The Outsourcing of Financial Regulation to Risk Models and the Global Financial Crisis: Code, Crash, and Open Source
Erik F. Gerding
University of Colorado Law School
March 1, 2009
Washington Law Review, Forthcoming
The widespread use computer-based risk models in the financial industry in the last two decades enabled the marketing of more complex financial products to consumers, the growth of securitization and derivatives, and the development of sophisticated risk management strategies by financial institutions. Over this same period, regulators increasingly delegated or outsourced vast responsibility for regulating risk in both consumer finance and financial markets to these private industry models. The proprietary risk models of financial institutions thus came to serve as a "new financial code" that regulated transfers of risk among consumers, financial institutions, and investors.
The spectacular failure of financial industry risk models in the current worldwide financial crisis underscores the dangers of regulatory outsourcing to the new financial code. This article outlines several implications of the current crisis for regulatory outsourcing including the following:
- Bank regulators should scrap those provisions of Basel II that allow certain banks to set their own capital requirements according to their internal risk models;
- Regulators should promote "open source" in code used to market consumer financial products, price securitizations and derivatives, and manage financial institution risk; and
- The failure of risk models used to price securitizations and derivatives reveals some of the comparative advantages of equity securities in spreading risk.
Number of Pages in PDF File: 83
Keywords: risk model, financial institution, model risk, financial regulation, subprime, mortgage, securitization, subprime crisis, banking, banking law, open source, Basel, derivative, cyberlaw, systemic risk, consumer finance, consumer protection, consumer financial protection
JEL Classification: C5, C71, D18, D81, G12, G18, G20, G21, G31, G38, K22, K23
Date posted: September 25, 2008 ; Last revised: July 6, 2010