Download P a g e 1

Page |1
International Association of Risk and Compliance
Professionals (IARCP)
1200 G Street NW Suite 800 Washington, DC 20005-6705 USA
Tel: 202-449-9750 www.risk-compliance-association.com
Top 10 risk and compliance management related news stories
and world events that (for better or for worse) shaped the
week's agenda, and what is next
Dear Member,
When I decided to spend the entire day at the
beach, I couldn't imagine that I will have no time
to swim. Early in the morning, sitting under a
sun umbrella with my feet in the sand, I started
reading the new US Department of Defense Law
or War Manual, especially the part that is
covering Cyber Operations and the application
of the Law of War to Cyber Operations. It was
such an amazing reading, and it is so
important for risk management.
It addresses how law of war principles
and rules apply to relatively novel cyber
capabilities and the cyber domain.
As a doctrinal matter, DoD has
recognized cyberspace as an operational
domain in which the armed forces must
be able to defend and operate, just like
the land, sea, air, and space domains.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
Page |2
Cyberspace may be defined as “[a] global domain within the information
environment consisting of interdependent networks of information
technology infrastructures and resident data, including the Internet,
telecommunications networks, computer systems, and embedded
processors and controllers.”
Cyber operations include those operations that use computers to disrupt,
deny, degrade, or destroy information resident in computers and computer
networks, or the computers and networks themselves.
Cyber operations can be a form of advance force operations, which precede
the main effort in an objective area in order to prepare the objective for the
main assault.
For example, cyber operations may include reconnaissance (e.g., mapping a
network), seizure of supporting positions (e.g., securing access to key
network systems or nodes), and pre-emplacement of capabilities or
weapons (e.g., implanting cyber access tools or malicious code).
In addition, cyber operations may be a method of acquiring foreign
intelligence unrelated to specific military objectives, such as understand
technological developments or gaining information about an adversary’s
military capabilities and intent.
Article 2(4) of the Charter of the United Nations states that “[a]ll Members
shall refrain in their international relations from the threat or use of force
against the territorial integrity or political independence of any state, or in
any other manner inconsistent with the Purposes of the United Nations.”
Cyber operations may in certain circumstances constitute uses of force
within the meaning of Article 2(4) of the Charter of the United Nations and
customary international law.
For example, if cyber operations cause effects that, if caused by traditional
physical means, would be regarded as a use of force under jus ad bellum,
then such cyber operations would likely also be regarded as a use of force.
Such operations may include cyber operations that:
(1) trigger a nuclear plant meltdown;
(2) open a dam above a populated area, causing destruction; or
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
Page |3
(3) disable air traffic control services, resulting in airplane crashes.
Similarly, cyber operations that cripple a military’s logistics systems, and
thus its ability to conduct and sustain military operations, might also be
considered a use of force under jus ad bellum.
Other factors, besides the effects of the cyber operation, may also be
relevant to whether the cyber operation constitutes a use of force under jus
ad bellum.
Cyber operations that constitute uses of force within the meaning of Article
2(4) of the Charter of the United Nations and customary international law
must have a proper legal basis in order not to violate jus ad bellum
prohibitions on the resort to force.
Read more at Number 1 below.
Welcome to the Top 10 list.
Best Regards,
George Lekatis
President of the IARCP
General Manager, Compliance LLC
1200 G Street NW Suite 800,
Washington DC 20005, USA
Tel: (202) 449-9750
Email: [email protected]
Web: www.risk-compliance-association.com
HQ: 1220 N. Market Street Suite 804,
Wilmington DE 19801, USA
Tel: (302) 342-8828
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
Page |4
Cyber Operations
US Department of Defense, Law or War Manual
This Chapter addresses the law of war and cyber
operations.
It addresses how law of war principles and rules apply to relatively novel
cyber capabilities and the cyber domain.
On the centrality of the current account in
international economics
Keynote speech by Mr Claudio Borio, Head of
Monetary and Economic Department of the BIS, at the
ECB-Central Bank of Turkey conference "Balanced and
sustainable growth - operationalising the G20
framework", Frankfurt,
The current account occupies a central position in international economics
and policy debates.
Indeed, in G20 policy debates the term "global imbalances" is treated as
almost synonymous with "current account imbalances".
Macroprudential policy - from Tiberius to
Crockett and beyond
Speech by Sir Jon Cunliffe, Deputy Governor for
Financial Stability of the Bank of England, at
TheCityUK, London
Historians still argue about the exact causes of the
financial crash of AD 33 that rocked the Roman Empire.
The commentators of the day did not unfortunately have, let alone record,
the vast amounts of data that we have become used to today.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
Page |5
Assessing the new phase of unconventional
monetary policy at the European Central Bank
Panel remarks by Mr Vítor Constâncio, Vice-President
of the European Central Bank, at the Annual Congress
of the European Economic Association, University of
Mannheim
It is a great pleasure to participate in this policy panel and to share the stage
with such distinguished fellow participants.
My plan today is to present some key features of the monetary policy
measures recently implemented by the ECB.
As you all know, in January this year the ECB launched the most recent
addition to its suite of tools – the public sector purchase programme
(PSPP), popularly referred to as quantitative easing.
Australian Prudential Regulation
Authority (APRA)
Letter to industry (August 2015)
The review of board requirements
On 7 October 2014, APRA released a letter noting its intent to review the
clarity of its requirements of boards in the prudential standards and
supporting guidance materials.
The letter noted that in conducting this review, APRA would seek to ensure
that its requirements of boards are communicated in a way that clearly
recognises the respective roles of the board and management.
The consultation closed on 30 November 2014. Ten submissions were
received in response, four of which are non-confidential.Submissions were
widely supportive of the review and identified a number of areas for
improvement in relation to the clarity of APRA’s board requirements.
This letter summarises the key issues from submissions, responds to the
main issues and outlines the process planned for the review.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
Page |6
If You See Something, Say Something
Campaign
Occupational pensions stress test
Stress tests are an important supervisory tool
to examine the sensitivity of the occupational
pensions sector to adverse market
developments and to reach robust conclusions
for the stability of the financial system as a whole and to enhance consumer
protection.
The aim of the exercise in 2015 is to test the resilience of defined benefit
(DB) and hybrid pension schemes against adverse market scenarios and
increase in life expectancy as well as to identify potential vulnerabilities of
defined contribution (DC) schemes.
Official directory of the European Union
Renminbi and China's global future
Keynote address by Dr Zeti Akhtar Aziz, Governor of
the Central Bank of Malaysia (Bank Negara Malaysia),
at the HSBC Reminbi Forum "Renminbi and China's
Global Future", Kuala Lumpur
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
Page |7
Dodd-Frank at Five: A Capital Markets Swan
Song
Commissioner Daniel M. Gallagher
U.S. Chamber of Commerce, Washington, D.C.
“This will likely be my last formal speech as an SEC Commissioner, and I
can think of no better audience than the Chamber’s Center for Capital
Markets Competitiveness.”
“Last month marked the fifth anniversary of the Dodd-Frank Act, meaning
that my entire tenure as a Commissioner has occurred in the midst of the
first Five-Year Plan for our national economy.
And, as is always the case with grandiose central plans, Dodd-Frank has
backfired, strangling our economy, increasing the fragility of the financial
system, and politicizing our independent financial regulators.”
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
Page |8
Cyber Operations
US Department of Defense, Law or War Manual
XVI – Cyber Operations
Chapter Contents
16.1 Introduction
16.2 Application of the Law of War to Cyber Operations
16.3 Cyber Operations and Jus ad Bellum
16.4 Cyber Operations and the Law of Neutrality
16.5 Cyber Operations and Jus in Bello
16.6 Legal Review of Weapons That Employ Cyber Capabilities
16.1 INTRODUCTION
This Chapter addresses the law of war and cyber operations.
It addresses how law of war principles and rules apply to relatively novel
cyber capabilities and the cyber domain.
As a matter of U.S. policy, the United States has sought to work
internationally to clarify how existing international law and norms,
including law of war principles, apply to cyber operations. ((1) below)
Precisely how the law of war applies to cyber operations is not well-settled,
and aspects of the law in this area are likely to continue to develop,
especially as new cyber capabilities are developed and States determine
their views in response to such developments. ((2) below)
{(1) See, e.g., United States Submission to the U.N. Group of
Governmental Experts on Developments in the Field of Information and
Telecommunications in the Context of International Security (2014–15),
(“But the challenge is not whether existing international law applies to State
behavior in cyberspace.
As the 2012–13 GGE affirmed, international law does apply, and such law is
essential to regulating State conduct in this domain.
The challenge is providing decision-makers with considerations that may
be taken into account when determining how existing international law
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
Page |9
applies to cyber activities.
Despite this challenge, history has shown that States, through consultation
and cooperation, have repeatedly and successfully applied existing bodies
of law to new technologies.
It continues to be the U.S. view that all States will benefit from a stable
international ICT [information and communication technologies]
environment in which existing international law is the foundation for
responsible State behavior in cyberspace.”); Barack Obama, International
Strategy for Cyberspace: Prosperity, Security, and Openness in a
Networked World, (May 2011) (“The development of norms for state
conduct in cyberspace does not require a reinvention of customary
international law, nor does it render existing international norms obsolete.
(2) Department of Defense, Office of the General Counsel, An Assessment of
International Legal Issues in Information Operations (2nd ed., Nov.
1999), reprinted in 76 U.S. NAVAL WAR COLLEGE INTERNATIONAL
LAW STUDIES 459, 464-65 (2002) (“The international community
ordinarily does not negotiate treaties to deal with problems until their
consequences have begun to be felt.
This is not all bad, since the solution can be tailored to the actual problems
that have occurred, rather than to a range of hypothetical possibilities.
One consequence, however, is that the resulting law, whether domestic or
international, may be sharply influenced by the nature of the events that
precipitate legal developments, together with all their attendant policy and
political considerations. … Similarly, we can make some educated guesses
as to how the international legal system will respond to information
operations, but the direction that response actually ends up taking may
depend a great deal on the nature of the events that draw the nations’
attention to the issue.
If information operations techniques are seen as just another new
technology that does not greatly threaten the nations’ interests, no dramatic
legal developments may occur.
If they are seen as a revolutionary threat to the security of nations and the
welfare of their citizens, it will be much more likely that efforts will be made
to restrict or prohibit information operations by legal means.
These are considerations that national leaders should understand in
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 10
making decisions on using information operations techniques in the
current formative period, but it should also be understood that the course
of future events is often beyond the control of statesmen.”).}
Long-standing international norms guiding state behavior—in times of
peace and conflict—also apply in cyberspace.
Nonetheless, unique attributes of networked technology require additional
work to clarify how these norms apply and what additional understandings
might be necessary to supplement them.
We will continue to work internationally to forge consensus regarding how
norms of behavior apply to cyberspace, with the understanding that an
important first step in such efforts is applying the broad expectations of
peaceful and just interstate conduct to cyberspace.”); DEPARTMENT OF
DEFENSE, Department of Defense Cyberspace Policy Report: A Report to
Congress Pursuant to the National Defense Authorization Act for Fiscal
Year 2011, Section 934, 7-8 (Nov. 2011) (“The United States is actively
engaged in the continuing development of norms of responsible state
behavior in cyberspace, making clear that as a matter of U.S. policy,
long-standing international norms guiding state behavior also apply equally
in cyberspace.
Among these, applying the tenets of the law of armed conflict are critical to
this vision, although cyberspace’s unique aspects may require clarifications
in certain areas.”).
16.1.1 Cyberspace as a Domain.
As a doctrinal matter, DoD has recognized cyberspace as an operational
domain in which the armed forces must be able to defend and operate, just
like the land, sea, air, and space domains. ((3) below).
Cyberspace may be defined as “[a] global domain within the information
environment consisting of interdependent networks of information
technology infrastructures and resident data, including the Internet,
telecommunications networks, computer systems, and embedded
processors and controllers.” ((4) below)
{(3) William J. Lynn III, Deputy Secretary of Defense, Defending a New
Domain: The Pentagon’s Cyberstrategy, 89 FOREIGN AFFAIRS 97, 101
(Sept./Oct. 2010) (“As a doctrinal matter, the Pentagon has formally
recognized cyberspace as a new domain of warfare.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 11
Although cyberspace is a man-made domain, it has become just as critical
to military operations as land, sea, air, and space.
As such, the military must be able to defend and operate within it.”).
(4) JOINT PUBLICATION 3-12, Cyberspace Operations, GL-4 (Feb. 5,
2013) (“(U) Cyberspace. A global domain within the information
environment consisting of interdependent networks of information
technology infrastructures and resident data, including the Internet,
telecommunications networks, computer systems, and embedded
processors and controllers.”).}
16.1.2 Description of Cyber Operations.
Cyberspace operations may be understood to be those operations that
involve “[t]he employment of cyberspace capabilities where the primary
purpose is to achieve objectives in or through cyberspace.”
Cyber operations:
(1) use cyber capabilities, such as computers, software tools, or networks;
and
(2) have a primary purpose of achieving objectives or effects in or through
cyberspace.
16.1.2.1 Examples of Cyber Operations.
Cyber operations include those operations that use computers to disrupt,
deny, degrade, or destroy information resident in computers and computer
networks, or the computers and networks themselves.
Cyber operations can be a form of advance force operations, which precede
the main effort in an objective area in order to prepare the objective for the
main assault.
For example, cyber operations may include reconnaissance (e.g., mapping a
network), seizure of supporting positions (e.g., securing access to key
network systems or nodes), and pre-emplacement of capabilities or
weapons (e.g., implanting cyber access tools or malicious code).
In addition, cyber operations may be a method of acquiring foreign
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 12
intelligence unrelated to specific military objectives, such as understand
technological developments or gaining information about an adversary’s
military capabilities and intent.
16.1.2.2 Examples of Operations That Would Not Be Regarded as
Cyber Operations.
Cyber operations generally would not include activities that merely use
computers or cyberspace without a primary purpose of achieving objectives
or effects in or through cyberspace.
For example, operations that use computer networks to facilitate command
and control, operations that use air traffic control systems, and operations
to distribute information broadly using computers would generally not be
considered cyber operations.
Operations that target an adversary’s cyberspace capabilities, but that are
not achieved in or through cyberspace, would not be considered cyber
operations.
For example, the bombardment of a network hub, or the jamming of
wireless communications, would not be considered cyber operations, even
though they may achieve military objectives in cyberspace.
16.1.3 Cyber Operations – Notes on Terminology.
DoD doctrine and terminology for cyber operations continue to develop.
16.1.3.1 “Cyber” Versus “Cyberspace” as an Adjective.
The terms “cyber” and “cyberspace” when used as an adjective (e.g., cyber
attack, cyber defense, cyber operation) are generally used interchangeably.
16.1.3.2 Cyber Attacks or Computer Network Attacks.
The term “attack” often has been used in a colloquial sense in discussing
cyber operations to refer to many different types of hostile or malicious
cyber activities, such as the defacement of websites, network intrusions, the
theft of private information, or the disruption of the provision of internet
services.
Operations described as “cyber attacks” or “computer network attacks,”
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 13
therefore, are not necessarily “attacks” for the purposes of applying rules on
conducting attacks during the conduct of hostilities.
Similarly, operations described as “cyber attacks” or “computer network
attacks” are not necessarily “armed attacks” for the purposes of triggering a
State’s inherent right of selfdefense under jus ad bellum.
16.2 APPLICATION OF THE LAW OF WAR TO CYBER
OPERATIONS
Specific law of war rules may apply to cyber operations, even though those
rules were developed before cyber operations were possible.
When no more specific law of war rule or other applicable rule applies, law
of war principles provide a general guide for conduct during cyber
operations in armed conflict.
16.2.1 Application of Specific Law of War Rules to Cyber
Operations.
Specific law of war rules may be applicable to cyber operations, even though
these rules were developed long before cyber operations were possible.
The law of war affirmatively anticipates technological innovation and
contemplates that its existing rules will apply to such innovation, including
cyber operations.
{Harold Hongju Koh, Legal Adviser, Department of State, International
Law in Cyberspace: Remarks as Prepared for Delivery to the
USCYBERCOM Inter-Agency Legal Conference (Sept. 18, 2012), reprinted
in 54 HARVARD INTERNATIONAL LAW JOURNAL ONLINE, 3 (Dec.
2012) (“Cyberspace is not a ‘law-free’ zone where anyone can
conduct hostile activities without rules or restraint. Think of it this
way.
This is not the first time that technology has changed and that international
law has been asked to deal with those changes.
In particular, because the tools of conflict are constantly evolving, one
relevant body of law—international humanitarian law, or the law of armed
conflict—affirmatively anticipates technological innovation, and
contemplates that its existing rules will apply to such innovation.”).}
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 14
Law of war rules may apply to new technologies because the rules often are
not framed in terms of specific technological means.
For example, the rules on conducting attacks do not depend on what type of
weapon is used to conduct the attack.
Thus, cyber operations may be subject to a variety of law of war rules
depending on the rule and the nature of the cyber operation.
For example, if the physical consequences of a cyber attack constitute the
kind of physical damage that would be caused by dropping a bomb or firing
a missile, that cyber attack would equally be subject to the same rules that
apply to attacks using bombs or missiles.
{Harold Hongju Koh, Legal Adviser, Department of State, International
Law in Cyberspace: Remarks as Prepared for Delivery to the
USCYBERCOM Inter-Agency Legal Conference (Sept. 18, 2012), reprinted
in 54 HARVARD INTERNATIONAL LAW JOURNAL ONLINE, 3-4 (Dec.
2012) (“In analyzing whether a cyber operation would constitute a use of
force, most commentators focus on whether the direct physical injury and
property damage resulting from the cyber event looks like that which would
be considered a use of force if produced by kinetic weapons.
For example, cyber activities that proximately result in death, injury, or
significant destruction would likely be viewed as a use of force. … Only a
moment’s reflection makes you realize that this is common sense: if the
physical consequences of a cyber attack work the kind of physical damage
that dropping a bomb or firing a missile would, that cyber attack should
equally be considered a use of force.”).}
Cyber operations may pose challenging legal questions because of the
variety of effects they can produce.
For example, cyber operations could be a non-forcible means or method of
conducting hostilities (such as information gathering), and would be
regulated as such under rules applicable to non-forcible means and
methods of warfare.
Other cyber operations could be used to create effects that amount to an
attack and would be regulated under the rules on conducting attacks.
Moreover, another set of challenging issues may arise when considering
whether a particular cyber operation might be regarded as a seizure or
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 15
destruction of enemy property and should be assessed as such.
16.2.2 Application of Law of War Principles as a General Guide to
Cyber Operations.
When no specific rule applies, the principles of the law of war form the
general guide for conduct during war, including conduct during cyber
operations.
For example, under the principle of humanity, suffering, injury, or
destruction unnecessary to accomplish a legitimate military purpose must
be avoided in cyber operations.
