All The Devils Are Here: Unmasking the Men Who Bankrupted the World (13 page)

Why does a bell curve rise as it gets closer to the middle? Because the middle of the graph is where the smallest—and hence the most frequent—changes take place. Take a widely traded stock. It is going to rise or fall by twenty-five cents far more often than it will rise or fall by five dollars. So the twenty-five-cent movements will be clustered near the middle while the less frequent five-dollar movements will be farther along the sides of the curve, on either the plus or the minus side. And the truly enormous moves—the barely imaginable, once-in-a-lifetime events—will be so far outside the scale of the curve that they won’t even show up. These rare events would eventually be called “fat tails” or “black swans.”

Guldimann wasn’t interested in black swans; that was a risk problem for someone else to solve. Instead, VaR was meant to measure market risk from one day to the next, with the working assumption that tomorrow would be more or less like yesterday. Guldimann’s aim was to come up with a single number—a dollar figure—that would represent the amount of money the bank could lose over the next twenty-four hours with a 95 percent probability, assuming a normal market. Of course if it wasn’t a normal market, then all bets were off.

VaR, as Guldimann and his team developed it, had a number of appealing features. First, it could be used to gauge the riskiness of any kind of portfolio, from the simplest loans to the most complex derivatives. Second, it could be used to aggregate risk across the entire firm. Third, it could be used to measure the risks being taken by individual traders. That meant that risk managers no longer had to ask around when a trader wanted to increase his limits. “Once we converted all the limits to VaR limits, we could compare,” says Guldimann. “You could look at the profits the guy made and compare it to his VaR. If the guy who asked for a higher limit was making more money with less VaR, it was a good basis to give him more money.”

Finally, VaR expressed risk as a single number. You didn’t have to be a quant to understand it. For instance, if your firm’s VaR was 45, then that meant that 95 percent of the time the most the firm could lose the next day was $45 million. For Wall Street CEOs not immersed in risk management practices, VaR gave them something they could readily understand.

By the early 1990s, Weatherstone had instituted something called the 4:15 Report. Every afternoon at 4:15—just fifteen minutes after the market had closed—all the top J.P. Morgan executives were sent a document that listed the firm’s overall VaR for that day, as well as the VaR number for all the various trading desks around the world. No longer were executives in New York blind to the risks being taken in London, or Tokyo, or anywhere else in the world.

Later, many Wall Street CEOs would view their daily VaR number as an expression of their firm’s worst-case scenario. But it was nothing of the sort. The most important information VaR conveyed was not the absolute number, but the trend over the course of weeks or months. Were the bank’s risks increasing or diminishing? Were problems arising on this desk or that one? And so on.

And then there was the tail risk issue. The fact that VaR told you how much your firm might lose 95 percent of the time didn’t say a thing about what might happen the other 5 percent of the time. Maybe you would lose a little more than the VaR number—no big deal. Or maybe you’d get caught in a black swan and lose billions. The fact that VaR had been created didn’t mean you could stop worrying about risk.

Weatherstone understood this completely. “I remember meeting with him,” says a former J.P. Morgan risk manager. “I would show him the VaR numbers and tell him that a certain currency trade had gotten 20 percent riskier. The currency guy would fight it. [Weatherstone] would listen to the arguments. He wouldn’t say a lot. Then he would make a decision about whether the currency desk had taken on too much risk. And it was based not just on VaR but on the deeper discussion that it sparked.” Which, for its creators at J.P. Morgan, was how VaR was supposed to work. Though it was an important data point, it was never meant to be the only data point.

Having created VaR, Guldimann then did something highly unusual: he gave it away. The theme of the bank’s 1993 client conference was risk. By then, other firms were grappling with the same set of issues that had led J.P. Morgan to create VaR. When Guldimann explained the bank’s new risk model at the conference, many of J.P. Morgan’s clients began clamoring to learn more about it. Some of them asked if they could purchase the underlying system.

Most banks would have likely declined; after all, VaR was J.P. Morgan’s intellectual property. But Weatherstone and Guldimann understood that if some banks took excessive risks they didn’t understand, it would be bad for everybody, J.P. Morgan included. It would be better, they believed, if everyone had access to the same risk tools. But since they also didn’t want to turn risk management into a side business, they decided to teach VaR to anyone who wanted to learn about it—free of charge. “Many wondered what the bank was trying to accomplish by giving away ‘proprietary’ methodologies and lots of data, but not selling any products or services,” Guldimann wrote years later. “It popularized a methodology … and it enhanced the reputation of J.P. Morgan.” By the late 1990s, VaR had become the de facto standard for risk models. Everybody used it. They had to.

Even as Guldimann was popularizing VaR, another group of J.P. Morgan quants, in a different corner of the firm, was creating a new kind of derivative: credit default swaps. The project grew out of the same impulse as VaR—the bank’s ongoing effort to better manage its own risks. In this case, though, the risk in question was perhaps the most basic in all of banking: the risk that a borrower might be unable to pay back his loan. Credit risk, in other words.

