Vasudev JBL Paper

8/14/2019 Vasudev JBL Paper

1/23

Credit Derivatives and RiskManagement: CorporateGovernance in theSarbanes-Oxley World

P.M. Vasudev*

[Keywords to Follow]

Yet, ultimately, the ethics of American business depend on the conscience ofAmericas business leaders. We need men and women of character who knowthe difference between ambition and destructive greed, between justified riskand irresponsibility, between enterprise and fraud.

George W. Bush (2002)1

Introduction

Credit derivatives were at the centre of the recent meltdowns in the investmentbanking and insurance sectors. This article analyses credit derivatives and theirrisks from the perspective of corporate governance. It discusses the gaps in thepresent structure of governance particularly, board involvement in monitoringbusiness and risk, and the scope of independent audit. The article proposesregulatory prescription of minimum board responsibilities and independentrisk assessment by experts.

Contemporary corporate governance is based on the principle of multi-layeroversight by agencies, both internal and external. Typically, the different levels ofoversight in a public corporation would be: (1) senior management headed by thechief executive officer (CEO); (2) board committees; (3) board of directors; and(4) independent audit firm in that order. Recent events at major corporations inthe financial sector raise questions about the efficacy of this governance structure

in understanding, assessing and managing the risk in credit derivatives.The article begins with an exposition of the characteristics of major creditderivatives collateralised debt obligations and credit default swaps. This is

* Senior Lecturer,Department of Commercial Law,University of Auckland,New Zealand.1 Speech delivered in New York on July 9, 2002, available at http://custom.marketwatch.

com/custom/earthlink-net/mw-news.asp?guid=78BC1B28-6171-4DD8-B7D7-0C10F6577E88 [Accessed March 10, 2009].

331

[2009] J.B.L., ISSUE 4; 2009 THOMSON REUTERS (LEGAL) LTD. AND CONTRIBUTORS


2/23

P.M. Vasudev

followed by an outline of how a new line of business, such as credit derivatives,wouldbe typically handled in the contemporary structureof corporate governance,which is based on the principle of disclosures and oversight. The article pointsout the ambiguities and gaps in the governance structure and explains how theyundermine corporate responsibility. The systemic weaknesses discussed in thearticle are quite evident from the failures on Wall Street and in the banking sectorin the recent months.

The article treats good governance as an endogenous feature in corporations,rather than a product of the legal regime and the threat of sanction that is implicitin public regulation. This standard is consistent with: (1) the open structure ofcorporate law and its minimally intrusive character; and (2) the idea that the

governance must be more a concern of the corporations, than regulation.2

It is significant that the meltdowns have happened in the Sarbanes-Oxleyworld in which corporate governance is accepted, by and large, as a concernof public policy. The Sarbanes-Oxley Act of 20023 (SOX) has been presented ashaving a focus on corporate responsibility,4 and George Bush made the statements,extractedabove,while commendingthe Sarbanes-Oxley legislationin the aftermathof the corporate scandals that surfaced in 2001.

The article makes a case for an alternative paradigm of corporate governancethat is based on responsibility, in addition to the current principle of oversight.The new paradigm would not interfere with business freedom. At the same time,it can promote responsible governance practices that are more responsible, paysufficient attention to risk and offer better protection against hazards. Specifically,the article proposes listing minimum board responsibilities, which would bemandatory functions of the boards of public companies. A second proposal is for

mandatory risk assessment procedure in public companies, and consideration ofthe risk report by the board of directors as a part of their minimum responsibilities.

Credit derivatives

Credit derivatives were the major contributor to the crisis in the financial sector.This part provides an overview of two major credit derivatives, collateralised debtobligations and credit default swaps.5 The discussion explains the risk in theseinstruments and the implications for corporate governance.

2 See, e.g. E. Norman Veasey, Should Corporate Law Inform Aspirations for GoodCorporate Governance Practices or Vice-Versa? (2001) 149 University of PennsylvaniaLaw Review 2179.

3

Pub.L. 107-204, 116 Stat. 745.4 For opposition to SOX, see, e.g. Larry Ribstein, Market vs. Regulatory Responsesto Corporate Fraud: A Critique of the Sarbanes-Oxley Act of 2002 (2003) 28 Journal ofCorporate Law 1. Ribstein argued that the statute is not effective but, at the same time,imposed significant costs on corporations.

5 For a comprehensive discussion of collateralised debt obligations and credit defaultswaps, see Janet M. Tavakoli, Structured Finance and Collateralized Debt Obligations: NewDevelopments in Cash and Synthetic Securitization (Hoboken, N.J.: John Wiley & Sons,2008).

332



3/23

Corporate Governance in the Sarbanes-Oxley World

Collateralised debt obligations (CDO)

CDO are pools of debt consisting of a number of loan obligations, which couldrange from corporate and municipal bonds to sub-prime mortgages. Owing toconsolidation, these pools of debt are more complex than simple loan transactionsor conventional debt securities. The following are the important characteristics ofCDO:

CDO are treated as single consolidated pools of debt, rather than collectionsof individual debts. The focus is not on the individual components or loantransactions, but on tranches or slices of the entire pool. These tranches

would, in themselves, contain more than one debt. Credit rating is an important element in CDO. The tranches of debt are rated

for their credit standing by professional agencies, and that is the referencepoint for marketing CDO among investors.

Since CDO are treated as consolidated pools of debt, the method of creditrating is different for them.6 The portfolio of debt is normally dividedinto three tranches: (1) equity or residual; (2) junior or subordinated ormezzanine; and (3) senior. Tranching would be based on the creditworthinessof the individual components. Typically, the senior tranche would consistof AAA rated debt securities.

The focus is on cash-flow, which is the aggregate of interest and principalreceipts that accrue periodically to the portfolio over the duration of theCDO. Interest and principal repayments are not treated separately.

The cash flow is allocated among the three levels or tranches senior, junior

and equity levels in that order. This is the return for the investors. The seniortranche, which has the lowest risk, would also have the lowest return.

The return is in the form of a spread above LIBOR (London inter-bankoffered rate) interest, and the senior segment would have the lowest spread.