Certain cyber operations may not have a clear kinetic parallel in terms of
their capabilities and the effects they create.
Such operations may have implications that are quite different from those
presented by attacks using traditional weapons, and those different
implications may well yield different conclusions.
{Harold Hongju Koh, Legal Adviser, Department of State, International
Law in Cyberspace: Remarks as Prepared for Delivery to the
USCYBERCOM Inter-Agency Legal Conference (Sept. 18, 2012), reprinted
in 54 HARVARD INTERNATIONAL LAW JOURNAL ONLINE, 7 (Dec.
2012) (“I have also noted some clear-cut cases where the physical effects of
a hostile cyber action would be comparable to what a kinetic action could
achieve: for example, a bomb might break a dam and flood a civilian
population, but insertion of a line of malicious code from a distant
computer might just as easily achieve that same result.
As you all know, however, there are other types of cyber actions that do not
have a clear kinetic parallel, which raise profound questions about exactly
what we mean by ‘force.’”).
Department of Defense, Office of the General Counsel, An Assessment of
International Legal Issues in Information Operations (2nd ed., Nov.
1999), reprinted in 76 U.S. NAVAL WAR COLLEGE INTERNATIONAL
LAW STUDIES 459, 490 (2002) (“In the process of reasoning by analogy to
the law applicable to traditional weapons, it must always be kept in mind
that computer network attacks are likely to present implications that are
quite different from the implications presented by attacks with traditional
weapons.
These different implications may well yield different conclusions.”).}
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 16
16.3 CYBER OPERATIONS AND JUS AD BELLUM
Cyber operations may present issues under the law of war governing the
resort to force (i.e., jus ad bellum).
16.3.1 Prohibition on Cyber Operations That Constitute Illegal
Uses of Force Under Article 2(4) of the Charter of the United
Nations.
Article 2(4) of the Charter of the United Nations states that “[a]ll Members
shall refrain in their international relations from the threat or use of force
against the territorial integrity or political independence of any state, or in
any other manner inconsistent with the Purposes of the United Nations.”
Cyber operations may in certain circumstances constitute uses of force
within the meaning of Article 2(4) of the Charter of the United Nations and
customary international law.
For example, if cyber operations cause effects that, if caused by traditional
physical means, would be regarded as a use of force under jus ad bellum,
then such cyber operations would likely also be regarded as a use of force.
Such operations may include cyber operations that:
(1) trigger a nuclear plant meltdown;
(2) open a dam above a populated area, causing destruction; or
(3) disable air traffic control services, resulting in airplane crashes.
Similarly, cyber operations that cripple a military’s logistics systems, and
thus its ability to conduct and sustain military operations, might also be
considered a use of force under jus ad bellum.
Other factors, besides the effects of the cyber operation, may also be
relevant to whether the cyber operation constitutes a use of force under jus
ad bellum.
Cyber operations that constitute uses of force within the meaning of Article
2(4) of the Charter of the United Nations and customary international law
must have a proper legal basis in order not to violate jus ad bellum
prohibitions on the resort to force.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 17
{Department of Defense, Office of the General Counsel, An Assessment of
International Legal Issues in Information Operations (2nd ed., Nov.
1999), reprinted in 76 U.S. NAVAL WAR COLLEGE INTERNATIONAL
LAW STUDIES 459, 483 (2002) (“Even if the systems attacked were
unclassified military logistics systems, an attack on such systems might
seriously threaten a nation’s security.
For example, corrupting the data in a nation’s computerized systems for
managing its military fuel, spare parts, transportation, troop mobilization,
or medical supplies may seriously interfere with its ability to conduct
military operations. In short, the consequences are likely to be more
important than the means used.”).
Harold Hongju Koh, Legal Adviser, Department of State, International
Law in Cyberspace: Remarks as Prepared for Delivery to the
USCYBERCOM Inter-Agency Legal Conference (Sept. 18, 2012), reprinted
in 54 HARVARD INTERNATIONAL LAW JOURNAL ONLINE, 4 (Dec.
2012) (“In assessing whether an event constituted a use of force in or
through cyberspace, we must evaluate factors including the context of the
event, the actor perpetrating the action (recognizing challenging issues of
attribution in cyberspace), the target and location, effects and intent,
among other possible issues.”).}
16.3.2 Peacetime Intelligence and Counterintelligence Activities.
International law and long-standing international norms are applicable to
State behavior in cyberspace, and the question of the legality of peacetime
intelligence and counterintelligence activities must be considered on a
case-by-case basis.
Generally, to the extent that cyber operations resemble traditional
intelligence and counter-intelligence activities, such as unauthorized
intrusions into computer networks solely to acquire information, then such
cyber operations would likely be treated similarly under international law.
The United States conducts such activities via cyberspace, and such
operations are governed by long-standing and well-established
considerations, including the possibility that those operations could be
interpreted as a hostile act.
16.3.3 Responding to Hostile or Malicious Cyber Operations.
A State’s inherent right of self-defense, recognized in Article 51 of the
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 18
Charter of the United Nations, may be triggered by cyber operations that
amount to an armed attack or imminent threat thereof.
As a matter of national policy, the United States has expressed the view that
when warranted, it will respond to hostile acts in cyberspace as it would to
any other threat to the country.
Measures taken in the exercise of the right of national self-defense in
response to an armed attack must be reported immediately to the U.N.
Security Council in accordance with Article 51 of the Charter of the United
Nations.
{Harold Hongju Koh, Legal Adviser, Department of State, International
Law in Cyberspace: Remarks as Prepared for Delivery to the
USCYBERCOM Inter-Agency Legal Conference (Sept. 18, 2012), reprinted
in 54 HARVARD INTERNATIONAL LAW JOURNAL ONLINE, 4 (Dec.
2012) (“Question 4: May a state ever respond to a computer network
attack by exercising a right of national self-defense?
Answer 4: Yes. A state’s national right of self-defense, recognized
in Article 51 of the UN Charter, may be triggered by computer
network activities that amount to an armed attack or imminent
threat thereof.”);
Barack Obama, International Strategy for Cyberspace: Prosperity,
Security, and Openness in a Networked World, 10 (May 2011) (“Right of
Self-Defense: Consistent with the United Nations Charter, states have an
inherent right to self-defense that may be triggered by certain aggressive
acts in cyberspace.”).
Barack Obama, International Strategy for Cyberspace: Prosperity,
Security, and Openness in a Networked World, 14 (May 2011) (“When
warranted, the United States will respond to hostile acts in cyberspace as
we would to any other threat to our country.
All states possess an inherent right to self-defense, and we recognize that
certain hostile acts conducted through cyberspace could compel actions
under the commitments we have with our military treaty partners.
We reserve the right to use all necessary means—diplomatic, informational,
military, and economic—as appropriate and consistent with applicable
international law, in order to defend our Nation, our allies, our partners,
and our interests.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 19
In so doing, we will exhaust all options before military force whenever we
can; will carefully weigh the costs and risks of action against the costs of
inaction; and will act in a way that reflects our values and strengthens our
legitimacy, seeking broad international support whenever possible.”).}
16.3.3.1 Use of Force Versus Armed Attack.
The United States has long taken the position that the inherent right of
self-defense potentially applies against any illegal use of force.
Thus, any cyber operation that constitutes an illegal use of force against a
State potentially gives rise to a right to take necessary and proportionate
action in self-defense.
{Harold Hongju Koh, Legal Adviser, Department of State, International
Law in Cyberspace: Remarks as Prepared for Delivery to the
USCYBERCOM Inter-Agency Legal Conference (Sept. 18, 2012), reprinted
in 54 HARVARD INTERNATIONAL LAW JOURNAL ONLINE, 7 (Dec.
2012) (“To cite just one example of this, the United States has for a long
time taken the position that the inherent right of self-defense potentially
applies against any illegal use of force.
In our view, there is no threshold for a use of deadly force to qualify as an
“armed attack” that may warrant a forcible response.
But that is not to say that any illegal use of force triggers the right to use any
and all force in response—such responses must still be necessary and of
course proportionate.”).}
16.3.3.2 No Legal Requirement for a Cyber Response to a Cyber
Attack.
There is no legal requirement that the response in self-defense to a cyber
armed attack take the form of a cyber action, as long as the response meets
the requirements of necessity and proportionality.
{Harold Hongju Koh, Legal Adviser, Department of State, International
Law in Cyberspace: Remarks as Prepared for Delivery to the
USCYBERCOM Inter-Agency Legal Conference (Sept. 18, 2012), reprinted
in 54 HARVARD INTERNATIONAL LAW JOURNAL ONLINE, 4 (Dec.
2012) (“There is no legal requirement that the response to a cyber armed
attack take the form of a cyber action, as long as the response meets the
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 20
requirements of necessity and proportionality.”).}
16.3.3.3 Responses to Hostile or Malicious Cyber Acts That Do
Not Constitute Uses of Force.
Although cyber operations that do not constitute uses of force under jus ad
bellum would not permit injured States to use force in self-defense, those
injured States may be justified in taking necessary and appropriate actions
in response that do not constitute a use of force.
Such actions might include, for example, a diplomatic protest, an economic
embargo, or other acts of retorsion.
{Department of Defense, Office of the General Counsel, An Assessment of
International Legal Issues in Information Operations (2nd ed., Nov.
1999), reprinted in 76 U.S. NAVAL WAR COLLEGE INTERNATIONAL
LAW STUDIES 459, 482 (2002) (“There is also a general recognition of the
right of a nation whose rights under international law have been violated to
take countermeasures against the offending state, in circumstances where
neither the provocation nor the response involves the use of armed force.
For example, an arbitral tribunal in 1978 ruled that the United States was
entitled to suspend French commercial air flights into Los Angeles after the
French had suspended U.S. commercial air flights into Paris.
Discussions of the doctrine of countermeasures generally distinguish
between countermeasures that would otherwise be violations of treaty
obligations or of general principles of international law (in effect, reprisals
not involving the use of armed force) and retorsions – actions that may be
unfriendly or even damaging, but which do not violate any international
legal obligation.
The use of countermeasures is subject to the same requirements of
necessity and proportionality as apply to self-defense.”).}
16.3.3.4 Attribution and Self-Defense Against Cyber Operations.
Attribution may pose a difficult factual question in responding to hostile or
malicious cyber operations because adversaries may be able to hide or
disguise their activities or identities in cyberspace more easily than in the
case of other types of operations.
A State’s right to take necessary and proportionate action in self-defense in
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 21
response to an armed attack originating through cyberspace applies
whether the attack is attributed to another State or to a non-State actor.
{DEPARTMENT OF DEFENSE, Department of Defense Cyberspace Policy
Report: A Report to Congress Pursuant to the National Defense
Authorization Act for Fiscal Year 2011, Section 934, 4 (Nov. 2011) (“The
same technical protocols of the Internet that have facilitated the explosive
growth of cyberspace also provide some measure of anonymity.
Our potential adversaries, both nations and non-state actors, clearly
understand this dynamic and seek to use the challenge of attribution to
their strategic advantage.
The Department recognizes that deterring malicious actors from
conducting cyber attacks is complicated by the difficulty of verifying the
location from which an attack was launched and by the need to identify the
attacker among a wide variety and high number of potential actors.”).
United States Submission to the U.N. Group of Governmental Experts on
Developments in the Field of Information and Telecommunications in the
Context of International Security 2012-2013, 2 (“As the United States
noted in its 2010 submission to the GGE, the following established
principles would apply in the context of an armed attack, whether it
originated through cyberspace or not:
• The right of self-defense against an imminent or actual armed attack
applies whether the attacker is a State actor or a non-State actor.”). Refer to
§ 1.11.5.4 (Right of Self-Defense Against Non-State Actors).}
16.3.3.5 Authorities Under U.S. Law to Respond to Hostile Cyber
Acts.
Decisions about whether to invoke a State’s inherent right of self-defense
would be made at the national level because they involve the State’s rights
and responsibilities under international law.
For example, in the United States, such decisions would generally be made
by the President.
The Standing Rules of Engagement for U.S. forces have addressed the
authority of the U.S. armed forces to take action in self-defense in response
to hostile acts or hostile intent, including such acts perpetrated in or
through cyberspace.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 22
{See, e.g., CHAIRMAN OF THE JOINT CHIEFS OF STAFF INSTRUCTION
3121.01B, Standing Rules of Engagement/Standing Rules for the Use of
Force for U.S. Forces, ¶6b(1) (June 13, 2005), reprinted in
INTERNATIONAL AND OPERATIONAL LAW DEPARTMENT, THE
JUDGE ADVOCATE GENERAL’S LEGAL CENTER & SCHOOL, U.S.
ARMY, OPERATIONAL LAW HANDBOOK 95 (2007) (“Unit commanders
always retain the inherent right and obligation to exercise unit self-defense
in response to a hostile act or demonstrated hostile intent.
Unless otherwise directed by a unit commander as detailed below, military
members may exercise individual self-defense in response to a hostile act or
demonstrated hostile intent.”).}
16.4 CYBER OPERATIONS AND THE LAW OF NEUTRALITY
The law of neutrality may be important in certain cyber operations.
For example, under the law of neutrality, belligerent States are bound to
respect the sovereign rights of neutral States.
Because of the interconnected nature of cyberspace, cyber operations
targeting networked information infrastructures in one State may create
effects in another State that is not a party to the armed conflict.
{Harold Hongju Koh, Legal Adviser, Department of State, International
Law in Cyberspace: Remarks as Prepared for Delivery to the
USCYBERCOM Inter-Agency Legal Conference (Sept. 18, 2012), reprinted
in 54 HARVARD INTERNATIONAL LAW JOURNAL ONLINE, 6 (Dec.
2012) (“States conducting activities in cyberspace must take into account
the sovereignty of other states, including outside the context of armed
conflict.
The physical infrastructure that supports the Internet and cyber activities is
generally located in sovereign territory and subject to the jurisdiction of the
territorial state.
Because of the interconnected, interoperable nature of cyberspace,
operations targeting networked information infrastructures in one country
may create effects in another country.
Whenever a state contemplates conducting activities in cyberspace, the
sovereignty of other states needs to be considered.”).}
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 23
16.4.1 Cyber Operations That Use Communications
Infrastructure in Neutral States.
The law of neutrality has addressed the use of communications
infrastructure in neutral States, and in certain circumstances, these rules
would apply to cyber operations.
The use of communications infrastructure in neutral States may be
implicated under the general rule that neutral territory may not serve as a
base of operations for one belligerent against another.
In particular, belligerent States are prohibited from erecting on the
territory of a neutral State any apparatus for the purpose of communicating
with belligerent forces on land or sea, or from using any installation of this
kind established by them before the armed conflict on the territory of a
neutral State for purely military purposes, and which has not been opened
for the service of public messages.
However, merely relaying information through neutral communications
infrastructure (provided that the facilities are made available impartially)
generally would not constitute a violation of the law of neutrality that
belligerent States would have an obligation to refrain from and that a
neutral State would have an obligation to prevent.
This rule was developed because it was viewed as impractical for neutral
States to censor or screen their publicly available communications
infrastructure for belligerent traffic.
Thus, for example, it would not be prohibited for a belligerent State to route
information through cyber infrastructure in a neutral State that is open for
the service of public messages, and that neutral State would have no
obligation to forbid such traffic.
This rule would appear to be applicable even if the information that is being
routed through neutral communications infrastructure may be
characterized as a cyber weapon or otherwise could cause destructive
effects in a belligerent State (but no destructive effects within the neutral
State or States).
{Colonel Borel, Report to the Conference from the Second Commission on
Rights and Duties of Neutral States on Land, in JAMES BROWN SCOTT,
THE REPORTS TO THE HAGUE CONFERENCES OF 1899 AND 1907, 543
(1917) (“We are here dealing with cables or apparatus belonging either to a
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 24
neutral State or to a company or individuals, the operation of which, for the
transmission of news, has the character of a public service.
There is no reason to compel the neutral State to restrict or prohibit the use
by the belligerents of these means of communication.
Were it otherwise, objections of a practical kind would be encountered,
arising out of the considerable difficulties in exercising control, not to
mention the confidential character of telegraphic correspondence and the
rapidity necessary to this service.
Through his Excellency Lord Reay, the British delegation requested that it
be specified that ‘the liberty of a neutral State to transmit messages, by
means of its telegraph lines on land, its submarine cables or its wireless
apparatus, does not imply that it has any right to use them or permit their
use in order to render manifest assistance to one of the belligerents’.
The justice of the idea thus stated was so great as to receive the
unanimous approval of the Commission.”).}
{See DEPARTMENT OF DEFENSE, Department of Defense Cyberspace
Policy Report: A Report to Congress Pursuant to the National Defense
Authorization Act for Fiscal Year 2011, Section 934, 8 (Nov. 2011) (“The
issue of the legality of transporting cyber ‘weapons’ across the Internet
through the infrastructure owned and/or located in neutral third
countries without obtaining the equivalent of ‘overflight rights.’
There is currently no international consensus regarding the definition of a
‘cyber weapon.’
The often low cost of developing malicious code and the high number and
variety of actors in cyberspace make the discovery and tracking of malicious
cyber tools difficult.
Most of the technology used in this context is inherently dual-use, and even
software might be minimally repurposed for malicious action.”);
Department of Defense, Office of the General Counsel, An Assessment of
International Legal Issues in Information Operations (2nd ed., Nov.
1999), reprinted in 76 U.S. NAVAL WAR COLLEGE INTERNATIONAL
LAW STUDIES 459, 489 (2002) (“There need be less concern for the
reaction of nations through whose territory or communications systems a
destructive message may be routed.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 25
If only the nation’s public communications systems are involved, the
transited nation will normally not be aware of the routing such a message
has taken.
Even if it becomes aware of the transit of such a message and attributes it to
the United States, there would be no established principle of international
law that it could point to as being violated.
As discussed above, even during an international armed conflict
international law does not require a neutral nation to restrict the use of its
public communications networks by belligerents.
Nations generally consent to the free use of their communications networks
on a commercial or reciprocal basis.
Accordingly, use of a nation’s communications networks as a conduit for an
electronic attack would not be a violation of its sovereignty in the same way
that would be a flight through its airspace by a military aircraft.”).}
16.5 CYBER OPERATIONS AND JUS IN BELLO
16.5.1 This section addresses jus in bello rules and cyber
operations.
Cyber Operations That Constitute “Attacks” for the Purpose of Applying
Rules on Conducting Attacks.
If a cyber operation constitutes an attack, then the law of war rules on
conducting attacks must be applied to those cyber operations.
For example, such operations must comport with the requirements of
distinction and proportionality.
For example, a cyber attack that would destroy enemy computer systems
could not be directed against ostensibly civilian infrastructure, such as
computer systems belonging to stock exchanges, banking systems, and
universities, unless those computer systems met the test for being a military
objective under the circumstances.
