December 11, 2020

The Eye of Providence: Thoughts on the Evolution of Bank Supervision

Vice Chair for Supervision Randal K. Quarles

At the Federal Reserve Board, Harvard Law School, and Wharton School Conference: Bank Supervision: Past, Present, and Future (via webcast)

Torrential thanks to our partners Harvard Law School and The Wharton School for organizing this conference, and to the Federal Reserve staff who have played a key role. And an equally huge thanks to all of the moderators and panelists who are participating in today's event and to all of you who are tuning in. I have very much enjoyed the discussion so far, and I hope that the conference will encourage both more and a wider variety of academic work on bank supervision.

In many respects, the focus of today's conference on bank supervision, rather than regulation, and the relatively recent efflorescence of scholarly attention to that topic, are welcome new developments. In other respects, however, the question of the proper scope of bank supervision is not a new topic at all. In going through some family papers recently, I came across this cri de coeur from one Elton Hall, president of a small bank in Victor, Idaho, as quoted in the Teton Valley News in November, 1921:

The government has so governed [my] bank that [I] no longer knew who owned it. I am inspected, examined and re-examined, informed, required, restrained, and commanded. . . . I am supposed to be an inexhaustible supply of money . . . , and because I will not sell all I have and go out and beg, borrow, or steal money to give away, I have been cussed, discussed, boycotted, talked to, talked about, lied to, lied about, held up, hung up, robbed and nearly drained, and the only reason I am clinging to life is to see what in hell is coming off next.

Were Mr. Hall transported to the District of Columbia in 2020, he would immediately realize that he had clearly had no idea what was "coming off next" if he had thought he was over-imposed upon in Idaho's Teton Valley in the winter of 1921. But before the bankers in the congregation become too inclined to commiserate with him, I should note that the reason I know anything about Mr. Hall, and the reason his quote is among those family papers, is because his bank failed not so many years thereafter, as did nearly half the small banks in the country between 1920 and 1930. Mr. Hall's bank on the western slope of the Tetons was acquired by a visionary young banker from Utah by the name of Marriner Eccles. This was during the Roaring '20s, well before the Great Depression and the Banking Crisis of 1933. Before the evolution of modern supervisory practices, bank failures were extremely common, even in boom times.

So, how should we think about this new, yet very old, question? I'd like to begin as many of you have today, by focusing first on regulation—as a way of throwing into relief some key issues that are both important and hard about its cousin supervision.

One of my goals at the Board of Governors has been to make our regulatory framework simpler, more consistent, more predictable, and more efficient. This approach is not new. It draws on many decades of practical experience and public policy analysis. At its most basic, this approach rests on the premise that we should continuously challenge ourselves to make sure that our policies are achieving their intended objectives, based on evidence and a data-driven assessment of their impact on the public.

These principles—simplicity, consistency, and predictability—are all connected to what is perhaps a more fundamental principle of regulation, and indeed of law itself—transparency. Transparency makes the intent of regulators clear and their actions more predictable to those regulated. Regulations are more effective when they are well understood and more effective when their predictability and consistency build respect for the fairness of regulation that encourages compliance. Transparency helps guard against regulation that is arbitrary or capricious. Transparency is enshrined in statutory process protections such as those in the Administrative Procedure Act, which facilitates understanding and communication.

All these principles—simplicity, predictability, transparency, efficiency—lead to better regulatory outcomes. All other things equal, simpler rules are better because they are easier to understand, to implement by banks, and to supervise by examiners. Predictable, consistent, and clear rules are more effective because they are consistent across firms and over time. In addition, we develop rules through an iterative process that takes place in the open. Through this process we learn about potentially unanticipated consequences—which allows us to avoid these surprises, which are in no one's interest. The public comment process also naturally facilitates a dialogue with the organizations that would be subject to the rules, as well as any interested party, helping the government to produce a regulatory framework that takes into account both benefits and costs. A focus on efficiency helps ensure that we avoid any unnecessary burden and externalities.