CDO were marketed among investors as having defined risk and reward,computed according to mathematical models.7 The focus was not on theunderlying debt securities.

These characteristics are true of cash or balance-sheet CDO, which are fullyfunded and relatively straightforward. Here, an investment bank would arrangefor transfer of the underlying debt securities from the bank or other lendinginstitution to a special purpose entity (SPE), except for the equity or residualtranche, which the original lender would retain. Any defaults in this segment will

be borne by the lender. The lenders retention of this most risky element, usually

6 For a critical discussion on the credit rating of CDO, see Frank Partnoy and David A.Skeel Jr, The Promise and Perils of Credit Derivatives (2007) 75 University of CincinnatiLaw Review 1019.

7 For a discussion on the pricing of CDO tranches, see Qiwen Chen, CDO Pricingand Copula Method, available at http://www.math.umd.edu/ qchen/[Accessed March 10,2009].

333



4/23

P.M. Vasudev

about 5 per cent of the total notional amount of the CDO and referred to astoxic waste, is a selling point for marketing the other tranches among investors.Figure 1 explains the cash CDO model, and shows the hierarchy among the CDOholders the equity, subordinated and senior tranches.CDO helps the bank or other lending institution to eliminate the debts fromits balance sheet. Transfer of debt and attendant credit risk, and the consequentreduction in regulatory capital are the incentives for the originating lender. Theability of the lenders to thus transfer their loan accounts was an important elementin the so-called sub-prime mortgage issue. It led to lower lending standards.Lenders could be more liberal in providing mortgage loans, and did not have toapply requisite caution in processing the loan applications.9

There is yet another variety of CDO synthetic in which the originatingbank or other lender would merely transfer credit risk to the SPE, rather than theunderlying debt securities. The lender would retain the debt with itself. Synthetic

Figure 1. Cash or balance sheet CDO8.

8 Source: http://www.bionicturtle.com[Accessed March 10, 2009].9 See, e.g. Giovanni DellAriccia, Deniz Igan and Luc Laeven, Credit Booms and Lending

Standards: Evidence from the Subprime Mortgage Market (February 2008), available athttp://ssrn.com/abstract=1100138[Accessed March 10, 2009].

334



5/23


CDO are usually partially funded; the funds raised from the investors representonly a fraction of the par value of the reference portfolio, which is the termapplied to the debt portfolio covered by the CDO.

A good example of a synthetic CDO is BISTRO, which was the earliest partiallyfunded CDO. It was promoted by J.P. Morgan in 1997. BISTRO had a fundedcomponent of $700 million against a total portfolio value of $10 billion. 10 Insynthetic CDO, the unfunded portion of the reference portfolio would be coveredby credit default swaps, which would be purchased by the investors. For BISTRO,default swaps were provided by Morgan Guaranty Trust Co of New York. In theevent of default in the reference portfolio, the swap provider must make good theloss. The final liability will, therefore, be on the agency providing the credit default

swap. The structure of a partially funded, synthetic CDO is shown in Figure 2.11

Figure 2. Partially funded synthetic CDO.

The return for investors is similar to the cash CDO model it is the spread aboveLIBOR. Investors stand to gain as long as the premium they pay for the default

10 The J.P. Morgan Guide to Credit Derivatives, available at http://www.investinginbonds.com/assets/files/Intro to Credit Derivatives.pdf[Accessed March 10, 2009].

11 Source: http://www.bionicturtle.com[Accessed March 10, 2009].

335



6/23

P.M. Vasudev

swap is lower than the spread on their tranche of the CDO. The difference betweenthe two is their gain, and they are not exposed to any risk as they are protected bythe swaps. For the swap provider, the premium income is the incentive. The debtsecurities covered by the swap are, supposedly, rated by credit rating agencies andrisk is almost absent.

Obviously, synthetic CDO are more volatile and exposed to greater risk. Thereis no ready fund or corpus that would be applied in the event of default in theunderlying debt securities. Default would lead to liability for the swap provideror the underwriter shown in Figure 2.

Credit default swaps (CDS)

CDS have been described as a major risk-transferring instrument developed inthe past few years.12 But their principle is similar to that of credit insurance,which has been around for a long time. CDS, which have been in use since theearly 1990s, played a major role in the current financial crisis. They are the mosthighly utilized type of credit derivative.13 The following description by PIMCO,a large bond fund manager, neatly summarises the character of default swaps:

In its most basic terms, a credit default swap is similar to an insurancecontract, providing the buyer with protection against specific risks. . . CDScontracts can mitigate risks in bond investing by transferring a given riskfrom one party to another without transferring the underlying bond or othercredit asset. . .

In a CDS, one party sells risk and the counterparty buys that risk.The seller of credit risk who also tends to own the underlying creditasset pays a periodic fee to the risk buyer. In return, the risk buyeragrees to pay the seller a set amount if there is a default (technically, a creditevent).14

The liability of the CDS provider is triggered by the happening of credit eventsdefined in the contract between the parties. The basic trigger is simple defaultby the borrower. But most contracts also include other credit events such as

12 Dezhong Wang, Svetlosar T. Rachev and Frank J. Fabozzi, Pricing Tranches ofa CDO and a CDS Index: Recent Advances and Future Research (2006), available athttp://www.statistik.uni-karlsruhe.de/download/doc secure1/workshop final.pdf [AccessedMarch 10, 2009].

13 PIMCO. Bond Basics. June 2006, available at http://media.pimco-global.com/pdfs/pdf/Bond%20Basics-%20Credit%20Default%20Swaps%20US.pdf?WT.cg n=PIMCO-US&WT.ti=Bond%20Basics-%20Credit%20Default%20Swaps%20US.pdf [Accessed March 10,2009].

14 PIMCO. Bond Basics. June 2006, available at http://media.pimco-global.com/pdfs/pdf/Bond%20Basics-%20Credit%20Default%20Swaps%20US.pdf?WT.cg n=PIMCO-US&WT.ti=Bond%20Basics-%20Credit%20Default%20Swaps%20US.pdf [Accessed March 10,2009].

