Lehman Brothers, a major investment bank with more than $600 billion in assets, filed the biggest bankruptcy in history on September 15, 2008. Merrill Lynch was acquired by Bank of America, forestalling a similar fate. One of the world’s largest insurers, AIG, accepted an $85 billion emergency loan from the Federal Reserve to avoid bankruptcy.
Professor Robin Lumsdaine joined the American University faculty as the Crown Prince of Bahrain Professor of International Finance just as the crisis was unfolding.
An authority on international finance, Lumsdaine has extensive experience in academia as well as in the private and public sectors. A former director at Deutsche Bank, Lumsdaine had earlier served on the President’s Council of Economic Advisers before returning to Washington to accept a position with the Board of Governors of the Federal Reserve System. As an officer in the division of banking supervision and regulation at the Fed and head of the newly formed Quantitative Risk Management group, much of her focus was on representing the Board in its work related to the Basel II capital regulations.
“It was quite a first month as far as financial markets were concerned,” she recalled of her move to AU. “Fannie Mae, Freddie Mac, then Lehman, then AIG, then Washington Mutual. Overnight, interest rates spiked to 8 percent and there was no liquidity; the markets had seized up. Everyone was panicked.”
What began with disruption in US mortgage markets quickly spread. Some institutions were transformed to prevent failure; others failed outright. Each foundering firm was connected to a larger network of others, creating a ripple effect that threatened the entire system.
Financial leaders and regulatory authorities moved aggressively to coordinate measures to address the breakdown. The US Congress passed emergency funding—the Trouble Assets Relief Program (TARP) in 2008 and the American Recovery and Reinvestment Act (ARRA) in 2009—to avert widespread collapse. Elsewhere around the globe, governments took extraordinary actions to stabilize their economies.
In recognition of the five-year anniversary of these historic events, Kogod Now called on Lumsdaine to discuss regulation and issues of systemic risk in the banking sector.
KN: Systemic risk is a concept you’ve worked with for a number of years. Did it receive more attention among federal regulators once these events occurred? Looking back, how would you say the past five years affected our understanding of systemic risk?
Lumsdaine: I can’t discuss what specifically we talked about at the Fed, but certainly systemic risk was a topic of serious conversation even before 2008.
For regulators, concern about systemic risk is comparable to the enterprise-wide risk management that regulators expect firms to practice. The regulators’ “enterprise” is the entire financial system, or the group of institutions they supervise. So mitigating systemic risk involves trying to ensure that the failure of a single institution, or group, won’t bring down the whole enterprise. Clearly this topic has gained more attention since those events.
Imagine a corporation with an array of managers, where each one focuses only on his or her piece of the business. How does the firm ensure that risk is managed across the portfolio of activities? Or consider an individual investor. It’s not enough for her to evaluate a stock individually; she needs to consider its role in the portfolio—whether it adds diversification, and the risk to the portfolio it if were
to fail. Even as one manages the individual exposures, one should never lose sight of the big picture.
Although regulatory focus has traditionally been on each individual institution, systemic risk involves looking beyond this and monitoring the institutions’ risks in relation to each other.
KN: Is systemic risk primarily a regulatory concern?
Lumsdaine: A key result of the Lehman Brothers collapse was that it altered the views of everybody, not just of the regulators. Suddenly, everybody came to appreciate how pervasive systemic risk is. I think there was always some recognition that firms were interconnected, but the Lehman bankruptcy really underscored just how interconnected they could be. In my view, systemic risk is everyone’s concern.
KN: A recent Atlantic Monthly cover article stressed the continuing difficulty of determining the soundness of major banks. The authors wrote, “Banks today are bigger and more opaque than ever, and they continue to behave in many of the ways they did before the crash.” Do you agree with that? Have we already forgotten the lessons we learned in 2008?
Lumsdaine: It’s not so much a question of what the lessons were or who we can blame; as I’ve said before, perfect hindsight is just that. Reflection after a crisis is useful, provided we focus on what we do going forward. There is no question that some of the biggest banks are bigger today than they were pre-crisis, in part because of the consolidation that occurred in 2008. But many others are smaller, having seen dramatic balance-sheet reduction as a result of the crisis.
