There seems to be some ground-laying for follow-on Red Flag compliance guidelines to emerge either pre- or post- May 1, 2009.  Whether they arrive in the form of clarifying statements by the Red Flags Rule drafting agencies, or separate guidelines beyond the current Rule, the ambiguity associated with the current set of parameters leads me to believe that:The door is open for many entities, not clearly called out in the Red Flags Rule as 'covered' to be more formally placed under that umbrella, andA new series of mandates may be on the horizon as the focus on identity theft prevention and, of critical note, consumer protection continues to sharpen.I look at "The President's Identity Theft Task Force Report" (September 2008) as a potential catalyst for the publication of more formal directives around consumer identity theft prevention programs.  While the report currently sits in the form of recommendations, it is likely that some of these recommendations may evolve into more definitive enactments.  Additionally, it's clear that even commercial entities that are potentially not covered by the Red Flag Rule today are called out as still in need of stringent and diligent identity theft prevention measures.  More to follow next time on this report.

Market risk and credit risk are different. The bank can offset market risk by purchasing interest rate swaps or other interest rate derivatives. 

By: Tom Hannagan In my past postings, we’ve discussed financial risk management, the role of risk-based capital, measuring profitability based on risk characteristics and the need for risk-based loan pricing (credit risk modeling). I thought it might be worthwhile to take one step back and explain what we mean by the term “risk.” “Risk” means unpredictable variability. Reliable predictions of an outcome tend to reduce the risk associated with that outcome. Similarly, low levels of variability also tend to reduce risk. People who are “set in their ways” tend to lead less risky lives than the more adventuresome types. Insurance companies love the former and charge additional premiums to the latter. This is a terrific example of risk-based pricing. Financial services involve risk. Banks have many of the same operational risks as other non-financial businesses. They additionally have a lot of credit risk associated with lending money to individuals and businesses. Further, banks are highly leveraged, borrowing funds from depositors and other sources to support their lending activities. Because banks are both collecting interest income and incurring interest expense, they are subject to market, or interest rate, risk. Banks create credit policies and processes to help them manage credit risk. They try to limit the level of risk and predict how much they are incurring so they can reserve some funds to offset losses. To the extent that banks don’t do this well, they are acting like insurance companies without good actuarial support. It results in a practice called “adverse selection” – incorrectly pricing risk and gathering many of the worst (riskiest) customers. Sufficiently good credit risk management practices control and predict most of the bad outcomes most of the time, at least at portfolio levels. Bad outcomes (losses) that are not well-predicted, and therefore mitigated with sufficient loan-loss reserves, will negatively impact the bank’s earnings and capital position. If the losses are large enough, they can wipe out capital and result in the bank’s failure.

There seems to be some ground-laying for follow-on Red Flag compliance guidelines to emerge either pre- or post- May 1, 2009.  Whether they arrive in the form of clarifying statements by the Red Flags Rule drafting agencies, or separate guidelines beyond the current Rule, the ambiguity associated with the current set of parameters leads me to believe that:The door is open for many entities, not clearly called out in the Red Flags Rule as 'covered' to be more formally placed under that umbrella, andA new series of mandates may be on the horizon as the focus on identity theft prevention and, of critical note, consumer protection continues to sharpen.I look at "The President's Identity Theft Task Force Report" (September 2008) as a potential catalyst for the publication of more formal directives around consumer identity theft prevention programs.  While the report currently sits in the form of recommendations, it is likely that some of these recommendations may evolve into more definitive enactments.  Additionally, it's clear that even commercial entities that are potentially not covered by the Red Flag Rule today are called out as still in need of stringent and diligent identity theft prevention measures.  More to follow next time on this report.

Market risk and credit risk are different. The bank can offset market risk by purchasing interest rate swaps or other interest rate derivatives. 

By: Tom Hannagan In my past postings, we’ve discussed financial risk management, the role of risk-based capital, measuring profitability based on risk characteristics and the need for risk-based loan pricing (credit risk modeling). I thought it might be worthwhile to take one step back and explain what we mean by the term “risk.” “Risk” means unpredictable variability. Reliable predictions of an outcome tend to reduce the risk associated with that outcome. Similarly, low levels of variability also tend to reduce risk. People who are “set in their ways” tend to lead less risky lives than the more adventuresome types. Insurance companies love the former and charge additional premiums to the latter. This is a terrific example of risk-based pricing. Financial services involve risk. Banks have many of the same operational risks as other non-financial businesses. They additionally have a lot of credit risk associated with lending money to individuals and businesses. Further, banks are highly leveraged, borrowing funds from depositors and other sources to support their lending activities. Because banks are both collecting interest income and incurring interest expense, they are subject to market, or interest rate, risk. Banks create credit policies and processes to help them manage credit risk. They try to limit the level of risk and predict how much they are incurring so they can reserve some funds to offset losses. To the extent that banks don’t do this well, they are acting like insurance companies without good actuarial support. It results in a practice called “adverse selection” – incorrectly pricing risk and gathering many of the worst (riskiest) customers. Sufficiently good credit risk management practices control and predict most of the bad outcomes most of the time, at least at portfolio levels. Bad outcomes (losses) that are not well-predicted, and therefore mitigated with sufficient loan-loss reserves, will negatively impact the bank’s earnings and capital position. If the losses are large enough, they can wipe out capital and result in the bank’s failure.