336



7/23


the borrower filing for bankruptcy or resorting to restructuring of debts.15 CDSproviders must make cash settlement or physical settlement, when a credit eventoccurs:

Cash settlement: the swap provider will pay the difference between the parvalue of the underlying debt security and its present value, determined in themanner specified in the contract. Cash settlement would be less onerous forthe swap provider when the debt security is assessed to have some value.

Physical settlement: here, the swap provider must purchase, at par, the debtsecurity covered by the swap.

There are important differences between regular insurance contracts and creditdefault swaps. For instance the purchaser of a swap, unlike an insured person,would not normally have an insurable interest in the asset. The InternationalSwaps and Derivatives Association (ISDA) argued that default swaps are notinsurance contracts. This is important if default swaps are not to be placed underthe general regulation applicable to insurance business. In Aon Financial ProductsInc v Societe Generale,16 the court was concerned with the character of creditdefault swaps. ISDA participated in the action as amicus, and the court made thefollowing observation:

CDS agreements are thus significantly different from insurance contracts.As amicus correctly points out, they do not, and are not meant to, indemnifythe buyer of protection against loss. Rather, CDS contracts allow parties tohedge risk by buying and selling risks at different prices and with varyingdegrees of correlation.

This interpretation does notconsiderthe nature of the risk a CDS provider assumesin the transaction. It remains to be seen how the courts will deal with this issue inthe aftermath of the recent events in the financial sector. The point here is aboutthe similarity of the risk assumed by an insurer in one case and a swap provider inthe other. The credit risk carried by the swap provider, periodic fee for providingthe cover and making a settlement on default all underscore the similarities in theposition of a swap provider and an insurer.

Other than making settlements on default, often CDS providers must furnishcollateral when the market value of the debt portfolio declines. This makesdefault swaps more onerous than regular insurance contracts. The liability to postcollateral is dependent on the market valuation of the securities a factor overwhich a swap provider would have little control. Any general decline in marketvalues can trigger the obligation of the swap provider to furnish collateral. Seen inthis light, the credit events specified in swap contracts are nebulous. This is unlikeregular insurance contracts that define the liability of the insurer with reasonableclarity.

15 Geoff Chaplin, Credit Derivatives: RiskManagement,Trading andInvesting(Hoboken,N.J.: John Wiley & Sons, 2005), p.61.

16Aon Financial Products, Inc v Soci ete G enerale 476 F. 3d 90 (2d Cir. 2007).

337



8/23

P.M. Vasudev

A report about the litigation between Paramax Capital, a hedge fund, andUBS, the Swiss investment bank, provides clues on how the collateral requirementworks for default swaps. Paramax created an SPE with a capital of $4.6 millionfor providing default swap for a debt portfolio of $1.31 billion. Soon, the debtportfolio started falling in value owing to defaults and downgrades, and Paramaxhad to provide additional collateral. It provided further collateral of $29.3 million.In all, Paramax furnished collateral of $33.9 million against the debt portfolio of$1.31 billion covered by its swaps. After this, Paramax reportedly refused demandsfrom UBS for more collateral and the parties are now before the court.17

Default swaps were provided on a large scale in the recent years. The agenciesthat provided the swaps ranged from insurance companies to pension funds and

hedge funds. The total value of default swaps outstanding in 2007 has beenestimated at US $62.2 trillion, and Figure 3 provides the break-up of the categoriesof swap providers.

Credit derivatives risks and warning signals

From the perspective of the contemporary model of corporate governance that isbased on the principle of oversight by the board of directors, a basic issue wouldbe awareness of the directors about the risk in credit derivatives. This part provides

Figure 3. Outstanding default swaps and their providers18.

17 Morgen Gretchenson, First Comes the Swap. Then Its the Knives, New York Times,June 1, 2008.

18 The great untangling, The Economist, November 6, 2008.

338



9/23


an overview of the developments related to derivatives since the early 1990s andthe general perception about them. Derivatives have been in the news for manyyears. Credit derivatives have been mostly controversial and there was no dearthof warning signals for the managements and boards of the companies that sold theswaps.

In 1994, George Soros testified before the House Banking Committee:

. . . [T]here are so many [derivatives] and some of them are so esoteric that therisk involved may not be properly understood even by the most sophisticatedinvestor, and Im supposed to be one.19

Soros warned that some derivatives appear to be specifically designed to enable

institutional investors to take gambles which they would not otherwise be permit-ted to take.20 In 2003, Warren Buffett famously described derivatives as timebombs, both for the parties that deal in them and the economic system. 21 Aboutcredit derivatives, Buffett stated:

Large amounts of risk, particularly credit risk, have become concentratedin the hands of relatively few derivatives dealers, who in addition tradeextensively with one other. The troubles of one could quickly infect theothers.On top of that, these dealers are owed huge amounts by non-dealer counter-parties. Some of these counter-parties are linked in ways that could causethem to run into a problem because of a single event, such as the implosion ofthe telecom industry. Linkage, when it suddenly surfaces, can trigger serioussystemic problems.22

Alongside, a controversy had been raging about regulation of derivatives since theearly 1990s. In 1992, Rep. Edward J. Markey directed the General AccountingOffice (GAO) to study the risks in derivatives, and the report published bythe GAO in 1994 identified significant gaps and weaknesses in the regulatoryoversight of derivatives.23 In the late 1990s Brooksley E. Born, chief of theCommodity Futures Trading Commission, made efforts to regulate derivatives,but was unable to make progress.24

19 George Soros, Testimony to House Banking Committee, cited in Edward Chancellor,Devil Take the Hindmost: A History of Financial Speculation (New York: Farrar Straus &Giroux, 1999), p.334.

20 Soros, Testimony to House Banking Committee in Devil Take the Hindmost (1999),p.334.

21

Warren Buffett, Excerpts from Buffetts letter to the shareholders of Berkshire Hath-away for 2002, available at http://www.fintools.com/docs/Warren%20Buffet%20on%20Derivatives.pdf[Accessed March 10, 2009].