We relied on these principles in establishing the new regulatory framework in the wake of the global financial crisis. The essential elements of that framework—which now includes dynamic and risk-sensitive capital requirements and rules-based, quantitative liquidity standards—all reflect extensive and significant consultations with the public and careful analysis of the impact that these rules will have on individual banks and the U.S. banking system. Our benchmark for capital adequacy is now based on standardized measures of risk and leverage across all banks. This is supplemented by an annual stress test with extensive transparency and disclosure around the process and results that provides additional, consistent risk sensitivity. We now regulate liquidity as one of our enhanced prudential standards for large banks, with two clear quantitative standards—the short-term liquidity coverage ratio (LCR) and long-term net stable funding ratio (NSFR) requirements—and clear expectations for liquidity risk management, articulated in a regulation that went through a public notice and comment process.

Partly as a product of these improvements, we have made our regulations more efficient by better differentiating among risks. Our capital rules require firms that hold riskier positions either to maintain capital that addresses those risks or to take steps to de-risk. Our liquidity rules similarly require firms with more unstable funding to hold more liquid assets or to improve the stability of their funding. In addition, last year the Board adopted changes to our overall regulatory capital and liquidity frameworks that differentiates among the systemic risks presented by individual banks. Under the revised framework, the most complex, systemically important firms are subject to the most stringent requirements, and less-complex firms are subject to less-stringent requirements. In the long run, these changes will lead to fairer, more efficient results, while preserving the safety and soundness of the U.S. banking system and broader financial stability.

Because of the improved regulatory framework in place early this year, banks were in a strong position to deal with the challenges of the COVID event. For example, in March of this year, customers of U.S. banks drew down nearly $480 billion on existing lines of credit to cover cash needs during the severe disruption in revenues in the early days of the COVID event—by far the largest monthly increase in history. Banks were able to fund these loans without notable problems in part by drawing on liquidity buffers created by the new regulatory system. They have not only maintained, but actually increased their capital during this time—notwithstanding the large provisions taken earlier in the year. And they have continued to extend credit throughout the protracted evolution of the COVID event, to this point largely satisfying the demand for credit in the economy.

Of course, having clear, consistent, predictable, and efficient rules of the game is not the end of the story. Our rules are not an academic exercise. They represent concrete, binding requirements on real people and real businesses. Our obligations to the public mean we need to verify that our rules are being followed, detect emerging risks, and make sure any deficiencies are swiftly addressed. This is the task of the bank supervisor, rather than the bank regulator.

Regulation and supervision are different tasks, and I have spent this time reviewing how we have pursued the goals of simplicity, predictability, transparency, and efficiency in regulation in part to lay the groundwork for showing how much harder it is to pursue those goals in the realm of supervision. Regulation and supervision both flow from the statutory authority granted to the Federal Reserve and the other banking agencies by Congress establishing our duty to promote a safe and sound banking system. Regulation does that on a generalized, system-wide basis. Supervision, in contrast to regulation, looks at firm-specific issues, such as how a firm's idiosyncratic risks are evaluated under our regulations, and at risk-management frameworks that cannot easily be assessed through standardized risk measures. For example, while our capital rules require banks to hold a specific level of capital, our exams focus on subjects such as the plans of management to make sure they can meet those capital requirements on an ongoing basis. Supervisors summarize the results of these examinations and their overall assessment of a firm in the form of a supervisory rating, the importance of which I will discuss shortly.

The progress we have made on regulation creates an opportunity for us to focus more of our attention on supervision and the principles of simpler, more consistent, more predictable, and more efficient supervisory standards. For example, because the Board found that there had been significant improvements in risk management since the global financial crisis, we removed the "qualitative objection" from our stress testing process.1 Similarly, we simplified our capital framework through the introduction of a stress capital buffer (SCB) requirement.2 How should supervision evolve in light of the new stronger and more comprehensive regulatory edifice we now have in place?

