,so was the WHO’s response.

The latter part of the decade brought increasing number of epidemic outbreaks. For example, pneumonic plaguebroke out in Surat, Gujarat, India, in 1994 and Ebola hit Kikwit in the Democratic Republic of the Congo in 1995.Many people died; panic ensued; the idea that infectious disease had been conquered receded. Consequently,the WHO concluded it needed to improve response times and therefore detection speed.

The WHO went “looking for trouble:” they turned their approach on its head and switched to active surveillance(with the support of technology), and linked it to assistance and response. The Global Public Health IntelligenceNetwork (GPHIN) was developed and launched by Health Canada in 1999. Today, in its second generation,GPHIN crawls through the web in search of news items that might indicate potential disease outbreaks aroundthe world. It automatically and continuously scans and translates articles in seven languages. Canadian publichealth officials aggregate and screen the data, then send them on to the WHO. A WHO team meets daily todiscuss the reports and decide which incidents need verification from WHO country offices. Moreover, theInternational Health Regulations, in effect as of June 2007, empower the WHO to further investigate informalleads in some circumstances in order to mount an actionable response and assist nations in need.

24 “The role of WHO in public health”. World Health Organization, http://www.who.int/about/role/en/index.html, 2009.


The WHO can now detect and respond to potential disease outbreaks quicker. Today, it uses additional epidemicintelligence services to constantly look for trouble. The WHO also engages its offices in 144 countries, as wellas affiliated laboratories and non-profit organizations, to investigate unusual events and patterns. In response,member countries have raised their game and are increasingly the first to report incidents themselves. This isencouraged by the provision of practical and rapid assistance.

The immune system is constantly responding to new invaders

In the face of constant threats, the human immune system is constantly monitoring and adapting to identifyand fight new pathogens. Molecular pattern recognizers throughout the body continuously scan for genericsigns of the presence of pathogens. When they encounter a hostile pathogen, they secrete signalling moleculesasking for specialized help even as they initiate a first wave of generic defence. Specialized and numerouswhite blood cells circulate constantly throughout the body. Upon picking up these distress signals, they honein on the origin. When they detect the specific target pathogen, they lock on and destroy it.

Aviation regulators also look for trouble

Over the past decade, aviation regulators have also begun to look more avidly for trouble. One of the purposesof FAA’s ASIAS programme, which aggregates system-wide data, is to search for unrecognised patterns innear-miss incidents to help detect and fix small problems that have the potential to lead to bigger systemic issues.



Leading up to the recent crisis, senior management, business units, and risk-management functions in manyfinancial services institutions were often not actively looking for emerging new threats. Monitoring and reportingfunctions were performed routinely, by-the-numbers, without going beneath the surface to sniff out potentialproblems. As long as the dashboard glowed green, everything was thought to be just fine. As a result, manyinstitutions failed to spot – or worse, ignored – warning signs that a systemic crisis was lurking and were under-prepared when it hit.

To better detect such signals, financial institutions and regulators should actively look for trouble. The industryshould constantly search for new patterns that might indicate problems at both the institutional and system-widelevel. Even though there will inevitably be some false alarms, the overall result will be worth the effort – especiallygiven the consequences that ensue when the system does break down. The few institutions that have thrivedthough the crisis tended to be those that acted on a nagging feeling that something was not quite right, dugdeep to find its causes, and restrained their risk-taking as a result.

To this end, financial institutions and regulators could consider dedicating teams to conduct proactive examinationsand analyse unusual patterns. At the system-wide level, better coordination of relevant data, as suggested earlierin this paper, could facilitate such analyses. But being a vigilant watchdog is not enough. The sector should alsorespect and embrace dogs that bark – the contrarians. Practitioners should have an inquisitive nature to followevidence trails and imaginative personalities to generate creative scenarios. At the institutional level, firms couldconsider rotating practitioners through business and risk departments to broaden their perspectives andencourage diverse views. Some institutions already do this successfully today.

Once dedicated teams uncover risk-management concerns, those teams should work with corporate risk managementfunctions and business units to develop contingencies and adapt strategies in response. Moreover, institutionsneed a channel to escalate and adequately discuss such issues, and a shift in culture such that warnings areheard and acknowledged. Senior managers and Board members should expect to see risk reports with problemshighlighted. A uniformly rosy outlook should prompt concern, not comfort.

Institutions and regulators should also be in constant pursuit of effective metrics that signal emerging stress,and be aware that existing metrics inevitably become less effective over time.25 Regulators could thus considerexperimenting continuously with new warning indicators – such as excessive leverage, crowded strategies,counterparty concentration, or funding source concentration – to measure system stability. By making thisprocess dynamic, the industry will hopefully be able to find and employ metrics to signal the next crisis ratherthan the previous one.

Of course, while a culture of vigilance and supportive mechanisms can help detect risks, experience is necessaryto give context and understanding to the search.

