By FinOps Report editor Chris Kentouris

The recent implosion of family office Archegos Capital Management should renew interest in counterparty risk management and the need for a holistic program, say some broker-dealer risk management experts.

By JP Morgan’s estimates the fallout may have cost some prominent prime brokers, such as combined as much as US$10 billion in trading losses. Archegos’ betting on certain stocks using total return swaps made it difficult for prime brokers to understand the full extent of Archegos’ positions and leverage. In addition, because Archegos was a family office it was exempt from registering as an investment adviser with the US Securities and Exchange Commission. Therefore, it did not have to disclose ownership positions the way hedge funds do. The SEC and other regulators have suggested they could now start to scrutinize risk management systems more thoroughly. They might even require registration of family offices and more reporting on derivatives and synthetic structures.

Joanna Fields, managing principal of regulatory compliance and risk management consultancy Aplomb Strategies and senior consultant with Patomak Global Advisors, a financial services consultancy focused on global legal, regulatory and policy challenges, recently spoke with FinOps Report about the events surrounding Archegos. She offered good practice recommendations on how broker-dealers can evaluate and reduce their counterparty risk using a holistic management program. Here is what Fields had to say:

Can you explain the recent events with Archegos, and why some prime brokerage firms experienced financial loses while others didn’t?

Archegos is a family office which invested in the U.S., Chinese, and Japanese stock markets. The recent events were driven primarily by the firm’s use of newly developed delta one electronic trading products offered by its prime brokers. Archegos had a highly leveraged exposure to a portfolio of stocks including Viacom CBS, Discovery Communications. and Tencent Holdings mainly through swap transactions. Simply put, the firm invested in total return swaps which allowed counterparties to have exposure to assets, such as equities, without owning them. These trades are financing trades, whereby the counterparty borrows money from its prime broker, to invest in a portfolio of underlying securities. Archegos pledged a small percentage of the portfolio of stocks with its prime brokers– a practice otherwise known as getting leverage. As the stock prices fell on the portfolio, margin calls were triggered requiring either additional cash or securities.

With highly leveraged positions, as was the case with Archegos, the prime broker may make a margin call requiring the counterparty, or fund manager to put up more collateral. The prime brokers, which acted as lenders, thought their exposure was controlled because Archegos pledged collateral in the form of a portfolio of shares in the underlying total return swaps. Therefore, all the prime brokers would have to do is sell off the shares to recover the money owed. When Archegos could not make its margin calls and tanked, it caused billions in losses to the prime brokers which lent it money to trade the total return swaps. Total return swaps are a legitimate investment. However, recent events have focused regulatory attention on the processes and controls used by prime brokers to extend leverage.

Although some entities experienced a critical failure in counterparty risk management, others were able to mitigate their losses from Archegos because they sold the collateral more quickly and because they hedged their market risk exposure.

You say that holistic counterparty risk management is important in reducing counterparty risk. What does that entail and how does it differ from what brokerages do now?

In my experience helping broker-dealers respond to regulatory matters involving market risk, net capital, asset segregation, and stress testing, I found that most firms have almost all the individual components in place to manage risk, All they need is to strategically tie them together. My starting point for developing a proactive counterparty risk management model includes assessing key stakeholders; evaluating the firm’s risk tolerance; understanding how the firm measures risk; understanding the firm’s procedures, process, and controls; evaluating any periodic reviews performed by the firm for systems access, new products, trading businesses, counterparty types, trading systems and matching engines; conducting performance stress testing; conducting independent assessments; and implementing training.

Counterparty risk management is not a one-person job. It takes a team of people with different perspectives working together to clearly communicate risk. The broker-dealer must clearly define its risk tolerance and understand in real time its liquidity needs. From there it can evaluate its cushion of liquid assets. The firm must have a clear understanding of how it calculates, evaluates, and escalates liquidity needs. A sound procedure for calculating market-wide or idiosyncratic stress scenarios is critical. The firm must also have operational risk, market risk, and credit risk controls. It should also consider the controls used to apply with SEC Rule 15c3-5 — the market access rule. Effective since 2011, the rule requires broker-dealers allowing their customers access to the market to establish and enforce risk management controls and supervisory procedures to make certain that client transactions fall within credit and capital thresholds; are not erroneous; and do not violate any applicable regulatory requirements.