An example: after we emerge from the COVID event, we will no longer need to maintain temporary limitations on capital distributions by large banks and can instead rely on the regulatory capital framework that the Board established earlier this year—the SCB. Among its many advantages, under this framework we will no longer need to review periodic requests from banks for additional capital distributions. Instead, the SCB sets a clear and explicit capital target that firms must stay above at all times. As a result, firms can rely on that SCB target to define how much capital they can distribute in any given calendar quarter. This is a better process because it is more predictable and more efficient.

That said, we may still want to conduct a limited review of the capital plans of banks to give some insight into risks that the stress test might not fully pick up. For example, if a firm enters a new line of business and does not yet have a good framework for assuring its managers can measure the results of that business in light of its risks, supervision can detect that shortcoming and the firm can help address this vulnerability before the uncaptured risks materialize. Similarly, our new long-term stable funding rule—the NSFR rule—provides objective standards to address risks that fall outside the boundaries of our short-term funding requirement—the LCR rule—and thereby takes some pressure off supervisors to monitor these risks on a case-by-case basis. However, the LCR and NSFR do not address all sources of liquidity risk, and poor dynamic liquidity risk management can lead to a firm's failure just as surely as a present-tense lack of liquidity. In these ways, bank supervision can act as an early warning system and identify risks before they metastasize into problems that drain a firm's financial resources or liquidity position.

Yet as important as the practice of supervision is, these examples also show that it is inherently more judgmental, nuanced, discretionary, variable, and opaque than the practice of regulation. And variability and opacity breed distrust, even when that distrust is not at all merited. The point here is that all the benefits that come from simplicity, predictability, and transparency would be equally valuable in supervision—but necessarily much harder to obtain while maintaining the benefits of supervision, which are substantial if we are not to return to a world where half the small banks in the country will fail during one of the most prosperous decades in our history.

Keeping all this in mind, and given the success of our refinement of the overall regulatory framework, I believe it is natural to reflect on our overall supervisory communications, including our supervisory ratings framework, to consider ways to simplify it and make it more efficient, and especially make our ratings more consistent and more predictable. We already have a good deal of transparency around our supervisory standards—we publish our supervisory manuals, we publish guidance, and we seek public comment on the most significant guidance. We also recently published standards for how we would assign firms to the large institution supervision coordinating committee, or LISCC, portfolio.3 However, in contrast to the rulemaking process, and in order to appropriately protect a bank's confidential business information, the vast majority of the communication about the bank supervision process takes place confidentially. The most notable exceptions are when we find material deficiencies at a bank and take a public enforcement action to correct them.

Supervisory ratings are an interesting and special case because they are confidential communications that can have public consequences. A supervisory rating is a confidential assessment of the strength of a bank in one or more risk areas, or, in some cases, a composite view of the aggregate risks facing the bank. Ratings have the obvious benefit of summarizing the overall condition of a firm. Among other considerations, this summary includes qualitative judgments about risk management and an assessment of whether the firm is in compliance with applicable regulations, such as capital and liquidity requirements. Ratings also promote comparative analysis across firms that face similar risks.

Ratings date back to the first half of the 20th century, and possibly earlier, when they were used to classify banks, in much the same way as examiners assign ratings today.4 The modern version of ratings was the result of the establishment by Congress of the Federal Financial Institutions Examination Council (FFIEC) in 1978. The FFIEC established the "CAMEL" rating system in the same year to promote consistent examination practices across depository institutions. The Federal Reserve followed suit with a supervisory rating system for bank holding companies in 1979. Since that time, ratings have become enshrined in the federal banking laws. In particular, they play a role in interstate branching requirements and in determining whether or not holding companies can engage in expanded financial activities.