25 It is worth pointing out that Goodhart’s law, first stated in 1975, suggests that some observed statistical metrics in the context of macro-economic policycontrol tend to lose their effectiveness once regulators decide to use them. See Goodhart, C. “Monetary relationships: a view from Threadneedle Street”,Papers in Monetary Economics, Reserve Bank of Australia, 1975.


3.3 Value experience

“For most of us, this is uncharted territory. Inflation has been the predominant concern of policy makersin the U.K. for well over 50 years and almost nobody alive in the U.K. has had any experience ofdeflation”

Tim Besley, former Member of the Bank of England’s Monetary Policy Committee,21 December 2008 26

Wildfire fighters value experience

Wildfire fighters make life-or-death decisions. At times they have only minutes to make the call between fightand flight. They must therefore maintain what they call “situational awareness” – constantly watching for andevaluating changing conditions. The only way to gain such awareness is through experience.

Although wildfires are complex, involving interactions among weather, vegetation, and terrain, most are limitedin size and severity. Yet large and uncontrollable “mega-fires” occasionally break out that defy conventionalefforts to extinguish them. In addition to their sheer size, mega-fires are dangerous because most wildfire fightershave never experienced one, and hence their situational awareness is limited.

26 “MPC man: 'We are in uncharted economic territory'”. The Daily Mail, http://www.thisismoney.co.uk/markets/article.html?in_article_id=461555,21 December, 2008.


Passing fire fighting experience to new generations to prepare them for mega-fires is crucial. To this end, manycountries emphasise the retention of experienced fire fighters, on both a full-time and on-call basis, to ensurethat their experience of fighting mega-fires is available. In addition, fire strategists have attempted to captureand codify their experience electronically. After each event, a full account – including what triggered the fire, theevolution of its path, the methods used to extinguish it, the damage incurred, and the lessons learnt – is carefullyrecorded. Over time, a body of knowledge is established documenting the complete fire history of a region.These data are critical both for training junior fire fighters and for ongoing fire management. As a last resort,on-call experienced fire fighters are drafted to the scene of a mega-fire to bring their experience to bear.

Aviation learns from post-accident analysis

In 1989, the U.S. National Transportation Safety Board reported 0.144 fatalities per 100,000 departures in theUnited States. Almost twenty years later, in 2008, the NTSB reported only 0.019, 77% fewer than in 1989.27

How was the industry able to improve safety so dramatically from what was already a low base? NicholasSabatini, Associate Administrator for Aviation Safety at the FAA describes aviation’s diagnostic approach asfollows: “We lose one. We investigate. We learn what happened. We make corrections.” 28

27 “Aviation Safety Statistics”. National Transportation Safety Board, http://www.ntsb.gov/AVIATION/Table5.htm, 2009.28 Sabatini, N. “Downward Pressure on the Accident Rate.” FAA, http://www.faa.gov/news/speeches/news_story.cfm?newsId=7170, 2006.


Aviation has mastered the use of post-accident analysis. When an incident occurs, the regulator, operator,manufacturer, and even competitors conduct investigations. This can take anywhere from several months toseveral years depending on the incident and the exact parties analyzing it. But these parties do not just passivelyrecord the causes of accidents. They learn from them and make changes to their operations, whether it meansgrounding a certain type of aircraft with a potentially dangerous component, changing maintenance protocols,or revising a flight manual.

This flight manual, updated as new lessons and experiences are recorded, contains documentation on proceduresfor all known scenarios. The manual is sometimes used in live situations by pilots to help determine theiractions.

The immune system logs memory on past incidents

After fighting a pathogen, the human immune system maintains a population of memory cells - white cells tailoredto fight the specific intruder. The next time this pathogen re-enters the body, these cells can be very quicklyactivated, providing protection and often immunity (memory cells are the basis for vaccinations).


Practitioners in financial services, like wildfire fighters, need to take advantage of “situational awareness” to sensedanger and mitigate risk. Such awareness comes with learning from experience. Yet the industry’s workforce,particularly in trading businesses, is often so young that very few people have had hands-on experience ofextreme conditions.

The financial services industry needs to ensure that it can leverage its more-experienced employees both atinstitutions and regulatory bodies. In addition to the teams actively “looking for trouble,” as previously described,this could be achieved by setting up specific on-call “crisis task teams” made up of experienced formeremployees. Following the “reserves” concept in the military, these teams would be called into action only in theevent of an emergency. Perhaps most importantly, institutions should consider recruiting board members whohave lived through major financial events or other catastrophes. Of course, to be effective, they must alsounderstand financial products and recent innovations.

Indeed, if financial institutions could capture personal accounts of past events, they could better transmitimportant lessons to new generations and build enhanced risk management capabilities. Like wildfire fighting,financial services companies could create an experience logbook – readily available to all employees – made upof first-hand narrative accounts of past incidents. These narratives could include video accounts highlightingthe most severe moments. Such vivid, first-person accounts help history come alive and keep the memoryfresh.29 These accounts could be used in internal training and regulators could consider mandating their use forsenior management training.