22 Buffetts letter, 2002, available at http://www.fintools.com/docs/Warren%20Buffet%20on%20Derivatives.pdf[Accessed March 10, 2009].

23 Peter Goodman, Taking Hard New Look at a Greenspan Legacy, New York Times,October 9, 2008.

24 Anthony Faiola, Ellen Nakashima and Jill Drew, What Went Wrong?, WashingtonPost, October 19, 2008. For the developments on regulation of derivatives, also see Nelson

339



10/23

P.M. Vasudev

More recently, in 2005 Alan Greenspan, who had consistently opposed reg-ulation, issued a warning about credit derivatives. While stressing that they hadbrought considerable benefits by spreading risk, Greenspan acknowledged thatunderstanding the credit risk profile of CDO tranches poses challenges to eventhe most sophisticated market participants.25

Thus derivatives have been prominent in the debate in financial and regulatorycircles in recent years. There certainly was awareness about them. This backgroundis relevant in evaluating the business decisions made by the swap providers whileexamining the issue in the context of corporate governance, monitoring andoversight. It would be difficult to argue that the directors of the companies thattraded in credit derivatives had no knowledge about the business, its complexities

and risk. This idea informs the following discussion on corporate governancestructures and practices.

Corporate governance, business operations and board monitoring

This part reviews the standard governance structure in public corporations, andthe oversight and accountability mechanisms in it. The analysis is helpful indetermining, typically: (1) how a corporation would start a new line of business,such as credit derivatives; and (2) how the business would be overseen. Risk isan important feature of credit derivatives, and the discussion has a focus on riskmanagement systems.

Corporate governance structures and the Sarbanes-Oxley Act: an overview

Corporate law has traditionally vested management powers in the board ofdirectors, who would be elected by the shareholders. Other than this, it interfereslittle with the internal arrangements in corporations, and leaves them free todevelop their own governance structures and systems.26 The democratic modelof management by directors elected by shareholders was undermined by thedevelopments in the20th century growth in the size andcomplexity of corporatebusinesses and the rise of retail shareholders who had neither the resources nor theinclination to play a meaningful role in governance. Weakening of shareholdersandthe rise of powerful and self-perpetuating boards was the theme of the renownedwork of Adolf Berle and Gardiner Means, The Modern Corporation and PrivateProperty.27

Schwartz and Julie Creswell, What Created this Monster?, New York Times, March 23,2008.25 Richard Beales and Gillian Tett, Greenspan warns on credit derivatives, Financial

Times, May 5, 2005.26 For a description of the reluctance of the law to intrude into the internal arrangements

in corporations, see J.K. Galbraith, The New Industrial State (London: Hamish Hamilton,1967), p.77.

27 Adolf Berle and Gardiner Means, The Modern Corporation and Private Property (NewYork: Macmillan Company, 1932).

340



11/23


The next stage saw erosion in the concept of director-managed corporations.This resulted from a number of factors. Most public corporations had a substantialnumberof part-timedirectors who were notfamiliarwith the business.The processof their selection they were mostly nominated by the powerful CEOs wasanother factor that contributed to their lack of activism. The part-time directors,who owed their position to the CEOs, were hesitant to ask questions.

In the new model that emerged, the business and affairs of the corporationswere, in reality, managed by full-time executives headed by the CEO.28 When thenew model became common, a theory was developed that corporate boards wouldplay a monitoring role, on behalf of the shareholders. The assignment of this roleto the boards both recognised their representative character, and justified their

existence. Directors were an important agency in the framework of corporationsand could not be ignored. But they had been reduced to a position that was mostlymeaningless. The task was to identify a role for the directors, and the monitoringboard was the result.

This new theory of corporate governance had both descriptive and normativeelements. On the descriptive side, it recognised thereality of managerial power. Onthe normative or prescriptive side, the new theory sought to check the power ofmanagers by placing them under the oversight of the directors. Corporate statutesaccommodated the theory by recognising supervisory boards, and authorised thedirectors to delegate many of their powers to executives.29

The monitoring board model was articulated by Melvin Eisenberg, who com-pared it with other possible models (1) full-time directors; (2) boards made upfully of corporate managers; and (3) professional directors. Eisenberg concludedthat monitoring boards are the most practical and effective choice. In advocating

this, he stressed the importance of director independence and freeing them fromthe influence of the managers.30 This was essential for meaningful board oversight,given the reality of pervasive managerial influence.31

The effectiveness of board monitoring has been questioned for a long time.Myles Mace described the concentration of powers in chief executives and theminimal role of the boards of directors of public corporations.32 In the 1970s,Peter Drucker33 and Ralph Nader34 wrote among the critics of managerial powerand weak oversight by boards.

28 For an account of the rise of managerial capitalism, see Alfred Chandler, VisibleHand: The Managerial Revolution in American Business (Cambridge, Mass.: Belknap Press,1977).

29 See, e.g. Delaware Code Title 8 General Corporation Law s.141.30

Melvin A. Eisenberg, The Structure of the Corporation: A Legal Analysis (Boston: Little,Brown, 1976).31 For an interesting description of the inversion of the legal model in the business

world, see Bruce Welling, Corporate Law in Canada: The Governing Principles (Toronto:Butterworth, 1984), p.301.

32 Myles Mace, Directors: Myth and Reality (Boston: Harvard Business School, 1970).33 Peter Drucker, Drucker View [1973] Management 628, cited in Ralph Nader, Taming

the Giant Corporation (New York: W.W. Norton & Co, 1976).34 Nader, Taming the Giant Corporation (1976).

341



12/23

P.M. Vasudev

Listed corporations are also governed by the securities law, which has tra-ditionally relied on disclosure as the principle of regulation.35 Compelling thecorporations to disclose the details of their operations is considered sufficient, andthe rationale is as follows:

When corporations are aware that they must make disclosures, they willadopt responsible practices.The disclosure regime will thus steercorporationstowards good governance.

Alternatively (or cumulatively), mandatory disclosure will put investors onalert, so they can avoid investing in the shares of corporations that haveless-than-desirable standards of governance. Corporations would be eager tomake themselves attractive to investors, and would adopt good governancefor this reason, even if they are not persuaded merely by the need to disclose.