While the ratings themselves remain confidential supervisory information, the Federal Reserve has taken steps to provide information to the public around the rating process. For example, the standards we use to assign the ratings have always been published. In addition, the Board has sought public comment on the two most recent iterations of its ratings systems for holding companies, the RFI rating system and the LFI rating system.5 And in the past year, the Board began publishing aggregate data on supervisory ratings—organized by different bank cohorts—as part of its report on bank supervision.6

One concept that is inextricably linked to a supervisory rating is whether or not a firm is "well managed." By law, in order to be well managed a firm must have at least a satisfactory management rating, if any is given by its supervisor, and a firm also must have at least a satisfactory overall or composite rating. When the Gramm-Leach-Bliley Act expanded the range of financial activities that were permissible for companies that own banks, such as securities underwriting and insurance underwriting, it did so with certain conditions. To elect to be a "financial holding company" and be eligible to engage in these types of expanded financial activities, a bank holding company and its lead depository institution subsidiary, among other things, must be and remain well-managed.7

Because of these significant consequences, I believe it is appropriate to take note of the process distinctions between the development of rules and the development of supervisory ratings. Rules are drafted in full view of the public, subject to a comment period before they become final, and federal agencies have an obligation to provide a rationale for their rules. In contrast, supervisory ratings are confidential and have immediate effect. Banks are not permitted to disclose them. Although, as I have discussed, there are published standards as to how bank supervisors should assign these ratings, there will always be borderline cases and close calls, and these decisions are made out of the view of the public.

There are at least two reasons why it is critical that we get ratings correct. The first is that the supervisory rating is the most important communication that we have with firms. It encapsulates our expert judgment of the firm and lets the firm know how its performance compares with our standards. And second, as discussed, ratings have material real-world consequences. A firm with unsatisfactory ratings faces significant competitive disadvantages relative to firms deemed to be satisfactory. As noted, these firms are prohibited from expanding their range of financial activities and will generally face headwinds in acquisitions.

Since the financial crisis, our supervisors have identified potential weaknesses at firms and encouraging them to address those weaknesses. And firms now have substantially stronger and more resilient risk-management systems. They are better able to identify, measure, and manage their risks. These improvements have not gone unnoticed. As our supervision report demonstrates, the overall ratings trajectory in the industry has been quite positive.8

There are some straightforward steps we could take to simplify our ratings, with no loss of effectiveness. We already have a model for a simpler ratings framework. The new framework that applies to our largest firms, the LFI ratings framework, focuses on the three areas that are the core of our supervisory focus: capital, liquidity, and governance.9 We could consider a similar simplification to the RFI rating system that applies to less-systemic holding companies and the CAMELS ratings system that applies to depository institutions. In terms of improving regulatory efficiency through ratings, being clearer to firms about how we apply these standards would help to promote a more efficient banking system. In particular, we could be clearer about how we weight the various factors that generate the rating. Banks could benefit because they would be better positioned to anticipate supervisory feedback and understand what steps they need to take to improve their ratings. Supervisors can benefit by being grounded in more predictable criteria.

My concern is that, despite the fact that our examiners have used ratings for almost 100 years, we don't have a particularly well-developed theory of ratings—principles regarding the internal processes and standards that promote consistency and predictability in our assessment of the condition of banks. As I've discussed, there is broad agreement that ratings are a beneficial, even necessary, part of bank supervision. Yet we have very few studies or other empirical support for this conclusion. This stands in sharp contrast to the analysis behind the long list of regulatory achievements that I mentioned. To give an example, we have a pretty good idea, grounded in economic analysis, about how much capital a global systemically important bank, or G-SIB, needs to maintain to promote its safety and soundness but not nearly as much support for our view about where to draw the line between a satisfactory rating and an unsatisfactory rating. For example, at a large global financial firm, what should be the difference between a satisfactory and unsatisfactory rating on capital planning, provided the firm otherwise has strong capital levels? Where should we draw that line? How do we decide the close calls, and what is our default for ties?

I don't know what the right answer is, and I suspect that it will vary depending on the circumstances. Although there will be a range of qualitative factors that affect our conclusion, it must be the case that we can learn from our previous experiences and distill a presumptive answer. That sort of approach, one grounded in analysis and based on evidence, has ably supported our regulatory framework. I would like to see what science can bring to ratings. I think this could be especially helpful in terms of the consistency and predictability of ratings. Since ratings are assigned by humans and humans are fallible, being more deliberate about the processes behind them can only help us. While we have made some progress in making ratings simpler and therefore more efficient, and more consistent with actual supervisory practices, I would like to see our approach to ratings made more express and deliberate. Since the global financial crisis, the Fed, along with the other prudential supervisors, has implemented a number of controls to improve consistency and support appropriate calibration of ratings, as we view them internally. We have tools in place to monitor ratings and detect whether there is any unusual variability in them. I suspect there is more work that could be done to use evidence and make sure our processes facilitate consistent results.

