The commodities broker MF Global first came to the attention of the risk-management community in February 2008. The firm announced a $141.5 million bad-debt provision resulting from of one of its representatives trading in the wheat-futures market for his personal account that exceeded established limits.

Consequently, the firm was fined $10 million by the Commodities Futures Trading Commission over this incident as well as another unrelated natural-gas incident from 2003. The Chicago Mercantile Exchange also fined MF Global $495,000 over the wheat incident.

In an ironic way, the 20102012 risk-management crisis and fall in the MF Global stock price highlighted the need for a complete review of the firm’s risk-management process. Two specialized consulting firms were hired to fully understand the cause of the incident and to make recommendations to the company about how to prevent similar incidents from occurring in the future. The irony is that the now-bankrupt firm took the consultants’ good advice, but then hired a CFO who trashed it in less than a year, indicating that the company should have done a better job in managing its risk management. 

The Role of the CRO
One of the recommendations from the consultants was to hire a global chief risk officer. Michael K. Roseman was hired as the new CRO in August 2008, and reported directly to the MF Global CEO.

In a written statement to the Oversight and Investigations Subcommittee of the House of Representatives Committee on Financial Services, Roseman stated he “provided leadership over, and oversaw the adherence to, the enterprise risk management framework across all categories of risk including chairing the monthly Enterprise Risk Committee meetings.” He was a “member of the executive management team and provided regular CRO reports to the board.”

Responsibilities of the CRO included implementing a “new, comprehensive enterprise risk management framework, including the establishment of new risk management committees, enterprise risk policies, and a board-approved risk appetite statement with associated delegations of authority across all categories of risk.”

Over a two-year period, the CRO said, he led and coordinated efforts to enhance the risk systems, implement new analytics and risk measures, and implement comprehensive enterprise controls across the organization. Along with the CEO, he said, he established a culture of sound risk management throughout the company.

Roseman also stated that during his tenure “I, along with others on the executive team, regularly interacted with various stakeholders to provide transparence on the significant efforts and progress made to implement the consulting company recommendations and to strengthen MF Global’s risk management capabilities.” Over time, he said, stakeholders, including rating agencies, regulators, insurance companies, counterparties, and customers, “gained confidence in MF Global’s improvements.”

Roseman added that the two consulting firms ultimately conducted on-site reviews and reported to the board that the recommendations were “satisfactorily addressed.”

Failure and Scandal
MF Global’s failure was caused by inadequate liquidity to support a strategy involving large concentrated positions taken on the sovereign debt of several members of the European Union.

MF Global was not too big to fail, as it turns out. No government bailout occurred. A bankruptcy filing was made in late October 2011. MF Global became the focus of a financial scandal after it was revealed that that the firm experienced a large shortfall with customer accounts. The result was Midwestern farmers with substantial financial losses, regulators with unanswered questions, lawsuits, and various investigations.

The congressional Subcommittee on Oversight and Investigations issued the most recent report. While the report’s findings point blame for the failure of the CEO Jon Corzine and the shortcomings of regulators, there are some very troubling issues involving corporate governance and risk management. Most notable is the complex interplay among the MF Global board of directors, the CRO, the high-profile Corzine, and the complex issue of risk appetite and tolerances.

An Appetite for Risk
Risk-management progressives would assert that a board-level risk committee, an executive risk committee, the adoption of enterprisewide risk management, and a knowledgeable CRO reporting directly to the CEO with access to the board should be the foundation for a successful risk-management program.

MF Global had an established risk appetite: the ISO 31000 standards define risk appetite as “The amount and type of risk that an organization is prepared to pursue, retain or
take. . . .”

Also in place was a formal process for escalating the risk appetite or limits. MF Global not only had this model structure, but confirmed the importance of risk management in its 2011 Form 10-K:

“We believe that effective risk management is critical to the success of our business and is the responsibility of all of our employees. All of our employees are risk managers. Employees are expected and encouraged to escalate incidents and any matters of concern to management and to our compliance and risk departments in order to effectively manage risk. Consequently, we have established and continue to evolve and improvea global enterprise wide risk management framework that is intended to manage all aspects of our risks.”

A model enterprise-risk-management (ERM) process includes running risk scenarios to stress-test the program, and the record shows that the CRO ran various risk scenarios. It is at this point, however, that the model ERM program broke down. The CRO’s written statement to Congress declared that “the risk scenarios I presented were challenged as being implausible.” Shortly thereafter, Roseman was replaced by a new CRO.

We now know that the scenarios presented were not implausible. In fact, the quotation from the CRO captures the risk-management hubris at the very top of MF Global. The firm’s failure was not the result of an ineffective ERM program; instead, it was the failure of the CEO to heed the CRO’s advice.

It is necessary, but not sufficient, to have a well-designed ERM program. To be successful, that program must be allowed to function. The logic and recommendations from the CRO should be heeded.

One remedy might come from Dodd-Frank: to have a risk-management expert serving on the board of directors.

James Kallman, Ph.D., is a finance professor at St. Edwards University in Austin, Texas. John Bugalla is a principal with ermINSIGHTS.


Leave a Reply

Your email address will not be published. Required fields are marked *