29 Ariely, D, Carmon, Z. Gestalt Characteristics of Experiences: The Defining Features of Summarized Events. In Journal of Behavioral Decision Making, 2000,13:191-201.


Moreover, in wildfire fighting, experienced practitioners are retained to build knowledge in the squad – even ifthey have made honest mistakes in the past. In the financial world, leaders are often dismissed if they are linkedto an incident, sometimes regardless of whether they were responsible personally or not – a convenient scapegoatresponse that eliminates the need for a full post-mortem and allows the organization to move on withoutintrospection. While it is obviously important to hold individuals accountable for their actions, financial institutionsneed to investigate incidents in depth to truly understand the causes before attributing blame. Following the firefighting example, the financial services industry could consider changing the balance between finding scapegoatsand learning from mistakes.

Accordingly, the industry needs to improve its culture of investigation, as has already been pointed out in “lookfor trouble”.

3.4 Empower the front line

“When I was head of group regulatory risk at HBOS, I certainly knew that the bank was going toofast (and told them), had a cultural indisposition to challenge (and told them), and was a seriousrisk to financial stability (what the FSA call ‘maintaining market confidence’) and consumer protection(and told them).”

Paul Moore, former HBOS Head of Group Regulatory Risk, HBOS, 10 February 2009 30

30 “HBOS whistleblower statement”. BBC News, http://news.bbc.co.uk/2/hi/uk_news/politics/7882581.stm, 10 February 2009.


In aviation, front line crew and maintenance workers are encouraged to raise safety issues

On March 27, 1977 a KLM 747 aircraft and a Pan American 747 collided on a runway in the Canary Islands.None of the 234 passengers or 14 crew members on the KLM flight survived the accident. Of the 16 crew onboard the Pan Am plane there were 9 fatalities, and only 61 of the 317 passengers survived. This has beenconsidered one of the worst plane crashes of all time.

One of the causes attributed to the accident in the official report was cockpit hierarchy. The KLM pilot was verysenior. While it is apparent that both the co-pilot and the flight engineer questioned his decision making, oncethe senior pilot emphatically said that all was okay, neither of them probed further. The crash occurred 13seconds later.31

Since this incident, the aviation community has aimed to de-emphasize cockpit hierarchy. One of the roles ofthe co-pilot is to help manage risk, and he or she must be empowered to raise safety issues. This input must bevalued by the pilot. Aviation has now standardized this modus operandi, termed “crew resource management” 32.

In commercial aviation, those on the front line areempowered to raise aircraft safety issues. Mechanicsand flight deck crew can ground an aircraft if they deemit or the flying environment unsafe before take-off. Duringflight, if pilots notice any issue – from restroom leaksto engine failure – they log it. Unless a qualifiedmaintenance person signs off on correspondingrepairs after landing, the plane cannot fly again.

Physicians are empowered to make front-linedecisions

In Infectious Disease Control (IDC), disease diagnosisand management protocols are set by the WHO andnational authorities. But often individual practitioners,who are empowered to make decisions locally, can havedramatic influence. For example, during the SARSoutbreak in 2003, Dr. Wing Hong Seto of Queen MaryHospital in Hong Kong vigorously reinforced performingthe basic procedures of hand washing, wearing masks,and disposing of wastes. Only two healthcare workers atQueen Mary Hospital suffered SARS infections, comparedwith at least 87 at the nearby Prince of Wales Hospital.33

31 Joint Report KLM-PAA. December, 1978. Madrid: Ministerio de Transportes y Comunicaciones.32 Crew Resource Management was coined in a 1979 NASA safety workshop 33 Abraham, T. Twenty-First Century Plague: The Story of SARS. Hong Kong: Hong Kong University Press, 2004, 2005.


There is no central governor managing an immune response

The human immune system is an interesting – perhaps unique – risk-management model because decision making is completelydecentralized. There is no master authority dictating where resources should be transferred or which area of the body gets thehighest priority. Rather, each individual immune-system cell is equipped to fight a specific pathogen and is responsible forfighting any it encounters. The accumulation of these individual actions leads to effective system-wide pathogen population control.

Fire fighters on the front line are empowered to make tactical decisions

In wildfire fighting, frontline staff are empowered to make on-the-scene decisions because they are best equippedto leverage situational awareness. The central command is responsible for managing the overall decision-makingprocess and strategic resource allocation, but not for individual tactical decisions. Under the U.S. incident commandsystem, when a wildfire breaks out, the first responder on the scene assumes command until a higher-ranking firefighter arrives. Decisions must be made swiftly because a delay could allow the fire to spread further.