A cyber operation that would not constitute an attack, but would
nonetheless seize or destroy enemy property, would have to be
imperatively demanded by the necessities of war.48
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 26
16.5.1.1 Assessing Incidental Injury or Damage During Cyber
Operations.
The proportionality rule prohibits attacks in which the expected loss of life
or injury to civilians, and damage to civilian objects incidental to the attack,
would be excessive in relation to the concrete and direct military advantage
expected to be gained.
For example, in applying the proportionality rule to cyber operations, it
might be important to assess the potential effects of a cyber attack on
computers that are not military objectives, such as private, civilian
computers that hold no military significance, but that may be networked to
computers that are valid military objectives.
In assessing incidental injury or damage during cyber operations, it may be
important to consider that remote harms and lesser forms of harm, such as
mere inconveniences or temporary losses, need not be considered in
applying the proportionality rule.
For example, a minor, brief disruption of internet services to civilians that
results incidentally from a cyber attack against a military objective
generally would not need to be considered in a proportionality analysis.
In addition, the economic harms in the belligerent State resulting from such
disruptions, such as civilian businesses in the belligerent State being unable
to conduct e-commerce, generally would not need to be considered in a
proportionality analysis.
Even if cyber operations that constitute attacks are not expected to result in
excessive incidental loss of life or injury or damage such that the operation
would be prohibited by the proportionality rule, the party to the conflict
nonetheless would be required to take feasible precautions to limit such
loss of life or injury and damage in conducting those cyber operations.
{Harold Hongju Koh, Legal Adviser, Department of State, International
Law in Cyberspace: Remarks as Prepared for Delivery to the
USCYBERCOM Inter-Agency Legal Conference (Sept. 18, 2012), reprinted
in 54 HARVARD INTERNATIONAL LAW JOURNAL ONLINE, 8 (Dec.
2012) (“As you all know, information and communications infrastructure is
often shared between state militaries and private, civilian communities.
The law of war requires that civilian infrastructure not be used to seek to
immunize military objectives from attack, including in the cyber realm.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 27
But how, exactly, are the jus in bello rules to be implemented in
cyberspace?
Parties to an armed conflict will need to assess the potential effects of a
cyber attack on computers that are not military objectives, such as private,
civilian computers that hold no military significance, but may be networked
to computers that are valid military objectives.
Parties will also need to consider the harm to the civilian uses of such
infrastructure in performing the necessary proportionality review.
Any number of factual scenarios could arise, however, which will require a
careful, fact-intensive legal analysis in each situation.”).
Refer to § 5.12.2 (Types of Harm – Loss of Life, Injury, and Damage).
52 Cf. Program on Humanitarian Policy and Conflict Research at Harvard
University, Commentary on the HPCR Manual on International Law
Applicable to Air and Missile Warfare, 28 (A.1.e.7) (2010) (“The definition
of ‘attacks’ also covers ‘non-kinetic’ attacks (i.e. attacks that do not involve
the physical transfer of energy, such as certain CNAs [computer network
attacks]; see Rule 1(m)) that result in death, injury, damage or destruction
of persons or objects.
Admittedly, whether ‘non-kinetic’ operations rise to the level of an ‘attack’
in the context of the law of international armed conflict is a controversial
issue. There was agreement among the Group of Experts that the term
‘attack’ does not encompass CNAs that result in an inconvenience (such as
temporary denial of internet access).”).}
16.5.2 Cyber Operations That Do Not Amount to an “Attack”
Under the Law of War.
A cyber operation that does not constitute an attack is not restricted by the
rules that apply to attacks.
Factors that would suggest that a cyber operation is not an “attack” include
whether the operation causes only reversible effects or only temporary
effects.
Cyber operations that generally would not constitute attacks include:
• defacing a government webpage;
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 28
• a minor, brief disruption of internet services;
• briefly disrupting, disabling, or interfering with communications; and
• disseminating propaganda.
Since such operations generally would not be considered attacks under the
law of war, they generally would not need to be directed at military
objectives, and may be directed at civilians or civilian objects.
Nonetheless, such operations must not be directed against enemy civilians
or civilian objects unless the operations are militarily necessary.
Moreover, such operations should comport with the general principles of
the law of war.
For example, even if a cyber operation is not an “attack” or does not cause
any injury or damage that would need to be considered under the
proportionality rule, that cyber operation still should not be conducted in a
way that unnecessarily causes inconvenience to civilians or neutral persons.
16.5.3 Duty to Take Feasible Precautions and Cyber Operations.
Parties to a conflict must take feasible precautions to reduce the risk of
incidental harm to the civilian population and other protected persons and
objects.
Parties to the conflict that employ cyber operations should take precautions
to minimize the harm of their cyber activities on civilian infrastructure and
users.
The obligation to take feasible precautions may be of greater relevance in
cyber operations than other law of war rules because this obligation applies
to a broader set of activities than those to which other law of war rules
apply.
For example, the obligation to take feasible precautions to reduce the risk
of incidental harm would apply to a party conducting an attack even if the
attack would not be prohibited by the proportionality rule.
In addition, the obligation to take feasible precautions applies even if a
party is not conducting an attack because the obligation also applies to a
party that is subject to attack.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 29
16.5.3.1 Cyber Tools as Potential Measures to Reduce the Risk of
Harm to Civilians or Civilian Objects.
In some cases, cyber operations that result in non-kinetic or reversible
effects can offer options that help minimize unnecessary harm to civilians.
In this regard, cyber capabilities may in some circumstances be preferable,
as a matter of policy, to kinetic weapons because their effects may be
reversible, and they may hold the potential to accomplish military goals
without any destructive kinetic effect at all.
As with other precautions, the decision of which weapon to use will be
subject to many practical considerations, including effectiveness, cost, and
“fragility,” i.e., the possibility that once used an adversary may be able to
devise defenses that will render a cyber tool ineffective in the future.
Thus, as with special kinetic weapons, such as precision-guided munitions
that have the potential to produce less incidental damage than other kinetic
weapons, cyber capabilities usually will not be the only type of weapon that
is legally permitted.
{United States Submission to the U.N. Group of Governmental Experts on
Developments in the Field of Information and Telecommunications in the
Context of International Security 2012-2013, 4 (“Cyber operations that
result in non-kinetic or reversible effects can be an important tool in
creating options that minimize unnecessary harm to civilians.
In this regard, cyber capabilities may in some circumstances be preferable,
as a matter of policy, to kinetic weapons because their effects may be
reversible, and they may hold the potential to accomplish military goals
without any destructive kinetic effect at all.”).
Department of Defense, Office of the General Counsel, An Assessment of
International Legal Issues in Information Operations (2nd ed., Nov.
1999), reprinted in 76 U.S. NAVAL WAR COLLEGE INTERNATIONAL
LAW STUDIES 459, 490 (2002) (“Another possible implication of a
defender’s technological prowess may arise when a nation has the capacity
for graduated self-defense measures.
Some may argue that a nation having such capabilities must select a
response that will do minimal damage.
This is a variant of the argument that a nation possessing precision-guided
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 30
munitions must always use them whenever there is a potential for collateral
damage.
That position has garnered little support among nations and has been
strongly rejected by the United States.
There is broad recognition that the risk of collateral damage is only one of
many military considerations that must be balanced by military authorities
planning an attack.
One obvious consideration is that a military force that goes into a
protracted conflict with a policy of always using precision-guided munitions
whenever there is any potential for collateral damage will soon exhaust its
supply of such munitions.
Similarly, military authorities must be able to weigh all relevant military
considerations in choosing a response in self-defense against computer
network attacks.
These considerations will include the probable effectiveness of the means at
their disposal, the ability to assess their effects, and the “fragility” of
electronic means of attack (i.e., once they are used, an adversary may be
able to devise defenses that will render them ineffective in the future).”).}
16.5.4 Prohibition on Improper Use of Signs During Cyber
Operations. Under the law of war, certain signs may not be used
improperly.
These prohibitions may also be applicable during cyber operations.
For example, it would not be permissible to conduct a cyber attack or
to attempt to disable enemy internal communications by making use of
communications that initiate non-hostile relations, such as prisoner
exchanges or ceasefires.
Similarly, it would be prohibited to fabricate messages from an enemy’s
Head of State falsely informing that State’s forces that an armistice or
cease-fire had been signed.
On the other hand, the restriction on the use of enemy flags, insignia, and
uniforms only applies to concrete visual objects; it does not restrict the use
of enemy codes, passwords, and countersigns.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 31
Thus, for example, it would not be prohibited to disguise network traffic as
though it came from enemy computers or to use enemy codes during cyber
operations.
{Department of Defense, Office of the General Counsel, An Assessment of
International Legal Issues in Information Operations (2nd ed., Nov.
1999), reprinted in 76 U.S. NAVAL WAR COLLEGE INTERNATIONAL
LAW STUDIES 459, 473 (2002) (“Perfidy: It may seem attractive for a
combatant vessel or aircraft to avoid being attacked by broadcasting the
agreed identification signals for a medical vessel or aircraft, but such
actions would be a war crime.
Similarly, it might be possible to use computer ‘morphing’ techniques to
create an image of the enemy’s chief of state informing his troops that an
armistice or cease-fire agreement had been signed. If false, this would also
be a war crime.”).}
16.5.5 Use of Civilian Personnel to Support Cyber Operations.
As with non-cyberoperations, the law of war does not prohibit States from
using civilian personnel to support their cyber operations, including
support actions that may constitute taking a direct part in hostilities.
Under the GPW, persons who are not members of the armed forces, but
who are authorized to accompany them, are entitled to POW status.
This category was intended to include, inter alia, civilian personnel with
special skills in operating military equipment who support and participate
in military operations, such as civilian members of military aircrews.
It would include civilian cyber specialists who have been authorized to
accompany the armed forces.
Civilians who take a direct part in hostilities forfeit protection from being
made the object of attack.
16.6 LEGAL REVIEW OF WEAPONS THAT EMPLOY CYBER
CAPABILITIES
DoD policy requires the legal review of the acquisition of weapons or
weapon systems.
This policy would include the review of weapons that employ cyber
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 32
capabilities to ensure that they are not per se prohibited by the law of war.
{Harold Hongju Koh, Legal Adviser, Department of State, International
Law in Cyberspace: Remarks as Prepared for Delivery to the
USCYBERCOM Inter-Agency Legal Conference (Sept. 18, 2012), reprinted
in 54 HARVARD INTERNATIONAL LAW JOURNAL ONLINE, 6 (Dec.
2012) (“States should undertake a legal review of weapons, including those
that employ a cyber capability.
Such a review should entail an analysis, for example, of whether a particular
capability would be inherently indiscriminate, i.e., that it could not be used
consistent with the principles of distinction and proportionality.
The U.S. Government undertakes at least two stages of legal review of
the use of weapons in the context of armed conflict: first, an evaluation of
new weapons to determine whether their use would be per se prohibited by
the law of war; and second, specific operations employing weapons are
always reviewed to ensure that each particular operation is also compliant
with the law of war.”).}
Not all cyber capabilities, however, constitute a weapon or weapons system.
Military Department regulations address what cyber capabilities
require legal review.
The law of war does not prohibit the development of novel cyber weapons.
The customary law of war prohibitions on specific types of weapons result
from State practice and opinio juris demonstrating that a type of weapon is
illegal; the mere fact that a weapon is novel or employs new technology
does not mean that the weapon is illegal.
Although which issues may warrant legal analysis would depend on the
characteristics of the weapon being assessed, a legal review of the
acquisition or procurement of a weapon that employs cyber capabilities
likely would assess whether the weapon is inherently indiscriminate.
For example, a destructive computer virus that was programmed to spread
and destroy uncontrollably within civilian internet systems would be
prohibited as an inherently indiscriminate weapon.
{United States Submission to the U.N. Group of Governmental Experts on
Developments in the Field of Information and Telecommunications in the
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 33
Context of International Security 2012-2013, (“Weapons that cannot be
directed at a specific military objective or whose effects cannot be
controlled would be inherently indiscriminate, and per se unlawful under
the law of armed conflict.
In the traditional kinetic context, such inherently indiscriminate and
unlawful weapons include, for example, biological weapons.
Certain cyber tools could, in light of the interconnected nature of the
network, be inherently indiscriminate in the sense that their effects cannot
be predicted or controlled; a destructive virus that could spread
uncontrollably within civilian internet systems might fall into this category.
Attacks using such tools would be prohibited by the law of war.”).}
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 34
On the centrality of the current account in
international economics
Keynote speech by Mr Claudio Borio, Head of
Monetary and Economic Department of the BIS,
at the ECB-Central Bank of Turkey conference
"Balanced and sustainable growth operationalising the G20 framework", Frankfurt,
Abstract
The current account occupies a central position in international economics
and policy debates.
Indeed, in G20 policy debates the term "global imbalances" is treated as
almost synonymous with "current account imbalances".
Current account imbalances do matter and they can be a problem. But this
speech argues that this centrality is not that helpful in understanding how
the global economy works, especially in a world of free and huge capital
flows.
And it may even lead to the wrong policy prescriptions, including not
paying sufficient attention to potentially more disruptive financial
imbalances.
A key reason is that, analytically, the current account is asked to shed light
on issues for which it is ill-suited, such as the amount of financing a country
gets from, or provides to, others, the direction of that financing (who lends
to whom) and financial instability.
Speech
I would like to thank the organisers for their kind invitation to this event. I
am delighted to be here.
The conference title highlights the G20's goal of achieving balanced and
sustainable growth.
This, in fact, has been the goal of international policy cooperation from the
start.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 35
That said, the way this challenge is interpreted has evolved substantially
over time, reflecting not just shifting geopolitical currents but - of greater
relevance to this conference - changing analytical paradigms too.
One aspect that remains unchanged is the critical importance of the
international monetary and financial system (IMFS) in channelling policy
efforts - or in reflecting their absence.
This was inevitably the case during the Gold Standard era, the chaotic
pre-war years of the retreat into trade and financial protectionism, the
Bretton Woods phase and again, in more recent times, following the
breakdown of those arrangements.
Not surprisingly, the perennial challenge - and one that has given rise to
heated debates - has been to identify the strengths and weaknesses of the
IMFS with a view to improving it.
In my remarks today I would like to address this issue, to which we devoted
a whole chapter in the latest BIS Annual Report (BIS (2015)).
But I would like to do so by taking a step back.
My objective is to assess critically, and from an analytical perspective, why
the current account occupies such a central position in international
economics and policy debates.
This centrality has a long tradition.
It harks back at least to David Hume's view of the gold specie standard, in
which current account balances were regarded as the source of cross-border
gold flows (Hume (1898)).
It is through this lens that the economic havoc in the interwar years is seen
in terms of the transfer problem, as linked with war reparations (Keynes
(1929) and Ohlin (1929)).
This is the perspective that highlights a systematic contractionary bias in
the global economy because deficit (borrowing) countries are forced to
retrench when surplus (creditor) ones are no longer willing to lend to them
(Keynes (1941)).
It reappears in the view that traces the 1970s Latin American crisis to the
recycling of oil exporters' surpluses (Lomax (1986), Congdon (1988)).
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 36
And, more recently, it has re-emerged in the argument that a saving glut,
reflected in large Asian current account surpluses, was at the root of the
Great Financial Crisis (Bernanke (2005), Krugman (2009), King (2010)).
I will argue that this centrality is not that helpful in understanding how the
global economy works, especially in a world of free and huge capital flows.
And it may even lead to the wrong policy prescriptions.
We should not forget that, for quite some time now, the terms "global
imbalances" and "current account imbalances" have been treated as almost
synonymous in G20 policy discussions - so ingrained is the centrality of
current accounts in the policy debate.
To be clear: I do believe that current accounts matter greatly. If very large
and persistent, they do provide information about long-term sustainability,
they do raise the costs of financial crises, and they do pose the risk of trade
protectionism. But current accounts have been asked to do too much and,
as a consequence, focusing on them excessively can lead policy astray.
Because this is a research conference, I would like to approach the topic at a
rather high level of abstraction before I turn to policy.
My basic thesis is that the current account is asked to shed light on issues
for which it is ill-suited, such as the amount of financing a country gets
from, or provides to, others; the direction of that financing (who lends to
whom) - a key ingredient in the so-called Lucas Paradox (1990); the degree
of capital mobility - a key ingredient in the Feldstein-Horioka Puzzle
(1980); and financial instability - the risks thereof and the mechanisms
involved - as highlighted in the notion of "sudden stops" (Calvo (1998)).
I shall argue that this "overburdening" of the current account concept
results from the failure to make a sufficiently clear distinction between
saving and financing, and hence also between gross and net flows. In turn,
this ultimately points to an under-appreciation of the monetary nature of
our economies.
And the problem is compounded by the tendency to extrapolate inferences
from a two-country to a multi-country world - something which is, or at
least should be, well known but is often overlooked.
In the process, I shall take issue with familiar statements such as the
following. The current account is a " ...measure of total external capital
financing available for investment in a country... "(Prasad et al; p 120) or of
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 37
" ...the total amount of finance flowing in or out of a country... " (p 129). Or
again, "(t)he largest and arguably most advanced world economy, the
United States, has been a net capital importer since 1982 and has been
increasingly financed by fast growing emerging economies" (Gourinchas
and Rey (2013); p 5).
The key point is that current account patterns are largely silent about the
role a country plays in international borrowing, lending and financial
intermediation
Now, I do not expect you to leave this room fully convinced, given how
deep-seated the convictions underlying these statements are and the
limited time available. But I do hope to raise some questions in your mind
and trigger your curiosity.
You can take what I am saying to be not just about substance but also about
rhetoric. More precisely, you can take it as exploring also how the way we
talk about identities and our models can inadvertently shape the inferences
we draw from them.
The structure of my remarks is as follows. I shall first elaborate on the
distinction between saving and financing, initially in a closed economy and
then in an open economy.
I shall then revisit the Lucas Paradox and the notion of sudden stops,
arguing that the current account concept actually muddies the water.
I shall finally draw some policy conclusions, including about the workings
of the IMFS. Here I shall highlight how a current-account-centric analytical
framework could lead policy astray.
For those that would like to explore these issues further, let me say that they
have been developed in detail, with help of a simple model, in a recent
paper with Piti Disyatat (Borio and Disyatat (2015)). I understand that the
paper, which is still preliminary, will be made available to participants at
this conference.
I - Saving and financing
The origin of the problem - the "original sin", if you would like - is the
conflation of two quite different concepts: saving and financing. Saving is a
national accounts concept and denotes income (output) not consumed.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 38
Financing is a cash flow concept and denotes access to purchasing power in
an accepted settlement medium (money), including through borrowing.
In a causal sense, all expenditures, and hence also investment, require
financing, not saving.
Financing, in turn, is about gross, not net, financial flows.
And it is required for both financial and real transactions, which may or
may not add to output.
Look at it another way.
