Counterparty Risk & Financial Risk Management: Lack of Formality a Threat to Treasury

Craig Jeffery 00:20
Hello and welcome to the Treasury Update Podcast. I’m Craig Jeffery. I’m your host today. I’m joined again by Paul Galloway, another senior advisor at Strategic Treasurer. Paul, welcome.

Paul Galloway 00:31
Thanks for having me back, Craig. Appreciate it.

Craig Jeffery 00:33
Our episode is called counterparty risk, the lack of formal management of counterparty risk management and its threat to treasury. And this is a view and opinion that we have that far too many companies are either unserious about counterparty risk management, meaning that they’re either not doing anything at all, or they are extremely informal in how they’re managing it to the level that when situations can occur, they’re caught unawares. There was movement during 2023 the beginning, there was some banks. There was dislocation with several banks, there was more attention paid to it. About 10% of companies became more formal, took action, changed how they’re monitoring, but that shifted quite a bit, and that’s why we’re calling it. The lack of formal counterparty risk management is a threat to treasury. Paul, many of our audience will be familiar with what is counterparty risk management? What is counterparty risk but can you describe some typical counterparty risk scenarios that treasurer’s would think of?

Paul Galloway 01:39
From a treasurer’s perspective, the first area you think about is your finance or instruments that are backed by the underlying company itself, whatever their particular credit profile looks like. So you get this financial counterparty risk associated with investments that you make. And so our previous podcast, we talked about short term investments, money market funds, CDs, commercial paper, short term bonds, these various instruments that you can invest in all have a variety of credit risk or financial counterparty risk associated with them. That’s one area, as a treasurer you want to keep an eye on, somehow you want to be able to monitor there’s different ways, and I’m sure we’ll talk about today, different ways that you can manage that risk or monitor that risk. Another area is like operational activity. We can take, for instance, a company or a bank, either one, there’s operational risk associated with these entities. It could be how a bank is managed. Maybe they’re making reinvestments of deposits and things that they shouldn’t. You know, they’re really risky, and we saw some of that, where we had some failed banks. Not too long ago, several banks failed. They failed because there was risk associated with how they were reinvesting deposits. And so banks have the operational risk associated with executing how they manage the deposits. And then you can think about a company that either provides a service or product. Now, some organizations are really efficient at how they operationally develop and run their companies, but there’s always a possibility that along the way, either they have over built and they’ve got too much capacity that can’t be utilized, and so they’ve got a bunch of capital invested, and they’re not able to execute fully. And so there’s some operational risks associated with that. And so you’re not, you know, you’re if you’re making or have an investment with those kinds of organizations where they’re struggling on that side, you could be at risk to losing value or inability to access your capital or receive return back or return of the capital that you invested. Another area to consider is concentration risk. Treasurer’s think of this a lot in terms of their banking relationships, how much do they have committed to one bank versus another? There’s a lot of aspects that go into that, because it’s not just deposits at a bank and the services that the bank provides, but it’s also the credit that the bank provides to your organization. So you gotta think about what’s the risk of that that bank could potentially fail, or that they might not be able to deliver capital that’s needed at the time that I need it in the instance of a revolver or a line of credit or some type of contingent capital facility. So you got to think about counterparty risk. Risk, and how you might manage that through diversification. The other thing that comes to mind is headline news, and so a lot of times people think about earnings reports, and that could certainly have an impact on value of an investment, in particular, like stocks, because earnings are looked at quite a bit. If you have a big earnings miss, or to the other side, you have a big earning surprise, whereas to the upside, those kinds of things can influence an organization. But the thing that can really be detrimental to an organization something that is negative in the sense that the leader or leaders of the organization are failing to do something. In the case of like Boeing and their 737 issue that they’re having as an example of where leadership there had some problems, and it came through, and that really was detrimental to that particular organization.

Craig Jeffery 06:02
And I think, I think you described part of the answer to the question I was going to ask. Maybe I’ll still ask it, but maybe with some additional qualifications, I wanted to say, why does this matter, and at what level does this matter? You describe quite a bit of that, from concentration risk and headline risk, but why do these scenarios matter when we’re thinking about financial instruments, maybe you have a interest rate swap going out for some period of time. You have a credit arrangement where you have the ability to draw down funds over time, and that presents that type of risk. So I want to focus on that more than concentration headline type things or operational balances, right? That are no longer accessible, like we had with one of the banks, you know, over a weekend into a couple days where there’s a huge amount of concern, we can’t make pay, we can’t do payroll because we can’t sell anything out of the bank. Why does counterparty risk management matter? And at what level does it matter? If you’re exposed to $2 it doesn’t even make sense to monitor it.