Leading up to the financial crisis, relatively few front-line worries filtered up to senior management at most institutions.Communication channels were inefficient, and many senior management teams did not encourage the raising of difficultissues. Risk concerns were therefore mentioned infrequently, and when brought up they were largely ignored. As aresult, senior management teams at many institutions did not detect the crisis early on and were not prepared when it hit.

The financial services community should become more willing to solicit and consider responsible input from employeesat all levels, especially when the input concerns risk management. Institutions could start by reinforcing the importanceof front-line staff reporting their views and then supporting them when they do, whether senior management agreeswith the offered viewpoint or not. Furthermore, senior management should communicate that consistent “no issuesor problems” declarations would be considered too good to be true – and mean it.

For example, if a junior staff member feels compelled to raise a difficult issue, he or she needs to feel confident thatno penalty or prejudice will ensue. In fact, institutions could consider rewarding junior staff for such behaviour.

Both business units and the risk-management function could jointly contribute to the equivalent of a pilot’s log on risk.Any persistent absence of such contributions by one of the two parties would be cause for concern and reflected inperformance reviews. That said, the fundamental separation of duties in business and risk-management functions isessential, and the latter should continue to occupy a control function over the former. Mutual understanding and ultimatealignment with the institution’s goals can be achieved through mechanisms such as training and staff rotations that donot compromise organizational integrity. Some organizations already do this between infrastructure and business areas.

Following the aviation example, institutions could try to instil in their front-line employees the notion that managingrisks for the institution is in their hands. Indeed, personal responsibility could be repeatedly emphasized duringtraining and coaching, and during formal appearances by institution leaders. Also, junior employee incentivesshould be aligned with institutional goals through appropriate compensation systems.

Ultimately, front-line and central functions can be synergistic. The front line can leverage situational awareness,and the central function can see a larger, holistic picture of institutional and systemic risk.



Through examining domains outside of finance, nine potentially transferable risk management lessons wereidentified for the financial services community to consider. They fall under three focus areas: (1) system-wideperspective, (2) transparency and information flow, and (3) governance and culture.

Consistent with the point on the importance of internalizing past lessons, financial services policymakers, regulators,and practitioners could engage in further dialogue to discuss how best to incorporate these findings into futurepolicy, regulation, and practice. The overall aim is to increase the resilience of the global financial system.

While the financial system appears to be stable for the immediate future, the financial industry should pause andreflect on past risk-management practices and actively explore potential changes that could be made goingforward. The following questions are critical:• How can the industry make the proper trade-off between information protection and disclosure as it seeks toenable system-wide risk monitoring and management?

• How can the “rejuvenation” and safety of the financial system be balanced without either creating moralhazard or system fragility?

• Is the industry on the right track with the current regulatory approach? How can the benefits and vulnerabilitiesassociated with regulatory convergence be balanced?

• How can the industry adapt (structurally and culturally) to new threats and innovations of the future, giventhat it does not yet know the products, the markets, the players, and the consumers of the future?

• Given that the next crisis is very unlikely to be prevented by a central controller, how can the industry resistthe temptation to “solve” stability issues by over-centralisation and instead strengthen the resilience of individualsystemic nodes?

The implementation of any needed changes will neither be easy nor can it happen overnight. Some require aphased approach; others require voluntary initiatives from the private sector; yet others require regulatory mandates.Above all else, international and cross-industry cooperation and trust are crucial to achieving system-wideresilience, and it is in this spirit that this report has been researched and written. The project team thanks thosewho have contributed to this effort, and looks forward to the ongoing debate.

Chapter 4 – Conclusion


• 2009-2013 FAA Flight Plan. January, 2009. Washington DC: FAA.• Abraham, T. Twenty-First Century Plague: The Story of SARS. Hong Kong: Hong Kong University Press,2004, 2005.

• Air Transportation Oversight System Report. April, 2002. Washington DC: FAA.• “Antibiotic Resistance: An Ecological Perspective on an Old Problem”. American Society for Microbiology, 2009.• “ASRS Program Briefing”, NASA, http://asrs.arc.nasa.gov/overview/summary.html, 2009.• “Blueprint for Renewal II: Modernizing Canada’s Regulatory System for Health Products and Food”. HealthCanada, 2007.

• Brilliant, L. “Larry Brilliant wants to stop pandemics”. TED,http://www.ted.com/talks/larry_brilliant_wants_to_stop_pandemics.html, 2006.

• Burns, W. “Openness is key in fight against disease outbreaks”. Bulletin of the World Health Organization,http://www.who.int/bulletin/volumes/84/10/06-011006/en/index.html, 2006, 84:765-840.

• Children, J. “Social Science in the Pacific Fishery Management Council Process”, Pacific FisheryManagement Council, 2005.

• Clute, K. “Public Perceptions and Attitudes Towards Wildland Fire”. National Interagency Fire Center,http://www.nifc.gov/preved/comm_guide/wildfire/fire_15.html, 2009.