Saving alleviates an economy's real resource constraint: abstaining from
consumption makes room for investment to take place without putting
pressure on resources.
Cash flows alleviate the economy's financing constraint: without cash flows,
no spending can take place.
Why are the two concepts conflated? Probably, this reflects the use of
models that do not explicitly trace the financing (monetary) flows - what I
would call real economies disguised as monetary ones.
This includes many DSGE models as well as the benchmark
consumption-smoothing model of the current account - the workhorse
model of international finance these days.
In the simplest form, with a representative agent and a single asset
("bonds"), the relevant distinctions disappear (eg Obstfeld and Rogoff
(1995)): there is no need to model financing flows explicitly and gross flows
collapse into net flows.
Closed economy
Before opening up the economy, it is easiest to see the difference between
saving and financing in a closed economy.
The key feature of this hypothetical economy is that it is a monetary
economy, ie one in which all transactions must be settled in money, here
assumed to be bank deposits.
Moreover, while often overlooked, deposits are created by extending credit.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 39
More specifically, deposits are a claim issued by banks as the counterpart of
the acquisition of some other claim, which typically takes the form of credit
- just as cash nowadays must be issued by the government or the central
bank as counterpart of the acquisition of some item.
Critically, the role of banks, therefore, is to create purchasing power, not to
allocate pre-existing real resources.
A couple of implications follow.
For one, there is no link between the volumes of saving and financing.
Financing does not require saving, ie, abstaining from consumption.
For instance, in an economy with no saving, and hence investment, one still
needs financing for production, such as to pay factors of production.
In addition, saving does not have to go into financial assets: strictly
speaking, it cannot, because one would be comparing apples and oranges.
Saving materialises once investment takes place but is silent about the flow
of financial assets.
To think otherwise probably results from a misleading extrapolation from
an individual agent to whole economy.
That is, an agent's "saving" his labour income simply amounts to, in the first
instance, a deposit transfer from his employer: there is no link to "saving"
in the national accounts sense.
It is thus not meaningful to say that "country X can sustain a lot of
government debt because it has a high saving rate" - a common enough
statement in policy debates.
Debt is sustained by the willingness of agents to hold it - a portfolio
allocation decision. Saving is a just "hole" in aggregate demand that allows
investment to take place without putting pressure on aggregate resources.
There is no such thing as a "wall of saving" that pushes down interest rates
as it sucks up financial assets: saving and investment balances at best
determine natural rates, not market rates - a point to which I will return
later.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 40
Open economy
These conclusions carry through to an open economy. Three implications
are worth highlighting.
First, there need be no relationship between the current account position
and the financing flows underpinning expenditures, and hence investment
and output.
A country may be in surplus, but have all its investment financed from
abroad; or be in deficit but have it all financed at home.
For instance, in a simple model in which banks are the only source of
funding, it will depend on where they are located.
In other words, the location of those who spend and produce determines
current account positions while the location of those who provide the
funding determines financing flows.
Second, the nature of the credit risks is unrelated to the current account
position: it depends exclusively on financing patterns.
For instance, if the banks are located in the deficit countries, they will be
the creditors and bear the credit risk in the first place.
Thus, the irresistible image that surplus countries are "creditors" and are
exposed to risk on deficit countries is misleading.
True, balance of payments identities must hold: a surplus country is
accumulating, on net, claims on others.
And in a two-country world this would necessarily be on the deficit country.
But answering the question whether any credit risk is involved and how it is
distributed requires an understanding of financing patterns, by both
location and instrument, and how they crystallise in outstanding stocks.
Finally, moving from a two-country to a multi-country world undermines
our straightforward intuition about bilateral relations.
Now, even in net terms, surplus countries need not accumulate claims on
deficit countries.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 41
In the extreme case, all the financing could come from a third country,
which does not trade with the first two - think of it as a pure financial hub.
By construction, net positions would be accumulated vis-à-vis this third
country.
II - Revisiting common notions
It is now possible to revisit the Lucas Paradox and financial instability, with
special reference to the popular notion of sudden stops.
The Lucas Paradox
The famous Lucas Paradox states that, based on current account positions,
capital counterintuitively flows "uphill".
This is because, on balance, advanced economies have current account
deficits and less developed ones surpluses.
But since the marginal productivity of capital should be higher in less
capital intensive economies, this is not optimal.
Typical explanations of the puzzle focus on reasons why the differential in
returns on capital may be more apparent than real and/or not exploitable.
This may well be true. But the previous analysis suggests a different
possibility: the question may not be fully well-posed.
For one, current account positions are not informative of the direction of
financing: investment could be fully financed from advanced economies
even if these are in deficit.
One needs to look at the details of bilateral gross financing flows.
In addition, in a multi-country world, even if bilateral net positions
correspond to current account positions - and they need not - it does not
follow that, in aggregate, surplus counties accumulate net claims on deficit
ones.
For example, assume that country A has a current account deficit with B; B
a current account deficit with C and B is in balance. In this case, A is in
deficit and C in surplus.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 42
Assume further that bilateral net positions do correspond to the current
account positions, although, as discussed, they need not.
Then country C, which has a surplus, is acquiring net claims on B, which is
in balance, and which is in turn acquiring net claims on A, which is in
deficit.
Thus, there is no sense in which capital is flowing from C, in surplus, to A,
in deficit.
This is, in theory, a matter of identities. But what do the data actually say?
Data on financing patterns are very limited; but what is available suggests
that the puzzle may be more apparent than real.
The size of gross flows dwarfs current accounts. FDI, which can be closely
linked to investment, has tended to flow "downhill", from advanced
economies to EMEs, not vice versa (eg, Prasad et al (2006)).
The same is true of bank flows, at least over the last decade.
And more generally, the data show little correspondence between bilateral
trade positions and bilateral net financial positions, as the previous
illustrative example postulates, or between bilateral net and gross financial
positions.
For instance, in the years up to the Great Financial Crisis, France had trade
deficit - a current account proxy - with the rest of the euro area but was
acquiring net claims on it, and a small surplus with the rest of the world but
it was increasing its net liabilities to it (Hobza and Zeugner (2014)).
Likewise, at end-2007, even as the United States had its largest bilateral net
liability position vis-à-vis China and Japan, it had much larger gross
positions vis-à-vis the euro area and the United Kingdom (Milesi-Ferretti et
al (2010)).
Financial instability
What about the link between current accounts and financial instability?
A common view sees current account deficits as a major source of financial
vulnerabilities, from which current account surplus countries are spared.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 43
The reason is that deficits are regarded as exposing countries to foreign
investors' and lenders' sentiment and hence to sudden stops.
In fact, the previous analysis makes clear that both current account deficit
and surplus countries are exposed to it.
For one, since current accounts are largely silent about financing patterns,
they can hardly say much about financial crises and the mechanisms
involved.
At most, they may say something about triggers, if economic agents
perceive them as a vulnerability - which they often do - and about the
macroeconomic costs once crises erupt.
Surely the focus has to be on gross exposures, on their size and distribution.
For instance, in the case of the Great Financial Crisis, the institutions
exposed to it outside the United States were located in the United Kingdom,
a country with a current account deficit, and the euro area, which was
roughly in balance (Borio and Disyatat (2011)).
In addition, the pivotal role current accounts are given in sudden stops
surely cannot be right analytically.
Current account reversals do not causally reflect a sudden stop in net
capital flows - this is simply what current accounts are, by definition.
We should look for causal mechanisms elsewhere. If we think of the current
account items, a current account "sudden stop" could only take place if
foreigners decided not to export to the country any longer, giving up on the
corresponding revenues, or residents freely decided to purchase fewer
goods.
Both of these mechanisms are implausible. Surely the sudden stop must be
in gross financing flows, domestic and external, which force agents to cut
imports and pre-finance exports.
Thus, current account reversals are more like the tail that is wagged by the
dog.
The empirical evidence is consistent with this perspective.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 44
In particular, it suggests that the best single leading indicators of financial
crises are credit booms (Jordà et al (2011), Gourinchas and Obstfeld (2012),
Borio and Lowe (2002)).
The information content of current accounts tends to vanish once the
booms are controlled for.
The evidence also indicates that external sources of credit expansion do
tend to outpace domestic ones as these booms proceed (eg Borio et al
(2011)) and it suggests that the bust in financing flows causes activity to
come to a halt.
In fact, some of the most damaging credit booms in history have occurred
in current account surplus countries, including the United States prior to
the Great Depression and Japan in the late 1980s.
Today, several current account surplus countries have been experiencing
outsize booms, not least China. And analytically, the main link is not
between the sign of the current account and credit booms, but between
changes in the current account and credit booms, to the extent that booms
go hand in hand with strong domestic demand.
III - Policy implications
Let me just highlight three policy implications of the analysis.
First, there is a need to rebalance the focus of international macroeconomic
cooperation away from current account imbalances towards financial
imbalances.
In G20 circles the term "global imbalance" has been treated as almost
synonymous with "current account imbalance" for too long.
In a world of huge capital flows, financial imbalances are a more important
source of macroeconomic dislocations.
The latest financial crisis is just the most recent reminder of their
potentially disruptive force.
Second, in some cases, a focus on current account imbalances may even be
counterproductive.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 45
This can be the case when surplus countries are pushed to boost aggregate
demand regardless of domestic financial vulnerabilities - as happened to
Japan in the 1980s, at the cost of adding fat to the fire of a hugely damaging
financial boom (Shirakawa (2011)).
And this might be what has happened to China following the Great
Financial Crisis.
Finally, once attention shifts from current account imbalances to financial
imbalances, central banks take centre stage (Borio et al (2014)).
This is because of their first-order influence on financial conditions through
monetary policy and their typically important role in prudential policy, not
least macroprudential policy.
Indeed, as suggested by this analysis and as argued in detail elsewhere
(Borio (2014)), the Achilles heel of the IMFS is less its inability to constrain
the size and persistence of current account imbalances than its inability to
constrain financial imbalances - what with Piti Disyatat we have called its
"excess financial elasticity" (Borio and Disyatat (2011)).
Such imbalances typically take the form of unsustainable increases in credit
and asset prices, especially property prices, on the back of aggressive
risk-taking.
And external financing, as a source of credit expansion, tends to play a key
role (Borio et al (2011)).
Once these imbalances collapse, they cause huge economic damage.
To be sure, this excess elasticity originates in inadequacies of domestic
policy regimes, especially monetary and prudential ones; but it is amplified
by their interaction through the IMFS.
As domestic monetary regimes pay little attention to the build-up of
financial imbalances, their interaction can spread the corresponding easing
bias from the core economies to the rest of the world.
This occurs through the extensive reach of international currencies - above
all, the US dollar - beyond national borders and through resistance to
exchange rate appreciation.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 46
For example, US dollar credit to non-US residents has grown at a much
faster pace than US domestic credit post-crisis (eg, McCauley et al (2015)).
Moreover, there is growing evidence that US policy rates have had an
influence on policy rates in the rest of the world over and above that of
domestic conditions (Taylor (2013) and Hofmann and Takats (2015)).
And the interaction of financial regimes, through the free mobility of capital
across currencies and borders, reinforces and channels these effects, by
adding a key external source of funding during domestic financial booms
and by making exchange rates subject to "overshooting" for exactly the
same reasons as domestic asset prices are, ie owing to loosely anchored
perceptions of value, risk-taking and ample funding.
"Global liquidity", or the ease of financing in international markets, moves
in irregular but powerful waves (Borio (2013), Shin (2013), Caruana
(2014)).
Through these mechanisms, easy monetary and financial conditions can,
and have, spread to countries that do not need them, fuelling the build-up
of financial imbalances there.
This is not the place to develop and document these arguments in detail,
given the space available (for an elaboration, see eg Borio (2014) and BIS
(2015)).
But one aspect is worth exploring further because of its possible connection
with current accounts: one symptom of the weakness inherent in the
interaction of monetary regimes is that, at the global level,
inflation-adjusted interest rates have trended down and appear quite low
regardless of benchmarks.
Those focusing on current accounts would argue that their decline, in fact,
reflects an excess of ex ante saving over ex ante investment at the global
level, which has been pushing down market rates alongside equilibrium (or
natural) real interest rates.
This is precisely a key mechanism highlighted by those who argue that a
global saving glut was at the heart of the Great Financial Crisis: low interest
rates, so determined, boosted the US mortgage boom whose collapse
contributed to widespread financial stress.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 47
From the perspective outlined in my remarks, such a view can be
questioned. One objection concerns the link between saving and
investment, on the one hand, and market interest rates, on the other.
The second concerns the relationship between market and equilibrium or
natural interest rates.
Saving and investment imbalances do not directly influence interest rates.
There is general agreement that, in a monetary economy, market interest
rates are determined by a combination of central banks' and market
participants' actions.
Central banks set the nominal short-term rate and influence the nominal
long-term rate, through signals of future policy rates and purchases of
assets.
Market participants adjust their portfolios based on their expectations of
central bank policy, their views about the other factors driving long-term
rates, their attitude towards risk and various balance sheet constraints.
Given these nominal interest rates, actual inflation determines ex post real
rates and expected inflation determines ex ante real rates.
Thus, the influence of saving and investment is only indirect, through these
proximate factors and, in particular, through their influence on central
banks' and market participants' perceptions of equilibrium or natural rates.
The question then comes down to what determines those equilibrium rates
and whether the market rates prevailing at any given point in time are
equilibrium ones.
This is necessarily an analytical issue and the answer must be
model-dependent.
The prevailing view, shared by proponents of the saving glut and secular
stagnation hypothesis (Summers (2014)), is that the equilibrium or natural
rate equates saving and investment at full employment and that when this
does not happen, inflation rises (if there is excess demand) or falls (if there
is excess supply).
The behaviour of inflation is the key signal of unsustainability. But from the
perspective proposed here another possible signal of unsustainability is the
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 48
build-up of financial imbalances (Borio and Disyatat (2011, 2014), BIS
(2015)).
After all, it is hard to argue that the interest rate is at its equilibrium level
and that this rate is a cause of major financial instability, hugely damaging
to the economy.
Seen in this light, such a narrow definition of the equilibrium rate is more a
reflection of the incompleteness of the analytical frameworks used to define
the concept than one of an inherent tension between natural rates and
financial stability.
Conclusion
To conclude, current accounts have been at the centre of international
economics and policy for a very long time.
There are, of course, very good reasons for this. Current accounts tell us
whether a country is spending more than it is producing.
They are followed closely by market participants and can influence their
mood changes.
They can affect the macroeconomic costs of crises.
And they can give rise to dangerous protectionist pressures.
In short, in this respect I do agree with Maurice Obstfeld (2012), who gives
an affirmative answer to the provocative question that heads up his Richard
T Ely Lecture: "Does the current account still matter?"
But, more generally, current accounts have been asked to tell us more than
they can about several key macroeconomic magnitudes - about the volume
and direction of capital flows; about how economic activity is financed;
about the role countries play in financial intermediation, lending and
borrowing; and about the risks of financial instability and the mechanisms
involved.
In my remarks, I have argued that this ultimately stems from the failure to
distinguish with sufficient clarity between saving and financing, and hence
between net and gross flows, and, ultimately, to recognise the
fundamentally monetary nature of our economies.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 49
In turn, this problem is compounded by the tempting tendency to
extrapolate reasoning that holds in a two-country world to a multi-country
world, where it does not apply.
This state of affairs shapes in unhelpful ways both the rhetoric we employ to
talk about the economy and the policy conclusions themselves.
And it is one reason why, within the G20, international policy cooperation
has focused so heavily on current account imbalances at the expense of
financial imbalances.
There is a need to rebalance this situation, as regards both analytics and
policy.
Post-crisis in particular, there have been some positive signs. Within the
academic community, for instance, greater attention has been paid to gross
capital flows and their nexus with financial booms and busts (eg Shin
(2012), Obstfeld (2011, 2012), Rey (2014)).
And within the G20, the concept of global liquidity has made a timid
appearance. But progress has been too slow. The sooner we recognise this,
the better.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 50
Macroprudential policy - from Tiberius
to Crockett and beyond
Speech by Sir Jon Cunliffe, Deputy Governor
for Financial Stability of the Bank of England,
at TheCityUK, London
Historians still argue about the exact causes of
the financial crash of AD 33 that rocked the
Roman Empire.
The commentators of the day did not unfortunately have, let alone record,
the vast amounts of data that we have become used to today.
But in a world still painfully extricating itself from the crash of 2008, the
key features look eerily familiar, as a number of modern day commentators
have observed.
An extension of credit across the empire, a sudden deleveraging, debtors
failing and bank closures in a number of Roman provinces, the total drying
up of liquidity in the financial system and widespread panic.
The remedies look familiar too.
The Emperor Tiberius was not able to rely on a modern independent
central bank with the ability to print money to staunch the crisis.
But notwithstanding that immense shortcoming, Tiberius took effective
action, injecting into the system a huge amount of liquidity stored in coin in
his treasury, setting interest rates at zero for a three year period - an early
example of forward guidance - and doubling loan to value requirements for
property loans.
He also executed those he thought most responsible: though some might
advocate that today, I think in that respect at least we have moved on from
AD 33.
Systemic financial crises, as this episode shows, are not new.
The invention of credit and the development of banking and financial
systems have been key to the improvement of human living standards
throughout history.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 51
But they bring with them the boom and bust extremes of the credit cycle,
driven by greed and fear, and the risk of systemic crises which can badly
damage the real economy.
As financial systems have developed and spread, public authorities, from
Tiberius' administration to the Financial Policy Committee (FPC) of the
modern Bank of England today, have had to adapt both to deal with
financial crises when they occur and to try to prevent them occurring in the
first place. It has often been an unequal struggle.
I want today to review a little of that history from the Bank of England's
perspective. I will draw out the development of what - following the great
financial crisis of 2008-9 - has become known as "macroprudential" policy.
Put simply, this is the regulation and supervision of the financial system as
a whole rather than just the "micro" regulation and supervision of the firms
and the markets that go to make up the system.
In doing so, I want to review the progress of macroprudential policy and the
FPC of the Bank, which is the UK macroprudential authority.
Have we built a more resilient financial system and one that can provide the
financial stability that is essential for sustainable economic growth?
I hope I will be able to show that while many of the problems we face and
the tools we have are familiar, the development of macroprudential policy
and the FPC since the crisis is not just old wine in new bottles.
There is new and important wine here also.
The Bank and financial stability
The Bank of England is not, of course, a newcomer to this scene. In the
centuries following the Bank's creation in 1694, the British financial system
mushroomed as the industrial revolution took hold and the empire grew.
As the financial system grew, so did the incidence of crises and panics that
required the Bank - often reluctantly - to intervene.
In the financial crisis of 1825 - a crisis attributed by many to low interest
rates, abundant liquidity and a search for yield that drove investors into
emerging market bonds - England was said by one observer to be "within 24
hours of a state of barter".