It’s not as if a light bulb went on and suddenly people know all about how to identify systemic risk and manage it. There is a much clearer understanding that looking at firms in isolation is not sufficient to protect the financial system or economy.
KN: How has the relationship of the investment banks to regulators changed?
Lumsdaine: Post-Lehman, a number of the investment banks, for which the Securities and Exchange Commission had been the primary regulator, became bank holding companies, bringing them under the Fed’s supervision.
Partly that occurred to give them access to the Fed’s lending facilities—essentially, to credit.
One of the difficulties investment banks like Bear Stearns and Lehman Brothers faced as the crisis unfolded was that they didn’t have such access.
KN: We understand the banks undertook the shift to bank holding company status as a matter of crisis management.
Lumsdaine: It wasn’t just the investment banks; a number of insurance companies and other firms also became bank holding companies during this time.
KN: Did it also constitute taking a step closer to a more diligent mitigation of systemic risk?
Lumsdaine: Certainly, bringing them into supervision by the Federal Reserve helps with systemic risk management, but I don’t think that’s why the firms did it. It’s hard to evaluate individual developments in isolation in terms of their contributions to systemic risk mitigation.
There are other measures that have contributed as well. For example, the Dodd-Frank Wall Street Reform and Consumer Protection Act created the authority to designate an entity as a “systemically important financial institution” (SIFI). That brings the different regulators closer to consistency in how they approach systemic risk. It provides a way for uniform supervision and regulation of systemically important institutions.
But it’s important also to consider the whole “shadow banking” sector, the other institutions that don’t fall under direct supervision at all.
I’ve written about the SIFI designation in regard to MetLife. It was once the sixth-largest bank holding company, but it failed a government “stress test” [in March 2012]. In order to free itself from the oversight of the Fed, and the stringent capital regulations that a “systemically important” designation might entail, it exited the long-term care insurance business and deregistered as a bank holding company.
While that may have made good business sense for the firm, the reduction of [regulatory] oversight may create more systemic risk, particularly as the long-term care insurance market becomes more concentrated with the exit of such a major player. Even though it is still regulated by insurance regulators, MetLife has now joined the ranks of the shadow banking sector.
KN: Here’s a scenario: You take your car in for repairs, and the one thing is fixed but there are 20 other things wrong with it. The point being, how do we know that a measure taken to solve an immediate problem doesn’t create systemic problems down the line?
Lumsdaine: At some level, we never know for sure. You would hope that the mechanic is looking at the totality of the system, not just the one part. Similarly, we need confidence that our regulators are trying to address the bigger picture and are very aware of unintended consequences.
KN: Of measures taken these past five years, are any commonly agreed on as having significantly improved the system?
Lumsdaine: I know of no one single thing everyone agrees was an improvement. No regulation is perfect. It was better to have something than not.
We know that at least some of the regulatory response staved off greater trouble. Certainly when I think back to October 2008, in those two weeks after Lehman, I do think we were on the precipice and a number of the emergency measures helped, not only in preventing total collapse but also in the recovery.
I would also argue that it’s perhaps still too early to tell. I remember similar discussions post- Enron around the passage of the Sarbanes-Oxley Act of 2002 (SOX). There were a lot of concerns that regulators were going too far, that they were imposing significant regulatory burden and that firms wouldn’t be able to conduct business. But a number of firms will tell you that their governance is much stronger now than it was before, that despite the pain of implementation, it was a good thing in hindsight. It is my hope that history will have a similar view toward some of the regulation that has occurred in response to the financial crisis.
KN: On September 16, 2008, just one day after the Lehman collapse, the government stepped in to save AIG, ultimately lending more than $180 billion. Apparently this worked; the government’s been steadily reducing its position in AIG. Could that rescue be considered an illustration of how to manage systemic risk?