• Croft, J. “Future Proofing: Can risk analysis prevent more catastrophes?”. Flight Global,http://www.flightglobal.com/articles/2007/01/09/211385/future-proofing-can-risk-analysis-prevent-more-catastrophes.html, 2007.

• Cyr, N. “Ecosystem Approaches to Fisheries Management: Why the Interest and Aren’t We Doing ThisAlready? New Council Member Training”. NOAA / NMFS Offices of Science and Technology, 2008.

• Finney, M. “A Prototype Simulation System for Large Fire Planning in FPA”. USDA Forest Service,http://www.fpa.nifc.gov/Library/Docs/Science/FPA_SimulationPrototype_0705.pdf, July 2007.

• “Global Public Health Intelligence Network (GPHIN)”. Public Health Agency of Canada,http://www.phac-aspc.gc.ca/media/nr-rp/2004/2004_gphin-rmispbk-eng.php, 2004.

• “Green Paper – Reform of the Common Fisheries Policy”. Commission of the European Communities, 2009.• “Guidance for Industry, Development and Use of Risk Minimization Action Plans”. U.S. Department of Healthand Human Services, Food and Drug Administration, March 2005.

• “Guidance for Industry, Good Pharmacovigilance Practices and Pharmacoepidemiologic Assessment”. U.S.Department of Health and Human Services, Food and Drug Administration, March 2005.

• “Guidance for Industry, Premarketing Risk Assessment”, U.S. Department of Health and Human Services,Food and Drug Administration, March 2005.

• “Guideline on Risk Management Systems for Medicinal Products for Human Use”, European MedicinesAgency, Nov 2005.

• Gupta, S. Starr, B. “WHO raises pandemic alert to second-highest level.” CNN,http://www.cnn.com/2009/HEALTH/04/29/swine.flu/index.html, 2009.

• Haldane, A. “Rethinking the Financial Network, Speech delivered at the Financial Student Association, Amsterdam”.Bank of England, http://www.bankofengland.co.uk/publications/speeches/2009/speech386.pdf, April 2009.

• “ICS Resource Center”, FEMA, U.S. Department of Homeland Security,http://training.fema.gov/EMIWeb/IS/ICSResource/, 2009.

• Janeway, C. Travers, P. Walport, M. et al. Immunobiology: the immune system in health and disease,6th edition. New York: Garland Science Publishing, 2005.

• Joint Report KLM-PAA. December, 1978. Madrid: Ministerio de Transportes y Comunicaciones.• “Making Air Travel Safer”. PBS, http://www.pbs.org/wgbh/nova/planecrash/safer.html, 2006.

References


• Managing Risks in Civil Aviation: A Review of the FAA’s Approach to Safety. September 2008. Washington DC:Independent Review Team.

• “Managing the Risks from Medical Product Use, Creating a Risk Management Framework, Report to the FDACommissioner from the Task Force on Risk Management”. U.S. Department of Health and Human Services,Food and Drug Administration, May 1999.

• Martin, D. Managing Risk in Extreme Environments. London: Kogan Page, 2008.• “Medicine Safety Education”. Pfizer, http://www.pfizer.com/health/medicine_safety/medicine_safety_education.jsp,2009.

• Meister, A. “The New Zealand Experience with Fishery Management: Lessons Learned: Economy andEnvironment Program for Southeast Asia”. http://www.idrc.ca/eepsea/ev-8324-201-1-DO_TOPIC.html, 2002.

• Michaels, D. Maxon, T. “Some question FAA’s oversight strategy in light of Southwest incident”. The Dallas MorningNews, http://www.dallasnews.com/sharedcontent/dws/bus/stories/031608dnbusFAAfolo.3a08159.html, 2008.

• Morgan, P., Hardy, C., Swetnam, T., et al. Mapping fire regimes across time and space: Understandingcoarse and fine-scale fire patterns, International Journal of Wildland Fire, 2001, 10:329-342.

• Murawski S. “Ten myths concerning ecosystem approaches to marine resource management”, Marine Policy,NOAA / NMFS, 2007.

• “National Multi-Agency Coordinating Group: Preparedness Strategy 2009”. National Interagency Fire Center,http://www.nifc.gov/nicc/administrative/nmac/strategy/Preparedness_Strategy_Introduction.pdf, June 2009.

• “Navigating the Council Process – A Guide to the Pacific Fishery Management Council, Second Edition”.Pacific Fishery Management Council, 2007.

• “Pandemic Influenza Preparedness and Response, A WHO Guidance”. World Health Organization,www.who.int/csr/diseases/influenza, 2009.

• Rauscher, K. Protecting Communications Infrastructure. Bell Labs Technical Journal, 2004, 9(2): 1–4.• Roos, R. “WHO may redefine pandemic alert phases”. Center for Infectious Disease Research & Policy,http://id_center.apic.org/cidrap/content/influenza/swineflu/news/may2609phases-jw.html, 2009.