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 52
To get liquidity into the system and restore confidence, the Bank according
to one of its directors "lent money by every possible means and in modes we
had never adopted before".
Again, much of this sounds eerily familiar. The Bank since its inception has
been at the centre of the response to every financial crisis in the UK.
And since its inception, the Bank has played a role in shaping the
development of the financial sector in the UK and using its influence to
promote financial stability.
For much of its history, that role was not one of statutory regulation and
supervision.
The Bank exercised its influence behind the scenes on the small club of
actors that dominated the financial system.
Indeed, the UK came rather late to the idea that banks and financial firms
needed to be regulated by law rather than steered by the eyebrows of the
Governor of the Bank of England.
The Macmillan Committee (1931), which inquired into financial policy in
the wake of the Wall Street Crash, did not advocate statutory regulation.
Rather it endorsed the informal role of the Bank in guiding the banking
sector, commenting that "financial policy can only be carried into effect by
those whose business it is".
30 years, a Great Depression and a world war later, the 1959 Report of the
Radcliffe inquiry into the monetary system concluded similarly that "it is on
this relationship, and on the mutual trust and confidence that are the basis
of the relationship, rather than on formal power-that the Bank has relied in
seeking to inform itself about and influence the policies of the clearing
banks".
In the immediate post war period it was not necessary to do a great deal to
promote financial stability or the supervision of financial firms.
In the post war economy with closed capital and current accounts the
banking system was tightly controlled by government. It was an instrument
of macroeconomic management and of financial repression in order to
repay the national debt.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 53
As the Chairman of Lloyds Bank at the time described it, "It was like driving
a powerful car at twenty miles an hour. The banks were anaesthetised - it
was a kind of dream life".
But, from the beginning of the 1970s, as the financial sector was
increasingly liberalised and globalised, the old risks returned. It became
apparent by 1979 that the Governor's eyebrows needed to be bolstered with
statutory regulation and supervision of banks.
As capital accounts were increasingly opened up and cross border
competition grew, the need for a more level playing field between
internationally active banks became more apparent.
Liberalisation led to a shift towards more explicit prudential standards
starting with the 1975 Basel Concordat - the forerunner of today's Basel
standards.
The focus was very much on promoting the safety and soundness of
individual firms. Much less attention was given to the fact that the risks in
the financial system are greater than the sum of the risks in its parts.
Central banks were no strangers to such systemic risks.
Indeed, they were recognised at the time - the forerunner of today's Basel
Committee identified them and even coined the term "macro-prudential"
risks to distinguish and separate them from "micro-prudential" or firm
specific risks that were the subject of the Basel Accords.
They then concluded it was for someone else to address macroprudential
risk.
The trail of macroprudential policy goes rather cold at this point.
The prevailing view seems to have been that if the regulation and
supervision of individual firms was right and if central banks had the
necessary Tiberius-like instruments to intervene in crises, sufficient
stability could be ensured.
It was the realisation in the last years of the last century that an ever more
liberalised and globalised financial sector was generating ever more
difficult financial crises that led to the reawakening of interest in
macroprudential policy.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 54
This was led by Andrew Crockett, then the General Manager of the Bank for
International Settlements and a former Executive Director of the Bank of
England.
The development of macroprudential policy
As set out by Crockett and others, the basic principles of macroprudential
policy are that:
-
assuring the stability of individual financial firms will not by definition
assure the stability of the overall financial system; indeed there will be
times in which what makes good sense for a specific firm makes bad
sense for the system as a whole;
-
the underlying prudential standards - the reserves of capital and liquid
assets that individual banks and other firms need to hold to enable them
to withstand bad times - should be set not simply in relation to the risks
in the individual firm, but also to reflect the importance of the firm to
the financial system and the cost to the economy as a whole if the
system fails;
-
the financial system does not simply respond to the economic cycle,
growing as the economy grows and vice versa. It also feeds on its own
exuberance in good times and on its fear in bad times which can in turn
drive the real economy to extremes, as we have witnessed in recent
years. The underlying causes of this phenomenon are interactions,
feedback loops and amplifiers that exist within the financial system that
can act as turbo chargers in both directions;
-
the aim of macroprudential authorities should be to prevent these
dynamics from driving up financial stability risks in good times and
driving the system down in bad times. That requires not only setting the
overall framework of standards and regulation in the right place to
address systemic risk; it requires also adjusting the framework in
response to the buildup of risk as the turbo chargers inherent in the
financial system begin to kick in; and
-
a recognition that what distinguishes "macroprudential" from
"microprudential" and from "macroeconomic" is its objective of
financial system stability rather than the instruments it deploys.
Macroprudential authorities like the FPC use many of the same
instruments as microprudential regulators such as bank capital
standards. And in the very final resort, monetary policy may need to be
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 55
used to counter financial stability risk. But the objective of ensuring the
financial system as a whole is stable is different to the objective of
promoting the safety and soundness of individual firms or that inflation
is kept at target.
With the benefit of hindsight, policymakers and regulators should all have
paid a great deal more attention to these ideas in the early years of the
century while the great financial crisis was in the making. In fact, it is
difficult to find any newspaper reference at all to macroprudential policy in
those years.
The opposite is true today. Last year there were over 350 newspaper
references in the UK alone. The great financial crisis validated these ideas
for many policymakers world-wide.
It was clear with hindsight that we had not only mis-estimated the risks in
individual institutions.
More importantly, we had not really understood the risks created by the
dynamics of the system including from outside the core banking system,
namely the amplifiers and feedback mechanisms that drove the system
down in the same way that they had driven it up.
Or the devastating effect all of this would have not just on the financial
system but on the broader economy.
The dynamics of the system itself create risks and costs that markets and
firms do not - and cannot - take fully into account in their decisions and
their pricing.
For example, in a financial crisis individual banks will try to cut lending - to
deleverage - to preserve their funds.
But if all banks do that then, as we saw, the economy will suffer which
damages all banks. I suspect central banks over the centuries had an
intuitive understanding of these risks.
But they were never so great before the development of a truly global,
liberalised financial sector in a digital age.
And they were never clearly identified but instead were wrapped up with
many other risks in the historically opaque world of the central banker.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 56
One key outcome of the crisis was the recognition that in the modern global
economy, there is a need for international standards to cover
macroprudential as well as microprudential risk.
These have been developed and coordinated by the Financial Stability
Board, which was itself created in response to the crisis.
And there is likewise a need for national public authorities that are clearly
responsible for managing these risks.
Macroprudential bodies, in various shapes and sizes, have been set up in
around 40 jurisdictions. In the UK, the FPC of the Bank of England was
formally established in 2013 having existed in an interim form since 2011.
How well have we done?
Seven years on from the crisis and four years from the establishment of the
FPC in the UK it is fair to ask: how well have we done so far?
Have we put in place the machinery - the institutions and the rules - to
manage macroprudential risk?
Have we, as some argue with increasing volume, gone too far and achieved
stability at the expense of growth?
The first area to look at is whether the framework of regulation has now
been set to address systemic as well as firm specific risks.
The new framework has largely been set by international standards, and for
the UK by the incorporation of those standards in EU law.
The Basel reforms to bank capital and liquidity standards have very
materially strengthened the protection of capital and liquidity reserves that
individual banks hold to meet bad times.
Regulatory capital requirements are set to be up to ten times higher than
before the crisis for the most systemically important institutions and banks
will face internationally agreed liquidity ratios for the first time.
In the UK and other jurisdictions, leverage ratios have been introduced in
advance of an international standard that is in train and structural
separation measures are being implemented.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 57
These reforms have strengthened the position of individual firms and in
doing so the resilience of the system as a whole.
But the Basel and other reforms have also recognised explicitly that these
levels of protection need to be set not only to protect investors in individual
firms but also to protect all of us, the whole economy, from the damage to
the system that can be done when systemic firms get into trouble.
Banks that are globally systemic are now required to hold more resources equity capital - that can absorb losses if and when things go wrong. The
extra protection is graded by the systemic importance of the firm.
The aim is that these systemically important players can continue to
operate within the system, serving the real economy, even in bad states of
the world.
And if, despite all the extra protection they do fail, we need to ensure they
can be "resolved" - by which I mean revived or sold or broken up or wound
down - in a way that does the least damage to the economy and that does
not require taxpayer bailouts.
We are now close to the agreement of an international standard requiring
systemic banks to hold a set amount of debt in a form that can be readily
"bailed-in" to recapitalise and stabilise the firm if it fails, so that it can be
resolved over time without doing wider damage.
Macroprudential policy is about more than banks. Other parts of the
financial system can drive up booms and amplify busts.
Derivatives traded between financial firms acted as an amplifier of the crisis
when their values changed very quickly and the firms did not have the
resources to compensate each other for the change.
We are now shifting bilaterally traded derivatives onto central
counterparties where there is better identification and protection against
the risks of sudden changes in value.
Similarly, minimum standards on lending against securities, another
amplifier in the crisis, are being introduced to reduce the impact on firms
when the value of those securities changes quickly.
Seven years on from the crisis, the contours of the new regulatory
framework are clear and in the main agreed; we are well into the
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 58
implementation of many of its main standards. The standards not only
reinforce the safety and soundness of individual firms.
In contrast to the development of prudential framework before 2007, we
now endeavour to address specifically the risks generated by the financial
system as a whole. In other words, the framework is not just stronger. It is
macroprudential in a way that was not true at all before the crisis.
Of course, knowing where to set the detailed prudential standards that
make up the framework is as much an art as a science.
It is one thing to know that before the crisis systemic banks were not
holding enough capital to absorb losses and keep functioning - one has only
to look at the failures, the bailouts and the impact on the real economy.
It is quite another to determine how much capital a systemic bank needs to
hold to be able to continue to operate through a crisis.
As with most things in life, policymakers have looked to the past - for
example to the losses suffered by banks and others in this and in previous
crises - to guide the future.
But we know that it is a useful but an imperfect guide. To paraphrase Mark
Twain, history only rhymes, it does not repeat itself.
That brings me to the second main element of macroprudential policy. The
standing framework can only go so far in addressing risk.
The role of macroprudential authorities, like the FPC, is not just to ensure
the framework addresses systemic risk.
It is to monitor and identify the buildup of risk and the development of new
types of risk. And to take action to address them.
Here I think macroprudential policy is at a much earlier stage of
development.
In part this is probably because having crystallised in the crisis, the risks in
the core banking system have been muted in the aftermath.
And because the development of the new framework of regulation has
consumed so much of policymaker and regulator energy.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 59
The FPC has certainly spent much of its short life so far on the development
and implementation of the new framework of regulation.
But it is also due to the fact that there is still a great variety of views as to
how macroprudential policy should identify and respond to changing risks
in the financial system.
There is no consensus about which risks it should care about and which
instruments are most effective in addressing them. There is not yet the
extensive body of practice and of theoretical and empirical research that
exists, for example, in the world of monetary policy.
As I mentioned, there are now macroprudential authorities in around 40
jurisdictions. But there are very different views among policymakers as to
what time-varying, countercyclical macroprudential should and could do.
Some believe macroprudential policy should actively tighten regulation to
lean heavily against the powerful dynamics of the credit cycle as the
amplifiers in the financial system drive up credit booms and risks.
A more restrained approach would be to use countercyclical policy not so
much to lean against the cycle but to increase the resilience of the system
further by putting in more protection as risks build up in exuberant times.
Others remain unconvinced that there is much of a role for time-varying
macroprudential policy at all and argue that it is better to bake all the
necessary resilience into a very strong standing framework of standards
and rules.
There is certainly no easy way to estimate where we are in the credit cycle
and the impact of macroprudential tools - while there are guides there are
no simple rules.
Against that background, I want to highlight some of the steps the FPC has
taken in this area.
First, using macroprudential policy to address changing risks depends upon
a clear assessment of risks and of the action necessary to address them.
The institutional incentives will inevitably tend to drive macroprudential
authorities to the identification of all possible - and if we are not careful,
some impossible - risks.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 60
Failure to spot a risk is worse than spotting one too many. The outcome of
this dynamic, however, can too easily be a lack of clarity and focus: an
assessment that identifies everything but actually identifies nothing.
With this in mind, the FPC has changed the structure and content of its
bi-annual Financial Stability Report (FSR). The FSR aims to set out publicly
the FPC's view on risks, its assessment of the resilience of the system and to
explain its policy.
In its new form, the FSR will focus on no more than a handful of risks, the
ones the Committee judges are the most important and the most
prominent.
And it will then set out what, given the level of resilience in the system, the
Committee thinks should be done about those risks.
The intention is that such a shorter, more focused report will create a
discipline for the FPC's thinking, help to communicate what the FPC is truly
concerned about and make it easier for others to hold us to account.
Second, the Committee is developing the use of stress testing to assess
macroprudential as well as microprudential risk. Last year, the FPC,
together with the PRA ran the first ever stress test of the UK banking sector
as a whole.
The aim was to test not just the resilience of individual banks but what
happened to the system if all of the major banks faced a severe but plausible
stress scenario at the same time. We are conducting a similar test this year.
The Committee intends to set out later this year how we want to develop
macroprudential stress testing to help us respond to the ever changing level
of risks in the financial system.
At present we are using stress testing to help us judge how resilient the
banking system is to different severely adverse, but plausible, scenarios.
A development of this approach would be to use stress testing more
countercyclically.
Rather than testing every year against a scenario of constant severity, the
severity of the test, and the resilience banks need to pass it, would be
greater in boom times when credit and risk is building up in the financial
system and it has further to fall and then reduced in weaker periods when
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 61
there is less risk in the system and the economy needs the banking system
to maintain lending.
Third, macroprudential risk goes wider than the banking system. Risks can
arise in other parts of the financial system and in the real economy.
A year ago, the UK housing market was clearly developing significant
momentum. Prices were growing much faster than incomes.
Borrowers were increasingly driven to borrow a greater amount relative to
their annual income.
The amount of such new mortgages at high loan to income (LTI) ratios borrowers borrowing over 4 times their annual income - had exceeded its
pre-crisis peak.
The risk the Committee saw was that if the number of high LTI mortgages
continued to grow, there would be increasing numbers of highly indebted
households very vulnerable to a change in economic circumstances.
This would increase both macroeconomic volatility and systemic risk.
The Committee came to the view that this was a macroprudential risk that
needed to be insured against.
It recommended the introduction of limits on the proportion of new
mortgages at high LTI ratios.
The momentum in the housing market cooled and the limits have not so far
been reached. It is impossible to say how much this was a result of the
Committee's action; a number of other important factors were also in play.
But it is an example of the FPC's approach to adjusting policy to respond to
changing risks.
And it is also an example of the Committee taking a broad view of financial
stability that goes wider than direct risks to the banking system.
A further example of how macroprudential risk can develop outside the
banking system is the lending and investment that happens through
financial markets rather than through banks.
To take one example, the global asset management sector has grown by
60% since 2003 and is now a similar size to the global commercial banking
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 62
system. This will probably be one of the new frontiers of macro (and micro)
prudential regulation.
The FPC is exploring whether there are significant risks from changes in
these markets and in particular how asset managers manage liquidity to
meet redemptions in times of stress. There is also work underway on this
internationally.
Macroprudential policy is still a work in development. Over the past few
years much of the FPC's work has been learning by doing.
As we learn, we will have to set out clearly and publicly the development of
our overall policy framework - how resilient we believe the system needs to
be, how we think about macroprudential risk, what risks we believe fall into
the domain of macroprudential and how we will use our policy instruments.
As part of this, the Committee intends to set out by the end of the year our
view on the adequacy of the overall capital framework for banks, now that
the main post crisis reforms have been set.
Have we gone too far?
Financial crises are unruly affairs. The great crisis of 2008-9 was certainly
no exception.
Risks crystallised in unexpected ways and moved between parts of the
financial system that we had not appreciated were connected.
A large number of regulatory reforms were launched to address the many
and dangerous fault-lines that the crisis exposed.
It is only now, as we move through the implementation of these reforms,
that we can start to see the whole picture of how they work together in
practice.
Inevitably, as the new framework starts to bite, the question is asked
whether the reforms, as they interact in practice, produce "unintended
consequences" that are worse than the risks they are trying to reduce.
And, more fundamentally, with economic activity still below pre-crisis
trends, whether we have gone too far and whether regulation is now
preventing the financial system from doing its job to support growth in the
real economy?
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 63
I imagine this debate will be widespread internationally and will last for
some time. In the light of how and why macroprudential policy has
developed and where we now are, I would make the following observations.
First, we should accept that the complex, interlocking set of reforms of
recent years will need fine tuning and adjustment as they are implemented.
There will be issues we have to revisit.
Indeed, this process is already beginning. The Bank of England and the ECB
have together launched a review of the treatment of securitisation.
The FPC and the international community is looking at the issue of liquidity
in financial markets which many argue has been adversely affected by
regulation.
Following up the Fair and Effective Markets Review, the Bank of England
will host an Open Forum to take stock of the reform agenda in financial
markets. And the European Commission has just launched its review of the
EU regulation on bank capital.
Indeed, given the depth and complexity of the financial crisis and the
corresponding depth and complexity of the reforms, we should expect
rather than be surprised that we will need to refine and adjust some of the
regulatory reforms.
Second, however, while we may need to look at how the key elements of the
reforms work in practice and interact, we should not change our overall
appetite for the risk of financial instability or seek to trade off between
financial stability and growth.
Indeed, the more time that elapses since the crisis the more we learn about
its cost, not just in financial terms but in terms of lost economic activity
and, perhaps even more important, loss of growth potential.
The financial system plays a crucial role in a modern economy directing
resources to where they can be most productive and can generate the
greatest return.
When the dynamics of the system itself distort incentives and judgments of
risk and return, there can be a huge misallocation of resources in the
economy.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 64
And when the bubble bursts and the economy has to adjust, a damaged
financial system cannot guide the necessary reallocation of resources indeed, as we have witnessed, it can slow it down.
The overall economic cost is well known. As we now know, the impact of the
crisis on UK productivity growth as well as economic growth has been
devastating.
Seven years on and output per person has only just reached its pre-crisis
level.
We have not even recovered the pre-crisis rate of annual growth in
productivity of around 2.3% and the level of productivity of our economy is
around 15% lower than it would have been on pre-crisis trends.
There is now a growing body of evidence on the very damaging impact of
financial crises on the productive capacity of economies.
Third, we should not imagine that there is some recent halcyon world of
banks supporting the real economy to which we can quickly return if the
regulatory straitjacket is loosened.
The system was badly distorted in the long run up to the crisis.
The post crisis world requires a major adjustment in bank business models.
This is not some unintended consequence of overzealous regulation. It is a
necessary, if painful adjustment to a new reality.
Some numbers from the UK illustrate this point starkly. In the long
upswing of the credit cycle, the stock of domestic lending by UK banks in
the UK grew enormously from 95% in 1997 to 170% of GDP in 2008.