With this philosophy, regulation stops with mandating disclosure. In the wordsof Loss and Seligman, substantive regulation has its limits. But [t]he truth shallmake you free.36 Regulations require public companies to disclose not only whathas happened but also what they expect to happen, including the risk factors.37

Recently, there has been greater regulatory intervention in corporate gover-nance. The Sarbanes-Oxley Act, enacted in 2002 in the aftermath of the scandalsat Enron, WorldCom et al., goes beyond mere disclosure. It makes what, in thetraditional sense, would be considered an intrusion dictating the composition ofboards of directors. Public corporations must now have independent directors,or rather, audit committees consisting of independent directors.38 The emphasison director independence is a response to the complaints about the influence of

managers on the directors. The idea is that independent directors will bring anoutside perspective, and be more effective in overseeing the full-time managers. 39

Corporate governance codes

The recent years have seen the compilation of a number of codes and guidelines oncorporate governance.40 These codes mostly formalise the governance structureoutlined earlier namely, management powers with the CEO and their team of

35 For the history of the adoption of the disclosure regime in the US, see Joel Seligman,The Transformation of Wall Street: A History of the Securities and Exchange Commissionand Modern Corporate Finance (Boston: Houghton Mifflin, 1982).

36 Louis Loss and Joel Seligman, Fundamentals of Securities Regulation, 5th edn (New

York: Aspen, 2004), p.8.37 Securities & Exchange Commission (US), Regulation S-X, Items 303 & 304.38 SOX s.301.39 For an account of the developments relating to independent directors in American

corporations, see Jeffrey N. Gordon, The Rise of Independent Directors in the UnitedStates, 19502005: Of Shareholder Value and Stock Market Prices (2007) 59 Stanford LawReview 1465.

40 A comprehensive database of corporate governance codes in various jurisdictions isavailable at http://www.ecgi.org/codes/all codes.php [Accessed March 10, 2009].

342



13/23


executives, and oversight by the directors. The OECD Principles of CorporateGovernance 200441 are a good example of such voluntary codes of corporategovernance. They provide a handy model for the analysis of credit derivativesbusiness.

The OECD Principles, based on the monitoring board concept, list eight keyfunctions of boards of directors. The first two functions, extracted below, definethe scope of board oversight of business.

1. Reviewing and guiding corporate strategy, major plans of action, riskpolicy, annual budgets and business plans; setting performance objectives;monitoring implementation and corporate performance; and overseeing

major capital expenditures, acquisitions and divestitures.An area of increasing importance for boards and which is closely related tocorporate strategy is risk policy. Such policy will involve specifying the typesand degree of risk that a company is willing to accept in pursuit of its goals.It is thus a crucial guideline for management that must manage risks to meetthe companys desired risk profile.2. Monitoring the effectiveness of the companys governance practices andmaking changes as needed.Monitoring of governance by the board also includes continuous review ofthe internal structure of the company to ensure that there are clear lines ofaccountability for management throughout the organisation. . .

These principles are quite aligned to the practices among public corporations,many of which also have their own codes of governance. For instance, the

following description of the roles of the board of directors and the managementin the Corporate Governance Guidelines of American International Group (AIG)reflects the OECD Principles:

Business strategy would be developed and implemented by the seniormanagement under the leadership and direction of the Chief ExecutiveOfficer. The board of directors, in performing its general oversight function,would the Board reviews and assesses AIGs strategic and business planning aswell as managements approach to addressing significant risks and challengesfacing AIG. . . [T]he Board reviews and discusses reports regularly submittedto the Board by management with respect to AIGs performance, as well assignificant events, issues and risks that may affect AIGs business or financialperformance. . . [T]he Board and its members will maintain frequent, activeand open communication and discussions with the Chief Executive Officer

and the management of AIG [emphasis added].42

41 Organization for Economic Cooperation and Development. Principles of CorporateGovernance. 2004, pp.60-61, available at http://www.oecd.org/dataoecd/32/18/31557724.pdf[Accessed March 10, 2009]..

42 AIG Corporate Governance Guidelines (2008), available at http://ir.aigcorporate.com/phoenix.zhtml?c=76115&p=irol-govguidelines [Accessed March 10, 2009].

343



14/23

P.M. Vasudev

Risk management has emerged as a major concern in the recent years. Reflectingthis, the OECD Principles, extracted earlier, stress the duty of corporate boardsto address risk. Similarly, the Corporate Governance Guidelines of AIG recognisea role for the directors in risk management.

The OECD Principles encourage companies to set up directors committees tohandle specific responsibilities. Public companies must both define and disclosethe mandate, composition and working procedures of the committees.43 AIG,for example, has six committees of directors. Two of them audit and financecommittees have risk management as a part of their function. The audit com-mittees charter has the following among its Other Duties and Responsibilities:

The Committee shall discuss the guidelines and policies governing theprocess by which senior management of AIG and the relevant operationsof AIG assess and manage AIGs exposure to risk, as well as AIGs majorfinancial risk exposures, and the steps management has taken to monitorand control such exposures. The Committee is not the sole body responsiblefor oversight of AIGs risk assessment and management. AIG manages andassesses its risk through multiple mechanisms other than the oversight of theCommittee, including the oversight of other committees of the Board.44

The finance committee has a more direct responsibility for risk management. ItsDuties and Responsibilities include:

Risk ManagementManagement shall review with the Committee, as the Committee may deem

appropriate, reports concerning AIGs exposures to market, liquidity, creditand operational risks in so far as those exposures relate to financial, transac-tional and other matters considered by the Committee as part of its dutiesand responsibilities under this Charter.45

The board of directors would meet a minimum of six times each year46 and itscommittees, at least four times a year.47 This is, obviously, meant to ensure thatthe board and its committees have a minimum level of opportunity and time foreffective monitoring.

Other than the board and its committees, independent audit is an externalmechanism to oversee corporate managements. Audit, which is a requirementunder American securities law, is intended to promote the integrity and accuracyof corporate reports.

