Fed supervisor looks beyond governance guide on risk

Kevin Stiroh

Banks need to combat the risk of bad behavior not just by their boards setting structures and other corporate governance conditions, but also by looking to areas such as effective pushback from internal control teams, according to a senior regulator.

Kevin Stiroh, executive vice president of the Federal Reserve Bank of New York and head of the supervision group for the Second District, tackled the issue of business conduct risk in remarks to a Columbia University event late last month. He noted that the Fed has challenged the financial services industry to tackle a variety of factors he said contributed to recent, widespread misconduct at large firms.

‘These incidents impose real costs in the form of fines, settlements and the diversion of internal resources related to investigation and remediation,’ he told attendees. ‘In addition, there are more difficult-to-measure costs linked to the potential loss of confidence and trust in the firm and the industry. Recurring misconduct poses a real threat to the provision of financial services if customers and counterparties were to pull away from the sector.’

Supervisors can help mitigate these risks by supporting the development of effective internal governance regimes, prudent risk management policies and strong compliance and control structures – all within a framework of effective oversight from the firm’s board of directors, Stiroh said.

For example, the Fed’s December 2012 consolidated supervision framework for large financial institutions describes what Stiroh called the ‘essential components’ of effective corporate governance. It also sets the expectation that a board of directors should establish and maintain a culture, incentives, structure and processes necessary to promote compliance with laws, regulations and supervisory guidance, avoid conflicts of interest and promote the effective management of reputational and legal risks, he added.

This might be framed as ensuring that potential short-term gains are appropriately balanced against the longer-term objectives of serving clients and maximizing value over time, Stiroh continued: ‘In my view, this goes further than the incentives, processes and oversight roles. All of these are necessary, but they are not likely to be sufficient. Firms also need to look at how leadership dimensions drive decisions, whether there is effective challenge from controls functions, how the inevitable mistakes are treated, and how compensation and promotions are determined.’

Ultimately, establishing and maintaining an effective culture with appropriate risk governance and controls is the responsibility of individual firms and the industry, but the government can help highlight best practices, solve collective action problems and drive toward socially desirable outcomes, Stiroh said.