The stock of non-property lending to companies as a proportion of GDP,
however, grew only modestly from 19% in 1997 to 23% in 2008.
Meanwhile, mortgage lending increased from 45% to 70% of GDP; lending
to real estate tripled from 5% to 15% of GDP; and lending to the UK
non-bank financial sector - including institutions like hedge funds,
securities dealers and insurance companies - shot up from 25% of GDP to
60%.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 65
And these numbers do not count the explosion in UK-owned banks'
overseas exposures which more than quadrupled between the end of the
1990s and 2008.
In other words the massive increase in the stock of lending - an increase of
£1.7 trillion in absolute terms - did not lead to very much of an increase in
productive investment at all. Of course there are benefits in enabling people
to buy their homes.
And much of the financing of financial markets almost certainly came back
to productive investment in the form of market investments in business.
But as we discovered in the crisis much of the lending appears to have
financed the increase in house prices and a large part of the market
investment was simply misallocated and lost.
Nor did this increase in lending drive a commensurate increase in economic
growth in this particular credit cycle.
Over the period 2000-2007 GDP growth averaged little more than its
long-run average of around 2.8%.
In fact, business investment over the period averaged just 1.3% a year and it
appears that most of this was related to commercial real estate.
Conclusion
The financial system can be a powerful engine for growth and prosperity.
But its ability to generate systemic crises means it can also be a powerful
destroyer of those as well.
This has been true throughout history but never more so than for today's
highly complex, globalised and digitalised financial system.
We should not therefore see economic growth, or productivity as somehow
opposed to effective financial regulation.
Strong sustainable growth requires not only a strong and vibrant financial
system; it requires the controls and safety buffers to ensure that the
dynamics of the system do not generate periods of illusory growth and
prosperity followed by periods of destruction of the same.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 66
The financial system has come a long way since the time of Emperor
Tiberius. While we have relearned some familiar lessons in recent years, we
have also learned some new ones.
We have had to develop a new regulatory framework, macroprudential
institutions like the FPC and new policy approaches.
Over the next few years we will certainly need to refine all of these.
The implementation of the detailed reforms will inevitably throw up
unforeseen effects in particular places and where it is justified we will need
to revisit issues.
But we should be careful about talking about turning back the overall
regulatory dial or trying to trade off the risk of financial instability for short
term growth.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 67
Assessing the new phase of unconventional
monetary policy at the European Central
Bank
Panel remarks by Mr Vítor Constâncio,
Vice-President of the European Central Bank, at the
Annual Congress of the European Economic
Association, University of Mannheim
It is a great pleasure to participate in this policy panel and to share the stage
with such distinguished fellow participants.
My plan today is to present some key features of the monetary policy
measures recently implemented by the ECB.
As you all know, in January this year the ECB launched the most recent
addition to its suite of tools – the public sector purchase programme
(PSPP), popularly referred to as quantitative easing.
Together with a programme of targeted liquidity provision and a
programme of private sector asset purchases, the PSPP marked a new phase
of the ECB’s unconventional monetary policy.
Previous non-standard measures were mainly aimed at redressing
impairments in the monetary policy transmission mechanism and fostering
a regular pass-through of the monetary policy stance.
Their implications for the ECB’s balance sheet were accommodated in a
merely passive way to satisfy the liquidity demand created by banks.
In contrast, with the new measures implemented since June 2014, the
Governing Council is more actively steering the size of the ECB’s balance
sheet towards much higher levels in order to avoid the risks of too
prolonged a period of low inflation in a situation where policy rates have
reached their effective lower bound.
General considerations underlying the new phase of
unconventional monetary policy
The launch of the new phase of non-standard measures in June 2014 must
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 68
be viewed in the context of the decline in inflation rates since the second
half of 2013, which was accompanied by persistently fragile euro area
growth prospects, even after the sovereign debt crisis abated over the
course of 2012.
The economy was still in recession for most of 2013 and annual GDP
growth figures only became positive in late 2013, leaving significant
economic slack.
A weak recovery took hold over the course of 2014 with growth rates around
and below 1%, but the outlook deteriorated again during the autumn, with
inflation turning negative later that year.
The 2015 GDP growth forecasts for the euro area in the ECB staff
macroeconomic projections had declined from 1.7% in June to 1% by
December.
At the same time, and in contrast to previous developments, weak growth
was accompanied by a prolonged period of declining inflation, which went
from 3% at the end of 2011 to -0.2% in December 2014.
Credit supply conditions in the euro area remained tight, despite signs of
improvement, as indicated by the responses to bank lending surveys.
These developments were particularly worrying because they were
accompanied by a decline in longer-term inflation expectations.
This combination of very low growth in both output and prices was clearly
suggestive of a shortfall in aggregate demand and called for further easing
of the monetary policy stance.
Key ECB interest rates reached their lower bound – with a negative rate for
the deposit facility – and further unconventional measures were deployed,
drawing in part on the experience of other central banks.
Besides lowering key interest rates in June and September 2014, which took
the deposit facility rate into negative territory, the Governing Council has
implemented the following set of unconventional monetary policy
measures over the past year.
In June 2014, as part of a set of credit easing measures, the Governing
Council announced the introduction of targeted longer-term refinancing
operations (TLTROs), offering medium-term credit at fixed rates to banks
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 69
that are willing to extend credit to the private sector.
In September and October 2014 the Governing Council initiated a
programme of outright purchases of private sector assets, in particular of
covered bonds and asset-backed securities.
In January 2015 the Governing Council expanded the purchase programme
to include public sector assets.
The Governing Council explicitly committed to purchasing a total amount
of EUR 60 billion every month from March 2015 until at least until
September 2016.
Furthermore, the Governing Council has kept the programme open-ended
by committing to keep it in place until we see a sustained adjustment in the
path of inflation that is consistent with our medium-term inflation
objective.
The programme aims to maintain market neutrality by purchasing assets
across the whole maturity spectrum between two and 30 years.
The purchases are allocated across countries according to the ECB’s capital
key and any losses emanating from the programmes would be shared
between the national central banks and the ECB in an 80%/20% ratio.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 70
The effects of the measures have to be assessed jointly and taking into
consideration that some of the measures started to produce results before
the decisions were actually taken.
This is particularly true of the PSPP, which was adopted in January; a
survey of market participants conducted in October 2014 showed that over
50% were already anticipating that such a programme would shortly be
adopted.
The distinguishing feature of the new phase of our unconventional
monetary policy is the switch to a more active steering of the ECB’s balance
sheet.
It is important to emphasise the nature of this new phase.
Our intention is not to expand our monetary base in the expectation that,
through the workings of a stable multiplier, this will result in an increase in
monetary aggregates, which will in turn cause an upward movement in
inflation by whatever means conceived by the traditional quantitative
approach.
Our main reason for adopting a large-scale asset purchase programme was
to harness several new channels for the transmission of an expansionary
monetary policy.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 71
The expansion in the monetary base and total balance sheet is rather a
consequence of these new types of monetary stimulus.
Recent experience shows abundantly that those traditional relationships
are not working well in the new realities of the financial system (see Figure
2).
The first channel through which these new unconventional monetary policy
measures are expected to stimulate aggregate demand is by signalling the
ECB’s commitment to maintain an accommodative monetary policy stance.
The TLTROs are a particularly clear example of this signalling channel.
With their pre-specified interest rate and their maturity extending over
many years, these operations provided information on the likely path of
future interest rates.
In the case of asset purchase programmes, the signalling channel operates
more indirectly, through the expansion of the Eurosystem’s balance sheet.
The second channel results in part from the first, and relates to the direct
impact on medium-term inflation expectations that a LSAP programme
implies.
It is expected that when forming expectations about future inflation,
market players factor in the effect of this non-standard policy measure.
Non-standard measures can also stimulate activity through a third channel,
specifically by lowering the effective cost and availability of credit to the
non-financial private sector.
Again, the TLTRO programme does this, providing explicit incentives for
banks to extend their credit supply.
The effectiveness of this programme was reinforced by the conclusion of
our comprehensive assessment of the quality of banks’ balance sheets in
autumn 2014, which provided strong incentives for banks to speed up the
repair of their balance sheets.
The fourth channel of transmission of the new unconventional monetary
policy, which is specific to the asset purchase programmes, operates
through portfolio rebalancing.
By means of its purchase programmes, the ECB exchanges longer-term and
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 72
relatively less liquid assets for very short-term and highly liquid central
bank money.
This mitigates liquidity and duration risks in private sector portfolios and,
given liquidity and Value at Risk constraints, reduces the required
compensation for holding risky and illiquid assets.
As a result, the programmes encourage portfolio rebalancing and support
asset prices.
The ensuing improvement in the balance sheet position of investors and
banks eases leverage constraints and allows banks to extend more credit at
lower costs to the private sector.
Better financing conditions improve growth prospects, increase
profitability and mitigate default probabilities in the non-financial sector.
These positive feedback effects further improve the condition of the balance
sheets of investors and banks, and increase their willingness to extend new
credit in a self-reinforcing positive spiral.
Evaluating the new phase of unconventional monetary policy
In order to correctly assess the effects of our policies, we should use what
would have happened had we not adopted these measures as a benchmark
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 73
for comparison.
Of course, this is virtually impossible to do since there are no sufficiently
reliable and complete models to construct the counterfactual world.
We can only analyse how the variables related to the transmission channels
or the end results have evolved since we started the new policy.
This is what I will do below.
Figure 3 shows the evolution of lending rates in the euro area.
It shows that the sequence of interest rate cuts implemented by the
Governing Council between mid-2012 and mid-2014 was not transmitted to
the effective borrowing costs faced by firms.
By June 2014 we had cut the main refinancing operation (MRO) rate by 95
basis points, bringing it to 0.05%, down from 1% in June 2012.
However, the decline in lending rates for loans in most countries was much
smaller, with the median lending rate applied to small-sized loans in the
median country having declined by not more than 30 basis points.
Since June 2014 the transmission of policy rates to lending rates has
improved considerably, with declines in lending rates becoming more
pronounced as well as more widely distributed across euro area countries.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 74
Our quarterly bank lending survey confirms the improvements in broader
credit conditions since the introduction of our new non-standard measures.
The survey, addressed to the senior loan officers of a representative sample
of euro area banks, provides information on financing conditions in euro
area credit markets and on banks’ lending policies.
The left-hand chart in Figure 4 shows that banks have consistently eased
their credit standards for loans to non-financial corporations over the past
year.
The easing of credit standards stems, notably, from the lower cost of funds
and balance sheet constraints, as well as from greater competition among
banks.
Both developments were clearly objectives of our measures, in particular of
the TLTROs.
The right-hand chart in Figure 4 shows net credit demand conditions and
their contributing factors.
Easier access to credit has been coupled with a consistent increase in firms’
demand for loans.
The general level of interest rates, according to the survey respondents, is
contributing most to the recovery in loan demand.
As I have already mentioned, an important transmission channel for asset
purchases relates to the fact that different assets are imperfect substitutes.
Consequently, interventions by the central bank that affect the supply of
various assets available to private investors influence the prices of many
other assets, including investment grade bonds, equities, real estate and
foreign assets, with consequences for the exchange rate.
To read more:
http://www.ecb.europa.eu/press/key/date/2015/html/sp150825.en.html
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 75
Australian Prudential Regulation
Authority (APRA)
Letter to industry (August 2015)
To: All authorised deposit-taking institutions, general insurers and life
companies
The review of board requirements
On 7 October 2014, APRA released a letter noting its intent to review the
clarity of its requirements of boards in the prudential standards and
supporting guidance materials.
The letter noted that in conducting this review, APRA would seek to ensure
that its requirements of boards are communicated in a way that clearly
recognises the respective roles of the board and management.
The consultation closed on 30 November 2014. Ten submissions were
received in response, four of which are non-confidential.
Submissions were widely supportive of the review and identified a number
of areas for improvement in relation to the clarity of APRA’s board
requirements.
This letter summarises the key issues from submissions, responds to the
main issues and outlines the process planned for the review.
Improvements to the language used to communicate APRA’s
requirements
Submissions suggested that the use of certain language in prudential
standards may create the impression boards are expected to assume
responsibilities that would normally be assigned to management.
For example, the phrase ‘the board and senior management’ is used widely
across prudential standards.
Submissions argued that this language creates ambiguity in relation to the
actions a board is expected to take to meet its responsibilities, and may lead
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 76
to the impression that the board and management are expected to have the
same role.
APRA’s approach to supervision is built on the premise that the board and
management are primarily responsible for an entity’s financial soundness
and prudent risk management.
With this in mind, APRA imposes various requirements and duties on
boards, in addition to those that apply to all entities under the Corporations
Act 2001.
However, in meeting the additional obligations imposed under APRA’s
prudential framework, APRA does not expect that the board will take on
responsibilities that fall within the province of management under
generally accepted practice.
APRA therefore intends to review the clarity of its requirements of boards
in the prudential standards, to ensure that the language used appropriately
reflects the respective roles of the board and management.
Submissions stressed the importance of consistency in the language used to
communicate requirements of boards.
As an example, submissions noted that a number of similar requirements
for the board to receive reports or information are communicated using a
range of terms.
Using a smaller set of terms across the prudential standards to
communicate APRA’s requirements of boards was recommended.
Consistency in the language, it was argued, would avoid the impression that
variations in wording reflect differing levels of board responsibility across
requirements.
In future, APRA will therefore seek to use a narrower set of terms when
describing requirements of boards. Variations in language will only be
retained where there are strong reasons to do so.
Some submissions requested that APRA include further terms in its
definitions standards. In particular, submissions argued that it would be
appropriate to define the term ‘ultimate responsibility’.
However, the term ‘ultimately responsible’ is commonly used not just
within APRA’s prudential standards, but also more widely in other
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 77
guidance such as the ASX Corporate Governance Principles and
Recommendations.
APRA prefers in these circumstances to rely on the generally accepted
definition rather than seek to create its own definition of the term.
Greater reliance on Prudential Standard CPS 220 Risk
Management to describe board obligations
Submissions suggested that greater reliance can be placed on Prudential
Standard CPS 220 Risk Management (CPS 220) to describe the obligations
of the board, as an alternative to specifying board responsibilities in each
prudential standard relating to specific types of risk.
The prudential standards noted include credit risk (under APS 113),
operational risk (under APS 115), market risk (under APS 116) and credit
risk management policies and procedures (under APS 220). Submissions
argued that the over-arching requirements of the board in respect of risk
management in CPS 220 mean that the requirements of boards in these
other standards can be removed.
Although this feedback referred mainly to ADI prudential standards, it can
also be extended to cross-industry and insurance prudential standards.
For example, board requirements are contained in specific areas of risk
including outsourcing and business continuity management, and
reinsurance management for general insurers.
APRA agrees that, as a general principle, the requirements of boards set out
in prudential standards should be aligned to board obligations under CPS
220 where appropriate and that duplication should be avoided.
APRA will review the extent of responsibilities placed on boards in the areas
identified in relation to risk management, to determine whether there are
opportunities for greater reliance on CPS 220 without compromising the
soundness of the prudential framework.
Delegation
Some submissions suggested it is often unclear across APRA’s prudential
standards when a board is able to delegate a matter to a board committee or
management. It was suggested that APRA provide further clarity in this
regard.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 78
APRA has previously noted that where a board is assigned a specific
responsibility under a prudential standard, the board is not able to delegate
its responsibility for ensuring that matter is adequately addressed.
The process followed, and the advice, input and support needed by the
board to meet these responsibilities, remain a matter for the board to
determine.
If the board has been assigned specific responsibility for the matter in
APRA’s prudential standard then, even after a board has referred certain
functions to management, the board retains the responsibility to satisfy
itself that the matter has been properly addressed.
The review process
Given the wide reach of this review, APRA will review the prudential
framework over time and make amendments to prudential standards as
opportunities arise.
APRA anticipates that planned reviews will result in a reasonable
proportion of the ADI, general insurance and life insurance prudential
standards (that contain relevant board requirements) being reviewed over
the next three years or so.
Submissions suggested a large number of specific changes to board
requirements across a number of prudential standards. APRA appreciates
the time and effort taken to provide this feedback.
The specific issues have been captured and will be considered as part of the
review process referred to above.
Further opportunities to provide feedback will be available through
subsequent consultations on any changes to prudential standards.
APRA will also apply the general drafting considerations noted in this letter
as it reviews other materials in future.
Although all submissions received through this consultation referred
exclusively to prudential standards, the drafting considerations noted in
this letter would apply equally to APRA’s guidance materials.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 79
Conclusion
APRA thanks the industry respondents who have engaged with the
consultation process to date.
APRA intends to apply the general drafting principles noted in this letter as
opportunities arise for APRA to make amendments to the existing suite of
prudential standards and supporting guidance materials.
Entities are encouraged to speak to their responsible supervisor should they
have any questions regarding APRA’s expectations of the board.
APRA looks forward to ongoing engagement with industry as it seeks to
ensure its prudential framework is robust, effective, and clearly
communicated.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 80
If You See Something, Say Something
Campaign
Secretary of Homeland Security Jeh Johnson announced a “If You See
Something, Say Something™” public awareness campaign with the
Washington Nationals at the Nationals Park today.
Secretary Johnson threw out the ceremonial first pitch at the Washington
Nationals game at the Department’s first-ever “DHS Night at the Nats”
event.
The Secretary was joined by approximately 1,100 DHS employees and their
families from the National Capital Region.
The event highlighted the Department’s work to protect the homeland,
including continued efforts to partner with the sports industry to ensure the
safety and security of employees, players and fans.
“Partnering with the Washington Nationals is another way that DHS is
engaging with the American public in our shared efforts to ensure the safety
of every fan, player, and employee.
I thank the Nationals for hosting DHS and its frontline employees tonight
to highlight this important message,” said Secretary of Homeland Security
Jeh Johnson.
This initiative brings the “If You See Something, Say Something™” message
to athletes at Nationals Park, as well as employees, spectators and visitors
during home games.
A Public Service Announcement has aired on the scoreboard every home
game.
Messages have also been shared on posters throughout Nationals Park, in
the Nationals program Inside Pitch Magazine, and via in-game
announcements.
The “If You See Something, Say Something™” campaign - originally
implemented by New York City’s Metropolitan Transportation Authority
and now licensed to DHS for a nationwide campaign - is a simple and
effective program to engage the public to recognize and report indicators of
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 81
terrorism and terrorism-related crime to the proper transportation and law
enforcement authorities.
Earlier this year, Secretary Johnson announced the re-launch of the
campaign, including new campaign materials with re-designed imagery and
a new website.
DHS will continue to expand the “If You See Something, Say Something™”
campaign nationally to raise awareness among America’s businesses,
communities, and citizens about how they can remain vigilant and play an
active role in keeping the country safe.