43 OECD Principles of Corporate Governance, p.65.44 AIG Audit Committee Charter (2008), available at http://ir.aigcorporate.com/phoenix.

zhtml?c=76115&p=irol-govcommcomp [Accessed March 11, 2009].45 AIG Finance Committee Charter (2008), available at http://ir.aigcorporate.com/phoenix.

zhtml?c=76115&p=irol-govcommcomp [Accessed March 11, 2009].46 AIG Corporate Governance Guidelines (2008), p.5.47 AIG Audit Committee Charter (2008),p.1, and AIG Finance Committee Charter (2008),

p.1.

344



15/23


There is a recent trend to include other external agencies lawyers, secu-rities analysts, credit-rating agencies and investment banks in the corporategovernance framework. They are termed gatekeepers who would monitor cor-porations.48 Among the gatekeepers, only auditors have an institutional positionin the investor protection framework in corporate and securities laws at present.

In the model of corporate governance outlined above, business decisions wouldbe made by the managers, subject to review by senior managers, board committeesand the board itself. In addition, there would be an audit by an independentaccounting firm. This framework, with its numerous checks, can be understoodas a linear process, and the product would, or ought to, be good governance. Theprocess and the outcome are shown in Figure 4.

The reference to good governance raises the question of definition. This wouldbe important given the apparent divergence of opinion about the goals of corporategovernance. For instance, shareholder value is emphasised in economic theory,which would conflict with the ideas about stakeholders. At a minimum, goodgovernance would consist of a management structure and a set of practices that

Figure 4. Multilayer oversight model of corporate governance: the process and itsresult.

48 See, e.g. John C. Coffee Jr, Gatekeepers: The Professions and Corporate Governance(New York: Oxford University Press, 2006).

345



16/23

P.M. Vasudev

foster the growth of a companys business, in a sustainable manner, with dueregard to all stakeholders and without significant externalities. This frameworkrecognises shareholders as the residual claimants who will derive the ultimatebenefit from a companys success, but also respects other constituencies such asemployees, suppliers and communities.

Credit derivatives business and the corporate governance process

The recent experience with the credit derivatives business in the financial sectormust be evaluated against the corporate governance structure and process outlined

above. The question is whether the devices and mechanism namely, oversight bysenior managers, review by board committees, board monitoring, and independentaudit were effective in performing the tasks that were assigned to them. That thecredit derivatives business turned out to be a failure is merely stating the obvious.

There are two dimensions to the credit derivatives business one is the decisionto enter the business, and the other is the understanding of risk and providingsafeguards against it. The question how far the governance structure, based onmonitoring and oversight, was effective in these areas is a complex one. Asan empirical issue, it would require examining: (1) the process of managementoversight in the companies; (2) proceedings of the board committees; and (3)proceedings of the boards of directors of individual companies.

Information on these issues is not generally available, and it would not bepossible to come to concrete conclusions. Given the outcome namely, businessfailure, it would be reasonable to conclude that the monitoring and oversightmodel

of corporate governance has not been effective. This highlights the structural issueswith the present model. These are discussed a little later.

Credit rating agencies played a significant part in the credit derivatives business.Their assessment of the credit risk was crucial both in the marketing of CDOamong investors and in the sale of swaps. But the question is whether this isan adequate explanation. Corporate governance would be irrelevant if the entireblame were to be laid on credit rating agencies.

Structural issues in corporate governance

The experience with the default swaps points to significant weaknesses in thepresent model of corporate governance based on multilayer oversight. These are:(1)lack of clarity about the responsibilities of theboard; (2)absence of a mechanism

of reporting by the directors; and (3) inadequate scope of audit.

Role of the board and its responsibilities

As noted earlier the task of the directors, as representatives of the shareholders,is to oversee the management. AIGs Corporate Governance Guidelines affirmthat the board of directors is responsible to act as advisors and counsellors to

346



17/23


the Chief Executive Officer and senior management and oversee managementsperformance on behalf the shareholders.49

This structure is adequate as a statement of principle, but its deficiencies becomeobvious when there are specific questions such as the boards involvement instarting a new business. In the prevailing disclosure regime, it would be difficultto determine whether the credit derivatives business was, in fact, placed before theboard for its consideration. Hence questions such as the boards decision or anyguidance it might have given the management about the business or its risks hardlyarise. There is no clarity on these issues.

The monitoring model would be incomplete if there is no clarity on thedecisions or issues that a board must monitor. This highlights the need for listing

the functions and responsibilities of the boards of directors of public corporations.It is, of course, possible to treat the role of the board as purely advisory, butthat would simply eliminate accountability. It is hardly desirable, either for theshareholders or for other stakeholders, to have directors who are not accountable.Indeed, the recent trend is to expand the role of the directors. This is evident fromthe OECD Principles and the corporate governance charters of AIG.

Reporting by the directors

The next issue is about submission of reports by the board of directors. The prin-ciple that the directors represent the shareholders is recognised, as the corporategovernance charter of AIG shows. But there is no systemic requirement that thedirectors must submit a report to the shareholders periodically. This is a gap in theexisting arrangement.

Specifically in thecontext of thecreditderivativesbusiness, a question is whetherthe boards of directors of the banks and insurance companies that sold the swapsknew, or ought to have known, that these companies had entered the default swapsbusiness? At least some details about the business were available in the statutoryreports of these companies. These reports are public documents. Based on them,can the directors of the companies that sold the swaps be imputed with knowledgeabout the business? For a number of reasons, this would be difficult.

The statutory filings under the Securities Exchange Act of 1934 50 representmanagements discussion of the business. They are not the reports of directors,and this is a lacuna in American corporate law. In English company law, thedirectors must submit annual reports to the shareholders and this compels themto go on record with their comments about the companies and their business andaffairs. The directors of English companies must both oversee the management

and report about it to the shareholders.51

There is thus a document by which thedirectors can be held to account.There is no similar requirement in the United States. The duty of the directors

ends with oversight, although the principle is the same in both jurisdictions the

49 AIG Corporate Governance Guidelines (2008), p.1.50 United States Code 15 USC 78a.51 Companies Act 2006 (UK) ss.415419.

