Enterprise Risk Management (Preview)

20 Part 1 – Concepts and Methods transfer of risks. These negotiable securities are known as mortgage-backed securities. They involve grouping mortgage loans together, and creating different risk-bearing portions (tranches) that are sold separately to other organizations or investors. Investment banks, insurance companies, pension plans and investment funds that are not direct mortgage lenders buy mortgage-backed securities to diversify their investments. Some also use them as collateral for loans that are needed for operating purposes. However, these relatively complex securities and financial structures require that the underlying mortgage loans backing the securities perform in accordance with their value and perceived risks. Most financial services organizations and investors who bought the mortgage-backed securities relied on the credit ratings assigned to these securities by credit rating agencies. However, the ratings were not accurate. 19 During 2007, it became clear that too many subprime mortgages were underperforming and that the homes associated with these mortgages were overvalued. When house prices began to plummet due to foreclosures, the market value of mortgage-backed securities dropped significantly and loans collateralized with these securities were called. Banks and insurance companies had to write-off securities, resulting in large losses and compliance issues related to their equity capital. Financial services organizations lost confidence in the solvency of one another, which affected how they settled transactions. Many lawsuits were filed against organizations alleged to have been deceitful in issuing subprime mortgages, or in creating and selling mortgage-backed securities. Some of these lawsuits are ongoing and may take years to resolve. Government fines to large banks in the United States totaled approximately $110 billion as of March 2016. 20 The organizations that failed had excessive risks and did not have effective risk management practices. The same can be said of all organizations that had to write-off a disproportionate amount of securities relative to their investment portfolios. Senior executives in those organizations were often unaware of the nature and scale of the risks that their organization was assuming, or were unwilling to accept that these risks were excessive. In most cases, adequate structures were not in place for middle managers to raise concerns to chief executives or board members. In some cases, managers who cautioned executives were ignored or silenced. These circumstances denote important flaws in governance and organizational culture. Senior executives were kept in the dark or were motivated by compensation systems that rewarded disproportionate risk taking. The internal control compliance requirements of the Sarbanes-Oxley Act were in place at the time of the financial crisis, however these controls did not prevent the crisis. In 2008, Mr. Ben S. Bernanke, then Chair of the Federal Reserve of the United States, mentioned that risk management weaknesses at global financial services organizations were a significant factor that contributed to the financial crisis. He proposed that regulatory oversight should be strengthened as a solution to help these organizations improve their risk management practices. 21 A survey conducted in 2013 by the Economic Intelligence Unit and sponsored by the global consulting firm Protiviti indicates that only eleven percent of senior executives of large financial services organizations believe that their risk management systems performed well during the financial crisis. 22 The financial crisis of 2007-08 caused one of the worst recession since the Great Depression of the 1930’s. In reference, the crisis is dubbed the Great Recession.