Enterprise Risk Management (Preview)

Chapter 1 – Risk Management Awareness 21 Dodd-Frank Act of 2010 In response to the financial crisis, the United States Congress enacted the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act). The purpose of this legislation is to promote the stability of the United States financial system by improving accountability and transparency, ensuring the viability of financial organizations, and protecting consumers from abusive financial services practices. 23 The Dodd-Frank Act is a complex legislation primarily focused on strengthening regulations applicable to the financial services industry, although some requirements also apply to publicly-traded companies at large. All financial services organizations operating in the United States, and companies publicly-traded in the United States are subject to the legislation. The Dodd-Frank Act expands or clarifies the scope of responsibilities of regulators such as the Federal Reserve, the Securities and Exchange Commission, and the Commodity Futures Trading Commission. In addition, the legislation mandates the Financial Stability Oversight Council to identify and address systemic financial risks. It also mandates the Bureau of Consumer Financial Protection to regulate financial products and services. The Dodd-Frank Act directs all of these regulators to develop rules that address the causes of the financial crisis. It also aims to ensure that financial services organizations do not require government assistance if they experience difficulties. The Dodd-Frank Act impacts governance and risk management mainly in the following areas: Financial Services Organizations • Contingency – Financial services organizations with assets exceeding $50 billion are subject to higher liquidity and equity capital requirements. They must also submit a resolution plan for unwinding their operations in the event of distress or failure. • Stress testing – Stress tests must be conducted by financial services organizations in accordance with guidelines set by regulators. These tests measure the capacity of organizations to absorb losses. Regulators need to analyze the test results. • Risk committees – Financial services organizations with total assets exceeding $10 billion need to establish a risk committee at the board level. The committee is responsible for the oversight of risk management practices within the organization. The committee must include at least one risk management expert with experience in identifying, assessing and managing risk exposures in large complex firms. • Mortgage lending – Mortgage lenders are subject to new regulations ensuring that mortgages are not granted to individuals who lack a reasonable ability to pay. Mortgages cannot have predatory characteristics, excessive fees or abusive terms. • Securitization – Issuers and sellers of asset-backed securities must retain at least five percent of the credit risk of the securities that they sell, and they are not allowed to hedge that credit risk. They also need to disclose better information to investors. 24 Publicly-Traded Companies • Compensation level – Shareholders must have a non-binding (advisory) vote on the compensation of the chief executive officer (CEO) at least once every three years. Companies need to disclose how the compensation of the CEO compares with the performance of the organization and with the median compensation of employees.