Systemic Vulnerabilities Underscore the Need for a Data Standard

Conquering the contagion of systemic risk has resurfaced as an important aspect of maintaining a stable financial system. The failures this year of Silicon Valley Bank, Signature Bank and First Republic Bank in the U.S., and Credit Suisse of Switzerland – a systemically important financial institution (SIFI) – drew us close to the edge once again.

The need for identifying build-ups of systemic risk across the global financial system grew out of the Lehman Brothers bankruptcy, a precipitating event of the 2008 crisis. Multiple forums were subsequently created to deliberate on causes of the crisis and its cure. Congressional hearings, private and public sector deliberations, government-sponsored consultations, and domestic and global legislation and regulations followed. A common theme was to solve the systemic risk problem that engulfed the global financial system. The most recent episode of collapsing banks suggests that we have not yet solved the problem.

Systemic risk is the risk of a breakdown of an entire financial system through cascading failures of interdependent financial market participants and their common clients. Academics, regulators, state actors and industry practitioners have all agreed that observing this risk in a timely manner would require a granular view of financial transactions that accumulate incrementally into troublesome positions causing increasingly elevated risk exposures.

A “systemic risk problem” remains unsolved, Allan Grody writes.

During the last global crisis, these heightened risk exposures were transmitted as a network effect from Lehman to counterparties through financial instruments that were collectively over-leveraged and exposed to default.

In 2023, systemic risks were transmitted through the flight of deposits occurring in near real time and through over-concentrated lending to counterparties in failing crypto markets and collapsing commercial real estate markets.

Across Silos and Enterprises

A further consensus has emerged that in order to have a granular view of financial transactions, commonly defined transaction-level data would need to be aggregated across the organizational hierarchies of trade counterparties and their financial intermediaries. This is necessary to understand entity interdependencies for meaningful and timely input for systemic risk analysis.

Regulators and financial industry participants would require a concerted, long-term global effort to standardize transaction data for aggregation between silos of businesses within a single enterprise and aggregated across multiple enterprises. Regulatory data transmissions from multiple financial institutions to their regulators would then allow meaningful systemic risk analysis. 

This data standardization and transaction aggregation requirement led to the world’s first financial industry-government-private sector technology partnership, the Global Legal Entity Identifier Foundation. GLEIF is establishing global data standards for common identification of entities participating in financial markets. No less an organization than the G-20 and Financial Stability Board were involved in initiating this effort in 2012.

In the decade since, the legal entity identifier (LEI) initiative has resulted in the establishment of a number of new code standards, expansion of existing code standards, and a number of globally federated data storage utilities for warehousing standardized financial transactions. Key to standardization was the establishment of the LEI as a unique, unambiguous and universal code for every registered financial market participant.

Reference data associated with the LEIs would point to other registered LEIs that represented those legal entities’ direct reporting parent, and also to its ultimate reporting parent. Thus, hierarchies of ownership and control would be established to allow for the aggregation of the risks associated within and between financial institutions and their clients globally.

Aggregation of Codes

The LEI, embedded in each transaction, would be the linchpin of aggregation for risk analysis. When left to the real-time processing power of computers and nanosecond network speeds, financial transactions containing LEIs and other standard codes – the Unique Transaction Identifier (UTI)  and the Unique Product Identifier (UPI); and the newly expanded International Securities Identification Number (ISIN), Market Identification Code (MIC) and Classification of Financial Instruments (CFI) code – would be used to aggregate data for systemic risk analysis.

A U.S. Treasury Office of Financial Research map shows Legal Entity Identifier issuance by country.

The blueprint for financial-system data standards is by far the most successful example of a global financial industry-government-private sector technology partnership. Notwithstanding this success, it is what remains to be done that presents a significant challenge to its continued success.

At this time, registrants of LEIs are permitted many exceptions to registering organizational hierarchies – the ultimate parent and intermediate-child LEIs – while only identifying them in hierarchical constructs adhering to accounting standards, not risk management standards.

Meanwhile, another government-private sector initiative is promoting a framework laid out by the Basel Committee on Banking Supervision, known as BCBS 239. Initially defining principles of risk data aggregation for 30 global systemically important banks (G-SIBs), to be followed thereafter by a broader industrywide implementation, the BCBS determined that many banks lacked the ability to aggregate risk exposures and identify concentrations quickly and accurately at the group level, across business lines and between legal entities. Further, the supervisory body found that banks were unable to manage their risks properly because of weak risk data aggregation capabilities and reporting practices.

Filling the Metrics Gap

BCBS 239 generated new and significant demands for data standards and technology reengineering. The principles call for collecting and aggregating financial data from G-SIBs.

Data aggregation remains a key to effective risk analysis. If implemented fully it would provide insights into risks posed by the systemically critical banks. The LEI and its hierarchical parent relationship structures is an essential pillar of such aggregation. However, none of the G-SIBs are fully compliant with the BCBS 239 principles, amounting to a stalled work in progress, according to the latest updated report on the implementation of the principles.

Since the financial crisis, regulators’ awareness of the devastating effects of systemic risk became front-and-center. It precipitated a race to develop metrics to measure and monitor this phenomenon, notwithstanding the longer-term goals embodied in the GLEIF and BCBS 239 initiatives.

Regulators, fulfilling a more immediate need to monitor systemic risk, have embraced proxy metrics, not dissimilar to the ways in which financial institutions have calculated their internal risk and reported it to their regulators.

For systemic risk analysis, additional risk factors were devised to augment metrics for capital calculations. Most such systemic risk measures had a focus on the mechanism by which standard capital calculations can be adjusted to observe undercapitalization of the SIFIs that set off the financial crisis.

Capital Is Key

The key metric, both for internal risk and now for systemic risk, is based on capital. Most metrics developed to date ultimately monitor the amount of capital needed and the rate of capital depletion before a financial institution will fail. In these calculations, inputs include the key risk factors of  volatility, leverage, liquidity and correlations amongst financial assets.

It also includes credit exposures and concentration risk factors. These measures are combined with extensions for systemic risk, such as size (some metrics use total exposures, others market value), complexity (value of derivatives and tradeable and hard-to-value assets) and interconnectedness (liabilities held by others, securities issued).

Thereafter, scenario analysis using a range of changes in economic measures creates a reasonable assessment of the rate of capital depletion that can be estimated by firm, by country, by economic region and in total. See, for example, the Office of Financial Research Bank Systemic Risk Monitor and the V-Lab associated with the Volatility and Risk Institute.

These techniques, however, are lagging measures of systemic risk, not a proactive means for viewing the contagion of systemic risk surfacing, or building up incrementally toward intolerable levels. This was the case with Lehman Brothers and, more recently, with Silicon Valley Bank, Signature Bank, First Republic Bank and Credit Suisse. However, the goal still remains transaction-level reporting using GLEIF’s data standards within BCBS’s risk data aggregation reporting principles, ultimately permitting real-time systemic risk analysis.

Allan D. Grody (agrody@financialintergroup.com) is president and founder of Financial InterGroup. He was founder and partner-in-charge of what was then Coopers & Lybrand's Financial Services Consulting Practice, and has authored many papers and articles on the theme of financial industry change brought about by the intersecting innovations of risk management, data management and technology.