Format of policies

The typical content of derivatives policies can be organized in the following way:
Ω Introduction
Ω Objectives
Ω Organization and responsibilities
Ω Permitted instruments/strategies
Ω Pre-transaction approval
Ω Post-transaction reporting
Ω Program approvals
Ω Counterparty guidelines
Ω Discipline/sanctions
Ω Policy review and modification
The introduction should outline the source of authorization and invoke underlying
law and/or regulations and corporate authorization. The reader of the policies
should be able to understand the reasoning and importance of fulfilling regulatory
requirements and of conforming to internal control measures. There can be minimum
standards but there should also be preferred standards that may provide the firm
with an additional layer of protection. The information should be distilled down to
the essentials. The business staff rarely embraces compliance requirements willingly
but if they follow compliance rules then the intended goals are achieved.
The objectives section should delineate what are the appropriate uses for derivatives.
They should be specific as to what type of risk-reduction is permitted and
whether trading is contemplated or permitted. Issues such as leverage, holding
period, and return measures should be specified.

The organization section should trace the delgation of authority from the board to
senior managers. It should alert the reader to the chain of responsibility within the
company. In addition, the escalation triggers and procedures should be outlined.
Permitted instruments should address which items are approved and for what
customer/which purposes. It should indicate what is excluded as well. It might be
prudent to mention the specific types of risk being hedged in addition to simply
naming the instruments. There appears to be a whole cottage industry devoted to
‘regulatory arbitrage’ where instrument name does not always provide a true description
of the instrument. The name serves mainly to fit it within regulatory reporting
requirements or authorizations. This section should also address limits as to positions
and credit exposure in notional terms (if applicable) but more likely in terms of
actual and potential market and credit exposure terms. Duration measures and
replacements costs are likely needed as additional measures of reference. This section
would likely also address issues such as use of collateral, margin, and limits.
Pre-transaction approval should delineate the process of approval to be followed.
It should specify with particulars, who is permitted to approve a transaction. An
appendix, listing authorized employees, is appropriate and should be updated as
needed. One could also provide a copy of a sample trade authorization form, numbering
system methodology, and which departments are notified electronically of
transactions.
Post-transaction reporting is especially important since this is often where problems
are first detected. The more intractable problems with derivatives tend to be
with non-standardized products. Initial cash flows often occur 3 or 6 months into
the future so problems can remain hidden or undiscovered for some time and the
market can move significantly in that time period.
Program approvals are especially important in order to expedite business. It makes
no sense to revisit a specific type of transaction if each deal is a carbon copy of a
previous one. One must ensure that the transactions are indeed standardized and
not just similar. It would be prudent to spot test these types of transactions in order
to verify/ensure that they are being recorded accurately.
Counterparty approval is especially important since credit risk typically represents
one of the biggest risks taken by most institutions. The approval process should be
specified and what resources need to be checked, e.g. the specific credit monitoring
system. The counterparty section should also address the use of affiliates or related
entities of approved counterparties. There should be a strong focus on the appropriateness
of intercompany, arm’s-length transactions and ensure safeguards that
normal industry practices are adhered to. It is important to be alert for trades done
at off-market prices or ‘rolled into’ a new reporting period.
Discipline and treatment of violations should be consistent, clear, and timely.
Enforcing discipline will give ‘teeth’ to the guidelines and encourage active efforts at
compliance. Problems corrected early are generally less costly and regulators tend to
react less aggressively if a company can mend itself.
Providing an established routine for policy modification is paramount. You can
rarely anticipate every situation and markets are dynamic enough that an annual
review to policies and procedures, while a prudent choice, may not always be
sufficient. With an escalation process in place, you will not find yourself locked into
having to go to the board for marginal changes. Within certain constraints board
ratification, as opposed to preapproval, may be a process that provides sufficient
flexibility.

The ideal situation is to have compliance requirements that dovetail with sales,
business, and investment practices. It eases the compliance process and enables
employees to fold compliance into the normal business activity routine. You want to
avoid too high hurdles, overly conservative compliance, and, even worse, redundant
controls and reporting. If the reports ever become perfunctory, it may lead to problems
that will remain under the radar. You will then have the most insidious of all
situations, where there is an appearance of control where none in fact exists.
Compliance should be done on a formalized basis not ad hoc. The purpose,
procedures, and protocol should be set out clearly so that employees know what is
required. If everyone is responsible then no one is likely performing the necessary
function. When specific individuals are not charged with oversight, gaps often occur.
An analogy from the credit world is when a security is fully collateralized no one is
responsible for monitoring the credit risk of the bond.