347



18/23

P.M. Vasudev

directors are representatives of the shareholders and oversee the managers in thatcapacity. The cycle of oversight would be complete only with the submission of areport by the directors to the shareholders.

Audit and its scope

Audit is an important mechanism designed to promote corporate integrity andaccountability.52 The scope of audit and regulatory intervention in the subject hasgradually expanded over the last seven decades since audit was made mandatoryunder the Securities Exchange Act of 1934.53 Not surprisingly, the development ofaudit hasbeen drivenalmost entirely by corporatefailuresand scandals,punctuated

by efforts from the private sector to ward off public regulation through assurancesabout self-regulation.

An overview of the development of audit reveals two strands that are com-plementary to each other. One is a policing approach that saw the establishmentof audit committees in public companies. This was done in 1978 through thecollaborative action of the Securities and Exchange Commission (SEC) and NewYork Stock Exchange (NYSE). Audit committees for public companies were madea compulsory requirement under the listing rules of NYSE. The Sarbanes-OxleyAct granted statutory recognition to audit committees, and requires them to bemade up fully of independent directors. This represents an important step instatutory intervention in corporate governance.

The other strand in regulation is a focus on illegal or criminal acts by personsin control of corporations.54 With this as the starting point, audit regulation has,understandably, been mostly of the command-and-control variety. Regulationhas been more ready to punish misfeasance, and less ready to address businessissues or influence behaviour in a positive manner. The provisions in the Sarbanes-Oxley Act on financial misstatements and criminal liability for them are consistentwith this approach.

In Sarbanes-Oxley, the focus was as much on auditor integrity as it wason corporate integrity. In Enron, the companys relationship with its auditor,Arthur Andersen, was at the centre of the scandal. Audit was, therefore, a keycomponent of the reforms under SOX. It gave statutory status to the principle ofauditor independence. In 2000, the SEC had initiated the process by classifyingthe non-audit services that an auditor could provide without risking loss ofindependence.

Regulation has generally stayed away from issues like defining the scope ofaudit, or the standards to be applied for the audit process. Here again, SOX

took the first step by setting up an agency the Public Company AccountingOversight Board (PCAOB) to formulate the audit standards applicable to public

52 For an account of the development of audit in the US and the attendant issues, see JohnCoffee, Gatekeepers (2006).

53 Loss and Seligman, Fundamentals of Securities Regulation (2004), pp.190194, haveexplained the expansion in the scope of the audit of public corporations in this period.

54 Securities Exchange Act s.10A.

348



19/23


corporations.55 PCAOB has developed Audit Standard No.5, which lays down thestandards for audit of internal control over financial reporting that is integratedwith an audit of financial statements.56 The title explains the limited scope of theaudit exercise.

Under the PCAOB standards, audit would not be concerned with any businessissues including risk. It would not be the auditors job to examine documentslike derivatives contracts, determine the nature of the risks in them and report onthe risks. Presently, the auditors duty is limited to reporting afterthe risks havematerialised, and not while they are still latent. There is no arrangement, in theaudit exercise, for evaluation of the risks in a companys business or for reportingon them.

AIGs independent auditor, PricewaterhouseCoopers (PwC), reported:

. . . a material weakness in internal control over financial reporting related tothe AIGFP super senior credit default swap portfolio valuation process andoversight thereof.57

This observation was made in early 2008, by when AIG had been in the creditderivatives business for many years. PwCs complaint is limited to financialreporting on the valuation process for the default swap portfolio; it had littleto say about the business itself or the underlying risks. This is in line withthe applicable standards of PCAOB namely, Auditing Standard No.5, or therecently superseded Auditing Standard No.2.58

By these standards, an auditor does not have to be concerned with anythingelse. The audit exercise, given its rationale, has proved to be inadequate from the

systemic point of view. The limited brief for auditors places the investors, whomthe audit is intended to benefit, in a vulnerable position. It is, therefore, necessaryto revisit the issue of the scope of corporate audits.

The question whether public company audits were adequately serving andprotecting the interests of investors was to be considered by the Panel on AuditEffectiveness. The panel was set up in 1998 by Arthur Levitt, then chairmanof SEC. But the work of the panel was mostly confined to fraud and earningsmisstatements. Its recommendations said little about corporate business issues andrisks, which would be vital for investor protection.59 There is a case for a freshreview of the scope of audit of public companies, and the presence of PCAOB canmake a difference.

55

SOX ss.101109.56 Public Company Accounting Oversight Board, available at http://www.pcaobus.org/Standards/Standards and Related Rules/Auditing Standard No.5.aspx [Accessed March 11,2009].

57 AIG Statutory Report for 2007, p.129.58 Public Company Accounting Oversight Board, available at http://www.pcaobus.org/

Rules/Rules of the Board/Auditing Standard 2.pdf[Accessed March 11, 2009].59 Panel on Audit Effectiveness. Report and Recommendations.2000, available at http://

www.pobauditpanel.org/downloads/prefatory.pdf [Accessed March 11, 2009].

349



20/23

P.M. Vasudev

Consequences for corporate governance

The issues with the present model of corporate governance, outlined above, stressthe structural weaknesses in it. If the expectation is that the multi-layer oversightmodel would lead togoodgovernance,as shown in Figure 4, it isnot fulfilled bytherecent events in the financial sector. Oversight and monitoring at different levelshave, apparently, not made any difference to the outcome. As a result, the realityis a cycle of governance weaknesses that led to business failure. Omissions at eachlevel fed the other, and the result was a cycle of unsustainable business creditderivatives that went on for a number of years. The process is shown in Figure5.

The weaknesses in the corporate governance structure are independent of externalfactors, such as deficiencies in credit rating or change of accounting rules. Theissue is about the adequacy of the prevailing model of corporate governance thathas wide acceptance. If, at different levels in the companies, greater attention hadbeen paid to the credit derivatives business and appropriate risk models developed,would the external factors have been as damaging as they turned out to be? This isa question to be answered.