As I have alluded to, most of these efforts have been inward-facing, and we could benefit from efforts to show the public that our ratings are consistent and predictable. I see two paths to achieve this goal. One of those is oriented toward processes and procedures. One is more substantive. They are not mutually exclusive.

In terms of processes and procedures, there is always the question of whether ratings are consistent when administered in different circumstances by different people. I would like to explore approaches to ratings that would yield similar results when those ratings are assigned by different staff and across different points in time. One way to do this would be to subject ratings to the scrutiny of multiple parties with a range of perspectives and experiences. This is how the public rating agencies, such as Moody's, Fitch, and S&P, approach ratings, through ratings committees. And this is how we approach rating the largest, most systemically important firms through the LISCC, where a committee that includes independent Federal Reserve experts has an opportunity to provide feedback on the ratings of the firms in the LISCC portfolio. Designing this process so that it is reliably consistent and predictable for all banks is an area we should study further. Another method we could explore is to dedicate some portion of our exam work to reviewing compliance with concrete regulatory standards, such as some of our liquidity risk-management standards, where the standards lend themselves to that approach. And we would commit in advance to giving the findings from these reviews a particular weight in our ratings discussions. I think this overall model—where the supervisory assessment is vetted by a Federal Reserve committee with independent views, or at least reviewed by staff within the Federal Reserve outside the normal assessment process, and where we explicitly take compliance with regulatory standards into account in assigning ratings—could be a good one for helping to promote greater consistency and predictability, especially in cases where the subject matter lends itself to such standards.

Another process improvement involves guidance. At times, we find it helpful to elaborate on our regulatory standards through supervisory guidance. Some risk areas that don't easily lend themselves to regulation, such as certain kinds of risk management, also can benefit from supervisory guidance. In both cases, we can enhance the predictability of our supervisory process by inviting public feedback on any applicable guidance or other supervisory standards. For example, in connection with a recent rule on our capital planning requirements, we invited public feedback on our outstanding supervisory guidance on capital distributions for firms of all sizes. In the recent past, we also have sought comment on our approach to risks associated with governance and internal controls. We will continue to look for feedback on our guidance. All of these approaches will improve the predictability of our ratings and also improve their legitimacy.

In terms of substantive changes to show the public that ratings are consistent and predictable, my lodestar would be to rely wherever possible on empirical analysis to direct our policy choices and to be open to change where supported by this analysis. As supervisors, we should be extremely supportive of efforts to better understand ratings as an assessment and communication tool, as well as those that make our supervision processes have more repeatable outcomes. We should encourage our examiners and economists to conduct more empirical analysis around supervisory ratings. For example, some recent scholarship suggests ratings can have a positive impact on reducing the insolvency risk of supervised firms.10 We should do more analysis and careful examination to identify what drove those results.

As we conduct this analysis, my sense is that we should focus on two main variables: the consequences of the ratings that I've described—for example, a firm having its activities or acquisitions curtailed—and whether or not these consequences are properly calibrated relative to the circumstances that gave rise to the rating. To illustrate, let's return to the earlier example of a firm with a deficiency related to the risk management of its capital adequacy but that has proven itself through our stress tests to have sufficient financial resources. In contrast, imagine a bank that does not share the risk-management deficiency but whose stress test results indicate that the firm has inadequate capital. Our assessment for both firms may be that each should receive an unsatisfactory capital rating.

In my opinion (and I acknowledge that there are some who would reasonably disagree with me) between the two firms, the firm that faces a potential capital shortfall should be the graver concern. Yet, the essential message to both firms and a likely consequence of the rating—the risk of falling out of well-managed status—is identical. To me, this outcome makes no sense. Why should the firm that is objectively weaker face the same consequences as the firm that is objectively stronger?