Paul Galloway 07:04
I think that’s a really good question. So I want to think about this in terms of, you know, my prior life, I always wanted to consider the relationships I have with banks. If I was re establishing a revolver or redoing a revolver with consortium of banks. Typically you’re doing that or a contingent capital facility. You’re doing that with more than one bank. If you’re setting up those kinds of things with a single financial institution, you have total exposure to that particular financial institution. The flip side is also true that that organization has exposure to you, so you get, you know, it’s kind of reciprocal in in that respect that you draw down on that facility they’re looking at the risk of you not being able to make payments and repay that debt. Those facilities kind of go back and forth. What happens when you’re setting up a revolver, contingent liquidity facility where you can access capital, you tend to want to do that with more than one banking partner, and your banking partners will have different levels at which they’ll want to come in or extend credit to you, and they’re going to do their due diligence. So, so all this matters in that sense, and the ability to get the right level and total that you desire from these facilities. And the way you do that is you diversify amongst the banks. And so you want to get those banking partners in there, especially the ones that matter to your business, because it’s not just the banking services and products. It’s not just that line of credit in some instances, and maybe other services where they’re really valuable to you. You mentioned, you know, inter site swaps. And so when you get into those types of activities, or you’re going to engage in hedging of some kind, those counterparties are important to you, and that business can be important to those counter parties as well, because they can make, they can make, generate revenue from that. And so a lot of times you got to look at things in totality, and diversifying, diversifying across your banking partners can help ensure that you will have access to that capital at the time you need it. So it’s not eggs all in one basket. It it gives you that little bit of insurance policy in place that the day that you want to pull the trigger, that you’ll have that ability to do that. So Craig, when I think about how companies manage counterparty risks, and you alluded to this earlier in the opening around they do this at different levels, formally, informally or not at all. What are some of the things that you take into consideration around what companies should be doing? Should all be formal? Is there some level of informality in terms of managing counterparty risk that can occur. Is there ever a moment in time where they shouldn’t do it at all?

Craig Jeffery 10:33
There’s quite a few good questions in there. So some organizations are going to be extremely small, and their counterparty risk for their financial institutions, they’re dealing with the bank. They’ve got a single operating income account. They’re under the insurance limit. They don’t need to think too much about diversification at that point, not not with, with, not with financial institutions, but as you get bigger and you have more operating activity, and maybe you are concerned about customers, right? You don’t want a single customer as a counter party to have an issue. Those are areas that get a lot of good attention early on an organization, because one customer failing can be an issue. But I think my response to that in our discussion here is that it would be related to the financial counterparties. How are they doing it? I said it earlier, the majority are being not doing it all or managing it very informally. In other words, it’s in someone’s head and they’re tracking it down. Now. Others are very formal. They know what their risk capacity is, their risk appetite. They have levels for their different financial institutions. They track operating balances, investments that they may have with them, financial instruments that exist. And they do track that over time. And some diversify operationally. Some shift that off with financial instruments. About financial instruments, for example. So they may have a long term interest rate swap, and they take on a credit default swap rate, maybe for a portion of that so in case their counter party fails, they don’t want to be left exposed to that other organization for the you know, and be unhedged. Let’s say they were going floating, floating interest rate to fixed, and the counterparty failed. Now they’re the insurance they had is no longer good, and so they buy insurance on the insurance or credit default swap. Now, whether you buy that or not is, is one aspect of what companies are doing to manage risk, but knowing what your exposures are, what those levels are, you know, in terms of quantity, how what’s the financial exposure, and what’s the level of risk, or how risky is the counter party? And banks are traditionally extremely safe, but you may have such a level of exposure you still want to diversify or take some of that risk off the table. So I think circling back to your questions, how are they managing how should they manage it? There should be something written that’s formal, not just an informal process. Take the few moments to write it down and to follow through on whatever you decide you’re going to do. Maybe it’s just you’re going to monitor risks over a certain level. You’re going to look at nationally recognized statistic rating organizations like Moodys, S&Ps, etc, for their scores. Maybe you’re going to get, you know, bank bank ratings, credit ratings, other type of scores, to be more formal about it. It seems to me, and I know to you, that there needs to be some formality in managing that. That doesn’t mean excessive over the top, but for most cases, but certainly a need to be more formal. Who are our top financial counterparties? What’s our total exposure, what’s the level of risk, and how does that compare to what risk we’re willing to bear? That seems kind of baseline commercially reasonable procedure for treasury.

Paul Galloway 13:57
It certainly does when you think about managing counterparty risk, whether it’s formally informally. What do you think is driving this in terms of actually managing or not managing or just doing it purely informally? Are there certain factors that come to mind that are driving how companies manage counterparty risk, or is it they don’t pay attention to it at all?