Although firms may have automated reviews for new stress scenarios, new products, and new asset classes, they must keep in mind that a lot of the analysis performed by risk management is still handled manually through Excel spreadsheets and pivot tables. An internal audit and internal compliance audit must be performed. An independent assessment must also be performed to bring in an outside perspective and identify any gaps. I have seen broker-dealers struggle with staffing and communications for several reasons. First, they do not have the right people to understand new technology, algorithms, or the risk of new products. Second, the business line does not include the right people or value their input. Third, even when independent reviews and controls exist, the results are not communicated effectively to senior management to produce an entire risk picture. Lastly, new product and trading platform risks are not included or understood as a priority, prior to initiating new activity. It is important to identify a particular issue, cull all the relevant data, and communicate the right sound bites to senior management that will have an impact and not get lost in all the noise. This is especially important during an idiosyncratic market event like the one we just experienced.

Based on your understanding of how Archegos’ implosion occurred what do you think might have gone wrong with counterparty risk management and why?

Over the past few years broker-dealers have started offering new electronic algorithms to trade swap contracts. I firmly believe that OTC derivative products do belong in a diversified portfolio of assets but they must be managed effectively with knowledgeable staff. That said, trading activity for family offices does require due diligence for meeting Rule 15c3-5 credit limit settings, for understanding AML, for understanding customer due diligence, and for understanding beneficial ownership and common control relationships. As with any new counterparty type, firms need to consider counterparty risk, which includes a review at the time of onboarding and a periodic review to ensure that the counterparty is transacting in the manner expected.

In the case of Archegos, some broker-dealers did not appear to rely on real-time Rule 15c3-5 controls and reviews. They depended on end of day margin requirements. My understanding is that in some instances broker-dealers also did not include swaps trading in their front office Rule 15c3-5 controls, so the firms’ financial control threshold settings were never triggered. In other instances, the settings were not reasonably set to identify market and credit risk levels until it was far too late. The firms I work with have integrated their front office controls for Rule 15c3-5 with their market and credit risk teams to ensure alerts are quickly sent to the right people to communicate risks in trading activity in a clear and precise manner to senior management and key stakeholders who understand risk. In the case of Archegos if the Rule 15c3-5 controls had been set to look at a counterparty’s activity across all asset classes the notional level setting should have triggered trading alerts which would have given risk teams a means to react quickly.

End-of-day margin and collateral reports and data inputs are critical to risk management, but they need to be part of a holistic process, which can communicate market, operational, and credit risk in real time. This scenario should be in every broker-dealer’s periodic stress testing module going forward.

How would an ideal counterparty risk management program work?

No firm is perfect. When discussing how to develop a holistic counterparty risk management program the aim is to set reasonable expectations and concurrently start a conversation about risk within the firm. Risk management works best when all key stakeholders are at the table and have a clear picture of data at their fingertips to assess various types of risk. Broker-dealers have thousands of clients, and the risk of each client depends on its market exposures.

A sound counterparty risk management program needs to aggregate all accounts under the same beneficial owner; evaluate the historical pattern of trading; capture the concentration of positions; consider Regulation SHO; understand relevant market events; and consider the firm’s contingency liquidity funding. Meeting Regulation SHO is a priority for regulators because short selling affects a firm’s net capital requirements.

Having the right risk managers can make a huge difference in knowing what to do and when. Broker-dealers then need to empower those risk managers by giving them systems and tools so they can create risk tolerance controls and alerts and communicate over time effectively to senior managers. Firms must create an escalation program, which includes a decision-tree of who to contact, and what data is required to make informed decisions. That escalation program must also question the status quo. Each key stakeholder should have ownership of the risk he or she needs to manage and the means to escalate concerns when appropriate. For example, the sales department needs to know its clients and identify unexpected trading behaviors. Firms don’t need a new process for family offices. This can easily be done using the firm’s existing periodic assessment of its Rule 15c3-5 controls and threshold level settings. The credit and liquidity risk management departments need to have developed a contingency program for operating in a stressed environment which outlines specific plans to address certain risk conditions; who is responsible for enacting the plan; how to access liquidity during a stress event; and how to determine when contingent liquidity funding would be used.

