Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

Assessing Dodd-Frank`s Impact on Security & Risk Analysis

advertisement 
Assessing Dodd-Frank’s Impact on
Security & Risk Analysis:
Conflicts, Controls & Transparency
John W. Bagby, Professor of IST
Pennsylvania State University
Statement of the Problem

Risk Assessment is Largely Unregulated
–

Some Significant but Narrow Exceptions:
–

E.g., Nuclear Power, FDAs Drug/Device Trials (NDA), SOX
§404 Top Down Risk Assessment (PCAOB & SEC)
Several Recent & Spectacular Regulatory Failures
–
–
–
–
–

Exception: ISO 31,000 a “family” of industry standards
Permitted Significant Societal Hazards
Financial Engineering & Innovation
Food & Drug Safety
Petroleum Exploration & Production
Complex Computer-Controlled Vehicle Designs
Regulatory Failure Due to Failed Risk Assessment
Government Regulation, Acting Alone,
Cannot Control Systemic Risk

Traditional Financial Risk Management has only 3
narrow foci:
1.
2.
3.


Hedging Financial Risks
Insurance Markets & Insurance Industry Practice
Actuary
Systemic Financial Risk Largely Left to the FRB
Fragmentation of Financial Risk Management
Contributed Significantly to 2008 Financial Crisis
–
Federal Functional Regulators:

Fed, Comptroller, FDIC, OTS, NCUAB, SEC, CFTC, states
Composition of Incentives for Risk
Analysis: a Layered Institutional
Structure
1.
2.
3.
4.
Market Disciplines: capital, product, factor
Social Responsibility: Voluntary
Industry (Best) Practice
Industry Standards
1.
5.
6.
7.
8.
9.
10.
11.
Independent Conformity Assessment (e.g., audit, credit rating)
Self-Regulation
State Regulation
Federal Regulation
State Tort Liability
Federal Tort Liability
State Criminal Liability
Federal Criminal Liability
Impacts of Layered Institutional Structure

THE Conundrum:
–

Cons:
–
–
–
–
–

Robust Risk Analysis Attenuates Risk Taking
Redundancies Constrain Liberty
Stifles Innovation & Competitiveness
Seemingly Duplicative & Complex
Potentially More Costly Compliance for Regulated Entities
Inefficient use of Societal Resources
Pros:
–
–
–
Checks & Balances have Proven Value
Redundancies are Typical in Complex Systems with High Potential
Costs of Failure
Failure of Control Produces Pressure for Regulatory Complexity
Financial Risk Control Institutions








Market Forces
Financial Analysts’ Reports
Ratings Agencies
Internal Control
External Audit
Board Oversight
Fragmented Financial Regs (Fed Funct’l, state)
Congressional Watchdog Comms, OIG, GAO
The Regulatory Failure Hypothesis

Largely Undefined & of Recent Vintage
–

Considerable Related Roots
–
–
–
–

‘08 Financial Crisis, Moncando well blowout, FDA, NHTSA
W. Wilson, New Freedom… (’14)
G. Stigler, Theory Economic Regulation … (‘71)
S. Breyer, Analyzing Regulatory Failure … (’79)
F. Hayek, Fatal Conceit …(’88)
Range of Outcomes
–
–
Trivial Bumbling to Catastrophic Failure
Public (over-)Reliance Trusting in Regulatory Perfection
then Disaffection
Causes of Regulatory Failure



Regulator Incompetence
Regulatory Capture
Regulatory Programs Frequently Suffer Political
Compromise
Implemented as:
– Compromised Regulatory Program Funding
– Insufficient Statutory Authorization
– Clandestine Deregulation

Regulation is Decidedly Ex Post
–
–

Liberty & Laissez Faire Relegate Regulatory Solutions to
Remediate Past Misconduct or Catastrophic Failure
Planned Economies Generally Fail to Incite Innovation &
Prosperity
Regulatory Costs Impose Undue Burden on Growth
The Seeds: Recent Regulatory
Heritage

GLB
–
–

SOX
–

Universal Banking Frustrates Risk Isolation by
Compartmentalization
Strict Prudential Activities Abandon in Favor of
Promised Returns from Financial Innovation
PCAOB, Auditor Independence, Conflicts,
Disclosure Responsibility (§302) & Controls
Assessment (§404)
OTC (exoitic) Derivatives De/Non Regulation
–
Regul.Capture, Conflicts, Risk Disregard
Inspiration for
the SEC’s
Pre-Emptive
Attempt to
Expand
Boards’
Risk Duties
SEC’s Response pre-DoddFrank

