2.01 Of course, all commercial enterprises take risks. The word ‘enterprise’ implies risk taking—with a view to profit. The limited liability entity—the most common form of enterprise—exists (as a legal creature in contrast to the individual, or ‘natural’ person) in order to make risk taking more manageable.3 Entrepreneurs, as individuals, have an appetite for risk and that appetite is reflected in every kind of business enterprise, large or small, whether run as a corporation, partnership, or otherwise. Investors in such enterprises are expected to accept the risk that is inherent in the arrangement, although there are a great many laws and regulations to protect investors against the unscrupulous and, up to a point, the negligent. The activities of banks and other financial services enterprises, however, give rise to special considerations not only because of the ‘maturity transformation’ role referred to above4 but also because banks may attract funds from individuals (and others) who have either no appetite for risk (such as an account-holder with a high street bank) or a much more conservative attitude to risk (such as the holder of, say, a ‘with-profits’ insurance policy). The inter-connection of financial institutions in the wholesale financial markets, where they enter into transactions (p. 30) with each other involving enormous sums of money on a daily basis, also means that if one institution gets into financial difficulty there is a serious risk, as the Financial Crisis has shown, that the problem may spread rapidly to other financial institutions (who have credit exposures to the one in trouble) and cause serious financial instability, damaging economic activity across the board. Indeed, the evolution of the ‘credit crunch’ into the Financial Crisis, triggering the global economic recession that began in 2008, appeared to follow exactly this pattern.
2.02 The special considerations affecting financial markets require a degree of regulation and supervision which would not normally be necessary for commercial enterprises in non-financial sectors. As mentioned above, it is vitally important that ‘the financial system’ works properly (if not always perfectly) and that the public have confidence in it. Banks, more than most commercial enterprises, carry on business using ‘other people’s money’. They have money from depositors and a range of commercial and financial counterparties as well as the implicit (and, in some cases, explicit) assurance from the taxpayer that (in many, if not all, cases) they will be helped with some form of assistance if they get into serious financial difficulties and pose a threat to the financial system. We do not generally wish to place our life savings with someone who will take rash decisions that may affect the chances of our seeing our money again. Consequently, the risks taken by banks and other financial institutions are a matter of concern to everyone and that is why the regulatory regime requires, amongst other things, that banks set aside an appropriate amount of capital so that there is a reasonable chance that any adverse consequences of risk can be absorbed. This concept is known as ‘capital adequacy’. Most regulatory systems determine what is ‘adequate’ capital for an institution by reference, mainly, to the risks undertaken by it.5 In this context, (p. 31) capital means equity capital or capital that has the principal legal and economic features of equity (such as certain kinds of heavily subordinated debt). From the perspective of the institution, such capital is ‘expensive’ in that it demands a higher return than debt capital (because it takes higher risks). So the determination of what is ‘adequate’ by the regulator is a highly sensitive matter. Following the Financial Crisis, the concept of ‘adequacy’ is, at the time of writing, undergoing a fundamental review.
2.03 Banking involves many different kinds of risk, such as credit risk, liquidity risk, reputational risk, operational risk, and political risk. Legal risk, a sub-category of operational risk, is a particular kind of risk. As stated above,6 it is commonly understood to include conduct risk7 and, in particular, to relate to the risk of being sued or being the subject of a claim or proceedings due to some infringement of laws or regulations, or the commission of a tort such as negligence or some other act giving rise to civil liability. However, in the context of the financial markets, the phrase is also frequently used to mean the risk of technical defects in the manner in which a transaction is carried out, resulting in loss, sometimes very serious financial loss, for those that put money at risk in the transaction. Another kind of legal risk, embraced by the International Bar Association’s definition,8 is change in law risk. The introduction of the Banking Act 20099 and later, the Banking Reform Act 201310 in the UK provide an important example of this and the generally increased appetite for more regulation and government intervention (in some cases, in areas that have only a tenuous link to the causes of the Financial Crisis) suggests that change in law risk will be much more prominent in the future. In more extreme situations, as indicated above, legal risks, like other risks, can have a ‘domino’ effect in the market, either because the financial failure of one major institution may trigger failures in other institutions that have funds at risk with it or because the market as a whole has misunderstood the legal position on a point which is of particular importance to the recoverability of funds thought to be safely (or relatively safely) invested. This is sometimes referred to as ‘systemic risk’.