An effective counterparty management program includes reports that measure liquidity risk and related market operations and credit risk issues in a cohesive way to senior managers. The liquidity risk reports should include contingent liquidity risk, concentration risk, stress test results, intraday liquidity risk, or collateral risks. This analysis should also include daily, monthly, and even longer projections. Concentration risk is one of the factors critical to a holistic counterparty risk management program and should be considered particularly if a firm relies on short-term funding. The risk analysis can include inventory concentration in related asset classes and the level of funding required for a particular market. Firms need to confirm their concentration risk reports, aggregate client activity across asset classes, and trading platforms and identify unexpected increases in exposure to certain asset classes, markets, and across counterparties.

The key to remember is that the concentration risk review should not just be for margin requirements at an individual account level. I have seen instances where firms have only changed margin requirements in a simple account for one asset class, but not considered the concentration risk for all related accounts and across related asset classes. Some broker-dealers have concentration reports, which are missing specific trading flows because accounts are not aggregated at the beneficial owner level. Alternatively, the firm may have implemented new trading platforms or systems, but information from those applications does not flow into the applications generating the concentration reports.

Counterparty risk management programs should also include ongoing know-your-customer due diligence. If the customer appears to be a duck but acts like a tiger, don’t treat it like a duck. In any client relationship the broker-dealer should consider input from the business line affected and conduct Rule 15c3-5 reviews, AML reviews, and credit and operational reviews that incorporate a client’s historical trading behavior to assess expected trading behavior.

What benefits will a holistic counterparty risk management program bring to broker-dealers?

Apart from meeting regulatory requirements (and spending less time with me), there is a clear economic benefit for firms to quickly assess a counterparty relationship and determine if the customer is financially worth the cost of continuing to do business. Developing a holistic counterparty risk management program should allow firms to assess the viability of an account relationship and provide senior management of the firm with a full picture of the firm’s risk for different asset classes, products, and counterparties more effectively.

What has prevented some broker-dealers from implementing a holistic counterparty risk management program and what will be the catalyst for change?

If I consider all the enforcement actions, I have reviewed over the past few years the same two obstacles keep arising when it comes to why broker-dealers have struggled to implement a robust risk management framework. The first obstacle is the lack of good staffing and training. The second obstacle is technology. Funding back-office technology has never been a priority for firms and broker-dealer technology costs have been skyrocketing for years. Unfortunately, I have found that risk metrics often rely on outdated older platforms which have not kept up with some of the new algorithmic trading activity and considered system capacity. It is important to note that there has been a paradigm shift in Washington DC. Regulators, such as the SEC are laser-focused on risk-management protocols, AML, and market manipulation. As a result, brokers need to ensure ongoing counterparty due diligence is being performed. It should be a focus for all broker-dealers.

Who at the broker-dealer should own the risk management process and why?

No single person should own counterparty risk. From a practical standpoint, I cannot stress enough that the most effective way to communicate key risks is not a one-off daily email alert that is widely distributed to multiple parties. The ability to escalate events to key stakeholders is paramount. There should also be senior management risk meetings where clients are proactively discussed. Market, operations, and credit risk managers should be included in those meetings. They need to be prepared with data to explain clearly and concisely why they are ringing the alarm. The discussion should include a well-thought plan to address counterparty risk holistically and in terms the front-office can understand.

You mentioned all of the parties that must sit at the table when it comes to preparing a holistic counterparty risk management program. What role should the trading desk play and why?

The trading desk and front-office senior management are responsible for knowing the customer. Often a customer at the time of onboarding will say it plans to trade a certain volume and provide an array of asset classes. When the relationship matures there are instances when the customer does not do the volume of business hoped for, but the hope is that the customer will add new products and increase volume over time. Understanding what the firm expects the client to trade and the related risks associated with each client’s business versus the reality of what the client is trading is critical. Although earning commission dollars is important, senior management understands that there are costs of doing business and the risks cannot outweigh the benefits. Risk managers are not saying no to business. They are providing analysis to determine if the business is profitable.

How will the Archegos debacle affect how broker-dealers manage counterparty risk from family offices in the future?

I don’t believe the events surrounding Archegos represent an issue with family offices. Firms need to do a better job incorporating risk from their prime brokerage and trading businesses into risk management controls and reports. Ongoing due diligence should be performed due diligence should be performed and controls periodically reviewed to ensure they are up to date and capture all asset classes as well as trading platforms and they can aggregate all counterparty related activity. The silver lining of all this is that maybe firms will give operations, market, and credit risk managers a seat at the table and make better hiring decisions in the future.

Shouldn’t the past SEC fine and temporary barring from money management work imposed against Bill Huang, Archegos’ CEO have been a warning sign not to do business with him?