Craig Jeffery 14:31
Sometimes it’s paralysis by analysis. You’re like, oh, okay, well, we don’t really do it formally. Well, what if we do it formally? What measurements we’ll use? Will we use, will we evaluate the counterparties on our own, you know, from an economic, you know, standpoint, will we just rely on, you know, Moodys, S&P, that doesn’t seem like enough. Will we also factor in credit default swaps? Will we, will we look at other items, and will we manage for things like headline news, and, you know, market volatility of stock trading on those banks or other financial counterparties like you can quickly spin this up to do I do nothing, or do I do the maximum amount of everything that exists? And so that paralysis can be a challenge. So, you know, have some standard. There’s a continuum of what you can do, but have some standard where it’s written and that’s followed. The other thing that comes up, or the two that I see the most, is this too big to fail, and the moral hazard. A, this is a financially systemic bank that I’m doing business with. The government won’t let them fail, not only that, but the government has bailed out other banks, and no losses have resulted. So whether or not I’m in a systemically important institution, or I’m in another one, we don’t have a loss that’s worrying about something that doesn’t happen or won’t happen. I don’t think those are good defenses against what will happen, because, will they always be bailed out? Can they always be bailed out? The other thing Paul is this, there’s oftentimes a long period of calm before there’s disruption or dislocation or calm before the occasional storm. You remember that tsunami that hit Japan? It’s got to be over 10 years now. It’s like this huge tsunami created a damage to a nuclear plant and created, you know, all kinds of issues, right? Physical goods couldn’t be shipped. There was massive dislocation for that region, and then supply chain and other issues were impacted. But what did they find out? People like, oh yeah, there’s these big rocks way up the hill. That says, Don’t build below this point because tsunamis have hit this high. And it’s like, I can, like, cover off. I didn’t see what the rocks were, and I certainly wouldn’t be able to read Japan if I did, but you picture someone scraping it’s like these old, silly people, they said this so many years ago and it hasn’t happened? Well, those are rare events, and you know, those markers are there for a reason. It doesn’t happen often, but it’s very it’s a huge dislocation when it does happen. And that’s a little different from building right on the shore, where hurricanes come up and then your house gets washed away, and it’s like, Oh, it got washed away two years in a row, and then we had 10 years. You know, your house is gonna get washed away when you built it right next to the ocean in hurricane zone. It might be, you might get 20 years. You might not get some time, but that’s pretty, pretty sure it’s gonna happen at some point. And because there’s insurance that covers it, or the government provides the ability to rebuild. Of course, people are going to rebuild there, because you took out the risk there. But that occasional tsunami, if we’re using the water examples, those don’t happen very often. They we forget. They fall into disused memory, memory loss. They don’t get passed on until something else happens again, and then you’re like, those are big issues. They’re very impactful. They’re life altering or life ending. And so I think, I think we need to think about some of these disruptions are probably between the house where a hurricane can hit and a tsunami in Japan, where the timing may be, you know, 100, 150 years versus two to eight, these dislocations happen during your financial career, usually at least a couple times. It seems like that’s been the case if you go through they’re not happening every year. I think that perspective as we forget when there’s calm, times that storms can come and they can crop up really quickly, and then we all say nobody expected the storm to hit at this time or this rapidly. And I don’t think we can do that as risk managers, as financial professionals. We have to be ready for the dislocating, seemingly rare events that don’t happen too often.

Paul Galloway 18:59
Yeah, Craig, I think you’re spot on. I can think of three events, 9/11, the Great Recession 08, 09, and COVID here in 2020, and we’re still feeling impacts from COVID. So, you know, these are major things I think about the Great Recession, 08, 09, the thing that really bothered me, you know, especially my wearing my corporate finance hat, is how a moral hazard was just unleashed with a government bailout. My corporate finance hat says you should have just let them failed. Now that would have been a lot of pain. Yeah, could there have been more that failed following potentially. But to me, I don’t feel like we should have done that, because you just opened up Pandora’s box, and once it’s out there, it’s out there, just like your example of, I’m going to build homes and hurricanes. Yeah, it doesn’t happen very often, but I don’t have to worry about. Not, you know, well, be able to rebuild or not, because you will be able to rebuild. There’s opportunity to do that with insurance, government that’s there. So it kind of de risked. It probably more concerned about your personal safety versus your material things, because you can get those back. So, you know, those are really good points. I definitely recommend that organizations monitor counterparty risks. I can tell you experience with one of my employers in the past. Some time ago, just our procurement team alone was making lots of decisions around whether they were going to accept counterparty risks associated with various things. And so these are long term contracts where you’re entering into leases, those kinds of things, where there is counterparty risk, but they weren’t doing anything to manage that, or even, you know, they didn’t have a formal process, and they started coming to the team I was on at the time to ask us about, you know, how should they think about that? Because they actually started thinking about, well, maybe we should be looking at these counterparties. And so we helped them, you know, set up a process to do that. It was, wasn’t being done at all. They started kind of doing it informally, but didn’t know what they were doing, and now they got, like, a formal process in place to do that. That strengthens an organization. So having having that process in place, whatever that might be, I think, is really beneficial to companies. You know, it comes in different forms. Maybe it’s you’re utilizing a third party to help you. You’re utilizing those rating agencies that you talked about earlier, Moodys, S&P to give you a litmus test. But maybe it’s more formal in the terms of, you know, true credit analysts will look at, you know, camels is a process that they look at, capital adequacy, asset quality management, earnings, liquidity, sensitivity. These are tools that can be utilized by any organization to help them gage what counterparty risk might be. And you think about that, Craig, are there other things that perhaps organizations should consider in setting something up on a more formal basis that we haven’t hit on?