Source Id: law-9780198749271-chapter-3-div4-44ReferencesBanking Act (United Kingdom [gb]) 2009 c.1Financial Services (Banking Reform) Act (United Kingdom [gb]) 2013 c.33
2.04 Systemic risk is the most serious kind of risk that, from time to time, threatens the financial markets. The Financial Crisis provides the example par excellence of how damaging it can be. Concern about systemic risk has triggered a great deal of debate and legislative reform in recent years, both before and after the Financial Crisis. The identification and management of systemic risk was among the major policy concerns driving the UK’s post-crisis, ‘financial stability’-focused (p. 32) regulatory reforms; with the creation of the Financial Policy Committee specifically charged with removing or reducing systemic risk. And while the danger of systemic risk on the markets was painfully illustrated through the Financial Crisis, aspects of regulatory policy had already provisioned for this. As the FMLC noted back in 2004,11 the EU directives on settlement finality and financial collateral12 ‘are specifically directed to market stability and reduction of systemic risk’. It is trite to say that the fear of a collapse of a bank triggering other collapses elsewhere, with financial panic spreading like a contagion around highly sensitive and suggestible markets, is a fear that regulators have lived with from the late 19th century but there are a number of characteristics of modern, globalized financial markets that give rise to increased cause for concern in this area. Panic may not be confined to bank customers forming queues in the high street to withdraw their savings; it may also affect providers of wholesale funding, resulting in seize-up of the inter-bank market and an evaporation of liquidity. There are also particular features of legal risk that can trigger a systemic reaction, quite independently of any one institution’s financial failure. As the international law reform organization, UNIDROIT13 observed in a paper published in 2004:
… legal risk may become systemic in a less destructive sense. Consider, for example, the scenario in which an entire market suddenly changes its behaviour because the participants become aware of a major legal problem inherent in a specific kind of transaction unsuspected until then. In order to avoid this risk, the market participants avoid entering into this type of transaction as long as the legal problem remains unsolved. Such a mass reaction, if not properly restrained, could seriously damage the market.14
Source Id: law-9780198749271-chapter-3-div4-45ReferencesDirective of the European Parliament and of the Council on financial collateral arrangements (European Parliament) (Council of the European Union) 2002/47/EC, [2002] OJ L168/43Directive of the European Parliament and of the Council on settlement finality in payment and securities settlement systems (European Parliament) (Council of the European Union) 98/26/EC, [1998] OJ L166/45
2.05 Over the last decade, concerns about risk in the financial markets have been growing steadily and the Financial Crisis triggered reactions that, at times, turned such concerns into something close to outright panic. The pre-Financial Crisis financial collapse of major companies and financial institutions (and the well-known difficulties of BCCI, Baring Brothers, Enron,15 and Parmalat are just four from a distressingly long list) carried with it not only enormous losses for (p. 33) investors, creditors and, possibly, employees and pension-holders, but also potential liabilities for individuals such as directors (including non-executive directors) and professional advisers, as well as the company’s auditors.16 The Financial Crisis of course produced more collapses, with even more serious consequences. The liabilities can be so large that, in some cases, they are virtually uninsurable and, for this reason, there have been calls for the law to be changed in order to limit liability, in certain contexts, to a ‘reasonable’ level. The Companies Act 2006 brought in new provisions that enable company auditors to limit their liability by agreement.17 This raises difficult policy issues. The idea of limiting auditors’ liability has not been universally welcomed by their clients. On the other hand, the Financial Crisis has, it would seem, only served to increase their exposure to lawsuits.18 The question arises as to how the law could have developed to the point where, apparently, there is a shortage of individuals who are willing to take on roles that might expose them to such liabilities (which may arise even where they have acted in good faith).19 The deterrent effect of the risk is partly due to (p. 34) the fact that legal risk is not confined to the risk of being found culpable, but also embraces the risks associated with defending major law suits and regulatory action whether or not one is legally culpable.
2.06 These risks are not only financial (for example, the need to pay advisers’ fees) but also personal and health-related because of the extraordinary stress and time commitment that litigation (and attendant media coverage) can involve for individuals. Further, the management time taken up can severely disrupt the running of the business involved in the litigation and the constant media ‘noise’ that often attends high-profile claims can have an adverse effect on reputation regardless of the eventual outcome. Litigation risk is not the same as liability risk. But they are both legal risk. Contingency-fee fuelled, deep-pocket seeking litigation is a concern for all kinds of business, and the management of this kind of risk, in what is now widely regarded as a ‘compensation culture’, has become increasingly important for banks as well as others. Apart from government and regulatory agencies, firms of accountants (mainly because of the audit function), banks, and insurance companies are probably the favourite deep-pocket target. Lawyers themselves are probably not far behind.