The best way to deal with the possibility of default of course, is to make good loans in the first place. That’s why banks have underwriting standards. But even the soundest loan portfolio is going to have defaults; it’s inevitable. Nobody can know what the future holds. Strong companies can become weak. Unforeseen events can take place. No loan is risk free.

Nor, of course, are bank portfolios always sound. The history of banking is filled with episodes of mania, going back at least to the South Sea Bubble in the 1720s, when bankers lost their heads and made foolish loans. In such instances, when a raft of bad loans couldn’t be paid back, banks were suddenly shuttered and a financial crisis often ensued, requiring government intervention.

To protect against defaults, banks hold capital in reserve, which can be used to fill the hole in the balance sheet if loans go bad. In the late nineteenth century, the U.S. government forced banks to hold a staggering 30 percent of their capital in reserve. That onerous requirement eventually disappeared, but in the wake of the Latin American debt crisis of the 1970s—a crisis that nearly brought Citibank to its knees—federally mandated capital requirements made a comeback. U.S. banks were required by the Federal Reserve to set aside enough capital to cover 8 percent of their assets. In the
view of the government, mandatory capital was a critical safety net. (As Alan Greenspan himself later wrote, “Adequate capital eliminates the need for an unachievable specificity in regulatory fine tuning.”)

Around the same time, the idea of creating global capital requirements began to gain currency. The rationale was that in an increasingly globalized marketplace, it was important for all the big international banks to play by the same rules, so that one country’s banks wouldn’t have an advantage over another’s. The group that was formed to put together these international rules was the Basel Committee on Banking Supervision, which began its work in 1974. By the time the Basel Committee proposed, finalized, and implemented its new capital rules, called Basel I, some eighteen years had passed.

Why did it take so long? Partly it was because international bureaucracies always take an absurd amount of time to get anything done. Partly it was because, during those eighteen years, banking was becoming increasingly complex and the proposed capital rules were constantly trying to catch up to that complexity. And partly—perhaps most important—it was because, throughout the process, the banks fought to both weaken the capital rules and turn them to their advantage.

Banks, you see, hate having to hold a lot of capital. Though they understand the importance of capital rules, they also know that every dollar of capital held in reserve is a dollar that can’t be used to make a loan. So there has always been a struggle between regulators trying to impose capital requirements and banks trying to minimize them.

Prior to Basel I, every asset on a bank’s books, no matter how risky, required the same amount of capital. Yet as banks broadened into derivatives and other areas that went well beyond commercial lending, it became increasingly clear that different assets had different risks. That’s the complex reality the Basel Committee was trying to reflect.

Basel’s solution was to adopt what it called risk-based capital requirements. That is, the amount a bank had to put aside in capital would depend on the riskiness of the asset. Commercial loans were in the riskiest bucket, requiring the full capital ratio. But mortgages were viewed as less risky, presumably because people would go to great lengths to avoid defaulting on their home, so they required less capital than a commercial loan. With some prodding from the banking industry, the Basel Committee agreed that private-label mortgage-backed securities—that is, mortgage bonds not backed by
Fannie or Freddie—should have a risk weighting of 50 percent of the riskiest weightings, such as commercial loans. Mortgage-backed securities insured by Fannie Mae or Freddie Mac were viewed as the safest of all, since those loans were backed (implicitly) by the full faith and credit of the United States government. The capital they required was only 20 percent of that of a commercial loan.

The consequence of this new approach was obvious. Banks were going to stuff their balance sheets with mortgage products because they required less capital. Because highly rated securitized tranches required less capital, it made more sense for financial institutions to hold the securities rather than the original loans. The banks also kept pushing to change the rules in their favor. Starting in the mid-1990s, for instance, bank lobbyists repeatedly tried to get the regulators to lower the capital requirement on highly rated private-label securities to 20 percent, so their securities would be on equal footing with Fannie and Freddie’s. (Fannie objected, of course.) In 2001 they finally succeeded, at which point banks had even more incentive to hold highly rated mortgage-backed securities.

Finally, banks searched for ways to game the Basel rules. For instance, under Basel I, banks could set up an off-balance-sheet investment vehicle, and so long as the duration of its credit line was less than one year, the bank didn’t have to hold any capital against that vehicle. So, theoretically, a bank could sell a risky slice of a mortgage-backed security to such a vehicle, set the credit line to last one day short of a year, and hold no capital against it.

Once this risk-based methodology took hold, banks had an enormous incentive to move into assets that would require less capital—or to invent new products that would have the same effect.

Lo and behold, along came the product that would soon be the greatest capital reducer of them all: the credit default swap.

In simplest terms, a credit default swap is designed to accomplish the same task as an interest rate or currency swap—move risk from a party that doesn’t want it to one that does. The risk in this case, however, is credit risk. A credit default swap is essentially an insurance policy against the possibility of default—credit protection, it came to be called. One party—a bank—would buy credit default swaps to protect against a default in its loan portfolio. A counterparty would sell the bank the credit default swap in return for a fee. So long as there was no default, the counterparty would keep collecting fees.
But in the event of a default, the counterparty would have to pay the full amount of the loss to the bank. The loan itself remained on the books of the original lender.