The events at Archegos highlight why risk managers need to have a seat at the table along with AML managers at the start of a new client relationship. For a higher-risk client there should be clear ongoing processes to determine if the client’s activity meets expectations and whether the relationship should be maintained. It is truly more of an art than a science to balance the risks of a client relationship against sales commission dollars with a business head. One way to accomplish this balance is to communicate all the risks of a client relationship with the return on investment and cost of capital in a single meeting. This communication should not be hidden in an email requesting a laundry list of onboarding documentation requests.

How will Archegos’ implosion affect regulatory exams and how can broker-dealers prepare for those exams?

Over the years FINRA has provided clear guidance as to what it expects of broker-dealers. However, if I had a list of the top five requirements broker-dealers should prepare for the first would be to identify key stakeholders and to continue to train them. The second would be to develop clear processes, procedures, and a framework for identifying, monitoring, communicating, and escalating risk scenarios. The third would be to set threshold controls and periodically evaluate how these measures are calculated to ensure they continue to work as designed to evaluate and quickly identify liquidity needs. The fourth would be adapt stress scenarios to include recent market events. The fifth would be to use internal audit or compliance groups and external parties to independently evaluate the current risk framework to ensure all asset classes, systems, and trading products are included over time.

The SEC is considering some regulatory changes in the wake of the Archegos incident. What are those changes and will they be helpful or harmful and why?

I can only emphasize that everyone should stay tuned. Until now the SEC has taken the position that investors are not required to report positions in equity derivatives, such as total return swaps, unless they have voting power. If an investor doesn’t have voting power, it is not considered to be a beneficial or ultimate owner of the shares. Investors. who become the beneficial owners of more than 10 percent of a company’s shares. are also deemed to be corporate insiders and must report changes in their holdings. Although Archegos was estimated to have had exposure to the economics of more than 10 percent of multiple companies’ shares it didn’t have to report those positions.

I am concerned that the SEC and other regulators will require reporting of total return swaps when all it needs to do is to understand the reports they already have or will start receiving such as Focus reports, CAT, OAT, EBS, global harmonized swaps reporting, TRACE, and short position reporting. It is unclear whether requiring another report will do anything more than create another costly endeavor for firms and prevent them from developing the internal controls, reports, and processes to holistically assess their own risk. Technology costs are already skyrocketing. data privacy concerns are increasing, and cybersecurity requirements are growing. Developing another report to provide regulators with more data seems counterintuitive. My preference would be for the SEC and FINRA to ask targeted questions during their exams about broker-dealers’ risk regulatory frameworks. Regulators should work with firms to develop key areas of improvement based on their individual business models, counterparties, and risk thresholds.

Why not have the SEC require family offices to register. Wouldn’t that be a good solution for broker-dealers?

Unfortunately, with family offices the exception often proves the rule and there are very few viable exceptions such as Archegos and Point 72. Most family offices are managed by a registered investment advisor who maintains US$1 million to US$2 million under management. It is very costly and time-consuming for an entity to register with the SEC. It doesn’t make sense to require all family offices to register. Instead, the SEC should take a targeted approach under the existing reporting framework, review CAT and swaps reporting data, evaluate periodic assessment of Rule 15c3-5 controls and AML due diligence. If there are still shortcomings, then the SEC should work with the industry to develop a holistic solution.

One last question. What final words of advice can you offer broker-dealers when it comes to managing counterparty risk?

There are several steps firms can take to create a more sustainable process for managing counterparty risk. The first is to assess the staff responsible for managing counterparty risk to ensure they have the training and knowledge of the asset classes involved and to know what to do in case an idiosyncratic risk event occurs. The second is to ensure that all reports and processes match the inventory of products, trading systems and matching engines. If information is missing, the analysis will be incomplete. The third is to aggregate activity across all related accounts and to identify concentration risk in a single underlying entity, asset class, or market. The final step is to make certain the risk department has received the budget for any pending development project so that a regulator during an exam doesn’t see a laundry list of risk management items with no dates in the delivery field. Most firms have all the independent pieces and just need to put them together to create a holistic picture of risk which can be escalated to senior management to act in a timely manner.

This interview is adapted from a June 23, 2021 webinar held by FinOps Report with Joanna Fields, managing principal of Aplomb Strategies and senior consultant at Patomak Global Advisors. For further information please contact Ms. Fields at joanna.fields@aplombstrategies.com