Lumsdaine: There’s a delicate balance between being proactive and reactive. In general, the key to risk management is being proactive and making sure one has systems and processes in place to identify and mitigate a problem before it occurs. At the time, some argued the government’s action was just reactive. But in the ensuing five years it’s been very focused on being proactive, trying to make sure the system can weather future challenges.
KN: To that end, let’s look at the eurozone, at relationships between our regulation and theirs. Have we shared any lessons back and forth across the Atlantic that point to greater management of systemic risk?
Lumsdaine: There has always been coordination between regulators in different countries, but there is certainly more as a result of the crisis. It is enormously challenging to come up with global regulations that will work for every national jurisdiction because the underlying regulations have to be consistent with each country’s individual accounting, legal, tax, and supervisory structures.
I think an effect of the 2008 experience has been an increased emphasis on transparency—sharing information, working together to address matters regarding any particular firm—as well as the recognition that there is no single designation of “systemic risk.”
For example, consider the presence of a major bank, say Citigroup, in various countries. The primary regulator of Citigroup, the parent company, is in the US. But Citigroup has subsidiaries all over the world. And while a single subsidiary in a small country may not represent a large risk to the firm—and thus might not be systemically important from the US regulator’s perspective—for that country, it may be the biggest bank and thus incredibly systemically important.
KN: Then the more international coordination that happens, won’t the challenges of identifying systemic risk become more difficult?
Even with domestic regulations such as with Dodd-Frank, many have expressed a frustration that, three years after its passage, a number of the specifics needed to implement it still haven’t been determined.
Lumsdaine: It is incredibly challenging. And of course, the devil’s in the details.
If there is one thing that should be emphasized, it’s this: If Lehman was a defining moment, as many people believe, then we also should appreciate how, for regulators, there’s not only more scrutiny but also more pressure. It is enormously challenging to craft regulation. Dodd-Frank alone called for more than 400 additional regulations. Basel II took more than a decade.
That was something I learned at the [President’s] Council [of Economic Advisers]—about the challenges you face when actually making policy. I remember realizing that when we sit on the outside and hear about some new policy, it’s easy to wonder how the government could come up with something so complicated and imperfect.
But when I was on the inside, at the negotiating table, I saw that often the rules come out this way because everybody is working very hard to come up with a compromise that meets all the different needs of everybody in the room, all the constituents. And it’s virtually impossible to come up with something that will.
This challenge is especially great when you’re dealing with capital regulations, where one needs to reconcile the rules and definitions with accounting, tax, and legal standards in each country. And postcrisis, some of that work has gotten even harder amid this sense now that the stakes are higher.
KN: This brings us back to the question of systemic risk, doesn’t it? Take Cyprus. So many ordinary observers were astonished to learn that when this relatively small nation’s banking system was at risk, all the eurozone was at risk. Its population is 1.1 million. The eurozone calculated that it would need $30 billion. That’s approximately $30,000 per person!
Lumsdaine: Have you ever divided the US debt by the US population? Thirty thousand is far less than $16 trillion spread among 300 million people.
KN: How should we have known that risk in Cyprus could relate to, for example, risk in Brazil?
Lumsdaine: Again, this is where the difference comes up between the perception of folks who follow these things on a day-to-day basis and the perceptions that are, understandably, held by much of the rest of the world.
Back in 1999–2000, there was contagion between Brazil and Russia [which had devalued the ruble, defaulted on domestic debt, and declared a moratorium on payment to foreign creditors]; when the Brazilian currency absolutely collapsed, people were just amazed that those two currencies even had anything to do with each other.
These connections surface repeatedly. In some ways, what can be the most difficult challenge with systemic risk, spillovers, or contagion is identifying the linkages.
For example, most firms have a pretty good idea of who their counterparties are, right? By “counterparties,” we mean the people they do business with. But how much do they know about their counterparties’ counterparties, or those counterparties’ counterparties? But those linkages matter. That was part of the issue in 2008 with Lehman Brothers. It was everybody’s counterparty.