Although the law dictates the most material consequences of an unsatisfactory management rating, we have the authority to define that rating and its calibration, as well as to define any additional supervisory consequences that are not prescribed in the law. I believe it is well worth our while to consider this calibration. Accordingly, I have directed Board staff to look into the following issues:

First, the placement of the qualitative elements of our ratings frameworks. There is somewhat more discretion in applying these elements relative to the quantitative regulatory requirements. These elements traditionally have been spread across all the ratings components, including capital and liquidity. Is this the best placement?

Second, ways of being clearer to the public about how we, as supervisors, weight the qualitative and quantitative elements of our ratings. How could we best go about communicating this weighting? Are the relative weights that we apply correct?

Third, the conclusions, if any, we can draw about the effectiveness of our new LFI ratings framework relative to our RFI ratings framework. For example, has the lack of a composite rating in the LFI ratings framework been beneficial from a supervisory communications standpoint, as intended?

If our ratings are poorly calibrated, we run the risk of being less effective in our supervision. We also could be providing aggregate ratings that are misleading. Although I believe our examiners do rate banks accurately and dispassionately, based on our written standards, a closer look would help identify any instances where that's not the case and what improvements and changes might be needed.

I believe the Federal Reserve has a duty to assess our supervisory practices with the same vigor as we have assessed our regulations. Providing ratings that are based on well-calibrated, consistent, and predictable standards can only be to the benefit of everyone. Even if we were to make no changes to our ratings frameworks, going through the process of assessing this calibration will surely provide a valuable learning experience. It would also increase our conviction in the legitimacy of our ratings frameworks and our confidence as a prudential supervisor.

Thank you. I look forward to the discussion that follows.

1. During CCAR, supervisors make a "qualitative assessment" of a firm's capital planning process. Formerly, firms with a deficient capital planning process were subject to an objection by the Federal Reserve of the firm's capital plan, which resulted in limitations on the firm's capital distributions. The Board removed this requirement in 2019 because of the progress firms had made in improving their capital planning practices. See 84 Fed. Reg. 8953 (March 13, 2019). Return to text

2. The SCB uses the results of the annual stress tests to determine how much capital firms are required to hold. As a result, the SCB combined two separate capital frameworks into one and simplified the overall capital regime for large banks. Return to text

3. The LISCC, established by the Federal Reserve in 2010, is the supervisory program for those large financial institutions that pose the greatest risk to U.S. financial stability. For more information, see Return to text

4. See George R. Juncker, "A New Supervisory System for Rating Banks," (PDF) FRBNY Quarterly Review, Summer 1978; Statement of Brenton C. Leavitt, Board of Governors of the Federal Reserve System, before the Commerce, Consumer, and Monetary Affairs Subcommittee of the House Committee on Government Operations, Federal Reserve Bulletin 62 (February 1976); see also James Bergin and Kevin Stiroh, Why Do Supervisors Rate Banking Organizations? (unpublished manuscript). Return to text

5. "RFI" (Risk Management (R); Financial Condition (F); and Impact (I)) is the Federal Reserve's rating system for all bank holding companies except for those subject to the LFI (Large Financial Institution) rating system. Return to text

6. Board of Governors of the Federal Reserve System, Supervision and Regulation Report: November 2020 (PDF) (Washington: Board of Governors, November 2020). Return to text

7. In addition, the company must be "well capitalized" under the Federal Reserve's regulations and have at least a satisfactory rating for compliance with the Community Reinvestment Act. To be well capitalized, the company must meet quantitative capital requirements that exceed the minimums. Return to text

8. Supervision and Regulation Report (PDF). Return to text

9. As a formal matter, the three ratings components are capital planning and positions, liquidity risk management and positions, and governance and controls. Return to text

10. Allen N. Berger, Jin Cai, Raluca A. Roman, and John Sedunov, Supervisory Enforcement Actions against Banks and Systemic Risk, working paper, September 2020, available at SSRN, Return to text

Last Update: December 11, 2020