• Sabatini, N. “Downward Pressure on the Accident Rate.” FAA,http://www.faa.gov/news/speeches/news_story.cfm?newsId=7170, 2006.

• Sompayrac, L. How the Immune System Works, 2nd Edition. Malden: Blackwell Publishing, 2003.• “Southern California Fires 2007: What we learned, how we worked”, Wildland Fire Lessons Learned Center, 2007.• Stimpson, E. McCabe, W. “Managing Risks in Civil Aviation”. AeroSafety World. November, 2008:11-14.http://www.airlines.org/NR/rdonlyres/755F5E03-F457-41BC-A453-ED38F7F375B7/0/ManagingRisksinCivilAviation.pdf.

• Testimony of Michael Sissenwine, Chief Science Advisor, NOAA / NMFS on Data Programs for FisheriesManagement Purposes before the Sub-committee on Fisheries Conservation, Wildlife and OceansCommittee on Resources, US House of Representatives, 2004.

• The de Larosière Group. “The High-Level Group on Financial Supervision in the EU Report”.http://ec.europa.eu/commission_barroso/president/pdf/statement_20090225_en.pdf, February 2009.

• “The Final Eight Minutes”. PBS, http://www.pbs.org/wgbh/nova/planecrash/minutes.html, 2006.• “The State of World Fisheries and Aquaculture, 2008”, Food and Agriculture Organization of the United Nations, 2009.• “The Sunken Billions – The Economic Justification of Fisheries Reform”, The World Bank, 2009.• Thomson, I. “FBI warns of VoIP spoofing threat”. Secure Computing Magazine,http://www.securecomputing.net.au/News/130880,fbi-warns-of-voip-spoofing-threat.aspx, 2008.

• “United States Pharmaceutical Product Liability: Current Trends and Risk Management”, BioInsights,Biotechnology & Life Sciences Practice Group, August 2006.

• World Health Organization, http://www.who.int, 2009.


Appendix 1: Project Background and Approach

The project was launched in the aftermath of the recent credit crises as an industry partnership initiative mandatedby the Forum’s Financial Services community at the World Economic Forum’s Annual Meeting in Davos in January 2009.

Recognizing that many non-financial-services disciplines have a high potential for risk management lessons thatare applicable to the financial system, the working group began by selecting nine domains for further researchbased on their track records in managing risks within complex systems. These domains were fisheries mana-gement, wildfire fighting, pharmaceuticals, aviation, telecommunications, immunology, infectious disease control(IDC), chemicals, and logistics. However, the working group then decided to concentrate on the first seven andfilter out chemicals and logistics. Although there are certainly lessons to be learned from the latter two domains(including for example, the use of safety valves, built-in redundancy, and rigorous contingency planning) theworking group felt that such lessons were not necessarily unique and could be captured elsewhere.

In order to capture the best ideas from the other domains, the working group undertook an independent, multi-disciplinary effort. Academics, industry practitioners, and regulators from each domain were engaged throughworkshops and interviews. Some of the ideas of selected experts are included as sidebars in this report.

The risk management lessons gathered from many expert interviews and secondary research in each domainare summarised and included in the appendix. Some of these lessons are further synthesized in the body of thereport, while some remain solely in the appendix, as there was limited direct transferability to financial services.

As a framework for examining how lessons from other domains can apply to financial services, the workinggroup chose to focus on three areas34: (1) system-wide perspective, (2) transparency and information flow, and(3) governance and culture.

(1) System-wide Perspective:“System-wide perspective” looks at the compilation of interconnected local-level risks with a holistic lens. Thiscontrasts with “local-level perspective,” which examines localized risk management practices in terms of trans-actions and specific entities.

(2) Transparency and Information Flow:“Transparency and Information Flow” refers to the mechanisms through which information is exchanged withinan organization and across a larger system. It addresses how risk signals are detected, reported, and escalated.It concerns how decision makers receive the best available information in a timely manner.

(3) Governance and Culture:“Governance” refers to the rules and oversight of all activities related to risk ownership and responsibility. Itincludes the following five topics: why decisions are made, how they are made, how they are escalated, whomakes the decisions, and the processes for monitoring these decisions. Governance is underpinned by anorganization’s risk “culture” – the set of shared attitudes, values, goals, and practices that characterizes an ins-titution, organization, or group. A risk-sensitive culture is one in which individuals are willing to voice risk-basedconcerns without potential negative consequences.

Appendices

34 Originally, when analyzing risk management lessons in the seven domains, the working group also looked at “Decision Tools and Processes” as a fourthfocus area. However, the translation of these learnings to Financial Services was not deemed as relevant or innovative and was therefore not featured inthis report (although the related domain lessons remain in the Appendix).