Conclusion

The experience with credit derivatives and corporate governance offers valuablelessons. One option is transition to a new principle of governance that lays greater

Figure 5. Cycle of governance weaknesses.

350



21/23


stress on responsibility. The board of directors will not merely monitor, but alsobe responsible for major decisions. Another is to either widen the scope of auditto include business issues or, alternatively, there can be independent assessmentof risk and reporting on it. Accordingly, the following measures are proposed forpromoting better governance of public companies.

Minimum board responsibilities

The monitoring board model is now the standard among public corporations. Butsuccessive corporate failures, the latest being the collapses in the financial sector,point to its limitations. A monitoring board would not be effective when there isno clarity on the issues the board must monitor.

The role of the boards of directors of public companies came under scrutiny inthe wake of the corporate failures at the turn of the century. A report on Enron,prepared by the US Senate, was critical of the directors of the company apparentlyaffirming many of the questionable decisions made by the management.60 PaulMacAvoy and Ira Millstein recently made a number of recommendations formaking boards more active and to streamline their functioning. These includedboards:

responsibility for the companys strategy, risk management, and finan-cial reporting based on sufficient knowledge of the companys businessenvironment, challenges and opportunities.61

MacAvoy and Millstein were, however, sceptical of the adoption of their recom-

mendations in legal regulation.In 2003, the Task Force on Corporate Responsibility constituted by American

Bar Association stressed the need to:

. . . more clearly delineate the oversight responsibility of directors generally,and the unique role that independent directors play in discharging thatresponsibility in public company settings.62

Among the specific oversight matters, the Task Force listed:

. . . reviewing, approving,and monitoringfundamental financial and businessstrategies and the performance of the company relative to those strategies;assessing major risks facing the company; and ensuring that reasonable

60 US Senate, Committee on Governmental Affairs, Permanent Subcommittee on Inves-tigations. The Role of the Board of Directors in Enrons Collapse. 2002, available athttp://news.findlaw.com/hdocs/docs/enron/senpsi70802rpt.pdf[Accessed March 11, 2009].

61 Paul MacAvoy and Ira Millstein, The Recurrent Crisis in Corporate Governance(Stanford, Ca.: Stanford University Press, 2004), pp.128129.

62 American Bar Association. Report of the Task Force on Corporate Responsibility. 2003,p.32, available at http://www.abanet.org/buslaw/corporateresponsibility/final report.pdf[Accessed March 11, 2009].

351



22/23

P.M. Vasudev

processes are in place to maintain the integrity of the company and thecorresponding accountability of senior management.63

These are more concrete than the general statement of principle in the governancecharters developed by corporations.64

In the United Kingdom, the move in recent years has been towards what ChrisRiley termed the juridification of corporate governance,65 which would placegovernance in a legal framework that is more elaborate and nuanced. Riley hasargued that much . . . depends upon the precise form that juridification takes,and in favour of making at least some . . . structural provisions more rule-like.66

The current political and economic climate and specific instances of corporate

failure might provide the opportunity for reform. The SOX, as noted earlier, tooka first step in direct intervention in corporate governance by requiring publiccorporations to have audit committees consisting of independent directors. Apossible next step would be for regulation to specify the issues that corporateboards must monitor a list of minimum board responsibilities.

Minimum board responsibilities would be different from the codification ofstandards for directors duties, which has just been completed in Britain in theCompanies Act 2006.67 These standards, such as the duties of loyalty and care,provide guidance to the directors on how to perform their duties; they do not spellout the duties themselves. The need now is to develop a set of specific governanceresponsibilities for the boards of directors of public companies.

The concept of minimum board responsibilities is not radical. It would notdetract from the widely accepted two-tier model of governance; the decisions willstill be made by the management, subject to board approval. To provide flexibility,

provision can be made for ex post approval in specified circumstances. In thisframework, decisions on starting a new business or discontinuing an existing onewould be appropriate as board responsibilities. The requirement of board approvalfor such major decisions can streamline governance, facilitate better deliberationand promote accountability.

Mandatory risk assessment and reporting

Risk has emerged as a serious issue financial risk being the most significant. Thesub-prime crisis in the United States and its reverberations worldwide are proofof the interconnectedness of national economies and corporations, and equally,

63

American Bar Association. Report of the Task Force on Corporate Responsibility. 2003,p.33.64 See, e.g. AIG Corporate Governance Charter (2008).65 Chris Riley, The Juridification of Corporate Governance in John de Lacy (ed.), The

Reform of United Kingdom Company Law (London: Cavendish Publishing, 2002).66 Riley, TheJuridification of Corporate Governance in TheReform of UnitedKingdom

Company Law (2002), p.201.67 There was opposition to the codification exercise. See John Birds, The Reform of

Directors Duties in The Reform of United Kingdom Company Law (2002).

352



23/23


the apparent fragility of the arrangements. In this environment, risk management,understandably, has emerged as an important subject and is now an independentdiscipline.68

Securities laws have mandated disclosures on risks for a long time, but theinadequacies of the prevailing arrangements are apparent from the recent events.Mandatory risk assessment and reporting procedures for public corporationswould be useful in better articulating the risks they face. Risk reports, preparedby experts, would be placed before the boards for consideration and action. Theexercise of risk assessment would have a cost, but considering the seriousness ofthe issue, it would be more appropriate to steer the debate towards containing thecost at reasonable levels.

The measures proposed above can enhance the capability of public companiesto handle risk in the complex, interconnected and uncertain world. It is onlyto the federal securities law that one can look for action on these issues, giventhe open structure of the law of corporations and the scheme of liability ofdirectors. These proposals would take corporate governance in the directionof juridification but with an important difference. They are not based onthe command-and-control principle. On the contrary, the measures proposedin this article would promote an interdisciplinary approach towards regulationof corporate governance. Regulation would adopt the techniques and practicesin finance and business management, and incorporate them in the institutionalframework in which public companies operate.

68 See, e.g. Michael Power, The Risk Management of Everything: Rethinking the Politicsof Uncertainty (London: Demos, 2004).

353


Documents

Vasudev JBL Paper