My first reaction to the idea of investing without knowing ratings is that it is not really going to happen. The rating agencies perform a valuable service, and it is just much more efficient to have an agency analyze and rate bonds, versus every investor trying to do the same thing on his/her own. Moreover, there is still a big audience of investors who will want the rating agency analysis and summary ratings. This will continue to include banks.
New FDIC and OCC guidance regarding investment securities due diligence has been issued to implement requirements of section 939(a) of the Dodd-Frank Act. The guidance suggests, basically, that banks have to perform their own due diligence analysis on each investment security they intend to purchase, and update their analysis periodically while they hold each security. The standard is that the security’s issuer must have “adequate capacity to satisfy all commitments under the security”. If a bank cannot come to this conclusion, the security is not a permissible investment. This is not new. The change is that the banks can no longer rely mainly or exclusively on the ratings of the nationally recognized statistical rating organizations such as Moodys or Standard & Poor’s to make this determination.
This does not mean that banks should ignore the ratings. A rating agency’s rating can and should still be taken into account when analyzing a security. However, there needs to be more than just the rating to determine credit quality. From a practical standpoint, many or most banks wishing to invest in securities will continue to use the ratings to screen possible investments and determine which it should analyze in detail. On an ongoing basis, rating changes, especially downgrades, will continue to be signal that a security must be re-examined.
The OCC guidance has more specific information, including a table detailing what kinds of information are required for each class of security. Treasury and Agency securities are deemed investment grade. The FDIC is more general, and refers to Corporates specifically, without mentioning the requirements for other securities (e.g., state and municipal general obligations or revenue bonds, etc.). Each bank should read its regulator’s guidance carefully. Since it is more specific, the OCC guidance is a useful tool in determining exactly how to perform a security analysis, even if the Bank is not regulated by the OCC.
The immediate impact of the guidance is that policies and procedures need to be redesigned and re-written to eliminate references that look like heavy or exclusive reliance on ratings in the investment decision making process, and to require consideration of additional information. Policy statements which define securities as “Investment Grade if they are in the “’top 4 rating categories’” should change the definition to securities which the bank believes have demonstrated “adequate capacity to satisfy all commitments under the security”. Policies should also require something such as a credit file for each security and require ongoing-periodic review and update of the file.
These due diligence requirements are clearly more work and require a higher level of trained personnel to accomplish than the old view that “investment grade” meant a rating of “BAA or better”. The main point here is not that a bank can’t look at ratings, rather it is that the Bank can’t rely on the rating and cut the security analysis short because a security is rated, say, “AAA”. Adequate due diligence requires more…more information, more analysis, and more documentation.
Banks must now perform an adequate analysis of all securities covered by the guidance, including what used to be “no-brainers” such as AAA corporate bonds. Banks must also keep documentation demonstrating that the required analysis was performed. How much is enough is still an open question and will probably take some time to figure out (i.e., see what the examiners say), However, it is clear that not performing and documenting an adequate analyses invites sharp regulatory criticism. Failure to do an acceptable job of this may be considered “unsafe and unsound practice”. A security’s file should, at minimum, have the offering document and any available independent research reports (not the issuer or any investment firm involved in the issue and sale of the securities). The analysis should cover the underlying credit of the issuer, including profitability metrics and trends (e.g., earnings before interest and taxes), the nature and economic prospects of the issuers business and industry, the collateral and degree of “over collateralization” if asset backed, key metrics such as coverage ratios and their trend, a description of key covenants and any credit enhancements, (such as bond insurance on municipals, with an assessment of the stability of the bond insurer), and a description of where the specific security fits in the “pecking order” of the issuer’s obligations, (i.e., what it is senior to, and what it is junior to), etc. Anything that looks like a structured product will require still more detailed analysis of how the security can be expected to perform, in terms of meeting all required payments of principal and interest when due.
One thing which the OCC and FDIC both cite in their guidance is the need to review the spread of a security’s yield versus a corresponding-maturity Treasury. This is a way to get the markets’ summary “credit rating” into the analysis. Banks may no longer be able to rely mainly on the ratings agency ratings, but non-bank investors (e.g., insurance companies), still do. One can, therefore, expect that observed spreads versus treasuries will reflect the bond ratings and analysis of all participants in the market. Rather than describing a bond as a “triple A”, the new term used in a bank’s security analysis may be that the bond “has only a 10bp spread” to the treasury. The underlying assumption is that the market makes an appropriate assessment of the overall risks, and changes in the spread indicate changes in risk. This will continue to be driven by rating agency ratings, which will still be widely known in the markets.
All of this is not completely new. Banks that invested in non-rated securities previously had to perform their own analysis on such investments before purchase, and continue doing it to monitor the unrated securities. In effect, everything is now more like an unrated security from the Bank’s regulator’s perspective.
The due diligence requirement on unrated securities has probably been enough to keep some institutions from buying them. Going forward, we may see banks who will just purchase and hold the kinds of securities that do not require significant additional analysis, such as US Treasuries and Agencies, (and maybe GSEs, if the regulators continue to view them as the equivalent of an Agency), and state and local General Obligations (after initial review of the credit). Banks who cannot afford to hire their own bond analysis personnel may just get entirely out of corporates, structured securities, ABS, Munis and any other securities that require detailed analysis (e.g., maybe municipal revenue bonds). Their portfolios will be limited to plain vanilla treasury and agency bonds. The overall end result may be to see banks accepting lower yield and less diversification, but also having less difficulty and lower costs in managing their portfolios.
In summary, the new guidelines will require changes in the Bank’s investments policies and procedures, more information and analysis on securities purchased, proper documentation of such analysis, and a need for recurring review and update of securities analysis. These changes in security analysis and portfolio monitoring will require banks have access to the most current information, both on the individual security, and yields/spreads (and their trends) in the market. In addition, security files will need to hold thorough descriptions, any third party security analysis that is available, and bank’s own credit analysis. Rating agency ratings will still be considered, and will continue to be very useful, especially as screening devices. If a bank intends to buy or hold securities other than treasuries or agencies, my best advice now is: first, get a Bloomberg screen and learn to use it. Second, re-read your copy of Graham and Dodd. Third, be prepared to allocate additional resources to performing required due diligence activities.
Senior Quality Control & Review Specialist
The OnCourse writing staff work to keep you informed about the most pertinent financial industry news of the moment