33-9089 Proxy Disclosure Enhancements 12.09
–
FY ending after 2009 & proxy solicitations after 2.28.10
Firms must now Disclose Board’s Role as:
Risk Oversight
 Must Discuss & Analyze:

–
–

Links: how risk management addresses risks from
compensation policies & practices
Threshold: if reasonably likely to have “material adverse
effect”
Prediction: Will Expand Enterprise Risk Management
(ERM)
Dodd-Frank: HR.4173 & S.3217

848 page long, complex & “taxonomy challenged”
–
–
Systemic Risk
Capital Markets



–
Financial Institutions




–
–
–

Hedge Funds & Private Equity
Swap Dealers & Major Swap Participants
Derivatives & Securitization
Insurance Industry
Nonbank Financial Company
Minimum Capital, Margin, Recordkeeping and Disclosure
Proprietary Trading
Consumer Protection & Mortgage Markets (retail, wholesale)
Corporate Governance & Executive Compensation
Misc. Congo “Conflict Minerals” (gold, tin, tungsten)
Alt: Conflicts, Controls & Transparency
DoddFrank Conflicts





“Skin in the Game” credit risk retention
Whistleblower Bounties enhanced (SEC)
Compensation Consultants & Committee
Independence
Volcker Rule (Insured Institution Proprietary
Trading
Credit Rating Agencies
DoddFrank Controls

New Regulators & Regulatory Powers
–
–
–

Compensation
–
–
–



Financial Stability Oversight Council (FSOC)
Bureau of Consumer Financial Protection (BCFP)
All Federal Functional Regulators
Comp. Committees & Consulting Contracts
Exec & Golden Para “Say-on-Pay” (non-binding)
Clawback
Risk Committees for Non-Banks
Orderly Insolvency Resolution “2 big 2 fail”
Derivatives Markets Mechanisms (Swap Dealers &
Participants, Clearance, Market Mechanisms)
DoddFrank Transparency





Disclosure of Golden Parachutes (merger
compensation)
Acquisition Disclosure Timetables Shortened
Executive (Trader) Compensation
Disclosures
Asset Backed Security (asset & loan levels)
Derivatives Markets Transparency
Will Political Forces Move To Produce
Yet Another Regulatory Failure?

Political Losses
–
–

Political Wins
–
–

Society’s Laser Focus on the Perverse Incentives of overCompensation
Lobbying Must now Shift to “Soften” Regulations
Only Gentle Constraints on Ratings Agencies?
Tough Regulators Still too Fragmented & Dispersed
What Lies Ahead? Weakening DoddFrank
–
–
–
Est: 800 new SEC Staff needed to Enforce DoddFrank
De-Fund CFTC & SEC: Budget Woes Argued to Justify
Slow Funding of Comprehensive Studies Restrains Rule
Changes (see Davis Polk )
Tentative Findings:

Expand & Reinforce Effective Risk Awareness Mechanisms
– DoddFrank Expands Risk Assessment: Conflicts, Controls,
Transparency
–

VCSB Standards AICPA Risk Assessment Standards for Financials
SAS 104, (amends SAS 1) SAS 106, Audit Evidence
SAS 107, Audit Risk and Materiality in Conducting an Audit
SAS 108, Planning and Supervision
SAS 109, Understanding the Entity and Its Environment and
Assessing the Risks of Material Misstatement
SAS 110, Performing Audit Procedures in Response to Assessed
Risks and Evaluating the Audit Evidence Obtained
SAS 111, Amendment to SAS 39 , Audit Sampling
FDA’s NDA Model: Shift Some of the Burden of Proof from
–
–
Risk Averse to Prove Risk Magnitude Ex Post Calamity to
Risk Takers Ex Ante Show Reasonability of New Approaches
Related documents
IET Virtual Computer Lab SAS 9.3
IET Virtual Computer Lab SAS 9.3
Using SAS and JMP to check if x and y ~ N
Using SAS and JMP to check if x and y ~ N
people, process, and physical evidence
people, process, and physical evidence
Breaking the mould – forming the role for you
Breaking the mould – forming the role for you
Evolution of an Automated Internal Audit Management System
Evolution of an Automated Internal Audit Management System
SAS Schools Flyer
SAS Schools Flyer
Audit Poster - BSG Colonoscopy Audit
Audit Poster - BSG Colonoscopy Audit
Using SAS Business Intelligence Tools to move Towards Optimization
Using SAS Business Intelligence Tools to move Towards Optimization
The New SAS 70 (SSAE 16) Standard from Both a
The New SAS 70 (SSAE 16) Standard from Both a
Download
advertisement