Craig Jeffery 22:31
These are some of the areas to look at, and you can do this as simply as setting up a spreadsheet that captures information you feed it that you’re updating at least every quarter, maybe every month. That’s fairly a simple way of monitoring. You can extend it and be you know, have a build your own system that that monitors a lot more data and shows you where you’re approaching your your thresholds that you’ve determined so to your to your question is, you should know what, what risk level you’re willing to have, and then how you how you plan to handle like, what? What will you monitor? What will you what will you change or alter or or hedge? What will you monitor? Because it’s, it’s, it might approach the threshold you have those things need to be done. How do you do that? You You can manage it through a spreadsheet, through a business intelligence tool, and through some of the tools that exist where you’re monitoring your counterpart exposure in a more automated way, in a more systemic way, that will allow you to say, Hey, this is approaching the caution. This is now at the level that we need to shift some of those those those risks off. So what I recommend figuring out where to start and doing something that moves you towards formality. Understand, there’s a continuum, but, you know, moving to at least some level of formality rather than informality, that’s that’s significantly more defensible, and it’s notably more helpful. And as you do that, and what we found is companies, when they when they do that first step and they share it, there’s a lot more attention given to it. It’s like, Oh, I see. We’re exposed to these other areas, not very common, not very often, but we can take some steps that reduces this risk dramatically for very little cost of funds or staffing effort. And then, then, as you review it, you can adapt and maybe grow more formal, maybe keep that same little formality. But that seems to be essential, Paul.

Paul Galloway 24:36
I think it is, Craig. I think organizations just got to realize counterparty risk is something they have to manage, and it needs to be done on some formal basis, some level. It doesn’t have to be something where you have a full time person just doing this for you. There are tools out there. There’s ways that you can manage that without putting a lot of cost and effort into it that will help reduce. That risk associated with something happens that you didn’t expect to happen. Well, you’re prepared for how you would manage it. Okay, this has happened. What steps do I attack? You know, I have, I have I de risked as much as I possibly can through my formal process. I have in place, am I monitoring the right things to ensure that there isn’t something that could damage my organization from a financial perspective? Because that’s really what you’re trying to do, is prevent a financial loss to your company, and it could happen in the sense of there’s a counter party that fails, and it could have a, you know, a very big impact to your organization, depending on how you’re managing that risk. Certainly, I think we would be 100% if you’re not doing anything at all. So do something. You got to do something.

Craig Jeffery 25:03
Yeah, thanks. Thanks, Paul. You know, as we, as we spoke on this, and maybe we seem like a scold, or maybe I, maybe, in particular, seems like a scold. There it’s, it’s a it’s a caution. As risk managers, we we need to understand and address threats in a proportional manner. You know what? To the to the level of risk that’s faced without doing any initial measurement. How? How can we say we’re doing that? And that continuum of of responses, the level can get overwhelming for how much is done. But getting to a certain level of formality doesn’t take as much effort as we might build up in our minds. And then you can go from there, as you gain some support. So encouragement to you to do that, if your company’s not doing it. For those that are, congratulations, you’re you’re easily in the top half, usually in the top third in this category. So thanks for listening. Paul, thanks for thanks for the conversation.

Paul Galloway 26:59
Yeah. Thanks, Craig, enjoyed it.

Announcer 27:07
You’ve reached the end of another episode of the Treasury Update Podcast. Be sure to follow Strategic Treasurer on LinkedIn. Just search for Strategic Treasurer. This podcast is provided for informational purposes only, and statements made by Strategic Treasurer LLC on this podcast are not intended as legal, business, consulting, or tax advice. For more information, visit and bookmark StrategicTreasurer.com.