You’ve heard of ‘too big to fail’—how about ‘too big to manage’?
Such banks (typically G-SIBs) could risk being broken up if they fail to show they are manageable, says Michael Hsu, acting head of the US Office of the Comptroller of the Currency (OCC).
Speaking at a Brookings Institution event in January, Hsu argued that large banks that make repeated regulatory missteps and do nothing to remedy them are implying they are unmanageable and would therefore need to sell off parts of their business.
While such drastic actions would be a last resort, many of Hsu’s concerns could be allayed if banks made better use of data to manage their risk and controls.
Here are five ways Acin can help banks avoid the risk of being deemed ‘too big to manage’.
1. Bad apples or not?
When a significant incident occurs, large banks tend to assume it is an isolated case at the hands of a rogue actor, says Hsu.
More often than not, such incidents are the result of multi-causal and unseen weaknesses that can lay the groundwork for further incidents in the future.
While large banks should instead presume similar risks exist elsewhere, many are unable to perform a quick ‘read across’ to establish the presence of similar vulnerabilities.
How Acin helps
Our platform enables banks to carry out an immediate and detailed read across in every area of their business, from front to back, either as a response to an internal incident or stress-testing scenarios experienced at other banks.
2. Regulators uncover more problems than risk management teams
A sign that banks may be too big to manage is that banking supervisors are uncovering more issues than a bank’s own risk and control function, effectively relying on the regulator as a ‘fourth line of defense’, says Hsu.
How Acin helps
Acin can implement a six-month action plan that absorbs and reconciles a bank’s different operational risks across all departments. The Acin network enables banks to identify evolving threats and react to incidents ahead of any regulatory requests, making Acin the fourth line of defense instead.
3. Senior managers may not be sufficiently engaged
If senior managers don’t take risk seriously (or rely on subjective opinion), then problems can fester, remediation deadlines may be missed and partial efforts to solve the problem may be seen as good enough, says Hsu.
How Acin helps
Acin can provide quantifiable data that can better demonstrate the scale of the problem by benchmarking against their peers—making the concerns harder to ignore. By using Acin data, chairs of risk and audit committees can also better scrutinise decisions and hold senior management to account.
4. Bank mergers can weaken the risk and control function
Many bank mergers seek to take advantage of economies of scale, though in reality many turn out to be messy and complicated, says Hsu.
If integrations are rushed, oversight can slip and alignment between divisions weaken, with business processes becoming fragmented. As a result, risk management and control functions can become diluted, creating gaps where excessive risk taking can flourish.
How Acin helps
Acin can help post-merger banks consolidate a firm-wide multi-divisional view of operational risk and identify new areas of weakness and gaps. The greater number of mergers executed or planned, the more important that consolidated view becomes.
5. Not fixing problems
Banks that repeatedly fail to address problems can be subject to various levels of escalation, including have growth restrictions imposed or being forced to divest parts of the bank. Failing to meet remediation conditions set out by the regulator effectively proves the bank is unmanageable, says Hsu.
Lack of clear planning, evidence of progress and undue delays are usually the main reasons for escalations.
How Acin helps
Acin’s platform can help banks quickly identify data quality issues and control gaps and prioritise areas of focus. Acin can help the change management process and quickly demonstrate progress to regulators, avoiding any drastic penalties.
Set up for success
The threat of too big to manage should not be underestimated. While the OCC has a four-step escalation programme that gives banks ample opportunity to address any failings, banks that don’t have sufficient visibility into their risks and controls data and how they compare to peers are at greater risk of regulatory penalties.
By using Acin’s peer-to-peer network, banks can better monitor their exposure to emerging risks and identify and resolve potential issues before the regulator needs to get involved—avoiding any accusations of being too big to manage.