2.07 Not surprisingly, institutions active in the financial markets, and those who regulate them, are concerned that risks such as legal risk are identified and managed as efficiently and effectively as possible—if they are not, the consequences will include the regulators requiring greater capital reserves than would otherwise be necessary, with consequent inefficiencies for everyone. The focus of market participants on legal risk was sharpened, to some extent, by the publication, in June 2004, of the Basel Committee on Banking Supervision’s report, ‘International Convergence of Capital Measurement and Capital Standards’. This is the report, following on from, and replacing, the Basel Accord of 1988 (which has the same title as the 2004 document) which is commonly known as ‘Basel II’.20 The work of the BCBS21 demonstrates, and is driven by, the importance of these issues for the financial markets internationally. Basel II was of enormous importance to banking regulation but also of specific importance to consideration of legal risk because of the new emphasis it placed upon operational risk22 (which, under Basel II, (p. 35) specifically includes legal risk) and the desire of BCBS to ‘engage the banking industry in a discussion of prevailing risk management practices’. ‘Stronger risk management practices’ are a key objective of Basel II, much of which was influenced by a spate of serious operational problems experienced by international financial institutions, many of them involving fraud and some of them leading to the financial collapse of the entire institution. However, the Basel II capital rules23 have themselves been subject to reconsideration in view of the experience of the Financial Crisis. In its consultative paper of December 2009 (‘Strengthening the resilience of the banking sector’) BCBS suggested changes in the following areas:
These changes are now reflected in ‘Basel III’ (introduced in June 2011) and various subsequent measures put forward by BCBS.
2.08 Concerns are often expressed (before and after the Financial Crisis) about whether the ‘architecture’ of the international financial system is sufficiently robust.24 Scepticism has also increased as to the ability of regulatory tools such as requiring more capital and better risk management to provide comprehensive solutions.25 Such concerns and the perceived relationship between operational failures and the expansion of activities of banks into a wide range of financial product areas (p. 36) (especially in the derivative markets), which bear little, if any, resemblance to the commercial banking activities that were the subject of more traditional regulation methods, is an evident stimulus of the regulators’ new determination to require a more focused approach to corporate governance, ‘culture’ and operational risk management. The Financial Crisis has spurred on this determination and broadened the focus to related areas such as the role played by credit rating agencies, the possibility of so-called ‘direct product regulation’ on, for example, credit default swaps, the need for more effective non-executive directors and risk officers and the highly politicized question of executive remuneration (especially bonus structures).
2.09 It is an inevitable consequence of the expanded range of financial activities, the rapidity with which new financial ‘products’ are developed and deployed, and the increased potential for conflicts of interest which results from the new multiplicity of roles of financial institutions that the legal risks involved in the financial markets have become more complex and, potentially, more serious. The regulators have therefore for some time been seeking the establishment of, and are prepared to offer significant financial incentives for, a more proactive risk management function within financial institutions. Post-Financial Crisis, this is now closely related to governance and ‘culture’. The need for sound corporate governance across the board is no longer seen as just a ‘nice to have’.26 The consequences of giving ‘gung-ho’ management a free rein with no effective checks or balances can be catastrophic. Those checks and balances should, in theory, be provided by ‘engaged’ shareholders. In practice, this rarely is the case. So there is a gap to be filled. However good the laws and legal system may be (and however vigilant a bank’s lawyers may be), if corporate behaviour is bad, legal risks will follow. More ‘intrusive’ regulation is therefore likely to involve closer regulatory oversight of the key individuals in financial organizations. The impact of these individuals on ‘culture’ may also be an impact on risk, even systemic risk. But regulatory oversight cannot extend to regulators running the bank in place of the management who are appointed to that role. Certain risks of misbehaviour (ie conduct risk) cannot be eradicated. This is implicit in the nature of ‘trust’: a bank’s management has a number of fiduciary roles. But how effectively do they perform those roles? According to Lee, ‘One of the biggest lessons of the financial crisis is that investment bankers cannot be trusted.’27 If the management is determined, say, to dress up a balance sheet to deceive investors or to bully the General Counsel by threatening to sack him if he does not deliver ‘convenient’ advice, the problem runs deeper than mere ‘risk management’, at least in the conventional (p. 37) sense. The problem will be worse if the bank is in financial difficulties. As the Financial Times proclaimed in its lead Editorial on 13 March 2010, ‘a barely alive bank is an extremely dangerous thing.’
2.10 The philosophy embodied by Basel II placed less reliance upon ‘backward-looking evaluations’ of performance and instead involved much more analysis of what financial institutions themselves regard as significant risks and the appropriate measures to be taken to mitigate and manage them. The Financial Crisis may have shaken confidence in an approach that places such reliance on the banks’ own judgement, however. ‘Better risk management’ is still pleaded for but it no longer seems to be the solution to all ills.(p. 38)