Finally, it is important to note that the explored domains are very different in nature. Major differentiators include:• Evolved versus designed, and social versus engineered systems• Tolerance to risk (accepting risk is core to the financial-services business paradigm)• Clear definition of the “enemy” in certain domains (e.g. pathogens can cause disease, whereas in financial-services products, depending on their nature, can turn from good to bad)

• The distinction between risk and safety in some domains

The outside domains examined may not be entirely relevant to all aspects of the financial services realm. Thisreport focuses on potentially transferable lessons while acknowledging that no domain is perfect at managingrisk or indeed fully comparable to financial services.

When thinking about transferring lessons, readers should consider the following framework, where the shadedquadrants denote the primary focus of the report.

By reference to the recent crisis (which was systemic), the report when focused at the financial systemaddresses quadrants [3] and [4] with priority over the other quadrants – though some of the other domainshave different priorities in their handling of risk. Aviation is a good case, where the possibilities for systemicdamage are less numerous than those for large non-systemic events, such as plane crashes. However, by wayof example, a design flaw in an altimeter initially resides in quadrant [2], but can easily migrate into [4] should itremain undetected and affect large numbers of commercial aircraft that are simultaneously vulnerable due tospecific circumstances (e.g., weather).

Quadrants [1]/[2] and their associated analogies from other domains will still be relevant to readers who are incharge of large institutions, and therefore ‘domain stories’ are emphasised in order to spur creative thinkingand for readers to draw some of their own conclusions beyond what is outlined directly in the report.

Effect

Large, non-systemic event Systemic damage or meltdown

CauseExogenous shock to system [1] [4]

Endogenous unstable state of system [2] [3]


Appendix 2: Summary of Risk Management Lessons from Aviation

Appendix 3: Summary of Risk Management Lessons from Fisheries Management


Appendix 4: Summary of Risk Management Lessons from IDC

Appendix 5: Summary of Risk Management Lessons from Immunology


Appendix 6: Summary of Risk Management Lessons from Pharmaceuticals

Appendix 7: Summary of Risk Management Lessons from Telecommunications


Appendix 8: Summary of Risk ManagementLessons from Wildfire Fighting


Acknowledgements

This publication is a synthesis of ideas of many individuals from financial services and other domains. TheRethinking Risk Management in Financial Services project team would like to thank everyone involved forcontributing so generously their time, energy and insights.

The project team would also like to offer its special gratitude to the members of the Steering Committee for theirguidance, and to the Senior Project Advisors and the members of the Working Group for their contributionsthrough workshops, idea generations, and document reviews. Their devotion is critical to the shaping of this report.

Steering Committee

• Iain Abrahams, Head of Liquidity, Risk and Capital Markets, Barclays Capital• Lázaro Campos, Chief Executive Officer, SWIFT• Karl Guha, Chief Risk Officer, UniCredit Group• Axel Lehmann, Chief Risk Officer, Zurich Financial Services• Simon Levin, Moffett Professor of Biology, Princeton University• Erwann Michel-Kerjan, Managing Director, Wharton Risk Management and Decision Processes Center,The Wharton School, University of Pennsylvania

• David Rhodes, Senior Partner and Managing Director, The Boston Consulting Group• Luke Savage, Director, Finance, Risk Management and Operations, Lloyd’s of London• Cüneyt Sezgin, Member of the Board of Directors, Garanti Bank• Raj Singh, Chief Risk Officer, Swiss Re• Paul Smith, Treasurer, State Farm Insurance• Jim Webber, Chief Risk Officer, Aviva• Tom Wilson, Chief Risk Officer, Allianz• Vanessa Wittman, Chief Finance Officer, Marsh & McLennan Companies Inc• Mark Yallop, Chief Operating Officer, ICAP Plc• Gian Carlo Bruno, Director and Head of Financial Services Industry, World Economic Forum USA• Kevin Steinberg, Chief Operating Officer, World Economic Forum USA

Senior Project Advisors

• Michael Drexler, Managing Director, Head of Strategy & Planning, Barclays Capital and Barclays Wealth• Duncan Martin, Partner and Managing Director, The Boston Consulting Group• Philippe Morel, Senior Partner and Managing Director, The Boston Consulting Group• David Rhodes, Senior Partner and Managing Director, The Boston Consulting Group


Working Group

• Philippe Carrel, Thomson Reuters• Hervé Geny, ICAP Plc• Anwarul Hasan, Swiss Re• Daniel Hofmann, Zurich Financial Services Ltd• Henry Johnson, Lloyd’s of London• Ajay Junnarkar, Marsh & McLennan Companies Inc• Gottfried Leibbrandt, SWIFT• Nancy Leveson, Massachusetts Institute of Technology • Ebru Ogan, Garanti Bank• David M. Rowe, SunGard Data Systems Inc• Leo M. Tilman, L.M.Tilman & Co., Inc• Javier Torres, Grupo Santander