So, say you’re a bank with 10,000 clients in all lines of business. Thus each individual client represents a tiny part of your business, and in that sense you’re pretty well diversified. Many firms are in that position. But then suppose significant portions of those clients also are doing business with another firm, which then collapses. Suddenly not just one entity is collapsing but many are.
When we think about systemic risk, we’re trying to understand such linkages. Some of the recent research I’ve been doing relates to these kinds of networks.
KN: Is anything more critical than understanding these linkages—or is that just impossible?
Lumsdaine: To understand the networks is challenging, but incredibly important. I don’t think it’s impossible.
Post-Lehman, I think that people understand the significance more. Whether it’s banking networks or country networks, it’s the same concern. You asked how Cyprus could matter so much, given its relatively small size. It is one of Greece’s biggest counterparties—and Greece, of course, is connected to every other country in the eurozone. Suddenly all the eurozone is connected to what happens in Cyprus.
One seemingly little thing can upset a whole cycle or cascade into other events, and suddenly it becomes a systemic issue.
KN: What happened with Cyprus? To the casual observer, it seemed to come out of nowhere.
Lumsdaine: Cyprus was disastrous in how it was handled. An adage in risk management is that it’s the thing you’re not paying attention to that can kill you. When you know where 99.9 percent of the risks come from, you aim your resources
at identifying and mitigating that. What’s in your blind spot, in the one-tenth of one percent area, is what escalates to something fatal.
In the US, we’ve got about 7,000 banks, down from 8,000 or so pre-crisis. Yes, the top 50 represent a large proportion of the overall banking assets, but still: we have quite a few banks.
In Cyprus, when the No. 2 bank got into trouble, that represented nearly half the country’s banking assets. The hint that the deposits might not be safe threatened to undermine the entire Cypriot banking system. And once it became clear that this meant the eurozone deposit insurance guarantee might not be honored, the possibility of Europe-wide bank runs emerged. Officials from other European countries were quick to distance themselves from Cyprus’s decision—but for a few days, we were on the brink once again.
Cyprus actually reminds us that even a single country in the eurozone can pose systemic risk. We’re globally connected. And there are plenty of other examples—the Southeast Asia crisis in 1997 and Iceland, to name just a few recent ones.
KN: Looking ahead to the next five years, what are some of the future risks that you are worried about?
Lumsdaine: Let me highlight two issues I’ve focused on for much of my career. The first is the importance of data collection and IT systems at the biggest financial institutions. Before the crisis, we experienced a long period of benign economic conditions that facilitated tremendous growth in the banking sector, mostly through mergers and acquisitions. In the aftermath of the crisis was another round of consolidation, for different reasons. A result of such consolidation is the enormous IT effort that is involved when firms with different servers suddenly have to talk to each other.
There is often a struggle to get systems up and running quickly post-consolidation. Because IT is a cost center, not a revenue center, it typically does not get as much budget allocation as it needs. Consequently, the work of harmonizing these systems post-merger occurs in a patchwork fashion. The costs of this were evident in the fall of 2008: firms were scrambling to identify and value their exposures post-Lehman. If the firm doesn’t know its own exposures, the regulator won’t, either.
I’ve often said, “Don’t wait until you need the data to collect the data.” This is true for both firms and regulators. Good data collection is critical to any advance warning system and should be an essential part of a firm’s risk management.
The second major concern is the changing demographic landscape, which I believe is one of the biggest risks facing global financial stability today. We’ve all heard about health-care costs rising faster than the rate of overall inflation, the large proportion of uninsured, and the rising costs of social security. But there has been little attention given to the interaction between health-care regulation and banking regulation. And yet much of the discussion in addressing countries’ financial challenges has centered on the need to reform pension benefits.
We’ve already discussed MetLife’s exit from the long-term care insurance industry in response to capital regulations, despite projected increases in demand for the product. Also, the funding gap for state pensions as a percentage of GDP is steadily rising. And private companies are discovering that their retiree health obligations are not sustainable. These are just a few reasons why demographics and health-care considerations are becoming an increasingly important aspect of global financial stability.
Yet for the most part, health-care regulation and financial regulation develop separately from one another, resulting in unintended outcomes.