Sunday, September 28, 2008
The Subprime Crisis and the Outsourcing of Financial Regulation to Financial Institution Risk Models: Code, Crash, and Open Source, by Erik F. Gerding, University of New Mexico - School of Law, was recently posted on SSRN. Here is the abstract:
The lens of cyberlaw scholarship provides perspective on how the crash of computer-based "codes," particularly risk models, triggered the subprime mortgage crisis and on ways to mitigate risks posed by these codes. This lens reveals a critical flaw in financial regulation; regulators outsourced vast regulatory authority to the proprietary codes of financial institutions, without examining defects in those codes.
Financial codes now drive:
* the types of mortgages and other financial products that financial institutions market to consumers;
* the manner in which financial institutions securitize those products;
* how institutions that purchase asset-backed securities hedge risks; and
* overall risk management by financial institutions.
At each of these nodes in the financial network, regulators relinquished significant oversight responsibility to the "new financial code." This continues despite the subprime crisis.
The Article unpacks the dangers of this deference by examining the failures of code in the subprime crisis, using insights from computer science, finance, behavioral economics, and complexity science. These insights have policy and scholarly implications, including:
* Regulators should promote open source in code used to market consumer financial products, price securitizations and manage financial institution risk.
* Consumer financial protection must be reconceived as protection from systemic risk. This connection became apparent when errors cascaded from codes that lenders used to market consumer mortgages to the models financial utions used for portfolio management.
* Bank regulators should delay implementing Basel II, which allows certain banks to set capital requirements according to internal risk models.