You Play a Role in Protecting Your Community
Across the nation, we're all part of communities. In cities, on farms, and in
the suburbs, we share everyday moments with our neighbors, colleagues,
family, and friends.
It's easy to take for granted the routine moments in our every day—going to
work or school, the grocery store or the gas station.
But your every day is different than your neighbor’s—filled with the
moments that make it uniquely yours.
So if you see something you know shouldn't be there—or someone's
behavior that doesn't seem quite right—say something. Because only you
know what’s supposed to be in your everyday.
Informed, alert communities play a critical role in keeping our nation safe.
"If You See Something, Say Something™" engages the public in protecting
our homeland through awareness–building, partnerships, and other
outreach.
Suspicious activity
Suspicious activity is any observed behavior that could indicate terrorism or
terrorism-related crime. This includes, but is not limited to:
-
Unusual items or situations: A vehicle is parked in an odd location, a
package/luggage is unattended, a window/door is open that is usually
closed, or other out-of-the-ordinary situations occur.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 82
-
Eliciting information: A person questions individuals at a level beyond
curiosity about a building’s purpose, operations, security procedures
and/or personnel, shift changes, etc.
-
Observation/surveillance: Someone pays unusual attention to facilities
or buildings beyond a casual or professional interest. This includes
extended loitering without explanation (particularly in concealed
locations); unusual, repeated, and/or prolonged observation of a
building (e.g., with binoculars or video camera); taking notes or
measurements; counting paces; sketching floor plans, etc.
Some of these activities could be innocent—it's up to law enforcement to
determine whether the behavior warrants investigation. The activities
above are not all-inclusive, but have been compiled based on studies of
pre-operational aspects of both successful and thwarted terrorist events
over several years.
Protecting Citizens' Privacy & Civil Liberties
The "If You See Something, Say Something™" campaign respects citizens'
privacy, civil rights, and civil liberties by emphasizing behavior, rather than
appearance, in identifying suspicious activity.
Factors such as race, ethnicity, and/or religious affiliation are not
suspicious. The public should only report suspicious behavior and
situations (e.g., an unattended backpack or package, or someone breaking
into a restricted area). Only reports that document behavior that is
reasonably indicative of criminal activity related to terrorism will be shared
with federal partners.
How to Report Suspicious Activity
Public safety is everyone's responsibility. If you see suspicious activity,
report it to local law enforcement or a person of authority.
Describe specifically what you observed, including:
Who or what you saw;
When you saw it;
Where it occurred; and
Why it's suspicious.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 83
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 84
Occupational pensions stress test
Stress tests are an important supervisory tool
to examine the sensitivity of the occupational
pensions sector to adverse market
developments and to reach robust conclusions
for the stability of the financial system as a whole and to enhance consumer
protection.
The aim of the exercise in 2015 is to test the resilience of defined benefit
(DB) and hybrid pension schemes against adverse market scenarios and
increase in life expectancy as well as to identify potential vulnerabilities of
defined contribution (DC) schemes.
In parallel with the stress test EIOPA carries out a Quantitative Assessment
(QA) on its work on solvency for IORPs to further educate its advice to the
European Commission.
The timing of the stress test and the Quantitative Assessment has been
aligned to minimise the administrative burden for participating IORPs and
NSAs (common technical specifications, templates and processes, including
launching and submission dates, Q&A and quality assurance processes).
The stress test has been designed for the countries where the IORP sector
exceeds 500 million euros in assets.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 85
The following Member States fall within this scope: Austria, Belgium,
Cyprus, Germany, Denmark, Spain, Finland, Ireland, Italy, Luxembourg,
the Netherlands, Norway, Portugal, Sweden, Slovenia, Slovakia and the
United Kingdom.
The exercise is conducted in close cooperation with the national
supervisory authorities (NSAs): the NSAs will identify and contact
prospective participants in the test.
As of now, EIOPA will provide industry participants with the regular
updates on the status and all the upcoming steps of the stress test.
To learn more:
https://eiopa.europa.eu/financial-stability-crisis-prevention/financial-stab
ility/occupational-pensions-stress-test
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 86
Official directory of the European Union
This publication contains the organisation charts and contact information
of the institutions, bodies and agencies of the European Union.
An electronic version, updated every week, can be consulted on the site:
http://whoiswho.europa.eu
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 87
Renminbi and China's global future
Keynote address by Dr Zeti Akhtar Aziz, Governor of
the Central Bank of Malaysia (Bank Negara
Malaysia), at the HSBC Reminbi Forum "Renminbi
and China's Global Future", Kuala Lumpur
The increasing role of the renminbi in the global
financial system from a trade currency to an
investment currency and now its potential role as a global reserve currency
will have significant global implications.
I am delighted to be here this morning to speak at this Renminbi Forum.
The renminbi sphere has indeed extended beyond the Asian region,
extending to other continents, to Europe, Latin America and the Middle
East.
The renminbi is no longer an Asian story, but it has now become a global
story.
It reflects China's importance and influence in the changing contour of the
global economic and financial landscape, and the steps that have been
taken to enhance its international role.
My remarks today will focus on the increasing trend of the
internationalisation of the renminbi despite the recent challenges faced in
the Chinese economy; the implications of this trend to the region and finally
on the steps that Malaysia has taken as the region transitions into this
environment.
Long-term prospects for the Chinese economy and the renminbi
After decades of rapid growth, the Chinese economy is now transitioning to
a growth path that is more sustainable.
It is important to recognise that the moderation in the Chinese economy
has been in part, policy-driven, through conscious reforms to restructure
the economy to become more balanced and domestic demand-centric.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 88
These economic reforms have been accompanied by financial and exchange
rate reforms, geared towards modernising the economy and financial
system that is increasingly more integrated with the global economy.
These reforms are mutually reinforcing as the transformation of the
structure of the Chinese economy is necessary to support its integration
with the world economy and the international financial system.
The commitment to these reforms is crucial in securing the long-term
growth prospects for China, even as the Chinese economy faces short-term
challenges in the recent period.
The recent one-off adjustment of the renminbi reflects a conscious effort by
China to align the renminbi to a market-driven mechanism as a part of a
crucial reform to allow the renminbi to reflect financial market
developments and economic fundamentals.
In an environment of continued weakness in global trade, these short-term
challenges include managing the ongoing corrections in the real estate
sector, leverage in the financial system and more recently, the volatility in
the stock market.
While these uncertainties may generate concerns over the renminbi in the
near term, it needs to be recognised that the long-term growth prospects for
China remain intact, and that this will continue to strengthen the
foundations that will support the transition of the renminbi as an
international reserve currency.
China has a high rate of savings, healthy external position, an inherent
competitive mass manufacturing advantage and a large educated workforce
to sustain its long-term potential economic growth.
Importantly, the narrative of the global future of China cannot be explained
in isolation - it is part of a broader account of the growing importance and
greater integration of Asia, and the stronger interlinkages with other
emerging economies in the global economic landscape.
China and the region are becoming more than just global exporters.
The increased efforts are seen in the steps to develop more extensive
investment and financial linkages in the region as well as the rest of the
world through key strategic initiatives such as the One Belt One Road
initiative, the Asian Infrastructure Investment Bank and the New
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 89
Development Bank. Reflecting its expanding role in the global economy and
the international financial system, the renminbi will assume greater
strategic importance in facilitating the development of these new
investment and financial linkages, including meeting the greater demand
for infrastructure spending.
This is also reinforced by the transition of Asia from a global producer to a
global consumer thus becoming an important driver of growth in the world
economy.
The rise of the renminbi is often associated with expectations of rapid
capital account liberalisation.
In this regard, the historical experience of the major currencies over the
recent fifty years holds important lessons for the renminbi.
Many advanced economies continued to retain significant capital account
restrictions until early 1980s, later than the internationalisation process of
their currencies that began in earlier decades.
Such evidence suggests that the transition of the renminbi as an
international currency can commence with the gradual and sequential
liberalisation of the capital account.
China's position on a 'managed convertibility' approach instead of the
traditional 'fully or freely convertible' can therefore be appreciated given
the lessons from the Global Financial Crisis and the risks associated with
volatile capital flows even for such a large emerging economy like China.
It is important to note that China has made significant progress in this area.
This is even acknowledged by the IMF in its recent reports as they note that
China has already achieved full or partial convertibility in 35 out of 40 items
under the capital account.
The rise of the renminbi and its implications
While the path for the renminbi to be a fully international currency will
remain gradual, the renminbi has already achieved significant milestones.
It is now the second most used currency globally for trade finance and the
fifth most used currency for global payments.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 90
One-quarter of China's total trade is now invoiced in renminbi, and this is
expected to double within the next five years.
By some accounts, more than sixty central banks around the world already
hold renminbi in their official reserves.
The rise of the renminbi as an international currency would facilitate trade,
investment and financial activities that are commensurate with the
continued growing importance of China in the global landscape.
Of significance to the Asian region, the rising importance of the renminbi
will reinforce the trend towards greater regional financial and economic
integration. China is already the main trading partner for most economies
in the region.
The increased usage of the renminbi and the more developed regional
financial markets for the renminbi provides an opportunity to recycle
savings within the region and thus support the increased intra-regional
investment activities.
More renminbi-based trade within the region will create pools of renminbi
liquidity which would create a demand for instruments which would in turn
spur the development of more efficient and integrated renminbi capital
markets in the region that can contribute towards better intermediation
between the surplus and deficit units in the region.
In addition, the renminbi can be a source of stability for the global
monetary system.
The increasing use and recognition of the renminbi as an international
reserve asset will strengthen the foundations of the current global monetary
system that is currently reliant on too few major currencies.
With the increased economic and financial interconnectivity in the world
today and the greater potential for international policy spillovers, a more
multipolar global monetary system with more diverse sources of global
liquidity would contribute towards a more stable international financial
system.
Looking ahead, these developments present tremendous opportunities for
the private sector.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 91
Indeed, trade invoicing in renminbi has already begun to spread beyond
predominantly Chinese enterprises to multinational companies (MNCs)
turning to China as a key market for their products and services.
Notably, despite the initial difficulties in operationalising the
renminbi-based system, some MNCs have successfully upgraded their
global invoicing and payment systems to settle trade and working capital in
renminbi with their Chinese counterparts.
This allows for significant cost-savings on foreign exchange transactions in
addition to efficiency gains from matching trade receipts to funding
working capital requirements.
The increased use of the renminbi for their investment activities in China is
supported by the flexibility provided in China for movements of global
funds in and out of the country.
The potential longer-term benefits from using the renminbi-based system
for their trade, working capital requirements and FDI in China is thus seen
to clearly outweigh the implementation costs.
In the more recent decade, financial investments have also gathered
momentum as foreign investors commenced investment activities in
Chinese financial markets since 2003 through the Qualified Foreign
Institutional Investor (QFII) program.
Wide-ranging measures, including the introduction of China Interbank
Bond Market (CIBM) foreign quota in 2009, the Renminbi Qualified
Foreign Institutional Investor (RQFII) in 2011 and the operationalisation of
the Hong Kong-Shanghai Stock Connect in 2014, are all aimed at
encouraging greater participation of foreign investors in China's mainland
financial markets.
At the same time, China is improving the global renminbi settlement and
clearing system through a wider network of renminbi clearing banks and
the upcoming Cross-Border Interbank Payment System (CIPS) to lower the
transaction costs for the renminbi relative to other major currencies.
Currently, there are at least five hundred global investors, including sixty or
more foreign central banks and sovereign wealth funds, that have gained
direct access to China's financial markets.
Many more have access through the Hong Kong-Shanghai Stock Connect.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 92
Malaysian institutional investors seeking to internationally diversify their
investments would need to intensify the learning curve process in the
Chinese financial markets to realise its benefits.
Malaysia: A pioneer in the cross-border use of the renminbi
Malaysia was one of the earliest countries to recognize the potential role of
the greater cross-border use of renminbi.
Given China's significance as Malaysia's largest trading partner, the
settlement of trade and investment in renminbi significantly lowers costs
and promotes greater cross-border trade and investment activity.
In turn, fund-raising activity in renminbi has become a means for Malaysia
to utilise the renminbi liquidity obtained through trade settlements.
Malaysia has a comparative advantage in this area, as the largest debt
securities market in Southeast Asia and as a leading centre for sukuk
issuance.
As an early pioneer of renminbi initiatives, Bank Negara Malaysia (BNM)
was the first ASEAN central bank to sign a currency swap agreement with
the People's Bank of China (PBC) in February 2009. In the same year, BNM
was also the first Asian central bank to become a QFII investor and among
the first wave of foreign investors in CIBM.
In 2010, the Malaysian ringgit became the first emerging currency to be
directly traded with the renminbi in the China Foreign Exchange Trading
System (CFETS).
In 2013, BNM signed a Cross-Border Collateral Arrangement (CBCA) with
PBC to enable the use of home currency collateral to obtain domestic
liquidity in the host country.
In November 2014, BNM signed an MOU on a renminbi clearing bank
arrangement.
The Bank of China Malaysia was appointed as the renminbi clearing bank in
January 2015.
Going forward, BNM will work towards further enhancing financial
co-operation with PBC in the area of Renminbi Qualified Foreign
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 93
Institutional Investor (RQFII) to provide an alternative avenue for
Malaysian investors to invest in onshore Chinese financial markets.
BNM has also worked to integrate the renminbi into the domestic financial
system by incorporating the renminbi in Malaysia's Real Time Gross
Settlement System (RENTAS).
In November 2013, BNM introduced the Renminbi Liquidity Facility (RLF)
to licensed onshore banks to facilitate more effective renminbi liquidity
management in Malaysia.
Today, the usage of renminbi in Malaysia has grown rapidly, with the daily
size of renminbi foreign exchange volume at RMB6.7 billion.
Malaysian institutions and corporations such as Khazanah, Cagamas,
Axiata and Maybank have issued renminbi bonds.
With the various renminbi financial infrastructure that has been put in
place to support trade, investment and financial flows between Malaysia
and China, this trend is expected to increase.
Malaysian entities with large regional network should consider using
Malaysia as the centre for their regional renminbi transactions and thus
contribute towards greater economies of scale over time.
This would in turn enable the transactions to be conducted in the most
efficient and cost effective way.
Conclusion
Let me conclude my remarks. In a short time span of six years since 2009,
the renminbi has accomplished much of its goals but there is still a long
journey ahead as most international currencies have evolved over several
decades.
The impact of the Chinese economy on Asia has been significant with many
countries now counting China as their largest trading partner, and in some
cases, among the largest foreign investors.
Reflective of the underlying fundamental economic changes, the rise of the
renminbi, although gradual, is inevitable with important implications not
only to Asia but to the rest of the world.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 94
Undoubtedly, the renminbi is more important to Asia than anywhere else.
Given this, Asia including Malaysia must be ready for this transition of the
increased internationalisation of the renminbi and its potential role with
Asia's integration path and thus contributing towards further unlocking the
potential of the region.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 95
Dodd-Frank at Five: A Capital Markets
Swan Song
Commissioner Daniel M. Gallagher
U.S. Chamber of Commerce, Washington, D.C.
Thank you, David [Hirschmann] for that overly
kind introduction. I appreciate the invitation to
speak to you today.
This will likely be my last formal speech as an SEC Commissioner, and I can
think of no better audience than the Chamber’s Center for Capital Markets
Competitiveness.
The Center has remained a zealous and effective advocate for capital
formation and free markets during a period in which these bedrocks of our
economy have constantly been under attack, and it is an honor to be here
today to share my thoughts with you.
It is also special to have Commissioner Piwowar here today.
I would like to thank him for his friendship and collegiality during our time
together on the Commission.
After four years of sprinting through a marathon course, my time at the
Commission is drawing to a close.
It has been an honor and a privilege to serve as a member of the
Commission, and I hope my contributions have helped further the debate
on how best to accomplish the mission of the SEC.
Last month marked the fifth anniversary of the Dodd-Frank Act, meaning
that my entire tenure as a Commissioner has occurred in the midst of the
first Five-Year Plan for our national economy.
And, as is always the case with grandiose central plans, Dodd-Frank has
backfired, strangling our economy, increasing the fragility of the financial
system, and politicizing our independent financial regulators.
***
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 96
While, as I’ll discuss further shortly, the Fed, FDIC and OCC were busy
leveraging the financial crisis to grow their prudential empires, the SEC
became the implementing tool for the long pent-up dreams of liberal
policymakers and special interest groups.
Indeed, Dodd-Frank stands as the only piece of major securities legislation
in U.S. history that was rammed through Congress without bipartisan
support.
Prior to the enactment of the Dodd-Frank Act, every major piece of
securities legislation since the New Deal — including the Exchange Act
which created the Commission, as well as the 1940 Acts, the 1975 Act
amendments, the Remedies Act of 1990, NSMIA, and notably
Sarbanes-Oxley — enjoyed bipartisan support.
Obtaining such support for Dodd-Frank, however, would have entailed
tempering the statute by legislative compromise, meaning its authors would
have had to listen to competing ideas and jettison some of the “progressive”
wish-list items jammed into the 2300-page behemoth.
If the SEC seems political nowadays, it is because of Dodd-Frank.
Not only is it an incredibly ideological piece of legislation ill-suited to an
independent agency explicitly constituted in a manner designed to ensure a
bipartisan — or non-partisan — approach to regulation — but it is also
largely just a series of ill-formed mandates that need to be interpreted and
implemented to have any practical effect.
In passing Dodd-Frank, Congress delivered a message to the Commission
similar to that of Henry Ford concerning the aesthetics of the Model T:
“Any customer can have a car painted any color he wants so long as it is
black.”
Dodd-Frank established the SEC as the scrivener for a hundred
Congressional mandates stemming from one side of the political spectrum.
Is it any wonder that since its passage, these mandates — ambrosia to
members of one party, anathema to those of the other — have drawn out the
different philosophies of the Commissioners?
Is it any wonder that Commissioners from the party devoted to free market
ideals chafe at being mandated to paint Congress’s Model T — or, more
appropriately, their Edsel?
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 97
Dodd-Frank by its very nature has made the Commission look to the
outside world like a microcosm of Congress itself.
Indeed, it has called into question the very notion of “independent”
agencies.
In addition to politicizing the agency internally, Dodd-Frank has impaired
the work of the SEC by placing it at a decided disadvantage to prudential
regulators.
Just as “collectivization” served as both the means and the ends of Soviet
Five-Year Plans, so too has “prudential regulation” provided additional
tools for central bank apparatchiks to unleash their inner central planners
in an attempt to fundamentally alter the very nature of our capital markets.
This came as no surprise to some of us, as Dodd-Frank’s jurisdictional
grants of authority to bank regulators were in large part the result of an
unwitting Congress buying into a narrative contrived in large part by those
very same regulators.
The narrative held that, unlike clunky capital markets regulators like the
SEC, prudential regulators were good enough and smart enough to run our
economy — and doggone it, the 111th Congress liked it!
