A novel risk-management plan

With the Canadian financial and banking sector now working in an increasingly complex legislative and regulatory environment, corporate counsel find themselves moving past the traditional role of trusted adviser and into the position of risk managers. Indeed, says BMO Financial Group general counsel Simon A. Fish, managing risk is a core part of his bank’s business model.

“We make money out of managing risk,” he says. But he adds the imposition of additional duties by lawmakers and requirements of boards of directors have led his company to develop a unique approach. It means involving external law firms when the bank engages in risk-management situations.

 

“What’s new is that risk management is very much hitherto seen as an internal exercise,” says Fish. “What we’re doing here is extending that to a service provider. We’re bringing in our law firms as partners as part of that process.” He says the response to the creation of formal relationships in the situation has been positive but adds many firms have not seen such an approach before. “They’ve all come on as willing partners. In representing BMO, the firms are required to be mindful of the legal, regulatory, and reputational risks involved in any transaction or matter, and involve the senior members of the legal group in the assessment and management of such risks,” Fish says. 


Dale Ponder, managing partner and CEO at Osler Hoskin & Harcourt LLP, says while she can’t speak to the practices of other financial institutions, the move by BMO’s in-house team to include greater involvement from outside counsel seemed like the right one. “With everything that’s going on in the financial services sector, they’re taking it to the logical next step,” Ponder says. “They’re taking it to the next level. The shareholders want to know it’s well managed. The board of directors wants to know it’s well managed.”


Fish says in working with BMO lawyers, outside firms are expected to familiarize themselves with certain risk factors identified by the company’s legal group as the existence of such factors may give rise to significant risks to BMO. “It’s more troops. It’s more resources. It brings more expertise and specialist knowledge to an area,” Fish says. It’s an analogy Ponder accepts. She says given the complexity of the business, institutions such as BMO must be certain of their service providers. “These are good people to enlist as a double-check to their systems.”


Hugh MacKinnon, chairman and CEO at Bennett Jones LLP, says a big business needs certainty. “If you’re the general counsel of a big bank, it’s a complex world. You need people who are in the outside world in the trenches to be your eyes and ears. [Fish] obviously needs his whole team including external counsel.” 


In order to meet BMO’s requirements, Ponder explains, some of Oslers’ systems had to be adjusted to deal with the bank’s risk-management needs. Risk parameters had to be explained and client services and records management staff had to be enlisted in order to spot risk triggers. She says the firm needs internal flags in order to discharge its obligations to the bank. “If we see it, we know it and remember to tell them. Hopefully, we’re not ever calling [Fish].”


MacKinnon says the formalization of the firm’s involvement with BMO’s in-house team is the novel and “smart” thing to do. And, he adds, the idea with which Fish approached him in the early spring of 2010 could be the way of the future for not only banks but also for other corporate entities. “It’s something that’s done on an ad hoc basis anyways but formalizing it will become the norm,” he says. 


Fish notes particular areas of concern are investment banking and credit or complex structured finance transactions. Indeed, the list of risk factors external counsel would need to address is lengthy. It includes the need for legal, tax, accounting or regulatory opinions, off-balance sheet financing, the timing of the closing of transactions, product suitability, creation or use of special-purpose vehicles, indicators of fraud, money laundering, bribery or corruption, and the existence of real or apparent conflicts of interest. 


There are letters of engagement BMO uses with firms which specify the terms of engagement in that process. “Those are the obligations we impose on the law firms in our standard engagement terms,” he says, adding BMO is not going looking for small firms to handle specific practice areas. “We tend only to engage the major Bay Street firms and national firms to do the work.” And he’s not interested in reluctance on the part of his partners. “Any firm that shows reluctance or indicates some inability to take on the role, we will have reluctance to engage them,” he says. 


It’s a stand with which Ponder takes no issue. She says any time a firm is asked to do something, it’s in the firm’s interest to take the request seriously in order to maintain the relationship with the client. 


Fish says it’s standard practice for his bank to maintain a strong group of professional risk managers whose function it is to manage risk on an enterprise-wide basis within BMO’s various lines of business. Further, he explains, the company’s legal group has its own risk-management framework with which the bank has begun to engage outside counsel. But the idea, he says, is not to put those firms on the hook for anything but rather to be part of an early warning system. That is clear to Ponder. “They’re not trying to shift liability to their outside service providers,” she says. 


In engaging those firms, the bank has identified risk triggers that firms have been asked to familiarize themselves with, says Fish. If one of those triggers should be identified as coming into play in the bank’s interests, “I want the outside counsel to give me a call immediately.” The learning curve has not been overly steep for Oslers. “It’s not a huge one because we have done work for them before in the past and are aware of their processes and risk factors,” says Ponder. “There’s a fair bit of familiarity.”


Like the other large Canadian banks, Fish says BMO has an enterprise-wide approach to the identification, measurement, monitoring, and management of risks faced across the organization. These risks are classified as credit and counterparty, market, liquidity and funding, operational, business, model, strategic, reputation, and environmental risk. However, responsibility for managing risk rests principally with the businesses supported by the bank’s enterprise risk-management group. But all corporate areas, including the legal group, provide a “second line of defence” in managing enterprise risk. Corporate audit, which monitors the efficiency and effectiveness of controls across various functions, provides a “third line of defence.”


Indeed, says MacKinnon, “you still rely on the people who are experts in the area — the in-house people.” But when one of those engaged firms operating as part of that defence system identifies an area of risk, Fish wants to hear about it immediately. The BMO GC identifies legal risk as a subset of operational risk. BMO’s legal risk-management framework encompasses the process of identifying key legal risks to the bank, measuring exposures to those risks, monitoring risk exposures, and taking steps to control or mitigate risk exposures, as well as reporting to senior management and the board on these matters. And that’s where outside counsel can help, Fish says. And, adds MacKinnon, for external counsel to provide what the in-house team requires, the needs of the client have to be top of mind. “The sooner potential issues are identified, the better it is for everybody. Lawyers like making deals. You’ve got to take a deep breath and make sure the right deal gets done,” MacKinnon says.


University of British Columbia law professor Cristie Ford says BMO’s formalizing of relationships makes sense. She says it shifts the exposure of the bank’s in-house gatekeepers on the job. “It reduces their liability. By formalizing it, it gives BMO a lot of comfort that someone has assumed professional responsibility.” It also allows outside firms “to play a useful role” in working with the bank’s in-house team. 


In the end, Fish says, BMO’s move is part of a culture shift in the banking community. “There has been a shift in the regulatory environment over the last couple of years which, [in and] of itself, has given rise to heightened expectations from regulators, more demands from boards of directors and shareholders,” he explains. MacKinnon agrees, saying banks used to worry about the upfront costs of dealing with issues such as risk management. “Now, given that you factor in the risk and how big losses can be, it’s more a question of value,” he says. Fish concurs. “Risk management is even now more central to everything we do as bankers. Risk-management culture is central to this new environment.”