Reputational Risk

Reputational risk is any risk to an organization's reputation that is likely to destroy shareholder value.

Reputational risk leads to negative publicity, loss of revenue, litigation, loss of clients and partners, exit of key employees, share price decline, difficulty in recruiting talent.

A comprehensive reputational risk assessment is necessary as an important part of a risk assessment.

The Basel framework's definition of operational risk excludes:

  1. Strategic risk
  2. Reputational risk
  3. Systemic Risk

We have several stress tests that stress exactly that: Reputational Risk

Basel Committee on Banking Supervision
Reputational risk and implicit support

Reputational risk can be defined as the risk arising from negative perception on the part of customers, counterparties, shareholders, investors or regulators that can adversely affect a bank's ability to maintain existing, or establish new, business relationships and continued access to sources of funding (eg through the interbank or securitisation markets).

Reputational risk is multidimensional and reflects the perception of other market participants.

Furthermore, it exists throughout the organisation and exposure to reputational risk is essentially a function of the adequacy of the bank's internal risk management processes, as well as the manner and efficiency with which management responds to external influences on bank-related transactions.

Reputational risk, typically through the provision of implicit support, may give rise to credit, liquidity, market and legal risk – all of which can have a negative impact on a bank's earnings, liquidity and capital position.

A bank should identify potential sources of reputational risk to which it is exposed.

These include the bank’s business lines, liabilities, affiliated operations, off-balance sheet vehicles and the markets in which it operates. The risks that arise should be incorporated into the bank’s risk management processes and appropriately addressed in its ICAAP and liquidity contingency plans.

Prior to the 2007 upheaval, many banks failed to recognise the reputational risk associated with their off-balance sheet vehicles. In stressed conditions some firms went beyond their contractual obligations to support their sponsored securitisations and offbalance sheet vehicles.

A bank should incorporate the exposures that could give rise to reputational risk into its assessments of whether the requirements under the securitisation framework have been met and the potential adverse impact of providing implicit support.

Reputational risk may arise, for example, from a bank’s sponsorship of securitisation structures such as ABCP conduits and SIVs, as well as from the sale of credit exposures to securitisation trusts.

It may also arise from a bank’s involvement in asset or funds management, particularly when financial instruments are issued by owned or sponsored entities and are distributed to the customers of the sponsoring bank.

In the event that the instruments were not correctly priced or the main risk drivers not adequately disclosed, a sponsor may feel some responsibility to its customers, or be economically compelled, to cover any losses.

Reputational risk also arises when a bank sponsors activities such as money market mutual funds, in-house hedge funds and real estate investment trusts (REITs).

In these cases, a bank may decide to support the value of shares/units held by investors even though is not contractually required to provide the support.

The financial market crisis has provided several examples of banks providing financial support that exceeded their contractual obligations.

In order to preserve their reputation, some banks felt compelled to provide liquidity support to their SIVs, which was beyond their contractual obligations.

In other cases, banks purchased ABCP issued by vehicles they sponsored in order to maintain market liquidity. As a result, these banks assumed additional liquidity and credit risks, and also put pressure on capital ratios.

Reputational risk also may affect a bank’s liabilities, since market confidence and a bank’s ability to fund its business are closely related to its reputation.

For instance, to avoid damaging its reputation, a bank may call its liabilities even though this might negatively affect its liquidity profile.

This is particularly true for liabilities that are components of regulatory capital, such as hybrid/subordinated debt. In such cases, a bank’s capital position is likely to suffer.

Bank management should have appropriate policies in place to identify sources of reputational risk when entering new markets, products or lines of activities.

In addition, a bank’s stress testing procedures should take account of reputational risk so management has a firm understanding of the consequences and second round effects of reputational risk.

Once a bank identifies potential exposures arising from reputational concerns, it should measure the amount of support it might have to provide (including implicit support of securitisations) or losses it might experience under adverse market conditions.

In particular, in order to avoid reputational damages and to maintain market confidence, a bank should develop methodologies to measure as precisely as possible the effect of reputational risk in terms of other risk types (eg credit, liquidity, market or operational risk) to which it may be exposed.

This could be accomplished by including reputational risk scenarios in regular stress tests.

For instance, non-contractual off-balance sheet exposures could be included in the stress tests to determine the effect on a bank’s credit, market and liquidity risk profiles.

Methodologies also could include comparing the actual amount of exposure carried on the balance sheet versus the maximum exposure amount held off-balance sheet, that is, the potential amount to which the bank could be exposed.

A bank should pay particular attention to the effects of reputational risk on its overall liquidity position, taking into account both possible increases in the asset side of the balance sheet and possible restrictions on funding, should the loss of reputation result in various counterparties’ loss of confidence.

In contrast to contractual credit exposures, such as guarantees, implicit support is a more subtle form of exposure. Implicit support arises when a bank provides post-sale support to a securitisation transaction in excess of any contractual obligation.

Such non-contractual support exposes a bank to the risk of loss, such as loss arising from deterioration in the credit quality of the securitisation’s underlying assets.

By providing implicit support, a bank signals to the market that all of the risks inherent in the securitised assets are still held by the organisation and, in effect, had not been transferred.

Since the risk arising from the potential provision of implicit support is not Proposed enhancements to the Basel II framework captured ex ante under Pillar 1, it must be considered as part of the Pillar 2 process.

In addition, the processes for approving new products or strategic initiatives should consider the potential provision of implicit support and should be incorporated in a bank’s ICAAP.

Sound risk management processes are necessary to support supervisory and market participants’ confidence in banks’ assessments of their risk profiles and internal capital adequacy assessments.

These processes take on particular importance in light of the identification, measurement and aggregation challenges arising from increasingly complex on- and off-balance sheet exposures.

The areas addressed include:

  1. Firm-wide risk oversight
  2. Specific risk management topics:

 −  Risk concentrations;

 −  Off-balance sheet exposures with a focus on securitisation;

 −  Reputational risk and implicit support;

 −  Valuation and liquidity risks; and

 −  Sound stress testing practices.

Join the International Association of Risk and Compliance Professionals (IARCP). Membership is Free

Reading Room

Certified Risk and Compliance Management Professional (CRCMP)

Certified Information Systems Risk and Compliance Professional (CISRCP)

Privacy and Compliance with the Federal Trade Commission Fair, the California Online Privacy Protection Act, the Children Online Privacy Protection Act, the Privacy Alliance, the Controlling the Assault of Non-Solicited Pornography and Marketing Act