And so, Dodd-Frank created the Fed-dominated Financial Stability
Oversight Counsel, or FSOC, the Fed-dominated SIFI designation process,
the Fed-dominated Title VIII oversight regime for clearance and
settlement, the FDIC-dominated Title II resolution process, and so on.
While capital market regulators were tasked with writing long, complicated
rules to interpret and implement the ill-formed mandates of the
Dodd-Frank Act, prudential regulators were given greatly broadened
authority over the economy.
Dodd-Frank, in short, sought to make prudential regulators Masters of the
Universe.
Since I became a Commissioner in 2011, I have seen the implications of this
mindset play out in some very real ways.
For example, while the Fed was busy proposing incredibly intrusive rules
under Sect 165 of Dodd-Frank, the so-called Intermediate Holding
Company rulemaking, a rulemaking that hugely impacted SEC registrants,
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 98
we at the SEC were also busy — working on the conflict minerals disclosure
rule.
It was emblematic of the view of the SEC held by policymakers at the Fed
that our staff was not consulted in a meaningful way before the Section 165
rules were proposed.
To be fair, maybe the Fed was merely trying not to burden the SEC with
trivial matters such as the fundamental structure of bank affiliated
broker-dealers — after all, while the Section 165 rules were gestating, the
Commission was making the U.S. financial markets safe by ensuring that
Congolese tantalum would never again take down the likes of Lehman or
AIG!
Within the FSOC, the SEC Chairman is just one vote out of 10, and together
with the CFTC Chairman, one of two capital markets regulatory voices.
What’s worse, as I and Commissioner Piwowar have emphasized many
times in the past, these votes are the purview of the SEC Chairman, not the
Commission itself.
You might think this structural disproportionality would be reflected in
FSOC’s vote tallies, with the capital markets regulators frustrated by their
lack of voting power but holding their ground on principle.
But, alas, FSOC has moved in harmony as each SEC Chairman since its
inception has voted with the prudential regulators — even in the case of the
Met Life designation vote, in which the FSOC’s sole insurance expert was
the lone no vote.
FSOC has proven to be a poor construct for monitoring and addressing
potential systemic risk.
To be clear, it is important to have that function, but the FSOC has clearly
been the wrong way to approach it.
An FSOC structured more like a regulatory college — where each
organization is a member, as opposed to each regulatory head — and
operated like a think tank, via the power of good ideas, backed by solid
research, economics, and other science, instead of relying upon diktat,
would be a good place to start.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 99
Until that happens, the SEC must be actively and publicly providing input
to FSOC. The agency cannot simply go along for the ride.
On this point, I have to tip my hat to Chair White for opening a comment
file on the tortured OFR Report on asset managers in 2013.
But more is needed.
As troublesome as FSOC is, an even more dangerous charade is playing out
in the international star chamber known as the Financial Stability Board, or
FSB, where there are only three capital markets regulators on the thirty-five
member steering committee.
What’s more, the gaggle of central bankers on the FSB steering committee
includes not only representatives from the European Commission, the
European Central Bank, and the Basel Committee, but also central bankers
from many of the individual countries that are members of these
organizations.
Why is it that Spain and the Netherlands get invitations to the FSB cocktail
parties, but Texas and South Carolina do not? It is a little-known fact that
from 1945 to 1991, the Soviet Union had three seats in the United Nations —
one for the USSR, and one apiece for the Ukrainian and Byelorussian Soviet
Socialist Republics.
The FSB has moved this program of selective over-representation
westward, but the principle is the same, comrades.
This has allowed the Europeans — for whom capital markets are much less
important than the United States — and their pro-prudential regulatory
cohorts in the United States to relegate their capital markets counterparts
to the kids table out in the hall.
Apparently, the U.S. representatives can’t, or don’t want to, stand up for
capital markets.
Prudential regulation is an important tool for bank regulators to use in
supervising banks’ risk-taking activities, so as to ensure that risks are
limited to an acceptable level and avoid posing an undue strain on the
government insurance backstop — despite the moral hazard and
expectations of “no losses” that the insurance itself creates.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 100
But in practice, “prudential” regulation can and has evolved into an opaque
regulatory system in which the government’s invisible hand replaces the
market’s, transcending rule enforcement and becoming the decision maker
for ostensibly private enterprises.
The attempts by our prudential regulators and their international
counterparts to de-risk the U.S. capital markets and make them look like
the banking markets are not just philosophically wrong — they are an attack
on U.S. competitiveness.
As I have stated before, piling more regulatory burdens on our capital
markets will only cause more activity to move overseas, where
up-and-coming jurisdictions in Asia and elsewhere would be more than
happy to gain market share.
And it will stifle domestic economic activity, as companies will be forced to
line up for bank loans made scarce by new bank regulations rather than
pursuing capital formation opportunities in the market.
In the bubble of the beltway, regulators can come to believe that they are
omniscient, that they know better than Main Street America.
They are often lured by special interest groups who insist that Americans
must be coddled and that private enterprise is rapacious and greedy.
So it takes a special breed to resist that siren song of greater regulatory
power and authority. It takes those willing to play referee, rather than God.
When the SEC rotely rubber-stamps the work of the prudential regulators
and their umbrella organizations FSOC and FSB, we get less vibrant
markets, more government backstops, more potential bailouts.
Along these lines, I tip my hat to IOSCO Chairman Greg Medcraft, who
recently had the courage to break ranks from the party line espoused by his
peers in Basel in announcing his view that the asset management industry
does not pose a systemic risk.
Importantly, Chairman Medcraft acknowledged a fundamental truth about
capital markets regulation, one that I have been loudly making since the
day I became a Commissioner — that “markets are all about taking risks
and should be regulated in different ways to banks.”
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 101
Let’s hope that his voice is not like the sound of the proverbial tree falling in
the woods.
***
Despite these external threats to the U.S. capital markets and our
regulation thereof, change must first start from within. As I have said many
times over the last four years — you are what you prioritize.
It is more than abundantly clear that the SEC’s place in the pantheon of
federal regulators cannot be taken as a right, or as immutable.
We have to prove ourselves to be a smart, tough-but-fair regulator of the
capital markets. It is when we are weak, or appear incompetent, that the
barbarians storm the gates.
And the only way for the SEC to remain a pre-eminent federal regulatory
agency is for the Commission to commit to a robust and proactive agenda.
With that, I’d like to share some final thoughts regarding the priorities for
the main operating Divisions and Offices at the SEC.
Over the last seven years, the Division of Corporation Finance (“Corp Fin”)
has unfortunately, and despite the best instincts of many key staffers,
become a tool for advancing a radical shareholder rights agenda.
Executive pay rules, stonewalling on shareholder proposal reform, and now
the universal ballot — the Corp Fin agenda has confused protecting investor
activism with protecting investors.
Sometimes these two are aligned, but sometimes they are not. I am
encouraged that the Chamber and other prominent organizations have
banded together in the Corporate Governance Coalition for Investor Value
to start challenging this dominant viewpoint.
Corp Fin’s commitment to review disclosure effectiveness is a positive step
forward, but I also fear this will be yet one more vehicle for injecting a
radical view of corporate disclosure, trying to involve information that any
investor might find interesting, rather than information that a reasonable
investor would find important in making an investment or voting decision
— that is the heart of the SEC’s disclosure regime.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 102
Corp Fin must also work to ensure that the opportunities inherent in our
capital markets remain open and attractive to all businesses.
Despite incremental improvements like Reg A+, which the Commission
adopted this year, small businesses are still highly constrained when it
comes to capital formation, and often have no access to viable secondary
markets.
Indeed, many growing businesses have consciously avoided the public
markets over the past decade because of the regulatory baggage that
accompanies the offering regime, instead choosing the far simpler options
of selling themselves or staying private.
And who can blame them?
Companies that go public get such “benefits” as shareholder proposals,
social policy masquerading as disclosure requirements — tune in, by the
way, for tomorrow’s SEC open meeting to adopt a final pay ratio rule for a
textbook example of that — shareholder activists, and, best of all, creeping
and continuing federal intrusion into corporate governance.
Over the coming years, the manner in which Corp Fin addresses these
issues will play a large role in determining whether our capital markets
continue to be the engines that power our economy.
As for the SEC’s Investment Management Division, I am proud to say that it
has made great strides in recent years, shepherding a nuanced money
market fund rule to adoption and announcing a suite of rulemaking
initiatives aimed at gathering better and more useful data in the fund space.
But the Commission needs to continue to assert itself as a competent and
effective overseer of the asset management industry, which has been under
attack from the prudential regulators since the financial crisis.
The FSOC and FSB have recently shifted their focus to the activities and
products of asset managers rather than attempting the absurdity of
declaring individual large asset managers as “systemically important.”
This does not mean, however, that they have abandoned their quest to
de-risk the industry with prudential regulatory tools like capital
requirements, which serve absolutely no purpose in an agency business.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 103
For the sake of the millions of investors who depend on our asset
management industry, the Investment Management Division must stand its
ground and defend its purview.
The Enforcement Division has done an admirable job in the wake of the
financial crisis, resisting calls to storm Wall Street with torches and
pitchforks while still addressing the miscreants, both large and small,
corporate and individual, that plague our capital markets.
However, we need to be constantly reminded of the importance of being
measured and thoughtful in exercising our enforcement authority.
For example, throughout my tenure I have repeatedly called on the
Commission to tread carefully when bringing enforcement actions against
compliance personnel, who are often the only line of defense we have in
detecting and preventing violations of the federal securities laws.
Recent enforcement actions holding compliance officers to a standard of
strict liability will only serve to chill talented professionals from playing this
vital role.
We also need to remain focused on affording respondents the due process
rights to which they are entitled.
The recent attention on the SEC’s use of administrative proceedings has
fostered a healthy debate on this topic. I am confident the Enforcement
Division will heed outside voices calling for introspection, such as the
Chamber’s recent report in this area.
And, as for my old stomping grounds — the Division of Trading and
Markets (“TM” — I understand all too well the competing priorities and
demands it constantly faces.
But, TM must not lead from behind — or worse, fall into a reactionary role
— on market structure.
The Commission needs to stop dabbling around the edges on
deep-in-the-weeds issues such as Rule 15b9-1 and start taking on the hard
work of genuine, holistic market structure reform.
And TM must be empowered to begin a comprehensive program for
oversight of the fixed income markets. As I have said before in response to
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 104
calls to address the issues set forth in Flash Boys, we still need to address
the ones that were highlighted in Liar’s Poker…over 25 years ago!
A number of areas of TM’s oversight are woefully outdated and in need of
attention. Commissioners have publicly called for reforms of the transfer
agent rules and the settlement cycle.
There is a long list of other needed reforms, such as a finalization of the
Rule 15a-6 amendments.
We should also be questioning why the SEC does not have regulatory
authority over the markets for treasuries and over municipal debt issuers,
given their overwhelming importance to the capital markets.
And it is long past time that the Commission re-think the SIPC regime and
work with Congress on needed updates to SIPA.
These are critically important issues that have needed to be addressed for
years, but unfortunately they have taken a back seat to Dodd-Frank
mandates that have nothing to do with the financial crisis or the
Commission’s mission.
I have been glad to witness over the course of my tenure the transformation
of the Division of Economic and Risk Analysis (“DERA”) from a start-up
enterprise to a vital Division with its own purpose and priorities.
DERA staff are critical to analyzing the costs and burdens associated with
the Commission’s rulemakings, which all too often have failed to accurately
take into acct the crippling and cumulative costs being placed on issuers
and market participants.
I hope DERA is able to bring on more staff and continues to be integrated
into the sausage making factory called SEC rulemaking.
And, the Office of Compliance Inspections and Examinations, or OCIE, has
also come a long way since its low point following the financial crisis, and
they will hopefully get a boost with third party investment adviser
examinations.
As with DERA and ENF, OCIE must continue to work with the
policymaking divisions, and resist the urge to undertake rulemaking
through examinations.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 105
***
Notwithstanding the many concerns I have set forth today, I remain
optimistic about the SEC’s future and I believe that the agency is in a much
better position than it was four years ago.
The agenda is still all too dominated by the nonsense of Dodd-Frank, and
the agency’s place in the financial services regulatory constellation is still
too low.
However, there are hopeful signs of life and indicia that the SEC will go
back to its roots: allowing disclosure to inform investors and preserve
investor choice; letting the market, rather than regulation, decide winners
and losers; and using appropriate discretion in exercising its power.
There appears to be a renewed understanding on the Commission of the
critical importance of updating existing programs instead of continuing the
Dodd-Frank death march of rulemaking.
And some capital markets regulators are finally speaking out about the
importance of capital markets to investors and the global economy.
These are issues I raised in my first speech as a Commissioner — in this
building — in 2011.
They were important then and critical now.
Thank you for your attention, and thank you to the Chamber for inviting me
here today.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 106
Disclaimer
The Association tries to enhance public access to information about risk and
compliance management.
Our goal is to keep this information timely and accurate. If errors are brought to
our attention, we will try to correct them.
This information:
is of a general nature only and is not intended to address the specific
circumstances of any particular individual or entity;
should not be relied on in the particular context of enforcement or similar
regulatory action;
-
is not necessarily comprehensive, complete, or up to date;
is sometimes linked to external sites over which the Association has no
control and for which the Association assumes no responsibility;
is not professional or legal advice (if you need specific advice, you should
always consult a suitably qualified professional);
-
is in no way constitutive of an interpretative document;
does not prejudge the position that the relevant authorities might decide to
take on the same matters if developments, including Court rulings, were to lead it
to revise some of the views expressed here;
does not prejudge the interpretation that the Courts might place on the
matters at issue.
Please note that it cannot be guaranteed that these information and documents
exactly reproduce officially adopted texts.
It is our goal to minimize disruption caused by technical errors.
However some data or information may have been created or structured in files or
formats that are not error-free and we cannot guarantee that our service will not
be interrupted or otherwise affected by such problems.
The Association accepts no responsibility with regard to such problems incurred
as a result of using this site or any linked external sites.
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 107
The International Association of Risk and Compliance
Professionals (IARCP)
You can explore what we offer to our members:
1. Membership – Become a standard, premium or lifetime member.
You may visit:
www.risk-compliance-association.com/How_to_become_member.htm
If you plan to continue to work as a risk and compliance management
expert, officer or director throughout the rest of your career, it makes
perfect sense to become a Life Member of the Association, and to continue
your journey without interruption and without renewal worries.
You will get a lifetime of benefits as well.
You can check the benefits at:
www.risk-compliance-association.com/Lifetime_Membership.htm
2. Weekly Updates - Subscribe to receive every Monday the Top 10 risk
and compliance management related news stories and world events that
(for better or for worse) shaped the week's agenda, and what is next:
http://forms.aweber.com/form/02/1254213302.htm
3. Training and Certification - Become
a Certified Risk and Compliance
Management Professional (CRCMP) or a
Certified Information Systems Risk and
Compliance Professional (CISRSP).
The Certified Risk and Compliance
Management Professional (CRCMP)
training and certification program has
become one of the most recognized
programs in risk management and compliance.
There are CRCMPs in 32 countries around the world.
Companies and organizations like IBM, Accenture, American Express,
USAA etc. consider the CRCMP a preferred certificate.
You can find more about the demand for CRCMPs at:
www.risk-compliance-association.com/CRCMP_Jobs_Careers.pdf
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 108
You can find more information about the CRCMP program at:
www.risk-compliance-association.com/CRCMP_1.pdf
(It is better to save it and open it as an Adobe Acrobat document).
For the distance learning programs you may visit:
www.risk-compliance-association.com/Distance_Learning_and_Certificat
ion.htm
For instructor-led training, you may contact us. We can tailor all programs
to specific needs. We tailor presentations, awareness and training programs
for supervisors, boards of directors, service providers and consultants.
4. IARCP Authorized Certified Trainer
(IARCP-ACT) Program - Become a Certified Risk
and Compliance Management Professional Trainer
(CRCMPT) or Certified Information Systems Risk
and Compliance Professional Trainer (CISRCPT).
This is an additional advantage on your resume,
serving as a third-party endorsement to your knowledge and experience.
Certificates are important when being considered for a promotion or other
career opportunities. You give the necessary assurance that you have the
knowledge and skills to accept more responsibility.
To learn more you may visit:
www.risk-compliance-association.com/IARCP_ACT.html
5. Approved Training and Certification Centers
(IARCP-ATCCs) - In response to the increasing
demand for CRCMP training, the International
Association of Risk and Compliance Professionals is
developing a world-wide network of Approved Training
and Certification Centers (IARCP-ATCCs).
This will give the opportunity to risk and compliance managers, officers and
consultants to have access to instructor-led CRCMP and CISRCP training at
convenient locations that meet international standards.
ATCCs use IARCP approved course materials and have access to IARCP
Authorized Certified Trainers (IARCP-ACTs).
To learn more:
www.risk-compliance-association.com/Approved_Centers.html
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 109
RiskMinds International is the world’s largest and most prestigious risk
management conference and is fully established as the most senior
gathering of the global risk management community. 600+ CROs, global
supervisors, renowned academics and expert industry practitioners will
gather together this December to discuss strategic risk management, capital
allocation and practical risk modelling.
I will be providing information about the CRCMP training course during
the event. I am pleased to be able to offer you a special 15% discount off the
booking fee for RiskMinds International. Just quote the discount VIP
Code: FKN2436IARCPE to claim your discount.
The latest agenda can be found on the website here, as well as the speaker
line-up to date. For more information or to register for the 22nd annual
RiskMinds, please contact the ICBI team on: Tel: +44 (0) 20 7017 7200
Fax: + 44 (0) 20 7017 7806 Email: [email protected] Web:
http://www.riskmindsinternational.com/FKN2436IARCPE
Please note: you can save up to £1800 in early bird savings on top of the
15% discount.
I look forward to meeting those of you attending this conference.
Best Regards,
George Lekatis
President of the IARCP
1200 G Street NW Suite 800,
Washington DC 20005, USA
Tel: (202) 449-9750
Email: [email protected]
Web: www.risk-compliance-association.com
HQ: 1220 N. Market Street Suite 804,
Wilmington DE 19801, USA
Tel: (302) 342-8828
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)
P a g e | 110
12-15 October, The Excelsior Hotel, Hong Kong
The World’s Largest Risk Management Event Series' Asian Conference
* 10% DISCOUNT OFFER *
Quote VIP Code: FKN2438BCP
 Join 200+ senior risk managers from around the world
 20+ CROs in attendance
 Learn from 80+ speakers across 85+ sessions
Find out more & claim your 10% discount today on:
www.riskmindsasia.com/FKN2438BCP
Please contact ICBI for all enquiries:
Email: [email protected]
Tel: +44 (0)20 7017 7200
Note: The IARCP is media sponsor of RiskMinds Asia 2015
_____________________________________________________________
International Association of Risk and Compliance Professionals (IARCP)