When terrorists attacked the World Trade Center on September 11, 2001, they also attacked the U.S. financial system. In addition to destroying critical financial infrastructure, the collapse of the twin towers closed the New York Stock Exchange and disrupted the payments system that links U.S. intermediaries, threatening to shut down banks, ATM machines and credit card operations across the country. Only extraordinary intervention by the Federal Reserve kept the system afloat (see, for example, Rosengren).
We have long argued that financial stability is a vital common resource (see here). As ECB Board member Cœuré suggests in the opening quote, the same applies to financial cybersecurity—the protection of financial information and communications technologies (ICT) and their associated networks from failures and attacks. The events of 9/11 and their aftermath dramatically highlighted the link between stability and cybersecurity. Moreover, because our financial system is so deeply reliant on ICT and on large, global networks, these two objectives are more closely linked than ever before: ensuring one means guarding the other.
In this post, we highlight the pervasiveness of cyberthreats as a source of operational risk in finance. Consistent with the Presidential Policy Directive 21 and a recent Presidential Executive Order aimed at strengthening cybersecurity, the U.S. government has designated financial services infrastructure as critical to national and economic security (see here). Nevertheless, numerous challenges—ranging from the availability of reliable data to the ever-changing nature of the attacks themselves—make the goal of safeguarding financial ICT networks very difficult. To be effective, cybersecurity efforts require mechanisms for preventing successful attacks, limiting their impact, and promoting quick, reliable recovery. Reducing vulnerability and contagion while boosting cyberresilience is a very tall order…. Read More
Many features of our financial system—institutions like banks and insurance companies, as well as the configuration of securities markets—are a consequence of legal conventions (the rules about property rights and taxes) and the costs associated with obtaining and verifying information. When we teach money and banking, three concepts are key to understanding the structure of finance: adverse selection, moral hazard, and free riding. The first two arise from asymmetric information, either before (adverse selection) or after (moral hazard) making a financial arrangement (see our earlier primers here and here).
This primer is about the third concept: free riding. Free riding is tied to the concept of a public good, so we start there. Then, we offer three examples where free riding plays a key role in the organization of finance: credit ratings; schemes like the Madoff scandal; and efforts to secure financial stability more broadly.... Read More
Recent disasters—both natural and man-made—prompt us to reflect on the relationship between operational risk and financial stability. Severe weather in sensitive locations, such as Hurricane Irma in Florida, raises questions about the resilience of the financial infrastructure. The extraordinary breach at Equifax highlights the public goods aspect of data protection, with potential implications for the availability of household credit.
At this stage, it’s important to pose the right questions about these operational shocks and, over time, to draw the right lessons. We expect that systemic financial intermediaries’ risk managers, members of their boards, their regulators, and their ultimate legislative overseers are currently in the midst of an intensive review of exposures (and that of the financial system as a whole) to these risks.
So, what is operational risk (OR)? The Basel Committee for Banking Supervision (BCBS) defines OR as “the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events”.... Read More
“We have listened to the wisdom of an old Russian maxim, doveryai, no proveryai—trust, but verify.” President Ronald Reagan at the signing of the INF Treaty, December 8, 1987.
In July 2010, central bank governors and supervisors from the 28 jurisdictions that make up the Basel Committee membership were hammering out the agreement on new capital and liquidity requirements now known as Basel III. There was a large sticking point. Some members were standing firm on their desire to have higher capital requirements. Others felt that this would make credit more expensive and less plentiful.
Had agreement not been reached, those insisting on more capital might have said: “Go ahead, be permissive. But if you let your banks operate with low levels of capital, we’ll restrict our banks from doing business with them.” Fortunately, it didn’t come to that.... Read More