Other contributors

In addition, the project team would like to thank all workshopand interview participants for contributing their insightsand time. These individuals were (in alphabetical order):• Sebastian Bonhoeffer, Institute of Integrative Biology,ETH Zurich

• Nicolas Boutin, The Boston Consulting Group• John S. Carroll, MIT - Sloan School of Management• Andrew Cassels, World Health Organization• Marc Castelnou, Direcció General d’Emergències iSeguretat Civil, Departament Interior, Catalonia, Spain

• Mike Deimler, The Boston Consulting Group• Patrick Driscoll, United States Military Academy• Frank Edelblut, Control Solutions International• Asaf Eliakim, The Boston Consulting Group• Laurie Garrett, Global Health, Council on Foreign Relations• Lee Garvin, JetBlue Airways Corporation• John Geanakoplos, Yale University• Margaret Gilligan, U.S. Federal Aviation Administration• Robin Gisby, Network Rail• Sian Griffiths, The Chinese University of Hong Kong• Ray Hilborn, University of Washington• Udo Jung, The Boston Consulting Group• Sujit Kapadia, Bank of England• Robert Kella, Qantas• Simon Kennedy, The Boston Consulting Group• Thomas B Kepler, Duke University Medical Center• Jörg Knizek, Lufthansa

• Martin Koehler, The Boston Consulting Group• Gerald Kopp, California Emergency Management Agency• Nick Landauer, Safety Regulation Group, UK CivilAviation Authority

• Natalie Lvova, ICAP Plc• William O. McCabe, The McCabe Group, LLC• Allison McGeer, Mount Sinai Hospital• Angela McLean, University of Oxford• David K. A. Mordecai, Risk Economics Limited, Inc• Michael Osterholm, University of Minnesota• George J. Pappas, University of Pennsylvania• Alan S. Perelson, Los Alamos National Laboratory• Marc Powell, The Boston Consulting Group• Stephen J. Pyne, Arizona State University• Andy Quick, Pfizer Inc• Karl Rauscher, Alcatel-Lucent Inc• Glenn Reed, Pacific Seafood Processors Association• Roland Regoes, Institute of Integrative Biology, ETH Zurich• Harvey Rubin, University of Pennsylvania• Michael J. Ryan, World Health Organization• Paul de Sa, Federal Communications Commission• Carlos Schnapp, World Economic Forum• Martin Silverstein, The Boston Consulting Group• Michael Sissenwine, formerly National Marine FisheriesService, National Oceanic and AtmosphericAdministration, US Department of Commerce

• Mark Sobolewski, United Parcel Service, Inc• Paul Stang, Johnson & Johnson PharmaceuticalResearch and Development, LLC

• George Sugihara, University of California, San Diego• Adrian Thomas, Johnson & JohnsonPharmaceutical Research and Development LLC

• James Tiller, BT Global Services• Dror Topf, The Boston Consulting Group• Michael Tortorella, Assured Networks LLC• Paul Tranter, The Boston Consulting Group• Raj Varadarajan, The Boston Consulting Group• Tom von Oertzen, The Boston Consulting Group• Michael Walfish, The University of Texas at Austin• Carl Walters, University of British Columbia• Scott T. Weidman, National Research Council• Wayne Williams, USFS Smokejumper Base, Missoula• Keith Williams, Praxis High Integrity Systems Ltd• Janet Woodcock, U.S. Food and Drug Administration


Project Team

Authors (in alphabetical order)

Rachel Hirsch, Consultant, The Boston Consulting GroupKenny Pun, Project Leader, The Boston Consulting GroupIsabella Reuttner, Project Manager, Financial Services Team, World Economic Forum USA

Contributors

Abhishek Kapur, Consultant, The Boston Consulting GroupBryan Stone, Formerly Associate Director, World Economic Forum USA

Production

EditorsPhilip Crawford, The Boston Consulting GroupNancy Tranchet, World Economic Forum

Creative DesignKamal Kimaoui, World Economic Forum

From the World Economic Forum

Financial Services TeamsYvonne Betlem, Associate DirectorTrudy Di Pippo, Associate DirectorAbel Lee, Senior Community ManagerLisa Donegan, Community ManagerTom Watson, Project ManagerNadia Guillot, Senior CoordinatorMichal Richardson, Coordinator

The World Economic Forum is an independentinternational organization committed to improvingthe state of the world by engaging leaders in part-nerships to shape global, regional and industryagendas.

Incorporated as a foundation in 1971, and basedin Geneva, Switzerland, the World EconomicForum is impartial and not-for-profit; it is tied tono political, partisan or national interests.(www.weforum.org)

Documents

Rethinking Risk Management in Financial Services · 2013-07-25 · Rethinking Risk Management in Financial Services Report | 3 The World Economic Forum is proud to release this report