The "Three Lines of Defense" seminar yesterday primarily convinced me of one thing: no one knows how many lines of defense there should be. Like most of what I've seen in ERM to date, there is no consensus, no industry standard. As the first speaker, Alexander Shipilov, pointed out yesterday, even the titular "Three Lines" were originally just a metaphor, picked up by regulators and made into a sort of rallying cry. It represents neither accepted theory nor practiced reality in the profession.
Not one speaker actually adhered to or advocated a "Three Lines" strategy. Leon Bloom argues for six, Sean Lyons for nine, and Colin Lawrence for no particular number. The two "practical" presenters, Bogie Ozdemir and Stephan Schenk, merely reported on what they have seen in actual practice, with Mr. Ozdemir describing more of a two-line approach and Mr. Schenk alternatingly supporting two lines and four lines.
This suggests to me that, as I've suspected for some time, there is a sort of vacuum in the market for ERM that everyone is rushing to fill. There is no unifying theory; in fact, as we saw yesterday, there isn't even a general agreement on who should be considered a shareholder whose value should be maximized. Consequently we see a rush to fill the void, with many aspiring intellectual leaders throwing out partially complete theories with fancy names and appealing acronyms. These in turn are picked up by regulators, who are desperate to be seen setting standards.
Regarding regulation, it was fascinating to see the divide between Mr. Lawrence, representing the academic and regulatory perspective, and the industry representatives. Mr. Lawrence presented a long, long list of what he considers minimum best practices for ERM. As he points out, and the other speakers confirm, absolutely no firm has implemented these practices.
Does this mean that the industry has been lying down on the job? Have we failed to live up to our obligations? It's certainly possible, although I would argue that this is simply the cost of the absurd amount of resources the industry is forced to commit to regulatory and compliance issues; regulators once again are wanting to have their cake and eat it too.
Free market theory aside, however, it's also worth noting that, while Mr. Lawrence's recommendations are all sound, he provides no hint of a priority order for these practices. For a firm with few or none of these practices already in place, the task of implementing them must appear hopelessly expensive. For this reason, it is essential to define a ordinality if not a cardinality. If we are unable to develop such a priority ordering, then I am inclined to believe that we don't actually have enough justification to define these as best practices.
Starting the second day now. Stay tuned.
No comments:
Post a Comment